* [pbs-devel] [PATCH proxmox-backup] fix directory permission problems
@ 2021-11-12 6:54 Dietmar Maurer
0 siblings, 0 replies; only message in thread
From: Dietmar Maurer @ 2021-11-12 6:54 UTC (permalink / raw)
To: pbs-devel
By carefully setting options on all create_path() calls,
and by creating "/var/lib/proxmox-backup" at api server startup.
---
pbs-buildcfg/src/lib.rs | 6 ++++++
src/rrd_cache.rs | 5 ++++-
src/server/jobstate.rs | 7 +++++--
src/server/mod.rs | 9 +++++++++
src/tape/mod.rs | 28 ++++++++++++++++++++++------
src/tools/apt.rs | 3 ++-
6 files changed, 48 insertions(+), 10 deletions(-)
diff --git a/pbs-buildcfg/src/lib.rs b/pbs-buildcfg/src/lib.rs
index d89a508b..d6f79de9 100644
--- a/pbs-buildcfg/src/lib.rs
+++ b/pbs-buildcfg/src/lib.rs
@@ -22,6 +22,9 @@ pub const BACKUP_GROUP_NAME: &str = "backup";
#[macro_export]
macro_rules! PROXMOX_BACKUP_RUN_DIR_M { () => ("/run/proxmox-backup") }
+#[macro_export]
+macro_rules! PROXMOX_BACKUP_STATE_DIR_M { () => ("/var/lib/proxmox-backup") }
+
#[macro_export]
macro_rules! PROXMOX_BACKUP_LOG_DIR_M { () => ("/var/log/proxmox-backup") }
@@ -36,6 +39,9 @@ macro_rules! PROXMOX_BACKUP_FILE_RESTORE_BIN_DIR_M {
/// namespaced directory for in-memory (tmpfs) run state
pub const PROXMOX_BACKUP_RUN_DIR: &str = PROXMOX_BACKUP_RUN_DIR_M!();
+/// namespaced directory for persistent state
+pub const PROXMOX_BACKUP_STATE_DIR: &str = PROXMOX_BACKUP_STATE_DIR_M!();
+
/// namespaced directory for persistent logging
pub const PROXMOX_BACKUP_LOG_DIR: &str = PROXMOX_BACKUP_LOG_DIR_M!();
diff --git a/src/rrd_cache.rs b/src/rrd_cache.rs
index d1b8f9a9..45508107 100644
--- a/src/rrd_cache.rs
+++ b/src/rrd_cache.rs
@@ -7,8 +7,11 @@ use proxmox::tools::fs::CreateOptions;
use proxmox_rrd::RRDCache;
use proxmox_rrd::rrd::{RRD, DST, CF};
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_api_types::{RRDMode, RRDTimeFrame};
+const RRD_CACHE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/rrdb");
+
pub static RRD_CACHE: OnceCell<RRDCache> = OnceCell::new();
/// Get the RRD cache instance
@@ -34,7 +37,7 @@ pub fn initialize_rrd_cache() -> Result<&'static RRDCache, Error> {
let apply_interval = 30.0*60.0; // 30 minutes
let cache = RRDCache::new(
- "/var/lib/proxmox-backup/rrdb",
+ RRD_CACHE_BASEDIR,
Some(file_options),
Some(dir_options),
apply_interval,
diff --git a/src/server/jobstate.rs b/src/server/jobstate.rs
index 8df245d6..23e3c2bd 100644
--- a/src/server/jobstate.rs
+++ b/src/server/jobstate.rs
@@ -47,6 +47,8 @@ use proxmox::tools::fs::{
};
use proxmox_systemd::time::{compute_next_event, parse_calendar_event};
+
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_config::{open_backup_lockfile, BackupLockGuard};
use pbs_api_types::{UPID, JobScheduleStatus};
@@ -77,16 +79,17 @@ pub struct Job {
_lock: BackupLockGuard,
}
-const JOB_STATE_BASEDIR: &str = "/var/lib/proxmox-backup/jobstates";
+const JOB_STATE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/jobstates");
/// Create jobstate stat dir with correct permission
pub fn create_jobstate_dir() -> Result<(), Error> {
let backup_user = pbs_config::backup_user()?;
+
let opts = CreateOptions::new()
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(JOB_STATE_BASEDIR, None, Some(opts))
+ create_path(JOB_STATE_BASEDIR, Some(opts.clone()), Some(opts))
.map_err(|err: Error| format_err!("unable to create rrdb stat dir - {}", err))?;
Ok(())
diff --git a/src/server/mod.rs b/src/server/mod.rs
index a6574631..deeb3398 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -62,3 +62,12 @@ pub fn create_run_dir() -> Result<(), Error> {
let _: bool = create_path(pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M!(), None, Some(opts))?;
Ok(())
}
+
+pub fn create_state_dir() -> Result<(), Error> {
+ let backup_user = pbs_config::backup_user()?;
+ let opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+ create_path(pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M!(), None, Some(opts))?;
+ Ok(())
+}
diff --git a/src/tape/mod.rs b/src/tape/mod.rs
index 5d4d46f1..897d1525 100644
--- a/src/tape/mod.rs
+++ b/src/tape/mod.rs
@@ -7,7 +7,7 @@ use proxmox::tools::fs::{
CreateOptions,
};
-use pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M;
+use pbs_buildcfg::{PROXMOX_BACKUP_RUN_DIR_M, PROXMOX_BACKUP_STATE_DIR_M};
#[cfg(test)]
mod test;
@@ -37,7 +37,7 @@ mod pool_writer;
pub use pool_writer::*;
/// Directory path where we store all tape status information
-pub const TAPE_STATUS_DIR: &str = "/var/lib/proxmox-backup/tape";
+pub const TAPE_STATUS_DIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/tape");
/// Directory path where we store drive lock file
pub const DRIVE_LOCK_DIR: &str = concat!(PROXMOX_BACKUP_RUN_DIR_M!(), "/drive-lock");
@@ -66,7 +66,11 @@ pub fn create_tape_status_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(TAPE_STATUS_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(TAPE_STATUS_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create tape status dir - {}", err))?;
Ok(())
@@ -81,7 +85,11 @@ pub fn create_drive_lock_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(DRIVE_LOCK_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(DRIVE_LOCK_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?;
Ok(())
@@ -96,7 +104,11 @@ pub fn create_drive_state_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(DRIVE_STATE_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(DRIVE_STATE_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?;
Ok(())
@@ -111,7 +123,11 @@ pub fn create_changer_state_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(CHANGER_STATE_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(CHANGER_STATE_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create changer state dir - {}", err))?;
Ok(())
diff --git a/src/tools/apt.rs b/src/tools/apt.rs
index 1ffaaa6a..e1e8add8 100644
--- a/src/tools/apt.rs
+++ b/src/tools/apt.rs
@@ -7,9 +7,10 @@ use apt_pkg_native::Cache;
use proxmox::tools::fs::{file_read_optional_string, replace_file, CreateOptions};
use proxmox_schema::const_regex;
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_api_types::APTUpdateInfo;
-const APT_PKG_STATE_FN: &str = "/var/lib/proxmox-backup/pkg-state.json";
+const APT_PKG_STATE_FN: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/pkg-state.json");
#[derive(Debug, serde::Serialize, serde::Deserialize)]
/// Some information we cache about the package (update) state, like what pending update version
--
2.30.2
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-11-12 6:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-12 6:54 [pbs-devel] [PATCH proxmox-backup] fix directory permission problems Dietmar Maurer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal