tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: tyler:v0.9.2
Branches Tags
tyler:master tyler:stable-1
tyler:v2.2.1 tyler:v2.1.2 tyler:2.1.2 tyler:2.1.1 tyler:v2.0.12 tyler:v2.0.10 tyler:v1.1.10 tyler:v1.1.3 tyler:v1.1.2 tyler:v1.0.13 tyler:v1.0.11 tyler:v1.0.10 tyler:v1.0.9 tyler:v1.0.8 tyler:v1.0.7 tyler:v1.0.6 tyler:v1.0.5 tyler:v1.0.4 tyler:v1.0.3 tyler:v1.0.1 tyler:v0.9.7 tyler:v0.9.6 tyler:v0.9.5 tyler:v0.9.4 tyler:v0.9.3 tyler:v0.9.2 tyler:v0.9.1 tyler:v0.9.0 tyler:v0.8.21 tyler:v0.8.19 tyler:v0.8.17 tyler:v0.8.16 tyler:v0.8.15 tyler:v0.8.14 tyler:v0.8.13 tyler:v0.8.12 tyler:v0.8.11 tyler:v0.8.10 tyler:v0.8.9 tyler:v0.8.8 tyler:v0.8.7 tyler:v0.8.6 tyler:v0.8.2 tyler:v0.8.0 tyler:v0.7.0 tyler:v0.6.0 tyler:v0.5.0 tyler:v0.4.0 tyler:v0.3.0 tyler:v0.2.3 tyler:v0.2.2 tyler:v0.2.1 tyler:v0.2.0 tyler:v0.1.3
...
compare: tyler:v0.9.5
Branches Tags
tyler:master tyler:stable-1
tyler:v2.2.1 tyler:v2.1.2 tyler:2.1.2 tyler:2.1.1 tyler:v2.0.12 tyler:v2.0.10 tyler:v1.1.10 tyler:v1.1.3 tyler:v1.1.2 tyler:v1.0.13 tyler:v1.0.11 tyler:v1.0.10 tyler:v1.0.9 tyler:v1.0.8 tyler:v1.0.7 tyler:v1.0.6 tyler:v1.0.5 tyler:v1.0.4 tyler:v1.0.3 tyler:v1.0.1 tyler:v0.9.7 tyler:v0.9.6 tyler:v0.9.5 tyler:v0.9.4 tyler:v0.9.3 tyler:v0.9.2 tyler:v0.9.1 tyler:v0.9.0 tyler:v0.8.21 tyler:v0.8.19 tyler:v0.8.17 tyler:v0.8.16 tyler:v0.8.15 tyler:v0.8.14 tyler:v0.8.13 tyler:v0.8.12 tyler:v0.8.11 tyler:v0.8.10 tyler:v0.8.9 tyler:v0.8.8 tyler:v0.8.7 tyler:v0.8.6 tyler:v0.8.2 tyler:v0.8.0 tyler:v0.7.0 tyler:v0.6.0 tyler:v0.5.0 tyler:v0.4.0 tyler:v0.3.0 tyler:v0.2.3 tyler:v0.2.2 tyler:v0.2.1 tyler:v0.2.0 tyler:v0.1.3

138 Commits
v0.9.2 ... v0.9.5

Author SHA1 Message Date
Thomas Lamprecht
641862ddad bump version to 0.9.5-1 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 17:41:26 +01:00
Thomas Lamprecht
2f08ee1fe3 report: add more commands/files to check 
add all of our configuration files in /etc/proxmox-backup/ further,
call some ZFS tool to get that status.

Also, use the subscription command form manager, as we often require
more info than the status. Also, adapt formatting a bit.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 17:33:16 +01:00
Thomas Lamprecht
93f077c5cf report: avoid lazy_static for command/files/.. definitions 
those are not in a hot code path, and it is not really much work to
build them on the go..

It may not matther much, but it is unnecessary. Rust will probably
inline most of it anyway..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 17:27:16 +01:00
Thomas Lamprecht
941342f70e manager: report: call method directly, avoid HTTPS request 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 17:23:43 +01:00
Hannes Laimer
9a556c8a30 manager: add report cli command 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-11-03 15:16:42 +01:00
Hannes Laimer
46dce62be6 report: add webui button for system report 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-11-03 15:16:42 +01:00
Hannes Laimer
b0ef9631e6 report: add api endpoint and function to generate report 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-11-03 15:16:42 +01:00
Thomas Lamprecht
fb0d9833af ui: task filter: add button icons 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 14:49:04 +01:00
Thomas Lamprecht
bfe4b7d782 ui: task filter: reorder to avoid wasting vertical space 
Includes some eslint fixes and label changes as well, was to much
work to split that out in its own commit.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-03 14:48:20 +01:00
Dominik Csapak
185dab7678 ui: add panel/Tasks and use it for the node tasks 
this is a panel that is heavily inspired from widget-toolkits
node/Tasks panel, but is adapted to use the extended api calls of
pbs (e.g. since/until filter)

has 'filter' panel (like pmgs log tracker gui), but it is collapsible

if we extend the api calls of the other projects, we can merge this
again into the widget-toolkit one and use that

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dominik Csapak
c1fa057cce api2/node/tasks: add optional until filter 
so that users select specific time ranges with 'since' and 'until'
(e.g. a single day)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dominik Csapak
f66565203a api2/status: remove list_task api call 
we do not need it anymore, we can do everything with nodes/NODE/tasks
instead

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dominik Csapak
a2a7dd1535 api2/node/tasks: add optional since/typefilter/statusfilter 
and change all users of the /status/tasks api call to this

with this change we can now delete the /status/tasks api call

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dominik Csapak
e7dd169fdf api2/node/tasks: change limit behaviour when it is 0 
instead of returning 0 elements (which does not really make sense anyway),
change it so that there is no limit anymore (besides usize::MAX)

this is technically a breaking change for the api, but i guess
no one is using limit=0 for anything sensible anyway

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dominik Csapak
fa31f4c54c server/worker_task: add tasktype to return the api type of a taskstate 
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 11:35:21 +01:00
Dietmar Maurer
038ee59960 cleanup: use const_regex, use BACKUP_ID_REGEX for api too 2020-11-03 06:36:50 +01:00
Dominik Csapak
e1c1533790 fix #3039: use the same ID regex for info and api 
in the api we use PROXMOX_SAFE_ID_REGEX for backup ids, but here
(where we use it to list them) we use a local regex

since the first is a superset of the one used here, simply extend
the local one

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-03 06:25:06 +01:00
Fabian Grünbichler
9de7c71a81 docs: extend managing remotes 
with information about required privileges and limitations

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 21:13:24 +01:00
Fabian Grünbichler
aa64e06540 sync: add access check tests 
should cover all the current scenarios. remote server-side checks can't
be meaningfully unit-tested, but they are simple enough so should
hopefully never break.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 21:13:24 +01:00
Fabian Grünbichler
18077ac633 user.cfg/user info: add test constructors 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 21:13:24 +01:00
Thomas Lamprecht
a71a009313 proxy: drop now unused UPID import 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 21:08:38 +01:00
Dominik Csapak
b6ba5acd29 proxmox-backup-proxy: use only jobstate for garbage_collection schedule 
in case the garbage_collection errors out, we never set the in-memory
state, so if it failed, the last 'good' starttime was considered
for the schedule

this could lead to the job running every minute instead of the
correct schedule

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-02 21:08:38 +01:00
Dominik Csapak
4fdf5ddf5b api2/admin/datastore: start the garbage_collection task with our helper 
instead of manually, this has the advantage that we now set
the jobstate correctly and can return with an error if it is
currently running (instead of failing in the task)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-02 21:08:38 +01:00
Dominik Csapak
c724f65805 server/gc_job: add 'to_stdout' 
we will use this for the manual api call

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-02 21:08:38 +01:00
Dominik Csapak
79c9bf55b9 backup/{dynamic, fixed}_index: improve error message for small index files 
index files that were smaller than their respective header size,
would fail with

"failed to fill whole buffer"

instead now check explicitely for the size and fail with
"index too small (size)"

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-02 21:08:38 +01:00
Thomas Lamprecht
788d82d9b7 gc: mark_used_chunks: reduce implementation noise 
try do reduce some unecessary lines, make match arms more precise so
one can faster see what's actually happening.

Also, avoid
> return Err(format_err!(...))
stuff, just use bail!()

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 21:08:38 +01:00
Dominik Csapak
2f0b92352d garbage collect: improve index error messages 
so that in case of a broken index file, the user knows which it is

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-02 20:08:50 +01:00
Thomas Lamprecht
b7f2be5137 log rotate task: make task archive limits be binary based 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:53:30 +01:00
Thomas Lamprecht
72aa1834dc log rotate task: adapt internal jobstate ID, set worker one to None for now 
as we have only one logrotate task currently..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:53:30 +01:00
Thomas Lamprecht
fe4cc5b1a1 server: implement access log rotation with re-open via command socket 
re-use the future we already have for task log rotation to trigger
it.

Move the FileLogger in ApiConfig into an Arc, so that we can actually
update it and REST using the new one.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:53:30 +01:00
Thomas Lamprecht
04b053d87e server: write main daemon PID to run directory 
so that we can easily get the main PID of the last recently launched
daemon. Will be used to get the control socket of that one for access
lgo rotate in a future patch

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:50:24 +01:00
Thomas Lamprecht
b469011fd1 command socket: make create_control_socket private 
this is internal for now, use the comanndo socket struct
implementation, and ideally not a new one but the existing ones
created in the proxy and api daemons.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:50:24 +01:00
Thomas Lamprecht
a68768cf31 server: use generalized commando socket for worker tasks commands 
Allows to extend the use of that socket in the future, e.g., for log
rotate re-open signaling.

To reflect this we use a more general name, and change the commandos
to a more clear namespace.

Both are actually somewhat a breaking change, but the single real
world issue it should be able to cause is, that one won't be able to
stop task from older daemons, which still use the older abstract
socket name format.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:48:04 +01:00
Thomas Lamprecht
f3df613cb7 server: add CommandoSocket where multiple users can register commands 
This is a preparatory step to replace the task control socket with it
and provide a "reopen log file" command for the rest server.

Kept it simple by disallowing to register new commands after the
socket gets spawned, this avoids the need for locking.

If we really need that we can always wrap it in a Arc<RWLock<..>> or
something like that, or even nicer, register at compile time.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:32:22 +01:00
Thomas Lamprecht
056ee78567 config: network: use error message when parsing netmask failed 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:32:22 +01:00
Thomas Lamprecht
3cd529ea51 tools: file logger: avoid some possible unwraps in log method 
writing to a file can explode quite easily.
time formatting to rfc3339 should be more robust, but it has a few
conditions where it could fail, so catch that too (and only really
do it if required).

The writes to stdout are left as is, it normally is redirected to
journal which is in memory, and thus breaks later than most stuff,
and at that point we probably do not care anymore anyway.

It could make sense to actually return a result here..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 19:32:22 +01:00
Thomas Lamprecht
3aade17125 tools: log rotate: compressing rotated files 
We renamed the last one always to a file without compression
extension, even if it was .zst previously. So always add the correct
ending to the new last one, if compress was true.

Further, we cannot detect if there'd be a compression required if we
rotated (renamed) it already to the file with .zst included.

So check on rotation itself if it would be a "no .zst" -> ",zst"
transition, and call compress there.

it really should be OK now *knocking wood*

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 18:35:13 +01:00
Thomas Lamprecht
1dc2fe20dd tools: log rotate: fix file ending for compressed files 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 18:35:13 +01:00
Dietmar Maurer
645a47ff6e config: support netmask when parsing interfaces file 2020-11-02 14:32:35 +01:00
Dietmar Maurer
b1456a8ea7 ui: fix verificationjob task description 2020-11-02 10:15:52 +01:00
Thomas Lamprecht
a9fcbec9dc file logger: allow reopening file 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 10:03:10 +01:00
Thomas Lamprecht
346a488e35 pull out /run and /var/log directory constants to buildcfg 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 10:03:10 +01:00
Dietmar Maurer
3066f56481 notify: add link to server GUI 2020-11-02 09:12:14 +01:00
Dietmar Maurer
07ca4e3609 gc: remove extra empty lines in email notification template 2020-11-02 09:12:14 +01:00
Thomas Lamprecht
dcd75edb72 ui: fix dashboard subscription 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-02 08:08:44 +01:00
Fabian Grünbichler
59af9ca98e sync: allow sync for non-superusers 
by requiring
- Datastore.Backup permission for target datastore
- Remote.Read permission for source remote/datastore
- Datastore.Prune if vanished snapshots should be removed
- Datastore.Modify if another user should own the freshly synced
snapshots

reading a sync job entry only requires knowing about both the source
remote and the target datastore.

note that this does not affect the Authid used to authenticate with the
remote, which of course also needs permissions to access the source
datastore.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 07:10:12 +01:00
Fabian Grünbichler
f1694b062d fix #2864: add owner option to sync 
instead of hard-coding 'backup@pam'. this allows a bit more flexibility
(e.g., syncing to a datastore that can directly be used as restore
source) without overly complicating things.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 07:08:05 +01:00
Thomas Lamprecht
fa7aceeb15 manager: subscription commands s/delete/remove/ 
no idea why I added it as "delete", for all other such operations we
use the "remove" sub-command...

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-01 13:19:30 +01:00
Thomas Lamprecht
0e16f57e37 apt: sort packages for update notifcation mail 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 22:58:52 +01:00
Thomas Lamprecht
bc00289bce add daily update and maintenance task 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 22:51:26 +01:00
Thomas Lamprecht
86d602457a api: apt: implement support to send notification email on new updates 
again, base idea copied off PVE, but, we safe the information about
which pending version we send a mail out already in a separate
object, to keep the api return type APTUpdateInfo clean.

This also makes a few things a bit easier, as we can update the
package status without saving/restoring the notify information.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 22:51:26 +01:00
Thomas Lamprecht
33508b1237 api: implement apt pkg cache 
based on the idea of PVE

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:42:49 +01:00
Thomas Lamprecht
b282557563 api: apt: factor out and improve calling apt update 
apt changes some of its state/cache also if it errors out, most of
the time, so we actually want to print both, stderr and stdout.

Further, only warn if its exit code is non-zero, for the same
rationale, it may bring updates available even if it errors (e.g.,
because a future pbs-enterprise repo is additionally configured but
not accessible).

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:59 +01:00
Thomas Lamprecht
e6513bd5de api/tools: split out apt helpers from api to own module 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:36 +01:00
Thomas Lamprecht
5911f74096 api types: derive Debug for APTUpdateInfo 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:36 +01:00
Thomas Lamprecht
0bb74e54b1 worker task: drop debug prints 
they are not useful anymore, rather noisy

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:36 +01:00
Thomas Lamprecht
f254a27071 tools: do not unnecessarily prefix module path 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:36 +01:00
Thomas Lamprecht
d0abba3397 trivial: fix typo in comment 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 21:31:36 +01:00
Thomas Lamprecht
54adea366c ui: ACL view: do not save grid state 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 11:36:48 +01:00
Thomas Lamprecht
ba2e4b15da ui: improve ACL view layout 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 11:33:31 +01:00
Thomas Lamprecht
0ccdd1b6a4 ui: bump sync/verify grid stateid 
so that people get the improved view by default

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 10:58:57 +01:00
Thomas Lamprecht
fb66c85363 ui: improve sync job view layout 
Avoid overuse of flex, that is as bad as having all to fixed widths.

In spirit similar to the previous commit for the verify panel, see
that for some rationale.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 10:56:51 +01:00
Thomas Lamprecht
aae4c30ceb ui: improve verify job view layout, show job-id 
Avoid overuse of flex, that is as bad as having all to fixed widths.

* Set date-time fields to 150 px as they are fixed width text.
* Duration is maximal 3 units, so it can be made fixed too.
* Schedule is flex with lower and upper limits, this is useful as
  it's a field which can be both, quite short (daily) or long
  (mon..fri *-10..12-1..7 02:00/30:30)
* Status and comment is flex, this way we always get a filled grid

Move status after last verify date and duration field, increases
information density at the left of the grid - reducing need for eye
movement, also, it groups together the "information about last job"
nicer.

Show job-id by default even if they are auto generated when adding
over the gui, as it can help finding the respective job faster when
getting a mail with an error.

Reported-by: Dietmar Maurer <dietmar@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 10:56:51 +01:00
Thomas Lamprecht
0656344ae4 ui: administration: set icons for tabs 
orient on PVE, the ones for Updates, ServerStatus, should by
self-explanatory.

Services is in PVE named "System", but reusing that cogs icon makes
similar sense here too, and seems in line with search result of a
"service icons" query.

Syslog is the same as our general log icon, but as we also use this
normally for worker task logs and that is present here too, I
changed the worker task log icon to the alternative list, which
resembles a task view window - so IMO even better than before.

Sync that change also into the always present tasks button at the top
right.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-31 09:11:11 +01:00
Dietmar Maurer
1143f6ca93 cleanup: fix wording in GC status emails 2020-10-31 07:56:42 +01:00
Thomas Lamprecht
90e94aa280 docs: client: avoid that repo gets detected as email address 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 17:08:08 +01:00
Thomas Lamprecht
c0af05e143 docs: fixup bad RST table format 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 17:05:49 +01:00
Thomas Lamprecht
4aef06f1b6 docs: add token example to client, and reformat a bit 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 17:01:22 +01:00
Fabian Grünbichler
034cf70b72 docs: add API tokens to documentation 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:46:19 +01:00
Fabian Grünbichler
8b600f9965 api: replace auth_id with auth-id 
in parameters, and fix up the completion for the ACL update parameter.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:46:19 +01:00
Fabian Grünbichler
e4e280183e privs: add some more comments explaining privileges 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:42:30 +01:00
Fabian Grünbichler
2fc45a97a9 privs: remove PRIV_REMOVE_PRUNE 
it's not used anywhere, and not needed either until the day we might
implement push syncs.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:42:26 +01:00
Fabian Grünbichler
b7ce2e575f verify jobs: add permissions 
equivalent to verifying a whole datastore, except for reading job
(entries), which is accessible to regular Datastore.Audit/Backup users
as well.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:36:52 +01:00
Fabian Grünbichler
09f6a24078 verify: introduce & use new Datastore.Verify privilege 
for verifying a whole datastore. Datastore.Backup now allows verifying
only backups owned by the triggering user.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:36:52 +01:00
Fabian Grünbichler
b728a69e7d privs: use Datastore.Modify|Backup to set backup notes 
Datastore.Backup is limited to owned groups, as usual.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:36:52 +01:00
Fabian Grünbichler
1401f4be5f privs: allow reading notes with Datastore.Audit 
they are returned when reading the manifest, which just requires
Datastore.Audit as well. Datastore.Read is for reading backup contents,
not metadata.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 16:36:52 +01:00
Thomas Lamprecht
fdb4416bae ui: permission path selector: cbind typeAhead to editable 
ExtJS throws an exception if 'typeAhead' is true but 'editable' is
false.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 16:31:53 +01:00
Wolfgang Bumiller
abe1edfc95 update d/control 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-30 16:11:50 +01:00
Wolfgang Bumiller
e4a864bd21 impl From<Authid> for Userid 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-30 15:19:07 +01:00
Wolfgang Bumiller
7a7368ee08 bump proxmox dependency to 0.7.0 for totp udpates 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-30 15:19:07 +01:00
Dominik Csapak
e707fd2b3b ui: Utils: add product specific task descriptions 
and sort them alphabetically

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-10-30 14:05:17 +01:00
Thomas Lamprecht
625a56b75e server/rest: accept also = as token separator 
Like we do in Proxmox VE

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 13:34:26 +01:00
Thomas Lamprecht
6d8a1ac9e4 server/rest: user constants for HTTP headers 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 13:33:36 +01:00
Fabian Grünbichler
362739054e api tokens: add authorization method 
and properly decode secret (which is a no-op with the current scheme).

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 13:15:14 +01:00
Thomas Lamprecht
2762481cc8 proxmox-backup-manager: add subscription commands 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 13:03:58 +01:00
Thomas Lamprecht
652506e6b8 api: define subscription module and methods as public 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 13:03:58 +01:00
Thomas Lamprecht
926d253126 api: define subscription key schema and use it 
nicer to have the correct regex checked in parameter verification
already

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 12:57:14 +01:00
Fabian Grünbichler
1cd951c93e proxy: fix warnings 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-30 12:49:43 +01:00
Dietmar Maurer
3b707fbb8f proxy: split out code to run garbage collection job 2020-10-30 11:01:45 +01:00
Dietmar Maurer
b15751bf55 check_schedule cleanup: use &str instead of String 
This way we can avoid many clone() calls.
 2020-10-30 09:49:50 +01:00
Hannes Laimer
82c05b41fa proxy: extract commonly used logic for scheduling into new function 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-10-30 09:49:50 +01:00
Hannes Laimer
b8d9079835 proxy: move prune logic into new file 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-10-30 09:49:50 +01:00
Thomas Lamprecht
f8a682a873 ui: user menu: allow changing language while logged in 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-30 09:46:04 +01:00
Thomas Lamprecht
b03a19b6e8 bump version to 0.9.4-2 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 20:25:37 +01:00
Thomas Lamprecht
603a6bd183 d/postinst: followup: grep and sed use different regex escaping .. 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 20:25:37 +01:00
Thomas Lamprecht
83b039af35 d/postinst: make more resilient 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 19:58:41 +01:00
Thomas Lamprecht
c9299e76fc bump version to 0.9.3-2 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 17:20:04 +01:00
Thomas Lamprecht
2f1a46f748 ui: move user, token and permissions into an access control tab panel 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 16:47:18 +01:00
Thomas Lamprecht
2b38dfb456 d/control: update 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 16:18:40 +01:00
Thomas Lamprecht
f487a622ce ui: datastore summary: handle missing snapshot of a types 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 15:52:53 +01:00
Wolfgang Bumiller
906ef6c5bd api2/access/user: fix return type schema 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:20:10 +01:00
Wolfgang Bumiller
ea1853a17b api2/access/user: drop Option, treat empty Vec as None 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:17:54 +01:00
Wolfgang Bumiller
221177ba41 fixup hardcoded paths 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:15:17 +01:00
Fabian Grünbichler
184a37635b gui: add API token ACLs 
and the needed API token selector.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
b2da7fbd1c acls: allow viewing/editing user's token ACLs 
even for otherwise unprivileged users.

since effective privileges of an API token are always intersected with
those of their owning user, this does not allow an unprivileged user to
elevate their privileges in practice, but avoids the need to involve a
privileged user to deploy API tokens.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
7fe76d3491 gui: add API token UI 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
e6b5bf69a3 gui: add permissions button to user view 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
4615325f9e manager: add user permissions command 
useful for debugging complex ACL setups.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
2156dec5a9 manager: add token commands 
to generate, list and delete tokens. adding them to ACLs already works
out of the box.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
16245d540c tasks: allow unpriv users to read their tokens' tasks 
and tighten down the return schema while we're at it.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
bff8557298 owner checks: handle backups owned by API tokens 
a user should be allowed to read/list/overwrite backups owned by their
own tokens, but a token should not be able to read/list/overwrite
backups owned by their owning user.

when changing ownership of a backup group, a user should be able to
transfer ownership to/from their own tokens if the backup is owned by
them (or one of their tokens).

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
34aa8e13b6 client/remote: allow using ApiToken + secret 
in place of user + password.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
babab85b56 api: add permissions endpoint 
and adapt privilege calculation to return propagate flag

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
6746bbb1a2 api: allow listing users + tokens 
since it's not possible to extend existing structs, UserWithTokens
duplicates most of user::User.. to avoid duplicating user::ApiToken as
well, this returns full API token IDs, not just the token name part.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
942078c40b api: add API token endpoints 
beneath the user endpoint.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
c30816c1f8 REST: extract and handle API tokens 
and refactor handling of headers in the REST server while we're at it.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:14:27 +01:00
Fabian Grünbichler
e6dc35acb8 replace Userid with Authid 
in most generic places. this is accompanied by a change in
RpcEnvironment to purposefully break existing call sites.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:11:39 +01:00
Wolfgang Bumiller
e10c5c74f6 bump proxmox dependency to 0.6.0 for api tokens and tfa 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-10-29 15:11:39 +01:00
Fabian Grünbichler
f8adf8f83f config: add token.shadow file 
containing pairs of token ids and hashed secret values.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:11:39 +01:00
Fabian Grünbichler
e0538349e2 api: add Authid as wrapper around Userid 
with an optional Tokenname, appended with '!' as delimiter in the string
representation like for PVE.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-10-29 15:11:39 +01:00
Thomas Lamprecht
0903403ce7 bump version to 0.9.3-1 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 14:58:21 +01:00
Thomas Lamprecht
b6563f48ad GC: improve task logs 
Make it more clear that removed files are chunks (not indexes or
something like that, user cannot know that we do not touch them here)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 14:47:39 +01:00
Thomas Lamprecht
932390bd46 GC: fix logging leftover bad chunks 
fixes commit b4fb262335, which copied
over the "Removed bad files:" block, but only adapted the log text,
not the actual variable.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 14:40:29 +01:00
Thomas Lamprecht
6b7688aa98 ui: datastore: fix sync/verify job removal prompt 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 14:34:31 +01:00
Thomas Lamprecht
ab0cf7e6a1 ui: drop id field from verify/sync add window 
the config is shared between multiple datastores with the ID as, well
the unique ID, but we only show those of a single datastore.

So if a user adds a new one with a fixed ID "12345" but a job with
that ID exists already on another store, they get a error about
duplicate IDs, but cannot relate as that duplicate job is not visible
(filtered away)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 14:22:43 +01:00
Dominik Csapak
264779e704 server/worker_task: simplify task log writing 
instead of prerotating 1000 tasks
(which resulted in 2 writes each time an active worker was finished)
simply append finished tasks to the archive (which will be rotated)

page cache should be good enough so that we can get the task logs fast

since existing installations might have an 'index' file, we
still have to read tasks from there, but only if it exists

this simplifies the TaskListInfoIterator a good amount

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-10-29 12:41:20 +01:00
Thomas Lamprecht
7f3d91003c worker task: remove debug print, faster modulo 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 12:35:33 +01:00
Dominik Csapak
14e0862509 api: datstore status: introduce proper structs and restore compatibility 
by moving the properties of the storage status out again to the top
level object

also introduce proper structs for the types used, to get type-safety
and better documentation for the api calls

this changes the backup counts from an array of [groups,snapshots] to
an object/struct with { groups, snapshots } and include 'other' types
(though we do not have any at this moment)

this way it is better documented

this also adapts the ui code to cope with the api changes

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-10-29 12:31:27 +01:00
Dietmar Maurer
9e733dae48 send sync job status emails 2020-10-29 12:22:50 +01:00
Dietmar Maurer
bfea476be2 schedule_datastore_sync_jobs: remove unneccessary clone() 2020-10-29 12:22:41 +01:00
Dietmar Maurer
385cf2bd9d send_job_status_mail: corectly escape html characters 2020-10-29 11:22:08 +01:00
Dietmar Maurer
d6373f3525 garbage_collection: log deduplication factor 2020-10-29 11:13:01 +01:00
Thomas Lamprecht
01f37e01c3 ui: datastore: use pointer cursor for edit notes 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-29 10:45:37 +01:00
Dietmar Maurer
b4fb262335 garbage_collection: log bad chunks (still_bad value) 2020-10-29 10:24:31 +01:00
Dominik Csapak
5499bd3dee fix #2998: encode mtime as i64 instead of u64 
saves files mtime as i64 instead of u64 which enables backup of
files with negative mtime

the catalog_decode_i64 is compatible to encoded u64 values (if < 2^63)
but not reverse, so all "old" catalogs can be read with the new
decoder, but catalogs that contain negative mtimes will decode wrongly
on older clients

also remove the arbitrary maximum value of 2^63 - 1 for
encode_u64 (we just use up to 10 bytes now) and correctly
decode them and update the comments accordingly

adds also test for i64 encode/decode and for compatibility between
u64 encode and i64 decode

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-10-29 08:51:10 +01:00
Dietmar Maurer
d771a608f5 verify: directly pass manifest to filter function 
In order to avoid loading the manifest twice during verify.
 2020-10-29 07:59:19 +01:00
Thomas Lamprecht
227a39b34b bump version to 0.9.2-2 
re-use the changelog as this was not released publicly and it's just
a small fix

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-28 23:05:58 +01:00
Thomas Lamprecht
f9beae9cc9 client: adapt to change datastroe status return schema 
fixes commit 16f9f244cf which extended
the return schema of the status API but did not adapted the client
status command to that.

Simply define our own tiny return schema and use that.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-10-28 22:59:40 +01:00
122 changed files with 5924 additions and 1776 deletions
Expand all files Collapse all files

4
Cargo.toml
View File

@ -1,6 +1,6 @@
[package] [package]
name = "proxmox-backup" name = "proxmox-backup"
version = "0.9.2" version = "0.9.5"
authors = ["Dietmar Maurer <dietmar@proxmox.com>"] authors = ["Dietmar Maurer <dietmar@proxmox.com>"]
edition = "2018" edition = "2018"
license = "AGPL-3" license = "AGPL-3"
@ -38,7 +38,7 @@ pam-sys = "0.5"
percent-encoding = "2.1" percent-encoding = "2.1"
pin-utils = "0.1.0" pin-utils = "0.1.0"
pathpatterns = "0.1.2" pathpatterns = "0.1.2"
proxmox = { version = "0.5.0", features = [ "sortable-macro", "api-macro", "websocket" ] } proxmox = { version = "0.7.0", features = [ "sortable-macro", "api-macro", "websocket" ] }
#proxmox = { git = "git://git.proxmox.com/git/proxmox", version = "0.1.2", features = [ "sortable-macro", "api-macro" ] } #proxmox = { git = "git://git.proxmox.com/git/proxmox", version = "0.1.2", features = [ "sortable-macro", "api-macro" ] }
#proxmox = { path = "../proxmox/proxmox", features = [ "sortable-macro", "api-macro", "websocket" ] } #proxmox = { path = "../proxmox/proxmox", features = [ "sortable-macro", "api-macro", "websocket" ] }
proxmox-fuse = "0.1.0" proxmox-fuse = "0.1.0"

3
Makefile
View File

@ -19,7 +19,8 @@ USR_SBIN := \
SERVICE_BIN := \ SERVICE_BIN := \
proxmox-backup-api \ proxmox-backup-api \
proxmox-backup-banner \ proxmox-backup-banner \
proxmox-backup-proxy proxmox-backup-proxy \
proxmox-daily-update \
ifeq ($(BUILD_MODE), release) ifeq ($(BUILD_MODE), release)
CARGO_BUILD_ARGS += --release CARGO_BUILD_ARGS += --release

84
debian/changelog vendored
View File

@ -1,4 +1,84 @@
rust-proxmox-backup (0.9.2-1) unstable; urgency=medium rust-proxmox-backup (0.9.5-1) unstable; urgency=medium
* ui: user menu: allow one to change the language while staying logged in
* proxmox-backup-manager: add subscription commands
* server/rest: also accept = as token separator
* privs: allow reading snapshot notes with Datastore.Audit
* privs: enforce Datastore.Modify|Backup to set backup notes
* verify: introduce and use new Datastore.Verify privilege
* docs: add API tokens to documentation
* ui: various smaller layout and icon improvements
* api: implement apt pkg cache for caching pending updates
* api: apt: implement support to send notification email on new updates
* add daily update and maintenance task
* fix #2864: add owner option to sync
* sync: allow sync for non-superusers under special conditions
* config: support depreacated netmask when parsing interfaces file
* server: implement access log rotation with re-open via command socket
* garbage collect: improve index error messages
* fix #3039: use the same ID regex for info and api
* ui: administration: allow extensive filtering of the worker task
* report: add api endpoint and function to generate report
-- Proxmox Support Team <support@proxmox.com> Tue, 03 Nov 2020 17:41:17 +0100
rust-proxmox-backup (0.9.4-2) unstable; urgency=medium
* make postinst (update) script more resilient
-- Proxmox Support Team <support@proxmox.com> Thu, 29 Oct 2020 20:09:30 +0100
rust-proxmox-backup (0.9.4-1) unstable; urgency=medium
* implement API-token
* client/remote: allow using API-token + secret
* ui/cli: implement API-token management interface and commands
* ui: add widget to view the effective permissions of a user or token
* ui: datastore summary: handle error when havin zero snapshot of any type
* ui: move user, token and permissions into an access control tab panel
-- Proxmox Support Team <support@proxmox.com> Thu, 29 Oct 2020 17:19:13 +0100
rust-proxmox-backup (0.9.3-1) unstable; urgency=medium
* fix #2998: encode mtime as i64 instead of u64
* GC: log the number of leftover bad chunks we could not yet cleanup, as no
valid one replaced them. Also log deduplication factor.
* send sync job status emails
* api: datstore status: introduce proper structs and restore compatibility
to 0.9.1
* ui: drop id field from verify/sync add window, they are now seen as internal
-- Proxmox Support Team <support@proxmox.com> Thu, 29 Oct 2020 14:58:13 +0100
rust-proxmox-backup (0.9.2-2) unstable; urgency=medium
* rework server web-interface, move more datastore related panels as tabs * rework server web-interface, move more datastore related panels as tabs
inside the datastore view inside the datastore view
@ -76,7 +156,7 @@ rust-proxmox-backup (0.9.2-1) unstable; urgency=medium
* ui: datastore: show snapshot manifest comment and allow to edit them * ui: datastore: show snapshot manifest comment and allow to edit them
-- Proxmox Support Team <support@proxmox.com> Wed, 28 Oct 2020 21:27:02 +0100 -- Proxmox Support Team <support@proxmox.com> Wed, 28 Oct 2020 23:05:41 +0100
rust-proxmox-backup (0.9.1-1) unstable; urgency=medium rust-proxmox-backup (0.9.1-1) unstable; urgency=medium

8
debian/control vendored
View File

@ -34,10 +34,10 @@ Build-Depends: debhelper (>= 11),
librust-pathpatterns-0.1+default-dev (>= 0.1.2-~~), librust-pathpatterns-0.1+default-dev (>= 0.1.2-~~),
librust-percent-encoding-2+default-dev (>= 2.1-~~), librust-percent-encoding-2+default-dev (>= 2.1-~~),
librust-pin-utils-0.1+default-dev, librust-pin-utils-0.1+default-dev,
librust-proxmox-0.5+api-macro-dev, librust-proxmox-0.7+api-macro-dev,
librust-proxmox-0.5+default-dev, librust-proxmox-0.7+default-dev,
librust-proxmox-0.5+sortable-macro-dev, librust-proxmox-0.7+sortable-macro-dev,
librust-proxmox-0.5+websocket-dev, librust-proxmox-0.7+websocket-dev,
librust-proxmox-fuse-0.1+default-dev, librust-proxmox-fuse-0.1+default-dev,
librust-pxar-0.6+default-dev (>= 0.6.1-~~), librust-pxar-0.6+default-dev (>= 0.6.1-~~),
librust-pxar-0.6+futures-io-dev (>= 0.6.1-~~), librust-pxar-0.6+futures-io-dev (>= 0.6.1-~~),

15
debian/postinst vendored
View File

@ -15,12 +15,21 @@ case "$1" in
fi fi
deb-systemd-invoke $_dh_action proxmox-backup.service proxmox-backup-proxy.service >/dev/null || true deb-systemd-invoke $_dh_action proxmox-backup.service proxmox-backup-proxy.service >/dev/null || true
flock -w 30 /etc/proxmox-backup/.datastore.lck sed -i '/^\s\+verify-schedule /d' /etc/proxmox-backup/datastore.cfg # FIXME: Remove with 1.1
if test -n "$2"; then
if dpkg --compare-versions "$2" 'lt' '0.9.4-1'; then
if grep -s -q -P -e '^\s+verify-schedule ' /etc/proxmox-backup/datastore.cfg; then
echo "NOTE: drop all verify schedules from datastore config."
echo "You can now add more flexible verify jobs"
flock -w 30 /etc/proxmox-backup/.datastore.lck \
sed -i '/^\s\+verify-schedule /d' /etc/proxmox-backup/datastore.cfg || true
fi
fi
fi
# FIXME: Remove in future version once we're sure no broken entries remain in anyone's files # FIXME: Remove in future version once we're sure no broken entries remain in anyone's files
if grep -q -e ':termproxy::[^@]\+: ' /var/log/proxmox-backup/tasks/active; then if grep -q -e ':termproxy::[^@]\+: ' /var/log/proxmox-backup/tasks/active; then
echo "Fixing up termproxy user id in task log..." echo "Fixing up termproxy user id in task log..."
flock -w 30 /var/log/proxmox-backup/tasks/active.lock sed -i 's/:termproxy::\([^@]\+\): /:termproxy::\1@pam: /' /var/log/proxmox-backup/tasks/active flock -w 30 /var/log/proxmox-backup/tasks/active.lock sed -i 's/:termproxy::\([^@]\+\): /:termproxy::\1@pam: /' /var/log/proxmox-backup/tasks/active || true
fi fi
;; ;;

3
debian/prerm vendored
View File

@ -6,5 +6,6 @@ set -e
# modeled after dh_systemd_start output # modeled after dh_systemd_start output
if [ -d /run/systemd/system ] && [ "$1" = remove ]; then if [ -d /run/systemd/system ] && [ "$1" = remove ]; then
deb-systemd-invoke stop 'proxmox-backup-banner.service' 'proxmox-backup-proxy.service' 'proxmox-backup.service' >/dev/null || true deb-systemd-invoke stop 'proxmox-backup-banner.service' 'proxmox-backup-proxy.service' \
'proxmox-backup.service' 'proxmox-backup-daily-update.timer' >/dev/null || true
fi fi

3
debian/proxmox-backup-server.install vendored
View File

@ -1,10 +1,13 @@
etc/proxmox-backup-proxy.service /lib/systemd/system/ etc/proxmox-backup-proxy.service /lib/systemd/system/
etc/proxmox-backup.service /lib/systemd/system/ etc/proxmox-backup.service /lib/systemd/system/
etc/proxmox-backup-banner.service /lib/systemd/system/ etc/proxmox-backup-banner.service /lib/systemd/system/
etc/proxmox-backup-daily-update.service /lib/systemd/system/
etc/proxmox-backup-daily-update.timer /lib/systemd/system/
etc/pbstest-beta.list /etc/apt/sources.list.d/ etc/pbstest-beta.list /etc/apt/sources.list.d/
usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-api usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-api
usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-proxy usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-proxy
usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-banner usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-backup-banner
usr/lib/x86_64-linux-gnu/proxmox-backup/proxmox-daily-update
usr/sbin/proxmox-backup-manager usr/sbin/proxmox-backup-manager
usr/share/javascript/proxmox-backup/index.hbs usr/share/javascript/proxmox-backup/index.hbs
usr/share/javascript/proxmox-backup/css/ext6-pbs.css usr/share/javascript/proxmox-backup/css/ext6-pbs.css

1
debian/rules vendored
View File

@ -38,6 +38,7 @@ override_dh_auto_install:
LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH) LIBDIR=/usr/lib/$(DEB_HOST_MULTIARCH)
override_dh_installsystemd: override_dh_installsystemd:
dh_installsystemd -pproxmox-backup-server proxmox-backup-daily-update.timer
# note: we start/try-reload-restart services manually in postinst # note: we start/try-reload-restart services manually in postinst
dh_installsystemd --no-start --no-restart-after-upgrade dh_installsystemd --no-start --no-restart-after-upgrade

40
docs/backup-client.rst
View File

@ -12,31 +12,31 @@ on the backup server.
[[username@]server[:port]:]datastore [[username@]server[:port]:]datastore
The default value for ``username`` is ``root@pam``. If no server is specified, The default value for ``username`` is ``root@pam``. If no server is specified,
the default is the local host (``localhost``). the default is the local host (``localhost``).
You can specify a port if your backup server is only reachable on a different You can specify a port if your backup server is only reachable on a different
port (e.g. with NAT and port forwarding). port (e.g. with NAT and port forwarding).
Note that if the server is an IPv6 address, you have to write it with Note that if the server is an IPv6 address, you have to write it with square
square brackets (e.g. [fe80::01]). brackets (for example, `[fe80::01]`).
You can pass the repository with the ``--repository`` command You can pass the repository with the ``--repository`` command line option, or
line option, or by setting the ``PBS_REPOSITORY`` environment by setting the ``PBS_REPOSITORY`` environment variable.
variable.
Here some examples of valid repositories and the real values Here some examples of valid repositories and the real values
================================ ============ ================== =========== ================================ ================== ================== ===========
Example User Host:Port Datastore Example User Host:Port Datastore
================================ ============ ================== =========== ================================ ================== ================== ===========
mydatastore ``root@pam`` localhost:8007 mydatastore mydatastore ``root@pam`` localhost:8007 mydatastore
myhostname:mydatastore ``root@pam`` myhostname:8007 mydatastore myhostname:mydatastore ``root@pam`` myhostname:8007 mydatastore
user@pbs@myhostname:mydatastore ``user@pbs`` myhostname:8007 mydatastore user@pbs@myhostname:mydatastore ``user@pbs`` myhostname:8007 mydatastore
192.168.55.55:1234:mydatastore ``root@pam`` 192.168.55.55:1234 mydatastore user\@pbs!token@host:store ``user@pbs!token`` myhostname:8007 mydatastore
[ff80::51]:mydatastore ``root@pam`` [ff80::51]:8007 mydatastore 192.168.55.55:1234:mydatastore ``root@pam`` 192.168.55.55:1234 mydatastore
[ff80::51]:1234:mydatastore ``root@pam`` [ff80::51]:1234 mydatastore [ff80::51]:mydatastore ``root@pam`` [ff80::51]:8007 mydatastore
================================ ============ ================== =========== [ff80::51]:1234:mydatastore ``root@pam`` [ff80::51]:1234 mydatastore
================================ ================== ================== ===========
Environment Variables Environment Variables
--------------------- ---------------------
@ -45,16 +45,16 @@ Environment Variables
The default backup repository. The default backup repository.
``PBS_PASSWORD`` ``PBS_PASSWORD``
When set, this value is used for the password required for the When set, this value is used for the password required for the backup server.
backup server. You can also set this to a API token secret.
``PBS_ENCRYPTION_PASSWORD`` ``PBS_ENCRYPTION_PASSWORD``
When set, this value is used to access the secret encryption key (if When set, this value is used to access the secret encryption key (if
protected by password). protected by password).
``PBS_FINGERPRINT`` When set, this value is used to verify the server ``PBS_FINGERPRINT`` When set, this value is used to verify the server
certificate (only used if the system CA certificates cannot certificate (only used if the system CA certificates cannot validate the
validate the certificate). certificate).
Output Format Output Format

13
docs/managing-remotes.rst
View File

@ -79,4 +79,17 @@ either start it manually on the GUI or provide it with a schedule (see
└────────────┴───────┴────────┴──────────────┴───────────┴─────────┘ └────────────┴───────┴────────┴──────────────┴───────────┴─────────┘
# proxmox-backup-manager sync-job remove pbs2-local # proxmox-backup-manager sync-job remove pbs2-local
For setting up sync jobs, the configuring user needs the following permissions:
#. ``Remote.Read`` on the ``/remote/{remote}/{remote-store}`` path
#. at least ``Datastore.Backup`` on the local target datastore (``/datastore/{store}``)
If the ``remove-vanished`` option is set, ``Datastore.Prune`` is required on
the local datastore as well. If the ``owner`` option is not set (defaulting to
``backup@pam``) or set to something other than the configuring user,
``Datastore.Modify`` is required as well.
.. note:: A sync job can only sync backup groups that the configured remote's
user/API token can read. If a remote is configured with a user/API token that
only has ``Datastore.Backup`` privileges, only the limited set of accessible
snapshots owned by that user/API token can be synced.

116
docs/user-management.rst
View File

@ -70,7 +70,7 @@ The resulting user list looks like this:
│ root@pam │ 1 │ │ │ │ │ Superuser │ │ root@pam │ 1 │ │ │ │ │ Superuser │
└──────────┴────────┴────────┴───────────┴──────────┴──────────────────┴──────────────────┘ └──────────┴────────┴────────┴───────────┴──────────┴──────────────────┴──────────────────┘
Newly created users do not have any permissions. Please read the next Newly created users do not have any permissions. Please read the Access Control
section to learn how to set access permissions. section to learn how to set access permissions.
If you want to disable a user account, you can do that by setting ``--enable`` to ``0`` If you want to disable a user account, you can do that by setting ``--enable`` to ``0``
@ -85,15 +85,69 @@ Or completely remove the user with:
# proxmox-backup-manager user remove john@pbs # proxmox-backup-manager user remove john@pbs
.. _user_tokens:
API Tokens
----------
Any authenticated user can generate API tokens which can in turn be used to
configure various clients, instead of directly providing the username and
password.
API tokens serve two purposes:
#. Easy revocation in case client gets compromised
#. Limit permissions for each client/token within the users' permission
An API token consists of two parts: an identifier consisting of the user name,
the realm and a tokenname (``user@realm!tokenname``), and a secret value. Both
need to be provided to the client in place of the user ID (``user@realm``) and
the user password, respectively.
The API token is passed from the client to the server by setting the
``Authorization`` HTTP header with method ``PBSAPIToken`` to the value
``TOKENID:TOKENSECRET``.
Generating new tokens can done using ``proxmox-backup-manager`` or the GUI:
.. code-block:: console
# proxmox-backup-manager user generate-token john@pbs client1
Result: {
"tokenid": "john@pbs!client1",
"value": "d63e505a-e3ec-449a-9bc7-1da610d4ccde"
}
.. note:: The displayed secret value needs to be saved, since it cannot be
displayed again after generating the API token.
The ``user list-tokens`` sub-command can be used to display tokens and their
metadata:
.. code-block:: console
# proxmox-backup-manager user list-tokens john@pbs
┌──────────────────┬────────┬────────┬─────────┐
│ tokenid │ enable │ expire │ comment │
╞══════════════════╪════════╪════════╪═════════╡
│ john@pbs!client1 │ 1 │ │ │
└──────────────────┴────────┴────────┴─────────┘
Similarly, the ``user delete-token`` subcommand can be used to delete a token
again.
Newly generated API tokens don't have any permissions. Please read the next
section to learn how to set access permissions.
.. _user_acl: .. _user_acl:
Access Control Access Control
-------------- --------------
By default new users do not have any permission. Instead you need to By default new users and API tokens do not have any permission. Instead you
specify what is allowed and what is not. You can do this by assigning need to specify what is allowed and what is not. You can do this by assigning
roles to users on specific objects like datastores or remotes. The roles to users/tokens on specific objects like datastores or remotes. The
following roles exist: following roles exist:
**NoAccess** **NoAccess**
@ -148,20 +202,21 @@ The data represented in each field is as follows:
#. The object on which the permission is set. This can be a specific object #. The object on which the permission is set. This can be a specific object
(single datastore, remote, etc.) or a top level object, which with (single datastore, remote, etc.) or a top level object, which with
propagation enabled, represents all children of the object also. propagation enabled, represents all children of the object also.
#. The user for which the permission is set #. The user(s)/token(s) for which the permission is set
#. The role being set #. The role being set
You can manage datastore permissions from **Configuration -> Permissions** in the You can manage permissions via **Configuration -> Access Control ->
web interface. Likewise, you can use the ``acl`` subcommand to manage and Permissions** in the web interface. Likewise, you can use the ``acl``
monitor user permissions from the command line. For example, the command below subcommand to manage and monitor user permissions from the command line. For
will add the user ``john@pbs`` as a **DatastoreAdmin** for the datastore example, the command below will add the user ``john@pbs`` as a
``store1``, located at ``/backup/disk1/store1``: **DatastoreAdmin** for the datastore ``store1``, located at
``/backup/disk1/store1``:
.. code-block:: console .. code-block:: console
# proxmox-backup-manager acl update /datastore/store1 DatastoreAdmin --userid john@pbs # proxmox-backup-manager acl update /datastore/store1 DatastoreAdmin --auth-id john@pbs
You can monitor the roles of each user using the following command: You can list the ACLs of each user/token using the following command:
.. code-block:: console .. code-block:: console
@ -172,7 +227,7 @@ You can monitor the roles of each user using the following command:
│ john@pbs │ /datastore/disk1 │ 1 │ DatastoreAdmin │ │ john@pbs │ /datastore/disk1 │ 1 │ DatastoreAdmin │
└──────────┴──────────────────┴───────────┴────────────────┘ └──────────┴──────────────────┴───────────┴────────────────┘
A single user can be assigned multiple permission sets for different datastores. A single user/token can be assigned multiple permission sets for different datastores.
.. Note:: .. Note::
Naming convention is important here. For datastores on the host, Naming convention is important here. For datastores on the host,
@ -183,4 +238,39 @@ A single user can be assigned multiple permission sets for different datastores.
remote (see `Remote` below) and ``{storename}`` is the name of the datastore on remote (see `Remote` below) and ``{storename}`` is the name of the datastore on
the remote. the remote.
API Token permissions
~~~~~~~~~~~~~~~~~~~~~
API token permissions are calculated based on ACLs containing their ID
independent of those of their corresponding user. The resulting permission set
on a given path is then intersected with that of the corresponding user.
In practice this means:
#. API tokens require their own ACL entries
#. API tokens can never do more than their corresponding user
Effective permissions
~~~~~~~~~~~~~~~~~~~~~
To calculate and display the effective permission set of a user or API token
you can use the ``proxmox-backup-manager user permission`` command:
.. code-block:: console
# proxmox-backup-manager user permissions john@pbs -- path /datastore/store1
Privileges with (*) have the propagate flag set
Path: /datastore/store1
- Datastore.Audit (*)
- Datastore.Backup (*)
- Datastore.Modify (*)
- Datastore.Prune (*)
- Datastore.Read (*)
# proxmox-backup-manager acl update /datastore/store1 DatastoreBackup --auth-id 'john@pbs!client1'
# proxmox-backup-manager user permissions 'john@pbs!test' -- path /datastore/store1
Privileges with (*) have the propagate flag set
Path: /datastore/store1
- Datastore.Backup (*)

4
etc/Makefile
View File

@ -1,9 +1,11 @@
include ../defines.mk include ../defines.mk
UNITS := UNITS := \
proxmox-backup-daily-update.timer \
DYNAMIC_UNITS := \ DYNAMIC_UNITS := \
proxmox-backup-banner.service \ proxmox-backup-banner.service \
proxmox-backup-daily-update.service \
proxmox-backup.service \ proxmox-backup.service \
proxmox-backup-proxy.service proxmox-backup-proxy.service

8
etc/proxmox-backup-daily-update.service.in Normal file
View File

@ -0,0 +1,8 @@
[Unit]
Description=Daily Proxmox Backup Server update and maintenance activities
After=network-online.target
Wants=network-online.target
[Service]
Type=oneshot
ExecStart=%LIBEXECDIR%/proxmox-backup/proxmox-daily-update

10
etc/proxmox-backup-daily-update.timer Normal file
View File

@ -0,0 +1,10 @@
[Unit]
Description=Daily Proxmox Backup Server update and maintenance activities
[Timer]
OnCalendar=*-*-* 1:00
RandomizedDelaySec=5h
Persistent=true
[Install]
WantedBy=timers.target

1
etc/proxmox-backup-proxy.service.in
View File

@ -9,6 +9,7 @@ After=proxmox-backup.service
Type=notify Type=notify
ExecStart=%LIBEXECDIR%/proxmox-backup/proxmox-backup-proxy ExecStart=%LIBEXECDIR%/proxmox-backup/proxmox-backup-proxy
ExecReload=/bin/kill -HUP $MAINPID ExecReload=/bin/kill -HUP $MAINPID
PIDFile=/run/proxmox-backup/proxy.pid
Restart=on-failure Restart=on-failure
User=%PROXY_USER% User=%PROXY_USER%
Group=%PROXY_USER% Group=%PROXY_USER%

1
etc/proxmox-backup.service.in
View File

@ -7,6 +7,7 @@ After=network.target
Type=notify Type=notify
ExecStart=%LIBEXECDIR%/proxmox-backup/proxmox-backup-api ExecStart=%LIBEXECDIR%/proxmox-backup/proxmox-backup-api
ExecReload=/bin/kill -HUP $MAINPID ExecReload=/bin/kill -HUP $MAINPID
PIDFile=/run/proxmox-backup/api.pid
Restart=on-failure Restart=on-failure
[Install] [Install]

6
examples/download-speed.rs
View File

@ -2,7 +2,7 @@ use std::io::Write;
use anyhow::{Error}; use anyhow::{Error};
use proxmox_backup::api2::types::Userid; use proxmox_backup::api2::types::Authid;
use proxmox_backup::client::{HttpClient, HttpClientOptions, BackupReader}; use proxmox_backup::client::{HttpClient, HttpClientOptions, BackupReader};
pub struct DummyWriter { pub struct DummyWriter {
@ -26,13 +26,13 @@ async fn run() -> Result<(), Error> {
let host = "localhost"; let host = "localhost";
let username = Userid::root_userid(); let auth_id = Authid::root_auth_id();
let options = HttpClientOptions::new() let options = HttpClientOptions::new()
.interactive(true) .interactive(true)
.ticket_cache(true); .ticket_cache(true);
let client = HttpClient::new(host, 8007, username, options)?; let client = HttpClient::new(host, 8007, auth_id, options)?;
let backup_time = proxmox::tools::time::parse_rfc3339("2019-06-28T10:49:48Z")?; let backup_time = proxmox::tools::time::parse_rfc3339("2019-06-28T10:49:48Z")?;

6
examples/upload-speed.rs
View File

@ -1,6 +1,6 @@
use anyhow::{Error}; use anyhow::{Error};
use proxmox_backup::api2::types::Userid; use proxmox_backup::api2::types::Authid;
use proxmox_backup::client::*; use proxmox_backup::client::*;
async fn upload_speed() -> Result<f64, Error> { async fn upload_speed() -> Result<f64, Error> {
@ -8,13 +8,13 @@ async fn upload_speed() -> Result<f64, Error> {
let host = "localhost"; let host = "localhost";
let datastore = "store2"; let datastore = "store2";
let username = Userid::root_userid(); let auth_id = Authid::root_auth_id();
let options = HttpClientOptions::new() let options = HttpClientOptions::new()
.interactive(true) .interactive(true)
.ticket_cache(true); .ticket_cache(true);
let client = HttpClient::new(host, 8007, username, options)?; let client = HttpClient::new(host, 8007, auth_id, options)?;
let backup_time = proxmox::tools::time::epoch_i64(); let backup_time = proxmox::tools::time::epoch_i64();

142
src/api2/access.rs
View File

@ -1,6 +1,8 @@
use anyhow::{bail, format_err, Error}; use anyhow::{bail, format_err, Error};
use serde_json::{json, Value}; use serde_json::{json, Value};
use std::collections::HashMap;
use std::collections::HashSet;
use proxmox::api::{api, RpcEnvironment, Permission}; use proxmox::api::{api, RpcEnvironment, Permission};
use proxmox::api::router::{Router, SubdirMap}; use proxmox::api::router::{Router, SubdirMap};
@ -12,8 +14,9 @@ use crate::auth_helpers::*;
use crate::api2::types::*; use crate::api2::types::*;
use crate::tools::{FileLogOptions, FileLogger}; use crate::tools::{FileLogOptions, FileLogger};
use crate::config::acl as acl_config;
use crate::config::acl::{PRIVILEGES, PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
use crate::config::acl::{PRIVILEGES, PRIV_PERMISSIONS_MODIFY};
pub mod user; pub mod user;
pub mod domain; pub mod domain;
@ -31,7 +34,8 @@ fn authenticate_user(
) -> Result<bool, Error> { ) -> Result<bool, Error> {
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
if !user_info.is_active_user(&userid) { let auth_id = Authid::from(userid.clone());
if !user_info.is_active_auth_id(&auth_id) {
bail!("user account disabled or expired."); bail!("user account disabled or expired.");
} }
@ -69,8 +73,7 @@ fn authenticate_user(
path_vec.push(part); path_vec.push(part);
} }
} }
user_info.check_privs(&auth_id, &path_vec, *privilege, false)?;
user_info.check_privs(userid, &path_vec, *privilege, false)?;
return Ok(false); return Ok(false);
} }
} }
@ -213,9 +216,10 @@ fn change_password(
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let current_user: Userid = rpcenv let current_user: Userid = rpcenv
.get_user() .get_auth_id()
.ok_or_else(|| format_err!("unknown user"))? .ok_or_else(|| format_err!("unknown user"))?
.parse()?; .parse()?;
let current_auth = Authid::from(current_user.clone());
let mut allowed = userid == current_user; let mut allowed = userid == current_user;
@ -223,7 +227,7 @@ fn change_password(
if !allowed { if !allowed {
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let privs = user_info.lookup_privs(&current_user, &[]); let privs = user_info.lookup_privs(&current_auth, &[]);
if (privs & PRIV_PERMISSIONS_MODIFY) != 0 { allowed = true; } if (privs & PRIV_PERMISSIONS_MODIFY) != 0 { allowed = true; }
} }
@ -237,6 +241,128 @@ fn change_password(
Ok(Value::Null) Ok(Value::Null)
} }
#[api(
input: {
properties: {
"auth-id": {
type: Authid,
optional: true,
},
path: {
schema: ACL_PATH_SCHEMA,
optional: true,
},
},
},
access: {
permission: &Permission::Anybody,
description: "Requires Sys.Audit on '/access', limited to own privileges otherwise.",
},
returns: {
description: "Map of ACL path to Map of privilege to propagate bit",
type: Object,
properties: {},
additional_properties: true,
},
)]
/// List permissions of given or currently authenticated user / API token.
///
/// Optionally limited to specific path.
pub fn list_permissions(
auth_id: Option<Authid>,
path: Option<String>,
rpcenv: &dyn RpcEnvironment,
) -> Result<HashMap<String, HashMap<String, bool>>, Error> {
let current_auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&current_auth_id, &["access"]);
let auth_id = if user_privs & PRIV_SYS_AUDIT == 0 {
match auth_id {
Some(auth_id) => {
if auth_id == current_auth_id {
auth_id
} else if auth_id.is_token()
&& !current_auth_id.is_token()
&& auth_id.user() == current_auth_id.user() {
auth_id
} else {
bail!("not allowed to list permissions of {}", auth_id);
}
},
None => current_auth_id,
}
} else {
match auth_id {
Some(auth_id) => auth_id,
None => current_auth_id,
}
};
fn populate_acl_paths(
mut paths: HashSet<String>,
node: acl_config::AclTreeNode,
path: &str
) -> HashSet<String> {
for (sub_path, child_node) in node.children {
let sub_path = format!("{}/{}", path, &sub_path);
paths = populate_acl_paths(paths, child_node, &sub_path);
paths.insert(sub_path);
}
paths
}
let paths = match path {
Some(path) => {
let mut paths = HashSet::new();
paths.insert(path);
paths
},
None => {
let mut paths = HashSet::new();
let (acl_tree, _) = acl_config::config()?;
paths = populate_acl_paths(paths, acl_tree.root, "");
// default paths, returned even if no ACL exists
paths.insert("/".to_string());
paths.insert("/access".to_string());
paths.insert("/datastore".to_string());
paths.insert("/remote".to_string());
paths.insert("/system".to_string());
paths
},
};
let map = paths
.into_iter()
.fold(HashMap::new(), |mut map: HashMap<String, HashMap<String, bool>>, path: String| {
let split_path = acl_config::split_acl_path(path.as_str());
let (privs, propagated_privs) = user_info.lookup_privs_details(&auth_id, &split_path);
match privs {
0 => map, // Don't leak ACL paths where we don't have any privileges
_ => {
let priv_map = PRIVILEGES
.iter()
.fold(HashMap::new(), |mut priv_map, (name, value)| {
if value & privs != 0 {
priv_map.insert(name.to_string(), value & propagated_privs != 0);
}
priv_map
});
map.insert(path, priv_map);
map
},
}});
Ok(map)
}
#[sortable] #[sortable]
const SUBDIRS: SubdirMap = &sorted!([ const SUBDIRS: SubdirMap = &sorted!([
("acl", &acl::ROUTER), ("acl", &acl::ROUTER),
@ -244,6 +370,10 @@ const SUBDIRS: SubdirMap = &sorted!([
"password", &Router::new() "password", &Router::new()
.put(&API_METHOD_CHANGE_PASSWORD) .put(&API_METHOD_CHANGE_PASSWORD)
), ),
(
"permissions", &Router::new()
.get(&API_METHOD_LIST_PERMISSIONS)
),
( (
"ticket", &Router::new() "ticket", &Router::new()
.post(&API_METHOD_CREATE_TICKET) .post(&API_METHOD_CREATE_TICKET)

86
src/api2/access/acl.rs
View File

@ -7,6 +7,7 @@ use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*; use crate::api2::types::*;
use crate::config::acl; use crate::config::acl;
use crate::config::acl::{Role, PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY}; use crate::config::acl::{Role, PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo;
#[api( #[api(
properties: { properties: {
@ -43,8 +44,23 @@ fn extract_acl_node_data(
path: &str, path: &str,
list: &mut Vec<AclListItem>, list: &mut Vec<AclListItem>,
exact: bool, exact: bool,
token_user: &Option<Authid>,
) { ) {
// tokens can't have tokens, so we can early return
if let Some(token_user) = token_user {
if token_user.is_token() {
return;
}
}
for (user, roles) in &node.users { for (user, roles) in &node.users {
if let Some(token_user) = token_user {
if !user.is_token()
|| user.user() != token_user.user() {
continue;
}
}
for (role, propagate) in roles { for (role, propagate) in roles {
list.push(AclListItem { list.push(AclListItem {
path: if path.is_empty() { String::from("/") } else { path.to_string() }, path: if path.is_empty() { String::from("/") } else { path.to_string() },
@ -56,6 +72,10 @@ fn extract_acl_node_data(
} }
} }
for (group, roles) in &node.groups { for (group, roles) in &node.groups {
if let Some(_) = token_user {
continue;
}
for (role, propagate) in roles { for (role, propagate) in roles {
list.push(AclListItem { list.push(AclListItem {
path: if path.is_empty() { String::from("/") } else { path.to_string() }, path: if path.is_empty() { String::from("/") } else { path.to_string() },
@ -71,7 +91,7 @@ fn extract_acl_node_data(
} }
for (comp, child) in &node.children { for (comp, child) in &node.children {
let new_path = format!("{}/{}", path, comp); let new_path = format!("{}/{}", path, comp);
extract_acl_node_data(child, &new_path, list, exact); extract_acl_node_data(child, &new_path, list, exact, token_user);
} }
} }
@ -98,7 +118,8 @@ fn extract_acl_node_data(
} }
}, },
access: { access: {
permission: &Permission::Privilege(&["access", "acl"], PRIV_SYS_AUDIT, false), permission: &Permission::Anybody,
description: "Returns all ACLs if user has Sys.Audit on '/access/acl', or just the ACLs containing the user's API tokens.",
}, },
)] )]
/// Read Access Control List (ACLs). /// Read Access Control List (ACLs).
@ -107,18 +128,26 @@ pub fn read_acl(
exact: bool, exact: bool,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<AclListItem>, Error> { ) -> Result<Vec<AclListItem>, Error> {
let auth_id = rpcenv.get_auth_id().unwrap().parse()?;
//let auth_user = rpcenv.get_user().unwrap(); let user_info = CachedUserInfo::new()?;
let top_level_privs = user_info.lookup_privs(&auth_id, &["access", "acl"]);
let auth_id_filter = if (top_level_privs & PRIV_SYS_AUDIT) == 0 {
Some(auth_id)
} else {
None
};
let (mut tree, digest) = acl::config()?; let (mut tree, digest) = acl::config()?;
let mut list: Vec<AclListItem> = Vec::new(); let mut list: Vec<AclListItem> = Vec::new();
if let Some(path) = &path { if let Some(path) = &path {
if let Some(node) = &tree.find_node(path) { if let Some(node) = &tree.find_node(path) {
extract_acl_node_data(&node, path, &mut list, exact); extract_acl_node_data(&node, path, &mut list, exact, &auth_id_filter);
} }
} else { } else {
extract_acl_node_data(&tree.root, "", &mut list, exact); extract_acl_node_data(&tree.root, "", &mut list, exact, &auth_id_filter);
} }
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
@ -140,9 +169,9 @@ pub fn read_acl(
optional: true, optional: true,
schema: ACL_PROPAGATE_SCHEMA, schema: ACL_PROPAGATE_SCHEMA,
}, },
userid: { "auth-id": {
optional: true, optional: true,
type: Userid, type: Authid,
}, },
group: { group: {
optional: true, optional: true,
@ -160,7 +189,8 @@ pub fn read_acl(
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&["access", "acl"], PRIV_PERMISSIONS_MODIFY, false), permission: &Permission::Anybody,
description: "Requires Permissions.Modify on '/access/acl', limited to updating ACLs of the user's API tokens otherwise."
}, },
)] )]
/// Update Access Control List (ACLs). /// Update Access Control List (ACLs).
@ -168,12 +198,35 @@ pub fn update_acl(
path: String, path: String,
role: String, role: String,
propagate: Option<bool>, propagate: Option<bool>,
userid: Option<Userid>, auth_id: Option<Authid>,
group: Option<String>, group: Option<String>,
delete: Option<bool>, delete: Option<bool>,
digest: Option<String>, digest: Option<String>,
_rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> { ) -> Result<(), Error> {
let current_auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let top_level_privs = user_info.lookup_privs(&current_auth_id, &["access", "acl"]);
if top_level_privs & PRIV_PERMISSIONS_MODIFY == 0 {
if let Some(_) = group {
bail!("Unprivileged users are not allowed to create group ACL item.");
}
match &auth_id {
Some(auth_id) => {
if current_auth_id.is_token() {
bail!("Unprivileged API tokens can't set ACL items.");
} else if !auth_id.is_token() {
bail!("Unprivileged users can only set ACL items for API tokens.");
} else if auth_id.user() != current_auth_id.user() {
bail!("Unprivileged users can only set ACL items for their own API tokens.");
}
},
None => { bail!("Unprivileged user needs to provide auth_id to update ACL item."); },
};
}
let _lock = open_file_locked(acl::ACL_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?; let _lock = open_file_locked(acl::ACL_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
@ -190,11 +243,12 @@ pub fn update_acl(
if let Some(ref _group) = group { if let Some(ref _group) = group {
bail!("parameter 'group' - groups are currently not supported."); bail!("parameter 'group' - groups are currently not supported.");
} else if let Some(ref userid) = userid { } else if let Some(ref auth_id) = auth_id {
if !delete { // Note: we allow to delete non-existent users if !delete { // Note: we allow to delete non-existent users
let user_cfg = crate::config::user::cached_config()?; let user_cfg = crate::config::user::cached_config()?;
if user_cfg.sections.get(&userid.to_string()).is_none() { if user_cfg.sections.get(&auth_id.to_string()).is_none() {
bail!("no such user."); bail!(format!("no such {}.",
if auth_id.is_token() { "API token" } else { "user" }));
} }
} }
} else { } else {
@ -205,11 +259,11 @@ pub fn update_acl(
acl::check_acl_path(&path)?; acl::check_acl_path(&path)?;
} }
if let Some(userid) = userid { if let Some(auth_id) = auth_id {
if delete { if delete {
tree.delete_user_role(&path, &userid, &role); tree.delete_user_role(&path, &auth_id, &role);
} else { } else {
tree.insert_user_role(&path, &userid, &role, propagate); tree.insert_user_role(&path, &auth_id, &role, propagate);
} }
} else if let Some(group) = group { } else if let Some(group) = group {
if delete { if delete {

468
src/api2/access/user.rs
View File

@ -1,12 +1,16 @@
use anyhow::{bail, Error}; use anyhow::{bail, Error};
use serde_json::Value; use serde::{Serialize, Deserialize};
use serde_json::{json, Value};
use std::collections::HashMap;
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission}; use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
use proxmox::api::router::SubdirMap;
use proxmox::api::schema::{Schema, StringSchema}; use proxmox::api::schema::{Schema, StringSchema};
use proxmox::tools::fs::open_file_locked; use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*; use crate::api2::types::*;
use crate::config::user; use crate::config::user;
use crate::config::token_shadow;
use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY}; use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
@ -16,14 +20,96 @@ pub const PBS_PASSWORD_SCHEMA: Schema = StringSchema::new("User Password.")
.max_length(64) .max_length(64)
.schema(); .schema();
#[api(
properties: {
userid: {
type: Userid,
},
comment: {
optional: true,
schema: SINGLE_LINE_COMMENT_SCHEMA,
},
enable: {
optional: true,
schema: user::ENABLE_USER_SCHEMA,
},
expire: {
optional: true,
schema: user::EXPIRE_USER_SCHEMA,
},
firstname: {
optional: true,
schema: user::FIRST_NAME_SCHEMA,
},
lastname: {
schema: user::LAST_NAME_SCHEMA,
optional: true,
},
email: {
schema: user::EMAIL_SCHEMA,
optional: true,
},
tokens: {
type: Array,
optional: true,
description: "List of user's API tokens.",
items: {
type: user::ApiToken
},
},
}
)]
#[derive(Serialize,Deserialize)]
/// User properties with added list of ApiTokens
pub struct UserWithTokens {
pub userid: Userid,
#[serde(skip_serializing_if="Option::is_none")]
pub comment: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub enable: Option<bool>,
#[serde(skip_serializing_if="Option::is_none")]
pub expire: Option<i64>,
#[serde(skip_serializing_if="Option::is_none")]
pub firstname: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub lastname: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub email: Option<String>,
#[serde(skip_serializing_if="Vec::is_empty")]
pub tokens: Vec<user::ApiToken>,
}
impl UserWithTokens {
fn new(user: user::User) -> Self {
Self {
userid: user.userid,
comment: user.comment,
enable: user.enable,
expire: user.expire,
firstname: user.firstname,
lastname: user.lastname,
email: user.email,
tokens: Vec::new(),
}
}
}
#[api( #[api(
input: { input: {
properties: {}, properties: {
include_tokens: {
type: bool,
description: "Include user's API tokens in returned list.",
optional: true,
default: false,
},
},
}, },
returns: { returns: {
description: "List users (with config digest).", description: "List users (with config digest).",
type: Array, type: Array,
items: { type: user::User }, items: { type: UserWithTokens },
}, },
access: { access: {
permission: &Permission::Anybody, permission: &Permission::Anybody,
@ -32,28 +118,60 @@ pub const PBS_PASSWORD_SCHEMA: Schema = StringSchema::new("User Password.")
)] )]
/// List users /// List users
pub fn list_users( pub fn list_users(
_param: Value, include_tokens: bool,
_info: &ApiMethod, _info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<user::User>, Error> { ) -> Result<Vec<UserWithTokens>, Error> {
let (config, digest) = user::config()?; let (config, digest) = user::config()?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; // intentionally user only for now
let userid: Userid = rpcenv.get_auth_id().unwrap().parse()?;
let auth_id = Authid::from(userid.clone());
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let top_level_privs = user_info.lookup_privs(&userid, &["access", "users"]); let top_level_privs = user_info.lookup_privs(&auth_id, &["access", "users"]);
let top_level_allowed = (top_level_privs & PRIV_SYS_AUDIT) != 0; let top_level_allowed = (top_level_privs & PRIV_SYS_AUDIT) != 0;
let filter_by_privs = |user: &user::User| { let filter_by_privs = |user: &user::User| {
top_level_allowed || user.userid == userid top_level_allowed || user.userid == userid
}; };
let list:Vec<user::User> = config.convert_to_typed_array("user")?; let list:Vec<user::User> = config.convert_to_typed_array("user")?;
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(list.into_iter().filter(filter_by_privs).collect()) let iter = list.into_iter().filter(filter_by_privs);
let list = if include_tokens {
let tokens: Vec<user::ApiToken> = config.convert_to_typed_array("token")?;
let mut user_to_tokens = tokens
.into_iter()
.fold(
HashMap::new(),
|mut map: HashMap<Userid, Vec<user::ApiToken>>, token: user::ApiToken| {
if token.tokenid.is_token() {
map
.entry(token.tokenid.user().clone())
.or_default()
.push(token);
}
map
});
iter
.map(|user: user::User| {
let mut user = UserWithTokens::new(user);
user.tokens = user_to_tokens.remove(&user.userid).unwrap_or_default();
user
})
.collect()
} else {
iter.map(|user: user::User| UserWithTokens::new(user))
.collect()
};
Ok(list)
} }
#[api( #[api(
@ -304,12 +422,340 @@ pub fn delete_user(userid: Userid, digest: Option<String>) -> Result<(), Error>
Ok(()) Ok(())
} }
const ITEM_ROUTER: Router = Router::new() #[api(
input: {
properties: {
userid: {
type: Userid,
},
tokenname: {
type: Tokenname,
},
},
},
returns: {
description: "Get API token metadata (with config digest).",
type: user::ApiToken,
},
access: {
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_SYS_AUDIT, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Read user's API token metadata
pub fn read_token(
userid: Userid,
tokenname: Tokenname,
_info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<user::ApiToken, Error> {
let (config, digest) = user::config()?;
let tokenid = Authid::from((userid, Some(tokenname)));
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
config.lookup("token", &tokenid.to_string())
}
#[api(
protected: true,
input: {
properties: {
userid: {
type: Userid,
},
tokenname: {
type: Tokenname,
},
comment: {
optional: true,
schema: SINGLE_LINE_COMMENT_SCHEMA,
},
enable: {
schema: user::ENABLE_USER_SCHEMA,
optional: true,
},
expire: {
schema: user::EXPIRE_USER_SCHEMA,
optional: true,
},
digest: {
optional: true,
schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
},
},
},
access: {
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
&Permission::UserParam("userid"),
]),
},
returns: {
description: "API token identifier + generated secret.",
properties: {
value: {
type: String,
description: "The API token secret",
},
tokenid: {
type: String,
description: "The API token identifier",
},
},
},
)]
/// Generate a new API token with given metadata
pub fn generate_token(
userid: Userid,
tokenname: Tokenname,
comment: Option<String>,
enable: Option<bool>,
expire: Option<i64>,
digest: Option<String>,
) -> Result<Value, Error> {
let _lock = open_file_locked(user::USER_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
let (mut config, expected_digest) = user::config()?;
if let Some(ref digest) = digest {
let digest = proxmox::tools::hex_to_digest(digest)?;
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
}
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone())));
let tokenid_string = tokenid.to_string();
if let Some(_) = config.sections.get(&tokenid_string) {
bail!("token '{}' for user '{}' already exists.", tokenname.as_str(), userid);
}
let secret = format!("{:x}", proxmox::tools::uuid::Uuid::generate());
token_shadow::set_secret(&tokenid, &secret)?;
let token = user::ApiToken {
tokenid: tokenid.clone(),
comment,
enable,
expire,
};
config.set_data(&tokenid_string, "token", &token)?;
user::save_config(&config)?;
Ok(json!({
"tokenid": tokenid_string,
"value": secret
}))
}
#[api(
protected: true,
input: {
properties: {
userid: {
type: Userid,
},
tokenname: {
type: Tokenname,
},
comment: {
optional: true,
schema: SINGLE_LINE_COMMENT_SCHEMA,
},
enable: {
schema: user::ENABLE_USER_SCHEMA,
optional: true,
},
expire: {
schema: user::EXPIRE_USER_SCHEMA,
optional: true,
},
digest: {
optional: true,
schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
},
},
},
access: {
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Update user's API token metadata
pub fn update_token(
userid: Userid,
tokenname: Tokenname,
comment: Option<String>,
enable: Option<bool>,
expire: Option<i64>,
digest: Option<String>,
) -> Result<(), Error> {
let _lock = open_file_locked(user::USER_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
let (mut config, expected_digest) = user::config()?;
if let Some(ref digest) = digest {
let digest = proxmox::tools::hex_to_digest(digest)?;
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
}
let tokenid = Authid::from((userid, Some(tokenname)));
let tokenid_string = tokenid.to_string();
let mut data: user::ApiToken = config.lookup("token", &tokenid_string)?;
if let Some(comment) = comment {
let comment = comment.trim().to_string();
if comment.is_empty() {
data.comment = None;
} else {
data.comment = Some(comment);
}
}
if let Some(enable) = enable {
data.enable = if enable { None } else { Some(false) };
}
if let Some(expire) = expire {
data.expire = if expire > 0 { Some(expire) } else { None };
}
config.set_data(&tokenid_string, "token", &data)?;
user::save_config(&config)?;
Ok(())
}
#[api(
protected: true,
input: {
properties: {
userid: {
type: Userid,
},
tokenname: {
type: Tokenname,
},
digest: {
optional: true,
schema: PROXMOX_CONFIG_DIGEST_SCHEMA,
},
},
},
access: {
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Delete a user's API token
pub fn delete_token(
userid: Userid,
tokenname: Tokenname,
digest: Option<String>,
) -> Result<(), Error> {
let _lock = open_file_locked(user::USER_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
let (mut config, expected_digest) = user::config()?;
if let Some(ref digest) = digest {
let digest = proxmox::tools::hex_to_digest(digest)?;
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
}
let tokenid = Authid::from((userid.clone(), Some(tokenname.clone())));
let tokenid_string = tokenid.to_string();
match config.sections.get(&tokenid_string) {
Some(_) => { config.sections.remove(&tokenid_string); },
None => bail!("token '{}' of user '{}' does not exist.", tokenname.as_str(), userid),
}
token_shadow::delete_secret(&tokenid)?;
user::save_config(&config)?;
Ok(())
}
#[api(
input: {
properties: {
userid: {
type: Userid,
},
},
},
returns: {
description: "List user's API tokens (with config digest).",
type: Array,
items: { type: user::ApiToken },
},
access: {
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_SYS_AUDIT, false),
&Permission::UserParam("userid"),
]),
},
)]
/// List user's API tokens
pub fn list_tokens(
userid: Userid,
_info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<user::ApiToken>, Error> {
let (config, digest) = user::config()?;
let list:Vec<user::ApiToken> = config.convert_to_typed_array("token")?;
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
let filter_by_owner = |token: &user::ApiToken| {
if token.tokenid.is_token() {
token.tokenid.user() == &userid
} else {
false
}
};
Ok(list.into_iter().filter(filter_by_owner).collect())
}
const TOKEN_ITEM_ROUTER: Router = Router::new()
.get(&API_METHOD_READ_TOKEN)
.put(&API_METHOD_UPDATE_TOKEN)
.post(&API_METHOD_GENERATE_TOKEN)
.delete(&API_METHOD_DELETE_TOKEN);
const TOKEN_ROUTER: Router = Router::new()
.get(&API_METHOD_LIST_TOKENS)
.match_all("tokenname", &TOKEN_ITEM_ROUTER);
const USER_SUBDIRS: SubdirMap = &[
("token", &TOKEN_ROUTER),
];
const USER_ROUTER: Router = Router::new()
.get(&API_METHOD_READ_USER) .get(&API_METHOD_READ_USER)
.put(&API_METHOD_UPDATE_USER) .put(&API_METHOD_UPDATE_USER)
.delete(&API_METHOD_DELETE_USER); .delete(&API_METHOD_DELETE_USER)
.subdirs(USER_SUBDIRS);
pub const ROUTER: Router = Router::new() pub const ROUTER: Router = Router::new()
.get(&API_METHOD_LIST_USERS) .get(&API_METHOD_LIST_USERS)
.post(&API_METHOD_CREATE_USER) .post(&API_METHOD_CREATE_USER)
.match_all("userid", &ITEM_ROUTER); .match_all("userid", &USER_ROUTER);

304
src/api2/admin/datastore.rs
View File

@ -29,7 +29,7 @@ use crate::backup::*;
use crate::config::datastore; use crate::config::datastore;
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
use crate::server::WorkerTask; use crate::server::{jobstate::Job, WorkerTask};
use crate::tools::{ use crate::tools::{
self, self,
zip::{ZipEncoder, ZipEntry}, zip::{ZipEncoder, ZipEntry},
@ -42,16 +42,33 @@ use crate::config::acl::{
PRIV_DATASTORE_READ, PRIV_DATASTORE_READ,
PRIV_DATASTORE_PRUNE, PRIV_DATASTORE_PRUNE,
PRIV_DATASTORE_BACKUP, PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_VERIFY,
}; };
fn check_backup_owner( fn check_priv_or_backup_owner(
store: &DataStore, store: &DataStore,
group: &BackupGroup, group: &BackupGroup,
userid: &Userid, auth_id: &Authid,
required_privs: u64,
) -> Result<(), Error> { ) -> Result<(), Error> {
let owner = store.get_owner(group)?; let user_info = CachedUserInfo::new()?;
if &owner != userid { let privs = user_info.lookup_privs(&auth_id, &["datastore", store.name()]);
bail!("backup owner check failed ({} != {})", userid, owner);
if privs & required_privs == 0 {
let owner = store.get_owner(group)?;
check_backup_owner(&owner, auth_id)?;
}
Ok(())
}
fn check_backup_owner(
owner: &Authid,
auth_id: &Authid,
) -> Result<(), Error> {
let correct_owner = owner == auth_id
|| (owner.is_token() && &Authid::from(owner.user().clone()) == auth_id);
if !correct_owner {
bail!("backup owner check failed ({} != {})", auth_id, owner);
} }
Ok(()) Ok(())
} }
@ -149,9 +166,9 @@ fn list_groups(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<GroupListItem>, Error> { ) -> Result<Vec<GroupListItem>, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]); let user_privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
@ -171,7 +188,7 @@ fn list_groups(
let list_all = (user_privs & PRIV_DATASTORE_AUDIT) != 0; let list_all = (user_privs & PRIV_DATASTORE_AUDIT) != 0;
let owner = datastore.get_owner(group)?; let owner = datastore.get_owner(group)?;
if !list_all && owner != userid { if !list_all && check_backup_owner(&owner, &auth_id).is_err() {
continue; continue;
} }
@ -230,16 +247,12 @@ pub fn list_snapshot_files(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<BackupContent>, Error> { ) -> Result<Vec<BackupContent>, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?; let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & (PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_READ)) != 0; check_priv_or_backup_owner(&datastore, snapshot.group(), &auth_id, PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_READ)?;
if !allowed { check_backup_owner(&datastore, snapshot.group(), &userid)?; }
let info = BackupInfo::new(&datastore.base_path(), snapshot)?; let info = BackupInfo::new(&datastore.base_path(), snapshot)?;
@ -282,16 +295,12 @@ fn delete_snapshot(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?; let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?;
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let allowed = (user_privs & PRIV_DATASTORE_MODIFY) != 0; check_priv_or_backup_owner(&datastore, snapshot.group(), &auth_id, PRIV_DATASTORE_MODIFY)?;
if !allowed { check_backup_owner(&datastore, snapshot.group(), &userid)?; }
datastore.remove_backup_dir(&snapshot, false)?; datastore.remove_backup_dir(&snapshot, false)?;
@ -338,9 +347,9 @@ pub fn list_snapshots (
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<SnapshotListItem>, Error> { ) -> Result<Vec<SnapshotListItem>, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]); let user_privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
@ -362,7 +371,7 @@ pub fn list_snapshots (
let list_all = (user_privs & PRIV_DATASTORE_AUDIT) != 0; let list_all = (user_privs & PRIV_DATASTORE_AUDIT) != 0;
let owner = datastore.get_owner(group)?; let owner = datastore.get_owner(group)?;
if !list_all && owner != userid { if !list_all && check_backup_owner(&owner, &auth_id).is_err() {
continue; continue;
} }
@ -423,12 +432,18 @@ pub fn list_snapshots (
Ok(snapshots) Ok(snapshots)
} }
// returns a map from type to (group_count, snapshot_count) fn get_snapshots_count(store: &DataStore) -> Result<Counts, Error> {
fn get_snaphots_count(store: &DataStore) -> Result<HashMap<String, (usize, usize)>, Error> {
let base_path = store.base_path(); let base_path = store.base_path();
let backup_list = BackupInfo::list_backups(&base_path)?; let backup_list = BackupInfo::list_backups(&base_path)?;
let mut groups = HashSet::new(); let mut groups = HashSet::new();
let mut result: HashMap<String, (usize, usize)> = HashMap::new();
let mut result = Counts {
ct: None,
host: None,
vm: None,
other: None,
};
for info in backup_list { for info in backup_list {
let group = info.backup_dir.group(); let group = info.backup_dir.group();
@ -441,13 +456,23 @@ fn get_snaphots_count(store: &DataStore) -> Result<HashMap<String, (usize, usize
new_id = true; new_id = true;
} }
if let Some(mut counts) = result.get_mut(backup_type) { let mut counts = match backup_type {
counts.1 += 1; "ct" => result.ct.take().unwrap_or(Default::default()),
if new_id { "host" => result.host.take().unwrap_or(Default::default()),
counts.0 +=1; "vm" => result.vm.take().unwrap_or(Default::default()),
} _ => result.other.take().unwrap_or(Default::default()),
} else { };
result.insert(backup_type.to_string(), (1, 1));
counts.snapshots += 1;
if new_id {
counts.groups +=1;
}
match backup_type {
"ct" => result.ct = Some(counts),
"host" => result.host = Some(counts),
"vm" => result.vm = Some(counts),
_ => result.other = Some(counts),
} }
} }
@ -463,21 +488,7 @@ fn get_snaphots_count(store: &DataStore) -> Result<HashMap<String, (usize, usize
}, },
}, },
returns: { returns: {
description: "The overall Datastore status and information.", type: DataStoreStatus,
type: Object,
properties: {
storage: {
type: StorageStatus,
},
counts: {
description: "Group and Snapshot counts per Type",
type: Object,
properties: { },
},
"gc-status": {
type: GarbageCollectionStatus,
},
},
}, },
access: { access: {
permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_BACKUP, true), permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_BACKUP, true),
@ -488,19 +499,19 @@ pub fn status(
store: String, store: String,
_info: &ApiMethod, _info: &ApiMethod,
_rpcenv: &mut dyn RpcEnvironment, _rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<DataStoreStatus, Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let storage_status = crate::tools::disks::disk_usage(&datastore.base_path())?; let storage = crate::tools::disks::disk_usage(&datastore.base_path())?;
let counts = get_snaphots_count(&datastore)?; let counts = get_snapshots_count(&datastore)?;
let gc_status = datastore.last_gc_status(); let gc_status = datastore.last_gc_status();
let res = json!({ Ok(DataStoreStatus {
"storage": storage_status, total: storage.total,
"counts": counts, used: storage.used,
"gc-status": gc_status, avail: storage.avail,
}); gc_status,
counts,
Ok(res) })
} }
#[api( #[api(
@ -527,7 +538,7 @@ pub fn status(
schema: UPID_SCHEMA, schema: UPID_SCHEMA,
}, },
access: { access: {
permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_READ | PRIV_DATASTORE_BACKUP, true), // fixme permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_VERIFY | PRIV_DATASTORE_BACKUP, true),
}, },
)] )]
/// Verify backups. /// Verify backups.
@ -543,6 +554,7 @@ pub fn verify(
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let worker_id; let worker_id;
let mut backup_dir = None; let mut backup_dir = None;
@ -553,12 +565,18 @@ pub fn verify(
(Some(backup_type), Some(backup_id), Some(backup_time)) => { (Some(backup_type), Some(backup_id), Some(backup_time)) => {
worker_id = format!("{}:{}/{}/{:08X}", store, backup_type, backup_id, backup_time); worker_id = format!("{}:{}/{}/{:08X}", store, backup_type, backup_id, backup_time);
let dir = BackupDir::new(backup_type, backup_id, backup_time)?; let dir = BackupDir::new(backup_type, backup_id, backup_time)?;
check_priv_or_backup_owner(&datastore, dir.group(), &auth_id, PRIV_DATASTORE_VERIFY)?;
backup_dir = Some(dir); backup_dir = Some(dir);
worker_type = "verify_snapshot"; worker_type = "verify_snapshot";
} }
(Some(backup_type), Some(backup_id), None) => { (Some(backup_type), Some(backup_id), None) => {
worker_id = format!("{}:{}/{}", store, backup_type, backup_id); worker_id = format!("{}:{}/{}", store, backup_type, backup_id);
let group = BackupGroup::new(backup_type, backup_id); let group = BackupGroup::new(backup_type, backup_id);
check_priv_or_backup_owner(&datastore, &group, &auth_id, PRIV_DATASTORE_VERIFY)?;
backup_group = Some(group); backup_group = Some(group);
worker_type = "verify_group"; worker_type = "verify_group";
} }
@ -568,18 +586,16 @@ pub fn verify(
_ => bail!("parameters do not specify a backup group or snapshot"), _ => bail!("parameters do not specify a backup group or snapshot"),
} }
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
let upid_str = WorkerTask::new_thread( let upid_str = WorkerTask::new_thread(
worker_type, worker_type,
Some(worker_id.clone()), Some(worker_id.clone()),
userid, auth_id.clone(),
to_stdout, to_stdout,
move |worker| { move |worker| {
let verified_chunks = Arc::new(Mutex::new(HashSet::with_capacity(1024*16))); let verified_chunks = Arc::new(Mutex::new(HashSet::with_capacity(1024*16)));
let corrupt_chunks = Arc::new(Mutex::new(HashSet::with_capacity(64))); let corrupt_chunks = Arc::new(Mutex::new(HashSet::with_capacity(64)));
let filter = |_backup_info: &BackupInfo| { true };
let failed_dirs = if let Some(backup_dir) = backup_dir { let failed_dirs = if let Some(backup_dir) = backup_dir {
let mut res = Vec::new(); let mut res = Vec::new();
@ -590,6 +606,7 @@ pub fn verify(
corrupt_chunks, corrupt_chunks,
worker.clone(), worker.clone(),
worker.upid().clone(), worker.upid().clone(),
None,
)? { )? {
res.push(backup_dir.to_string()); res.push(backup_dir.to_string());
} }
@ -603,11 +620,20 @@ pub fn verify(
None, None,
worker.clone(), worker.clone(),
worker.upid(), worker.upid(),
&filter, None,
)?; )?;
failed_dirs failed_dirs
} else { } else {
verify_all_backups(datastore, worker.clone(), worker.upid(), &filter)? let privs = CachedUserInfo::new()?
.lookup_privs(&auth_id, &["datastore", &store]);
let owner = if privs & PRIV_DATASTORE_VERIFY == 0 {
Some(auth_id)
} else {
None
};
verify_all_backups(datastore, worker.clone(), worker.upid(), owner, None)?
}; };
if failed_dirs.len() > 0 { if failed_dirs.len() > 0 {
worker.log("Failed to verify following snapshots:"); worker.log("Failed to verify following snapshots:");
@ -703,9 +729,7 @@ fn prune(
let backup_type = tools::required_string_param(&param, "backup-type")?; let backup_type = tools::required_string_param(&param, "backup-type")?;
let backup_id = tools::required_string_param(&param, "backup-id")?; let backup_id = tools::required_string_param(&param, "backup-id")?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let dry_run = param["dry-run"].as_bool().unwrap_or(false); let dry_run = param["dry-run"].as_bool().unwrap_or(false);
@ -713,8 +737,7 @@ fn prune(
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let allowed = (user_privs & PRIV_DATASTORE_MODIFY) != 0; check_priv_or_backup_owner(&datastore, &group, &auth_id, PRIV_DATASTORE_MODIFY)?;
if !allowed { check_backup_owner(&datastore, &group, &userid)?; }
let prune_options = PruneOptions { let prune_options = PruneOptions {
keep_last: param["keep-last"].as_u64(), keep_last: param["keep-last"].as_u64(),
@ -756,7 +779,7 @@ fn prune(
// We use a WorkerTask just to have a task log, but run synchrounously // We use a WorkerTask just to have a task log, but run synchrounously
let worker = WorkerTask::new("prune", Some(worker_id), Userid::root_userid().clone(), true)?; let worker = WorkerTask::new("prune", Some(worker_id), auth_id.clone(), true)?;
if keep_all { if keep_all {
worker.log("No prune selection - keeping all files."); worker.log("No prune selection - keeping all files.");
@ -831,21 +854,15 @@ fn start_garbage_collection(
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
println!("Starting garbage collection on store {}", store); let job = Job::new("garbage_collection", &store)
.map_err(|_| format_err!("garbage collection already running"))?;
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
let upid_str = WorkerTask::new_thread( let upid_str = crate::server::do_garbage_collection_job(job, datastore, &auth_id, None, to_stdout)
"garbage_collection", .map_err(|err| format_err!("unable to start garbage collection job on datastore {} - {}", store, err))?;
Some(store.clone()),
Userid::root_userid().clone(),
to_stdout,
move |worker| {
worker.log(format!("starting garbage collection on store {}", store));
datastore.garbage_collection(&*worker, worker.upid())
},
)?;
Ok(json!(upid_str)) Ok(json!(upid_str))
} }
@ -909,13 +926,13 @@ fn get_datastore_list(
let (config, _digest) = datastore::config()?; let (config, _digest) = datastore::config()?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let mut list = Vec::new(); let mut list = Vec::new();
for (store, (_, data)) in &config.sections { for (store, (_, data)) in &config.sections {
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]); let user_privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
let allowed = (user_privs & (PRIV_DATASTORE_AUDIT| PRIV_DATASTORE_BACKUP)) != 0; let allowed = (user_privs & (PRIV_DATASTORE_AUDIT| PRIV_DATASTORE_BACKUP)) != 0;
if allowed { if allowed {
let mut entry = json!({ "store": store }); let mut entry = json!({ "store": store });
@ -960,9 +977,7 @@ fn download_file(
let store = tools::required_string_param(&param, "store")?; let store = tools::required_string_param(&param, "store")?;
let datastore = DataStore::lookup_datastore(store)?; let datastore = DataStore::lookup_datastore(store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let file_name = tools::required_string_param(&param, "file-name")?.to_owned(); let file_name = tools::required_string_param(&param, "file-name")?.to_owned();
@ -972,8 +987,7 @@ fn download_file(
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_READ)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
println!("Download {} from {} ({}/{})", file_name, store, backup_dir, file_name); println!("Download {} from {} ({}/{})", file_name, store, backup_dir, file_name);
@ -1033,9 +1047,7 @@ fn download_file_decoded(
let store = tools::required_string_param(&param, "store")?; let store = tools::required_string_param(&param, "store")?;
let datastore = DataStore::lookup_datastore(store)?; let datastore = DataStore::lookup_datastore(store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let file_name = tools::required_string_param(&param, "file-name")?.to_owned(); let file_name = tools::required_string_param(&param, "file-name")?.to_owned();
@ -1045,8 +1057,7 @@ fn download_file_decoded(
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_READ)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
let (manifest, files) = read_backup_index(&datastore, &backup_dir)?; let (manifest, files) = read_backup_index(&datastore, &backup_dir)?;
for file in files { for file in files {
@ -1158,8 +1169,9 @@ fn upload_backup_log(
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
check_backup_owner(&datastore, backup_dir.group(), &userid)?; let owner = datastore.get_owner(backup_dir.group())?;
check_backup_owner(&owner, &auth_id)?;
let mut path = datastore.base_path(); let mut path = datastore.base_path();
path.push(backup_dir.relative_path()); path.push(backup_dir.relative_path());
@ -1228,14 +1240,11 @@ fn catalog(
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_READ)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
let file_name = CATALOG_NAME; let file_name = CATALOG_NAME;
@ -1399,9 +1408,7 @@ fn pxar_file_download(
let store = tools::required_string_param(&param, "store")?; let store = tools::required_string_param(&param, "store")?;
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let filepath = tools::required_string_param(&param, "filepath")?.to_owned(); let filepath = tools::required_string_param(&param, "filepath")?.to_owned();
@ -1411,8 +1418,7 @@ fn pxar_file_download(
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_READ)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
let mut components = base64::decode(&filepath)?; let mut components = base64::decode(&filepath)?;
if components.len() > 0 && components[0] == '/' as u8 { if components.len() > 0 && components[0] == '/' as u8 {
@ -1565,7 +1571,7 @@ fn get_rrd_stats(
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_READ | PRIV_DATASTORE_BACKUP, true), permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_BACKUP, true),
}, },
)] )]
/// Get "notes" for a specific backup /// Get "notes" for a specific backup
@ -1578,14 +1584,10 @@ fn get_notes(
) -> Result<String, Error> { ) -> Result<String, Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_AUDIT)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
let (manifest, _) = datastore.load_manifest(&backup_dir)?; let (manifest, _) = datastore.load_manifest(&backup_dir)?;
@ -1617,7 +1619,9 @@ fn get_notes(
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_MODIFY, true), permission: &Permission::Privilege(&["datastore", "{store}"],
PRIV_DATASTORE_MODIFY | PRIV_DATASTORE_BACKUP,
true),
}, },
)] )]
/// Set "notes" for a specific backup /// Set "notes" for a specific backup
@ -1631,14 +1635,10 @@ fn set_notes(
) -> Result<(), Error> { ) -> Result<(), Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]);
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
let allowed = (user_privs & PRIV_DATASTORE_READ) != 0; check_priv_or_backup_owner(&datastore, backup_dir.group(), &auth_id, PRIV_DATASTORE_MODIFY)?;
if !allowed { check_backup_owner(&datastore, backup_dir.group(), &userid)?; }
datastore.update_manifest(&backup_dir,|manifest| { datastore.update_manifest(&backup_dir,|manifest| {
manifest.unprotected["notes"] = notes.into(); manifest.unprotected["notes"] = notes.into();
@ -1660,12 +1660,13 @@ fn set_notes(
schema: BACKUP_ID_SCHEMA, schema: BACKUP_ID_SCHEMA,
}, },
"new-owner": { "new-owner": {
type: Userid, type: Authid,
}, },
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_MODIFY, true), permission: &Permission::Anybody,
description: "Datastore.Modify on whole datastore, or changing ownership between user and a user's token for owned backups with Datastore.Backup"
}, },
)] )]
/// Change owner of a backup group /// Change owner of a backup group
@ -1673,18 +1674,69 @@ fn set_backup_owner(
store: String, store: String,
backup_type: String, backup_type: String,
backup_id: String, backup_id: String,
new_owner: Userid, new_owner: Authid,
_rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> { ) -> Result<(), Error> {
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
let backup_group = BackupGroup::new(backup_type, backup_id); let backup_group = BackupGroup::new(backup_type, backup_id);
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
if !user_info.is_active_user(&new_owner) { let privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
bail!("user '{}' is inactive or non-existent", new_owner);
let allowed = if (privs & PRIV_DATASTORE_MODIFY) != 0 {
// High-privilege user/token
true
} else if (privs & PRIV_DATASTORE_BACKUP) != 0 {
let owner = datastore.get_owner(&backup_group)?;
match (owner.is_token(), new_owner.is_token()) {
(true, true) => {
// API token to API token, owned by same user
let owner = owner.user();
let new_owner = new_owner.user();
owner == new_owner && Authid::from(owner.clone()) == auth_id
},
(true, false) => {
// API token to API token owner
Authid::from(owner.user().clone()) == auth_id
&& new_owner == auth_id
},
(false, true) => {
// API token owner to API token
owner == auth_id
&& Authid::from(new_owner.user().clone()) == auth_id
},
(false, false) => {
// User to User, not allowed for unprivileged users
false
},
}
} else {
false
};
if !allowed {
return Err(http_err!(UNAUTHORIZED,
"{} does not have permission to change owner of backup group '{}' to {}",
auth_id,
backup_group,
new_owner,
));
}
if !user_info.is_active_auth_id(&new_owner) {
bail!("{} '{}' is inactive or non-existent",
if new_owner.is_token() {
"API token".to_string()
} else {
"user".to_string()
},
new_owner);
} }
datastore.set_owner(&backup_group, &new_owner, true)?; datastore.set_owner(&backup_group, &new_owner, true)?;

32
src/api2/admin/sync.rs
View File

@ -1,12 +1,15 @@
use anyhow::{format_err, Error}; use anyhow::{bail, format_err, Error};
use serde_json::Value; use serde_json::Value;
use proxmox::api::{api, ApiMethod, Router, RpcEnvironment}; use proxmox::api::{api, ApiMethod, Permission, Router, RpcEnvironment};
use proxmox::api::router::SubdirMap; use proxmox::api::router::SubdirMap;
use proxmox::{list_subdirs_api_method, sortable}; use proxmox::{list_subdirs_api_method, sortable};
use crate::api2::types::*; use crate::api2::types::*;
use crate::api2::pull::do_sync_job; use crate::api2::pull::do_sync_job;
use crate::api2::config::sync::{check_sync_job_modify_access, check_sync_job_read_access};
use crate::config::cached_user_info::CachedUserInfo;
use crate::config::sync::{self, SyncJobStatus, SyncJobConfig}; use crate::config::sync::{self, SyncJobStatus, SyncJobConfig};
use crate::server::UPID; use crate::server::UPID;
use crate::server::jobstate::{Job, JobState}; use crate::server::jobstate::{Job, JobState};
@ -27,6 +30,10 @@ use crate::tools::systemd::time::{
type: Array, type: Array,
items: { type: sync::SyncJobStatus }, items: { type: sync::SyncJobStatus },
}, },
access: {
description: "Limited to sync jobs where user has Datastore.Audit on target datastore, and Remote.Audit on source remote.",
permission: &Permission::Anybody,
},
)] )]
/// List all sync jobs /// List all sync jobs
pub fn list_sync_jobs( pub fn list_sync_jobs(
@ -35,6 +42,9 @@ pub fn list_sync_jobs(
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<SyncJobStatus>, Error> { ) -> Result<Vec<SyncJobStatus>, Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let (config, digest) = sync::config()?; let (config, digest) = sync::config()?;
let mut list: Vec<SyncJobStatus> = config let mut list: Vec<SyncJobStatus> = config
@ -46,6 +56,10 @@ pub fn list_sync_jobs(
} else { } else {
true true
} }
})
.filter(|job: &SyncJobStatus| {
let as_config: SyncJobConfig = job.clone().into();
check_sync_job_read_access(&user_info, &auth_id, &as_config)
}).collect(); }).collect();
for job in &mut list { for job in &mut list {
@ -89,7 +103,11 @@ pub fn list_sync_jobs(
schema: JOB_ID_SCHEMA, schema: JOB_ID_SCHEMA,
} }
} }
} },
access: {
description: "User needs Datastore.Backup on target datastore, and Remote.Read on source remote. Additionally, remove_vanished requires Datastore.Prune, and any owner other than the user themselves requires Datastore.Modify",
permission: &Permission::Anybody,
},
)] )]
/// Runs the sync jobs manually. /// Runs the sync jobs manually.
fn run_sync_job( fn run_sync_job(
@ -97,15 +115,19 @@ fn run_sync_job(
_info: &ApiMethod, _info: &ApiMethod,
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<String, Error> { ) -> Result<String, Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let (config, _digest) = sync::config()?; let (config, _digest) = sync::config()?;
let sync_job: SyncJobConfig = config.lookup("sync", &id)?; let sync_job: SyncJobConfig = config.lookup("sync", &id)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; if !check_sync_job_modify_access(&user_info, &auth_id, &sync_job) {
bail!("permission check failed");
}
let job = Job::new("syncjob", &id)?; let job = Job::new("syncjob", &id)?;
let upid_str = do_sync_job(job, sync_job, &userid, None)?; let upid_str = do_sync_job(job, sync_job, &auth_id, None)?;
Ok(upid_str) Ok(upid_str)
} }

4
src/api2/admin/verify.rs
View File

@ -101,11 +101,11 @@ fn run_verification_job(
let (config, _digest) = verify::config()?; let (config, _digest) = verify::config()?;
let verification_job: VerificationJobConfig = config.lookup("verification", &id)?; let verification_job: VerificationJobConfig = config.lookup("verification", &id)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let job = Job::new("verificationjob", &id)?; let job = Job::new("verificationjob", &id)?;
let upid_str = do_verification_job(job, verification_job, &userid, None)?; let upid_str = do_verification_job(job, verification_job, &auth_id, None)?;
Ok(upid_str) Ok(upid_str)
} }

17
src/api2/backup.rs
View File

@ -59,12 +59,12 @@ async move {
let debug = param["debug"].as_bool().unwrap_or(false); let debug = param["debug"].as_bool().unwrap_or(false);
let benchmark = param["benchmark"].as_bool().unwrap_or(false); let benchmark = param["benchmark"].as_bool().unwrap_or(false);
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let store = tools::required_string_param(&param, "store")?.to_owned(); let store = tools::required_string_param(&param, "store")?.to_owned();
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
user_info.check_privs(&userid, &["datastore", &store], PRIV_DATASTORE_BACKUP, false)?; user_info.check_privs(&auth_id, &["datastore", &store], PRIV_DATASTORE_BACKUP, false)?;
let datastore = DataStore::lookup_datastore(&store)?; let datastore = DataStore::lookup_datastore(&store)?;
@ -105,12 +105,15 @@ async move {
}; };
// lock backup group to only allow one backup per group at a time // lock backup group to only allow one backup per group at a time
let (owner, _group_guard) = datastore.create_locked_backup_group(&backup_group, &userid)?; let (owner, _group_guard) = datastore.create_locked_backup_group(&backup_group, &auth_id)?;
// permission check // permission check
if owner != userid && worker_type != "benchmark" { let correct_owner = owner == auth_id
|| (owner.is_token()
&& Authid::from(owner.user().clone()) == auth_id);
if !correct_owner && worker_type != "benchmark" {
// only the owner is allowed to create additional snapshots // only the owner is allowed to create additional snapshots
bail!("backup owner check failed ({} != {})", userid, owner); bail!("backup owner check failed ({} != {})", auth_id, owner);
} }
let last_backup = { let last_backup = {
@ -153,9 +156,9 @@ async move {
if !is_new { bail!("backup directory already exists."); } if !is_new { bail!("backup directory already exists."); }
WorkerTask::spawn(worker_type, Some(worker_id), userid.clone(), true, move |worker| { WorkerTask::spawn(worker_type, Some(worker_id), auth_id.clone(), true, move |worker| {
let mut env = BackupEnvironment::new( let mut env = BackupEnvironment::new(
env_type, userid, worker.clone(), datastore, backup_dir); env_type, auth_id, worker.clone(), datastore, backup_dir);
env.debug = debug; env.debug = debug;
env.last_backup = last_backup; env.last_backup = last_backup;

19
src/api2/backup/environment.rs
View File

@ -10,7 +10,7 @@ use proxmox::tools::digest_to_hex;
use proxmox::tools::fs::{replace_file, CreateOptions}; use proxmox::tools::fs::{replace_file, CreateOptions};
use proxmox::api::{RpcEnvironment, RpcEnvironmentType}; use proxmox::api::{RpcEnvironment, RpcEnvironmentType};
use crate::api2::types::Userid; use crate::api2::types::Authid;
use crate::backup::*; use crate::backup::*;
use crate::server::WorkerTask; use crate::server::WorkerTask;
use crate::server::formatter::*; use crate::server::formatter::*;
@ -104,7 +104,7 @@ impl SharedBackupState {
pub struct BackupEnvironment { pub struct BackupEnvironment {
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
result_attributes: Value, result_attributes: Value,
user: Userid, auth_id: Authid,
pub debug: bool, pub debug: bool,
pub formatter: &'static OutputFormatter, pub formatter: &'static OutputFormatter,
pub worker: Arc<WorkerTask>, pub worker: Arc<WorkerTask>,
@ -117,7 +117,7 @@ pub struct BackupEnvironment {
impl BackupEnvironment { impl BackupEnvironment {
pub fn new( pub fn new(
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
user: Userid, auth_id: Authid,
worker: Arc<WorkerTask>, worker: Arc<WorkerTask>,
datastore: Arc<DataStore>, datastore: Arc<DataStore>,
backup_dir: BackupDir, backup_dir: BackupDir,
@ -137,7 +137,7 @@ impl BackupEnvironment {
Self { Self {
result_attributes: json!({}), result_attributes: json!({}),
env_type, env_type,
user, auth_id,
worker, worker,
datastore, datastore,
debug: false, debug: false,
@ -518,7 +518,7 @@ impl BackupEnvironment {
WorkerTask::new_thread( WorkerTask::new_thread(
"verify", "verify",
Some(worker_id), Some(worker_id),
self.user.clone(), self.auth_id.clone(),
false, false,
move |worker| { move |worker| {
worker.log("Automatically verifying newly added snapshot"); worker.log("Automatically verifying newly added snapshot");
@ -533,6 +533,7 @@ impl BackupEnvironment {
corrupt_chunks, corrupt_chunks,
worker.clone(), worker.clone(),
worker.upid().clone(), worker.upid().clone(),
None,
snap_lock, snap_lock,
)? { )? {
bail!("verification failed - please check the log for details"); bail!("verification failed - please check the log for details");
@ -598,12 +599,12 @@ impl RpcEnvironment for BackupEnvironment {
self.env_type self.env_type
} }
fn set_user(&mut self, _user: Option<String>) { fn set_auth_id(&mut self, _auth_id: Option<String>) {
panic!("unable to change user"); panic!("unable to change auth_id");
} }
fn get_user(&self) -> Option<String> { fn get_auth_id(&self) -> Option<String> {
Some(self.user.to_string()) Some(self.auth_id.to_string())
} }
} }

4
src/api2/config/datastore.rs
View File

@ -35,14 +35,14 @@ pub fn list_datastores(
let (config, digest) = datastore::config()?; let (config, digest) = datastore::config()?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
let list:Vec<DataStoreConfig> = config.convert_to_typed_array("datastore")?; let list:Vec<DataStoreConfig> = config.convert_to_typed_array("datastore")?;
let filter_by_privs = |store: &DataStoreConfig| { let filter_by_privs = |store: &DataStoreConfig| {
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store.name]); let user_privs = user_info.lookup_privs(&auth_id, &["datastore", &store.name]);
(user_privs & PRIV_DATASTORE_AUDIT) != 0 (user_privs & PRIV_DATASTORE_AUDIT) != 0
}; };

21
src/api2/config/remote.rs
View File

@ -6,6 +6,7 @@ use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
use proxmox::tools::fs::open_file_locked; use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*; use crate::api2::types::*;
use crate::config::cached_user_info::CachedUserInfo;
use crate::config::remote; use crate::config::remote;
use crate::config::acl::{PRIV_REMOTE_AUDIT, PRIV_REMOTE_MODIFY}; use crate::config::acl::{PRIV_REMOTE_AUDIT, PRIV_REMOTE_MODIFY};
@ -22,7 +23,8 @@ use crate::config::acl::{PRIV_REMOTE_AUDIT, PRIV_REMOTE_MODIFY};
}, },
}, },
access: { access: {
permission: &Permission::Privilege(&["remote"], PRIV_REMOTE_AUDIT, false), description: "List configured remotes filtered by Remote.Audit privileges",
permission: &Permission::Anybody,
}, },
)] )]
/// List all remotes /// List all remotes
@ -31,16 +33,25 @@ pub fn list_remotes(
_info: &ApiMethod, _info: &ApiMethod,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<remote::Remote>, Error> { ) -> Result<Vec<remote::Remote>, Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let (config, digest) = remote::config()?; let (config, digest) = remote::config()?;
let mut list: Vec<remote::Remote> = config.convert_to_typed_array("remote")?; let mut list: Vec<remote::Remote> = config.convert_to_typed_array("remote")?;
// don't return password in api // don't return password in api
for remote in &mut list { for remote in &mut list {
remote.password = "".to_string(); remote.password = "".to_string();
} }
let list = list
.into_iter()
.filter(|remote| {
let privs = user_info.lookup_privs(&auth_id, &["remote", &remote.name]);
privs & PRIV_REMOTE_AUDIT != 0
})
.collect();
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(list) Ok(list)
} }
@ -66,7 +77,7 @@ pub fn list_remotes(
default: 8007, default: 8007,
}, },
userid: { userid: {
type: Userid, type: Authid,
}, },
password: { password: {
schema: remote::REMOTE_PASSWORD_SCHEMA, schema: remote::REMOTE_PASSWORD_SCHEMA,
@ -167,7 +178,7 @@ pub enum DeletableProperty {
}, },
userid: { userid: {
optional: true, optional: true,
type: Userid, type: Authid,
}, },
password: { password: {
optional: true, optional: true,
@ -201,7 +212,7 @@ pub fn update_remote(
comment: Option<String>, comment: Option<String>,
host: Option<String>, host: Option<String>,
port: Option<u16>, port: Option<u16>,
userid: Option<Userid>, userid: Option<Authid>,
password: Option<String>, password: Option<String>,
fingerprint: Option<String>, fingerprint: Option<String>,
delete: Option<Vec<DeletableProperty>>, delete: Option<Vec<DeletableProperty>>,

266
src/api2/config/sync.rs
View File

@ -2,13 +2,73 @@ use anyhow::{bail, Error};
use serde_json::Value; use serde_json::Value;
use ::serde::{Deserialize, Serialize}; use ::serde::{Deserialize, Serialize};
use proxmox::api::{api, Router, RpcEnvironment}; use proxmox::api::{api, Permission, Router, RpcEnvironment};
use proxmox::tools::fs::open_file_locked; use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*; use crate::api2::types::*;
use crate::config::acl::{
PRIV_DATASTORE_AUDIT,
PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_MODIFY,
PRIV_DATASTORE_PRUNE,
PRIV_REMOTE_AUDIT,
PRIV_REMOTE_READ,
};
use crate::config::cached_user_info::CachedUserInfo;
use crate::config::sync::{self, SyncJobConfig}; use crate::config::sync::{self, SyncJobConfig};
// fixme: add access permissions pub fn check_sync_job_read_access(
user_info: &CachedUserInfo,
auth_id: &Authid,
job: &SyncJobConfig,
) -> bool {
let datastore_privs = user_info.lookup_privs(&auth_id, &["datastore", &job.store]);
if datastore_privs & PRIV_DATASTORE_AUDIT == 0 {
return false;
}
let remote_privs = user_info.lookup_privs(&auth_id, &["remote", &job.remote]);
remote_privs & PRIV_REMOTE_AUDIT != 0
}
// user can run the corresponding pull job
pub fn check_sync_job_modify_access(
user_info: &CachedUserInfo,
auth_id: &Authid,
job: &SyncJobConfig,
) -> bool {
let datastore_privs = user_info.lookup_privs(&auth_id, &["datastore", &job.store]);
if datastore_privs & PRIV_DATASTORE_BACKUP == 0 {
return false;
}
if let Some(true) = job.remove_vanished {
if datastore_privs & PRIV_DATASTORE_PRUNE == 0 {
return false;
}
}
let correct_owner = match job.owner {
Some(ref owner) => {
owner == auth_id
|| (owner.is_token()
&& !auth_id.is_token()
&& owner.user() == auth_id.user())
},
// default sync owner
None => auth_id == Authid::backup_auth_id(),
};
// same permission as changing ownership after syncing
if !correct_owner && datastore_privs & PRIV_DATASTORE_MODIFY == 0 {
return false;
}
let remote_privs = user_info.lookup_privs(&auth_id, &["remote", &job.remote, &job.remote_store]);
remote_privs & PRIV_REMOTE_READ != 0
}
#[api( #[api(
input: { input: {
@ -19,12 +79,18 @@ use crate::config::sync::{self, SyncJobConfig};
type: Array, type: Array,
items: { type: sync::SyncJobConfig }, items: { type: sync::SyncJobConfig },
}, },
access: {
description: "Limited to sync job entries where user has Datastore.Audit on target datastore, and Remote.Audit on source remote.",
permission: &Permission::Anybody,
},
)] )]
/// List all sync jobs /// List all sync jobs
pub fn list_sync_jobs( pub fn list_sync_jobs(
_param: Value, _param: Value,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<SyncJobConfig>, Error> { ) -> Result<Vec<SyncJobConfig>, Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let (config, digest) = sync::config()?; let (config, digest) = sync::config()?;
@ -32,7 +98,11 @@ pub fn list_sync_jobs(
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(list) let list = list
.into_iter()
.filter(|sync_job| check_sync_job_read_access(&user_info, &auth_id, &sync_job))
.collect();
Ok(list)
} }
#[api( #[api(
@ -45,6 +115,10 @@ pub fn list_sync_jobs(
store: { store: {
schema: DATASTORE_SCHEMA, schema: DATASTORE_SCHEMA,
}, },
owner: {
type: Authid,
optional: true,
},
remote: { remote: {
schema: REMOTE_ID_SCHEMA, schema: REMOTE_ID_SCHEMA,
}, },
@ -65,13 +139,25 @@ pub fn list_sync_jobs(
}, },
}, },
}, },
access: {
description: "User needs Datastore.Backup on target datastore, and Remote.Read on source remote. Additionally, remove_vanished requires Datastore.Prune, and any owner other than the user themselves requires Datastore.Modify",
permission: &Permission::Anybody,
},
)] )]
/// Create a new sync job. /// Create a new sync job.
pub fn create_sync_job(param: Value) -> Result<(), Error> { pub fn create_sync_job(
param: Value,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?; let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
let sync_job: sync::SyncJobConfig = serde_json::from_value(param.clone())?; let sync_job: sync::SyncJobConfig = serde_json::from_value(param.clone())?;
if !check_sync_job_modify_access(&user_info, &auth_id, &sync_job) {
bail!("permission check failed");
}
let (mut config, _digest) = sync::config()?; let (mut config, _digest) = sync::config()?;
@ -100,15 +186,26 @@ pub fn create_sync_job(param: Value) -> Result<(), Error> {
description: "The sync job configuration.", description: "The sync job configuration.",
type: sync::SyncJobConfig, type: sync::SyncJobConfig,
}, },
access: {
description: "Limited to sync job entries where user has Datastore.Audit on target datastore, and Remote.Audit on source remote.",
permission: &Permission::Anybody,
},
)] )]
/// Read a sync job configuration. /// Read a sync job configuration.
pub fn read_sync_job( pub fn read_sync_job(
id: String, id: String,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<SyncJobConfig, Error> { ) -> Result<SyncJobConfig, Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let (config, digest) = sync::config()?; let (config, digest) = sync::config()?;
let sync_job = config.lookup("sync", &id)?; let sync_job = config.lookup("sync", &id)?;
if !check_sync_job_read_access(&user_info, &auth_id, &sync_job) {
bail!("permission check failed");
}
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(sync_job) Ok(sync_job)
@ -120,6 +217,8 @@ pub fn read_sync_job(
#[allow(non_camel_case_types)] #[allow(non_camel_case_types)]
/// Deletable property name /// Deletable property name
pub enum DeletableProperty { pub enum DeletableProperty {
/// Delete the owner property.
owner,
/// Delete the comment property. /// Delete the comment property.
comment, comment,
/// Delete the job schedule. /// Delete the job schedule.
@ -139,6 +238,10 @@ pub enum DeletableProperty {
schema: DATASTORE_SCHEMA, schema: DATASTORE_SCHEMA,
optional: true, optional: true,
}, },
owner: {
type: Authid,
optional: true,
},
remote: { remote: {
schema: REMOTE_ID_SCHEMA, schema: REMOTE_ID_SCHEMA,
optional: true, optional: true,
@ -173,11 +276,16 @@ pub enum DeletableProperty {
}, },
}, },
}, },
access: {
permission: &Permission::Anybody,
description: "User needs Datastore.Backup on target datastore, and Remote.Read on source remote. Additionally, remove_vanished requires Datastore.Prune, and any owner other than the user themselves requires Datastore.Modify",
},
)] )]
/// Update sync job config. /// Update sync job config.
pub fn update_sync_job( pub fn update_sync_job(
id: String, id: String,
store: Option<String>, store: Option<String>,
owner: Option<Authid>,
remote: Option<String>, remote: Option<String>,
remote_store: Option<String>, remote_store: Option<String>,
remove_vanished: Option<bool>, remove_vanished: Option<bool>,
@ -185,7 +293,10 @@ pub fn update_sync_job(
schedule: Option<String>, schedule: Option<String>,
delete: Option<Vec<DeletableProperty>>, delete: Option<Vec<DeletableProperty>>,
digest: Option<String>, digest: Option<String>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> { ) -> Result<(), Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?; let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
@ -202,6 +313,7 @@ pub fn update_sync_job(
if let Some(delete) = delete { if let Some(delete) = delete {
for delete_prop in delete { for delete_prop in delete {
match delete_prop { match delete_prop {
DeletableProperty::owner => { data.owner = None; },
DeletableProperty::comment => { data.comment = None; }, DeletableProperty::comment => { data.comment = None; },
DeletableProperty::schedule => { data.schedule = None; }, DeletableProperty::schedule => { data.schedule = None; },
DeletableProperty::remove_vanished => { data.remove_vanished = None; }, DeletableProperty::remove_vanished => { data.remove_vanished = None; },
@ -221,11 +333,15 @@ pub fn update_sync_job(
if let Some(store) = store { data.store = store; } if let Some(store) = store { data.store = store; }
if let Some(remote) = remote { data.remote = remote; } if let Some(remote) = remote { data.remote = remote; }
if let Some(remote_store) = remote_store { data.remote_store = remote_store; } if let Some(remote_store) = remote_store { data.remote_store = remote_store; }
if let Some(owner) = owner { data.owner = Some(owner); }
if schedule.is_some() { data.schedule = schedule; } if schedule.is_some() { data.schedule = schedule; }
if remove_vanished.is_some() { data.remove_vanished = remove_vanished; } if remove_vanished.is_some() { data.remove_vanished = remove_vanished; }
if !check_sync_job_modify_access(&user_info, &auth_id, &data) {
bail!("permission check failed");
}
config.set_data(&id, "sync", &data)?; config.set_data(&id, "sync", &data)?;
sync::save_config(&config)?; sync::save_config(&config)?;
@ -246,9 +362,19 @@ pub fn update_sync_job(
}, },
}, },
}, },
access: {
permission: &Permission::Anybody,
description: "User needs Datastore.Backup on target datastore, and Remote.Read on source remote. Additionally, remove_vanished requires Datastore.Prune, and any owner other than the user themselves requires Datastore.Modify",
},
)] )]
/// Remove a sync job configuration /// Remove a sync job configuration
pub fn delete_sync_job(id: String, digest: Option<String>) -> Result<(), Error> { pub fn delete_sync_job(
id: String,
digest: Option<String>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<(), Error> {
let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?; let _lock = open_file_locked(sync::SYNC_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?;
@ -259,10 +385,15 @@ pub fn delete_sync_job(id: String, digest: Option<String>) -> Result<(), Error>
crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?; crate::tools::detect_modified_configuration_file(&digest, &expected_digest)?;
} }
match config.sections.get(&id) { match config.lookup("sync", &id) {
Some(_) => { config.sections.remove(&id); }, Ok(job) => {
None => bail!("job '{}' does not exist.", id), if !check_sync_job_modify_access(&user_info, &auth_id, &job) {
} bail!("permission check failed");
}
config.sections.remove(&id);
},
Err(_) => { bail!("job '{}' does not exist.", id) },
};
sync::save_config(&config)?; sync::save_config(&config)?;
@ -280,3 +411,116 @@ pub const ROUTER: Router = Router::new()
.get(&API_METHOD_LIST_SYNC_JOBS) .get(&API_METHOD_LIST_SYNC_JOBS)
.post(&API_METHOD_CREATE_SYNC_JOB) .post(&API_METHOD_CREATE_SYNC_JOB)
.match_all("id", &ITEM_ROUTER); .match_all("id", &ITEM_ROUTER);
#[test]
fn sync_job_access_test() -> Result<(), Error> {
let (user_cfg, _) = crate::config::user::test_cfg_from_str(r###"
user: noperm@pbs
user: read@pbs
user: write@pbs
"###).expect("test user.cfg is not parsable");
let acl_tree = crate::config::acl::AclTree::from_raw(r###"
acl:1:/datastore/localstore1:read@pbs,write@pbs:DatastoreAudit
acl:1:/datastore/localstore1:write@pbs:DatastoreBackup
acl:1:/datastore/localstore2:write@pbs:DatastorePowerUser
acl:1:/datastore/localstore3:write@pbs:DatastoreAdmin
acl:1:/remote/remote1:read@pbs,write@pbs:RemoteAudit
acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator
"###).expect("test acl.cfg is not parsable");
let user_info = CachedUserInfo::test_new(user_cfg, acl_tree);
let root_auth_id = Authid::root_auth_id();
let no_perm_auth_id: Authid = "noperm@pbs".parse()?;
let read_auth_id: Authid = "read@pbs".parse()?;
let write_auth_id: Authid = "write@pbs".parse()?;
let mut job = SyncJobConfig {
id: "regular".to_string(),
remote: "remote0".to_string(),
remote_store: "remotestore1".to_string(),
store: "localstore0".to_string(),
owner: Some(write_auth_id.clone()),
comment: None,
remove_vanished: None,
schedule: None,
};
// should work without ACLs
assert_eq!(check_sync_job_read_access(&user_info, &root_auth_id, &job), true);
assert_eq!(check_sync_job_modify_access(&user_info, &root_auth_id, &job), true);
// user without permissions must fail
assert_eq!(check_sync_job_read_access(&user_info, &no_perm_auth_id, &job), false);
assert_eq!(check_sync_job_modify_access(&user_info, &no_perm_auth_id, &job), false);
// reading without proper read permissions on either remote or local must fail
assert_eq!(check_sync_job_read_access(&user_info, &read_auth_id, &job), false);
// reading without proper read permissions on local end must fail
job.remote = "remote1".to_string();
assert_eq!(check_sync_job_read_access(&user_info, &read_auth_id, &job), false);
// reading without proper read permissions on remote end must fail
job.remote = "remote0".to_string();
job.store = "localstore1".to_string();
assert_eq!(check_sync_job_read_access(&user_info, &read_auth_id, &job), false);
// writing without proper write permissions on either end must fail
job.store = "localstore0".to_string();
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), false);
// writing without proper write permissions on local end must fail
job.remote = "remote1".to_string();
// writing without proper write permissions on remote end must fail
job.remote = "remote0".to_string();
job.store = "localstore1".to_string();
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), false);
// reset remote to one where users have access
job.remote = "remote1".to_string();
// user with read permission can only read, but not modify/run
assert_eq!(check_sync_job_read_access(&user_info, &read_auth_id, &job), true);
job.owner = Some(read_auth_id.clone());
assert_eq!(check_sync_job_modify_access(&user_info, &read_auth_id, &job), false);
job.owner = None;
assert_eq!(check_sync_job_modify_access(&user_info, &read_auth_id, &job), false);
job.owner = Some(write_auth_id.clone());
assert_eq!(check_sync_job_modify_access(&user_info, &read_auth_id, &job), false);
// user with simple write permission can modify/run
assert_eq!(check_sync_job_read_access(&user_info, &write_auth_id, &job), true);
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), true);
// but can't modify/run with deletion
job.remove_vanished = Some(true);
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), false);
// unless they have Datastore.Prune as well
job.store = "localstore2".to_string();
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), true);
// changing owner is not possible
job.owner = Some(read_auth_id.clone());
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), false);
// also not to the default 'backup@pam'
job.owner = None;
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), false);
// unless they have Datastore.Modify as well
job.store = "localstore3".to_string();
job.owner = Some(read_auth_id.clone());
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), true);
job.owner = None;
assert_eq!(check_sync_job_modify_access(&user_info, &write_auth_id, &job), true);
Ok(())
}

41
src/api2/config/verify.rs
View File

@ -2,10 +2,17 @@ use anyhow::{bail, Error};
use serde_json::Value; use serde_json::Value;
use ::serde::{Deserialize, Serialize}; use ::serde::{Deserialize, Serialize};
use proxmox::api::{api, Router, RpcEnvironment}; use proxmox::api::{api, Permission, Router, RpcEnvironment};
use proxmox::tools::fs::open_file_locked; use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*; use crate::api2::types::*;
use crate::config::acl::{
PRIV_DATASTORE_AUDIT,
PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_VERIFY,
};
use crate::config::verify::{self, VerificationJobConfig}; use crate::config::verify::{self, VerificationJobConfig};
#[api( #[api(
@ -17,6 +24,12 @@ use crate::config::verify::{self, VerificationJobConfig};
type: Array, type: Array,
items: { type: verify::VerificationJobConfig }, items: { type: verify::VerificationJobConfig },
}, },
access: {
permission: &Permission::Privilege(
&["datastore", "{store}"],
PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_BACKUP | PRIV_DATASTORE_VERIFY,
true),
},
)] )]
/// List all verification jobs /// List all verification jobs
pub fn list_verification_jobs( pub fn list_verification_jobs(
@ -61,7 +74,13 @@ pub fn list_verification_jobs(
schema: VERIFICATION_SCHEDULE_SCHEMA, schema: VERIFICATION_SCHEDULE_SCHEMA,
}, },
} }
} },
access: {
permission: &Permission::Privilege(
&["datastore", "{store}"],
PRIV_DATASTORE_VERIFY,
true),
},
)] )]
/// Create a new verification job. /// Create a new verification job.
pub fn create_verification_job(param: Value) -> Result<(), Error> { pub fn create_verification_job(param: Value) -> Result<(), Error> {
@ -97,6 +116,12 @@ pub fn create_verification_job(param: Value) -> Result<(), Error> {
description: "The verification job configuration.", description: "The verification job configuration.",
type: verify::VerificationJobConfig, type: verify::VerificationJobConfig,
}, },
access: {
permission: &Permission::Privilege(
&["datastore", "{store}"],
PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_BACKUP | PRIV_DATASTORE_VERIFY,
true),
},
)] )]
/// Read a verification job configuration. /// Read a verification job configuration.
pub fn read_verification_job( pub fn read_verification_job(
@ -167,6 +192,12 @@ pub enum DeletableProperty {
}, },
}, },
}, },
access: {
permission: &Permission::Privilege(
&["datastore", "{store}"],
PRIV_DATASTORE_VERIFY,
true),
},
)] )]
/// Update verification job config. /// Update verification job config.
pub fn update_verification_job( pub fn update_verification_job(
@ -238,6 +269,12 @@ pub fn update_verification_job(
}, },
}, },
}, },
access: {
permission: &Permission::Privilege(
&["datastore", "{store}"],
PRIV_DATASTORE_VERIFY,
true),
},
)] )]
/// Remove a verification job configuration /// Remove a verification job configuration
pub fn delete_verification_job(id: String, digest: Option<String>) -> Result<(), Error> { pub fn delete_verification_job(id: String, digest: Option<String>) -> Result<(), Error> {

15
src/api2/node.rs
View File

@ -24,20 +24,21 @@ use crate::server::WorkerTask;
use crate::tools; use crate::tools;
use crate::tools::ticket::{self, Empty, Ticket}; use crate::tools::ticket::{self, Empty, Ticket};
pub mod apt;
pub mod disks; pub mod disks;
pub mod dns; pub mod dns;
pub mod network; pub mod network;
pub mod tasks; pub mod tasks;
pub mod subscription;
pub(crate) mod rrd; pub(crate) mod rrd;
mod apt;
mod journal; mod journal;
mod services; mod services;
mod status; mod status;
mod subscription;
mod syslog; mod syslog;
mod time; mod time;
mod report;
pub const SHELL_CMD_SCHEMA: Schema = StringSchema::new("The command to run.") pub const SHELL_CMD_SCHEMA: Schema = StringSchema::new("The command to run.")
.format(&ApiStringFormat::Enum(&[ .format(&ApiStringFormat::Enum(&[
@ -91,10 +92,12 @@ async fn termproxy(
cmd: Option<String>, cmd: Option<String>,
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
// intentionally user only for now
let userid: Userid = rpcenv let userid: Userid = rpcenv
.get_user() .get_auth_id()
.ok_or_else(|| format_err!("unknown user"))? .ok_or_else(|| format_err!("unknown user"))?
.parse()?; .parse()?;
let auth_id = Authid::from(userid.clone());
if userid.realm() != "pam" { if userid.realm() != "pam" {
bail!("only pam users can use the console"); bail!("only pam users can use the console");
@ -137,7 +140,7 @@ async fn termproxy(
let upid = WorkerTask::spawn( let upid = WorkerTask::spawn(
"termproxy", "termproxy",
None, None,
userid, auth_id,
false, false,
move |worker| async move { move |worker| async move {
// move inside the worker so that it survives and does not close the port // move inside the worker so that it survives and does not close the port
@ -272,7 +275,8 @@ fn upgrade_to_websocket(
rpcenv: Box<dyn RpcEnvironment>, rpcenv: Box<dyn RpcEnvironment>,
) -> ApiResponseFuture { ) -> ApiResponseFuture {
async move { async move {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; // intentionally user only for now
let userid: Userid = rpcenv.get_auth_id().unwrap().parse()?;
let ticket = tools::required_string_param(&param, "vncticket")?; let ticket = tools::required_string_param(&param, "vncticket")?;
let port: u16 = tools::required_integer_param(&param, "port")? as u16; let port: u16 = tools::required_integer_param(&param, "port")? as u16;
@ -307,6 +311,7 @@ pub const SUBDIRS: SubdirMap = &[
("dns", &dns::ROUTER), ("dns", &dns::ROUTER),
("journal", &journal::ROUTER), ("journal", &journal::ROUTER),
("network", &network::ROUTER), ("network", &network::ROUTER),
("report", &report::ROUTER),
("rrd", &rrd::ROUTER), ("rrd", &rrd::ROUTER),
("services", &services::ROUTER), ("services", &services::ROUTER),
("status", &status::ROUTER), ("status", &status::ROUTER),

394
src/api2/node/apt.rs
View File

@ -1,301 +1,15 @@
use std::collections::HashSet;
use apt_pkg_native::Cache;
use anyhow::{Error, bail, format_err}; use anyhow::{Error, bail, format_err};
use serde_json::{json, Value}; use serde_json::{json, Value};
use proxmox::{list_subdirs_api_method, const_regex}; use proxmox::list_subdirs_api_method;
use proxmox::api::{api, RpcEnvironment, RpcEnvironmentType, Permission}; use proxmox::api::{api, RpcEnvironment, RpcEnvironmentType, Permission};
use proxmox::api::router::{Router, SubdirMap}; use proxmox::api::router::{Router, SubdirMap};
use crate::server::WorkerTask; use crate::server::WorkerTask;
use crate::tools::http; use crate::tools::{apt, http};
use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY}; use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
use crate::api2::types::{APTUpdateInfo, NODE_SCHEMA, Userid, UPID_SCHEMA}; use crate::api2::types::{Authid, APTUpdateInfo, NODE_SCHEMA, UPID_SCHEMA};
const_regex! {
VERSION_EPOCH_REGEX = r"^\d+:";
FILENAME_EXTRACT_REGEX = r"^.*/.*?_(.*)_Packages$";
}
// FIXME: once the 'changelog' API call switches over to 'apt-get changelog' only,
// consider removing this function entirely, as it's value is never used anywhere
// then (widget-toolkit doesn't use the value either)
fn get_changelog_url(
package: &str,
filename: &str,
version: &str,
origin: &str,
component: &str,
) -> Result<String, Error> {
if origin == "" {
bail!("no origin available for package {}", package);
}
if origin == "Debian" {
let mut command = std::process::Command::new("apt-get");
command.arg("changelog");
command.arg("--print-uris");
command.arg(package);
let output = crate::tools::run_command(command, None)?; // format: 'http://foo/bar' package.changelog
let output = match output.splitn(2, ' ').next() {
Some(output) => {
if output.len() < 2 {
bail!("invalid output (URI part too short) from 'apt-get changelog --print-uris': {}", output)
}
output[1..output.len()-1].to_owned()
},
None => bail!("invalid output from 'apt-get changelog --print-uris': {}", output)
};
return Ok(output);
} else if origin == "Proxmox" {
// FIXME: Use above call to 'apt changelog <pkg> --print-uris' as well.
// Currently not possible as our packages do not have a URI set in their Release file.
let version = (VERSION_EPOCH_REGEX.regex_obj)().replace_all(version, "");
let base = match (FILENAME_EXTRACT_REGEX.regex_obj)().captures(filename) {
Some(captures) => {
let base_capture = captures.get(1);
match base_capture {
Some(base_underscore) => base_underscore.as_str().replace("_", "/"),
None => bail!("incompatible filename, cannot find regex group")
}
},
None => bail!("incompatible filename, doesn't match regex")
};
return Ok(format!("http://download.proxmox.com/{}/{}_{}.changelog",
base, package, version));
}
bail!("unknown origin ({}) or component ({})", origin, component)
}
struct FilterData<'a> {
// this is version info returned by APT
installed_version: Option<&'a str>,
candidate_version: &'a str,
// this is the version info the filter is supposed to check
active_version: &'a str,
}
enum PackagePreSelect {
OnlyInstalled,
OnlyNew,
All,
}
fn list_installed_apt_packages<F: Fn(FilterData) -> bool>(
filter: F,
only_versions_for: Option<&str>,
) -> Vec<APTUpdateInfo> {
let mut ret = Vec::new();
let mut depends = HashSet::new();
// note: this is not an 'apt update', it just re-reads the cache from disk
let mut cache = Cache::get_singleton();
cache.reload();
let mut cache_iter = match only_versions_for {
Some(name) => cache.find_by_name(name),
None => cache.iter()
};
loop {
match cache_iter.next() {
Some(view) => {
let di = if only_versions_for.is_some() {
query_detailed_info(
PackagePreSelect::All,
&filter,
view,
None
)
} else {
query_detailed_info(
PackagePreSelect::OnlyInstalled,
&filter,
view,
Some(&mut depends)
)
};
if let Some(info) = di {
ret.push(info);
}
if only_versions_for.is_some() {
break;
}
},
None => {
drop(cache_iter);
// also loop through missing dependencies, as they would be installed
for pkg in depends.iter() {
let mut iter = cache.find_by_name(&pkg);
let view = match iter.next() {
Some(view) => view,
None => continue // package not found, ignore
};
let di = query_detailed_info(
PackagePreSelect::OnlyNew,
&filter,
view,
None
);
if let Some(info) = di {
ret.push(info);
}
}
break;
}
}
}
return ret;
}
fn query_detailed_info<'a, F, V>(
pre_select: PackagePreSelect,
filter: F,
view: V,
depends: Option<&mut HashSet<String>>,
) -> Option<APTUpdateInfo>
where
F: Fn(FilterData) -> bool,
V: std::ops::Deref<Target = apt_pkg_native::sane::PkgView<'a>>
{
let current_version = view.current_version();
let candidate_version = view.candidate_version();
let (current_version, candidate_version) = match pre_select {
PackagePreSelect::OnlyInstalled => match (current_version, candidate_version) {
(Some(cur), Some(can)) => (Some(cur), can), // package installed and there is an update
(Some(cur), None) => (Some(cur.clone()), cur), // package installed and up-to-date
(None, Some(_)) => return None, // package could be installed
(None, None) => return None, // broken
},
PackagePreSelect::OnlyNew => match (current_version, candidate_version) {
(Some(_), Some(_)) => return None,
(Some(_), None) => return None,
(None, Some(can)) => (None, can),
(None, None) => return None,
},
PackagePreSelect::All => match (current_version, candidate_version) {
(Some(cur), Some(can)) => (Some(cur), can),
(Some(cur), None) => (Some(cur.clone()), cur),
(None, Some(can)) => (None, can),
(None, None) => return None,
},
};
// get additional information via nested APT 'iterators'
let mut view_iter = view.versions();
while let Some(ver) = view_iter.next() {
let package = view.name();
let version = ver.version();
let mut origin_res = "unknown".to_owned();
let mut section_res = "unknown".to_owned();
let mut priority_res = "unknown".to_owned();
let mut change_log_url = "".to_owned();
let mut short_desc = package.clone();
let mut long_desc = "".to_owned();
let fd = FilterData {
installed_version: current_version.as_deref(),
candidate_version: &candidate_version,
active_version: &version,
};
if filter(fd) {
if let Some(section) = ver.section() {
section_res = section;
}
if let Some(prio) = ver.priority_type() {
priority_res = prio;
}
// assume every package has only one origin file (not
// origin, but origin *file*, for some reason those seem to
// be different concepts in APT)
let mut origin_iter = ver.origin_iter();
let origin = origin_iter.next();
if let Some(origin) = origin {
if let Some(sd) = origin.short_desc() {
short_desc = sd;
}
if let Some(ld) = origin.long_desc() {
long_desc = ld;
}
// the package files appear in priority order, meaning
// the one for the candidate version is first - this is fine
// however, as the source package should be the same for all
// versions anyway
let mut pkg_iter = origin.file();
let pkg_file = pkg_iter.next();
if let Some(pkg_file) = pkg_file {
if let Some(origin_name) = pkg_file.origin() {
origin_res = origin_name;
}
let filename = pkg_file.file_name();
let component = pkg_file.component();
// build changelog URL from gathered information
// ignore errors, use empty changelog instead
let url = get_changelog_url(&package, &filename,
&version, &origin_res, &component);
if let Ok(url) = url {
change_log_url = url;
}
}
}
if let Some(depends) = depends {
let mut dep_iter = ver.dep_iter();
loop {
let dep = match dep_iter.next() {
Some(dep) if dep.dep_type() != "Depends" => continue,
Some(dep) => dep,
None => break
};
let dep_pkg = dep.target_pkg();
let name = dep_pkg.name();
depends.insert(name);
}
}
return Some(APTUpdateInfo {
package,
title: short_desc,
arch: view.arch(),
description: long_desc,
change_log_url,
origin: origin_res,
version: candidate_version.clone(),
old_version: match current_version {
Some(vers) => vers,
None => "".to_owned()
},
priority: priority_res,
section: section_res,
});
}
}
return None;
}
#[api( #[api(
input: { input: {
@ -308,19 +22,60 @@ where
returns: { returns: {
description: "A list of packages with available updates.", description: "A list of packages with available updates.",
type: Array, type: Array,
items: { type: APTUpdateInfo }, items: {
type: APTUpdateInfo
},
}, },
protected: true,
access: { access: {
permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false), permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false),
}, },
)] )]
/// List available APT updates /// List available APT updates
fn apt_update_available(_param: Value) -> Result<Value, Error> { fn apt_update_available(_param: Value) -> Result<Value, Error> {
let all_upgradeable = list_installed_apt_packages(|data| {
data.candidate_version == data.active_version && match apt::pkg_cache_expired() {
data.installed_version != Some(data.candidate_version) Ok(false) => {
}, None); if let Ok(Some(cache)) = apt::read_pkg_state() {
Ok(json!(all_upgradeable)) return Ok(json!(cache.package_status));
}
},
_ => (),
}
let cache = apt::update_cache()?;
return Ok(json!(cache.package_status));
}
fn do_apt_update(worker: &WorkerTask, quiet: bool) -> Result<(), Error> {
if !quiet { worker.log("starting apt-get update") }
// TODO: set proxy /etc/apt/apt.conf.d/76pbsproxy like PVE
let mut command = std::process::Command::new("apt-get");
command.arg("update");
// apt "errors" quite easily, and run_command is a bit rigid, so handle this inline for now.
let output = command.output()
.map_err(|err| format_err!("failed to execute {:?} - {}", command, err))?;
if !quiet {
worker.log(String::from_utf8(output.stdout)?);
}
// TODO: improve run_command to allow outputting both, stderr and stdout
if !output.status.success() {
if output.status.code().is_some() {
let msg = String::from_utf8(output.stderr)
.map(|m| if m.is_empty() { String::from("no error message") } else { m })
.unwrap_or_else(|_| String::from("non utf8 error message (suppressed)"));
worker.warn(msg);
} else {
bail!("terminated by signal");
}
}
Ok(())
} }
#[api( #[api(
@ -330,6 +85,13 @@ fn apt_update_available(_param: Value) -> Result<Value, Error> {
node: { node: {
schema: NODE_SCHEMA, schema: NODE_SCHEMA,
}, },
notify: {
type: bool,
description: r#"Send notification mail about new package updates availanle to the
email address configured for 'root@pam')."#,
optional: true,
default: false,
},
quiet: { quiet: {
description: "Only produces output suitable for logging, omitting progress indicators.", description: "Only produces output suitable for logging, omitting progress indicators.",
type: bool, type: bool,
@ -347,26 +109,46 @@ fn apt_update_available(_param: Value) -> Result<Value, Error> {
)] )]
/// Update the APT database /// Update the APT database
pub fn apt_update_database( pub fn apt_update_database(
notify: Option<bool>,
quiet: Option<bool>, quiet: Option<bool>,
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<String, Error> { ) -> Result<String, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
// FIXME: change to non-option in signature and drop below once we have proxmox-api-macro 0.2.3
let quiet = quiet.unwrap_or(API_METHOD_APT_UPDATE_DATABASE_PARAM_DEFAULT_QUIET); let quiet = quiet.unwrap_or(API_METHOD_APT_UPDATE_DATABASE_PARAM_DEFAULT_QUIET);
let notify = notify.unwrap_or(API_METHOD_APT_UPDATE_DATABASE_PARAM_DEFAULT_NOTIFY);
let upid_str = WorkerTask::new_thread("aptupdate", None, userid, to_stdout, move |worker| { let upid_str = WorkerTask::new_thread("aptupdate", None, auth_id, to_stdout, move |worker| {
if !quiet { worker.log("starting apt-get update") } do_apt_update(&worker, quiet)?;
// TODO: set proxy /etc/apt/apt.conf.d/76pbsproxy like PVE let mut cache = apt::update_cache()?;
let mut command = std::process::Command::new("apt-get"); if notify {
command.arg("update"); let mut notified = match cache.notified {
Some(notified) => notified,
None => std::collections::HashMap::new(),
};
let mut to_notify: Vec<&APTUpdateInfo> = Vec::new();
let output = crate::tools::run_command(command, None)?; for pkg in &cache.package_status {
if !quiet { worker.log(output) } match notified.insert(pkg.package.to_owned(), pkg.version.to_owned()) {
Some(notified_version) => {
// TODO: add mail notify for new updates like PVE if notified_version != pkg.version {
to_notify.push(pkg);
}
},
None => to_notify.push(pkg),
}
}
if !to_notify.is_empty() {
to_notify.sort_unstable_by_key(|k| &k.package);
crate::server::send_updates_available(&to_notify)?;
}
cache.notified = Some(notified);
apt::write_pkg_cache(&cache)?;
}
Ok(()) Ok(())
})?; })?;
@ -406,7 +188,7 @@ fn apt_get_changelog(
let name = crate::tools::required_string_param(&param, "name")?.to_owned(); let name = crate::tools::required_string_param(&param, "name")?.to_owned();
let version = param["version"].as_str(); let version = param["version"].as_str();
let pkg_info = list_installed_apt_packages(|data| { let pkg_info = apt::list_installed_apt_packages(|data| {
match version { match version {
Some(version) => version == data.active_version, Some(version) => version == data.active_version,
None => data.active_version == data.candidate_version None => data.active_version == data.candidate_version

6
src/api2/node/disks.rs
View File

@ -13,7 +13,7 @@ use crate::tools::disks::{
}; };
use crate::server::WorkerTask; use crate::server::WorkerTask;
use crate::api2::types::{Userid, UPID_SCHEMA, NODE_SCHEMA, BLOCKDEVICE_NAME_SCHEMA}; use crate::api2::types::{Authid, UPID_SCHEMA, NODE_SCHEMA, BLOCKDEVICE_NAME_SCHEMA};
pub mod directory; pub mod directory;
pub mod zfs; pub mod zfs;
@ -140,7 +140,7 @@ pub fn initialize_disk(
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let info = get_disk_usage_info(&disk, true)?; let info = get_disk_usage_info(&disk, true)?;
@ -149,7 +149,7 @@ pub fn initialize_disk(
} }
let upid_str = WorkerTask::new_thread( let upid_str = WorkerTask::new_thread(
"diskinit", Some(disk.clone()), userid, to_stdout, move |worker| "diskinit", Some(disk.clone()), auth_id, to_stdout, move |worker|
{ {
worker.log(format!("initialize disk {}", disk)); worker.log(format!("initialize disk {}", disk));

4
src/api2/node/disks/directory.rs
View File

@ -134,7 +134,7 @@ pub fn create_datastore_disk(
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let info = get_disk_usage_info(&disk, true)?; let info = get_disk_usage_info(&disk, true)?;
@ -143,7 +143,7 @@ pub fn create_datastore_disk(
} }
let upid_str = WorkerTask::new_thread( let upid_str = WorkerTask::new_thread(
"dircreate", Some(name.clone()), userid, to_stdout, move |worker| "dircreate", Some(name.clone()), auth_id, to_stdout, move |worker|
{ {
worker.log(format!("create datastore '{}' on disk {}", name, disk)); worker.log(format!("create datastore '{}' on disk {}", name, disk));

4
src/api2/node/disks/zfs.rs
View File

@ -256,7 +256,7 @@ pub fn create_zpool(
let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false }; let to_stdout = if rpcenv.env_type() == RpcEnvironmentType::CLI { true } else { false };
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let add_datastore = add_datastore.unwrap_or(false); let add_datastore = add_datastore.unwrap_or(false);
@ -316,7 +316,7 @@ pub fn create_zpool(
} }
let upid_str = WorkerTask::new_thread( let upid_str = WorkerTask::new_thread(
"zfscreate", Some(name.clone()), userid, to_stdout, move |worker| "zfscreate", Some(name.clone()), auth_id, to_stdout, move |worker|
{ {
worker.log(format!("create {:?} zpool '{}' on devices '{}'", raidlevel, name, devices_text)); worker.log(format!("create {:?} zpool '{}' on devices '{}'", raidlevel, name, devices_text));

4
src/api2/node/network.rs
View File

@ -684,9 +684,9 @@ pub async fn reload_network_config(
network::assert_ifupdown2_installed()?; network::assert_ifupdown2_installed()?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let upid_str = WorkerTask::spawn("srvreload", Some(String::from("networking")), userid, true, |_worker| async { let upid_str = WorkerTask::spawn("srvreload", Some(String::from("networking")), auth_id, true, |_worker| async {
let _ = std::fs::rename(network::NETWORK_INTERFACES_NEW_FILENAME, network::NETWORK_INTERFACES_FILENAME); let _ = std::fs::rename(network::NETWORK_INTERFACES_NEW_FILENAME, network::NETWORK_INTERFACES_FILENAME);

35
src/api2/node/report.rs Normal file
View File

@ -0,0 +1,35 @@
use anyhow::Error;
use proxmox::api::{api, ApiMethod, Permission, Router, RpcEnvironment};
use serde_json::{json, Value};
use crate::api2::types::*;
use crate::config::acl::PRIV_SYS_AUDIT;
use crate::server::generate_report;
#[api(
input: {
properties: {
node: {
schema: NODE_SCHEMA,
},
},
},
returns: {
type: String,
description: "Returns report of the node"
},
access: {
permission: &Permission::Privilege(&["system", "status"], PRIV_SYS_AUDIT, false),
},
)]
/// Generate a report
fn get_report(
_param: Value,
_info: &ApiMethod,
_rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
Ok(json!(generate_report()))
}
pub const ROUTER: Router = Router::new()
.get(&API_METHOD_GET_REPORT);

22
src/api2/node/services.rs
View File

@ -182,7 +182,7 @@ fn get_service_state(
Ok(json_service_state(&service, status)) Ok(json_service_state(&service, status))
} }
fn run_service_command(service: &str, cmd: &str, userid: Userid) -> Result<Value, Error> { fn run_service_command(service: &str, cmd: &str, auth_id: Authid) -> Result<Value, Error> {
let workerid = format!("srv{}", &cmd); let workerid = format!("srv{}", &cmd);
@ -196,7 +196,7 @@ fn run_service_command(service: &str, cmd: &str, userid: Userid) -> Result<Value
let upid = WorkerTask::new_thread( let upid = WorkerTask::new_thread(
&workerid, &workerid,
Some(service.clone()), Some(service.clone()),
userid, auth_id,
false, false,
move |_worker| { move |_worker| {
@ -244,11 +244,11 @@ fn start_service(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
log::info!("starting service {}", service); log::info!("starting service {}", service);
run_service_command(&service, "start", userid) run_service_command(&service, "start", auth_id)
} }
#[api( #[api(
@ -274,11 +274,11 @@ fn stop_service(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
log::info!("stopping service {}", service); log::info!("stopping service {}", service);
run_service_command(&service, "stop", userid) run_service_command(&service, "stop", auth_id)
} }
#[api( #[api(
@ -304,15 +304,15 @@ fn restart_service(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
log::info!("re-starting service {}", service); log::info!("re-starting service {}", service);
if &service == "proxmox-backup-proxy" { if &service == "proxmox-backup-proxy" {
// special case, avoid aborting running tasks // special case, avoid aborting running tasks
run_service_command(&service, "reload", userid) run_service_command(&service, "reload", auth_id)
} else { } else {
run_service_command(&service, "restart", userid) run_service_command(&service, "restart", auth_id)
} }
} }
@ -339,11 +339,11 @@ fn reload_service(
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> { ) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
log::info!("reloading service {}", service); log::info!("reloading service {}", service);
run_service_command(&service, "reload", userid) run_service_command(&service, "reload", auth_id)
} }

18
src/api2/node/subscription.rs
View File

@ -7,7 +7,7 @@ use crate::tools;
use crate::tools::subscription::{self, SubscriptionStatus, SubscriptionInfo}; use crate::tools::subscription::{self, SubscriptionStatus, SubscriptionInfo};
use crate::config::acl::{PRIV_SYS_AUDIT,PRIV_SYS_MODIFY}; use crate::config::acl::{PRIV_SYS_AUDIT,PRIV_SYS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
use crate::api2::types::{NODE_SCHEMA, Userid}; use crate::api2::types::{NODE_SCHEMA, SUBSCRIPTION_KEY_SCHEMA, Authid};
#[api( #[api(
input: { input: {
@ -29,7 +29,7 @@ use crate::api2::types::{NODE_SCHEMA, Userid};
}, },
)] )]
/// Check and update subscription status. /// Check and update subscription status.
fn check_subscription( pub fn check_subscription(
force: bool, force: bool,
) -> Result<(), Error> { ) -> Result<(), Error> {
// FIXME: drop once proxmox-api-macro is bumped to >> 5.0.0-1 // FIXME: drop once proxmox-api-macro is bumped to >> 5.0.0-1
@ -82,7 +82,7 @@ fn check_subscription(
}, },
)] )]
/// Read subscription info. /// Read subscription info.
fn get_subscription( pub fn get_subscription(
_param: Value, _param: Value,
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<SubscriptionInfo, Error> { ) -> Result<SubscriptionInfo, Error> {
@ -100,9 +100,9 @@ fn get_subscription(
}, },
}; };
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &[]); let user_privs = user_info.lookup_privs(&auth_id, &[]);
if (user_privs & PRIV_SYS_AUDIT) == 0 { if (user_privs & PRIV_SYS_AUDIT) == 0 {
// not enough privileges for full state // not enough privileges for full state
@ -124,9 +124,7 @@ fn get_subscription(
schema: NODE_SCHEMA, schema: NODE_SCHEMA,
}, },
key: { key: {
description: "Proxmox Backup Server subscription key", schema: SUBSCRIPTION_KEY_SCHEMA,
type: String,
max_length: 32,
}, },
}, },
}, },
@ -136,7 +134,7 @@ fn get_subscription(
}, },
)] )]
/// Set a subscription key and check it. /// Set a subscription key and check it.
fn set_subscription( pub fn set_subscription(
key: String, key: String,
) -> Result<(), Error> { ) -> Result<(), Error> {
@ -164,7 +162,7 @@ fn set_subscription(
}, },
)] )]
/// Delete subscription info. /// Delete subscription info.
fn delete_subscription() -> Result<(), Error> { pub fn delete_subscription() -> Result<(), Error> {
subscription::delete_subscription() subscription::delete_subscription()
.map_err(|err| format_err!("Deleting subscription failed: {}", err))?; .map_err(|err| format_err!("Deleting subscription failed: {}", err))?;

122
src/api2/node/tasks.rs
View File

@ -14,6 +14,16 @@ use crate::server::{self, UPID, TaskState, TaskListInfoIterator};
use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY}; use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_SYS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
fn check_task_access(auth_id: &Authid, upid: &UPID) -> Result<(), Error> {
let task_auth_id = &upid.auth_id;
if auth_id == task_auth_id
|| (task_auth_id.is_token() && &Authid::from(task_auth_id.user().clone()) == auth_id) {
Ok(())
} else {
let user_info = CachedUserInfo::new()?;
user_info.check_privs(auth_id, &["system", "tasks"], PRIV_SYS_AUDIT, false)
}
}
#[api( #[api(
input: { input: {
@ -57,9 +67,13 @@ use crate::config::cached_user_info::CachedUserInfo;
description: "Worker ID (arbitrary ASCII string)", description: "Worker ID (arbitrary ASCII string)",
}, },
user: { user: {
type: String, type: Userid,
description: "The user who started the task.", description: "The user who started the task.",
}, },
tokenid: {
type: Tokenname,
optional: true,
},
status: { status: {
type: String, type: String,
description: "'running' or 'stopped'", description: "'running' or 'stopped'",
@ -84,12 +98,8 @@ async fn get_task_status(
let upid = extract_upid(&param)?; let upid = extract_upid(&param)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
check_task_access(&auth_id, &upid)?;
if userid != upid.userid {
let user_info = CachedUserInfo::new()?;
user_info.check_privs(&userid, &["system", "tasks"], PRIV_SYS_AUDIT, false)?;
}
let mut result = json!({ let mut result = json!({
"upid": param["upid"], "upid": param["upid"],
@ -99,9 +109,13 @@ async fn get_task_status(
"starttime": upid.starttime, "starttime": upid.starttime,
"type": upid.worker_type, "type": upid.worker_type,
"id": upid.worker_id, "id": upid.worker_id,
"user": upid.userid, "user": upid.auth_id.user(),
}); });
if upid.auth_id.is_token() {
result["tokenid"] = Value::from(upid.auth_id.tokenname().unwrap().as_str());
}
if crate::server::worker_is_active(&upid).await? { if crate::server::worker_is_active(&upid).await? {
result["status"] = Value::from("running"); result["status"] = Value::from("running");
} else { } else {
@ -161,12 +175,9 @@ async fn read_task_log(
let upid = extract_upid(&param)?; let upid = extract_upid(&param)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
if userid != upid.userid { check_task_access(&auth_id, &upid)?;
let user_info = CachedUserInfo::new()?;
user_info.check_privs(&userid, &["system", "tasks"], PRIV_SYS_AUDIT, false)?;
}
let test_status = param["test-status"].as_bool().unwrap_or(false); let test_status = param["test-status"].as_bool().unwrap_or(false);
@ -234,11 +245,11 @@ fn stop_task(
let upid = extract_upid(&param)?; let upid = extract_upid(&param)?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
if userid != upid.userid { if auth_id != upid.auth_id {
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
user_info.check_privs(&userid, &["system", "tasks"], PRIV_SYS_MODIFY, false)?; user_info.check_privs(&auth_id, &["system", "tasks"], PRIV_SYS_MODIFY, false)?;
} }
server::abort_worker_async(upid); server::abort_worker_async(upid);
@ -260,7 +271,7 @@ fn stop_task(
}, },
limit: { limit: {
type: u64, type: u64,
description: "Only list this amount of tasks.", description: "Only list this amount of tasks. (0 means no limit)",
default: 50, default: 50,
optional: true, optional: true,
}, },
@ -285,6 +296,29 @@ fn stop_task(
type: String, type: String,
description: "Only list tasks from this user.", description: "Only list tasks from this user.",
}, },
since: {
type: i64,
description: "Only list tasks since this UNIX epoch.",
optional: true,
},
until: {
type: i64,
description: "Only list tasks until this UNIX epoch.",
optional: true,
},
typefilter: {
optional: true,
type: String,
description: "Only list tasks whose type contains this.",
},
statusfilter: {
optional: true,
type: Array,
description: "Only list tasks which have any one of the listed status.",
items: {
type: TaskStateType,
},
},
}, },
}, },
returns: { returns: {
@ -304,32 +338,52 @@ pub fn list_tasks(
errors: bool, errors: bool,
running: bool, running: bool,
userfilter: Option<String>, userfilter: Option<String>,
since: Option<i64>,
until: Option<i64>,
typefilter: Option<String>,
statusfilter: Option<Vec<TaskStateType>>,
param: Value, param: Value,
mut rpcenv: &mut dyn RpcEnvironment, mut rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<TaskListItem>, Error> { ) -> Result<Vec<TaskListItem>, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["system", "tasks"]); let user_privs = user_info.lookup_privs(&auth_id, &["system", "tasks"]);
let list_all = (user_privs & PRIV_SYS_AUDIT) != 0; let list_all = (user_privs & PRIV_SYS_AUDIT) != 0;
let store = param["store"].as_str(); let store = param["store"].as_str();
let list = TaskListInfoIterator::new(running)?; let list = TaskListInfoIterator::new(running)?;
let limit = if limit > 0 { limit as usize } else { usize::MAX };
let result: Vec<TaskListItem> = list let result: Vec<TaskListItem> = list
.take_while(|info| !info.is_err()) .skip_while(|info| {
match (info, until) {
(Ok(info), Some(until)) => info.upid.starttime > until,
(Ok(_), None) => false,
(Err(_), _) => false,
}
})
.take_while(|info| {
match (info, since) {
(Ok(info), Some(since)) => info.upid.starttime > since,
(Ok(_), None) => true,
(Err(_), _) => false,
}
})
.filter_map(|info| { .filter_map(|info| {
let info = match info { let info = match info {
Ok(info) => info, Ok(info) => info,
Err(_) => return None, Err(_) => return None,
}; };
if !list_all && info.upid.userid != userid { return None; } if !list_all && check_task_access(&auth_id, &info.upid).is_err() {
return None;
}
if let Some(userid) = &userfilter { if let Some(needle) = &userfilter {
if !info.upid.userid.as_str().contains(userid) { return None; } if !info.upid.auth_id.to_string().contains(needle) { return None; }
} }
if let Some(store) = store { if let Some(store) = store {
@ -351,19 +405,31 @@ pub fn list_tasks(
} }
} }
match info.state { if let Some(typefilter) = &typefilter {
Some(_) if running => return None, if !info.upid.worker_type.contains(typefilter) {
Some(crate::server::TaskState::OK { .. }) if errors => return None, return None;
}
}
match (&info.state, &statusfilter) {
(Some(_), _) if running => return None,
(Some(crate::server::TaskState::OK { .. }), _) if errors => return None,
(Some(state), Some(filters)) => {
if !filters.contains(&state.tasktype()) {
return None;
}
},
(None, Some(_)) => return None,
_ => {}, _ => {},
} }
Some(info.into()) Some(info.into())
}).skip(start as usize) }).skip(start as usize)
.take(limit as usize) .take(limit)
.collect(); .collect();
let mut count = result.len() + start as usize; let mut count = result.len() + start as usize;
if result.len() > 0 && result.len() >= limit as usize { // we have a 'virtual' entry as long as we have any new if result.len() > 0 && result.len() >= limit { // we have a 'virtual' entry as long as we have any new
count += 1; count += 1;
} }

40
src/api2/pull.rs
View File

@ -20,7 +20,7 @@ use crate::config::{
pub fn check_pull_privs( pub fn check_pull_privs(
userid: &Userid, auth_id: &Authid,
store: &str, store: &str,
remote: &str, remote: &str,
remote_store: &str, remote_store: &str,
@ -29,11 +29,11 @@ pub fn check_pull_privs(
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
user_info.check_privs(userid, &["datastore", store], PRIV_DATASTORE_BACKUP, false)?; user_info.check_privs(auth_id, &["datastore", store], PRIV_DATASTORE_BACKUP, false)?;
user_info.check_privs(userid, &["remote", remote, remote_store], PRIV_REMOTE_READ, false)?; user_info.check_privs(auth_id, &["remote", remote, remote_store], PRIV_REMOTE_READ, false)?;
if delete { if delete {
user_info.check_privs(userid, &["datastore", store], PRIV_DATASTORE_PRUNE, false)?; user_info.check_privs(auth_id, &["datastore", store], PRIV_DATASTORE_PRUNE, false)?;
} }
Ok(()) Ok(())
@ -56,7 +56,7 @@ pub async fn get_pull_parameters(
let src_repo = BackupRepository::new(Some(remote.userid.clone()), Some(remote.host.clone()), remote.port, remote_store.to_string()); let src_repo = BackupRepository::new(Some(remote.userid.clone()), Some(remote.host.clone()), remote.port, remote_store.to_string());
let client = HttpClient::new(&src_repo.host(), src_repo.port(), &src_repo.user(), options)?; let client = HttpClient::new(&src_repo.host(), src_repo.port(), &src_repo.auth_id(), options)?;
let _auth_info = client.login() // make sure we can auth let _auth_info = client.login() // make sure we can auth
.await .await
.map_err(|err| format_err!("remote connection to '{}' failed - {}", remote.host, err))?; .map_err(|err| format_err!("remote connection to '{}' failed - {}", remote.host, err))?;
@ -68,27 +68,31 @@ pub async fn get_pull_parameters(
pub fn do_sync_job( pub fn do_sync_job(
mut job: Job, mut job: Job,
sync_job: SyncJobConfig, sync_job: SyncJobConfig,
userid: &Userid, auth_id: &Authid,
schedule: Option<String>, schedule: Option<String>,
) -> Result<String, Error> { ) -> Result<String, Error> {
let job_id = job.jobname().to_string(); let job_id = job.jobname().to_string();
let worker_type = job.jobtype().to_string(); let worker_type = job.jobtype().to_string();
let email = crate::server::lookup_user_email(auth_id.user());
let upid_str = WorkerTask::spawn( let upid_str = WorkerTask::spawn(
&worker_type, &worker_type,
Some(job.jobname().to_string()), Some(job.jobname().to_string()),
userid.clone(), auth_id.clone(),
false, false,
move |worker| async move { move |worker| async move {
job.start(&worker.upid().to_string())?; job.start(&worker.upid().to_string())?;
let worker2 = worker.clone(); let worker2 = worker.clone();
let sync_job2 = sync_job.clone();
let worker_future = async move { let worker_future = async move {
let delete = sync_job.remove_vanished.unwrap_or(true); let delete = sync_job.remove_vanished.unwrap_or(true);
let sync_owner = sync_job.owner.unwrap_or(Authid::backup_auth_id().clone());
let (client, src_repo, tgt_store) = get_pull_parameters(&sync_job.store, &sync_job.remote, &sync_job.remote_store).await?; let (client, src_repo, tgt_store) = get_pull_parameters(&sync_job.store, &sync_job.remote, &sync_job.remote_store).await?;
worker.log(format!("Starting datastore sync job '{}'", job_id)); worker.log(format!("Starting datastore sync job '{}'", job_id));
@ -98,7 +102,7 @@ pub fn do_sync_job(
worker.log(format!("Sync datastore '{}' from '{}/{}'", worker.log(format!("Sync datastore '{}' from '{}/{}'",
sync_job.store, sync_job.remote, sync_job.remote_store)); sync_job.store, sync_job.remote, sync_job.remote_store));
crate::client::pull::pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, Userid::backup_userid().clone()).await?; crate::client::pull::pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, sync_owner).await?;
worker.log(format!("sync job '{}' end", &job_id)); worker.log(format!("sync job '{}' end", &job_id));
@ -107,12 +111,12 @@ pub fn do_sync_job(
let mut abort_future = worker2.abort_future().map(|_| Err(format_err!("sync aborted"))); let mut abort_future = worker2.abort_future().map(|_| Err(format_err!("sync aborted")));
let res = select!{ let result = select!{
worker = worker_future.fuse() => worker, worker = worker_future.fuse() => worker,
abort = abort_future => abort, abort = abort_future => abort,
}; };
let status = worker2.create_state(&res); let status = worker2.create_state(&result);
match job.finish(status) { match job.finish(status) {
Ok(_) => {}, Ok(_) => {},
@ -121,7 +125,13 @@ pub fn do_sync_job(
} }
} }
res if let Some(email) = email {
if let Err(err) = crate::server::send_sync_status(&email, &sync_job2, &result) {
eprintln!("send sync notification failed: {}", err);
}
}
result
})?; })?;
Ok(upid_str) Ok(upid_str)
@ -164,19 +174,19 @@ async fn pull (
rpcenv: &mut dyn RpcEnvironment, rpcenv: &mut dyn RpcEnvironment,
) -> Result<String, Error> { ) -> Result<String, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let delete = remove_vanished.unwrap_or(true); let delete = remove_vanished.unwrap_or(true);
check_pull_privs(&userid, &store, &remote, &remote_store, delete)?; check_pull_privs(&auth_id, &store, &remote, &remote_store, delete)?;
let (client, src_repo, tgt_store) = get_pull_parameters(&store, &remote, &remote_store).await?; let (client, src_repo, tgt_store) = get_pull_parameters(&store, &remote, &remote_store).await?;
// fixme: set to_stdout to false? // fixme: set to_stdout to false?
let upid_str = WorkerTask::spawn("sync", Some(store.clone()), userid.clone(), true, move |worker| async move { let upid_str = WorkerTask::spawn("sync", Some(store.clone()), auth_id.clone(), true, move |worker| async move {
worker.log(format!("sync datastore '{}' start", store)); worker.log(format!("sync datastore '{}' start", store));
let pull_future = pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, userid); let pull_future = pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, auth_id);
let future = select!{ let future = select!{
success = pull_future.fuse() => success, success = pull_future.fuse() => success,
abort = worker.abort_future().map(|_| Err(format_err!("pull aborted"))) => abort, abort = worker.abort_future().map(|_| Err(format_err!("pull aborted"))) => abort,

13
src/api2/reader.rs
View File

@ -55,11 +55,11 @@ fn upgrade_to_backup_reader_protocol(
async move { async move {
let debug = param["debug"].as_bool().unwrap_or(false); let debug = param["debug"].as_bool().unwrap_or(false);
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let store = tools::required_string_param(&param, "store")?.to_owned(); let store = tools::required_string_param(&param, "store")?.to_owned();
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let privs = user_info.lookup_privs(&userid, &["datastore", &store]); let privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
let priv_read = privs & PRIV_DATASTORE_READ != 0; let priv_read = privs & PRIV_DATASTORE_READ != 0;
let priv_backup = privs & PRIV_DATASTORE_BACKUP != 0; let priv_backup = privs & PRIV_DATASTORE_BACKUP != 0;
@ -94,7 +94,10 @@ fn upgrade_to_backup_reader_protocol(
let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?; let backup_dir = BackupDir::new(backup_type, backup_id, backup_time)?;
if !priv_read { if !priv_read {
let owner = datastore.get_owner(backup_dir.group())?; let owner = datastore.get_owner(backup_dir.group())?;
if owner != userid { let correct_owner = owner == auth_id
|| (owner.is_token()
&& Authid::from(owner.user().clone()) == auth_id);
if !correct_owner {
bail!("backup owner check failed!"); bail!("backup owner check failed!");
} }
} }
@ -110,10 +113,10 @@ fn upgrade_to_backup_reader_protocol(
let worker_id = format!("{}:{}/{}/{:08X}", store, backup_type, backup_id, backup_dir.backup_time()); let worker_id = format!("{}:{}/{}/{:08X}", store, backup_type, backup_id, backup_dir.backup_time());
WorkerTask::spawn("reader", Some(worker_id), userid.clone(), true, move |worker| { WorkerTask::spawn("reader", Some(worker_id), auth_id.clone(), true, move |worker| {
let mut env = ReaderEnvironment::new( let mut env = ReaderEnvironment::new(
env_type, env_type,
userid, auth_id,
worker.clone(), worker.clone(),
datastore, datastore,
backup_dir, backup_dir,

16
src/api2/reader/environment.rs
View File

@ -5,7 +5,7 @@ use serde_json::{json, Value};
use proxmox::api::{RpcEnvironment, RpcEnvironmentType}; use proxmox::api::{RpcEnvironment, RpcEnvironmentType};
use crate::api2::types::Userid; use crate::api2::types::Authid;
use crate::backup::*; use crate::backup::*;
use crate::server::formatter::*; use crate::server::formatter::*;
use crate::server::WorkerTask; use crate::server::WorkerTask;
@ -17,7 +17,7 @@ use crate::server::WorkerTask;
pub struct ReaderEnvironment { pub struct ReaderEnvironment {
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
result_attributes: Value, result_attributes: Value,
user: Userid, auth_id: Authid,
pub debug: bool, pub debug: bool,
pub formatter: &'static OutputFormatter, pub formatter: &'static OutputFormatter,
pub worker: Arc<WorkerTask>, pub worker: Arc<WorkerTask>,
@ -29,7 +29,7 @@ pub struct ReaderEnvironment {
impl ReaderEnvironment { impl ReaderEnvironment {
pub fn new( pub fn new(
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
user: Userid, auth_id: Authid,
worker: Arc<WorkerTask>, worker: Arc<WorkerTask>,
datastore: Arc<DataStore>, datastore: Arc<DataStore>,
backup_dir: BackupDir, backup_dir: BackupDir,
@ -39,7 +39,7 @@ impl ReaderEnvironment {
Self { Self {
result_attributes: json!({}), result_attributes: json!({}),
env_type, env_type,
user, auth_id,
worker, worker,
datastore, datastore,
debug: false, debug: false,
@ -82,12 +82,12 @@ impl RpcEnvironment for ReaderEnvironment {
self.env_type self.env_type
} }
fn set_user(&mut self, _user: Option<String>) { fn set_auth_id(&mut self, _auth_id: Option<String>) {
panic!("unable to change user"); panic!("unable to change auth_id");
} }
fn get_user(&self) -> Option<String> { fn get_auth_id(&self) -> Option<String> {
Some(self.user.to_string()) Some(self.auth_id.to_string())
} }
} }

105
src/api2/status.rs
View File

@ -16,18 +16,14 @@ use crate::api2::types::{
DATASTORE_SCHEMA, DATASTORE_SCHEMA,
RRDMode, RRDMode,
RRDTimeFrameResolution, RRDTimeFrameResolution,
TaskListItem, Authid,
TaskStateType,
Userid,
}; };
use crate::server;
use crate::backup::{DataStore}; use crate::backup::{DataStore};
use crate::config::datastore; use crate::config::datastore;
use crate::tools::statistics::{linear_regression}; use crate::tools::statistics::{linear_regression};
use crate::config::cached_user_info::CachedUserInfo; use crate::config::cached_user_info::CachedUserInfo;
use crate::config::acl::{ use crate::config::acl::{
PRIV_SYS_AUDIT,
PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_AUDIT,
PRIV_DATASTORE_BACKUP, PRIV_DATASTORE_BACKUP,
}; };
@ -87,13 +83,13 @@ fn datastore_status(
let (config, _digest) = datastore::config()?; let (config, _digest) = datastore::config()?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?; let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
let user_info = CachedUserInfo::new()?; let user_info = CachedUserInfo::new()?;
let mut list = Vec::new(); let mut list = Vec::new();
for (store, (_, _)) in &config.sections { for (store, (_, _)) in &config.sections {
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store]); let user_privs = user_info.lookup_privs(&auth_id, &["datastore", &store]);
let allowed = (user_privs & (PRIV_DATASTORE_AUDIT| PRIV_DATASTORE_BACKUP)) != 0; let allowed = (user_privs & (PRIV_DATASTORE_AUDIT| PRIV_DATASTORE_BACKUP)) != 0;
if !allowed { if !allowed {
continue; continue;
@ -179,103 +175,8 @@ fn datastore_status(
Ok(list.into()) Ok(list.into())
} }
#[api(
input: {
properties: {
since: {
type: i64,
description: "Only list tasks since this UNIX epoch.",
optional: true,
},
typefilter: {
optional: true,
type: String,
description: "Only list tasks, whose type contains this string.",
},
statusfilter: {
optional: true,
type: Array,
description: "Only list tasks which have any one of the listed status.",
items: {
type: TaskStateType,
},
},
},
},
returns: {
description: "A list of tasks.",
type: Array,
items: { type: TaskListItem },
},
access: {
description: "Users can only see there own tasks, unless the have Sys.Audit on /system/tasks.",
permission: &Permission::Anybody,
},
)]
/// List tasks.
pub fn list_tasks(
since: Option<i64>,
typefilter: Option<String>,
statusfilter: Option<Vec<TaskStateType>>,
_param: Value,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<TaskListItem>, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &["system", "tasks"]);
let list_all = (user_privs & PRIV_SYS_AUDIT) != 0;
let since = since.unwrap_or_else(|| 0);
let list: Vec<TaskListItem> = server::TaskListInfoIterator::new(false)?
.take_while(|info| {
match info {
Ok(info) => info.upid.starttime > since,
Err(_) => false
}
})
.filter_map(|info| {
match info {
Ok(info) => {
if list_all || info.upid.userid == userid {
if let Some(filter) = &typefilter {
if !info.upid.worker_type.contains(filter) {
return None;
}
}
if let Some(filters) = &statusfilter {
if let Some(state) = &info.state {
let statetype = match state {
server::TaskState::OK { .. } => TaskStateType::OK,
server::TaskState::Unknown { .. } => TaskStateType::Unknown,
server::TaskState::Error { .. } => TaskStateType::Error,
server::TaskState::Warning { .. } => TaskStateType::Warning,
};
if !filters.contains(&statetype) {
return None;
}
}
}
Some(Ok(TaskListItem::from(info)))
} else {
None
}
}
Err(err) => Some(Err(err))
}
})
.collect::<Result<Vec<TaskListItem>, Error>>()?;
Ok(list.into())
}
const SUBDIRS: SubdirMap = &[ const SUBDIRS: SubdirMap = &[
("datastore-usage", &Router::new().get(&API_METHOD_DATASTORE_STATUS)), ("datastore-usage", &Router::new().get(&API_METHOD_DATASTORE_STATUS)),
("tasks", &Router::new().get(&API_METHOD_LIST_TASKS)),
]; ];
pub const ROUTER: Router = Router::new() pub const ROUTER: Router = Router::new()

107
src/api2/types/mod.rs
View File

@ -5,7 +5,7 @@ use proxmox::api::{api, schema::*};
use proxmox::const_regex; use proxmox::const_regex;
use proxmox::{IPRE, IPRE_BRACKET, IPV4RE, IPV6RE, IPV4OCTET, IPV6H16, IPV6LS32}; use proxmox::{IPRE, IPRE_BRACKET, IPV4RE, IPV6RE, IPV4OCTET, IPV6H16, IPV6LS32};
use crate::backup::CryptMode; use crate::backup::{CryptMode, BACKUP_ID_REGEX};
use crate::server::UPID; use crate::server::UPID;
#[macro_use] #[macro_use]
@ -14,9 +14,11 @@ mod macros;
#[macro_use] #[macro_use]
mod userid; mod userid;
pub use userid::{Realm, RealmRef}; pub use userid::{Realm, RealmRef};
pub use userid::{Tokenname, TokennameRef};
pub use userid::{Username, UsernameRef}; pub use userid::{Username, UsernameRef};
pub use userid::Userid; pub use userid::Userid;
pub use userid::PROXMOX_GROUP_ID_SCHEMA; pub use userid::Authid;
pub use userid::{PROXMOX_TOKEN_ID_SCHEMA, PROXMOX_TOKEN_NAME_SCHEMA, PROXMOX_GROUP_ID_SCHEMA};
// File names: may not contain slashes, may not start with "." // File names: may not contain slashes, may not start with "."
pub const FILENAME_FORMAT: ApiStringFormat = ApiStringFormat::VerifyFn(|name| { pub const FILENAME_FORMAT: ApiStringFormat = ApiStringFormat::VerifyFn(|name| {
@ -65,12 +67,14 @@ const_regex!{
pub DNS_NAME_OR_IP_REGEX = concat!(r"^(?:", DNS_NAME!(), "|", IPRE!(), r")$"); pub DNS_NAME_OR_IP_REGEX = concat!(r"^(?:", DNS_NAME!(), "|", IPRE!(), r")$");
pub BACKUP_REPO_URL_REGEX = concat!(r"^^(?:(?:(", USER_ID_REGEX_STR!(), ")@)?(", DNS_NAME!(), "|", IPRE_BRACKET!() ,"):)?(?:([0-9]{1,5}):)?(", PROXMOX_SAFE_ID_REGEX_STR!(), r")$"); pub BACKUP_REPO_URL_REGEX = concat!(r"^^(?:(?:(", USER_ID_REGEX_STR!(), "|", APITOKEN_ID_REGEX_STR!(), ")@)?(", DNS_NAME!(), "|", IPRE_BRACKET!() ,"):)?(?:([0-9]{1,5}):)?(", PROXMOX_SAFE_ID_REGEX_STR!(), r")$");
pub CERT_FINGERPRINT_SHA256_REGEX = r"^(?:[0-9a-fA-F][0-9a-fA-F])(?::[0-9a-fA-F][0-9a-fA-F]){31}$"; pub CERT_FINGERPRINT_SHA256_REGEX = r"^(?:[0-9a-fA-F][0-9a-fA-F])(?::[0-9a-fA-F][0-9a-fA-F]){31}$";
pub ACL_PATH_REGEX = concat!(r"^(?:/|", r"(?:/", PROXMOX_SAFE_ID_REGEX_STR!(), ")+", r")$"); pub ACL_PATH_REGEX = concat!(r"^(?:/|", r"(?:/", PROXMOX_SAFE_ID_REGEX_STR!(), ")+", r")$");
pub SUBSCRIPTION_KEY_REGEX = concat!(r"^pbs(?:[cbsp])-[0-9a-f]{10}$");
pub BLOCKDEVICE_NAME_REGEX = r"^(:?(:?h|s|x?v)d[a-z]+)|(:?nvme\d+n\d+)$"; pub BLOCKDEVICE_NAME_REGEX = r"^(:?(:?h|s|x?v)d[a-z]+)|(:?nvme\d+n\d+)$";
pub ZPOOL_NAME_REGEX = r"^[a-zA-Z][a-z0-9A-Z\-_.:]+$"; pub ZPOOL_NAME_REGEX = r"^[a-zA-Z][a-z0-9A-Z\-_.:]+$";
@ -97,6 +101,9 @@ pub const CERT_FINGERPRINT_SHA256_FORMAT: ApiStringFormat =
pub const PROXMOX_SAFE_ID_FORMAT: ApiStringFormat = pub const PROXMOX_SAFE_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_SAFE_ID_REGEX); ApiStringFormat::Pattern(&PROXMOX_SAFE_ID_REGEX);
pub const BACKUP_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&BACKUP_ID_REGEX);
pub const SINGLE_LINE_COMMENT_FORMAT: ApiStringFormat = pub const SINGLE_LINE_COMMENT_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&SINGLE_LINE_COMMENT_REGEX); ApiStringFormat::Pattern(&SINGLE_LINE_COMMENT_REGEX);
@ -127,6 +134,9 @@ pub const CIDR_V6_FORMAT: ApiStringFormat =
pub const CIDR_FORMAT: ApiStringFormat = pub const CIDR_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&CIDR_REGEX); ApiStringFormat::Pattern(&CIDR_REGEX);
pub const SUBSCRIPTION_KEY_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&SUBSCRIPTION_KEY_REGEX);
pub const BLOCKDEVICE_NAME_FORMAT: ApiStringFormat = pub const BLOCKDEVICE_NAME_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&BLOCKDEVICE_NAME_REGEX); ApiStringFormat::Pattern(&BLOCKDEVICE_NAME_REGEX);
@ -269,7 +279,7 @@ pub const BACKUP_TYPE_SCHEMA: Schema =
pub const BACKUP_ID_SCHEMA: Schema = pub const BACKUP_ID_SCHEMA: Schema =
StringSchema::new("Backup ID.") StringSchema::new("Backup ID.")
.format(&PROXMOX_SAFE_ID_FORMAT) .format(&BACKUP_ID_FORMAT)
.schema(); .schema();
pub const BACKUP_TIME_SCHEMA: Schema = pub const BACKUP_TIME_SCHEMA: Schema =
@ -346,6 +356,12 @@ pub const DNS_NAME_OR_IP_SCHEMA: Schema = StringSchema::new("DNS name or IP addr
.format(&DNS_NAME_OR_IP_FORMAT) .format(&DNS_NAME_OR_IP_FORMAT)
.schema(); .schema();
pub const SUBSCRIPTION_KEY_SCHEMA: Schema = StringSchema::new("Proxmox Backup Server subscription key.")
.format(&SUBSCRIPTION_KEY_FORMAT)
.min_length(15)
.max_length(16)
.schema();
pub const BLOCKDEVICE_NAME_SCHEMA: Schema = StringSchema::new("Block device name (/sys/block/<name>).") pub const BLOCKDEVICE_NAME_SCHEMA: Schema = StringSchema::new("Block device name (/sys/block/<name>).")
.format(&BLOCKDEVICE_NAME_FORMAT) .format(&BLOCKDEVICE_NAME_FORMAT)
.min_length(3) .min_length(3)
@ -374,7 +390,7 @@ pub const BLOCKDEVICE_NAME_SCHEMA: Schema = StringSchema::new("Block device name
}, },
}, },
owner: { owner: {
type: Userid, type: Authid,
optional: true, optional: true,
}, },
}, },
@ -392,7 +408,7 @@ pub struct GroupListItem {
pub files: Vec<String>, pub files: Vec<String>,
/// The owner of group /// The owner of group
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
pub owner: Option<Userid>, pub owner: Option<Authid>,
} }
#[api()] #[api()]
@ -450,7 +466,7 @@ pub struct SnapshotVerifyState {
}, },
}, },
owner: { owner: {
type: Userid, type: Authid,
optional: true, optional: true,
}, },
}, },
@ -475,7 +491,7 @@ pub struct SnapshotListItem {
pub size: Option<u64>, pub size: Option<u64>,
/// The owner of the snapshots group /// The owner of the snapshots group
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
pub owner: Option<Userid>, pub owner: Option<Authid>,
} }
#[api( #[api(
@ -622,10 +638,75 @@ pub struct StorageStatus {
pub avail: u64, pub avail: u64,
} }
#[api()]
#[derive(Serialize, Deserialize, Default)]
/// Backup Type group/snapshot counts.
pub struct TypeCounts {
/// The number of groups of the type.
pub groups: u64,
/// The number of snapshots of the type.
pub snapshots: u64,
}
#[api(
properties: {
ct: {
type: TypeCounts,
optional: true,
},
host: {
type: TypeCounts,
optional: true,
},
vm: {
type: TypeCounts,
optional: true,
},
other: {
type: TypeCounts,
optional: true,
},
},
)]
#[derive(Serialize, Deserialize)]
/// Counts of groups/snapshots per BackupType.
pub struct Counts {
/// The counts for CT backups
pub ct: Option<TypeCounts>,
/// The counts for Host backups
pub host: Option<TypeCounts>,
/// The counts for VM backups
pub vm: Option<TypeCounts>,
/// The counts for other backup types
pub other: Option<TypeCounts>,
}
#[api(
properties: {
"gc-status": { type: GarbageCollectionStatus, },
counts: { type: Counts, }
},
)]
#[derive(Serialize, Deserialize)]
#[serde(rename_all="kebab-case")]
/// Overall Datastore status and useful information.
pub struct DataStoreStatus {
/// Total space (bytes).
pub total: u64,
/// Used space (bytes).
pub used: u64,
/// Available space (bytes).
pub avail: u64,
/// Status of last GC
pub gc_status: GarbageCollectionStatus,
/// Group/Snapshot counts
pub counts: Counts,
}
#[api( #[api(
properties: { properties: {
upid: { schema: UPID_SCHEMA }, upid: { schema: UPID_SCHEMA },
user: { type: Userid }, user: { type: Authid },
}, },
)] )]
#[derive(Serialize, Deserialize)] #[derive(Serialize, Deserialize)]
@ -644,8 +725,8 @@ pub struct TaskListItem {
pub worker_type: String, pub worker_type: String,
/// Worker ID (arbitrary ASCII string) /// Worker ID (arbitrary ASCII string)
pub worker_id: Option<String>, pub worker_id: Option<String>,
/// The user who started the task /// The authenticated entity who started the task
pub user: Userid, pub user: Authid,
/// The task end time (Epoch) /// The task end time (Epoch)
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
pub endtime: Option<i64>, pub endtime: Option<i64>,
@ -668,7 +749,7 @@ impl From<crate::server::TaskListInfo> for TaskListItem {
starttime: info.upid.starttime, starttime: info.upid.starttime,
worker_type: info.upid.worker_type, worker_type: info.upid.worker_type,
worker_id: info.upid.worker_id, worker_id: info.upid.worker_id,
user: info.upid.userid, user: info.upid.auth_id,
endtime, endtime,
status, status,
} }
@ -1048,7 +1129,7 @@ pub enum RRDTimeFrameResolution {
} }
#[api()] #[api()]
#[derive(Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
#[serde(rename_all = "PascalCase")] #[serde(rename_all = "PascalCase")]
/// Describes a package for which an update is available. /// Describes a package for which an update is available.
pub struct APTUpdateInfo { pub struct APTUpdateInfo {

389
src/api2/types/userid.rs
View File

@ -1,6 +1,7 @@
//! Types for user handling. //! Types for user handling.
//! //!
//! We have [`Username`]s and [`Realm`]s. To uniquely identify a user, they must be combined into a [`Userid`]. //! We have [`Username`]s, [`Realm`]s and [`Tokenname`]s. To uniquely identify a user/API token, they
//! must be combined into a [`Userid`] or [`Authid`].
//! //!
//! Since they're all string types, they're organized as follows: //! Since they're all string types, they're organized as follows:
//! //!
@ -9,13 +10,16 @@
//! with `String`, meaning you can only make references to it. //! with `String`, meaning you can only make references to it.
//! * [`Realm`]: an owned realm (`String` equivalent). //! * [`Realm`]: an owned realm (`String` equivalent).
//! * [`RealmRef`]: a borrowed realm (`str` equivalent). //! * [`RealmRef`]: a borrowed realm (`str` equivalent).
//! * [`Userid`]: an owned user id (`"user@realm"`). Note that this does not have a separate //! * [`Tokenname`]: an owned API token name (`String` equivalent)
//! borrowed type. //! * [`TokennameRef`]: a borrowed `Tokenname` (`str` equivalent).
//! * [`Userid`]: an owned user id (`"user@realm"`).
//! * [`Authid`]: an owned Authentication ID (a `Userid` with an optional `Tokenname`).
//! Note that `Userid` and `Authid` do not have a separate borrowed type.
//! //!
//! Note that `Username`s are not unique, therefore they do not implement `Eq` and cannot be //! Note that `Username`s and `Tokenname`s are not unique, therefore they do not implement `Eq` and cannot be
//! compared directly. If a direct comparison is really required, they can be compared as strings //! compared directly. If a direct comparison is really required, they can be compared as strings
//! via the `as_str()` method. [`Realm`]s and [`Userid`]s on the other hand can be compared with //! via the `as_str()` method. [`Realm`]s, [`Userid`]s and [`Authid`]s on the other
//! each other, as in those two cases the comparison has meaning. //! hand can be compared with each other, as in those cases the comparison has meaning.
use std::borrow::Borrow; use std::borrow::Borrow;
use std::convert::TryFrom; use std::convert::TryFrom;
@ -36,19 +40,42 @@ use proxmox::const_regex;
// also see "man useradd" // also see "man useradd"
macro_rules! USER_NAME_REGEX_STR { () => (r"(?:[^\s:/[:cntrl:]]+)") } macro_rules! USER_NAME_REGEX_STR { () => (r"(?:[^\s:/[:cntrl:]]+)") }
macro_rules! GROUP_NAME_REGEX_STR { () => (USER_NAME_REGEX_STR!()) } macro_rules! GROUP_NAME_REGEX_STR { () => (USER_NAME_REGEX_STR!()) }
macro_rules! TOKEN_NAME_REGEX_STR { () => (PROXMOX_SAFE_ID_REGEX_STR!()) }
macro_rules! USER_ID_REGEX_STR { () => (concat!(USER_NAME_REGEX_STR!(), r"@", PROXMOX_SAFE_ID_REGEX_STR!())) } macro_rules! USER_ID_REGEX_STR { () => (concat!(USER_NAME_REGEX_STR!(), r"@", PROXMOX_SAFE_ID_REGEX_STR!())) }
macro_rules! APITOKEN_ID_REGEX_STR { () => (concat!(USER_ID_REGEX_STR!() , r"!", TOKEN_NAME_REGEX_STR!())) }
const_regex! { const_regex! {
pub PROXMOX_USER_NAME_REGEX = concat!(r"^", USER_NAME_REGEX_STR!(), r"$"); pub PROXMOX_USER_NAME_REGEX = concat!(r"^", USER_NAME_REGEX_STR!(), r"$");
pub PROXMOX_TOKEN_NAME_REGEX = concat!(r"^", TOKEN_NAME_REGEX_STR!(), r"$");
pub PROXMOX_USER_ID_REGEX = concat!(r"^", USER_ID_REGEX_STR!(), r"$"); pub PROXMOX_USER_ID_REGEX = concat!(r"^", USER_ID_REGEX_STR!(), r"$");
pub PROXMOX_APITOKEN_ID_REGEX = concat!(r"^", APITOKEN_ID_REGEX_STR!(), r"$");
pub PROXMOX_AUTH_ID_REGEX = concat!(r"^", r"(?:", USER_ID_REGEX_STR!(), r"|", APITOKEN_ID_REGEX_STR!(), r")$");
pub PROXMOX_GROUP_ID_REGEX = concat!(r"^", GROUP_NAME_REGEX_STR!(), r"$"); pub PROXMOX_GROUP_ID_REGEX = concat!(r"^", GROUP_NAME_REGEX_STR!(), r"$");
} }
pub const PROXMOX_USER_NAME_FORMAT: ApiStringFormat = pub const PROXMOX_USER_NAME_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_USER_NAME_REGEX); ApiStringFormat::Pattern(&PROXMOX_USER_NAME_REGEX);
pub const PROXMOX_TOKEN_NAME_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_TOKEN_NAME_REGEX);
pub const PROXMOX_USER_ID_FORMAT: ApiStringFormat = pub const PROXMOX_USER_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_USER_ID_REGEX); ApiStringFormat::Pattern(&PROXMOX_USER_ID_REGEX);
pub const PROXMOX_TOKEN_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_APITOKEN_ID_REGEX);
pub const PROXMOX_AUTH_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_AUTH_ID_REGEX);
pub const PROXMOX_TOKEN_ID_SCHEMA: Schema = StringSchema::new("API Token ID")
.format(&PROXMOX_TOKEN_ID_FORMAT)
.min_length(3)
.max_length(64)
.schema();
pub const PROXMOX_TOKEN_NAME_SCHEMA: Schema = StringSchema::new("API Token name")
.format(&PROXMOX_TOKEN_NAME_FORMAT)
.min_length(3)
.max_length(64)
.schema();
pub const PROXMOX_GROUP_ID_FORMAT: ApiStringFormat = pub const PROXMOX_GROUP_ID_FORMAT: ApiStringFormat =
ApiStringFormat::Pattern(&PROXMOX_GROUP_ID_REGEX); ApiStringFormat::Pattern(&PROXMOX_GROUP_ID_REGEX);
@ -91,26 +118,6 @@ pub struct Username(String);
#[derive(Debug, Hash)] #[derive(Debug, Hash)]
pub struct UsernameRef(str); pub struct UsernameRef(str);
#[doc(hidden)]
/// ```compile_fail
/// let a: Username = unsafe { std::mem::zeroed() };
/// let b: Username = unsafe { std::mem::zeroed() };
/// let _ = <Username as PartialEq>::eq(&a, &b);
/// ```
///
/// ```compile_fail
/// let a: &UsernameRef = unsafe { std::mem::zeroed() };
/// let b: &UsernameRef = unsafe { std::mem::zeroed() };
/// let _ = <&UsernameRef as PartialEq>::eq(a, b);
/// ```
///
/// ```compile_fail
/// let a: &UsernameRef = unsafe { std::mem::zeroed() };
/// let b: &UsernameRef = unsafe { std::mem::zeroed() };
/// let _ = <&UsernameRef as PartialEq>::eq(&a, &b);
/// ```
struct _AssertNoEqImpl;
impl UsernameRef { impl UsernameRef {
fn new(s: &str) -> &Self { fn new(s: &str) -> &Self {
unsafe { &*(s as *const str as *const UsernameRef) } unsafe { &*(s as *const str as *const UsernameRef) }
@ -286,7 +293,132 @@ impl PartialEq<Realm> for &RealmRef {
} }
} }
/// A complete user id consting of a user name and a realm. #[api(
type: String,
format: &PROXMOX_TOKEN_NAME_FORMAT,
)]
/// The token ID part of an API token authentication id.
///
/// This alone does NOT uniquely identify the API token and therefore does not implement `Eq`. In
/// order to compare token IDs directly, they need to be explicitly compared as strings by calling
/// `.as_str()`.
///
/// ```compile_fail
/// fn test(a: Tokenname, b: Tokenname) -> bool {
/// a == b // illegal and does not compile
/// }
/// ```
#[derive(Clone, Debug, Hash, Deserialize, Serialize)]
pub struct Tokenname(String);
/// A reference to a token name part of an authentication id. This alone does NOT uniquely identify
/// the user.
///
/// This is like a `str` to the `String` of a [`Tokenname`].
#[derive(Debug, Hash)]
pub struct TokennameRef(str);
#[doc(hidden)]
/// ```compile_fail
/// let a: Username = unsafe { std::mem::zeroed() };
/// let b: Username = unsafe { std::mem::zeroed() };
/// let _ = <Username as PartialEq>::eq(&a, &b);
/// ```
///
/// ```compile_fail
/// let a: &UsernameRef = unsafe { std::mem::zeroed() };
/// let b: &UsernameRef = unsafe { std::mem::zeroed() };
/// let _ = <&UsernameRef as PartialEq>::eq(a, b);
/// ```
///
/// ```compile_fail
/// let a: &UsernameRef = unsafe { std::mem::zeroed() };
/// let b: &UsernameRef = unsafe { std::mem::zeroed() };
/// let _ = <&UsernameRef as PartialEq>::eq(&a, &b);
/// ```
///
/// ```compile_fail
/// let a: Tokenname = unsafe { std::mem::zeroed() };
/// let b: Tokenname = unsafe { std::mem::zeroed() };
/// let _ = <Tokenname as PartialEq>::eq(&a, &b);
/// ```
///
/// ```compile_fail
/// let a: &TokennameRef = unsafe { std::mem::zeroed() };
/// let b: &TokennameRef = unsafe { std::mem::zeroed() };
/// let _ = <&TokennameRef as PartialEq>::eq(a, b);
/// ```
///
/// ```compile_fail
/// let a: &TokennameRef = unsafe { std::mem::zeroed() };
/// let b: &TokennameRef = unsafe { std::mem::zeroed() };
/// let _ = <&TokennameRef as PartialEq>::eq(&a, &b);
/// ```
struct _AssertNoEqImpl;
impl TokennameRef {
fn new(s: &str) -> &Self {
unsafe { &*(s as *const str as *const TokennameRef) }
}
pub fn as_str(&self) -> &str {
&self.0
}
}
impl std::ops::Deref for Tokenname {
type Target = TokennameRef;
fn deref(&self) -> &TokennameRef {
self.borrow()
}
}
impl Borrow<TokennameRef> for Tokenname {
fn borrow(&self) -> &TokennameRef {
TokennameRef::new(self.0.as_str())
}
}
impl AsRef<TokennameRef> for Tokenname {
fn as_ref(&self) -> &TokennameRef {
self.borrow()
}
}
impl ToOwned for TokennameRef {
type Owned = Tokenname;
fn to_owned(&self) -> Self::Owned {
Tokenname(self.0.to_owned())
}
}
impl TryFrom<String> for Tokenname {
type Error = Error;
fn try_from(s: String) -> Result<Self, Error> {
if !PROXMOX_TOKEN_NAME_REGEX.is_match(&s) {
bail!("invalid token name");
}
Ok(Self(s))
}
}
impl<'a> TryFrom<&'a str> for &'a TokennameRef {
type Error = Error;
fn try_from(s: &'a str) -> Result<&'a TokennameRef, Error> {
if !PROXMOX_TOKEN_NAME_REGEX.is_match(s) {
bail!("invalid token name in user id");
}
Ok(TokennameRef::new(s))
}
}
/// A complete user id consisting of a user name and a realm
#[derive(Clone, Debug, Hash)] #[derive(Clone, Debug, Hash)]
pub struct Userid { pub struct Userid {
data: String, data: String,
@ -342,6 +474,12 @@ impl PartialEq for Userid {
} }
} }
impl From<Authid> for Userid {
fn from(authid: Authid) -> Self {
authid.user
}
}
impl From<(Username, Realm)> for Userid { impl From<(Username, Realm)> for Userid {
fn from(parts: (Username, Realm)) -> Self { fn from(parts: (Username, Realm)) -> Self {
Self::from((parts.0.as_ref(), parts.1.as_ref())) Self::from((parts.0.as_ref(), parts.1.as_ref()))
@ -366,10 +504,18 @@ impl std::str::FromStr for Userid {
type Err = Error; type Err = Error;
fn from_str(id: &str) -> Result<Self, Error> { fn from_str(id: &str) -> Result<Self, Error> {
let (name, realm) = match id.as_bytes().iter().rposition(|&b| b == b'@') { let name_len = id
Some(pos) => (&id[..pos], &id[(pos + 1)..]), .as_bytes()
None => bail!("not a valid user id"), .iter()
}; .rposition(|&b| b == b'@')
.ok_or_else(|| format_err!("not a valid user id"))?;
let name = &id[..name_len];
let realm = &id[(name_len + 1)..];
if !PROXMOX_USER_NAME_REGEX.is_match(name) {
bail!("invalid user name in user id");
}
PROXMOX_AUTH_REALM_STRING_SCHEMA.check_constraints(realm) PROXMOX_AUTH_REALM_STRING_SCHEMA.check_constraints(realm)
.map_err(|_| format_err!("invalid realm in user id"))?; .map_err(|_| format_err!("invalid realm in user id"))?;
@ -388,6 +534,10 @@ impl TryFrom<String> for Userid {
.rposition(|&b| b == b'@') .rposition(|&b| b == b'@')
.ok_or_else(|| format_err!("not a valid user id"))?; .ok_or_else(|| format_err!("not a valid user id"))?;
if !PROXMOX_USER_NAME_REGEX.is_match(&data[..name_len]) {
bail!("invalid user name in user id");
}
PROXMOX_AUTH_REALM_STRING_SCHEMA.check_constraints(&data[(name_len + 1)..]) PROXMOX_AUTH_REALM_STRING_SCHEMA.check_constraints(&data[(name_len + 1)..])
.map_err(|_| format_err!("invalid realm in user id"))?; .map_err(|_| format_err!("invalid realm in user id"))?;
@ -413,5 +563,182 @@ impl PartialEq<String> for Userid {
} }
} }
/// A complete authentication id consisting of a user id and an optional token name.
#[derive(Clone, Debug, Hash)]
pub struct Authid {
user: Userid,
tokenname: Option<Tokenname>
}
impl Authid {
pub const API_SCHEMA: Schema = StringSchema::new("Authentication ID")
.format(&PROXMOX_AUTH_ID_FORMAT)
.min_length(3)
.max_length(64)
.schema();
const fn new(user: Userid, tokenname: Option<Tokenname>) -> Self {
Self { user, tokenname }
}
pub fn user(&self) -> &Userid {
&self.user
}
pub fn is_token(&self) -> bool {
self.tokenname.is_some()
}
pub fn tokenname(&self) -> Option<&TokennameRef> {
match &self.tokenname {
Some(name) => Some(&name),
None => None,
}
}
/// Get the "backup@pam" auth id.
pub fn backup_auth_id() -> &'static Self {
&*BACKUP_AUTHID
}
/// Get the "root@pam" auth id.
pub fn root_auth_id() -> &'static Self {
&*ROOT_AUTHID
}
}
lazy_static! {
pub static ref BACKUP_AUTHID: Authid = Authid::from(Userid::new("backup@pam".to_string(), 6));
pub static ref ROOT_AUTHID: Authid = Authid::from(Userid::new("root@pam".to_string(), 4));
}
impl Eq for Authid {}
impl PartialEq for Authid {
fn eq(&self, rhs: &Self) -> bool {
self.user == rhs.user && match (&self.tokenname, &rhs.tokenname) {
(Some(ours), Some(theirs)) => ours.as_str() == theirs.as_str(),
(None, None) => true,
_ => false,
}
}
}
impl From<Userid> for Authid {
fn from(parts: Userid) -> Self {
Self::new(parts, None)
}
}
impl From<(Userid, Option<Tokenname>)> for Authid {
fn from(parts: (Userid, Option<Tokenname>)) -> Self {
Self::new(parts.0, parts.1)
}
}
impl fmt::Display for Authid {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match &self.tokenname {
Some(token) => write!(f, "{}!{}", self.user, token.as_str()),
None => self.user.fmt(f),
}
}
}
impl std::str::FromStr for Authid {
type Err = Error;
fn from_str(id: &str) -> Result<Self, Error> {
let name_len = id
.as_bytes()
.iter()
.rposition(|&b| b == b'@')
.ok_or_else(|| format_err!("not a valid user id"))?;
let realm_end = id
.as_bytes()
.iter()
.rposition(|&b| b == b'!')
.map(|pos| if pos < name_len { id.len() } else { pos })
.unwrap_or(id.len());
if realm_end == id.len() - 1 {
bail!("empty token name in userid");
}
let user = Userid::from_str(&id[..realm_end])?;
if id.len() > realm_end {
let token = Tokenname::try_from(id[(realm_end + 1)..].to_string())?;
Ok(Self::new(user, Some(token)))
} else {
Ok(Self::new(user, None))
}
}
}
impl TryFrom<String> for Authid {
type Error = Error;
fn try_from(mut data: String) -> Result<Self, Error> {
let name_len = data
.as_bytes()
.iter()
.rposition(|&b| b == b'@')
.ok_or_else(|| format_err!("not a valid user id"))?;
let realm_end = data
.as_bytes()
.iter()
.rposition(|&b| b == b'!')
.map(|pos| if pos < name_len { data.len() } else { pos })
.unwrap_or(data.len());
if realm_end == data.len() - 1 {
bail!("empty token name in userid");
}
let tokenname = if data.len() > realm_end {
Some(Tokenname::try_from(data[(realm_end + 1)..].to_string())?)
} else {
None
};
data.truncate(realm_end);
let user:Userid = data.parse()?;
Ok(Self { user, tokenname })
}
}
#[test]
fn test_token_id() {
let userid: Userid = "test@pam".parse().expect("parsing Userid failed");
assert_eq!(userid.name().as_str(), "test");
assert_eq!(userid.realm(), "pam");
assert_eq!(userid, "test@pam");
let auth_id: Authid = "test@pam".parse().expect("parsing user Authid failed");
assert_eq!(auth_id.to_string(), "test@pam".to_string());
assert!(!auth_id.is_token());
assert_eq!(auth_id.user(), &userid);
let user_auth_id = Authid::from(userid.clone());
assert_eq!(user_auth_id, auth_id);
assert!(!user_auth_id.is_token());
let auth_id: Authid = "test@pam!bar".parse().expect("parsing token Authid failed");
let token_userid = auth_id.user();
assert_eq!(&userid, token_userid);
assert!(auth_id.is_token());
assert_eq!(auth_id.tokenname().expect("Token has tokenname").as_str(), TokennameRef::new("bar").as_str());
assert_eq!(auth_id.to_string(), "test@pam!bar".to_string());
}
proxmox::forward_deserialize_to_from_str!(Userid); proxmox::forward_deserialize_to_from_str!(Userid);
proxmox::forward_serialize_to_display!(Userid); proxmox::forward_serialize_to_display!(Userid);
proxmox::forward_deserialize_to_from_str!(Authid);
proxmox::forward_serialize_to_display!(Authid);

28
src/backup/backup_info.rs
View File

@ -1,37 +1,31 @@
use crate::tools; use crate::tools;
use anyhow::{bail, format_err, Error}; use anyhow::{bail, format_err, Error};
use regex::Regex;
use std::os::unix::io::RawFd; use std::os::unix::io::RawFd;
use std::path::{PathBuf, Path}; use std::path::{PathBuf, Path};
use lazy_static::lazy_static;
use proxmox::const_regex;
use super::manifest::MANIFEST_BLOB_NAME; use super::manifest::MANIFEST_BLOB_NAME;
macro_rules! BACKUP_ID_RE { () => (r"[A-Za-z0-9][A-Za-z0-9_-]+") } macro_rules! BACKUP_ID_RE { () => (r"[A-Za-z0-9_][A-Za-z0-9._\-]*") }
macro_rules! BACKUP_TYPE_RE { () => (r"(?:host|vm|ct)") } macro_rules! BACKUP_TYPE_RE { () => (r"(?:host|vm|ct)") }
macro_rules! BACKUP_TIME_RE { () => (r"[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z") } macro_rules! BACKUP_TIME_RE { () => (r"[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z") }
lazy_static!{ const_regex!{
static ref BACKUP_FILE_REGEX: Regex = Regex::new( BACKUP_FILE_REGEX = r"^.*\.([fd]idx|blob)$";
r"^.*\.([fd]idx|blob)$").unwrap();
static ref BACKUP_TYPE_REGEX: Regex = Regex::new( BACKUP_TYPE_REGEX = concat!(r"^(", BACKUP_TYPE_RE!(), r")$");
concat!(r"^(", BACKUP_TYPE_RE!(), r")$")).unwrap();
static ref BACKUP_ID_REGEX: Regex = Regex::new( pub BACKUP_ID_REGEX = concat!(r"^", BACKUP_ID_RE!(), r"$");
concat!(r"^", BACKUP_ID_RE!(), r"$")).unwrap();
static ref BACKUP_DATE_REGEX: Regex = Regex::new( BACKUP_DATE_REGEX = concat!(r"^", BACKUP_TIME_RE!() ,r"$");
concat!(r"^", BACKUP_TIME_RE!() ,r"$")).unwrap();
static ref GROUP_PATH_REGEX: Regex = Regex::new( GROUP_PATH_REGEX = concat!(r"^(", BACKUP_TYPE_RE!(), ")/(", BACKUP_ID_RE!(), r")$");
concat!(r"^(", BACKUP_TYPE_RE!(), ")/(", BACKUP_ID_RE!(), r")$")).unwrap();
static ref SNAPSHOT_PATH_REGEX: Regex = Regex::new(
concat!(r"^(", BACKUP_TYPE_RE!(), ")/(", BACKUP_ID_RE!(), ")/(", BACKUP_TIME_RE!(), r")$")).unwrap();
SNAPSHOT_PATH_REGEX = concat!(
r"^(", BACKUP_TYPE_RE!(), ")/(", BACKUP_ID_RE!(), ")/(", BACKUP_TIME_RE!(), r")$");
} }
/// BackupGroup is a directory containing a list of BackupDir /// BackupGroup is a directory containing a list of BackupDir

135
src/backup/catalog.rs
View File

@ -78,7 +78,7 @@ pub struct DirEntry {
#[derive(Clone, Debug, PartialEq)] #[derive(Clone, Debug, PartialEq)]
pub enum DirEntryAttribute { pub enum DirEntryAttribute {
Directory { start: u64 }, Directory { start: u64 },
File { size: u64, mtime: u64 }, File { size: u64, mtime: i64 },
Symlink, Symlink,
Hardlink, Hardlink,
BlockDevice, BlockDevice,
@ -89,7 +89,7 @@ pub enum DirEntryAttribute {
impl DirEntry { impl DirEntry {
fn new(etype: CatalogEntryType, name: Vec<u8>, start: u64, size: u64, mtime:u64) -> Self { fn new(etype: CatalogEntryType, name: Vec<u8>, start: u64, size: u64, mtime: i64) -> Self {
match etype { match etype {
CatalogEntryType::Directory => { CatalogEntryType::Directory => {
DirEntry { name, attr: DirEntryAttribute::Directory { start } } DirEntry { name, attr: DirEntryAttribute::Directory { start } }
@ -184,7 +184,7 @@ impl DirInfo {
catalog_encode_u64(writer, name.len() as u64)?; catalog_encode_u64(writer, name.len() as u64)?;
writer.write_all(name)?; writer.write_all(name)?;
catalog_encode_u64(writer, *size)?; catalog_encode_u64(writer, *size)?;
catalog_encode_u64(writer, *mtime)?; catalog_encode_i64(writer, *mtime)?;
} }
DirEntry { name, attr: DirEntryAttribute::Symlink } => { DirEntry { name, attr: DirEntryAttribute::Symlink } => {
writer.write_all(&[CatalogEntryType::Symlink as u8])?; writer.write_all(&[CatalogEntryType::Symlink as u8])?;
@ -234,7 +234,7 @@ impl DirInfo {
Ok((self.name, data)) Ok((self.name, data))
} }
fn parse<C: FnMut(CatalogEntryType, &[u8], u64, u64, u64) -> Result<bool, Error>>( fn parse<C: FnMut(CatalogEntryType, &[u8], u64, u64, i64) -> Result<bool, Error>>(
data: &[u8], data: &[u8],
mut callback: C, mut callback: C,
) -> Result<(), Error> { ) -> Result<(), Error> {
@ -265,7 +265,7 @@ impl DirInfo {
} }
CatalogEntryType::File => { CatalogEntryType::File => {
let size = catalog_decode_u64(&mut cursor)?; let size = catalog_decode_u64(&mut cursor)?;
let mtime = catalog_decode_u64(&mut cursor)?; let mtime = catalog_decode_i64(&mut cursor)?;
callback(etype, name, 0, size, mtime)? callback(etype, name, 0, size, mtime)?
} }
_ => { _ => {
@ -362,7 +362,7 @@ impl <W: Write> BackupCatalogWriter for CatalogWriter<W> {
Ok(()) Ok(())
} }
fn add_file(&mut self, name: &CStr, size: u64, mtime: u64) -> Result<(), Error> { fn add_file(&mut self, name: &CStr, size: u64, mtime: i64) -> Result<(), Error> {
let dir = self.dirstack.last_mut().ok_or_else(|| format_err!("outside root"))?; let dir = self.dirstack.last_mut().ok_or_else(|| format_err!("outside root"))?;
let name = name.to_bytes().to_vec(); let name = name.to_bytes().to_vec();
dir.entries.push(DirEntry { name, attr: DirEntryAttribute::File { size, mtime } }); dir.entries.push(DirEntry { name, attr: DirEntryAttribute::File { size, mtime } });
@ -587,14 +587,77 @@ impl <R: Read + Seek> CatalogReader<R> {
} }
} }
/// Serialize i64 as short, variable length byte sequence
///
/// Stores 7 bits per byte, Bit 8 indicates the end of the sequence (when not set).
/// If the value is negative, we end with a zero byte (0x00).
pub fn catalog_encode_i64<W: Write>(writer: &mut W, v: i64) -> Result<(), Error> {
let mut enc = Vec::new();
let mut d = if v < 0 {
(-1 * (v + 1)) as u64 + 1 // also handles i64::MIN
} else {
v as u64
};
loop {
if d < 128 {
if v < 0 {
enc.push(128 | d as u8);
enc.push(0u8);
} else {
enc.push(d as u8);
}
break;
}
enc.push((128 | (d & 127)) as u8);
d = d >> 7;
}
writer.write_all(&enc)?;
Ok(())
}
/// Deserialize i64 from variable length byte sequence
///
/// We currently read maximal 11 bytes, which give a maximum of 70 bits + sign.
/// this method is compatible with catalog_encode_u64 iff the
/// value encoded is <= 2^63 (values > 2^63 cannot be represented in an i64)
pub fn catalog_decode_i64<R: Read>(reader: &mut R) -> Result<i64, Error> {
let mut v: u64 = 0;
let mut buf = [0u8];
for i in 0..11 { // only allow 11 bytes (70 bits + sign marker)
if buf.is_empty() {
bail!("decode_i64 failed - unexpected EOB");
}
reader.read_exact(&mut buf)?;
let t = buf[0];
if t == 0 {
if v == 0 {
return Ok(0);
}
return Ok(((v - 1) as i64 * -1) - 1); // also handles i64::MIN
} else if t < 128 {
v |= (t as u64) << (i*7);
return Ok(v as i64);
} else {
v |= ((t & 127) as u64) << (i*7);
}
}
bail!("decode_i64 failed - missing end marker");
}
/// Serialize u64 as short, variable length byte sequence /// Serialize u64 as short, variable length byte sequence
/// ///
/// Stores 7 bits per byte, Bit 8 indicates the end of the sequence (when not set). /// Stores 7 bits per byte, Bit 8 indicates the end of the sequence (when not set).
/// We limit values to a maximum of 2^63.
pub fn catalog_encode_u64<W: Write>(writer: &mut W, v: u64) -> Result<(), Error> { pub fn catalog_encode_u64<W: Write>(writer: &mut W, v: u64) -> Result<(), Error> {
let mut enc = Vec::new(); let mut enc = Vec::new();
if (v & (1<<63)) != 0 { bail!("catalog_encode_u64 failed - value >= 2^63"); }
let mut d = v; let mut d = v;
loop { loop {
if d < 128 { if d < 128 {
@ -611,13 +674,14 @@ pub fn catalog_encode_u64<W: Write>(writer: &mut W, v: u64) -> Result<(), Error>
/// Deserialize u64 from variable length byte sequence /// Deserialize u64 from variable length byte sequence
/// ///
/// We currently read maximal 9 bytes, which give a maximum of 63 bits. /// We currently read maximal 10 bytes, which give a maximum of 70 bits,
/// but we currently only encode up to 64 bits
pub fn catalog_decode_u64<R: Read>(reader: &mut R) -> Result<u64, Error> { pub fn catalog_decode_u64<R: Read>(reader: &mut R) -> Result<u64, Error> {
let mut v: u64 = 0; let mut v: u64 = 0;
let mut buf = [0u8]; let mut buf = [0u8];
for i in 0..9 { // only allow 9 bytes (63 bits) for i in 0..10 { // only allow 10 bytes (70 bits)
if buf.is_empty() { if buf.is_empty() {
bail!("decode_u64 failed - unexpected EOB"); bail!("decode_u64 failed - unexpected EOB");
} }
@ -652,9 +716,58 @@ fn test_catalog_u64_encoder() {
assert!(decoded == value); assert!(decoded == value);
} }
test_encode_decode(u64::MIN);
test_encode_decode(126); test_encode_decode(126);
test_encode_decode((1<<12)-1); test_encode_decode((1<<12)-1);
test_encode_decode((1<<20)-1); test_encode_decode((1<<20)-1);
test_encode_decode((1<<50)-1); test_encode_decode((1<<50)-1);
test_encode_decode((1<<63)-1); test_encode_decode(u64::MAX);
}
#[test]
fn test_catalog_i64_encoder() {
fn test_encode_decode(value: i64) {
let mut data = Vec::new();
catalog_encode_i64(&mut data, value).unwrap();
let slice = &mut &data[..];
let decoded = catalog_decode_i64(slice).unwrap();
assert!(decoded == value);
}
test_encode_decode(0);
test_encode_decode(-0);
test_encode_decode(126);
test_encode_decode(-126);
test_encode_decode((1<<12)-1);
test_encode_decode(-(1<<12)-1);
test_encode_decode((1<<20)-1);
test_encode_decode(-(1<<20)-1);
test_encode_decode(i64::MIN);
test_encode_decode(i64::MAX);
}
#[test]
fn test_catalog_i64_compatibility() {
fn test_encode_decode(value: u64) {
let mut data = Vec::new();
catalog_encode_u64(&mut data, value).unwrap();
let slice = &mut &data[..];
let decoded = catalog_decode_i64(slice).unwrap() as u64;
assert!(decoded == value);
}
test_encode_decode(u64::MIN);
test_encode_decode(126);
test_encode_decode((1<<12)-1);
test_encode_decode((1<<20)-1);
test_encode_decode((1<<50)-1);
test_encode_decode(u64::MAX);
} }

61
src/backup/datastore.rs
View File

@ -23,7 +23,7 @@ use crate::task::TaskState;
use crate::tools; use crate::tools;
use crate::tools::format::HumanByte; use crate::tools::format::HumanByte;
use crate::tools::fs::{lock_dir_noblock, DirLockGuard}; use crate::tools::fs::{lock_dir_noblock, DirLockGuard};
use crate::api2::types::{GarbageCollectionStatus, Userid}; use crate::api2::types::{Authid, GarbageCollectionStatus};
use crate::server::UPID; use crate::server::UPID;
lazy_static! { lazy_static! {
@ -276,8 +276,8 @@ impl DataStore {
/// Returns the backup owner. /// Returns the backup owner.
/// ///
/// The backup owner is the user who first created the backup group. /// The backup owner is the entity who first created the backup group.
pub fn get_owner(&self, backup_group: &BackupGroup) -> Result<Userid, Error> { pub fn get_owner(&self, backup_group: &BackupGroup) -> Result<Authid, Error> {
let mut full_path = self.base_path(); let mut full_path = self.base_path();
full_path.push(backup_group.group_path()); full_path.push(backup_group.group_path());
full_path.push("owner"); full_path.push("owner");
@ -289,7 +289,7 @@ impl DataStore {
pub fn set_owner( pub fn set_owner(
&self, &self,
backup_group: &BackupGroup, backup_group: &BackupGroup,
userid: &Userid, auth_id: &Authid,
force: bool, force: bool,
) -> Result<(), Error> { ) -> Result<(), Error> {
let mut path = self.base_path(); let mut path = self.base_path();
@ -309,7 +309,7 @@ impl DataStore {
let mut file = open_options.open(&path) let mut file = open_options.open(&path)
.map_err(|err| format_err!("unable to create owner file {:?} - {}", path, err))?; .map_err(|err| format_err!("unable to create owner file {:?} - {}", path, err))?;
writeln!(file, "{}", userid) writeln!(file, "{}", auth_id)
.map_err(|err| format_err!("unable to write owner file {:?} - {}", path, err))?; .map_err(|err| format_err!("unable to write owner file {:?} - {}", path, err))?;
Ok(()) Ok(())
@ -324,8 +324,8 @@ impl DataStore {
pub fn create_locked_backup_group( pub fn create_locked_backup_group(
&self, &self,
backup_group: &BackupGroup, backup_group: &BackupGroup,
userid: &Userid, auth_id: &Authid,
) -> Result<(Userid, DirLockGuard), Error> { ) -> Result<(Authid, DirLockGuard), Error> {
// create intermediate path first: // create intermediate path first:
let base_path = self.base_path(); let base_path = self.base_path();
@ -339,7 +339,7 @@ impl DataStore {
match std::fs::create_dir(&full_path) { match std::fs::create_dir(&full_path) {
Ok(_) => { Ok(_) => {
let guard = lock_dir_noblock(&full_path, "backup group", "another backup is already running")?; let guard = lock_dir_noblock(&full_path, "backup group", "another backup is already running")?;
self.set_owner(backup_group, userid, false)?; self.set_owner(backup_group, auth_id, false)?;
let owner = self.get_owner(backup_group)?; // just to be sure let owner = self.get_owner(backup_group)?; // just to be sure
Ok((owner, guard)) Ok((owner, guard))
} }
@ -458,38 +458,35 @@ impl DataStore {
) -> Result<(), Error> { ) -> Result<(), Error> {
let image_list = self.list_images()?; let image_list = self.list_images()?;
let image_count = image_list.len(); let image_count = image_list.len();
let mut done = 0; let mut done = 0;
let mut last_percentage: usize = 0; let mut last_percentage: usize = 0;
for path in image_list { for img in image_list {
worker.check_abort()?; worker.check_abort()?;
tools::fail_on_shutdown()?; tools::fail_on_shutdown()?;
let full_path = self.chunk_store.relative_path(&path); let path = self.chunk_store.relative_path(&img);
match std::fs::File::open(&full_path) { match std::fs::File::open(&path) {
Ok(file) => { Ok(file) => {
if let Ok(archive_type) = archive_type(&path) { if let Ok(archive_type) = archive_type(&img) {
if archive_type == ArchiveType::FixedIndex { if archive_type == ArchiveType::FixedIndex {
let index = FixedIndexReader::new(file)?; let index = FixedIndexReader::new(file).map_err(|e| {
self.index_mark_used_chunks(index, &path, status, worker)?; format_err!("can't read index '{}' - {}", path.to_string_lossy(), e)
})?;
self.index_mark_used_chunks(index, &img, status, worker)?;
} else if archive_type == ArchiveType::DynamicIndex { } else if archive_type == ArchiveType::DynamicIndex {
let index = DynamicIndexReader::new(file)?; let index = DynamicIndexReader::new(file).map_err(|e| {
self.index_mark_used_chunks(index, &path, status, worker)?; format_err!("can't read index '{}' - {}", path.to_string_lossy(), e)
})?;
self.index_mark_used_chunks(index, &img, status, worker)?;
} }
} }
} }
Err(err) => { Err(err) if err.kind() == io::ErrorKind::NotFound => (), // ignore vanished files
if err.kind() == std::io::ErrorKind::NotFound { Err(err) => bail!("can't open index {} - {}", path.to_string_lossy(), err),
// simply ignore vanished files
} else {
return Err(err.into());
}
}
} }
done += 1; done += 1;
@ -559,7 +556,11 @@ impl DataStore {
); );
} }
if gc_status.removed_bad > 0 { if gc_status.removed_bad > 0 {
crate::task_log!(worker, "Removed bad files: {}", gc_status.removed_bad); crate::task_log!(worker, "Removed bad chunks: {}", gc_status.removed_bad);
}
if gc_status.still_bad > 0 {
crate::task_log!(worker, "Leftover bad chunks: {}", gc_status.still_bad);
} }
crate::task_log!( crate::task_log!(
@ -580,6 +581,14 @@ impl DataStore {
crate::task_log!(worker, "On-Disk chunks: {}", gc_status.disk_chunks); crate::task_log!(worker, "On-Disk chunks: {}", gc_status.disk_chunks);
let deduplication_factor = if gc_status.disk_bytes > 0 {
(gc_status.index_data_bytes as f64)/(gc_status.disk_bytes as f64)
} else {
1.0
};
crate::task_log!(worker, "Deduplication factor: {:.2}", deduplication_factor);
if gc_status.disk_chunks > 0 { if gc_status.disk_chunks > 0 {
let avg_chunk = gc_status.disk_bytes/(gc_status.disk_chunks as u64); let avg_chunk = gc_status.disk_bytes/(gc_status.disk_chunks as u64);
crate::task_log!(worker, "Average chunk size: {}", HumanByte::from(avg_chunk)); crate::task_log!(worker, "Average chunk size: {}", HumanByte::from(avg_chunk));

20
src/backup/dynamic_index.rs
View File

@ -95,6 +95,18 @@ impl DynamicIndexReader {
let header_size = std::mem::size_of::<DynamicIndexHeader>(); let header_size = std::mem::size_of::<DynamicIndexHeader>();
let rawfd = file.as_raw_fd();
let stat = match nix::sys::stat::fstat(rawfd) {
Ok(stat) => stat,
Err(err) => bail!("fstat failed - {}", err),
};
let size = stat.st_size as usize;
if size < header_size {
bail!("index too small ({})", stat.st_size);
}
let header: Box<DynamicIndexHeader> = unsafe { file.read_host_value_boxed()? }; let header: Box<DynamicIndexHeader> = unsafe { file.read_host_value_boxed()? };
if header.magic != super::DYNAMIC_SIZED_CHUNK_INDEX_1_0 { if header.magic != super::DYNAMIC_SIZED_CHUNK_INDEX_1_0 {
@ -103,13 +115,7 @@ impl DynamicIndexReader {
let ctime = proxmox::tools::time::epoch_i64(); let ctime = proxmox::tools::time::epoch_i64();
let rawfd = file.as_raw_fd(); let index_size = stat.st_size as usize - header_size;
let stat = nix::sys::stat::fstat(rawfd)?;
let size = stat.st_size as usize;
let index_size = size - header_size;
let index_count = index_size / 40; let index_count = index_size / 40;
if index_count * 40 != index_size { if index_count * 40 != index_size {
bail!("got unexpected file size"); bail!("got unexpected file size");

19
src/backup/fixed_index.rs
View File

@ -68,6 +68,19 @@ impl FixedIndexReader {
file.seek(SeekFrom::Start(0))?; file.seek(SeekFrom::Start(0))?;
let header_size = std::mem::size_of::<FixedIndexHeader>(); let header_size = std::mem::size_of::<FixedIndexHeader>();
let rawfd = file.as_raw_fd();
let stat = match nix::sys::stat::fstat(rawfd) {
Ok(stat) => stat,
Err(err) => bail!("fstat failed - {}", err),
};
let size = stat.st_size as usize;
if size < header_size {
bail!("index too small ({})", stat.st_size);
}
let header: Box<FixedIndexHeader> = unsafe { file.read_host_value_boxed()? }; let header: Box<FixedIndexHeader> = unsafe { file.read_host_value_boxed()? };
if header.magic != super::FIXED_SIZED_CHUNK_INDEX_1_0 { if header.magic != super::FIXED_SIZED_CHUNK_INDEX_1_0 {
@ -81,12 +94,6 @@ impl FixedIndexReader {
let index_length = ((size + chunk_size - 1) / chunk_size) as usize; let index_length = ((size + chunk_size - 1) / chunk_size) as usize;
let index_size = index_length * 32; let index_size = index_length * 32;
let rawfd = file.as_raw_fd();
let stat = match nix::sys::stat::fstat(rawfd) {
Ok(stat) => stat,
Err(err) => bail!("fstat failed - {}", err),
};
let expected_index_size = (stat.st_size as usize) - header_size; let expected_index_size = (stat.st_size as usize) - header_size;
if index_size != expected_index_size { if index_size != expected_index_size {

60
src/backup/verify.rs
View File

@ -14,6 +14,7 @@ use crate::{
BackupGroup, BackupGroup,
BackupDir, BackupDir,
BackupInfo, BackupInfo,
BackupManifest,
IndexFile, IndexFile,
CryptMode, CryptMode,
FileInfo, FileInfo,
@ -284,6 +285,7 @@ pub fn verify_backup_dir(
corrupt_chunks: Arc<Mutex<HashSet<[u8;32]>>>, corrupt_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
worker: Arc<dyn TaskState + Send + Sync>, worker: Arc<dyn TaskState + Send + Sync>,
upid: UPID, upid: UPID,
filter: Option<&dyn Fn(&BackupManifest) -> bool>,
) -> Result<bool, Error> { ) -> Result<bool, Error> {
let snap_lock = lock_dir_noblock_shared( let snap_lock = lock_dir_noblock_shared(
&datastore.snapshot_path(&backup_dir), &datastore.snapshot_path(&backup_dir),
@ -297,6 +299,7 @@ pub fn verify_backup_dir(
corrupt_chunks, corrupt_chunks,
worker, worker,
upid, upid,
filter,
snap_lock snap_lock
), ),
Err(err) => { Err(err) => {
@ -320,6 +323,7 @@ pub fn verify_backup_dir_with_lock(
corrupt_chunks: Arc<Mutex<HashSet<[u8;32]>>>, corrupt_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
worker: Arc<dyn TaskState + Send + Sync>, worker: Arc<dyn TaskState + Send + Sync>,
upid: UPID, upid: UPID,
filter: Option<&dyn Fn(&BackupManifest) -> bool>,
_snap_lock: Dir, _snap_lock: Dir,
) -> Result<bool, Error> { ) -> Result<bool, Error> {
let manifest = match datastore.load_manifest(&backup_dir) { let manifest = match datastore.load_manifest(&backup_dir) {
@ -336,6 +340,18 @@ pub fn verify_backup_dir_with_lock(
} }
}; };
if let Some(filter) = filter {
if filter(&manifest) == false {
task_log!(
worker,
"SKIPPED: verify {}:{} (recently verified)",
datastore.name(),
backup_dir,
);
return Ok(true);
}
}
task_log!(worker, "verify {}:{}", datastore.name(), backup_dir); task_log!(worker, "verify {}:{}", datastore.name(), backup_dir);
let mut error_count = 0; let mut error_count = 0;
@ -412,7 +428,7 @@ pub fn verify_backup_group(
progress: Option<(usize, usize)>, // (done, snapshot_count) progress: Option<(usize, usize)>, // (done, snapshot_count)
worker: Arc<dyn TaskState + Send + Sync>, worker: Arc<dyn TaskState + Send + Sync>,
upid: &UPID, upid: &UPID,
filter: &dyn Fn(&BackupInfo) -> bool, filter: Option<&dyn Fn(&BackupManifest) -> bool>,
) -> Result<(usize, Vec<String>), Error> { ) -> Result<(usize, Vec<String>), Error> {
let mut errors = Vec::new(); let mut errors = Vec::new();
@ -439,16 +455,6 @@ pub fn verify_backup_group(
for info in list { for info in list {
count += 1; count += 1;
if filter(&info) == false {
task_log!(
worker,
"SKIPPED: verify {}:{} (recently verified)",
datastore.name(),
info.backup_dir,
);
continue;
}
if !verify_backup_dir( if !verify_backup_dir(
datastore.clone(), datastore.clone(),
&info.backup_dir, &info.backup_dir,
@ -456,6 +462,7 @@ pub fn verify_backup_group(
corrupt_chunks.clone(), corrupt_chunks.clone(),
worker.clone(), worker.clone(),
upid.clone(), upid.clone(),
filter,
)? { )? {
errors.push(info.backup_dir.to_string()); errors.push(info.backup_dir.to_string());
} }
@ -475,7 +482,7 @@ pub fn verify_backup_group(
Ok((count, errors)) Ok((count, errors))
} }
/// Verify all backups inside a datastore /// Verify all (owned) backups inside a datastore
/// ///
/// Errors are logged to the worker log. /// Errors are logged to the worker log.
/// ///
@ -486,14 +493,41 @@ pub fn verify_all_backups(
datastore: Arc<DataStore>, datastore: Arc<DataStore>,
worker: Arc<dyn TaskState + Send + Sync>, worker: Arc<dyn TaskState + Send + Sync>,
upid: &UPID, upid: &UPID,
filter: &dyn Fn(&BackupInfo) -> bool, owner: Option<Authid>,
filter: Option<&dyn Fn(&BackupManifest) -> bool>,
) -> Result<Vec<String>, Error> { ) -> Result<Vec<String>, Error> {
let mut errors = Vec::new(); let mut errors = Vec::new();
if let Some(owner) = &owner {
task_log!(
worker,
"verify datastore {} - limiting to backups owned by {}",
datastore.name(),
owner
);
}
let filter_by_owner = |group: &BackupGroup| {
if let Some(owner) = &owner {
match datastore.get_owner(group) {
Ok(ref group_owner) => {
group_owner == owner
|| (group_owner.is_token()
&& !owner.is_token()
&& group_owner.user() == owner.user())
},
Err(_) => false,
}
} else {
true
}
};
let mut list = match BackupGroup::list_groups(&datastore.base_path()) { let mut list = match BackupGroup::list_groups(&datastore.base_path()) {
Ok(list) => list Ok(list) => list
.into_iter() .into_iter()
.filter(|group| !(group.backup_type() == "host" && group.backup_id() == "benchmark")) .filter(|group| !(group.backup_type() == "host" && group.backup_id() == "benchmark"))
.filter(filter_by_owner)
.collect::<Vec<BackupGroup>>(), .collect::<Vec<BackupGroup>>(),
Err(err) => { Err(err) => {
task_log!( task_log!(

8
src/bin/proxmox-backup-api.rs
View File

@ -52,7 +52,9 @@ async fn run() -> Result<(), Error> {
let mut config = server::ApiConfig::new( let mut config = server::ApiConfig::new(
buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PRIVILEGED)?; buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PRIVILEGED)?;
config.enable_file_log(buildcfg::API_ACCESS_LOG_FN)?; let mut commando_sock = server::CommandoSocket::new(server::our_ctrl_sock());
config.enable_file_log(buildcfg::API_ACCESS_LOG_FN, &mut commando_sock)?;
let rest_server = RestServer::new(config); let rest_server = RestServer::new(config);
@ -76,10 +78,12 @@ async fn run() -> Result<(), Error> {
}, },
); );
server::write_pid(buildcfg::PROXMOX_BACKUP_API_PID_FN)?;
daemon::systemd_notify(daemon::SystemdNotify::Ready)?; daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
let init_result: Result<(), Error> = try_block!({ let init_result: Result<(), Error> = try_block!({
server::create_task_control_socket()?; server::register_task_control_commands(&mut commando_sock)?;
commando_sock.spawn()?;
server::server_state_init()?; server::server_state_init()?;
Ok(()) Ok(())
}); });

45
src/bin/proxmox-backup-client.rs
View File

@ -36,7 +36,7 @@ use proxmox_backup::api2::types::*;
use proxmox_backup::api2::version; use proxmox_backup::api2::version;
use proxmox_backup::client::*; use proxmox_backup::client::*;
use proxmox_backup::pxar::catalog::*; use proxmox_backup::pxar::catalog::*;
use proxmox_backup::config::user::complete_user_name; use proxmox_backup::config::user::complete_userid;
use proxmox_backup::backup::{ use proxmox_backup::backup::{
archive_type, archive_type,
decrypt_key, decrypt_key,
@ -193,7 +193,7 @@ pub fn complete_repository(_arg: &str, _param: &HashMap<String, String>) -> Vec<
result result
} }
fn connect(server: &str, port: u16, userid: &Userid) -> Result<HttpClient, Error> { fn connect(server: &str, port: u16, auth_id: &Authid) -> Result<HttpClient, Error> {
let fingerprint = std::env::var(ENV_VAR_PBS_FINGERPRINT).ok(); let fingerprint = std::env::var(ENV_VAR_PBS_FINGERPRINT).ok();
@ -212,7 +212,7 @@ fn connect(server: &str, port: u16, userid: &Userid) -> Result<HttpClient, Error
.fingerprint_cache(true) .fingerprint_cache(true)
.ticket_cache(true); .ticket_cache(true);
HttpClient::new(server, port, userid, options) HttpClient::new(server, port, auth_id, options)
} }
async fn view_task_result( async fn view_task_result(
@ -366,7 +366,7 @@ async fn list_backup_groups(param: Value) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/groups", repo.store()); let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
@ -425,7 +425,7 @@ async fn list_backup_groups(param: Value) -> Result<Value, Error> {
description: "Backup group.", description: "Backup group.",
}, },
"new-owner": { "new-owner": {
type: Userid, type: Authid,
}, },
} }
} }
@ -435,7 +435,7 @@ async fn change_backup_owner(group: String, mut param: Value) -> Result<(), Erro
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
param.as_object_mut().unwrap().remove("repository"); param.as_object_mut().unwrap().remove("repository");
@ -478,7 +478,7 @@ async fn list_snapshots(param: Value) -> Result<Value, Error> {
let output_format = get_output_format(&param); let output_format = get_output_format(&param);
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let group: Option<BackupGroup> = if let Some(path) = param["group"].as_str() { let group: Option<BackupGroup> = if let Some(path) = param["group"].as_str() {
Some(path.parse()?) Some(path.parse()?)
@ -543,7 +543,7 @@ async fn forget_snapshots(param: Value) -> Result<Value, Error> {
let path = tools::required_string_param(&param, "snapshot")?; let path = tools::required_string_param(&param, "snapshot")?;
let snapshot: BackupDir = path.parse()?; let snapshot: BackupDir = path.parse()?;
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store()); let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
@ -573,7 +573,7 @@ async fn api_login(param: Value) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
client.login().await?; client.login().await?;
record_repository(&repo); record_repository(&repo);
@ -630,7 +630,7 @@ async fn api_version(param: Value) -> Result<(), Error> {
let repo = extract_repository_from_value(&param); let repo = extract_repository_from_value(&param);
if let Ok(repo) = repo { if let Ok(repo) = repo {
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
match client.get("api2/json/version", None).await { match client.get("api2/json/version", None).await {
Ok(mut result) => version_info["server"] = result["data"].take(), Ok(mut result) => version_info["server"] = result["data"].take(),
@ -680,7 +680,7 @@ async fn list_snapshot_files(param: Value) -> Result<Value, Error> {
let output_format = get_output_format(&param); let output_format = get_output_format(&param);
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/files", repo.store()); let path = format!("api2/json/admin/datastore/{}/files", repo.store());
@ -724,7 +724,7 @@ async fn start_garbage_collection(param: Value) -> Result<Value, Error> {
let output_format = get_output_format(&param); let output_format = get_output_format(&param);
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/gc", repo.store()); let path = format!("api2/json/admin/datastore/{}/gc", repo.store());
@ -1036,7 +1036,7 @@ async fn create_backup(
let backup_time = backup_time_opt.unwrap_or_else(|| epoch_i64()); let backup_time = backup_time_opt.unwrap_or_else(|| epoch_i64());
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
record_repository(&repo); record_repository(&repo);
println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time)?); println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time)?);
@ -1339,7 +1339,7 @@ async fn restore(param: Value) -> Result<Value, Error> {
let archive_name = tools::required_string_param(&param, "archive-name")?; let archive_name = tools::required_string_param(&param, "archive-name")?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
record_repository(&repo); record_repository(&repo);
@ -1512,7 +1512,7 @@ async fn upload_log(param: Value) -> Result<Value, Error> {
let snapshot = tools::required_string_param(&param, "snapshot")?; let snapshot = tools::required_string_param(&param, "snapshot")?;
let snapshot: BackupDir = snapshot.parse()?; let snapshot: BackupDir = snapshot.parse()?;
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
let (keydata, crypt_mode) = keyfile_parameters(&param)?; let (keydata, crypt_mode) = keyfile_parameters(&param)?;
@ -1583,7 +1583,7 @@ fn prune<'a>(
async fn prune_async(mut param: Value) -> Result<Value, Error> { async fn prune_async(mut param: Value) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/prune", repo.store()); let path = format!("api2/json/admin/datastore/{}/prune", repo.store());
@ -1657,7 +1657,10 @@ async fn prune_async(mut param: Value) -> Result<Value, Error> {
optional: true, optional: true,
}, },
} }
} },
returns: {
type: StorageStatus,
},
)] )]
/// Get repository status. /// Get repository status.
async fn status(param: Value) -> Result<Value, Error> { async fn status(param: Value) -> Result<Value, Error> {
@ -1666,7 +1669,7 @@ async fn status(param: Value) -> Result<Value, Error> {
let output_format = get_output_format(&param); let output_format = get_output_format(&param);
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/admin/datastore/{}/status", repo.store()); let path = format!("api2/json/admin/datastore/{}/status", repo.store());
@ -1690,7 +1693,7 @@ async fn status(param: Value) -> Result<Value, Error> {
.column(ColumnConfig::new("used").renderer(render_total_percentage)) .column(ColumnConfig::new("used").renderer(render_total_percentage))
.column(ColumnConfig::new("avail").renderer(render_total_percentage)); .column(ColumnConfig::new("avail").renderer(render_total_percentage));
let schema = &proxmox_backup::api2::admin::datastore::API_RETURN_SCHEMA_STATUS; let schema = &API_RETURN_SCHEMA_STATUS;
format_and_print_result_full(&mut data, schema, &output_format, &options); format_and_print_result_full(&mut data, schema, &output_format, &options);
@ -1711,7 +1714,7 @@ async fn try_get(repo: &BackupRepository, url: &str) -> Value {
.fingerprint_cache(true) .fingerprint_cache(true)
.ticket_cache(true); .ticket_cache(true);
let client = match HttpClient::new(repo.host(), repo.port(), repo.user(), options) { let client = match HttpClient::new(repo.host(), repo.port(), repo.auth_id(), options) {
Ok(v) => v, Ok(v) => v,
_ => return Value::Null, _ => return Value::Null,
}; };
@ -2010,7 +2013,7 @@ fn main() {
let change_owner_cmd_def = CliCommand::new(&API_METHOD_CHANGE_BACKUP_OWNER) let change_owner_cmd_def = CliCommand::new(&API_METHOD_CHANGE_BACKUP_OWNER)
.arg_param(&["group", "new-owner"]) .arg_param(&["group", "new-owner"])
.completion_cb("group", complete_backup_group) .completion_cb("group", complete_backup_group)
.completion_cb("new-owner", complete_user_name) .completion_cb("new-owner", complete_userid)
.completion_cb("repository", complete_repository); .completion_cb("repository", complete_repository);
let cmd_def = CliCommandMap::new() let cmd_def = CliCommandMap::new()

19
src/bin/proxmox-backup-manager.rs
View File

@ -1,4 +1,5 @@
use std::collections::HashMap; use std::collections::HashMap;
use std::io::{self, Write};
use anyhow::{format_err, Error}; use anyhow::{format_err, Error};
use serde_json::{json, Value}; use serde_json::{json, Value};
@ -62,10 +63,10 @@ fn connect() -> Result<HttpClient, Error> {
let ticket = Ticket::new("PBS", Userid::root_userid())? let ticket = Ticket::new("PBS", Userid::root_userid())?
.sign(private_auth_key(), None)?; .sign(private_auth_key(), None)?;
options = options.password(Some(ticket)); options = options.password(Some(ticket));
HttpClient::new("localhost", 8007, Userid::root_userid(), options)? HttpClient::new("localhost", 8007, Authid::root_auth_id(), options)?
} else { } else {
options = options.ticket_cache(true).interactive(true); options = options.ticket_cache(true).interactive(true);
HttpClient::new("localhost", 8007, Userid::root_userid(), options)? HttpClient::new("localhost", 8007, Authid::root_auth_id(), options)?
}; };
Ok(client) Ok(client)
@ -354,6 +355,14 @@ async fn verify(
Ok(Value::Null) Ok(Value::Null)
} }
#[api()]
/// System report
async fn report() -> Result<Value, Error> {
let report = proxmox_backup::server::generate_report();
io::stdout().write_all(report.as_bytes())?;
Ok(Value::Null)
}
fn main() { fn main() {
proxmox_backup::tools::setup_safe_path_env(); proxmox_backup::tools::setup_safe_path_env();
@ -368,6 +377,7 @@ fn main() {
.insert("remote", remote_commands()) .insert("remote", remote_commands())
.insert("garbage-collection", garbage_collection_commands()) .insert("garbage-collection", garbage_collection_commands())
.insert("cert", cert_mgmt_cli()) .insert("cert", cert_mgmt_cli())
.insert("subscription", subscription_commands())
.insert("sync-job", sync_job_commands()) .insert("sync-job", sync_job_commands())
.insert("task", task_mgmt_cli()) .insert("task", task_mgmt_cli())
.insert( .insert(
@ -383,12 +393,15 @@ fn main() {
CliCommand::new(&API_METHOD_VERIFY) CliCommand::new(&API_METHOD_VERIFY)
.arg_param(&["store"]) .arg_param(&["store"])
.completion_cb("store", config::datastore::complete_datastore_name) .completion_cb("store", config::datastore::complete_datastore_name)
)
.insert("report",
CliCommand::new(&API_METHOD_REPORT)
); );
let mut rpcenv = CliEnvironment::new(); let mut rpcenv = CliEnvironment::new();
rpcenv.set_user(Some(String::from("root@pam"))); rpcenv.set_auth_id(Some(String::from("root@pam")));
proxmox_backup::tools::runtime::main(run_async_cli_command(cmd_def, rpcenv)); proxmox_backup::tools::runtime::main(run_async_cli_command(cmd_def, rpcenv));
} }

361
src/bin/proxmox-backup-proxy.rs
View File

@ -13,7 +13,6 @@ use proxmox::api::RpcEnvironmentType;
use proxmox_backup::{ use proxmox_backup::{
backup::DataStore, backup::DataStore,
server::{ server::{
UPID,
WorkerTask, WorkerTask,
ApiConfig, ApiConfig,
rest::*, rest::*,
@ -30,7 +29,7 @@ use proxmox_backup::{
}; };
use proxmox_backup::api2::types::Userid; use proxmox_backup::api2::types::Authid;
use proxmox_backup::configdir; use proxmox_backup::configdir;
use proxmox_backup::buildcfg; use proxmox_backup::buildcfg;
use proxmox_backup::server; use proxmox_backup::server;
@ -41,6 +40,7 @@ use proxmox_backup::tools::{
DiskManage, DiskManage,
zfs_pool_stats, zfs_pool_stats,
}, },
logrotate::LogRotate,
socket::{ socket::{
set_tcp_keepalive, set_tcp_keepalive,
PROXMOX_BACKUP_TCP_KEEPALIVE_TIME, PROXMOX_BACKUP_TCP_KEEPALIVE_TIME,
@ -49,6 +49,7 @@ use proxmox_backup::tools::{
use proxmox_backup::api2::pull::do_sync_job; use proxmox_backup::api2::pull::do_sync_job;
use proxmox_backup::server::do_verification_job; use proxmox_backup::server::do_verification_job;
use proxmox_backup::server::do_prune_job;
fn main() -> Result<(), Error> { fn main() -> Result<(), Error> {
proxmox_backup::tools::setup_safe_path_env(); proxmox_backup::tools::setup_safe_path_env();
@ -93,7 +94,9 @@ async fn run() -> Result<(), Error> {
config.register_template("index", &indexpath)?; config.register_template("index", &indexpath)?;
config.register_template("console", "/usr/share/pve-xtermjs/index.html.hbs")?; config.register_template("console", "/usr/share/pve-xtermjs/index.html.hbs")?;
config.enable_file_log(buildcfg::API_ACCESS_LOG_FN)?; let mut commando_sock = server::CommandoSocket::new(server::our_ctrl_sock());
config.enable_file_log(buildcfg::API_ACCESS_LOG_FN, &mut commando_sock)?;
let rest_server = RestServer::new(config); let rest_server = RestServer::new(config);
@ -142,10 +145,12 @@ async fn run() -> Result<(), Error> {
}, },
); );
server::write_pid(buildcfg::PROXMOX_BACKUP_PROXY_PID_FN)?;
daemon::systemd_notify(daemon::SystemdNotify::Ready)?; daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
let init_result: Result<(), Error> = try_block!({ let init_result: Result<(), Error> = try_block!({
server::create_task_control_socket()?; server::register_task_control_commands(&mut commando_sock)?;
commando_sock.spawn()?;
server::server_state_init()?; server::server_state_init()?;
Ok(()) Ok(())
}); });
@ -247,8 +252,6 @@ async fn schedule_datastore_garbage_collection() {
}, },
}; };
let email = server::lookup_user_email(Userid::root_userid());
let config = match datastore::config() { let config = match datastore::config() {
Err(err) => { Err(err) => {
eprintln!("unable to read datastore config - {}", err); eprintln!("unable to read datastore config - {}", err);
@ -291,22 +294,11 @@ async fn schedule_datastore_garbage_collection() {
let worker_type = "garbage_collection"; let worker_type = "garbage_collection";
let stat = datastore.last_gc_status(); let last = match jobstate::last_run_time(worker_type, &store) {
let last = if let Some(upid_str) = stat.upid { Ok(time) => time,
match upid_str.parse::<UPID>() { Err(err) => {
Ok(upid) => upid.starttime, eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
Err(err) => { continue;
eprintln!("unable to parse upid '{}' - {}", upid_str, err);
continue;
}
}
} else {
match jobstate::last_run_time(worker_type, &store) {
Ok(time) => time,
Err(err) => {
eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
continue;
}
} }
}; };
@ -323,44 +315,15 @@ async fn schedule_datastore_garbage_collection() {
if next > now { continue; } if next > now { continue; }
let mut job = match Job::new(worker_type, &store) { let job = match Job::new(worker_type, &store) {
Ok(job) => job, Ok(job) => job,
Err(_) => continue, // could not get lock Err(_) => continue, // could not get lock
}; };
let store2 = store.clone(); let auth_id = Authid::backup_auth_id();
let email2 = email.clone();
if let Err(err) = WorkerTask::new_thread( if let Err(err) = crate::server::do_garbage_collection_job(job, datastore, auth_id, Some(event_str), false) {
worker_type, eprintln!("unable to start garbage collection job on datastore {} - {}", store, err);
Some(store.clone()),
Userid::backup_userid().clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
worker.log(format!("starting garbage collection on store {}", store));
worker.log(format!("task triggered by schedule '{}'", event_str));
let result = datastore.garbage_collection(&*worker, worker.upid());
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!("could not finish job state for {}: {}", worker_type, err);
}
if let Some(email2) = email2 {
let gc_status = datastore.last_gc_status();
if let Err(err) = crate::server::send_gc_status(&email2, datastore.name(), &gc_status, &result) {
eprintln!("send gc notification failed: {}", err);
}
}
result
}
) {
eprintln!("unable to start garbage collection on store {} - {}", store2, err);
} }
} }
} }
@ -370,8 +333,6 @@ async fn schedule_datastore_prune() {
use proxmox_backup::{ use proxmox_backup::{
backup::{ backup::{
PruneOptions, PruneOptions,
BackupGroup,
compute_prune_info,
}, },
config::datastore::{ config::datastore::{
self, self,
@ -388,13 +349,6 @@ async fn schedule_datastore_prune() {
}; };
for (store, (_, store_config)) in config.sections { for (store, (_, store_config)) in config.sections {
let datastore = match DataStore::lookup_datastore(&store) {
Ok(datastore) => datastore,
Err(err) => {
eprintln!("lookup_datastore '{}' failed - {}", store, err);
continue;
}
};
let store_config: DataStoreConfig = match serde_json::from_value(store_config) { let store_config: DataStoreConfig = match serde_json::from_value(store_config) {
Ok(c) => c, Ok(c) => c,
@ -422,95 +376,18 @@ async fn schedule_datastore_prune() {
continue; continue;
} }
let event = match parse_calendar_event(&event_str) {
Ok(event) => event,
Err(err) => {
eprintln!("unable to parse schedule '{}' - {}", event_str, err);
continue;
}
};
let worker_type = "prune"; let worker_type = "prune";
if check_schedule(worker_type, &event_str, &store) {
let job = match Job::new(worker_type, &store) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let last = match jobstate::last_run_time(worker_type, &store) { let auth_id = Authid::backup_auth_id().clone();
Ok(time) => time, if let Err(err) = do_prune_job(job, prune_options, store.clone(), &auth_id, Some(event_str)) {
Err(err) => { eprintln!("unable to start datastore prune job {} - {}", &store, err);
eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
continue;
} }
}; };
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => continue,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let mut job = match Job::new(worker_type, &store) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let store2 = store.clone();
if let Err(err) = WorkerTask::new_thread(
worker_type,
Some(store.clone()),
Userid::backup_userid().clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
let result = try_block!({
worker.log(format!("Starting datastore prune on store \"{}\"", store));
worker.log(format!("task triggered by schedule '{}'", event_str));
worker.log(format!("retention options: {}", prune_options.cli_options_string()));
let base_path = datastore.base_path();
let groups = BackupGroup::list_groups(&base_path)?;
for group in groups {
let list = group.list_backups(&base_path)?;
let mut prune_info = compute_prune_info(list, &prune_options)?;
prune_info.reverse(); // delete older snapshots first
worker.log(format!("Starting prune on store \"{}\" group \"{}/{}\"",
store, group.backup_type(), group.backup_id()));
for (info, keep) in prune_info {
worker.log(format!(
"{} {}/{}/{}",
if keep { "keep" } else { "remove" },
group.backup_type(), group.backup_id(),
info.backup_dir.backup_time_string()));
if !keep {
datastore.remove_backup_dir(&info.backup_dir, true)?;
}
}
}
Ok(())
});
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!("could not finish job state for {}: {}", worker_type, err);
}
result
}
) {
eprintln!("unable to start datastore prune on store {} - {}", store2, err);
}
} }
} }
@ -543,47 +420,18 @@ async fn schedule_datastore_sync_jobs() {
None => continue, None => continue,
}; };
let event = match parse_calendar_event(&event_str) {
Ok(event) => event,
Err(err) => {
eprintln!("unable to parse schedule '{}' - {}", event_str, err);
continue;
}
};
let worker_type = "syncjob"; let worker_type = "syncjob";
if check_schedule(worker_type, &event_str, &job_id) {
let job = match Job::new(worker_type, &job_id) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let last = match jobstate::last_run_time(worker_type, &job_id) { let auth_id = Authid::backup_auth_id().clone();
Ok(time) => time, if let Err(err) = do_sync_job(job, job_config, &auth_id, Some(event_str)) {
Err(err) => { eprintln!("unable to start datastore sync job {} - {}", &job_id, err);
eprintln!("could not get last run time of {} {}: {}", worker_type, job_id, err);
continue;
} }
}; };
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => continue,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let job = match Job::new(worker_type, &job_id) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let userid = Userid::backup_userid().clone();
if let Err(err) = do_sync_job(job, job_config, &userid, Some(event_str)) {
eprintln!("unable to start datastore sync job {} - {}", &job_id, err);
}
} }
} }
@ -613,79 +461,30 @@ async fn schedule_datastore_verify_jobs() {
Some(ref event_str) => event_str.clone(), Some(ref event_str) => event_str.clone(),
None => continue, None => continue,
}; };
let event = match parse_calendar_event(&event_str) {
Ok(event) => event,
Err(err) => {
eprintln!("unable to parse schedule '{}' - {}", event_str, err);
continue;
}
};
let worker_type = "verificationjob"; let worker_type = "verificationjob";
let last = match jobstate::last_run_time(worker_type, &job_id) { let auth_id = Authid::backup_auth_id().clone();
Ok(time) => time, if check_schedule(worker_type, &event_str, &job_id) {
Err(err) => { let job = match Job::new(&worker_type, &job_id) {
eprintln!("could not get last run time of {} {}: {}", worker_type, job_id, err); Ok(job) => job,
continue; Err(_) => continue, // could not get lock
};
if let Err(err) = do_verification_job(job, job_config, &auth_id, Some(event_str)) {
eprintln!("unable to start datastore verification job {} - {}", &job_id, err);
} }
}; };
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => continue,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let job = match Job::new(worker_type, &job_id) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let userid = Userid::backup_userid().clone();
if let Err(err) = do_verification_job(job, job_config, &userid, Some(event_str)) {
eprintln!("unable to start datastore verification job {} - {}", &job_id, err);
}
} }
} }
async fn schedule_task_log_rotate() { async fn schedule_task_log_rotate() {
let worker_type = "logrotate"; let worker_type = "logrotate";
let job_id = "task_archive"; let job_id = "access-log_and_task-archive";
let last = match jobstate::last_run_time(worker_type, job_id) {
Ok(time) => time,
Err(err) => {
eprintln!("could not get last run time of task log archive rotation: {}", err);
return;
}
};
// schedule daily at 00:00 like normal logrotate // schedule daily at 00:00 like normal logrotate
let schedule = "00:00"; let schedule = "00:00";
let event = match parse_calendar_event(schedule) { if !check_schedule(worker_type, schedule, job_id) {
Ok(event) => event,
Err(err) => {
// should not happen?
eprintln!("unable to parse schedule '{}' - {}", schedule, err);
return;
}
};
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => return,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", schedule, err);
return;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now {
// if we never ran the rotation, schedule instantly // if we never ran the rotation, schedule instantly
match jobstate::JobState::load(worker_type, job_id) { match jobstate::JobState::load(worker_type, job_id) {
Ok(state) => match state { Ok(state) => match state {
@ -703,17 +502,16 @@ async fn schedule_task_log_rotate() {
if let Err(err) = WorkerTask::new_thread( if let Err(err) = WorkerTask::new_thread(
worker_type, worker_type,
Some(job_id.to_string()), None,
Userid::backup_userid().clone(), Authid::backup_auth_id().clone(),
false, false,
move |worker| { move |worker| {
job.start(&worker.upid().to_string())?; job.start(&worker.upid().to_string())?;
worker.log(format!("starting task log rotation")); worker.log(format!("starting task log rotation"));
let result = try_block!({ let result = try_block!({
// rotate task log archive let max_size = 512 * 1024 - 1; // an entry has ~ 100b, so > 5000 entries/file
let max_size = 500000; // a normal entry has about 100b, so ~ 5000 entries/file let max_files = 20; // times twenty files gives > 100000 task entries
let max_files = 20; // times twenty files gives at least 100000 task entries
let has_rotated = rotate_task_log_archive(max_size, true, Some(max_files))?; let has_rotated = rotate_task_log_archive(max_size, true, Some(max_files))?;
if has_rotated { if has_rotated {
worker.log(format!("task log archive was rotated")); worker.log(format!("task log archive was rotated"));
@ -721,6 +519,21 @@ async fn schedule_task_log_rotate() {
worker.log(format!("task log archive was not rotated")); worker.log(format!("task log archive was not rotated"));
} }
let max_size = 32 * 1024 * 1024 - 1;
let max_files = 14;
let mut logrotate = LogRotate::new(buildcfg::API_ACCESS_LOG_FN, true)
.ok_or_else(|| format_err!("could not get API access log file names"))?;
let has_rotated = logrotate.rotate(max_size, None, Some(max_files))?;
if has_rotated {
println!("rotated access log, telling daemons to re-open log file");
proxmox_backup::tools::runtime::block_on(command_reopen_logfiles())?;
worker.log(format!("API access log was rotated"));
} else {
worker.log(format!("API access log was not rotated"));
}
Ok(()) Ok(())
}); });
@ -738,6 +551,22 @@ async fn schedule_task_log_rotate() {
} }
async fn command_reopen_logfiles() -> Result<(), Error> {
// only care about the most recent daemon instance for each, proxy & api, as other older ones
// should not respond to new requests anyway, but only finish their current one and then exit.
let sock = server::our_ctrl_sock();
server::send_command(sock, serde_json::json!({
"command": "api-access-log-reopen",
})).await?;
let pid = server::read_pid(buildcfg::PROXMOX_BACKUP_API_PID_FN)?;
let sock = server::ctrl_sock_from_pid(pid);
server::send_command(sock, serde_json::json!({
"command": "api-access-log-reopen",
})).await?;
Ok(())
}
async fn run_stat_generator() { async fn run_stat_generator() {
let mut count = 0; let mut count = 0;
@ -850,6 +679,36 @@ async fn generate_host_stats(save: bool) {
}); });
} }
fn check_schedule(worker_type: &str, event_str: &str, id: &str) -> bool {
let event = match parse_calendar_event(event_str) {
Ok(event) => event,
Err(err) => {
eprintln!("unable to parse schedule '{}' - {}", event_str, err);
return false;
}
};
let last = match jobstate::last_run_time(worker_type, &id) {
Ok(time) => time,
Err(err) => {
eprintln!("could not get last run time of {} {}: {}", worker_type, id, err);
return false;
}
};
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => return false,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
return false;
}
};
let now = proxmox::tools::time::epoch_i64();
next <= now
}
fn gather_disk_stats(disk_manager: Arc<DiskManage>, path: &Path, rrd_prefix: &str, save: bool) { fn gather_disk_stats(disk_manager: Arc<DiskManage>, path: &Path, rrd_prefix: &str, save: bool) {
match proxmox_backup::tools::disks::disk_usage(path) { match proxmox_backup::tools::disks::disk_usage(path) {

73
src/bin/proxmox-daily-update.rs Normal file
View File

@ -0,0 +1,73 @@
use anyhow::Error;
use serde_json::{json, Value};
use proxmox::api::{cli::*, RpcEnvironment, ApiHandler};
use proxmox_backup::api2;
use proxmox_backup::tools::subscription;
async fn wait_for_local_worker(upid_str: &str) -> Result<(), Error> {
let upid: proxmox_backup::server::UPID = upid_str.parse()?;
let sleep_duration = core::time::Duration::new(0, 100_000_000);
loop {
if !proxmox_backup::server::worker_is_active_local(&upid) {
break;
}
tokio::time::delay_for(sleep_duration).await;
}
Ok(())
}
/// Daily update
async fn do_update(
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
let param = json!({});
let method = &api2::node::subscription::API_METHOD_CHECK_SUBSCRIPTION;
let _res = match method.handler {
ApiHandler::Sync(handler) => (handler)(param, method, rpcenv)?,
_ => unreachable!(),
};
let notify = match subscription::read_subscription() {
Ok(Some(subscription)) => subscription.status == subscription::SubscriptionStatus::ACTIVE,
Ok(None) => false,
Err(err) => {
eprintln!("Error reading subscription - {}", err);
false
},
};
let param = json!({
"notify": notify,
});
let method = &api2::node::apt::API_METHOD_APT_UPDATE_DATABASE;
let upid = match method.handler {
ApiHandler::Sync(handler) => (handler)(param, method, rpcenv)?,
_ => unreachable!(),
};
wait_for_local_worker(upid.as_str().unwrap()).await?;
// TODO: certificate checks/renewal/... ?
// TODO: cleanup tasks like in PVE?
Ok(Value::Null)
}
fn main() {
proxmox_backup::tools::setup_safe_path_env();
let mut rpcenv = CliEnvironment::new();
rpcenv.set_auth_id(Some(String::from("root@pam")));
match proxmox_backup::tools::runtime::main(do_update(&mut rpcenv)) {
Err(err) => {
eprintln!("error during update: {}", err);
std::process::exit(1);
},
_ => (),
}
}

2
src/bin/proxmox_backup_client/benchmark.rs
View File

@ -225,7 +225,7 @@ async fn test_upload_speed(
let backup_time = proxmox::tools::time::epoch_i64(); let backup_time = proxmox::tools::time::epoch_i64();
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
record_repository(&repo); record_repository(&repo);
if verbose { eprintln!("Connecting to backup server"); } if verbose { eprintln!("Connecting to backup server"); }

4
src/bin/proxmox_backup_client/catalog.rs
View File

@ -79,7 +79,7 @@ async fn dump_catalog(param: Value) -> Result<Value, Error> {
} }
}; };
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let client = BackupReader::start( let client = BackupReader::start(
client, client,
@ -153,7 +153,7 @@ async fn dump_catalog(param: Value) -> Result<Value, Error> {
/// Shell to interactively inspect and restore snapshots. /// Shell to interactively inspect and restore snapshots.
async fn catalog_shell(param: Value) -> Result<(), Error> { async fn catalog_shell(param: Value) -> Result<(), Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = tools::required_string_param(&param, "snapshot")?; let path = tools::required_string_param(&param, "snapshot")?;
let archive_name = tools::required_string_param(&param, "archive-name")?; let archive_name = tools::required_string_param(&param, "archive-name")?;

2
src/bin/proxmox_backup_client/mount.rs
View File

@ -163,7 +163,7 @@ fn mount(
async fn mount_do(param: Value, pipe: Option<RawFd>) -> Result<Value, Error> { async fn mount_do(param: Value, pipe: Option<RawFd>) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let archive_name = tools::required_string_param(&param, "archive-name")?; let archive_name = tools::required_string_param(&param, "archive-name")?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let target = param["target"].as_str(); let target = param["target"].as_str();

8
src/bin/proxmox_backup_client/task.rs
View File

@ -48,7 +48,7 @@ async fn task_list(param: Value) -> Result<Value, Error> {
let output_format = get_output_format(&param); let output_format = get_output_format(&param);
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
let limit = param["limit"].as_u64().unwrap_or(50) as usize; let limit = param["limit"].as_u64().unwrap_or(50) as usize;
let running = !param["all"].as_bool().unwrap_or(false); let running = !param["all"].as_bool().unwrap_or(false);
@ -57,7 +57,7 @@ async fn task_list(param: Value) -> Result<Value, Error> {
"running": running, "running": running,
"start": 0, "start": 0,
"limit": limit, "limit": limit,
"userfilter": repo.user(), "userfilter": repo.auth_id(),
"store": repo.store(), "store": repo.store(),
}); });
@ -96,7 +96,7 @@ async fn task_log(param: Value) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let upid = tools::required_string_param(&param, "upid")?; let upid = tools::required_string_param(&param, "upid")?;
let client = connect(repo.host(), repo.port(), repo.user())?; let client = connect(repo.host(), repo.port(), repo.auth_id())?;
display_task_log(client, upid, true).await?; display_task_log(client, upid, true).await?;
@ -122,7 +122,7 @@ async fn task_stop(param: Value) -> Result<Value, Error> {
let repo = extract_repository_from_value(&param)?; let repo = extract_repository_from_value(&param)?;
let upid_str = tools::required_string_param(&param, "upid")?; let upid_str = tools::required_string_param(&param, "upid")?;
let mut client = connect(repo.host(), repo.port(), repo.user())?; let mut client = connect(repo.host(), repo.port(), repo.auth_id())?;
let path = format!("api2/json/nodes/localhost/tasks/{}", upid_str); let path = format!("api2/json/nodes/localhost/tasks/{}", upid_str);
let _ = client.delete(&path, None).await?; let _ = client.delete(&path, None).await?;

2
src/bin/proxmox_backup_manager/acl.rs
View File

@ -60,7 +60,7 @@ pub fn acl_commands() -> CommandLineInterface {
"update", "update",
CliCommand::new(&api2::access::acl::API_METHOD_UPDATE_ACL) CliCommand::new(&api2::access::acl::API_METHOD_UPDATE_ACL)
.arg_param(&["path", "role"]) .arg_param(&["path", "role"])
.completion_cb("userid", config::user::complete_user_name) .completion_cb("auth-id", config::user::complete_authid)
.completion_cb("path", config::datastore::complete_acl_path) .completion_cb("path", config::datastore::complete_acl_path)
); );

2
src/bin/proxmox_backup_manager/mod.rs
View File

@ -14,5 +14,7 @@ mod sync;
pub use sync::*; pub use sync::*;
mod user; mod user;
pub use user::*; pub use user::*;
mod subscription;
pub use subscription::*;
mod disk; mod disk;
pub use disk::*; pub use disk::*;

55
src/bin/proxmox_backup_manager/subscription.rs Normal file
View File

@ -0,0 +1,55 @@
use anyhow::Error;
use serde_json::Value;
use proxmox::api::{api, cli::*, RpcEnvironment, ApiHandler};
use proxmox_backup::api2;
#[api(
input: {
properties: {
"output-format": {
schema: OUTPUT_FORMAT,
optional: true,
},
}
}
)]
/// Read subscription info.
fn get(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
let output_format = get_output_format(&param);
let info = &api2::node::subscription::API_METHOD_GET_SUBSCRIPTION;
let mut data = match info.handler {
ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
_ => unreachable!(),
};
let options = default_table_format_options();
format_and_print_result_full(&mut data, info.returns, &output_format, &options);
Ok(Value::Null)
}
pub fn subscription_commands() -> CommandLineInterface {
let cmd_def = CliCommandMap::new()
.insert("get", CliCommand::new(&API_METHOD_GET))
.insert("set",
CliCommand::new(&api2::node::subscription::API_METHOD_SET_SUBSCRIPTION)
.fixed_param("node", "localhost".into())
.arg_param(&["key"])
)
.insert("update",
CliCommand::new(&api2::node::subscription::API_METHOD_CHECK_SUBSCRIPTION)
.fixed_param("node", "localhost".into())
)
.insert("remove",
CliCommand::new(&api2::node::subscription::API_METHOD_DELETE_SUBSCRIPTION)
.fixed_param("node", "localhost".into())
)
;
cmd_def.into()
}

133
src/bin/proxmox_backup_manager/user.rs
View File

@ -1,11 +1,14 @@
use anyhow::Error; use anyhow::Error;
use serde_json::Value; use serde_json::Value;
use std::collections::HashMap;
use proxmox::api::{api, cli::*, RpcEnvironment, ApiHandler}; use proxmox::api::{api, cli::*, RpcEnvironment, ApiHandler};
use proxmox_backup::config; use proxmox_backup::config;
use proxmox_backup::tools; use proxmox_backup::tools;
use proxmox_backup::api2; use proxmox_backup::api2;
use proxmox_backup::api2::types::{ACL_PATH_SCHEMA, Authid, Userid};
#[api( #[api(
input: { input: {
@ -48,6 +51,106 @@ fn list_users(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Er
Ok(Value::Null) Ok(Value::Null)
} }
#[api(
input: {
properties: {
"output-format": {
schema: OUTPUT_FORMAT,
optional: true,
},
userid: {
type: Userid,
}
}
}
)]
/// List tokens associated with user.
fn list_tokens(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
let output_format = get_output_format(&param);
let info = &api2::access::user::API_METHOD_LIST_TOKENS;
let mut data = match info.handler {
ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
_ => unreachable!(),
};
let options = default_table_format_options()
.column(ColumnConfig::new("tokenid"))
.column(
ColumnConfig::new("enable")
.renderer(tools::format::render_bool_with_default_true)
)
.column(
ColumnConfig::new("expire")
.renderer(tools::format::render_epoch)
)
.column(ColumnConfig::new("comment"));
format_and_print_result_full(&mut data, info.returns, &output_format, &options);
Ok(Value::Null)
}
#[api(
input: {
properties: {
"output-format": {
schema: OUTPUT_FORMAT,
optional: true,
},
"auth-id": {
type: Authid,
},
path: {
schema: ACL_PATH_SCHEMA,
optional: true,
},
}
}
)]
/// List permissions of user/token.
fn list_permissions(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
let output_format = get_output_format(&param);
let info = &api2::access::API_METHOD_LIST_PERMISSIONS;
let mut data = match info.handler {
ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
_ => unreachable!(),
};
if output_format == "text" {
println!("Privileges with (*) have the propagate flag set\n");
let data:HashMap<String, HashMap<String, bool>> = serde_json::from_value(data)?;
let mut paths:Vec<String> = data.keys().cloned().collect();
paths.sort_unstable();
for path in paths {
println!("Path: {}", path);
let priv_map = data.get(&path).unwrap();
let mut privs:Vec<String> = priv_map.keys().cloned().collect();
if privs.is_empty() {
println!("- NoAccess");
} else {
privs.sort_unstable();
for privilege in privs {
if *priv_map.get(&privilege).unwrap() {
println!("- {} (*)", privilege);
} else {
println!("- {}", privilege);
}
}
}
}
} else {
format_and_print_result(&mut data, &output_format);
}
Ok(Value::Null)
}
pub fn user_commands() -> CommandLineInterface { pub fn user_commands() -> CommandLineInterface {
let cmd_def = CliCommandMap::new() let cmd_def = CliCommandMap::new()
@ -62,13 +165,39 @@ pub fn user_commands() -> CommandLineInterface {
"update", "update",
CliCommand::new(&api2::access::user::API_METHOD_UPDATE_USER) CliCommand::new(&api2::access::user::API_METHOD_UPDATE_USER)
.arg_param(&["userid"]) .arg_param(&["userid"])
.completion_cb("userid", config::user::complete_user_name) .completion_cb("userid", config::user::complete_userid)
) )
.insert( .insert(
"remove", "remove",
CliCommand::new(&api2::access::user::API_METHOD_DELETE_USER) CliCommand::new(&api2::access::user::API_METHOD_DELETE_USER)
.arg_param(&["userid"]) .arg_param(&["userid"])
.completion_cb("userid", config::user::complete_user_name) .completion_cb("userid", config::user::complete_userid)
)
.insert(
"list-tokens",
CliCommand::new(&&API_METHOD_LIST_TOKENS)
.arg_param(&["userid"])
.completion_cb("userid", config::user::complete_userid)
)
.insert(
"generate-token",
CliCommand::new(&api2::access::user::API_METHOD_GENERATE_TOKEN)
.arg_param(&["userid", "tokenname"])
.completion_cb("userid", config::user::complete_userid)
)
.insert(
"delete-token",
CliCommand::new(&api2::access::user::API_METHOD_DELETE_TOKEN)
.arg_param(&["userid", "tokenname"])
.completion_cb("userid", config::user::complete_userid)
.completion_cb("tokenname", config::user::complete_token_name)
)
.insert(
"permissions",
CliCommand::new(&&API_METHOD_LIST_PERMISSIONS)
.arg_param(&["auth-id"])
.completion_cb("auth-id", config::user::complete_authid)
.completion_cb("path", config::datastore::complete_acl_path)
); );
cmd_def.into() cmd_def.into()

21
src/buildcfg.rs
View File

@ -4,7 +4,26 @@
pub const CONFIGDIR: &str = "/etc/proxmox-backup"; pub const CONFIGDIR: &str = "/etc/proxmox-backup";
pub const JS_DIR: &str = "/usr/share/javascript/proxmox-backup"; pub const JS_DIR: &str = "/usr/share/javascript/proxmox-backup";
pub const API_ACCESS_LOG_FN: &str = "/var/log/proxmox-backup/api/access.log"; #[macro_export]
macro_rules! PROXMOX_BACKUP_RUN_DIR_M { () => ("/run/proxmox-backup") }
#[macro_export]
macro_rules! PROXMOX_BACKUP_LOG_DIR_M { () => ("/var/log/proxmox-backup") }
/// namespaced directory for in-memory (tmpfs) run state
pub const PROXMOX_BACKUP_RUN_DIR: &str = PROXMOX_BACKUP_RUN_DIR_M!();
/// namespaced directory for persistent logging
pub const PROXMOX_BACKUP_LOG_DIR: &str = PROXMOX_BACKUP_LOG_DIR_M!();
/// logfile for all API reuests handled by the proxy and privileged API daemons
pub const API_ACCESS_LOG_FN: &str = concat!(PROXMOX_BACKUP_LOG_DIR_M!(), "/api/access.log");
/// the PID filename for the unprivileged proxy daemon
pub const PROXMOX_BACKUP_PROXY_PID_FN: &str = concat!(PROXMOX_BACKUP_RUN_DIR_M!(), "/proxy.pid");
/// the PID filename for the privileged api daemon
pub const PROXMOX_BACKUP_API_PID_FN: &str = concat!(PROXMOX_BACKUP_RUN_DIR_M!(), "/api.pid");
/// Prepend configuration directory to a file name /// Prepend configuration directory to a file name
/// ///

25
src/client/backup_repo.rs
View File

@ -16,7 +16,7 @@ pub const BACKUP_REPO_URL: ApiStringFormat = ApiStringFormat::Pattern(&BACKUP_RE
#[derive(Debug)] #[derive(Debug)]
pub struct BackupRepository { pub struct BackupRepository {
/// The user name used for Authentication /// The user name used for Authentication
user: Option<Userid>, auth_id: Option<Authid>,
/// The host name or IP address /// The host name or IP address
host: Option<String>, host: Option<String>,
/// The port /// The port
@ -27,20 +27,29 @@ pub struct BackupRepository {
impl BackupRepository { impl BackupRepository {
pub fn new(user: Option<Userid>, host: Option<String>, port: Option<u16>, store: String) -> Self { pub fn new(auth_id: Option<Authid>, host: Option<String>, port: Option<u16>, store: String) -> Self {
let host = match host { let host = match host {
Some(host) if (IP_V6_REGEX.regex_obj)().is_match(&host) => { Some(host) if (IP_V6_REGEX.regex_obj)().is_match(&host) => {
Some(format!("[{}]", host)) Some(format!("[{}]", host))
}, },
other => other, other => other,
}; };
Self { user, host, port, store } Self { auth_id, host, port, store }
}
pub fn auth_id(&self) -> &Authid {
if let Some(ref auth_id) = self.auth_id {
return auth_id;
}
&Authid::root_auth_id()
} }
pub fn user(&self) -> &Userid { pub fn user(&self) -> &Userid {
if let Some(ref user) = self.user { if let Some(auth_id) = &self.auth_id {
return &user; return auth_id.user();
} }
Userid::root_userid() Userid::root_userid()
} }
@ -65,8 +74,8 @@ impl BackupRepository {
impl fmt::Display for BackupRepository { impl fmt::Display for BackupRepository {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match (&self.user, &self.host, self.port) { match (&self.auth_id, &self.host, self.port) {
(Some(user), _, _) => write!(f, "{}@{}:{}:{}", user, self.host(), self.port(), self.store), (Some(auth_id), _, _) => write!(f, "{}@{}:{}:{}", auth_id, self.host(), self.port(), self.store),
(None, Some(host), None) => write!(f, "{}:{}", host, self.store), (None, Some(host), None) => write!(f, "{}:{}", host, self.store),
(None, _, Some(port)) => write!(f, "{}:{}:{}", self.host(), port, self.store), (None, _, Some(port)) => write!(f, "{}:{}:{}", self.host(), port, self.store),
(None, None, None) => write!(f, "{}", self.store), (None, None, None) => write!(f, "{}", self.store),
@ -88,7 +97,7 @@ impl std::str::FromStr for BackupRepository {
.ok_or_else(|| format_err!("unable to parse repository url '{}'", url))?; .ok_or_else(|| format_err!("unable to parse repository url '{}'", url))?;
Ok(Self { Ok(Self {
user: cap.get(1).map(|m| Userid::try_from(m.as_str().to_owned())).transpose()?, auth_id: cap.get(1).map(|m| Authid::try_from(m.as_str().to_owned())).transpose()?,
host: cap.get(2).map(|m| m.as_str().to_owned()), host: cap.get(2).map(|m| m.as_str().to_owned()),
port: cap.get(3).map(|m| m.as_str().parse::<u16>()).transpose()?, port: cap.get(3).map(|m| m.as_str().parse::<u16>()).transpose()?,
store: cap[4].to_owned(), store: cap[4].to_owned(),

68
src/client/http_client.rs
View File

@ -21,7 +21,7 @@ use proxmox::{
}; };
use super::pipe_to_stream::PipeToSendStream; use super::pipe_to_stream::PipeToSendStream;
use crate::api2::types::Userid; use crate::api2::types::{Authid, Userid};
use crate::tools::{ use crate::tools::{
self, self,
BroadcastFuture, BroadcastFuture,
@ -31,7 +31,7 @@ use crate::tools::{
#[derive(Clone)] #[derive(Clone)]
pub struct AuthInfo { pub struct AuthInfo {
pub userid: Userid, pub auth_id: Authid,
pub ticket: String, pub ticket: String,
pub token: String, pub token: String,
} }
@ -102,7 +102,7 @@ pub struct HttpClient {
server: String, server: String,
port: u16, port: u16,
fingerprint: Arc<Mutex<Option<String>>>, fingerprint: Arc<Mutex<Option<String>>>,
first_auth: BroadcastFuture<()>, first_auth: Option<BroadcastFuture<()>>,
auth: Arc<RwLock<AuthInfo>>, auth: Arc<RwLock<AuthInfo>>,
ticket_abort: futures::future::AbortHandle, ticket_abort: futures::future::AbortHandle,
_options: HttpClientOptions, _options: HttpClientOptions,
@ -251,7 +251,7 @@ impl HttpClient {
pub fn new( pub fn new(
server: &str, server: &str,
port: u16, port: u16,
userid: &Userid, auth_id: &Authid,
mut options: HttpClientOptions, mut options: HttpClientOptions,
) -> Result<Self, Error> { ) -> Result<Self, Error> {
@ -311,6 +311,11 @@ impl HttpClient {
let password = if let Some(password) = password { let password = if let Some(password) = password {
password password
} else { } else {
let userid = if auth_id.is_token() {
bail!("API token secret must be provided!");
} else {
auth_id.user()
};
let mut ticket_info = None; let mut ticket_info = None;
if use_ticket_cache { if use_ticket_cache {
ticket_info = load_ticket_info(options.prefix.as_ref().unwrap(), server, userid); ticket_info = load_ticket_info(options.prefix.as_ref().unwrap(), server, userid);
@ -323,7 +328,7 @@ impl HttpClient {
}; };
let auth = Arc::new(RwLock::new(AuthInfo { let auth = Arc::new(RwLock::new(AuthInfo {
userid: userid.clone(), auth_id: auth_id.clone(),
ticket: password.clone(), ticket: password.clone(),
token: "".to_string(), token: "".to_string(),
})); }));
@ -336,14 +341,14 @@ impl HttpClient {
let renewal_future = async move { let renewal_future = async move {
loop { loop {
tokio::time::delay_for(Duration::new(60*15, 0)).await; // 15 minutes tokio::time::delay_for(Duration::new(60*15, 0)).await; // 15 minutes
let (userid, ticket) = { let (auth_id, ticket) = {
let authinfo = auth2.read().unwrap().clone(); let authinfo = auth2.read().unwrap().clone();
(authinfo.userid, authinfo.ticket) (authinfo.auth_id, authinfo.ticket)
}; };
match Self::credentials(client2.clone(), server2.clone(), port, userid, ticket).await { match Self::credentials(client2.clone(), server2.clone(), port, auth_id.user().clone(), ticket).await {
Ok(auth) => { Ok(auth) => {
if use_ticket_cache & &prefix2.is_some() { if use_ticket_cache & &prefix2.is_some() {
let _ = store_ticket_info(prefix2.as_ref().unwrap(), &server2, &auth.userid.to_string(), &auth.ticket, &auth.token); let _ = store_ticket_info(prefix2.as_ref().unwrap(), &server2, &auth.auth_id.to_string(), &auth.ticket, &auth.token);
} }
*auth2.write().unwrap() = auth; *auth2.write().unwrap() = auth;
}, },
@ -361,7 +366,7 @@ impl HttpClient {
client.clone(), client.clone(),
server.to_owned(), server.to_owned(),
port, port,
userid.to_owned(), auth_id.user().clone(),
password.to_owned(), password.to_owned(),
).map_ok({ ).map_ok({
let server = server.to_string(); let server = server.to_string();
@ -370,13 +375,20 @@ impl HttpClient {
move |auth| { move |auth| {
if use_ticket_cache & &prefix.is_some() { if use_ticket_cache & &prefix.is_some() {
let _ = store_ticket_info(prefix.as_ref().unwrap(), &server, &auth.userid.to_string(), &auth.ticket, &auth.token); let _ = store_ticket_info(prefix.as_ref().unwrap(), &server, &auth.auth_id.to_string(), &auth.ticket, &auth.token);
} }
*authinfo.write().unwrap() = auth; *authinfo.write().unwrap() = auth;
tokio::spawn(renewal_future); tokio::spawn(renewal_future);
} }
}); });
let first_auth = if auth_id.is_token() {
// TODO check access here?
None
} else {
Some(BroadcastFuture::new(Box::new(login_future)))
};
Ok(Self { Ok(Self {
client, client,
server: String::from(server), server: String::from(server),
@ -384,7 +396,7 @@ impl HttpClient {
fingerprint: verified_fingerprint, fingerprint: verified_fingerprint,
auth, auth,
ticket_abort, ticket_abort,
first_auth: BroadcastFuture::new(Box::new(login_future)), first_auth,
_options: options, _options: options,
}) })
} }
@ -394,7 +406,10 @@ impl HttpClient {
/// Login is done on demand, so this is only required if you need /// Login is done on demand, so this is only required if you need
/// access to authentication data in 'AuthInfo'. /// access to authentication data in 'AuthInfo'.
pub async fn login(&self) -> Result<AuthInfo, Error> { pub async fn login(&self) -> Result<AuthInfo, Error> {
self.first_auth.listen().await?; if let Some(future) = &self.first_auth {
future.listen().await?;
}
let authinfo = self.auth.read().unwrap(); let authinfo = self.auth.read().unwrap();
Ok(authinfo.clone()) Ok(authinfo.clone())
} }
@ -477,10 +492,14 @@ impl HttpClient {
let client = self.client.clone(); let client = self.client.clone();
let auth = self.login().await?; let auth = self.login().await?;
if auth.auth_id.is_token() {
let enc_ticket = format!("PBSAuthCookie={}", percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET)); let enc_api_token = format!("PBSAPIToken {}:{}", auth.auth_id, percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET));
req.headers_mut().insert("Cookie", HeaderValue::from_str(&enc_ticket).unwrap()); req.headers_mut().insert("Authorization", HeaderValue::from_str(&enc_api_token).unwrap());
req.headers_mut().insert("CSRFPreventionToken", HeaderValue::from_str(&auth.token).unwrap()); } else {
let enc_ticket = format!("PBSAuthCookie={}", percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET));
req.headers_mut().insert("Cookie", HeaderValue::from_str(&enc_ticket).unwrap());
req.headers_mut().insert("CSRFPreventionToken", HeaderValue::from_str(&auth.token).unwrap());
}
Self::api_request(client, req).await Self::api_request(client, req).await
} }
@ -579,11 +598,18 @@ impl HttpClient {
protocol_name: String, protocol_name: String,
) -> Result<(H2Client, futures::future::AbortHandle), Error> { ) -> Result<(H2Client, futures::future::AbortHandle), Error> {
let auth = self.login().await?;
let client = self.client.clone(); let client = self.client.clone();
let auth = self.login().await?;
if auth.auth_id.is_token() {
let enc_api_token = format!("PBSAPIToken {}:{}", auth.auth_id, percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET));
req.headers_mut().insert("Authorization", HeaderValue::from_str(&enc_api_token).unwrap());
} else {
let enc_ticket = format!("PBSAuthCookie={}", percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET));
req.headers_mut().insert("Cookie", HeaderValue::from_str(&enc_ticket).unwrap());
req.headers_mut().insert("CSRFPreventionToken", HeaderValue::from_str(&auth.token).unwrap());
}
let enc_ticket = format!("PBSAuthCookie={}", percent_encode(auth.ticket.as_bytes(), DEFAULT_ENCODE_SET));
req.headers_mut().insert("Cookie", HeaderValue::from_str(&enc_ticket).unwrap());
req.headers_mut().insert("UPGRADE", HeaderValue::from_str(&protocol_name).unwrap()); req.headers_mut().insert("UPGRADE", HeaderValue::from_str(&protocol_name).unwrap());
let resp = client.request(req).await?; let resp = client.request(req).await?;
@ -636,7 +662,7 @@ impl HttpClient {
let req = Self::request_builder(&server, port, "POST", "/api2/json/access/ticket", Some(data))?; let req = Self::request_builder(&server, port, "POST", "/api2/json/access/ticket", Some(data))?;
let cred = Self::api_request(client, req).await?; let cred = Self::api_request(client, req).await?;
let auth = AuthInfo { let auth = AuthInfo {
userid: cred["data"]["username"].as_str().unwrap().parse()?, auth_id: cred["data"]["username"].as_str().unwrap().parse()?,
ticket: cred["data"]["ticket"].as_str().unwrap().to_owned(), ticket: cred["data"]["ticket"].as_str().unwrap().to_owned(),
token: cred["data"]["CSRFPreventionToken"].as_str().unwrap().to_owned(), token: cred["data"]["CSRFPreventionToken"].as_str().unwrap().to_owned(),
}; };

10
src/client/pull.rs
View File

@ -451,7 +451,7 @@ pub async fn pull_group(
.password(Some(auth_info.ticket.clone())) .password(Some(auth_info.ticket.clone()))
.fingerprint(fingerprint.clone()); .fingerprint(fingerprint.clone());
let new_client = HttpClient::new(src_repo.host(), src_repo.port(), src_repo.user(), options)?; let new_client = HttpClient::new(src_repo.host(), src_repo.port(), src_repo.auth_id(), options)?;
let reader = BackupReader::start( let reader = BackupReader::start(
new_client, new_client,
@ -491,7 +491,7 @@ pub async fn pull_store(
src_repo: &BackupRepository, src_repo: &BackupRepository,
tgt_store: Arc<DataStore>, tgt_store: Arc<DataStore>,
delete: bool, delete: bool,
userid: Userid, auth_id: Authid,
) -> Result<(), Error> { ) -> Result<(), Error> {
// explicit create shared lock to prevent GC on newly created chunks // explicit create shared lock to prevent GC on newly created chunks
@ -524,11 +524,11 @@ pub async fn pull_store(
for (groups_done, item) in list.into_iter().enumerate() { for (groups_done, item) in list.into_iter().enumerate() {
let group = BackupGroup::new(&item.backup_type, &item.backup_id); let group = BackupGroup::new(&item.backup_type, &item.backup_id);
let (owner, _lock_guard) = tgt_store.create_locked_backup_group(&group, &userid)?; let (owner, _lock_guard) = tgt_store.create_locked_backup_group(&group, &auth_id)?;
// permission check // permission check
if userid != owner { // only the owner is allowed to create additional snapshots if auth_id != owner { // only the owner is allowed to create additional snapshots
worker.log(format!("sync group {}/{} failed - owner check failed ({} != {})", worker.log(format!("sync group {}/{} failed - owner check failed ({} != {})",
item.backup_type, item.backup_id, userid, owner)); item.backup_type, item.backup_id, auth_id, owner));
errors = true; // do not stop here, instead continue errors = true; // do not stop here, instead continue
} else if let Err(err) = pull_group( } else if let Err(err) = pull_group(

1
src/config.rs
View File

@ -21,6 +21,7 @@ pub mod datastore;
pub mod network; pub mod network;
pub mod remote; pub mod remote;
pub mod sync; pub mod sync;
pub mod token_shadow;
pub mod user; pub mod user;
pub mod verify; pub mod verify;

144
src/config/acl.rs
View File

@ -1,5 +1,5 @@
use std::io::Write; use std::io::Write;
use std::collections::{HashMap, HashSet, BTreeMap, BTreeSet}; use std::collections::{HashMap, BTreeMap, BTreeSet};
use std::path::{PathBuf, Path}; use std::path::{PathBuf, Path};
use std::sync::{Arc, RwLock}; use std::sync::{Arc, RwLock};
use std::str::FromStr; use std::str::FromStr;
@ -15,7 +15,7 @@ use proxmox::tools::{fs::replace_file, fs::CreateOptions};
use proxmox::constnamedbitmap; use proxmox::constnamedbitmap;
use proxmox::api::{api, schema::*}; use proxmox::api::{api, schema::*};
use crate::api2::types::Userid; use crate::api2::types::{Authid,Userid};
// define Privilege bitfield // define Privilege bitfield
@ -26,14 +26,23 @@ constnamedbitmap! {
PRIV_SYS_MODIFY("Sys.Modify"); PRIV_SYS_MODIFY("Sys.Modify");
PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement"); PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement");
/// Datastore.Audit allows knowing about a datastore,
/// including reading the configuration entry and listing its contents
PRIV_DATASTORE_AUDIT("Datastore.Audit"); PRIV_DATASTORE_AUDIT("Datastore.Audit");
/// Datastore.Allocate allows creating or deleting datastores
PRIV_DATASTORE_ALLOCATE("Datastore.Allocate"); PRIV_DATASTORE_ALLOCATE("Datastore.Allocate");
/// Datastore.Modify allows modifying a datastore and its contents
PRIV_DATASTORE_MODIFY("Datastore.Modify"); PRIV_DATASTORE_MODIFY("Datastore.Modify");
/// Datastore.Read allows reading arbitrary backup contents
PRIV_DATASTORE_READ("Datastore.Read"); PRIV_DATASTORE_READ("Datastore.Read");
/// Allows verifying a datastore
PRIV_DATASTORE_VERIFY("Datastore.Verify");
/// Datastore.Backup also requires backup ownership /// Datastore.Backup allows Datastore.Read|Verify and creating new snapshots,
/// but also requires backup ownership
PRIV_DATASTORE_BACKUP("Datastore.Backup"); PRIV_DATASTORE_BACKUP("Datastore.Backup");
/// Datastore.Prune also requires backup ownership /// Datastore.Prune allows deleting snapshots,
/// but also requires backup ownership
PRIV_DATASTORE_PRUNE("Datastore.Prune"); PRIV_DATASTORE_PRUNE("Datastore.Prune");
PRIV_PERMISSIONS_MODIFY("Permissions.Modify"); PRIV_PERMISSIONS_MODIFY("Permissions.Modify");
@ -41,7 +50,6 @@ constnamedbitmap! {
PRIV_REMOTE_AUDIT("Remote.Audit"); PRIV_REMOTE_AUDIT("Remote.Audit");
PRIV_REMOTE_MODIFY("Remote.Modify"); PRIV_REMOTE_MODIFY("Remote.Modify");
PRIV_REMOTE_READ("Remote.Read"); PRIV_REMOTE_READ("Remote.Read");
PRIV_REMOTE_PRUNE("Remote.Prune");
PRIV_SYS_CONSOLE("Sys.Console"); PRIV_SYS_CONSOLE("Sys.Console");
} }
@ -64,12 +72,14 @@ pub const ROLE_DATASTORE_ADMIN: u64 =
PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_AUDIT |
PRIV_DATASTORE_MODIFY | PRIV_DATASTORE_MODIFY |
PRIV_DATASTORE_READ | PRIV_DATASTORE_READ |
PRIV_DATASTORE_VERIFY |
PRIV_DATASTORE_BACKUP | PRIV_DATASTORE_BACKUP |
PRIV_DATASTORE_PRUNE; PRIV_DATASTORE_PRUNE;
/// Datastore.Reader can read datastore content an do restore /// Datastore.Reader can read/verify datastore content and do restore
pub const ROLE_DATASTORE_READER: u64 = pub const ROLE_DATASTORE_READER: u64 =
PRIV_DATASTORE_AUDIT | PRIV_DATASTORE_AUDIT |
PRIV_DATASTORE_VERIFY |
PRIV_DATASTORE_READ; PRIV_DATASTORE_READ;
/// Datastore.Backup can do backup and restore, but no prune. /// Datastore.Backup can do backup and restore, but no prune.
@ -93,14 +103,12 @@ PRIV_REMOTE_AUDIT;
pub const ROLE_REMOTE_ADMIN: u64 = pub const ROLE_REMOTE_ADMIN: u64 =
PRIV_REMOTE_AUDIT | PRIV_REMOTE_AUDIT |
PRIV_REMOTE_MODIFY | PRIV_REMOTE_MODIFY |
PRIV_REMOTE_READ | PRIV_REMOTE_READ;
PRIV_REMOTE_PRUNE;
/// Remote.SyncOperator can do read and prune on the remote. /// Remote.SyncOperator can do read and prune on the remote.
pub const ROLE_REMOTE_SYNC_OPERATOR: u64 = pub const ROLE_REMOTE_SYNC_OPERATOR: u64 =
PRIV_REMOTE_AUDIT | PRIV_REMOTE_AUDIT |
PRIV_REMOTE_READ | PRIV_REMOTE_READ;
PRIV_REMOTE_PRUNE;
pub const ROLE_NAME_NO_ACCESS: &str ="NoAccess"; pub const ROLE_NAME_NO_ACCESS: &str ="NoAccess";
@ -231,7 +239,7 @@ pub struct AclTree {
} }
pub struct AclTreeNode { pub struct AclTreeNode {
pub users: HashMap<Userid, HashMap<String, bool>>, pub users: HashMap<Authid, HashMap<String, bool>>,
pub groups: HashMap<String, HashMap<String, bool>>, pub groups: HashMap<String, HashMap<String, bool>>,
pub children: BTreeMap<String, AclTreeNode>, pub children: BTreeMap<String, AclTreeNode>,
} }
@ -246,43 +254,43 @@ impl AclTreeNode {
} }
} }
pub fn extract_roles(&self, user: &Userid, all: bool) -> HashSet<String> { pub fn extract_roles(&self, auth_id: &Authid, all: bool) -> HashMap<String, bool> {
let user_roles = self.extract_user_roles(user, all); let user_roles = self.extract_user_roles(auth_id, all);
if !user_roles.is_empty() { if !user_roles.is_empty() || auth_id.is_token() {
// user privs always override group privs // user privs always override group privs
return user_roles return user_roles
}; };
self.extract_group_roles(user, all) self.extract_group_roles(auth_id.user(), all)
} }
pub fn extract_user_roles(&self, user: &Userid, all: bool) -> HashSet<String> { pub fn extract_user_roles(&self, auth_id: &Authid, all: bool) -> HashMap<String, bool> {
let mut set = HashSet::new(); let mut map = HashMap::new();
let roles = match self.users.get(user) { let roles = match self.users.get(auth_id) {
Some(m) => m, Some(m) => m,
None => return set, None => return map,
}; };
for (role, propagate) in roles { for (role, propagate) in roles {
if *propagate || all { if *propagate || all {
if role == ROLE_NAME_NO_ACCESS { if role == ROLE_NAME_NO_ACCESS {
// return a set with a single role 'NoAccess' // return a map with a single role 'NoAccess'
let mut set = HashSet::new(); let mut map = HashMap::new();
set.insert(role.to_string()); map.insert(role.to_string(), false);
return set; return map;
} }
set.insert(role.to_string()); map.insert(role.to_string(), *propagate);
} }
} }
set map
} }
pub fn extract_group_roles(&self, _user: &Userid, all: bool) -> HashSet<String> { pub fn extract_group_roles(&self, _user: &Userid, all: bool) -> HashMap<String, bool> {
let mut set = HashSet::new(); let mut map = HashMap::new();
for (_group, roles) in &self.groups { for (_group, roles) in &self.groups {
let is_member = false; // fixme: check if user is member of the group let is_member = false; // fixme: check if user is member of the group
@ -291,17 +299,17 @@ impl AclTreeNode {
for (role, propagate) in roles { for (role, propagate) in roles {
if *propagate || all { if *propagate || all {
if role == ROLE_NAME_NO_ACCESS { if role == ROLE_NAME_NO_ACCESS {
// return a set with a single role 'NoAccess' // return a map with a single role 'NoAccess'
let mut set = HashSet::new(); let mut map = HashMap::new();
set.insert(role.to_string()); map.insert(role.to_string(), false);
return set; return map;
} }
set.insert(role.to_string()); map.insert(role.to_string(), *propagate);
} }
} }
} }
set map
} }
pub fn delete_group_role(&mut self, group: &str, role: &str) { pub fn delete_group_role(&mut self, group: &str, role: &str) {
@ -312,8 +320,8 @@ impl AclTreeNode {
roles.remove(role); roles.remove(role);
} }
pub fn delete_user_role(&mut self, userid: &Userid, role: &str) { pub fn delete_user_role(&mut self, auth_id: &Authid, role: &str) {
let roles = match self.users.get_mut(userid) { let roles = match self.users.get_mut(auth_id) {
Some(r) => r, Some(r) => r,
None => return, None => return,
}; };
@ -331,8 +339,8 @@ impl AclTreeNode {
} }
} }
pub fn insert_user_role(&mut self, user: Userid, role: String, propagate: bool) { pub fn insert_user_role(&mut self, auth_id: Authid, role: String, propagate: bool) {
let map = self.users.entry(user).or_insert_with(|| HashMap::new()); let map = self.users.entry(auth_id).or_insert_with(|| HashMap::new());
if role == ROLE_NAME_NO_ACCESS { if role == ROLE_NAME_NO_ACCESS {
map.clear(); map.clear();
map.insert(role, propagate); map.insert(role, propagate);
@ -346,7 +354,9 @@ impl AclTreeNode {
impl AclTree { impl AclTree {
pub fn new() -> Self { pub fn new() -> Self {
Self { root: AclTreeNode::new() } Self {
root: AclTreeNode::new(),
}
} }
pub fn find_node(&mut self, path: &str) -> Option<&mut AclTreeNode> { pub fn find_node(&mut self, path: &str) -> Option<&mut AclTreeNode> {
@ -383,13 +393,13 @@ impl AclTree {
node.delete_group_role(group, role); node.delete_group_role(group, role);
} }
pub fn delete_user_role(&mut self, path: &str, userid: &Userid, role: &str) { pub fn delete_user_role(&mut self, path: &str, auth_id: &Authid, role: &str) {
let path = split_acl_path(path); let path = split_acl_path(path);
let node = match self.get_node(&path) { let node = match self.get_node(&path) {
Some(n) => n, Some(n) => n,
None => return, None => return,
}; };
node.delete_user_role(userid, role); node.delete_user_role(auth_id, role);
} }
pub fn insert_group_role(&mut self, path: &str, group: &str, role: &str, propagate: bool) { pub fn insert_group_role(&mut self, path: &str, group: &str, role: &str, propagate: bool) {
@ -398,10 +408,10 @@ impl AclTree {
node.insert_group_role(group.to_string(), role.to_string(), propagate); node.insert_group_role(group.to_string(), role.to_string(), propagate);
} }
pub fn insert_user_role(&mut self, path: &str, user: &Userid, role: &str, propagate: bool) { pub fn insert_user_role(&mut self, path: &str, auth_id: &Authid, role: &str, propagate: bool) {
let path = split_acl_path(path); let path = split_acl_path(path);
let node = self.get_or_insert_node(&path); let node = self.get_or_insert_node(&path);
node.insert_user_role(user.to_owned(), role.to_string(), propagate); node.insert_user_role(auth_id.to_owned(), role.to_string(), propagate);
} }
fn write_node_config( fn write_node_config(
@ -413,18 +423,18 @@ impl AclTree {
let mut role_ug_map0 = HashMap::new(); let mut role_ug_map0 = HashMap::new();
let mut role_ug_map1 = HashMap::new(); let mut role_ug_map1 = HashMap::new();
for (user, roles) in &node.users { for (auth_id, roles) in &node.users {
// no need to save, because root is always 'Administrator' // no need to save, because root is always 'Administrator'
if user == "root@pam" { continue; } if !auth_id.is_token() && auth_id.user() == "root@pam" { continue; }
for (role, propagate) in roles { for (role, propagate) in roles {
let role = role.as_str(); let role = role.as_str();
let user = user.to_string(); let auth_id = auth_id.to_string();
if *propagate { if *propagate {
role_ug_map1.entry(role).or_insert_with(|| BTreeSet::new()) role_ug_map1.entry(role).or_insert_with(|| BTreeSet::new())
.insert(user); .insert(auth_id);
} else { } else {
role_ug_map0.entry(role).or_insert_with(|| BTreeSet::new()) role_ug_map0.entry(role).or_insert_with(|| BTreeSet::new())
.insert(user); .insert(auth_id);
} }
} }
} }
@ -512,7 +522,8 @@ impl AclTree {
bail!("expected '0' or '1' for propagate flag."); bail!("expected '0' or '1' for propagate flag.");
}; };
let path = split_acl_path(items[2]); let path_str = items[2];
let path = split_acl_path(path_str);
let node = self.get_or_insert_node(&path); let node = self.get_or_insert_node(&path);
let uglist: Vec<&str> = items[3].split(',').map(|v| v.trim()).collect(); let uglist: Vec<&str> = items[3].split(',').map(|v| v.trim()).collect();
@ -576,25 +587,26 @@ impl AclTree {
Ok(tree) Ok(tree)
} }
pub fn roles(&self, userid: &Userid, path: &[&str]) -> HashSet<String> { pub fn roles(&self, auth_id: &Authid, path: &[&str]) -> HashMap<String, bool> {
let mut node = &self.root; let mut node = &self.root;
let mut role_set = node.extract_roles(userid, path.is_empty()); let mut role_map = node.extract_roles(auth_id, path.is_empty());
for (pos, comp) in path.iter().enumerate() { for (pos, comp) in path.iter().enumerate() {
let last_comp = (pos + 1) == path.len(); let last_comp = (pos + 1) == path.len();
node = match node.children.get(*comp) { node = match node.children.get(*comp) {
Some(n) => n, Some(n) => n,
None => return role_set, // path not found None => return role_map, // path not found
}; };
let new_set = node.extract_roles(userid, last_comp);
if !new_set.is_empty() { let new_map = node.extract_roles(auth_id, last_comp);
// overwrite previous settings if !new_map.is_empty() {
role_set = new_set; // overwrite previous maptings
role_map = new_map;
} }
} }
role_set role_map
} }
} }
@ -675,22 +687,22 @@ mod test {
use anyhow::{Error}; use anyhow::{Error};
use super::AclTree; use super::AclTree;
use crate::api2::types::Userid; use crate::api2::types::Authid;
fn check_roles( fn check_roles(
tree: &AclTree, tree: &AclTree,
user: &Userid, auth_id: &Authid,
path: &str, path: &str,
expected_roles: &str, expected_roles: &str,
) { ) {
let path_vec = super::split_acl_path(path); let path_vec = super::split_acl_path(path);
let mut roles = tree.roles(user, &path_vec) let mut roles = tree.roles(auth_id, &path_vec)
.iter().map(|v| v.clone()).collect::<Vec<String>>(); .iter().map(|(v, _)| v.clone()).collect::<Vec<String>>();
roles.sort(); roles.sort();
let roles = roles.join(","); let roles = roles.join(",");
assert_eq!(roles, expected_roles, "\nat check_roles for '{}' on '{}'", user, path); assert_eq!(roles, expected_roles, "\nat check_roles for '{}' on '{}'", auth_id, path);
} }
#[test] #[test]
@ -721,13 +733,13 @@ acl:1:/storage:user1@pbs:Admin
acl:1:/storage/store1:user1@pbs:DatastoreBackup acl:1:/storage/store1:user1@pbs:DatastoreBackup
acl:1:/storage/store2:user2@pbs:DatastoreBackup acl:1:/storage/store2:user2@pbs:DatastoreBackup
"###)?; "###)?;
let user1: Userid = "user1@pbs".parse()?; let user1: Authid = "user1@pbs".parse()?;
check_roles(&tree, &user1, "/", ""); check_roles(&tree, &user1, "/", "");
check_roles(&tree, &user1, "/storage", "Admin"); check_roles(&tree, &user1, "/storage", "Admin");
check_roles(&tree, &user1, "/storage/store1", "DatastoreBackup"); check_roles(&tree, &user1, "/storage/store1", "DatastoreBackup");
check_roles(&tree, &user1, "/storage/store2", "Admin"); check_roles(&tree, &user1, "/storage/store2", "Admin");
let user2: Userid = "user2@pbs".parse()?; let user2: Authid = "user2@pbs".parse()?;
check_roles(&tree, &user2, "/", ""); check_roles(&tree, &user2, "/", "");
check_roles(&tree, &user2, "/storage", ""); check_roles(&tree, &user2, "/storage", "");
check_roles(&tree, &user2, "/storage/store1", ""); check_roles(&tree, &user2, "/storage/store1", "");
@ -744,7 +756,7 @@ acl:1:/:user1@pbs:Admin
acl:1:/storage:user1@pbs:NoAccess acl:1:/storage:user1@pbs:NoAccess
acl:1:/storage/store1:user1@pbs:DatastoreBackup acl:1:/storage/store1:user1@pbs:DatastoreBackup
"###)?; "###)?;
let user1: Userid = "user1@pbs".parse()?; let user1: Authid = "user1@pbs".parse()?;
check_roles(&tree, &user1, "/", "Admin"); check_roles(&tree, &user1, "/", "Admin");
check_roles(&tree, &user1, "/storage", "NoAccess"); check_roles(&tree, &user1, "/storage", "NoAccess");
check_roles(&tree, &user1, "/storage/store1", "DatastoreBackup"); check_roles(&tree, &user1, "/storage/store1", "DatastoreBackup");
@ -770,7 +782,7 @@ acl:1:/storage/store1:user1@pbs:DatastoreBackup
let mut tree = AclTree::new(); let mut tree = AclTree::new();
let user1: Userid = "user1@pbs".parse()?; let user1: Authid = "user1@pbs".parse()?;
tree.insert_user_role("/", &user1, "Admin", true); tree.insert_user_role("/", &user1, "Admin", true);
tree.insert_user_role("/", &user1, "Audit", true); tree.insert_user_role("/", &user1, "Audit", true);
@ -794,7 +806,7 @@ acl:1:/storage/store1:user1@pbs:DatastoreBackup
let mut tree = AclTree::new(); let mut tree = AclTree::new();
let user1: Userid = "user1@pbs".parse()?; let user1: Authid = "user1@pbs".parse()?;
tree.insert_user_role("/storage", &user1, "NoAccess", true); tree.insert_user_role("/storage", &user1, "NoAccess", true);

88
src/config/cached_user_info.rs
View File

@ -9,10 +9,10 @@ use lazy_static::lazy_static;
use proxmox::api::UserInformation; use proxmox::api::UserInformation;
use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN}; use super::acl::{AclTree, ROLE_NAMES, ROLE_ADMIN};
use super::user::User; use super::user::{ApiToken, User};
use crate::api2::types::Userid; use crate::api2::types::{Authid, Userid};
/// Cache User/Group/Acl configuration data for fast permission tests /// Cache User/Group/Token/Acl configuration data for fast permission tests
pub struct CachedUserInfo { pub struct CachedUserInfo {
user_cfg: Arc<SectionConfigData>, user_cfg: Arc<SectionConfigData>,
acl_tree: Arc<AclTree>, acl_tree: Arc<AclTree>,
@ -57,8 +57,18 @@ impl CachedUserInfo {
Ok(config) Ok(config)
} }
/// Test if a user account is enabled and not expired #[cfg(test)]
pub fn is_active_user(&self, userid: &Userid) -> bool { pub(crate) fn test_new(user_cfg: SectionConfigData, acl_tree: AclTree) -> Self {
Self {
user_cfg: Arc::new(user_cfg),
acl_tree: Arc::new(acl_tree),
}
}
/// Test if a authentication id is enabled and not expired
pub fn is_active_auth_id(&self, auth_id: &Authid) -> bool {
let userid = auth_id.user();
if let Ok(info) = self.user_cfg.lookup::<User>("user", userid.as_str()) { if let Ok(info) = self.user_cfg.lookup::<User>("user", userid.as_str()) {
if !info.enable.unwrap_or(true) { if !info.enable.unwrap_or(true) {
return false; return false;
@ -68,24 +78,41 @@ impl CachedUserInfo {
return false; return false;
} }
} }
return true;
} else { } else {
return false; return false;
} }
if auth_id.is_token() {
if let Ok(info) = self.user_cfg.lookup::<ApiToken>("token", &auth_id.to_string()) {
if !info.enable.unwrap_or(true) {
return false;
}
if let Some(expire) = info.expire {
if expire > 0 && expire <= now() {
return false;
}
}
return true;
} else {
return false;
}
}
return true;
} }
pub fn check_privs( pub fn check_privs(
&self, &self,
userid: &Userid, auth_id: &Authid,
path: &[&str], path: &[&str],
required_privs: u64, required_privs: u64,
partial: bool, partial: bool,
) -> Result<(), Error> { ) -> Result<(), Error> {
let user_privs = self.lookup_privs(&userid, path); let privs = self.lookup_privs(&auth_id, path);
let allowed = if partial { let allowed = if partial {
(user_privs & required_privs) != 0 (privs & required_privs) != 0
} else { } else {
(user_privs & required_privs) == required_privs (privs & required_privs) == required_privs
}; };
if !allowed { if !allowed {
// printing the path doesn't leaks any information as long as we // printing the path doesn't leaks any information as long as we
@ -95,29 +122,48 @@ impl CachedUserInfo {
Ok(()) Ok(())
} }
pub fn is_superuser(&self, userid: &Userid) -> bool { pub fn is_superuser(&self, auth_id: &Authid) -> bool {
userid == "root@pam" !auth_id.is_token() && auth_id.user() == "root@pam"
} }
pub fn is_group_member(&self, _userid: &Userid, _group: &str) -> bool { pub fn is_group_member(&self, _userid: &Userid, _group: &str) -> bool {
false false
} }
pub fn lookup_privs(&self, userid: &Userid, path: &[&str]) -> u64 { pub fn lookup_privs(&self, auth_id: &Authid, path: &[&str]) -> u64 {
let (privs, _) = self.lookup_privs_details(auth_id, path);
privs
}
if self.is_superuser(userid) { pub fn lookup_privs_details(&self, auth_id: &Authid, path: &[&str]) -> (u64, u64) {
return ROLE_ADMIN; if self.is_superuser(auth_id) {
return (ROLE_ADMIN, ROLE_ADMIN);
} }
let roles = self.acl_tree.roles(userid, path); let roles = self.acl_tree.roles(auth_id, path);
let mut privs: u64 = 0; let mut privs: u64 = 0;
for role in roles { let mut propagated_privs: u64 = 0;
for (role, propagate) in roles {
if let Some((role_privs, _)) = ROLE_NAMES.get(role.as_str()) { if let Some((role_privs, _)) = ROLE_NAMES.get(role.as_str()) {
if propagate {
propagated_privs |= role_privs;
}
privs |= role_privs; privs |= role_privs;
} }
} }
privs
if auth_id.is_token() {
// limit privs to that of owning user
let user_auth_id = Authid::from(auth_id.user().clone());
privs &= self.lookup_privs(&user_auth_id, path);
let (owner_privs, owner_propagated_privs) = self.lookup_privs_details(&user_auth_id, path);
privs &= owner_privs;
propagated_privs &= owner_propagated_privs;
}
(privs, propagated_privs)
} }
} }
impl UserInformation for CachedUserInfo { impl UserInformation for CachedUserInfo {
@ -129,9 +175,9 @@ impl UserInformation for CachedUserInfo {
false false
} }
fn lookup_privs(&self, userid: &str, path: &[&str]) -> u64 { fn lookup_privs(&self, auth_id: &str, path: &[&str]) -> u64 {
match userid.parse::<Userid>() { match auth_id.parse::<Authid>() {
Ok(userid) => Self::lookup_privs(self, &userid, path), Ok(auth_id) => Self::lookup_privs(self, &auth_id, path),
Err(_) => 0, Err(_) => 0,
} }
} }

59
src/config/network/helper.rs
View File

@ -57,38 +57,57 @@ lazy_static! {
} }
pub fn parse_cidr(cidr: &str) -> Result<(String, u8, bool), Error> { pub fn parse_cidr(cidr: &str) -> Result<(String, u8, bool), Error> {
let (address, mask, is_v6) = parse_address_or_cidr(cidr)?;
if let Some(mask) = mask {
return Ok((address, mask, is_v6));
} else {
bail!("missing netmask in '{}'", cidr);
}
}
pub fn check_netmask(mask: u8, is_v6: bool) -> Result<(), Error> {
if is_v6 {
if !(mask >= 1 && mask <= 128) {
bail!("IPv6 mask '{}' is out of range (1..128).", mask);
}
} else {
if !(mask > 0 && mask <= 32) {
bail!("IPv4 mask '{}' is out of range (1..32).", mask);
}
}
Ok(())
}
// parse ip address with otional cidr mask
pub fn parse_address_or_cidr(cidr: &str) -> Result<(String, Option<u8>, bool), Error> {
lazy_static! { lazy_static! {
pub static ref CIDR_V4_REGEX: Regex = Regex::new( pub static ref CIDR_V4_REGEX: Regex = Regex::new(
concat!(r"^(", IPV4RE!(), r")(?:/(\d{1,2}))$") concat!(r"^(", IPV4RE!(), r")(?:/(\d{1,2}))?$")
).unwrap(); ).unwrap();
pub static ref CIDR_V6_REGEX: Regex = Regex::new( pub static ref CIDR_V6_REGEX: Regex = Regex::new(
concat!(r"^(", IPV6RE!(), r")(?:/(\d{1,3}))$") concat!(r"^(", IPV6RE!(), r")(?:/(\d{1,3}))?$")
).unwrap(); ).unwrap();
} }
if let Some(caps) = CIDR_V4_REGEX.captures(&cidr) { if let Some(caps) = CIDR_V4_REGEX.captures(&cidr) {
let address = &caps[1]; let address = &caps[1];
let mask = &caps[2]; if let Some(mask) = caps.get(2) {
let mask = u8::from_str_radix(mask, 10) let mask = u8::from_str_radix(mask.as_str(), 10)?;
.map(|mask| { check_netmask(mask, false)?;
if !(mask > 0 && mask <= 32) { return Ok((address.to_string(), Some(mask), false));
bail!("IPv4 mask '{}' is out of range (1..32).", mask); } else {
} return Ok((address.to_string(), None, false));
Ok(mask) }
})?;
return Ok((address.to_string(), mask.unwrap(), false));
} else if let Some(caps) = CIDR_V6_REGEX.captures(&cidr) { } else if let Some(caps) = CIDR_V6_REGEX.captures(&cidr) {
let address = &caps[1]; let address = &caps[1];
let mask = &caps[2]; if let Some(mask) = caps.get(2) {
let mask = u8::from_str_radix(mask, 10) let mask = u8::from_str_radix(mask.as_str(), 10)?;
.map(|mask| { check_netmask(mask, true)?;
if !(mask >= 1 && mask <= 128) { return Ok((address.to_string(), Some(mask), true));
bail!("IPv6 mask '{}' is out of range (1..128).", mask); } else {
} return Ok((address.to_string(), None, true));
Ok(mask) }
})?;
return Ok((address.to_string(), mask.unwrap(), true));
} else { } else {
bail!("invalid address/mask '{}'", cidr); bail!("invalid address/mask '{}'", cidr);
} }

79
src/config/network/parser.rs
View File

@ -86,20 +86,35 @@ impl <R: BufRead> NetworkParser<R> {
Ok(()) Ok(())
} }
fn parse_iface_address(&mut self, interface: &mut Interface) -> Result<(), Error> { fn parse_netmask(&mut self) -> Result<u8, Error> {
self.eat(Token::Address)?; self.eat(Token::Netmask)?;
let cidr = self.next_text()?; let netmask = self.next_text()?;
let (_address, _mask, ipv6) = parse_cidr(&cidr)?; let mask = if let Some(mask) = IPV4_MASK_HASH_LOCALNET.get(netmask.as_str()) {
if ipv6 { *mask
interface.set_cidr_v6(cidr)?;
} else { } else {
interface.set_cidr_v4(cidr)?; match u8::from_str_radix(netmask.as_str(), 10) {
} Ok(mask) => mask,
Err(err) => {
bail!("unable to parse netmask '{}' - {}", netmask, err);
}
}
};
self.eat(Token::Newline)?; self.eat(Token::Newline)?;
Ok(()) Ok(mask)
}
fn parse_iface_address(&mut self) -> Result<(String, Option<u8>, bool), Error> {
self.eat(Token::Address)?;
let cidr = self.next_text()?;
let (_address, mask, ipv6) = parse_address_or_cidr(&cidr)?;
self.eat(Token::Newline)?;
Ok((cidr, mask, ipv6))
} }
fn parse_iface_gateway(&mut self, interface: &mut Interface) -> Result<(), Error> { fn parse_iface_gateway(&mut self, interface: &mut Interface) -> Result<(), Error> {
@ -191,6 +206,9 @@ impl <R: BufRead> NetworkParser<R> {
address_family_v6: bool, address_family_v6: bool,
) -> Result<(), Error> { ) -> Result<(), Error> {
let mut netmask = None;
let mut address_list = Vec::new();
loop { loop {
match self.peek()? { match self.peek()? {
Token::Attribute => { self.eat(Token::Attribute)?; }, Token::Attribute => { self.eat(Token::Attribute)?; },
@ -214,8 +232,15 @@ impl <R: BufRead> NetworkParser<R> {
} }
match self.peek()? { match self.peek()? {
Token::Address => self.parse_iface_address(interface)?, Token::Address => {
let (cidr, mask, is_v6) = self.parse_iface_address()?;
address_list.push((cidr, mask, is_v6));
}
Token::Gateway => self.parse_iface_gateway(interface)?, Token::Gateway => self.parse_iface_gateway(interface)?,
Token::Netmask => {
//Note: netmask is deprecated, but we try to do our best
netmask = Some(self.parse_netmask()?);
}
Token::MTU => { Token::MTU => {
let mtu = self.parse_iface_mtu()?; let mtu = self.parse_iface_mtu()?;
interface.mtu = Some(mtu); interface.mtu = Some(mtu);
@ -255,8 +280,6 @@ impl <R: BufRead> NetworkParser<R> {
interface.bond_xmit_hash_policy = Some(policy); interface.bond_xmit_hash_policy = Some(policy);
self.eat(Token::Newline)?; self.eat(Token::Newline)?;
} }
Token::Netmask => bail!("netmask is deprecated and no longer supported"),
_ => { // parse addon attributes _ => { // parse addon attributes
let option = self.parse_to_eol()?; let option = self.parse_to_eol()?;
if !option.is_empty() { if !option.is_empty() {
@ -270,6 +293,38 @@ impl <R: BufRead> NetworkParser<R> {
} }
} }
if let Some(netmask) = netmask {
if address_list.len() > 1 {
bail!("unable to apply netmask to multiple addresses (please use cidr notation)");
} else if address_list.len() == 1 {
let (mut cidr, mask, is_v6) = address_list.pop().unwrap();
if mask.is_some() {
// address already has a mask - ignore netmask
} else {
check_netmask(netmask, is_v6)?;
cidr.push_str(&format!("/{}", netmask));
}
if is_v6 {
interface.set_cidr_v6(cidr)?;
} else {
interface.set_cidr_v4(cidr)?;
}
} else {
// no address - simply ignore useless netmask
}
} else {
for (cidr, mask, is_v6) in address_list {
if mask.is_none() {
bail!("missing netmask in '{}'", cidr);
}
if is_v6 {
interface.set_cidr_v6(cidr)?;
} else {
interface.set_cidr_v4(cidr)?;
}
}
}
Ok(()) Ok(())
} }

4
src/config/remote.rs
View File

@ -45,7 +45,7 @@ pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth t
type: u16, type: u16,
}, },
userid: { userid: {
type: Userid, type: Authid,
}, },
password: { password: {
schema: REMOTE_PASSWORD_SCHEMA, schema: REMOTE_PASSWORD_SCHEMA,
@ -65,7 +65,7 @@ pub struct Remote {
pub host: String, pub host: String,
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
pub port: Option<u16>, pub port: Option<u16>,
pub userid: Userid, pub userid: Authid,
#[serde(skip_serializing_if="String::is_empty")] #[serde(skip_serializing_if="String::is_empty")]
#[serde(with = "proxmox::tools::serde::string_as_base64")] #[serde(with = "proxmox::tools::serde::string_as_base64")]
pub password: String, pub password: String,

30
src/config/sync.rs
View File

@ -21,7 +21,6 @@ lazy_static! {
static ref CONFIG: SectionConfig = init(); static ref CONFIG: SectionConfig = init();
} }
#[api( #[api(
properties: { properties: {
id: { id: {
@ -30,6 +29,10 @@ lazy_static! {
store: { store: {
schema: DATASTORE_SCHEMA, schema: DATASTORE_SCHEMA,
}, },
"owner": {
type: Authid,
optional: true,
},
remote: { remote: {
schema: REMOTE_ID_SCHEMA, schema: REMOTE_ID_SCHEMA,
}, },
@ -51,11 +54,13 @@ lazy_static! {
} }
)] )]
#[serde(rename_all="kebab-case")] #[serde(rename_all="kebab-case")]
#[derive(Serialize,Deserialize)] #[derive(Serialize,Deserialize,Clone)]
/// Sync Job /// Sync Job
pub struct SyncJobConfig { pub struct SyncJobConfig {
pub id: String, pub id: String,
pub store: String, pub store: String,
#[serde(skip_serializing_if="Option::is_none")]
pub owner: Option<Authid>,
pub remote: String, pub remote: String,
pub remote_store: String, pub remote_store: String,
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
@ -66,6 +71,21 @@ pub struct SyncJobConfig {
pub schedule: Option<String>, pub schedule: Option<String>,
} }
impl From<&SyncJobStatus> for SyncJobConfig {
fn from(job_status: &SyncJobStatus) -> Self {
Self {
id: job_status.id.clone(),
store: job_status.store.clone(),
owner: job_status.owner.clone(),
remote: job_status.remote.clone(),
remote_store: job_status.remote_store.clone(),
remove_vanished: job_status.remove_vanished.clone(),
comment: job_status.comment.clone(),
schedule: job_status.schedule.clone(),
}
}
}
// FIXME: generate duplicate schemas/structs from one listing? // FIXME: generate duplicate schemas/structs from one listing?
#[api( #[api(
properties: { properties: {
@ -75,6 +95,10 @@ pub struct SyncJobConfig {
store: { store: {
schema: DATASTORE_SCHEMA, schema: DATASTORE_SCHEMA,
}, },
owner: {
type: Authid,
optional: true,
},
remote: { remote: {
schema: REMOTE_ID_SCHEMA, schema: REMOTE_ID_SCHEMA,
}, },
@ -121,6 +145,8 @@ pub struct SyncJobConfig {
pub struct SyncJobStatus { pub struct SyncJobStatus {
pub id: String, pub id: String,
pub store: String, pub store: String,
#[serde(skip_serializing_if="Option::is_none")]
pub owner: Option<Authid>,
pub remote: String, pub remote: String,
pub remote_store: String, pub remote_store: String,
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]

91
src/config/token_shadow.rs Normal file
View File

@ -0,0 +1,91 @@
use std::collections::HashMap;
use std::time::Duration;
use anyhow::{bail, format_err, Error};
use serde::{Serialize, Deserialize};
use serde_json::{from_value, Value};
use proxmox::tools::fs::{open_file_locked, CreateOptions};
use crate::api2::types::Authid;
use crate::auth;
const LOCK_FILE: &str = configdir!("/token.shadow.lock");
const CONF_FILE: &str = configdir!("/token.shadow");
const LOCK_TIMEOUT: Duration = Duration::from_secs(5);
#[serde(rename_all="kebab-case")]
#[derive(Serialize, Deserialize)]
/// ApiToken id / secret pair
pub struct ApiTokenSecret {
pub tokenid: Authid,
pub secret: String,
}
fn read_file() -> Result<HashMap<Authid, String>, Error> {
let json = proxmox::tools::fs::file_get_json(CONF_FILE, Some(Value::Null))?;
if json == Value::Null {
Ok(HashMap::new())
} else {
// swallow serde error which might contain sensitive data
from_value(json).map_err(|_err| format_err!("unable to parse '{}'", CONF_FILE))
}
}
fn write_file(data: HashMap<Authid, String>) -> Result<(), Error> {
let backup_user = crate::backup::backup_user()?;
let options = CreateOptions::new()
.perm(nix::sys::stat::Mode::from_bits_truncate(0o0640))
.owner(backup_user.uid)
.group(backup_user.gid);
let json = serde_json::to_vec(&data)?;
proxmox::tools::fs::replace_file(CONF_FILE, &json, options)
}
/// Verifies that an entry for given tokenid / API token secret exists
pub fn verify_secret(tokenid: &Authid, secret: &str) -> Result<(), Error> {
if !tokenid.is_token() {
bail!("not an API token ID");
}
let data = read_file()?;
match data.get(tokenid) {
Some(hashed_secret) => {
auth::verify_crypt_pw(secret, &hashed_secret)
},
None => bail!("invalid API token"),
}
}
/// Adds a new entry for the given tokenid / API token secret. The secret is stored as salted hash.
pub fn set_secret(tokenid: &Authid, secret: &str) -> Result<(), Error> {
if !tokenid.is_token() {
bail!("not an API token ID");
}
let _guard = open_file_locked(LOCK_FILE, LOCK_TIMEOUT, true)?;
let mut data = read_file()?;
let hashed_secret = auth::encrypt_pw(secret)?;
data.insert(tokenid.clone(), hashed_secret);
write_file(data)?;
Ok(())
}
/// Deletes the entry for the given tokenid.
pub fn delete_secret(tokenid: &Authid) -> Result<(), Error> {
if !tokenid.is_token() {
bail!("not an API token ID");
}
let _guard = open_file_locked(LOCK_FILE, LOCK_TIMEOUT, true)?;
let mut data = read_file()?;
data.remove(tokenid);
write_file(data)?;
Ok(())
}

108
src/config/user.rs
View File

@ -52,6 +52,36 @@ pub const EMAIL_SCHEMA: Schema = StringSchema::new("E-Mail Address.")
.max_length(64) .max_length(64)
.schema(); .schema();
#[api(
properties: {
tokenid: {
schema: PROXMOX_TOKEN_ID_SCHEMA,
},
comment: {
optional: true,
schema: SINGLE_LINE_COMMENT_SCHEMA,
},
enable: {
optional: true,
schema: ENABLE_USER_SCHEMA,
},
expire: {
optional: true,
schema: EXPIRE_USER_SCHEMA,
},
}
)]
#[derive(Serialize,Deserialize)]
/// ApiToken properties.
pub struct ApiToken {
pub tokenid: Authid,
#[serde(skip_serializing_if="Option::is_none")]
pub comment: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub enable: Option<bool>,
#[serde(skip_serializing_if="Option::is_none")]
pub expire: Option<i64>,
}
#[api( #[api(
properties: { properties: {
@ -103,15 +133,21 @@ pub struct User {
} }
fn init() -> SectionConfig { fn init() -> SectionConfig {
let obj_schema = match User::API_SCHEMA { let mut config = SectionConfig::new(&Authid::API_SCHEMA);
Schema::Object(ref obj_schema) => obj_schema,
let user_schema = match User::API_SCHEMA {
Schema::Object(ref user_schema) => user_schema,
_ => unreachable!(), _ => unreachable!(),
}; };
let user_plugin = SectionConfigPlugin::new("user".to_string(), Some("userid".to_string()), user_schema);
config.register_plugin(user_plugin);
let plugin = SectionConfigPlugin::new("user".to_string(), Some("userid".to_string()), obj_schema); let token_schema = match ApiToken::API_SCHEMA {
let mut config = SectionConfig::new(&Userid::API_SCHEMA); Schema::Object(ref token_schema) => token_schema,
_ => unreachable!(),
config.register_plugin(plugin); };
let token_plugin = SectionConfigPlugin::new("token".to_string(), Some("tokenid".to_string()), token_schema);
config.register_plugin(token_plugin);
config config
} }
@ -205,10 +241,66 @@ pub fn save_config(config: &SectionConfigData) -> Result<(), Error> {
Ok(()) Ok(())
} }
#[cfg(test)]
pub(crate) fn test_cfg_from_str(raw: &str) -> Result<(SectionConfigData, [u8;32]), Error> {
let cfg = init();
let parsed = cfg.parse("test_user_cfg", raw)?;
Ok((parsed, [0;32]))
}
// shell completion helper // shell completion helper
pub fn complete_user_name(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> { pub fn complete_userid(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
match config() { match config() {
Ok((data, _digest)) => data.sections.iter().map(|(id, _)| id.to_string()).collect(), Ok((data, _digest)) => {
data.sections.iter()
.filter_map(|(id, (section_type, _))| {
if section_type == "user" {
Some(id.to_string())
} else {
None
}
}).collect()
},
Err(_) => return vec![], Err(_) => return vec![],
} }
} }
// shell completion helper
pub fn complete_authid(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
match config() {
Ok((data, _digest)) => data.sections.iter().map(|(id, _)| id.to_string()).collect(),
Err(_) => vec![],
}
}
// shell completion helper
pub fn complete_token_name(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
let data = match config() {
Ok((data, _digest)) => data,
Err(_) => return Vec::new(),
};
match param.get("userid") {
Some(userid) => {
let user = data.lookup::<User>("user", userid);
let tokens = data.convert_to_typed_array("token");
match (user, tokens) {
(Ok(_), Ok(tokens)) => {
tokens
.into_iter()
.filter_map(|token: ApiToken| {
let tokenid = token.tokenid;
if tokenid.is_token() && tokenid.user() == userid {
Some(tokenid.tokenname().unwrap().as_str().to_string())
} else {
None
}
}).collect()
},
_ => vec![],
}
},
None => vec![],
}
}

2
src/pxar/catalog.rs
View File

@ -9,7 +9,7 @@ use std::ffi::CStr;
pub trait BackupCatalogWriter { pub trait BackupCatalogWriter {
fn start_directory(&mut self, name: &CStr) -> Result<(), Error>; fn start_directory(&mut self, name: &CStr) -> Result<(), Error>;
fn end_directory(&mut self) -> Result<(), Error>; fn end_directory(&mut self) -> Result<(), Error>;
fn add_file(&mut self, name: &CStr, size: u64, mtime: u64) -> Result<(), Error>; fn add_file(&mut self, name: &CStr, size: u64, mtime: i64) -> Result<(), Error>;
fn add_symlink(&mut self, name: &CStr) -> Result<(), Error>; fn add_symlink(&mut self, name: &CStr) -> Result<(), Error>;
fn add_hardlink(&mut self, name: &CStr) -> Result<(), Error>; fn add_hardlink(&mut self, name: &CStr) -> Result<(), Error>;
fn add_block_device(&mut self, name: &CStr) -> Result<(), Error>; fn add_block_device(&mut self, name: &CStr) -> Result<(), Error>;

2
src/pxar/create.rs
View File

@ -535,7 +535,7 @@ impl<'a, 'b> Archiver<'a, 'b> {
let file_size = stat.st_size as u64; let file_size = stat.st_size as u64;
if let Some(ref mut catalog) = self.catalog { if let Some(ref mut catalog) = self.catalog {
catalog.add_file(c_file_name, file_size, stat.st_mtime as u64)?; catalog.add_file(c_file_name, file_size, stat.st_mtime)?;
} }
let offset: LinkOffset = let offset: LinkOffset =

50
src/server.rs
View File

@ -4,6 +4,47 @@
//! services. We want async IO, so this is built on top of //! services. We want async IO, so this is built on top of
//! tokio/hyper. //! tokio/hyper.
use anyhow::{format_err, Error};
use lazy_static::lazy_static;
use nix::unistd::Pid;
use proxmox::sys::linux::procfs::PidStat;
use crate::buildcfg;
lazy_static! {
static ref PID: i32 = unsafe { libc::getpid() };
static ref PSTART: u64 = PidStat::read_from_pid(Pid::from_raw(*PID)).unwrap().starttime;
}
pub fn pid() -> i32 {
*PID
}
pub fn pstart() -> u64 {
*PSTART
}
pub fn write_pid(pid_fn: &str) -> Result<(), Error> {
let pid_str = format!("{}\n", *PID);
let opts = proxmox::tools::fs::CreateOptions::new();
proxmox::tools::fs::replace_file(pid_fn, pid_str.as_bytes(), opts)
}
pub fn read_pid(pid_fn: &str) -> Result<i32, Error> {
let pid = proxmox::tools::fs::file_get_contents(pid_fn)?;
let pid = std::str::from_utf8(&pid)?.trim();
pid.parse().map_err(|err| format_err!("could not parse pid - {}", err))
}
pub fn ctrl_sock_from_pid(pid: i32) -> String {
format!("\0{}/control-{}.sock", buildcfg::PROXMOX_BACKUP_RUN_DIR, pid)
}
pub fn our_ctrl_sock() -> String {
ctrl_sock_from_pid(*PID)
}
mod environment; mod environment;
pub use environment::*; pub use environment::*;
@ -35,5 +76,14 @@ pub mod jobstate;
mod verify_job; mod verify_job;
pub use verify_job::*; pub use verify_job::*;
mod prune_job;
pub use prune_job::*;
mod gc_job;
pub use gc_job::*;
mod email_notifications; mod email_notifications;
pub use email_notifications::*; pub use email_notifications::*;
mod report;
pub use report::*;

89
src/server/command_socket.rs
View File

@ -1,17 +1,17 @@
use anyhow::{bail, format_err, Error}; use anyhow::{bail, format_err, Error};
use futures::*; use std::collections::HashMap;
use tokio::net::UnixListener;
use std::path::PathBuf;
use serde_json::Value;
use std::sync::Arc;
use std::os::unix::io::AsRawFd; use std::os::unix::io::AsRawFd;
use std::path::PathBuf;
use std::sync::Arc;
use futures::*;
use tokio::net::UnixListener;
use serde_json::Value;
use nix::sys::socket; use nix::sys::socket;
/// Listens on a Unix Socket to handle simple command asynchronously /// Listens on a Unix Socket to handle simple command asynchronously
pub fn create_control_socket<P, F>(path: P, func: F) -> Result<impl Future<Output = ()>, Error> fn create_control_socket<P, F>(path: P, func: F) -> Result<impl Future<Output = ()>, Error>
where where
P: Into<PathBuf>, P: Into<PathBuf>,
F: Fn(Value) -> Result<Value, Error> + Send + Sync + 'static, F: Fn(Value) -> Result<Value, Error> + Send + Sync + 'static,
@ -140,3 +140,76 @@ pub async fn send_command<P>(
} }
}).await }).await
} }
/// A callback for a specific commando socket.
pub type CommandoSocketFn = Box<(dyn Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static)>;
/// Tooling to get a single control command socket where one can register multiple commands
/// dynamically.
/// You need to call `spawn()` to make the socket active.
pub struct CommandoSocket {
socket: PathBuf,
commands: HashMap<String, CommandoSocketFn>,
}
impl CommandoSocket {
pub fn new<P>(path: P) -> Self
where P: Into<PathBuf>,
{
CommandoSocket {
socket: path.into(),
commands: HashMap::new(),
}
}
/// Spawn the socket and consume self, meaning you cannot register commands anymore after
/// calling this.
pub fn spawn(self) -> Result<(), Error> {
let control_future = create_control_socket(self.socket.to_owned(), move |param| {
let param = param
.as_object()
.ok_or_else(|| format_err!("unable to parse parameters (expected json object)"))?;
let command = match param.get("command") {
Some(Value::String(command)) => command.as_str(),
None => bail!("no command"),
_ => bail!("unable to parse command"),
};
if !self.commands.contains_key(command) {
bail!("got unknown command '{}'", command);
}
match self.commands.get(command) {
None => bail!("got unknown command '{}'", command),
Some(handler) => {
let args = param.get("args"); //.unwrap_or(&Value::Null);
(handler)(args)
},
}
})?;
tokio::spawn(control_future);
Ok(())
}
/// Register a new command with a callback.
pub fn register_command<F>(
&mut self,
command: String,
handler: F,
) -> Result<(), Error>
where
F: Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static,
{
if self.commands.contains_key(&command) {
bail!("command '{}' already exists!", command);
}
self.commands.insert(command, Box::new(handler));
Ok(())
}
}

22
src/server/config.rs
View File

@ -2,7 +2,7 @@ use std::collections::HashMap;
use std::path::PathBuf; use std::path::PathBuf;
use std::time::SystemTime; use std::time::SystemTime;
use std::fs::metadata; use std::fs::metadata;
use std::sync::{Mutex, RwLock}; use std::sync::{Arc, Mutex, RwLock};
use anyhow::{bail, Error, format_err}; use anyhow::{bail, Error, format_err};
use hyper::Method; use hyper::Method;
@ -21,7 +21,7 @@ pub struct ApiConfig {
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
templates: RwLock<Handlebars<'static>>, templates: RwLock<Handlebars<'static>>,
template_files: RwLock<HashMap<String, (SystemTime, PathBuf)>>, template_files: RwLock<HashMap<String, (SystemTime, PathBuf)>>,
request_log: Option<Mutex<FileLogger>>, request_log: Option<Arc<Mutex<FileLogger>>>,
} }
impl ApiConfig { impl ApiConfig {
@ -124,7 +124,11 @@ impl ApiConfig {
} }
} }
pub fn enable_file_log<P>(&mut self, path: P) -> Result<(), Error> pub fn enable_file_log<P>(
&mut self,
path: P,
commando_sock: &mut super::CommandoSocket,
) -> Result<(), Error>
where where
P: Into<PathBuf> P: Into<PathBuf>
{ {
@ -142,11 +146,19 @@ impl ApiConfig {
owned_by_backup: true, owned_by_backup: true,
..Default::default() ..Default::default()
}; };
self.request_log = Some(Mutex::new(FileLogger::new(&path, logger_options)?)); let request_log = Arc::new(Mutex::new(FileLogger::new(&path, logger_options)?));
self.request_log = Some(Arc::clone(&request_log));
commando_sock.register_command("api-access-log-reopen".into(), move |_args| {
println!("re-opening log file");
request_log.lock().unwrap().reopen()?;
Ok(serde_json::Value::Null)
})?;
Ok(()) Ok(())
} }
pub fn get_file_log(&self) -> Option<&Mutex<FileLogger>> {
pub fn get_file_log(&self) -> Option<&Arc<Mutex<FileLogger>>> {
self.request_log.as_ref() self.request_log.as_ref()
} }
} }

218
src/server/email_notifications.rs
View File

@ -7,31 +7,41 @@ use proxmox::tools::email::sendmail;
use crate::{ use crate::{
config::verify::VerificationJobConfig, config::verify::VerificationJobConfig,
config::sync::SyncJobConfig,
api2::types::{ api2::types::{
Userid, APTUpdateInfo,
GarbageCollectionStatus, GarbageCollectionStatus,
Userid,
}, },
tools::format::HumanByte, tools::format::HumanByte,
}; };
const GC_OK_TEMPLATE: &str = r###" const GC_OK_TEMPLATE: &str = r###"
Datastore: {{datastore}} Datastore: {{datastore}}
Task ID: {{status.upid}} Task ID: {{status.upid}}
Index file count: {{status.index-file-count}} Index file count: {{status.index-file-count}}
Removed garbage: {{human-bytes status.removed-bytes}} Removed garbage: {{human-bytes status.removed-bytes}}
Removed chunks: {{status.removed-chunks}} Removed chunks: {{status.removed-chunks}}
Remove bad files: {{status.removed-bad}} Removed bad chunks: {{status.removed-bad}}
Pending removals: {{human-bytes status.pending-bytes}} (in {{status.pending-chunks}} chunks) Leftover bad chunks: {{status.still-bad}}
Pending removals: {{human-bytes status.pending-bytes}} (in {{status.pending-chunks}} chunks)
Original Data usage: {{human-bytes status.index-data-bytes}} Original Data usage: {{human-bytes status.index-data-bytes}}
On Disk usage: {{human-bytes status.disk-bytes}} ({{relative-percentage status.disk-bytes status.index-data-bytes}}) On-Disk usage: {{human-bytes status.disk-bytes}} ({{relative-percentage status.disk-bytes status.index-data-bytes}})
On Disk chunks: {{status.disk-chunks}} On-Disk chunks: {{status.disk-chunks}}
Deduplication Factor: {{deduplication-factor}}
Garbage collection successful. Garbage collection successful.
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#DataStore-{{datastore}}>
"###; "###;
@ -41,6 +51,11 @@ Datastore: {{datastore}}
Garbage collection failed: {{error}} Garbage collection failed: {{error}}
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#pbsServerAdministration:tasks>
"###; "###;
const VERIFY_OK_TEMPLATE: &str = r###" const VERIFY_OK_TEMPLATE: &str = r###"
@ -50,6 +65,11 @@ Datastore: {{job.store}}
Verification successful. Verification successful.
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#DataStore-{{job.store}}>
"###; "###;
const VERIFY_ERR_TEMPLATE: &str = r###" const VERIFY_ERR_TEMPLATE: &str = r###"
@ -60,11 +80,61 @@ Datastore: {{job.store}}
Verification failed on these snapshots: Verification failed on these snapshots:
{{#each errors}} {{#each errors}}
{{this}} {{this~}}
{{/each}} {{/each}}
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#pbsServerAdministration:tasks>
"###; "###;
const SYNC_OK_TEMPLATE: &str = r###"
Job ID: {{job.id}}
Datastore: {{job.store}}
Remote: {{job.remote}}
Remote Store: {{job.remote-store}}
Synchronization successful.
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#DataStore-{{job.store}}>
"###;
const SYNC_ERR_TEMPLATE: &str = r###"
Job ID: {{job.id}}
Datastore: {{job.store}}
Remote: {{job.remote}}
Remote Store: {{job.remote-store}}
Synchronization failed: {{error}}
Please visit the web interface for futher details:
<https://{{fqdn}}:{{port}}/#pbsServerAdministration:tasks>
"###;
const PACKAGE_UPDATES_TEMPLATE: &str = r###"
Proxmox Backup Server has the following updates available:
{{#each updates }}
{{Package}}: {{OldVersion}} -> {{Version~}}
{{/each }}
To upgrade visit the web interface:
<https://{{fqdn}}:{{port}}/#pbsServerAdministration:updates>
"###;
lazy_static::lazy_static!{ lazy_static::lazy_static!{
static ref HANDLEBARS: Handlebars<'static> = { static ref HANDLEBARS: Handlebars<'static> = {
@ -81,6 +151,11 @@ lazy_static::lazy_static!{
hb.register_template_string("verify_ok_template", VERIFY_OK_TEMPLATE).unwrap(); hb.register_template_string("verify_ok_template", VERIFY_OK_TEMPLATE).unwrap();
hb.register_template_string("verify_err_template", VERIFY_ERR_TEMPLATE).unwrap(); hb.register_template_string("verify_err_template", VERIFY_ERR_TEMPLATE).unwrap();
hb.register_template_string("sync_ok_template", SYNC_OK_TEMPLATE).unwrap();
hb.register_template_string("sync_err_template", SYNC_ERR_TEMPLATE).unwrap();
hb.register_template_string("package_update_template", PACKAGE_UPDATES_TEMPLATE).unwrap();
hb hb
}; };
} }
@ -93,7 +168,7 @@ fn send_job_status_mail(
// Note: OX has serious problems displaying text mails, // Note: OX has serious problems displaying text mails,
// so we include html as well // so we include html as well
let html = format!("<html><body><pre>\n{}\n<pre>", text); let html = format!("<html><body><pre>\n{}\n<pre>", handlebars::html_escape(text));
let nodename = proxmox::tools::nodename(); let nodename = proxmox::tools::nodename();
@ -118,19 +193,28 @@ pub fn send_gc_status(
result: &Result<(), Error>, result: &Result<(), Error>,
) -> Result<(), Error> { ) -> Result<(), Error> {
let (fqdn, port) = get_server_url();
let mut data = json!({
"datastore": datastore,
"fqdn": fqdn,
"port": port,
});
let text = match result { let text = match result {
Ok(()) => { Ok(()) => {
let data = json!({ let deduplication_factor = if status.disk_bytes > 0 {
"status": status, (status.index_data_bytes as f64)/(status.disk_bytes as f64)
"datastore": datastore, } else {
}); 1.0
};
data["status"] = json!(status);
data["deduplication-factor"] = format!("{:.2}", deduplication_factor).into();
HANDLEBARS.render("gc_ok_template", &data)? HANDLEBARS.render("gc_ok_template", &data)?
} }
Err(err) => { Err(err) => {
let data = json!({ data["error"] = err.to_string().into();
"error": err.to_string(),
"datastore": datastore,
});
HANDLEBARS.render("gc_err_template", &data)? HANDLEBARS.render("gc_err_template", &data)?
} }
}; };
@ -157,18 +241,23 @@ pub fn send_verify_status(
result: &Result<Vec<String>, Error>, result: &Result<Vec<String>, Error>,
) -> Result<(), Error> { ) -> Result<(), Error> {
let (fqdn, port) = get_server_url();
let mut data = json!({
"job": job,
"fqdn": fqdn,
"port": port,
});
let text = match result { let text = match result {
Ok(errors) if errors.is_empty() => { Ok(errors) if errors.is_empty() => {
let data = json!({ "job": job });
HANDLEBARS.render("verify_ok_template", &data)? HANDLEBARS.render("verify_ok_template", &data)?
} }
Ok(errors) => { Ok(errors) => {
let data = json!({ "job": job, "errors": errors }); data["errors"] = json!(errors);
HANDLEBARS.render("verify_err_template", &data)? HANDLEBARS.render("verify_err_template", &data)?
} }
Err(_) => { Err(_) => {
// aboreted job - do not send any email // aborted job - do not send any email
return Ok(()); return Ok(());
} }
}; };
@ -189,6 +278,87 @@ pub fn send_verify_status(
Ok(()) Ok(())
} }
pub fn send_sync_status(
email: &str,
job: &SyncJobConfig,
result: &Result<(), Error>,
) -> Result<(), Error> {
let (fqdn, port) = get_server_url();
let mut data = json!({
"job": job,
"fqdn": fqdn,
"port": port,
});
let text = match result {
Ok(()) => {
HANDLEBARS.render("sync_ok_template", &data)?
}
Err(err) => {
data["error"] = err.to_string().into();
HANDLEBARS.render("sync_err_template", &data)?
}
};
let subject = match result {
Ok(()) => format!(
"Sync remote '{}' datastore '{}' successful",
job.remote,
job.remote_store,
),
Err(_) => format!(
"Sync remote '{}' datastore '{}' failed",
job.remote,
job.remote_store,
),
};
send_job_status_mail(email, &subject, &text)?;
Ok(())
}
fn get_server_url() -> (String, usize) {
// user will surely request that they can change this
let nodename = proxmox::tools::nodename();
let mut fqdn = nodename.to_owned();
if let Ok(resolv_conf) = crate::api2::node::dns::read_etc_resolv_conf() {
if let Some(search) = resolv_conf["search"].as_str() {
fqdn.push('.');
fqdn.push_str(search);
}
}
let port = 8007;
(fqdn, port)
}
pub fn send_updates_available(
updates: &Vec<&APTUpdateInfo>,
) -> Result<(), Error> {
// update mails always go to the root@pam configured email..
if let Some(email) = lookup_user_email(Userid::root_userid()) {
let nodename = proxmox::tools::nodename();
let subject = format!("New software packages available ({})", nodename);
let (fqdn, port) = get_server_url();
let text = HANDLEBARS.render("package_update_template", &json!({
"fqdn": fqdn,
"port": port,
"updates": updates,
}))?;
send_job_status_mail(&email, &subject, &text)?;
}
Ok(())
}
/// Lookup users email address /// Lookup users email address
/// ///
/// For "backup@pam", this returns the address from "root@pam". /// For "backup@pam", this returns the address from "root@pam".

12
src/server/environment.rs
View File

@ -6,7 +6,7 @@ use proxmox::api::{RpcEnvironment, RpcEnvironmentType};
pub struct RestEnvironment { pub struct RestEnvironment {
env_type: RpcEnvironmentType, env_type: RpcEnvironmentType,
result_attributes: Value, result_attributes: Value,
user: Option<String>, auth_id: Option<String>,
client_ip: Option<std::net::SocketAddr>, client_ip: Option<std::net::SocketAddr>,
} }
@ -14,7 +14,7 @@ impl RestEnvironment {
pub fn new(env_type: RpcEnvironmentType) -> Self { pub fn new(env_type: RpcEnvironmentType) -> Self {
Self { Self {
result_attributes: json!({}), result_attributes: json!({}),
user: None, auth_id: None,
client_ip: None, client_ip: None,
env_type, env_type,
} }
@ -35,12 +35,12 @@ impl RpcEnvironment for RestEnvironment {
self.env_type self.env_type
} }
fn set_user(&mut self, user: Option<String>) { fn set_auth_id(&mut self, auth_id: Option<String>) {
self.user = user; self.auth_id = auth_id;
} }
fn get_user(&self) -> Option<String> { fn get_auth_id(&self) -> Option<String> {
self.user.clone() self.auth_id.clone()
} }
fn set_client_ip(&mut self, client_ip: Option<std::net::SocketAddr>) { fn set_client_ip(&mut self, client_ip: Option<std::net::SocketAddr>) {

63
src/server/gc_job.rs Normal file
View File

@ -0,0 +1,63 @@
use std::sync::Arc;
use anyhow::Error;
use crate::{
server::WorkerTask,
api2::types::*,
server::jobstate::Job,
backup::DataStore,
};
/// Runs a garbage collection job.
pub fn do_garbage_collection_job(
mut job: Job,
datastore: Arc<DataStore>,
auth_id: &Authid,
schedule: Option<String>,
to_stdout: bool,
) -> Result<String, Error> {
let email = crate::server::lookup_user_email(auth_id.user());
let store = datastore.name().to_string();
let worker_type = job.jobtype().to_string();
let upid_str = WorkerTask::new_thread(
&worker_type,
Some(store.clone()),
auth_id.clone(),
to_stdout,
move |worker| {
job.start(&worker.upid().to_string())?;
worker.log(format!("starting garbage collection on store {}", store));
if let Some(event_str) = schedule {
worker.log(format!("task triggered by schedule '{}'", event_str));
}
let result = datastore.garbage_collection(&*worker, worker.upid());
let status = worker.create_state(&result);
match job.finish(status) {
Err(err) => eprintln!(
"could not finish job state for {}: {}",
job.jobtype().to_string(),
err
),
Ok(_) => (),
}
if let Some(email) = email {
let gc_status = datastore.last_gc_status();
if let Err(err) = crate::server::send_gc_status(&email, &store, &gc_status, &result) {
eprintln!("send gc notification failed: {}", err);
}
}
result
}
)?;
Ok(upid_str)
}

91
src/server/prune_job.rs Normal file
View File

@ -0,0 +1,91 @@
use anyhow::Error;
use proxmox::try_block;
use crate::{
api2::types::*,
backup::{compute_prune_info, BackupGroup, DataStore, PruneOptions},
server::jobstate::Job,
server::WorkerTask,
task_log,
};
pub fn do_prune_job(
mut job: Job,
prune_options: PruneOptions,
store: String,
auth_id: &Authid,
schedule: Option<String>,
) -> Result<String, Error> {
let datastore = DataStore::lookup_datastore(&store)?;
let worker_type = job.jobtype().to_string();
let upid_str = WorkerTask::new_thread(
&worker_type,
Some(job.jobname().to_string()),
auth_id.clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
let result = try_block!({
task_log!(worker, "Starting datastore prune on store \"{}\"", store);
if let Some(event_str) = schedule {
task_log!(worker, "task triggered by schedule '{}'", event_str);
}
task_log!(
worker,
"retention options: {}",
prune_options.cli_options_string()
);
let base_path = datastore.base_path();
let groups = BackupGroup::list_groups(&base_path)?;
for group in groups {
let list = group.list_backups(&base_path)?;
let mut prune_info = compute_prune_info(list, &prune_options)?;
prune_info.reverse(); // delete older snapshots first
task_log!(
worker,
"Starting prune on store \"{}\" group \"{}/{}\"",
store,
group.backup_type(),
group.backup_id()
);
for (info, keep) in prune_info {
task_log!(
worker,
"{} {}/{}/{}",
if keep { "keep" } else { "remove" },
group.backup_type(),
group.backup_id(),
info.backup_dir.backup_time_string()
);
if !keep {
datastore.remove_backup_dir(&info.backup_dir, true)?;
}
}
}
Ok(())
});
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!(
"could not finish job state for {}: {}",
job.jobtype().to_string(),
err
);
}
result
},
)?;
Ok(upid_str)
}

91
src/server/report.rs Normal file
View File

@ -0,0 +1,91 @@
use std::path::Path;
use std::process::Command;
use crate::config::datastore;
fn files() -> Vec<&'static str> {
vec![
"/etc/hostname",
"/etc/hosts",
"/etc/network/interfaces",
"/etc/proxmox-backup/datastore.cfg",
"/etc/proxmox-backup/user.cfg",
"/etc/proxmox-backup/acl.cfg",
"/etc/proxmox-backup/remote.cfg",
"/etc/proxmox-backup/sync.cfg",
"/etc/proxmox-backup/verification.cfg",
]
}
fn commands() -> Vec<(&'static str, Vec<&'static str>)> {
vec![
// ("<command>", vec![<arg [, arg]>])
("df", vec!["-h"]),
("lsblk", vec!["--ascii"]),
("zpool", vec!["status"]),
("zfs", vec!["list"]),
("proxmox-backup-manager", vec!["subscription", "get"]),
]
}
// (<description>, <function to call>)
fn function_calls() -> Vec<(&'static str, fn() -> String)> {
vec![
("Datastores", || {
let config = match datastore::config() {
Ok((config, _digest)) => config,
_ => return String::from("could not read datastore config"),
};
let mut list = Vec::new();
for (store, _) in &config.sections {
list.push(store.as_str());
}
list.join(", ")
})
]
}
pub fn generate_report() -> String {
use proxmox::tools::fs::file_read_optional_string;
let file_contents = files()
.iter()
.map(|file_name| {
let content = match file_read_optional_string(Path::new(file_name)) {
Ok(Some(content)) => content,
Ok(None) => String::from("# file does not exists"),
Err(err) => err.to_string(),
};
format!("# cat '{}'\n{}", file_name, content)
})
.collect::<Vec<String>>()
.join("\n\n");
let command_outputs = commands()
.iter()
.map(|(command, args)| {
let output = Command::new(command)
.env("PROXMOX_OUTPUT_NO_BORDER", "1")
.args(args)
.output();
let output = match output {
Ok(output) => String::from_utf8_lossy(&output.stdout).to_string(),
Err(err) => err.to_string(),
};
format!("# `{} {}`\n{}", command, args.join(" "), output)
})
.collect::<Vec<String>>()
.join("\n\n");
let function_outputs = function_calls()
.iter()
.map(|(desc, function)| format!("# {}\n{}", desc, function()))
.collect::<Vec<String>>()
.join("\n\n");
format!(
"= FILES =\n\n{}\n= COMMANDS =\n\n{}\n= FUNCTIONS =\n\n{}\n",
file_contents, command_outputs, function_outputs
)
}

154
src/server/rest.rs
View File

@ -17,6 +17,7 @@ use lazy_static::lazy_static;
use serde_json::{json, Value}; use serde_json::{json, Value};
use tokio::fs::File; use tokio::fs::File;
use tokio::time::Instant; use tokio::time::Instant;
use percent_encoding::percent_decode_str;
use url::form_urlencoded; use url::form_urlencoded;
use regex::Regex; use regex::Regex;
@ -42,7 +43,7 @@ use super::formatter::*;
use super::ApiConfig; use super::ApiConfig;
use crate::auth_helpers::*; use crate::auth_helpers::*;
use crate::api2::types::Userid; use crate::api2::types::{Authid, Userid};
use crate::tools; use crate::tools;
use crate::tools::FileLogger; use crate::tools::FileLogger;
use crate::tools::ticket::Ticket; use crate::tools::ticket::Ticket;
@ -111,7 +112,7 @@ pub struct ApiService {
} }
fn log_response( fn log_response(
logfile: Option<&Mutex<FileLogger>>, logfile: Option<&Arc<Mutex<FileLogger>>>,
peer: &std::net::SocketAddr, peer: &std::net::SocketAddr,
method: hyper::Method, method: hyper::Method,
path_query: &str, path_query: &str,
@ -138,9 +139,9 @@ fn log_response(
log::error!("{} {}: {} {}: [client {}] {}", method.as_str(), path, status.as_str(), reason, peer, message); log::error!("{} {}: {} {}: [client {}] {}", method.as_str(), path, status.as_str(), reason, peer, message);
} }
if let Some(logfile) = logfile { if let Some(logfile) = logfile {
let user = match resp.extensions().get::<Userid>() { let auth_id = match resp.extensions().get::<Authid>() {
Some(userid) => userid.as_str(), Some(auth_id) => auth_id.to_string(),
None => "-", None => "-".to_string(),
}; };
let now = proxmox::tools::time::epoch_i64(); let now = proxmox::tools::time::epoch_i64();
// time format which apache/nginx use (by default), copied from pve-http-server // time format which apache/nginx use (by default), copied from pve-http-server
@ -153,7 +154,7 @@ fn log_response(
.log(format!( .log(format!(
"{} - {} [{}] \"{} {}\" {} {} {}", "{} - {} [{}] \"{} {}\" {} {} {}",
peer.ip(), peer.ip(),
user, auth_id,
datetime, datetime,
method.as_str(), method.as_str(),
path, path,
@ -441,7 +442,7 @@ fn get_index(
.unwrap(); .unwrap();
if let Some(userid) = userid { if let Some(userid) = userid {
resp.extensions_mut().insert(userid); resp.extensions_mut().insert(Authid::from((userid, None)));
} }
resp resp
@ -531,50 +532,99 @@ async fn handle_static_file_download(filename: PathBuf) -> Result<Response<Body
} }
} }
fn extract_auth_data(headers: &http::HeaderMap) -> (Option<String>, Option<String>, Option<String>) { fn extract_lang_header(headers: &http::HeaderMap) -> Option<String> {
let mut ticket = None;
let mut language = None;
if let Some(raw_cookie) = headers.get("COOKIE") { if let Some(raw_cookie) = headers.get("COOKIE") {
if let Ok(cookie) = raw_cookie.to_str() { if let Ok(cookie) = raw_cookie.to_str() {
ticket = tools::extract_cookie(cookie, "PBSAuthCookie"); return tools::extract_cookie(cookie, "PBSLangCookie");
language = tools::extract_cookie(cookie, "PBSLangCookie");
} }
} }
let csrf_token = match headers.get("CSRFPreventionToken").map(|v| v.to_str()) { None
Some(Ok(v)) => Some(v.to_owned()), }
_ => None,
};
(ticket, csrf_token, language) struct UserAuthData{
ticket: String,
csrf_token: Option<String>,
}
enum AuthData {
User(UserAuthData),
ApiToken(String),
}
fn extract_auth_data(headers: &http::HeaderMap) -> Option<AuthData> {
if let Some(raw_cookie) = headers.get(header::COOKIE) {
if let Ok(cookie) = raw_cookie.to_str() {
if let Some(ticket) = tools::extract_cookie(cookie, "PBSAuthCookie") {
let csrf_token = match headers.get("CSRFPreventionToken").map(|v| v.to_str()) {
Some(Ok(v)) => Some(v.to_owned()),
_ => None,
};
return Some(AuthData::User(UserAuthData {
ticket,
csrf_token,
}));
}
}
}
match headers.get(header::AUTHORIZATION).map(|v| v.to_str()) {
Some(Ok(v)) => {
if v.starts_with("PBSAPIToken ") || v.starts_with("PBSAPIToken=") {
Some(AuthData::ApiToken(v["PBSAPIToken ".len()..].to_owned()))
} else {
None
}
},
_ => None,
}
} }
fn check_auth( fn check_auth(
method: &hyper::Method, method: &hyper::Method,
ticket: &Option<String>, auth_data: &AuthData,
csrf_token: &Option<String>,
user_info: &CachedUserInfo, user_info: &CachedUserInfo,
) -> Result<Userid, Error> { ) -> Result<Authid, Error> {
let ticket_lifetime = tools::ticket::TICKET_LIFETIME; match auth_data {
AuthData::User(user_auth_data) => {
let ticket = user_auth_data.ticket.clone();
let ticket_lifetime = tools::ticket::TICKET_LIFETIME;
let ticket = ticket.as_ref().map(String::as_str); let userid: Userid = Ticket::parse(&ticket)?
let userid: Userid = Ticket::parse(&ticket.ok_or_else(|| format_err!("missing ticket"))?)? .verify_with_time_frame(public_auth_key(), "PBS", None, -300..ticket_lifetime)?;
.verify_with_time_frame(public_auth_key(), "PBS", None, -300..ticket_lifetime)?;
if !user_info.is_active_user(&userid) { let auth_id = Authid::from(userid.clone());
bail!("user account disabled or expired."); if !user_info.is_active_auth_id(&auth_id) {
} bail!("user account disabled or expired.");
}
if method != hyper::Method::GET { if method != hyper::Method::GET {
if let Some(csrf_token) = csrf_token { if let Some(csrf_token) = &user_auth_data.csrf_token {
verify_csrf_prevention_token(csrf_secret(), &userid, &csrf_token, -300, ticket_lifetime)?; verify_csrf_prevention_token(csrf_secret(), &userid, &csrf_token, -300, ticket_lifetime)?;
} else { } else {
bail!("missing CSRF prevention token"); bail!("missing CSRF prevention token");
}
}
Ok(auth_id)
},
AuthData::ApiToken(api_token) => {
let mut parts = api_token.splitn(2, ':');
let tokenid = parts.next()
.ok_or_else(|| format_err!("failed to split API token header"))?;
let tokenid: Authid = tokenid.parse()?;
let tokensecret = parts.next()
.ok_or_else(|| format_err!("failed to split API token header"))?;
let tokensecret = percent_decode_str(tokensecret)
.decode_utf8()
.map_err(|_| format_err!("failed to decode API token header"))?;
crate::config::token_shadow::verify_secret(&tokenid, &tokensecret)?;
Ok(tokenid)
} }
} }
Ok(userid)
} }
async fn handle_request( async fn handle_request(
@ -630,9 +680,12 @@ async fn handle_request(
} }
if auth_required { if auth_required {
let (ticket, csrf_token, _) = extract_auth_data(&parts.headers); let auth_result = match extract_auth_data(&parts.headers) {
match check_auth(&method, &ticket, &csrf_token, &user_info) { Some(auth_data) => check_auth(&method, &auth_data, &user_info),
Ok(userid) => rpcenv.set_user(Some(userid.to_string())), None => Err(format_err!("no authentication credentials provided.")),
};
match auth_result {
Ok(authid) => rpcenv.set_auth_id(Some(authid.to_string())),
Err(err) => { Err(err) => {
// always delay unauthorized calls by 3 seconds (from start of request) // always delay unauthorized calls by 3 seconds (from start of request)
let err = http_err!(UNAUTHORIZED, "authentication failed - {}", err); let err = http_err!(UNAUTHORIZED, "authentication failed - {}", err);
@ -648,8 +701,8 @@ async fn handle_request(
return Ok((formatter.format_error)(err)); return Ok((formatter.format_error)(err));
} }
Some(api_method) => { Some(api_method) => {
let user = rpcenv.get_user(); let auth_id = rpcenv.get_auth_id();
if !check_api_permission(api_method.access.permission, user.as_deref(), &uri_param, user_info.as_ref()) { if !check_api_permission(api_method.access.permission, auth_id.as_deref(), &uri_param, user_info.as_ref()) {
let err = http_err!(FORBIDDEN, "permission check failed"); let err = http_err!(FORBIDDEN, "permission check failed");
tokio::time::delay_until(Instant::from_std(access_forbidden_time)).await; tokio::time::delay_until(Instant::from_std(access_forbidden_time)).await;
return Ok((formatter.format_error)(err)); return Ok((formatter.format_error)(err));
@ -666,9 +719,9 @@ async fn handle_request(
Err(err) => (formatter.format_error)(err), Err(err) => (formatter.format_error)(err),
}; };
if let Some(user) = user { if let Some(auth_id) = auth_id {
let userid: Userid = user.parse()?; let auth_id: Authid = auth_id.parse()?;
response.extensions_mut().insert(userid); response.extensions_mut().insert(auth_id);
} }
return Ok(response); return Ok(response);
@ -684,13 +737,14 @@ async fn handle_request(
} }
if comp_len == 0 { if comp_len == 0 {
let (ticket, csrf_token, language) = extract_auth_data(&parts.headers); let language = extract_lang_header(&parts.headers);
if ticket != None { if let Some(auth_data) = extract_auth_data(&parts.headers) {
match check_auth(&method, &ticket, &csrf_token, &user_info) { match check_auth(&method, &auth_data, &user_info) {
Ok(userid) => { Ok(auth_id) if !auth_id.is_token() => {
let new_csrf_token = assemble_csrf_prevention_token(csrf_secret(), &userid); let userid = auth_id.user();
return Ok(get_index(Some(userid), Some(new_csrf_token), language, &api, parts)); let new_csrf_token = assemble_csrf_prevention_token(csrf_secret(), userid);
} return Ok(get_index(Some(userid.clone()), Some(new_csrf_token), language, &api, parts));
},
_ => { _ => {
tokio::time::delay_until(Instant::from_std(delay_unauth_time)).await; tokio::time::delay_until(Instant::from_std(delay_unauth_time)).await;
return Ok(get_index(None, None, language, &api, parts)); return Ok(get_index(None, None, language, &api, parts));

16
src/server/upid.rs
View File

@ -6,7 +6,7 @@ use proxmox::api::schema::{ApiStringFormat, Schema, StringSchema};
use proxmox::const_regex; use proxmox::const_regex;
use proxmox::sys::linux::procfs; use proxmox::sys::linux::procfs;
use crate::api2::types::Userid; use crate::api2::types::Authid;
/// Unique Process/Task Identifier /// Unique Process/Task Identifier
/// ///
@ -34,8 +34,8 @@ pub struct UPID {
pub worker_type: String, pub worker_type: String,
/// Worker ID (arbitrary ASCII string) /// Worker ID (arbitrary ASCII string)
pub worker_id: Option<String>, pub worker_id: Option<String>,
/// The user who started the task /// The authenticated entity who started the task
pub userid: Userid, pub auth_id: Authid,
/// The node name. /// The node name.
pub node: String, pub node: String,
} }
@ -47,7 +47,7 @@ const_regex! {
pub PROXMOX_UPID_REGEX = concat!( pub PROXMOX_UPID_REGEX = concat!(
r"^UPID:(?P<node>[a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):(?P<pid>[0-9A-Fa-f]{8}):", r"^UPID:(?P<node>[a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):(?P<pid>[0-9A-Fa-f]{8}):",
r"(?P<pstart>[0-9A-Fa-f]{8,9}):(?P<task_id>[0-9A-Fa-f]{8,16}):(?P<starttime>[0-9A-Fa-f]{8}):", r"(?P<pstart>[0-9A-Fa-f]{8,9}):(?P<task_id>[0-9A-Fa-f]{8,16}):(?P<starttime>[0-9A-Fa-f]{8}):",
r"(?P<wtype>[^:\s]+):(?P<wid>[^:\s]*):(?P<userid>[^:\s]+):$" r"(?P<wtype>[^:\s]+):(?P<wid>[^:\s]*):(?P<authid>[^:\s]+):$"
); );
} }
@ -65,7 +65,7 @@ impl UPID {
pub fn new( pub fn new(
worker_type: &str, worker_type: &str,
worker_id: Option<String>, worker_id: Option<String>,
userid: Userid, auth_id: Authid,
) -> Result<Self, Error> { ) -> Result<Self, Error> {
let pid = unsafe { libc::getpid() }; let pid = unsafe { libc::getpid() };
@ -87,7 +87,7 @@ impl UPID {
task_id, task_id,
worker_type: worker_type.to_owned(), worker_type: worker_type.to_owned(),
worker_id, worker_id,
userid, auth_id,
node: proxmox::tools::nodename().to_owned(), node: proxmox::tools::nodename().to_owned(),
}) })
} }
@ -122,7 +122,7 @@ impl std::str::FromStr for UPID {
task_id: usize::from_str_radix(&cap["task_id"], 16).unwrap(), task_id: usize::from_str_radix(&cap["task_id"], 16).unwrap(),
worker_type: cap["wtype"].to_string(), worker_type: cap["wtype"].to_string(),
worker_id, worker_id,
userid: cap["userid"].parse()?, auth_id: cap["authid"].parse()?,
node: cap["node"].to_string(), node: cap["node"].to_string(),
}) })
} else { } else {
@ -146,6 +146,6 @@ impl std::fmt::Display for UPID {
// more that 8 characters for pstart // more that 8 characters for pstart
write!(f, "UPID:{}:{:08X}:{:08X}:{:08X}:{:08X}:{}:{}:{}:", write!(f, "UPID:{}:{:08X}:{:08X}:{:08X}:{:08X}:{}:{}:{}:",
self.node, self.pid, self.pstart, self.task_id, self.starttime, self.worker_type, wid, self.userid) self.node, self.pid, self.pstart, self.task_id, self.starttime, self.worker_type, wid, self.auth_id)
} }
} }

18
src/server/verify_job.rs
View File

@ -7,7 +7,7 @@ use crate::{
config::verify::VerificationJobConfig, config::verify::VerificationJobConfig,
backup::{ backup::{
DataStore, DataStore,
BackupInfo, BackupManifest,
verify_all_backups, verify_all_backups,
}, },
task_log, task_log,
@ -17,25 +17,19 @@ use crate::{
pub fn do_verification_job( pub fn do_verification_job(
mut job: Job, mut job: Job,
verification_job: VerificationJobConfig, verification_job: VerificationJobConfig,
userid: &Userid, auth_id: &Authid,
schedule: Option<String>, schedule: Option<String>,
) -> Result<String, Error> { ) -> Result<String, Error> {
let datastore = DataStore::lookup_datastore(&verification_job.store)?; let datastore = DataStore::lookup_datastore(&verification_job.store)?;
let datastore2 = datastore.clone();
let outdated_after = verification_job.outdated_after.clone(); let outdated_after = verification_job.outdated_after.clone();
let ignore_verified_snapshots = verification_job.ignore_verified.unwrap_or(true); let ignore_verified_snapshots = verification_job.ignore_verified.unwrap_or(true);
let filter = move |backup_info: &BackupInfo| { let filter = move |manifest: &BackupManifest| {
if !ignore_verified_snapshots { if !ignore_verified_snapshots {
return true; return true;
} }
let manifest = match datastore2.load_manifest(&backup_info.backup_dir) {
Ok((manifest, _)) => manifest,
Err(_) => return true, // include, so task picks this up as error
};
let raw_verify_state = manifest.unprotected["verify_state"].clone(); let raw_verify_state = manifest.unprotected["verify_state"].clone();
match serde_json::from_value::<SnapshotVerifyState>(raw_verify_state) { match serde_json::from_value::<SnapshotVerifyState>(raw_verify_state) {
@ -54,14 +48,14 @@ pub fn do_verification_job(
} }
}; };
let email = crate::server::lookup_user_email(userid); let email = crate::server::lookup_user_email(auth_id.user());
let job_id = job.jobname().to_string(); let job_id = job.jobname().to_string();
let worker_type = job.jobtype().to_string(); let worker_type = job.jobtype().to_string();
let upid_str = WorkerTask::new_thread( let upid_str = WorkerTask::new_thread(
&worker_type, &worker_type,
Some(job.jobname().to_string()), Some(job.jobname().to_string()),
userid.clone(), auth_id.clone(),
false, false,
move |worker| { move |worker| {
job.start(&worker.upid().to_string())?; job.start(&worker.upid().to_string())?;
@ -71,7 +65,7 @@ pub fn do_verification_job(
task_log!(worker,"task triggered by schedule '{}'", event_str); task_log!(worker,"task triggered by schedule '{}'", event_str);
} }
let result = verify_all_backups(datastore, worker.clone(), worker.upid(), &filter); let result = verify_all_backups(datastore, worker.clone(), worker.upid(), None, Some(&filter));
let job_result = match result { let job_result = match result {
Ok(ref errors) if errors.is_empty() => Ok(()), Ok(ref errors) if errors.is_empty() => Ok(()),
Ok(_) => Err(format_err!("verification failed - please check the log for details")), Ok(_) => Err(format_err!("verification failed - please check the log for details")),

260
src/server/worker_task.rs
View File

@ -8,7 +8,6 @@ use std::sync::{Arc, Mutex};
use anyhow::{bail, format_err, Error}; use anyhow::{bail, format_err, Error};
use futures::*; use futures::*;
use lazy_static::lazy_static; use lazy_static::lazy_static;
use nix::unistd::Pid;
use serde_json::{json, Value}; use serde_json::{json, Value};
use serde::{Serialize, Deserialize}; use serde::{Serialize, Deserialize};
use tokio::sync::oneshot; use tokio::sync::oneshot;
@ -19,36 +18,33 @@ use proxmox::tools::fs::{create_path, open_file_locked, replace_file, CreateOpti
use super::UPID; use super::UPID;
use crate::buildcfg;
use crate::server;
use crate::tools::logrotate::{LogRotate, LogRotateFiles}; use crate::tools::logrotate::{LogRotate, LogRotateFiles};
use crate::tools::{FileLogger, FileLogOptions}; use crate::tools::{FileLogger, FileLogOptions};
use crate::api2::types::Userid; use crate::api2::types::{Authid, TaskStateType};
macro_rules! PROXMOX_BACKUP_VAR_RUN_DIR_M { () => ("/run/proxmox-backup") } macro_rules! taskdir {
macro_rules! PROXMOX_BACKUP_LOG_DIR_M { () => ("/var/log/proxmox-backup") } ($subdir:expr) => (concat!(PROXMOX_BACKUP_LOG_DIR_M!(), "/tasks", $subdir))
macro_rules! PROXMOX_BACKUP_TASK_DIR_M { () => (concat!( PROXMOX_BACKUP_LOG_DIR_M!(), "/tasks")) } }
pub const PROXMOX_BACKUP_TASK_DIR: &str = taskdir!("/");
pub const PROXMOX_BACKUP_VAR_RUN_DIR: &str = PROXMOX_BACKUP_VAR_RUN_DIR_M!(); pub const PROXMOX_BACKUP_TASK_LOCK_FN: &str = taskdir!("/.active.lock");
pub const PROXMOX_BACKUP_LOG_DIR: &str = PROXMOX_BACKUP_LOG_DIR_M!(); pub const PROXMOX_BACKUP_ACTIVE_TASK_FN: &str = taskdir!("/active");
pub const PROXMOX_BACKUP_TASK_DIR: &str = PROXMOX_BACKUP_TASK_DIR_M!(); pub const PROXMOX_BACKUP_INDEX_TASK_FN: &str = taskdir!("/index");
pub const PROXMOX_BACKUP_TASK_LOCK_FN: &str = concat!(PROXMOX_BACKUP_TASK_DIR_M!(), "/.active.lock"); pub const PROXMOX_BACKUP_ARCHIVE_TASK_FN: &str = taskdir!("/archive");
pub const PROXMOX_BACKUP_ACTIVE_TASK_FN: &str = concat!(PROXMOX_BACKUP_TASK_DIR_M!(), "/active");
pub const PROXMOX_BACKUP_INDEX_TASK_FN: &str = concat!(PROXMOX_BACKUP_TASK_DIR_M!(), "/index");
pub const PROXMOX_BACKUP_ARCHIVE_TASK_FN: &str = concat!(PROXMOX_BACKUP_TASK_DIR_M!(), "/archive");
const MAX_INDEX_TASKS: usize = 1000;
lazy_static! { lazy_static! {
static ref WORKER_TASK_LIST: Mutex<HashMap<usize, Arc<WorkerTask>>> = Mutex::new(HashMap::new()); static ref WORKER_TASK_LIST: Mutex<HashMap<usize, Arc<WorkerTask>>> = Mutex::new(HashMap::new());
}
static ref MY_PID: i32 = unsafe { libc::getpid() }; /// checks if the task UPID refers to a worker from this process
static ref MY_PID_PSTART: u64 = procfs::PidStat::read_from_pid(Pid::from_raw(*MY_PID)) fn is_local_worker(upid: &UPID) -> bool {
.unwrap() upid.pid == server::pid() && upid.pstart == server::pstart()
.starttime;
} }
/// Test if the task is still running /// Test if the task is still running
pub async fn worker_is_active(upid: &UPID) -> Result<bool, Error> { pub async fn worker_is_active(upid: &UPID) -> Result<bool, Error> {
if (upid.pid == *MY_PID) && (upid.pstart == *MY_PID_PSTART) { if is_local_worker(upid) {
return Ok(WORKER_TASK_LIST.lock().unwrap().contains_key(&upid.task_id)); return Ok(WORKER_TASK_LIST.lock().unwrap().contains_key(&upid.task_id));
} }
@ -56,15 +52,12 @@ pub async fn worker_is_active(upid: &UPID) -> Result<bool, Error> {
return Ok(false); return Ok(false);
} }
let socketname = format!( let sock = server::ctrl_sock_from_pid(upid.pid);
"\0{}/proxmox-task-control-{}.sock", PROXMOX_BACKUP_VAR_RUN_DIR, upid.pid);
let cmd = json!({ let cmd = json!({
"command": "status", "command": "worker-task-status",
"upid": upid.to_string(), "upid": upid.to_string(),
}); });
let status = super::send_command(sock, cmd).await?;
let status = super::send_command(socketname, cmd).await?;
if let Some(active) = status.as_bool() { if let Some(active) = status.as_bool() {
Ok(active) Ok(active)
@ -75,69 +68,48 @@ pub async fn worker_is_active(upid: &UPID) -> Result<bool, Error> {
/// Test if the task is still running (fast but inaccurate implementation) /// Test if the task is still running (fast but inaccurate implementation)
/// ///
/// If the task is spanned from a different process, we simply return if /// If the task is spawned from a different process, we simply return if
/// that process is still running. This information is good enough to detect /// that process is still running. This information is good enough to detect
/// stale tasks... /// stale tasks...
pub fn worker_is_active_local(upid: &UPID) -> bool { pub fn worker_is_active_local(upid: &UPID) -> bool {
if (upid.pid == *MY_PID) && (upid.pstart == *MY_PID_PSTART) { if is_local_worker(upid) {
WORKER_TASK_LIST.lock().unwrap().contains_key(&upid.task_id) WORKER_TASK_LIST.lock().unwrap().contains_key(&upid.task_id)
} else { } else {
procfs::check_process_running_pstart(upid.pid, upid.pstart).is_some() procfs::check_process_running_pstart(upid.pid, upid.pstart).is_some()
} }
} }
pub fn create_task_control_socket() -> Result<(), Error> { pub fn register_task_control_commands(
commando_sock: &mut super::CommandoSocket,
let socketname = format!( ) -> Result<(), Error> {
"\0{}/proxmox-task-control-{}.sock", PROXMOX_BACKUP_VAR_RUN_DIR, *MY_PID); fn get_upid(args: Option<&Value>) -> Result<UPID, Error> {
let args = if let Some(args) = args { args } else { bail!("missing args") };
let control_future = super::create_control_socket(socketname, |param| { let upid = match args.get("upid") {
let param = param Some(Value::String(upid)) => upid.parse::<UPID>()?,
.as_object() None => bail!("no upid in args"),
.ok_or_else(|| format_err!("unable to parse parameters (expected json object)"))?; _ => bail!("unable to parse upid"),
if param.keys().count() != 2 { bail!("wrong number of parameters"); } };
if !is_local_worker(&upid) {
let command = param["command"]
.as_str()
.ok_or_else(|| format_err!("unable to parse parameters (missing command)"))?;
// we have only two commands for now
if !(command == "abort-task" || command == "status") {
bail!("got unknown command '{}'", command);
}
let upid_str = param["upid"]
.as_str()
.ok_or_else(|| format_err!("unable to parse parameters (missing upid)"))?;
let upid = upid_str.parse::<UPID>()?;
if !(upid.pid == *MY_PID && upid.pstart == *MY_PID_PSTART) {
bail!("upid does not belong to this process"); bail!("upid does not belong to this process");
} }
Ok(upid)
}
let hash = WORKER_TASK_LIST.lock().unwrap(); commando_sock.register_command("worker-task-abort".into(), move |args| {
let upid = get_upid(args)?;
match command { if let Some(ref worker) = WORKER_TASK_LIST.lock().unwrap().get(&upid.task_id) {
"abort-task" => { worker.request_abort();
if let Some(ref worker) = hash.get(&upid.task_id) {
worker.request_abort();
} else {
// assume task is already stopped
}
Ok(Value::Null)
}
"status" => {
let active = hash.contains_key(&upid.task_id);
Ok(active.into())
}
_ => {
bail!("got unknown command '{}'", command);
}
} }
Ok(Value::Null)
})?; })?;
commando_sock.register_command("worker-task-status".into(), move |args| {
let upid = get_upid(args)?;
tokio::spawn(control_future); let active = WORKER_TASK_LIST.lock().unwrap().contains_key(&upid.task_id);
Ok(active.into())
})?;
Ok(()) Ok(())
} }
@ -152,17 +124,12 @@ pub fn abort_worker_async(upid: UPID) {
pub async fn abort_worker(upid: UPID) -> Result<(), Error> { pub async fn abort_worker(upid: UPID) -> Result<(), Error> {
let target_pid = upid.pid; let sock = server::ctrl_sock_from_pid(upid.pid);
let socketname = format!(
"\0{}/proxmox-task-control-{}.sock", PROXMOX_BACKUP_VAR_RUN_DIR, target_pid);
let cmd = json!({ let cmd = json!({
"command": "abort-task", "command": "worker-task-abort",
"upid": upid.to_string(), "upid": upid.to_string(),
}); });
super::send_command(sock, cmd).map_ok(|_| ()).await
super::send_command(socketname, cmd).map_ok(|_| ()).await
} }
fn parse_worker_status_line(line: &str) -> Result<(String, UPID, Option<TaskState>), Error> { fn parse_worker_status_line(line: &str) -> Result<(String, UPID, Option<TaskState>), Error> {
@ -191,9 +158,9 @@ pub fn create_task_log_dirs() -> Result<(), Error> {
.owner(backup_user.uid) .owner(backup_user.uid)
.group(backup_user.gid); .group(backup_user.gid);
create_path(PROXMOX_BACKUP_LOG_DIR, None, Some(opts.clone()))?; create_path(buildcfg::PROXMOX_BACKUP_LOG_DIR, None, Some(opts.clone()))?;
create_path(PROXMOX_BACKUP_TASK_DIR, None, Some(opts.clone()))?; create_path(PROXMOX_BACKUP_TASK_DIR, None, Some(opts.clone()))?;
create_path(PROXMOX_BACKUP_VAR_RUN_DIR, None, Some(opts))?; create_path(buildcfg::PROXMOX_BACKUP_RUN_DIR, None, Some(opts))?;
Ok(()) Ok(())
}).map_err(|err: Error| format_err!("unable to create task log dir - {}", err))?; }).map_err(|err: Error| format_err!("unable to create task log dir - {}", err))?;
@ -275,6 +242,15 @@ impl TaskState {
} }
} }
pub fn tasktype(&self) -> TaskStateType {
match self {
TaskState::OK { .. } => TaskStateType::OK,
TaskState::Unknown { .. } => TaskStateType::Unknown,
TaskState::Error { .. } => TaskStateType::Error,
TaskState::Warning { .. } => TaskStateType::Warning,
}
}
fn result_text(&self) -> String { fn result_text(&self) -> String {
match self { match self {
TaskState::Error { message, .. } => format!("TASK ERROR: {}", message), TaskState::Error { message, .. } => format!("TASK ERROR: {}", message),
@ -363,7 +339,10 @@ fn update_active_workers(new_upid: Option<&UPID>) -> Result<(), Error> {
let lock = lock_task_list_files(true)?; let lock = lock_task_list_files(true)?;
// TODO remove with 1.x
let mut finish_list: Vec<TaskListInfo> = read_task_file_from_path(PROXMOX_BACKUP_INDEX_TASK_FN)?; let mut finish_list: Vec<TaskListInfo> = read_task_file_from_path(PROXMOX_BACKUP_INDEX_TASK_FN)?;
let had_index_file = !finish_list.is_empty();
let mut active_list: Vec<TaskListInfo> = read_task_file_from_path(PROXMOX_BACKUP_ACTIVE_TASK_FN)? let mut active_list: Vec<TaskListInfo> = read_task_file_from_path(PROXMOX_BACKUP_ACTIVE_TASK_FN)?
.into_iter() .into_iter()
.filter_map(|info| { .filter_map(|info| {
@ -374,7 +353,7 @@ fn update_active_workers(new_upid: Option<&UPID>) -> Result<(), Error> {
} }
if !worker_is_active_local(&info.upid) { if !worker_is_active_local(&info.upid) {
println!("Detected stopped UPID {}", &info.upid_str); println!("Detected stopped task '{}'", &info.upid_str);
let now = proxmox::tools::time::epoch_i64(); let now = proxmox::tools::time::epoch_i64();
let status = upid_read_status(&info.upid) let status = upid_read_status(&info.upid)
.unwrap_or_else(|_| TaskState::Unknown { endtime: now }); .unwrap_or_else(|_| TaskState::Unknown { endtime: now });
@ -412,33 +391,10 @@ fn update_active_workers(new_upid: Option<&UPID>) -> Result<(), Error> {
} }
}); });
if !finish_list.is_empty() {
let start = if finish_list.len() > MAX_INDEX_TASKS {
finish_list.len() - MAX_INDEX_TASKS
} else {
0
};
let end = (start+MAX_INDEX_TASKS).min(finish_list.len());
let index_raw = if end > start {
render_task_list(&finish_list[start..end])
} else {
"".to_string()
};
replace_file(
PROXMOX_BACKUP_INDEX_TASK_FN,
index_raw.as_bytes(),
CreateOptions::new()
.owner(backup_user.uid)
.group(backup_user.gid),
)?;
if !finish_list.is_empty() && start > 0 {
match std::fs::OpenOptions::new().append(true).create(true).open(PROXMOX_BACKUP_ARCHIVE_TASK_FN) { match std::fs::OpenOptions::new().append(true).create(true).open(PROXMOX_BACKUP_ARCHIVE_TASK_FN) {
Ok(mut writer) => { Ok(mut writer) => {
for info in &finish_list[0..start] { for info in &finish_list {
writer.write_all(render_task_line(&info).as_bytes())?; writer.write_all(render_task_line(&info).as_bytes())?;
} }
}, },
@ -448,6 +404,12 @@ fn update_active_workers(new_upid: Option<&UPID>) -> Result<(), Error> {
nix::unistd::chown(PROXMOX_BACKUP_ARCHIVE_TASK_FN, Some(backup_user.uid), Some(backup_user.gid))?; nix::unistd::chown(PROXMOX_BACKUP_ARCHIVE_TASK_FN, Some(backup_user.uid), Some(backup_user.gid))?;
} }
// TODO Remove with 1.x
// for compatibility, if we had an INDEX file, we do not need it anymore
if had_index_file {
let _ = nix::unistd::unlink(PROXMOX_BACKUP_INDEX_TASK_FN);
}
drop(lock); drop(lock);
Ok(()) Ok(())
@ -511,16 +473,9 @@ where
read_task_file(file) read_task_file(file)
} }
enum TaskFile {
Active,
Index,
Archive,
End,
}
pub struct TaskListInfoIterator { pub struct TaskListInfoIterator {
list: VecDeque<TaskListInfo>, list: VecDeque<TaskListInfo>,
file: TaskFile, end: bool,
archive: Option<LogRotateFiles>, archive: Option<LogRotateFiles>,
lock: Option<File>, lock: Option<File>,
} }
@ -535,7 +490,10 @@ impl TaskListInfoIterator {
.iter() .iter()
.any(|info| info.state.is_some() || !worker_is_active_local(&info.upid)); .any(|info| info.state.is_some() || !worker_is_active_local(&info.upid));
if needs_update { // TODO remove with 1.x
let index_exists = std::path::Path::new(PROXMOX_BACKUP_INDEX_TASK_FN).is_file();
if needs_update || index_exists {
drop(lock); drop(lock);
update_active_workers(None)?; update_active_workers(None)?;
let lock = lock_task_list_files(false)?; let lock = lock_task_list_files(false)?;
@ -554,12 +512,11 @@ impl TaskListInfoIterator {
Some(logrotate.files()) Some(logrotate.files())
}; };
let file = if active_only { TaskFile::End } else { TaskFile::Active };
let lock = if active_only { None } else { Some(read_lock) }; let lock = if active_only { None } else { Some(read_lock) };
Ok(Self { Ok(Self {
list: active_list.into(), list: active_list.into(),
file, end: active_only,
archive, archive,
lock, lock,
}) })
@ -573,35 +530,23 @@ impl Iterator for TaskListInfoIterator {
loop { loop {
if let Some(element) = self.list.pop_back() { if let Some(element) = self.list.pop_back() {
return Some(Ok(element)); return Some(Ok(element));
} else if self.end {
return None;
} else { } else {
match self.file { if let Some(mut archive) = self.archive.take() {
TaskFile::Active => { if let Some(file) = archive.next() {
let index = match read_task_file_from_path(PROXMOX_BACKUP_INDEX_TASK_FN) { let list = match read_task_file(file) {
Ok(index) => index, Ok(list) => list,
Err(err) => return Some(Err(err)), Err(err) => return Some(Err(err)),
}; };
self.list.append(&mut index.into()); self.list.append(&mut list.into());
self.file = TaskFile::Index; self.archive = Some(archive);
}, continue;
TaskFile::Index | TaskFile::Archive => {
if let Some(mut archive) = self.archive.take() {
if let Some(file) = archive.next() {
let list = match read_task_file(file) {
Ok(list) => list,
Err(err) => return Some(Err(err)),
};
self.list.append(&mut list.into());
self.archive = Some(archive);
self.file = TaskFile::Archive;
continue;
}
}
self.file = TaskFile::End;
self.lock.take();
return None;
} }
TaskFile::End => return None,
} }
self.end = true;
self.lock.take();
} }
} }
} }
@ -635,24 +580,15 @@ struct WorkerTaskData {
pub abort_listeners: Vec<oneshot::Sender<()>>, pub abort_listeners: Vec<oneshot::Sender<()>>,
} }
impl Drop for WorkerTask {
fn drop(&mut self) {
println!("unregister worker");
}
}
impl WorkerTask { impl WorkerTask {
pub fn new(worker_type: &str, worker_id: Option<String>, userid: Userid, to_stdout: bool) -> Result<Arc<Self>, Error> { pub fn new(worker_type: &str, worker_id: Option<String>, auth_id: Authid, to_stdout: bool) -> Result<Arc<Self>, Error> {
println!("register worker"); let upid = UPID::new(worker_type, worker_id, auth_id)?;
let upid = UPID::new(worker_type, worker_id, userid)?;
let task_id = upid.task_id; let task_id = upid.task_id;
let mut path = std::path::PathBuf::from(PROXMOX_BACKUP_TASK_DIR); let mut path = std::path::PathBuf::from(PROXMOX_BACKUP_TASK_DIR);
path.push(format!("{:02X}", upid.pstart % 256)); path.push(format!("{:02X}", upid.pstart & 255));
let backup_user = crate::backup::backup_user()?; let backup_user = crate::backup::backup_user()?;
@ -660,8 +596,6 @@ impl WorkerTask {
path.push(upid.to_string()); path.push(upid.to_string());
println!("FILE: {:?}", path);
let logger_options = FileLogOptions { let logger_options = FileLogOptions {
to_stdout: to_stdout, to_stdout: to_stdout,
exclusive: true, exclusive: true,
@ -699,14 +633,14 @@ impl WorkerTask {
pub fn spawn<F, T>( pub fn spawn<F, T>(
worker_type: &str, worker_type: &str,
worker_id: Option<String>, worker_id: Option<String>,
userid: Userid, auth_id: Authid,
to_stdout: bool, to_stdout: bool,
f: F, f: F,
) -> Result<String, Error> ) -> Result<String, Error>
where F: Send + 'static + FnOnce(Arc<WorkerTask>) -> T, where F: Send + 'static + FnOnce(Arc<WorkerTask>) -> T,
T: Send + 'static + Future<Output = Result<(), Error>>, T: Send + 'static + Future<Output = Result<(), Error>>,
{ {
let worker = WorkerTask::new(worker_type, worker_id, userid, to_stdout)?; let worker = WorkerTask::new(worker_type, worker_id, auth_id, to_stdout)?;
let upid_str = worker.upid.to_string(); let upid_str = worker.upid.to_string();
let f = f(worker.clone()); let f = f(worker.clone());
tokio::spawn(async move { tokio::spawn(async move {
@ -721,15 +655,13 @@ impl WorkerTask {
pub fn new_thread<F>( pub fn new_thread<F>(
worker_type: &str, worker_type: &str,
worker_id: Option<String>, worker_id: Option<String>,
userid: Userid, auth_id: Authid,
to_stdout: bool, to_stdout: bool,
f: F, f: F,
) -> Result<String, Error> ) -> Result<String, Error>
where F: Send + UnwindSafe + 'static + FnOnce(Arc<WorkerTask>) -> Result<(), Error> where F: Send + UnwindSafe + 'static + FnOnce(Arc<WorkerTask>) -> Result<(), Error>
{ {
println!("register worker thread"); let worker = WorkerTask::new(worker_type, worker_id, auth_id, to_stdout)?;
let worker = WorkerTask::new(worker_type, worker_id, userid, to_stdout)?;
let upid_str = worker.upid.to_string(); let upid_str = worker.upid.to_string();
let _child = std::thread::Builder::new().name(upid_str.clone()).spawn(move || { let _child = std::thread::Builder::new().name(upid_str.clone()).spawn(move || {

3
src/tools.rs
View File

@ -19,6 +19,7 @@ use proxmox::tools::vec;
pub use proxmox::tools::fd::Fd; pub use proxmox::tools::fd::Fd;
pub mod acl; pub mod acl;
pub mod apt;
pub mod async_io; pub mod async_io;
pub mod borrow; pub mod borrow;
pub mod cert; pub mod cert;
@ -462,7 +463,7 @@ pub fn run_command(
let output = command.output() let output = command.output()
.map_err(|err| format_err!("failed to execute {:?} - {}", command, err))?; .map_err(|err| format_err!("failed to execute {:?} - {}", command, err))?;
let output = crate::tools::command_output_as_string(output, exit_code_check) let output = command_output_as_string(output, exit_code_check)
.map_err(|err| format_err!("command {:?} failed - {}", command, err))?; .map_err(|err| format_err!("command {:?} failed - {}", command, err))?;
Ok(output) Ok(output)

361
src/tools/apt.rs Normal file
View File

@ -0,0 +1,361 @@
use std::collections::HashSet;
use std::collections::HashMap;
use anyhow::{Error, bail, format_err};
use apt_pkg_native::Cache;
use proxmox::const_regex;
use proxmox::tools::fs::{file_read_optional_string, replace_file, CreateOptions};
use crate::api2::types::APTUpdateInfo;
const APT_PKG_STATE_FN: &str = "/var/lib/proxmox-backup/pkg-state.json";
#[derive(Debug, serde::Serialize, serde::Deserialize)]
/// Some information we cache about the package (update) state, like what pending update version
/// we already notfied an user about
pub struct PkgState {
/// simple map from package name to most recently notified (emailed) version
pub notified: Option<HashMap<String, String>>,
/// A list of pending updates
pub package_status: Vec<APTUpdateInfo>,
}
pub fn write_pkg_cache(state: &PkgState) -> Result<(), Error> {
let serialized_state = serde_json::to_string(state)?;
replace_file(APT_PKG_STATE_FN, &serialized_state.as_bytes(), CreateOptions::new())
.map_err(|err| format_err!("Error writing package cache - {}", err))?;
Ok(())
}
pub fn read_pkg_state() -> Result<Option<PkgState>, Error> {
let serialized_state = match file_read_optional_string(&APT_PKG_STATE_FN) {
Ok(Some(raw)) => raw,
Ok(None) => return Ok(None),
Err(err) => bail!("could not read cached package state file - {}", err),
};
serde_json::from_str(&serialized_state)
.map(|s| Some(s))
.map_err(|err| format_err!("could not parse cached package status - {}", err))
}
pub fn pkg_cache_expired () -> Result<bool, Error> {
if let Ok(pbs_cache) = std::fs::metadata(APT_PKG_STATE_FN) {
let apt_pkgcache = std::fs::metadata("/var/cache/apt/pkgcache.bin")?;
let dpkg_status = std::fs::metadata("/var/lib/dpkg/status")?;
let mtime = pbs_cache.modified()?;
if apt_pkgcache.modified()? <= mtime && dpkg_status.modified()? <= mtime {
return Ok(false);
}
}
Ok(true)
}
pub fn update_cache() -> Result<PkgState, Error> {
// update our cache
let all_upgradeable = list_installed_apt_packages(|data| {
data.candidate_version == data.active_version &&
data.installed_version != Some(data.candidate_version)
}, None);
let cache = match read_pkg_state() {
Ok(Some(mut cache)) => {
cache.package_status = all_upgradeable;
cache
},
_ => PkgState {
notified: None,
package_status: all_upgradeable,
},
};
write_pkg_cache(&cache)?;
Ok(cache)
}
const_regex! {
VERSION_EPOCH_REGEX = r"^\d+:";
FILENAME_EXTRACT_REGEX = r"^.*/.*?_(.*)_Packages$";
}
// FIXME: once the 'changelog' API call switches over to 'apt-get changelog' only,
// consider removing this function entirely, as it's value is never used anywhere
// then (widget-toolkit doesn't use the value either)
fn get_changelog_url(
package: &str,
filename: &str,
version: &str,
origin: &str,
component: &str,
) -> Result<String, Error> {
if origin == "" {
bail!("no origin available for package {}", package);
}
if origin == "Debian" {
let mut command = std::process::Command::new("apt-get");
command.arg("changelog");
command.arg("--print-uris");
command.arg(package);
let output = crate::tools::run_command(command, None)?; // format: 'http://foo/bar' package.changelog
let output = match output.splitn(2, ' ').next() {
Some(output) => {
if output.len() < 2 {
bail!("invalid output (URI part too short) from 'apt-get changelog --print-uris': {}", output)
}
output[1..output.len()-1].to_owned()
},
None => bail!("invalid output from 'apt-get changelog --print-uris': {}", output)
};
return Ok(output);
} else if origin == "Proxmox" {
// FIXME: Use above call to 'apt changelog <pkg> --print-uris' as well.
// Currently not possible as our packages do not have a URI set in their Release file.
let version = (VERSION_EPOCH_REGEX.regex_obj)().replace_all(version, "");
let base = match (FILENAME_EXTRACT_REGEX.regex_obj)().captures(filename) {
Some(captures) => {
let base_capture = captures.get(1);
match base_capture {
Some(base_underscore) => base_underscore.as_str().replace("_", "/"),
None => bail!("incompatible filename, cannot find regex group")
}
},
None => bail!("incompatible filename, doesn't match regex")
};
return Ok(format!("http://download.proxmox.com/{}/{}_{}.changelog",
base, package, version));
}
bail!("unknown origin ({}) or component ({})", origin, component)
}
pub struct FilterData<'a> {
// this is version info returned by APT
pub installed_version: Option<&'a str>,
pub candidate_version: &'a str,
// this is the version info the filter is supposed to check
pub active_version: &'a str,
}
enum PackagePreSelect {
OnlyInstalled,
OnlyNew,
All,
}
pub fn list_installed_apt_packages<F: Fn(FilterData) -> bool>(
filter: F,
only_versions_for: Option<&str>,
) -> Vec<APTUpdateInfo> {
let mut ret = Vec::new();
let mut depends = HashSet::new();
// note: this is not an 'apt update', it just re-reads the cache from disk
let mut cache = Cache::get_singleton();
cache.reload();
let mut cache_iter = match only_versions_for {
Some(name) => cache.find_by_name(name),
None => cache.iter()
};
loop {
match cache_iter.next() {
Some(view) => {
let di = if only_versions_for.is_some() {
query_detailed_info(
PackagePreSelect::All,
&filter,
view,
None
)
} else {
query_detailed_info(
PackagePreSelect::OnlyInstalled,
&filter,
view,
Some(&mut depends)
)
};
if let Some(info) = di {
ret.push(info);
}
if only_versions_for.is_some() {
break;
}
},
None => {
drop(cache_iter);
// also loop through missing dependencies, as they would be installed
for pkg in depends.iter() {
let mut iter = cache.find_by_name(&pkg);
let view = match iter.next() {
Some(view) => view,
None => continue // package not found, ignore
};
let di = query_detailed_info(
PackagePreSelect::OnlyNew,
&filter,
view,
None
);
if let Some(info) = di {
ret.push(info);
}
}
break;
}
}
}
return ret;
}
fn query_detailed_info<'a, F, V>(
pre_select: PackagePreSelect,
filter: F,
view: V,
depends: Option<&mut HashSet<String>>,
) -> Option<APTUpdateInfo>
where
F: Fn(FilterData) -> bool,
V: std::ops::Deref<Target = apt_pkg_native::sane::PkgView<'a>>
{
let current_version = view.current_version();
let candidate_version = view.candidate_version();
let (current_version, candidate_version) = match pre_select {
PackagePreSelect::OnlyInstalled => match (current_version, candidate_version) {
(Some(cur), Some(can)) => (Some(cur), can), // package installed and there is an update
(Some(cur), None) => (Some(cur.clone()), cur), // package installed and up-to-date
(None, Some(_)) => return None, // package could be installed
(None, None) => return None, // broken
},
PackagePreSelect::OnlyNew => match (current_version, candidate_version) {
(Some(_), Some(_)) => return None,
(Some(_), None) => return None,
(None, Some(can)) => (None, can),
(None, None) => return None,
},
PackagePreSelect::All => match (current_version, candidate_version) {
(Some(cur), Some(can)) => (Some(cur), can),
(Some(cur), None) => (Some(cur.clone()), cur),
(None, Some(can)) => (None, can),
(None, None) => return None,
},
};
// get additional information via nested APT 'iterators'
let mut view_iter = view.versions();
while let Some(ver) = view_iter.next() {
let package = view.name();
let version = ver.version();
let mut origin_res = "unknown".to_owned();
let mut section_res = "unknown".to_owned();
let mut priority_res = "unknown".to_owned();
let mut change_log_url = "".to_owned();
let mut short_desc = package.clone();
let mut long_desc = "".to_owned();
let fd = FilterData {
installed_version: current_version.as_deref(),
candidate_version: &candidate_version,
active_version: &version,
};
if filter(fd) {
if let Some(section) = ver.section() {
section_res = section;
}
if let Some(prio) = ver.priority_type() {
priority_res = prio;
}
// assume every package has only one origin file (not
// origin, but origin *file*, for some reason those seem to
// be different concepts in APT)
let mut origin_iter = ver.origin_iter();
let origin = origin_iter.next();
if let Some(origin) = origin {
if let Some(sd) = origin.short_desc() {
short_desc = sd;
}
if let Some(ld) = origin.long_desc() {
long_desc = ld;
}
// the package files appear in priority order, meaning
// the one for the candidate version is first - this is fine
// however, as the source package should be the same for all
// versions anyway
let mut pkg_iter = origin.file();
let pkg_file = pkg_iter.next();
if let Some(pkg_file) = pkg_file {
if let Some(origin_name) = pkg_file.origin() {
origin_res = origin_name;
}
let filename = pkg_file.file_name();
let component = pkg_file.component();
// build changelog URL from gathered information
// ignore errors, use empty changelog instead
let url = get_changelog_url(&package, &filename,
&version, &origin_res, &component);
if let Ok(url) = url {
change_log_url = url;
}
}
}
if let Some(depends) = depends {
let mut dep_iter = ver.dep_iter();
loop {
let dep = match dep_iter.next() {
Some(dep) if dep.dep_type() != "Depends" => continue,
Some(dep) => dep,
None => break
};
let dep_pkg = dep.target_pkg();
let name = dep_pkg.name();
depends.insert(name);
}
}
return Some(APTUpdateInfo {
package,
title: short_desc,
arch: view.arch(),
description: long_desc,
change_log_url,
origin: origin_res,
version: candidate_version.clone(),
old_version: match current_version {
Some(vers) => vers,
None => "".to_owned()
},
priority: priority_res,
section: section_res,
});
}
}
return None;
}

34
src/tools/file_logger.rs
View File

@ -47,6 +47,7 @@ pub struct FileLogOptions {
#[derive(Debug)] #[derive(Debug)]
pub struct FileLogger { pub struct FileLogger {
file: std::fs::File, file: std::fs::File,
file_name: std::path::PathBuf,
options: FileLogOptions, options: FileLogOptions,
} }
@ -63,6 +64,23 @@ impl FileLogger {
file_name: P, file_name: P,
options: FileLogOptions, options: FileLogOptions,
) -> Result<Self, Error> { ) -> Result<Self, Error> {
let file = Self::open(&file_name, &options)?;
let file_name: std::path::PathBuf = file_name.as_ref().to_path_buf();
Ok(Self { file, file_name, options })
}
pub fn reopen(&mut self) -> Result<&Self, Error> {
let file = Self::open(&self.file_name, &self.options)?;
self.file = file;
Ok(self)
}
fn open<P: AsRef<std::path::Path>>(
file_name: P,
options: &FileLogOptions,
) -> Result<std::fs::File, Error> {
let file = std::fs::OpenOptions::new() let file = std::fs::OpenOptions::new()
.read(options.read) .read(options.read)
.write(true) .write(true)
@ -76,7 +94,7 @@ impl FileLogger {
nix::unistd::chown(file_name.as_ref(), Some(backup_user.uid), Some(backup_user.gid))?; nix::unistd::chown(file_name.as_ref(), Some(backup_user.uid), Some(backup_user.gid))?;
} }
Ok(Self { file, options }) Ok(file)
} }
pub fn log<S: AsRef<str>>(&mut self, msg: S) { pub fn log<S: AsRef<str>>(&mut self, msg: S) {
@ -88,15 +106,21 @@ impl FileLogger {
stdout.write_all(b"\n").unwrap(); stdout.write_all(b"\n").unwrap();
} }
let now = proxmox::tools::time::epoch_i64();
let rfc3339 = proxmox::tools::time::epoch_to_rfc3339(now).unwrap();
let line = if self.options.prefix_time { let line = if self.options.prefix_time {
let now = proxmox::tools::time::epoch_i64();
let rfc3339 = match proxmox::tools::time::epoch_to_rfc3339(now) {
Ok(rfc3339) => rfc3339,
Err(_) => "1970-01-01T00:00:00Z".into(), // for safety, should really not happen!
};
format!("{}: {}\n", rfc3339, msg) format!("{}: {}\n", rfc3339, msg)
} else { } else {
format!("{}\n", msg) format!("{}\n", msg)
}; };
self.file.write_all(line.as_bytes()).unwrap(); if let Err(err) = self.file.write_all(line.as_bytes()) {
// avoid panicking, log methods should not do that
// FIXME: or, return result???
eprintln!("error writing to log file - {}", err);
}
} }
} }

20
src/tools/logrotate.rs
View File

@ -95,21 +95,21 @@ impl LogRotate {
let mut next_filename = self.base_path.clone().canonicalize()?.into_os_string(); let mut next_filename = self.base_path.clone().canonicalize()?.into_os_string();
next_filename.push(format!(".{}", filenames.len())); next_filename.push(format!(".{}", filenames.len()));
if self.compress {
next_filename.push(".zst");
}
filenames.push(PathBuf::from(next_filename)); filenames.push(PathBuf::from(next_filename));
let count = filenames.len(); let count = filenames.len();
for i in (0..count-1).rev() { for i in (0..count-1).rev() {
rename(&filenames[i], &filenames[i+1])?; if self.compress
} && filenames[i+0].extension().unwrap_or(std::ffi::OsStr::new("")) != "zst"
&& filenames[i+1].extension().unwrap_or(std::ffi::OsStr::new("")) == "zst"
if self.compress { {
for i in 2..count { Self::compress(&filenames[i], &filenames[i+1], &options)?;
if filenames[i].extension().unwrap_or(std::ffi::OsStr::new("")) != "zst" { } else {
let mut target = filenames[i].clone().into_os_string(); rename(&filenames[i], &filenames[i+1])?;
target.push(".zstd");
Self::compress(&filenames[i], &target.into(), &options)?;
}
} }
} }

6
tests/worker-task-abort.rs
View File

@ -42,8 +42,10 @@ fn worker_task_abort() -> Result<(), Error> {
let mut rt = tokio::runtime::Runtime::new().unwrap(); let mut rt = tokio::runtime::Runtime::new().unwrap();
rt.block_on(async move { rt.block_on(async move {
let mut commando_sock = server::CommandoSocket::new(server::our_ctrl_sock());
let init_result: Result<(), Error> = try_block!({ let init_result: Result<(), Error> = try_block!({
server::create_task_control_socket()?; server::register_task_control_commands(&mut commando_sock)?;
server::server_state_init()?; server::server_state_init()?;
Ok(()) Ok(())
}); });
@ -57,7 +59,7 @@ fn worker_task_abort() -> Result<(), Error> {
let res = server::WorkerTask::new_thread( let res = server::WorkerTask::new_thread(
"garbage_collection", "garbage_collection",
None, None,
proxmox_backup::api2::types::Userid::root_userid().clone(), proxmox_backup::api2::types::Authid::root_auth_id().clone(),
true, true,
move |worker| { move |worker| {
println!("WORKER {}", worker); println!("WORKER {}", worker);

34
www/AccessControlPanel.js Normal file
View File

@ -0,0 +1,34 @@
Ext.define('PBS.AccessControlPanel', {
extend: 'Ext.tab.Panel',
alias: 'widget.pbsAccessControlPanel',
mixins: ['Proxmox.Mixin.CBind'],
title: gettext('Access Control'),
border: false,
defaults: {
border: false,
},
items: [
{
xtype: 'pbsUserView',
title: gettext('User Management'),
itemId: 'users',
iconCls: 'fa fa-user',
},
{
xtype: 'pbsTokenView',
title: gettext('API Token'),
itemId: 'apitokens',
iconCls: 'fa fa-user-o',
},
{
xtype: 'pbsACLView',
title: gettext('Permissions'),
itemId: 'permissions',
iconCls: 'fa fa-unlock',
},
],
});

7
www/Dashboard.js
View File

@ -63,7 +63,9 @@ Ext.define('PBS.Dashboard', {
updateSubscription: function(store, records, success) { updateSubscription: function(store, records, success) {
if (!success) { return; } if (!success) { return; }
let me = this; let me = this;
let subStatus = records[0].data.status === 'Active' ? 2 : 0; // 2 = all good, 1 = different leves, 0 = none let status = records[0].data.status || 'unknown';
// 2 = all good, 1 = different leves, 0 = none
let subStatus = status.toLowerCase() === 'active' ? 2 : 0;
me.lookup('subscription').setSubStatus(subStatus); me.lookup('subscription').setSubStatus(subStatus);
}, },
@ -230,8 +232,9 @@ Ext.define('PBS.Dashboard', {
model: 'proxmox-tasks', model: 'proxmox-tasks',
proxy: { proxy: {
type: 'proxmox', type: 'proxmox',
url: '/api2/json/status/tasks', url: '/api2/json/nodes/localhost/tasks',
extraParams: { extraParams: {
limit: 0,
since: '{sinceEpoch}', since: '{sinceEpoch}',
}, },
}, },

2
www/DataStoreContent.js
View File

@ -542,7 +542,7 @@ Ext.define('PBS.DataStoreContent', {
v = ''; v = '';
} }
v = Ext.String.htmlEncode(v); v = Ext.String.htmlEncode(v);
let icon = 'fa fa-fw fa-pencil'; let icon = 'fa fa-fw fa-pencil pointer';
return `<span class="snapshot-comment-column">${v}</span> return `<span class="snapshot-comment-column">${v}</span>
<i data-qtip="${gettext('Edit')}" style="float: right;" class="${icon}"></i>`; <i data-qtip="${gettext('Edit')}" style="float: right;" class="${icon}"></i>`;

Some files were not shown because too many files have changed in this diff Show More