restore daemon: setup backup system user and group
now required as we always enforce lock files to be owned by the backup user, and the restore code uses such code indirectly as the REST server module is reused from proxmox-backup-server. Once that is refactored out we may do away such things, but until then we need to have a somewhat complete system env. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
parent
73e1ba65ca
commit
9edf96e6b6
@ -18,6 +18,9 @@ use pbs_client::DEFAULT_VSOCK_PORT;
|
||||
use proxmox::api::RpcEnvironmentType;
|
||||
use proxmox_backup::server::{rest::*, ApiConfig};
|
||||
|
||||
use std::fs::File;
|
||||
use std::io::prelude::*;
|
||||
|
||||
mod proxmox_restore_daemon;
|
||||
use proxmox_restore_daemon::*;
|
||||
|
||||
@ -70,6 +73,18 @@ fn setup_system_env() -> Result<(), Error> {
|
||||
// we do not care much, but it's way less headache to just create it
|
||||
std::fs::create_dir_all("/run/proxmox-backup")?;
|
||||
|
||||
// we now ensure that all lock files are owned by the backup user, and as we reuse the
|
||||
// specialized REST module from pbs api/daemon we have some checks there for user/acl stuff
|
||||
// that gets locked, and thus needs the backup system user to work.
|
||||
std::fs::create_dir_all("/etc")?;
|
||||
let mut passwd = File::create("/etc/passwd")?;
|
||||
writeln!(passwd, "root:x:0:0:root:/root:/bin/sh")?;
|
||||
writeln!(passwd, "backup:x:34:34:backup:/var/backups:/usr/sbin/nologin")?;
|
||||
|
||||
let mut group = File::create("/etc/group")?;
|
||||
writeln!(group, "root:x:0:")?;
|
||||
writeln!(group, "backup:x:34:")?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user