Dietmar Maurer
697c41c584
tape: add/use rust scsi changer implementation using libsgutil2
2021-01-25 13:14:07 +01:00
Fabian Grünbichler
3e461dec1c
apt: let api handle optional bool with default
...
one less FIXME :)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-25 11:41:46 +01:00
Fabian Grünbichler
4d08e25913
clippy: rewrite ifs with identical return values
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-25 11:41:43 +01:00
Fabian Grünbichler
43313c2ee7
clippy: rewrite comparison chains
...
chunk_stream one can be collapsed, since split == split_to with at set
to buffer.len() anyway.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-25 11:41:39 +01:00
Fabian Grünbichler
81b2a87232
clippy: fix Mutex with unused value
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-25 11:41:36 +01:00
Dietmar Maurer
bf78f70885
improve code docs in api2
...
Note: API methos should be declared pub, so that they show up in the generated docu.
2021-01-22 15:57:42 +01:00
Dietmar Maurer
5f34d69bcc
tape: add volume-statistics api/command
2021-01-22 08:45:35 +01:00
Dietmar Maurer
337ff5a3cc
tape: add estimated medium wearout to status
2021-01-22 08:06:25 +01:00
Dietmar Maurer
8e6459a818
tape: set encryption key on restore
2021-01-22 07:26:42 +01:00
Dietmar Maurer
645a044bf6
tape: further hierarchy improvements
2021-01-21 17:25:32 +01:00
Dietmar Maurer
37796ff73f
tape: change code hierarchy to improve docs
2021-01-21 17:12:01 +01:00
Dietmar Maurer
1c86893d95
cleanup: always compute fingerprint in KeyConfig constructors
2021-01-21 11:56:54 +01:00
Dietmar Maurer
d543587d34
Merge branch 'master' of ssh://proxdev.maurer-it.com/rust/proxmox-backup
2021-01-21 10:56:52 +01:00
Dietmar Maurer
780bc4cad2
tape: try to set encryption key with read-label command
2021-01-21 10:31:49 +01:00
Dietmar Maurer
18bd6ba13d
tape: restore_key - always update key, even if there is already an entry
2021-01-21 10:31:49 +01:00
Dietmar Maurer
4dafc513cc
tape: fix file permissions for tape encryptiuon keys
2021-01-21 10:31:49 +01:00
Dietmar Maurer
8428063d9e
cleanup: KeyConfig::decrypt - show password hint on error
2021-01-21 10:31:49 +01:00
Dietmar Maurer
f490dda05a
tape: use type Uuid instead of String
2021-01-21 10:31:49 +01:00
Dietmar Maurer
2b191385ea
tape: use specialized encryption key per media-set
2021-01-21 10:31:49 +01:00
Dietmar Maurer
bc228e5eaf
api: add types for UUIDs
2021-01-20 17:16:46 +01:00
Fabian Grünbichler
d967d8f1a7
clippy: remove drop(&..)
...
it does nothing.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:41:02 +01:00
Fabian Grünbichler
1d928b25fe
clippy: remove some unnecessary reference taking
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
0d2133db98
clippy: use while let loops
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
e062ebbc29
clippy: us *_or_else with function calls
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
b92cad0938
clippy: convert single match to if let
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
ea368a06cd
clippy: misc. fixes
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
3f48cdb380
clippy: don't pass along unit value
...
make it explicit. this whole section should probably be re-written with
select!
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
1e0c6194b5
clippy: fix option_as_ref_deref
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
6334bdc1c5
clippy: collapse nested ifs
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
3b82f3eea5
clippy: avoid useless format!
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
38556bf60d
clippy: remove explicit returns
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
d8d8af9826
clippy: use chars / byte string literals
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
3984a5fd77
clippy: is_some/none/ok/err/empty
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:54 +01:00
Fabian Grünbichler
397356096a
clippy: remove needless bool literals
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:23:52 +01:00
Fabian Grünbichler
22a9189ee0
clippy: remove unnecessary closures
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
Fabian Grünbichler
4428818412
clippy: remove unnecessary clones
...
and from::<T>(T)
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
Fabian Grünbichler
47ea98e0e3
clippy: collapse/rework nested ifs
...
no semantic changes (intended).
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
Dietmar Maurer
69b8bc3bfa
tape: implemenmt show key
...
Moved API types Kdf and KeyInfo to src/api2/types/mod.rs.
2021-01-20 15:43:19 +01:00
Dietmar Maurer
301b8aa0a5
tape: implement change-passphrase for tape encryption keys
2021-01-20 15:43:19 +01:00
Dietmar Maurer
e5b6c93323
tape: add --kdf parameter to create key api
2021-01-20 15:43:19 +01:00
Dietmar Maurer
9a045790ed
cleanup KeyConfig
2021-01-20 15:43:19 +01:00
Dietmar Maurer
82a103c8f9
add "password hint" to KeyConfig
2021-01-20 15:43:19 +01:00
Dietmar Maurer
feb1645f37
tape: generate random encryptions keys and store key_config on media
2021-01-19 11:20:07 +01:00
Wolfgang Bumiller
ad5cee1d22
tfa: add 'created' timestamp to entries
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-18 14:06:12 +01:00
Dietmar Maurer
8a0046f519
tape: implement encrypted backup - simple version
...
This is just a proof of concept, only storing the encryption key fingerprint
inside the media-set label.
2021-01-18 13:38:22 +01:00
Dietmar Maurer
1e93fbb5c1
tape: add encrypt property to media pool configuration
2021-01-18 13:38:22 +01:00
Dietmar Maurer
d5a48b5ce4
tape: add hardware encryption key managenent api
2021-01-18 13:38:22 +01:00
Wolfgang Bumiller
a670b99db1
tfa: add webauthn configuration API entry points
...
Currently there's not yet a node config and the WA config is
somewhat "tightly coupled" to the user entries in that
changing it can lock them all out, so for now I opted for
fewer reorganization and just use a digest of the
canonicalized config here, and keep it all in the tfa.json
file.
Experimentally using the flatten feature on the methods with
an`Updater` struct similar to what the api macro is supposed
to be able to derive on its own in the future.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-15 15:19:52 +01:00
Oguz Bektas
6bbe49aa14
access: restrict password changes on @pam realm to superuser
...
for behavior consistency with `update_user`
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2021-01-15 08:49:22 +01:00
Oguz Bektas
5aa1019010
access: limit editing pam credentials to superuser
...
modifying @pam users credentials should be only possible for root@pam,
otherwise it can have unintended consequences.
also enforce the same limit on user creation (except self_service check,
since it makes no sense during user creation)
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2021-01-15 08:49:22 +01:00