From: Hannes Laimer <h.laimer@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 1/3] add inspection of chunks
Date: Tue, 15 Dec 2020 09:16:24 +0100 [thread overview]
Message-ID: <20201215081626.73888-2-h.laimer@proxmox.com> (raw)
In-Reply-To: <20201215081626.73888-1-h.laimer@proxmox.com>
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
---
Adds possibility to inspect chunks and find indexes that reference the
chunk. Options:
- chunk: path to the chunk file
- [opt] decode: path to a file or to stdout(-), if specified, the chunk will
be decoded into the specified location
- [opt] keyfile: path to a keyfile, needed if decode is specified and the
data was encrypted
- [opt] reference-filter: path in which indexes that reference the chunk
should be searched, can be a group, snapshot or the whole datastore,
if not specified no references will be searched
Makefile | 3 +-
src/bin/proxmox-backup-recovery.rs | 32 ++++
src/bin/proxmox_backup_recovery/inspect.rs | 195 +++++++++++++++++++++
src/bin/proxmox_backup_recovery/mod.rs | 2 +
4 files changed, 231 insertions(+), 1 deletion(-)
create mode 100644 src/bin/proxmox-backup-recovery.rs
create mode 100644 src/bin/proxmox_backup_recovery/inspect.rs
create mode 100644 src/bin/proxmox_backup_recovery/mod.rs
diff --git a/Makefile b/Makefile
index a1af9d51..a9c2a711 100644
--- a/Makefile
+++ b/Makefile
@@ -13,7 +13,8 @@ USR_BIN := \
# Binaries usable by admins
USR_SBIN := \
- proxmox-backup-manager
+ proxmox-backup-manager \
+ proxmox-backup-recovery \
# Binaries for services:
SERVICE_BIN := \
diff --git a/src/bin/proxmox-backup-recovery.rs b/src/bin/proxmox-backup-recovery.rs
new file mode 100644
index 00000000..ae8c18d5
--- /dev/null
+++ b/src/bin/proxmox-backup-recovery.rs
@@ -0,0 +1,32 @@
+use anyhow::Error;
+use proxmox::api::schema::{Schema, StringSchema};
+use proxmox::api::cli::*;
+
+use proxmox::sys::linux::tty;
+use proxmox_backup_recovery::*;
+mod proxmox_backup_recovery;
+
+pub fn get_encryption_key_password() -> Result<Vec<u8>, Error> {
+ tty::read_password("Encryption Key Password: ")
+}
+
+pub const PATH_SCHEMA: Schema = StringSchema::new("Path to a file or a directory").schema();
+
+pub const KEYFILE_SCHEMA: Schema = StringSchema::new(
+ "Path to encryption key. If the data was encrypted, this key will be used for decryption.",
+)
+.schema();
+
+fn main() {
+ proxmox_backup::tools::setup_safe_path_env();
+
+ let cmd_def = CliCommandMap::new()
+ .insert("inspect", inspect_commands());
+
+ let rpcenv = CliEnvironment::new();
+ run_cli_command(
+ cmd_def,
+ rpcenv,
+ Some(|future| proxmox_backup::tools::runtime::main(future)),
+ );
+}
diff --git a/src/bin/proxmox_backup_recovery/inspect.rs b/src/bin/proxmox_backup_recovery/inspect.rs
new file mode 100644
index 00000000..6bf4a0a3
--- /dev/null
+++ b/src/bin/proxmox_backup_recovery/inspect.rs
@@ -0,0 +1,195 @@
+use std::collections::HashSet;
+use std::fs::File;
+use std::io::Write;
+use std::path::Path;
+
+use anyhow::Error;
+use proxmox::api::cli::{
+ format_and_print_result, get_output_format, CliCommand, CliCommandMap, CommandLineInterface,
+};
+use proxmox::api::{api, cli::*, RpcEnvironment};
+use serde_json::{json, Value};
+use walkdir::WalkDir;
+
+use proxmox_backup::api2::types::SHA256_HEX_REGEX;
+use proxmox_backup::backup::{
+ load_and_decrypt_key, CryptConfig, DataBlob, DynamicIndexReader, FixedIndexReader, IndexFile,
+};
+use proxmox_backup::tools;
+
+use crate::{get_encryption_key_password, KEYFILE_SCHEMA, PATH_SCHEMA};
+
+/// Decodes a blob and writes its content either to stdout or into a file
+fn decode_blob(
+ output_path: Option<&Path>,
+ key_file: Option<&Path>,
+ digest: Option<&[u8; 32]>,
+ blob: &DataBlob,
+) -> Result<(), Error> {
+ let mut crypt_conf_opt = None;
+ let crypt_conf;
+
+ if blob.is_encrypted() && key_file.is_some() {
+ let (key, _created, _fingerprint) =
+ load_and_decrypt_key(&key_file.unwrap(), &get_encryption_key_password)?;
+ crypt_conf = CryptConfig::new(key)?;
+ crypt_conf_opt = Some(&crypt_conf);
+ }
+
+ if output_path.is_some() {
+ let mut file = File::create(output_path.unwrap())?;
+ Ok(file.write_all(blob.decode(crypt_conf_opt, digest)?.as_slice())?)
+ } else {
+ Ok(println!(
+ "{}",
+ String::from_utf8_lossy(blob.decode(crypt_conf_opt, digest)?.as_slice())
+ ))
+ }
+}
+
+#[api(
+ input: {
+ properties: {
+ chunk: {
+ schema: PATH_SCHEMA,
+ },
+ "reference-filter": {
+ schema: PATH_SCHEMA,
+ optional: true,
+ },
+ "decode": {
+ schema: PATH_SCHEMA,
+ optional: true,
+ },
+ "keyfile": {
+ schema: KEYFILE_SCHEMA,
+ optional: true,
+ },
+ "output-format": {
+ schema: OUTPUT_FORMAT,
+ optional: true,
+ },
+ }
+ }
+)]
+/// Inspect a chunk
+fn inspect_chunk(param: Value, _rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
+ let chunk_path = Path::new(tools::required_string_param(¶m, "chunk")?);
+ let output_format = get_output_format(¶m);
+ let digest_str = chunk_path.file_name().unwrap().to_str().unwrap();
+
+ if !SHA256_HEX_REGEX.is_match(digest_str) {
+ println!("chunk filename is not valid");
+ return Ok(Value::Null);
+ }
+
+ let digest_raw = proxmox::tools::hex_to_digest(digest_str)?;
+
+ let reference_filter_param = param["reference-filter"].as_str();
+ let decode_output_param = param["decode"].as_str();
+ let key_file_param = param["keyfile"].as_str();
+
+ let mut search_path = None;
+ let mut decode_output_path = None;
+ let mut key_file_path = None;
+ let mut to_stdout = false;
+
+ if let Some(path) = reference_filter_param {
+ search_path = Some(Path::new(path))
+ };
+
+ if let Some(path) = decode_output_param {
+ to_stdout = path.eq("-");
+ decode_output_path = Some(Path::new(path))
+ };
+
+ if let Some(path) = key_file_param {
+ key_file_path = Some(Path::new(path))
+ };
+
+ let mut file = std::fs::File::open(&chunk_path)?;
+ let blob = DataBlob::load_from_reader(&mut file)?;
+
+ let mut referenced_by = None;
+ if let Some(search_path) = search_path {
+ let mut references = Vec::new();
+ for entry in WalkDir::new(search_path)
+ .follow_links(false)
+ .into_iter()
+ .filter_map(|e| e.ok())
+ {
+ let file_name = entry.file_name().to_string_lossy();
+ let mut in_index = HashSet::new();
+ let mut index: Option<Box<dyn IndexFile>> = None;
+
+ if file_name.ends_with(".fidx") {
+ index = match FixedIndexReader::open(entry.path()) {
+ Ok(index) => Some(Box::new(index)),
+ Err(_) => None,
+ };
+ }
+
+ if file_name.ends_with(".didx") {
+ index = match DynamicIndexReader::open(entry.path()) {
+ Ok(index) => Some(Box::new(index)),
+ Err(_) => None,
+ };
+ }
+
+ if let Some(index) = index {
+ for pos in 0..index.index_count() {
+ if let Some(index_chunk_digest) = index.index_digest(pos) {
+ in_index.insert(proxmox::tools::digest_to_hex(index_chunk_digest));
+ }
+ }
+ }
+
+ if in_index.contains(digest_str) {
+ references.push(entry.path().to_string_lossy().into_owned());
+ }
+ }
+ referenced_by = Some(references);
+ }
+
+ if let Some(decode_output_path) = decode_output_path {
+ if to_stdout {
+ decode_blob(None, key_file_path, Some(&digest_raw), &blob)?;
+ } else {
+ decode_blob(
+ Some(decode_output_path),
+ key_file_path,
+ Some(&digest_raw),
+ &blob,
+ )?;
+ }
+ }
+
+ let crc_status = format!(
+ "{}({})",
+ blob.compute_crc(),
+ blob.verify_crc().map_or("NOK", |_x| "OK")
+ );
+
+ let val = match referenced_by {
+ Some(references) => json!({
+ "digest": digest_str,
+ "crc": crc_status,
+ "encryption": blob.crypt_mode()?,
+ "referenced-by": references
+ }),
+ None => json!({
+ "digest": digest_str,
+ "crc": crc_status,
+ "encryption": blob.crypt_mode()?,
+ }),
+ };
+
+ format_and_print_result(&val, &output_format);
+ Ok(Value::Null)
+}
+
+pub fn inspect_commands() -> CommandLineInterface {
+ let cmd_def = CliCommandMap::new().insert("chunk", CliCommand::new(&API_METHOD_INSPECT_CHUNK));
+
+ cmd_def.into()
+}
diff --git a/src/bin/proxmox_backup_recovery/mod.rs b/src/bin/proxmox_backup_recovery/mod.rs
new file mode 100644
index 00000000..644583db
--- /dev/null
+++ b/src/bin/proxmox_backup_recovery/mod.rs
@@ -0,0 +1,2 @@
+mod inspect;
+pub use inspect::*;
--
2.20.1
next prev parent reply other threads:[~2020-12-15 8:16 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-15 8:16 [pbs-devel] [PATCH proxmox-backup 0/3] add proxmox-backup-recovery binary Hannes Laimer
2020-12-15 8:16 ` Hannes Laimer [this message]
2020-12-15 10:14 ` [pbs-devel] [PATCH proxmox-backup 1/3] add inspection of chunks Thomas Lamprecht
2020-12-15 8:16 ` [pbs-devel] [PATCH proxmox-backup 2/3] add inspection of .blob, .fidx and .didx files Hannes Laimer
2020-12-15 8:16 ` [pbs-devel] [PATCH proxmox-backup 3/3] add restore of index files Hannes Laimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201215081626.73888-2-h.laimer@proxmox.com \
--to=h.laimer@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal