tyler
/
proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

src/config/datastore.rs: change file owner/permissions 

owner(root) => read and write
group(backup) => read only
This commit is contained in:
Dietmar Maurer 2019-12-18 10:41:58 +01:00
parent c07b458cac
commit 424766bc3b
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/config/datastore.rs
View File

@ -4,7 +4,7 @@ use std::io::Read;
use failure::*; use failure::*;
use lazy_static::lazy_static; use lazy_static::lazy_static;
use proxmox::tools::{fs::file_set_contents_full, try_block}; use proxmox::tools::{fs::replace_file, fs::CreateOptions, try_block};
use proxmox::api::schema::{Schema, ObjectSchema, StringSchema}; use proxmox::api::schema::{Schema, ObjectSchema, StringSchema};
use crate::section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin}; use crate::section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin};
@ -59,10 +59,16 @@ pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
let raw = CONFIG.write(DATASTORE_CFG_FILENAME, &config)?; let raw = CONFIG.write(DATASTORE_CFG_FILENAME, &config)?;
let (backup_uid, _) = crate::tools::getpwnam_ugid("backup")?; let (backup_uid, _) = crate::tools::getpwnam_ugid("backup")?;
let uid = nix::unistd::Uid::from_raw(backup_uid); let gid = nix::unistd::Gid::from_raw(backup_uid);
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
// set the correct owner/group/permissions while saving file
// owner(rw) = root, group(r)= backup
let options = CreateOptions::new()
.perm(mode)
.owner(nix::unistd::ROOT)
.group(gid);
// manager runs as root, so we need to set the correct owner while saving file (backup:root) replace_file(DATASTORE_CFG_FILENAME, raw.as_bytes(), options)?;
file_set_contents_full(DATASTORE_CFG_FILENAME, raw.as_bytes(), None, Some(uid), None)?;
Ok(()) Ok(())
} }