use new atomic_open_or_create_file
Factor out open_backup_lockfile() method to acquire locks owned by user backup with permission 0660. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Dietmar Maurer
committed by
Thomas Lamprecht
Thomas Lamprecht
parent
a00888e93f
commit
7526d86419
@ -60,7 +60,7 @@ pub fn list_datastores(
|
||||
}
|
||||
|
||||
pub(crate) fn do_create_datastore(
|
||||
_lock: std::fs::File,
|
||||
_lock: BackupLockGuard,
|
||||
mut config: SectionConfigData,
|
||||
datastore: DataStoreConfig,
|
||||
worker: Option<&dyn TaskState>,
|
||||
|
||||
@ -4,7 +4,6 @@ use ::serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
|
||||
use proxmox::http_err;
|
||||
use proxmox::tools::fs::open_file_locked;
|
||||
|
||||
use pbs_client::{HttpClient, HttpClientOptions};
|
||||
|
||||
@ -12,6 +11,7 @@ use crate::api2::types::*;
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use crate::config::remote;
|
||||
use crate::config::acl::{PRIV_REMOTE_AUDIT, PRIV_REMOTE_MODIFY};
|
||||
use crate::backup::open_backup_lockfile;
|
||||
|
||||
#[api(
|
||||
input: {
|
||||
@ -95,7 +95,7 @@ pub fn list_remotes(
|
||||
/// Create new remote.
|
||||
pub fn create_remote(password: String, param: Value) -> Result<(), Error> {
|
||||
|
||||
let _lock = open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(remote::REMOTE_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let mut data = param;
|
||||
data["password"] = Value::from(base64::encode(password.as_bytes()));
|
||||
@ -217,7 +217,7 @@ pub fn update_remote(
|
||||
digest: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(remote::REMOTE_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = remote::config()?;
|
||||
|
||||
@ -291,7 +291,7 @@ pub fn delete_remote(name: String, digest: Option<String>) -> Result<(), Error>
|
||||
}
|
||||
}
|
||||
|
||||
let _lock = open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(remote::REMOTE_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = remote::config()?;
|
||||
|
||||
|
||||
@ -3,7 +3,6 @@ use serde_json::Value;
|
||||
use ::serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::{api, Permission, Router, RpcEnvironment};
|
||||
use proxmox::tools::fs::open_file_locked;
|
||||
|
||||
use crate::api2::types::*;
|
||||
|
||||
@ -18,6 +17,7 @@ use crate::config::acl::{
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
use crate::config::sync::{self, SyncJobConfig};
|
||||
use crate::backup::open_backup_lockfile;
|
||||
|
||||
pub fn check_sync_job_read_access(
|
||||
user_info: &CachedUserInfo,
|
||||
@ -152,7 +152,7 @@ pub fn create_sync_job(
|
||||
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
|
||||
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(sync::SYNC_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let sync_job: sync::SyncJobConfig = serde_json::from_value(param)?;
|
||||
if !check_sync_job_modify_access(&user_info, &auth_id, &sync_job) {
|
||||
@ -296,7 +296,7 @@ pub fn update_sync_job(
|
||||
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
|
||||
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(sync::SYNC_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
// pass/compare digest
|
||||
let (mut config, expected_digest) = sync::config()?;
|
||||
@ -379,7 +379,7 @@ pub fn delete_sync_job(
|
||||
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
|
||||
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(sync::SYNC_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = sync::config()?;
|
||||
|
||||
|
||||
@ -3,7 +3,6 @@ use serde_json::Value;
|
||||
use ::serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::{api, Router, RpcEnvironment, Permission};
|
||||
use proxmox::tools::fs::open_file_locked;
|
||||
|
||||
use crate::{
|
||||
api2::types::{
|
||||
@ -17,6 +16,7 @@ use crate::{
|
||||
MEDIA_POOL_NAME_SCHEMA,
|
||||
SYNC_SCHEDULE_SCHEMA,
|
||||
},
|
||||
backup::open_backup_lockfile,
|
||||
config::{
|
||||
self,
|
||||
cached_user_info::CachedUserInfo,
|
||||
@ -89,8 +89,7 @@ pub fn create_tape_backup_job(
|
||||
job: TapeBackupJobConfig,
|
||||
_rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = open_file_locked(TAPE_JOB_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(TAPE_JOB_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, _digest) = config::tape_job::config()?;
|
||||
|
||||
@ -233,7 +232,7 @@ pub fn update_tape_backup_job(
|
||||
delete: Option<Vec<DeletableProperty>>,
|
||||
digest: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
let _lock = open_file_locked(TAPE_JOB_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(TAPE_JOB_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = config::tape_job::config()?;
|
||||
|
||||
@ -312,7 +311,7 @@ pub fn delete_tape_backup_job(
|
||||
digest: Option<String>,
|
||||
_rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<(), Error> {
|
||||
let _lock = open_file_locked(TAPE_JOB_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(TAPE_JOB_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = config::tape_job::config()?;
|
||||
|
||||
|
||||
@ -9,7 +9,6 @@ use proxmox::{
|
||||
RpcEnvironment,
|
||||
Permission,
|
||||
},
|
||||
tools::fs::open_file_locked,
|
||||
};
|
||||
|
||||
use pbs_datastore::{KeyInfo, Kdf};
|
||||
@ -35,6 +34,7 @@ use crate::{
|
||||
PASSWORD_HINT_SCHEMA,
|
||||
},
|
||||
backup::{
|
||||
open_backup_lockfile,
|
||||
KeyConfig,
|
||||
Fingerprint,
|
||||
},
|
||||
@ -122,11 +122,7 @@ pub fn change_passphrase(
|
||||
bail!("Please specify a key derivation function (none is not allowed here).");
|
||||
}
|
||||
|
||||
let _lock = open_file_locked(
|
||||
TAPE_KEYS_LOCKFILE,
|
||||
std::time::Duration::new(10, 0),
|
||||
true,
|
||||
)?;
|
||||
let _lock = open_backup_lockfile(TAPE_KEYS_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config_map, expected_digest) = load_key_configs()?;
|
||||
|
||||
@ -261,12 +257,7 @@ pub fn delete_key(
|
||||
digest: Option<String>,
|
||||
_rpcenv: &mut dyn RpcEnvironment,
|
||||
) -> Result<(), Error> {
|
||||
|
||||
let _lock = open_file_locked(
|
||||
TAPE_KEYS_LOCKFILE,
|
||||
std::time::Duration::new(10, 0),
|
||||
true,
|
||||
)?;
|
||||
let _lock = open_backup_lockfile(TAPE_KEYS_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config_map, expected_digest) = load_key_configs()?;
|
||||
let (mut key_map, _) = load_keys()?;
|
||||
|
||||
@ -3,7 +3,6 @@ use serde_json::Value;
|
||||
use ::serde::{Deserialize, Serialize};
|
||||
|
||||
use proxmox::api::{api, Permission, Router, RpcEnvironment};
|
||||
use proxmox::tools::fs::open_file_locked;
|
||||
|
||||
use crate::api2::types::*;
|
||||
|
||||
@ -13,8 +12,8 @@ use crate::config::acl::{
|
||||
};
|
||||
|
||||
use crate::config::cached_user_info::CachedUserInfo;
|
||||
|
||||
use crate::config::verify::{self, VerificationJobConfig};
|
||||
use crate::backup::open_backup_lockfile;
|
||||
|
||||
#[api(
|
||||
input: {
|
||||
@ -102,7 +101,7 @@ pub fn create_verification_job(
|
||||
|
||||
user_info.check_privs(&auth_id, &["datastore", &verification_job.store], PRIV_DATASTORE_VERIFY, false)?;
|
||||
|
||||
let _lock = open_file_locked(verify::VERIFICATION_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(verify::VERIFICATION_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, _digest) = verify::config()?;
|
||||
|
||||
@ -230,7 +229,7 @@ pub fn update_verification_job(
|
||||
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
|
||||
let _lock = open_file_locked(verify::VERIFICATION_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(verify::VERIFICATION_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
// pass/compare digest
|
||||
let (mut config, expected_digest) = verify::config()?;
|
||||
@ -315,7 +314,7 @@ pub fn delete_verification_job(
|
||||
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
|
||||
let user_info = CachedUserInfo::new()?;
|
||||
|
||||
let _lock = open_file_locked(verify::VERIFICATION_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
|
||||
let _lock = open_backup_lockfile(verify::VERIFICATION_CFG_LOCKFILE, None, true)?;
|
||||
|
||||
let (mut config, expected_digest) = verify::config()?;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user