add helpers to write configuration files
This commit is contained in:
parent
7526d86419
commit
a301c362e3
|
@ -87,12 +87,12 @@ crossbeam-channel = "0.5"
|
||||||
pathpatterns = "0.1.2"
|
pathpatterns = "0.1.2"
|
||||||
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
||||||
|
|
||||||
proxmox = { version = "0.11.6", features = [ "sortable-macro", "api-macro", "cli", "router", "tfa" ] }
|
proxmox = { version = "0.12.0", features = [ "sortable-macro", "api-macro", "cli", "router", "tfa" ] }
|
||||||
proxmox-acme-rs = "0.2.1"
|
proxmox-acme-rs = "0.2.1"
|
||||||
proxmox-apt = "0.5.0"
|
proxmox-apt = "0.5.1"
|
||||||
proxmox-fuse = "0.1.1"
|
proxmox-fuse = "0.1.1"
|
||||||
proxmox-http = { version = "0.2.1", features = [ "client", "http-helpers", "websocket" ] }
|
proxmox-http = { version = "0.2.1", features = [ "client", "http-helpers", "websocket" ] }
|
||||||
proxmox-openid = "0.6.0"
|
proxmox-openid = "0.6.1"
|
||||||
|
|
||||||
pbs-api-types = { path = "pbs-api-types" }
|
pbs-api-types = { path = "pbs-api-types" }
|
||||||
pbs-buildcfg = { path = "pbs-buildcfg" }
|
pbs-buildcfg = { path = "pbs-buildcfg" }
|
||||||
|
|
|
@ -13,7 +13,7 @@ libc = "0.2"
|
||||||
regex = "1.2"
|
regex = "1.2"
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
|
|
||||||
proxmox = { version = "0.11.5", default-features = false, features = [ "api-macro" ] }
|
proxmox = { version = "0.12.0", default-features = false, features = [ "api-macro" ] }
|
||||||
|
|
||||||
pbs-systemd = { path = "../pbs-systemd" }
|
pbs-systemd = { path = "../pbs-systemd" }
|
||||||
pbs-tools = { path = "../pbs-tools" }
|
pbs-tools = { path = "../pbs-tools" }
|
||||||
|
|
|
@ -28,7 +28,7 @@ tower-service = "0.3.0"
|
||||||
xdg = "2.2"
|
xdg = "2.2"
|
||||||
|
|
||||||
pathpatterns = "0.1.2"
|
pathpatterns = "0.1.2"
|
||||||
proxmox = { version = "0.11.5", default-features = false, features = [ "cli" ] }
|
proxmox = { version = "0.12.0", default-features = false, features = [ "cli" ] }
|
||||||
proxmox-fuse = "0.1.1"
|
proxmox-fuse = "0.1.1"
|
||||||
proxmox-http = { version = "0.2.1", features = [ "client", "http-helpers", "websocket" ] }
|
proxmox-http = { version = "0.2.1", features = [ "client", "http-helpers", "websocket" ] }
|
||||||
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
||||||
|
|
|
@ -20,7 +20,7 @@ zstd = { version = "0.6", features = [ "bindgen" ] }
|
||||||
pathpatterns = "0.1.2"
|
pathpatterns = "0.1.2"
|
||||||
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
||||||
|
|
||||||
proxmox = { version = "0.11.5", default-features = false, features = [ "api-macro" ] }
|
proxmox = { version = "0.12.0", default-features = false, features = [ "api-macro" ] }
|
||||||
|
|
||||||
pbs-api-types = { path = "../pbs-api-types" }
|
pbs-api-types = { path = "../pbs-api-types" }
|
||||||
pbs-tools = { path = "../pbs-tools" }
|
pbs-tools = { path = "../pbs-tools" }
|
||||||
|
|
|
@ -11,6 +11,6 @@ bitflags = "1.2.1"
|
||||||
lazy_static = "1.4"
|
lazy_static = "1.4"
|
||||||
nom = "5.1"
|
nom = "5.1"
|
||||||
|
|
||||||
proxmox = { version = "0.11.5", default-features = false }
|
proxmox = { version = "0.12.0", default-features = false }
|
||||||
|
|
||||||
pbs-tools = { path = "../pbs-tools" }
|
pbs-tools = { path = "../pbs-tools" }
|
||||||
|
|
|
@ -29,7 +29,7 @@ tokio = { version = "1.6", features = [ "fs", "io-util", "rt", "rt-multi-thread"
|
||||||
url = "2.1"
|
url = "2.1"
|
||||||
walkdir = "2"
|
walkdir = "2"
|
||||||
|
|
||||||
proxmox = { version = "0.11.5", default-features = false, features = [ "tokio" ] }
|
proxmox = { version = "0.12.0", default-features = false, features = [ "tokio" ] }
|
||||||
|
|
||||||
pbs-buildcfg = { path = "../pbs-buildcfg" }
|
pbs-buildcfg = { path = "../pbs-buildcfg" }
|
||||||
pbs-runtime = { path = "../pbs-runtime" }
|
pbs-runtime = { path = "../pbs-runtime" }
|
||||||
|
|
|
@ -16,7 +16,7 @@ serde_json = "1.0"
|
||||||
tokio = { version = "1.6", features = [ "rt", "rt-multi-thread" ] }
|
tokio = { version = "1.6", features = [ "rt", "rt-multi-thread" ] }
|
||||||
|
|
||||||
pathpatterns = "0.1.2"
|
pathpatterns = "0.1.2"
|
||||||
proxmox = { version = "0.11.5", default-features = false, features = [] }
|
proxmox = { version = "0.12.0", default-features = false, features = [] }
|
||||||
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
pxar = { version = "0.10.1", features = [ "tokio-io" ] }
|
||||||
|
|
||||||
pbs-client = { path = "../pbs-client" }
|
pbs-client = { path = "../pbs-client" }
|
||||||
|
|
|
@ -113,3 +113,44 @@ pub fn open_backup_lockfile<P: AsRef<std::path::Path>>(
|
||||||
let file = proxmox::tools::fs::open_file_locked(&path, timeout, exclusive, options)?;
|
let file = proxmox::tools::fs::open_file_locked(&path, timeout, exclusive, options)?;
|
||||||
Ok(BackupLockGuard(file))
|
Ok(BackupLockGuard(file))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Atomically write data to file owned by "root:backup" with permission "0640"
|
||||||
|
///
|
||||||
|
/// Only the superuser can write those files, but group 'backup' can read them.
|
||||||
|
pub fn replace_backup_config<P: AsRef<std::path::Path>>(
|
||||||
|
path: P,
|
||||||
|
data: &[u8],
|
||||||
|
) -> Result<(), Error> {
|
||||||
|
let backup_user = backup_user()?;
|
||||||
|
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
||||||
|
// set the correct owner/group/permissions while saving file
|
||||||
|
// owner(rw) = root, group(r)= backup
|
||||||
|
let options = proxmox::tools::fs::CreateOptions::new()
|
||||||
|
.perm(mode)
|
||||||
|
.owner(nix::unistd::ROOT)
|
||||||
|
.group(backup_user.gid);
|
||||||
|
|
||||||
|
proxmox::tools::fs::replace_file(path, data, options)?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Atomically write data to file owned by "root:root" with permission "0600"
|
||||||
|
///
|
||||||
|
/// Only the superuser can read and write those files.
|
||||||
|
pub fn replace_secret_config<P: AsRef<std::path::Path>>(
|
||||||
|
path: P,
|
||||||
|
data: &[u8],
|
||||||
|
) -> Result<(), Error> {
|
||||||
|
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0600);
|
||||||
|
// set the correct owner/group/permissions while saving file
|
||||||
|
// owner(rw) = root, group(r)= root
|
||||||
|
let options = proxmox::tools::fs::CreateOptions::new()
|
||||||
|
.perm(mode)
|
||||||
|
.owner(nix::unistd::ROOT)
|
||||||
|
.group(nix::unistd::Gid::from_raw(0));
|
||||||
|
|
||||||
|
proxmox::tools::fs::replace_file(path, data, options)?;
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
|
@ -13,7 +13,6 @@ use serde::de::{value, IntoDeserializer};
|
||||||
|
|
||||||
use proxmox::api::{api, schema::*};
|
use proxmox::api::{api, schema::*};
|
||||||
use proxmox::constnamedbitmap;
|
use proxmox::constnamedbitmap;
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::{Authid, Userid};
|
use crate::api2::types::{Authid, Userid};
|
||||||
|
|
||||||
|
@ -912,18 +911,7 @@ pub fn save_config(acl: &AclTree) -> Result<(), Error> {
|
||||||
|
|
||||||
acl.write_config(&mut raw)?;
|
acl.write_config(&mut raw)?;
|
||||||
|
|
||||||
let backup_user = crate::backup::backup_user()?;
|
crate::backup::replace_backup_config(ACL_CFG_FILENAME, &raw)
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(ACL_CFG_FILENAME, &raw, options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
|
|
|
@ -9,8 +9,6 @@ use proxmox::api::{
|
||||||
section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin},
|
section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin},
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::PROXMOX_SAFE_ID_FORMAT;
|
use crate::api2::types::PROXMOX_SAFE_ID_FORMAT;
|
||||||
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
||||||
|
|
||||||
|
@ -168,19 +166,7 @@ pub fn config() -> Result<(PluginData, [u8; 32]), Error> {
|
||||||
pub fn save_config(config: &PluginData) -> Result<(), Error> {
|
pub fn save_config(config: &PluginData) -> Result<(), Error> {
|
||||||
super::make_acme_dir()?;
|
super::make_acme_dir()?;
|
||||||
let raw = CONFIG.write(ACME_PLUGIN_CFG_FILENAME, &config.data)?;
|
let raw = CONFIG.write(ACME_PLUGIN_CFG_FILENAME, &config.data)?;
|
||||||
|
crate::backup::replace_backup_config(ACME_PLUGIN_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(ACME_PLUGIN_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct PluginData {
|
pub struct PluginData {
|
||||||
|
|
|
@ -13,11 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::fs::{
|
|
||||||
replace_file,
|
|
||||||
CreateOptions,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
||||||
|
|
||||||
|
@ -154,19 +149,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(DATASTORE_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(DATASTORE_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(DATASTORE_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(DATASTORE_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -13,11 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::fs::{
|
|
||||||
replace_file,
|
|
||||||
CreateOptions,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
use crate::backup::{open_backup_lockfile, BackupLockGuard};
|
||||||
|
|
||||||
|
@ -126,19 +121,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(DOMAINS_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(DOMAINS_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(DOMAINS_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(DOMAINS_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -25,10 +25,6 @@ use proxmox::{
|
||||||
SectionConfigPlugin,
|
SectionConfigPlugin,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
tools::fs::{
|
|
||||||
replace_file,
|
|
||||||
CreateOptions,
|
|
||||||
},
|
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
|
@ -97,19 +93,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
/// Save the configuration file
|
/// Save the configuration file
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(DRIVE_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(DRIVE_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(DRIVE_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(DRIVE_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Check if the specified drive name exists in the config.
|
/// Check if the specified drive name exists in the config.
|
||||||
|
|
|
@ -20,10 +20,6 @@ use proxmox::{
|
||||||
SectionConfigPlugin,
|
SectionConfigPlugin,
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
tools::fs::{
|
|
||||||
replace_file,
|
|
||||||
CreateOptions,
|
|
||||||
},
|
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
|
@ -57,7 +53,6 @@ pub const MEDIA_POOL_CFG_FILENAME: &str = "/etc/proxmox-backup/media-pool.cfg";
|
||||||
/// Lock file name (used to prevent concurrent access)
|
/// Lock file name (used to prevent concurrent access)
|
||||||
pub const MEDIA_POOL_CFG_LOCKFILE: &str = "/etc/proxmox-backup/.media-pool.lck";
|
pub const MEDIA_POOL_CFG_LOCKFILE: &str = "/etc/proxmox-backup/.media-pool.lck";
|
||||||
|
|
||||||
|
|
||||||
/// Get exclusive lock
|
/// Get exclusive lock
|
||||||
pub fn lock() -> Result<BackupLockGuard, Error> {
|
pub fn lock() -> Result<BackupLockGuard, Error> {
|
||||||
open_backup_lockfile(MEDIA_POOL_CFG_LOCKFILE, None, true)
|
open_backup_lockfile(MEDIA_POOL_CFG_LOCKFILE, None, true)
|
||||||
|
@ -77,19 +72,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
/// Save the configuration file
|
/// Save the configuration file
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(MEDIA_POOL_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(MEDIA_POOL_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(MEDIA_POOL_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(MEDIA_POOL_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -10,7 +10,6 @@ use openssl::rsa::{Rsa};
|
||||||
use openssl::x509::{X509Builder};
|
use openssl::x509::{X509Builder};
|
||||||
use openssl::pkey::PKey;
|
use openssl::pkey::PKey;
|
||||||
|
|
||||||
use proxmox::tools::fs::{CreateOptions, replace_file};
|
|
||||||
use proxmox::try_block;
|
use proxmox::try_block;
|
||||||
|
|
||||||
use pbs_buildcfg::{self, configdir};
|
use pbs_buildcfg::{self, configdir};
|
||||||
|
@ -194,18 +193,13 @@ pub fn update_self_signed_cert(force: bool) -> Result<(), Error> {
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<(), Error> {
|
pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<(), Error> {
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(Mode::from_bits_truncate(0o0640))
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
let key_path = PathBuf::from(configdir!("/proxy.key"));
|
let key_path = PathBuf::from(configdir!("/proxy.key"));
|
||||||
let cert_path = PathBuf::from(configdir!("/proxy.pem"));
|
let cert_path = PathBuf::from(configdir!("/proxy.pem"));
|
||||||
|
|
||||||
create_configdir()?;
|
create_configdir()?;
|
||||||
replace_file(&key_path, &key_pem, options.clone())
|
crate::backup::replace_backup_config(&key_path, key_pem)
|
||||||
.map_err(|err| format_err!("error writing certificate private key - {}", err))?;
|
.map_err(|err| format_err!("error writing certificate private key - {}", err))?;
|
||||||
replace_file(&cert_path, &cert_pem, options)
|
crate::backup::replace_backup_config(&cert_path, &cert_pem)
|
||||||
.map_err(|err| format_err!("error writing certificate file - {}", err))?;
|
.map_err(|err| format_err!("error writing certificate file - {}", err))?;
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
|
@ -1,12 +1,10 @@
|
||||||
use std::collections::HashSet;
|
use std::collections::HashSet;
|
||||||
|
|
||||||
use anyhow::{bail, Error};
|
use anyhow::{bail, Error};
|
||||||
use nix::sys::stat::Mode;
|
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
use proxmox::api::api;
|
use proxmox::api::api;
|
||||||
use proxmox::api::schema::{ApiStringFormat, Updater};
|
use proxmox::api::schema::{ApiStringFormat, Updater};
|
||||||
use proxmox::tools::fs::{replace_file, CreateOptions};
|
|
||||||
|
|
||||||
use proxmox_http::ProxyConfig;
|
use proxmox_http::ProxyConfig;
|
||||||
|
|
||||||
|
@ -41,14 +39,7 @@ pub fn save_config(config: &NodeConfig) -> Result<(), Error> {
|
||||||
config.validate()?;
|
config.validate()?;
|
||||||
|
|
||||||
let raw = crate::tools::config::to_bytes(config, &NodeConfig::API_SCHEMA)?;
|
let raw = crate::tools::config::to_bytes(config, &NodeConfig::API_SCHEMA)?;
|
||||||
|
crate::backup::replace_backup_config(CONF_FILE, &raw)
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(Mode::from_bits_truncate(0o0640))
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(CONF_FILE, &raw, options)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
#[api(
|
#[api(
|
||||||
|
|
|
@ -13,8 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
|
|
||||||
lazy_static! {
|
lazy_static! {
|
||||||
|
@ -102,19 +100,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(REMOTE_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(REMOTE_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(REMOTE_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(REMOTE_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -13,8 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
|
|
||||||
lazy_static! {
|
lazy_static! {
|
||||||
|
@ -120,19 +118,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(SYNC_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(SYNC_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(SYNC_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(SYNC_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -15,11 +15,7 @@ use std::collections::HashMap;
|
||||||
use anyhow::{bail, Error};
|
use anyhow::{bail, Error};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
use proxmox::tools::fs::{
|
use proxmox::tools::fs::file_read_optional_string;
|
||||||
file_read_optional_string,
|
|
||||||
replace_file,
|
|
||||||
CreateOptions,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
backup::{
|
backup::{
|
||||||
|
@ -143,18 +139,7 @@ pub fn save_keys(map: HashMap<Fingerprint, EncryptionKeyInfo>) -> Result<(), Err
|
||||||
}
|
}
|
||||||
|
|
||||||
let raw = serde_json::to_string_pretty(&list)?;
|
let raw = serde_json::to_string_pretty(&list)?;
|
||||||
|
crate::backup::replace_secret_config(TAPE_KEYS_FILENAME, raw.as_bytes())
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0600);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= root
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(nix::unistd::Gid::from_raw(0));
|
|
||||||
|
|
||||||
replace_file(TAPE_KEYS_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Store tape encryption key configurations (password protected keys)
|
/// Store tape encryption key configurations (password protected keys)
|
||||||
|
@ -167,19 +152,7 @@ pub fn save_key_configs(map: HashMap<Fingerprint, KeyConfig>) -> Result<(), Erro
|
||||||
}
|
}
|
||||||
|
|
||||||
let raw = serde_json::to_string_pretty(&list)?;
|
let raw = serde_json::to_string_pretty(&list)?;
|
||||||
|
crate::backup::replace_backup_config(TAPE_KEY_CONFIG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(TAPE_KEY_CONFIG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Insert a new key
|
/// Insert a new key
|
||||||
|
|
|
@ -13,8 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::{
|
use crate::api2::types::{
|
||||||
Userid,
|
Userid,
|
||||||
JOB_ID_SCHEMA,
|
JOB_ID_SCHEMA,
|
||||||
|
@ -159,19 +157,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(TAPE_JOB_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(TAPE_JOB_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(TAPE_JOB_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(TAPE_JOB_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
|
@ -13,8 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use pbs_api_types::{Authid, Userid};
|
use pbs_api_types::{Authid, Userid};
|
||||||
pub use pbs_api_types::{ApiToken, User};
|
pub use pbs_api_types::{ApiToken, User};
|
||||||
pub use pbs_api_types::{
|
pub use pbs_api_types::{
|
||||||
|
@ -121,17 +119,7 @@ pub fn cached_config() -> Result<Arc<SectionConfigData>, Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(USER_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(USER_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(USER_CFG_FILENAME, raw.as_bytes())?;
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(USER_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
// increase user cache generation
|
// increase user cache generation
|
||||||
// We use this in CachedUserInfo
|
// We use this in CachedUserInfo
|
||||||
|
|
|
@ -13,8 +13,6 @@ use proxmox::api::{
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
use proxmox::tools::{fs::replace_file, fs::CreateOptions};
|
|
||||||
|
|
||||||
use crate::api2::types::*;
|
use crate::api2::types::*;
|
||||||
|
|
||||||
lazy_static! {
|
lazy_static! {
|
||||||
|
@ -118,20 +116,7 @@ pub fn config() -> Result<(SectionConfigData, [u8;32]), Error> {
|
||||||
|
|
||||||
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
|
||||||
let raw = CONFIG.write(VERIFICATION_CFG_FILENAME, &config)?;
|
let raw = CONFIG.write(VERIFICATION_CFG_FILENAME, &config)?;
|
||||||
|
crate::backup::replace_backup_config(VERIFICATION_CFG_FILENAME, raw.as_bytes())
|
||||||
let backup_user = crate::backup::backup_user()?;
|
|
||||||
let mode = nix::sys::stat::Mode::from_bits_truncate(0o0640);
|
|
||||||
// set the correct owner/group/permissions while saving file
|
|
||||||
// owner(rw) = root, group(r)= backup
|
|
||||||
|
|
||||||
let options = CreateOptions::new()
|
|
||||||
.perm(mode)
|
|
||||||
.owner(nix::unistd::ROOT)
|
|
||||||
.group(backup_user.gid);
|
|
||||||
|
|
||||||
replace_file(VERIFICATION_CFG_FILENAME, raw.as_bytes(), options)?;
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// shell completion helper
|
// shell completion helper
|
||||||
|
|
Loading…
Reference in New Issue