tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

use new atomic_open_or_create_file

Browse Source 
Factor out open_backup_lockfile() method to acquire locks owned by
user backup with permission 0660.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Dietmar Maurer
2021-07-20 13:51:54 +02:00
committed by Thomas Lamprecht
parent a00888e93f
commit 7526d86419
29 changed files with 161 additions and 270 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
src/tape/drive/mod.rs
View File

@ -5,19 +5,21 @@ mod virtual_tape;
mod lto;
pub use lto::*;
use std::os::unix::io::AsRawFd;
use std::path::PathBuf;
use anyhow::{bail, format_err, Error};
use ::serde::{Deserialize};
use serde_json::Value;
use nix::fcntl::OFlag;
use nix::sys::stat::Mode;
use proxmox::{
tools::{
Uuid,
io::ReadExt,
fs::{
fchown,
lock_file,
atomic_open_or_create_file,
file_read_optional_string,
replace_file,
CreateOptions,
@ -604,20 +606,34 @@ fn tape_device_path(
pub struct DeviceLockGuard(std::fs::File);
// Acquires an exclusive lock on `device_path`
//
// Uses systemd escape_unit to compute a file name from `device_path`, the try
// to lock `/var/lock/<name>`.
fn lock_device_path(device_path: &str) -> Result<DeviceLockGuard, TapeLockError> {
fn open_device_lock(device_path: &str) -> Result<std::fs::File, Error> {
let lock_name = crate::tools::systemd::escape_unit(device_path, true);
let mut path = std::path::PathBuf::from(crate::tape::DRIVE_LOCK_DIR);
path.push(lock_name);
let user = crate::backup::backup_user()?;
let options = CreateOptions::new()
.perm(Mode::from_bits_truncate(0o660))
.owner(user.uid)
.group(user.gid);
atomic_open_or_create_file(
path,
OFlag::O_RDWR | OFlag::O_CLOEXEC | OFlag::O_APPEND,
&[],
options,
)
}
// Acquires an exclusive lock on `device_path`
//
fn lock_device_path(device_path: &str) -> Result<DeviceLockGuard, TapeLockError> {
let mut file = open_device_lock(device_path)?;
let timeout = std::time::Duration::new(10, 0);
let mut file = std::fs::OpenOptions::new().create(true).append(true).open(path)?;
if let Err(err) = proxmox::tools::fs::lock_file(&mut file, true, Some(timeout)) {
if let Err(err) = lock_file(&mut file, true, Some(timeout)) {
if err.kind() == std::io::ErrorKind::Interrupted {
return Err(TapeLockError::TimeOut);
} else {
@ -625,9 +641,6 @@ fn lock_device_path(device_path: &str) -> Result<DeviceLockGuard, TapeLockError>
}
}
let backup_user = crate::backup::backup_user()?;
fchown(file.as_raw_fd(), Some(backup_user.uid), Some(backup_user.gid))?;
Ok(DeviceLockGuard(file))
}
@ -635,14 +648,10 @@ fn lock_device_path(device_path: &str) -> Result<DeviceLockGuard, TapeLockError>
// non-blocking, and returning if the file is locked or not
fn test_device_path_lock(device_path: &str) -> Result<bool, Error> {
let lock_name = crate::tools::systemd::escape_unit(device_path, true);
let mut path = std::path::PathBuf::from(crate::tape::DRIVE_LOCK_DIR);
path.push(lock_name);
let mut file = open_device_lock(device_path)?;
let timeout = std::time::Duration::new(0, 0);
let mut file = std::fs::OpenOptions::new().create(true).append(true).open(path)?;
match proxmox::tools::fs::lock_file(&mut file, true, Some(timeout)) {
match lock_file(&mut file, true, Some(timeout)) {
// file was not locked, continue
Ok(()) => {},
// file was locked, return true
@ -650,8 +659,5 @@ fn test_device_path_lock(device_path: &str) -> Result<bool, Error> {
Err(err) => bail!("{}", err),
}
let backup_user = crate::backup::backup_user()?;
fchown(file.as_raw_fd(), Some(backup_user.uid), Some(backup_user.gid))?;
Ok(false)
}

3
src/tape/drive/virtual_tape.rs
View File

@ -49,8 +49,9 @@ impl VirtualTapeDrive {
let mut lock_path = std::path::PathBuf::from(&self.path);
lock_path.push(".drive.lck");
let options = CreateOptions::new();
let timeout = std::time::Duration::new(10, 0);
let lock = proxmox::tools::fs::open_file_locked(&lock_path, timeout, true)?;
let lock = proxmox::tools::fs::open_file_locked(&lock_path, timeout, true, options)?;
Ok(VirtualTapeHandle {
_lock: lock,

49
src/tape/inventory.rs
View File

@ -24,8 +24,6 @@
use std::collections::{HashMap, BTreeMap};
use std::path::{Path, PathBuf};
use std::os::unix::io::AsRawFd;
use std::fs::File;
use std::time::Duration;
use anyhow::{bail, Error};
@ -35,9 +33,7 @@ use serde_json::json;
use proxmox::tools::{
Uuid,
fs::{
open_file_locked,
replace_file,
fchown,
file_get_json,
CreateOptions,
},
@ -51,6 +47,7 @@ use crate::{
MediaStatus,
MediaLocation,
},
backup::{open_backup_lockfile, BackupLockGuard},
tape::{
TAPE_STATUS_DIR,
MediaSet,
@ -149,17 +146,8 @@ impl Inventory {
}
/// Lock the database
fn lock(&self) -> Result<std::fs::File, Error> {
let file = open_file_locked(&self.lockfile_path, std::time::Duration::new(10, 0), true)?;
if cfg!(test) {
// We cannot use chown inside test environment (no permissions)
return Ok(file);
}
let backup_user = crate::backup::backup_user()?;
fchown(file.as_raw_fd(), Some(backup_user.uid), Some(backup_user.gid))?;
Ok(file)
fn lock(&self) -> Result<BackupLockGuard, Error> {
open_backup_lockfile(&self.lockfile_path, None, true)
}
fn load_media_db(path: &Path) -> Result<BTreeMap<Uuid, MediaStateEntry>, Error> {
@ -756,27 +744,16 @@ impl Inventory {
}
/// Lock a media pool
pub fn lock_media_pool(base_path: &Path, name: &str) -> Result<File, Error> {
pub fn lock_media_pool(base_path: &Path, name: &str) -> Result<BackupLockGuard, Error> {
let mut path = base_path.to_owned();
path.push(format!(".pool-{}", name));
path.set_extension("lck");
let timeout = std::time::Duration::new(10, 0);
let lock = proxmox::tools::fs::open_file_locked(&path, timeout, true)?;
if cfg!(test) {
// We cannot use chown inside test environment (no permissions)
return Ok(lock);
}
let backup_user = crate::backup::backup_user()?;
fchown(lock.as_raw_fd(), Some(backup_user.uid), Some(backup_user.gid))?;
Ok(lock)
open_backup_lockfile(&path, None, true)
}
/// Lock for media not assigned to any pool
pub fn lock_unassigned_media_pool(base_path: &Path) -> Result<File, Error> {
pub fn lock_unassigned_media_pool(base_path: &Path) -> Result<BackupLockGuard, Error> {
// lock artificial "__UNASSIGNED__" pool to avoid races
lock_media_pool(base_path, "__UNASSIGNED__")
}
@ -788,22 +765,12 @@ pub fn lock_media_set(
base_path: &Path,
media_set_uuid: &Uuid,
timeout: Option<Duration>,
) -> Result<File, Error> {
) -> Result<BackupLockGuard, Error> {
let mut path = base_path.to_owned();
path.push(format!(".media-set-{}", media_set_uuid));
path.set_extension("lck");
let timeout = timeout.unwrap_or(Duration::new(10, 0));
let file = open_file_locked(&path, timeout, true)?;
if cfg!(test) {
// We cannot use chown inside test environment (no permissions)
return Ok(file);
}
let backup_user = crate::backup::backup_user()?;
fchown(file.as_raw_fd(), Some(backup_user.uid), Some(backup_user.gid))?;
Ok(file)
open_backup_lockfile(&path, timeout, true)
}
// shell completion helper

5
src/tape/media_pool.rs
View File

@ -8,7 +8,6 @@
//!
use std::path::{PathBuf, Path};
use std::fs::File;
use anyhow::{bail, Error};
use ::serde::{Deserialize, Serialize};
@ -16,7 +15,7 @@ use ::serde::{Deserialize, Serialize};
use proxmox::tools::Uuid;
use crate::{
backup::Fingerprint,
backup::{Fingerprint, BackupLockGuard},
api2::types::{
MediaStatus,
MediaLocation,
@ -61,7 +60,7 @@ pub struct MediaPool {
inventory: Inventory,
current_media_set: MediaSet,
current_media_set_lock: Option<File>,
current_media_set_lock: Option<BackupLockGuard>,
}
impl MediaPool {