From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pbs-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id 0EA711FF13A
	for <inbox@lore.proxmox.com>; Wed, 15 Apr 2026 10:04:26 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 8C5C27BD0;
	Wed, 15 Apr 2026 10:04:25 +0200 (CEST)
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Date: Wed, 15 Apr 2026 10:03:51 +0200
Message-Id: <DHTKM1A9RK5U.1D1HZEWOUGHDE@proxmox.com>
Subject: Re: [PATCH proxmox-backup v3 07/30] pbs-config: implement
 encryption key config handling
From: "Daniel Kral" <d.kral@proxmox.com>
To: "Christian Ebner" <c.ebner@proxmox.com>, =?utf-8?q?Michael_K=C3=B6ppl?=
 <m.koeppl@proxmox.com>, <pbs-devel@lists.proxmox.com>
X-Mailer: aerc 0.21.0-136-gdb9fe9896a79-dirty
References: <20260414125923.892345-1-c.ebner@proxmox.com>
 <20260414125923.892345-8-c.ebner@proxmox.com>
 <DHSY95O5BJZF.2QZU5L1DA4FL3@proxmox.com>
 <576f8999-1a20-417a-9c6d-ec79467661da@proxmox.com>
In-Reply-To: <576f8999-1a20-417a-9c6d-ec79467661da@proxmox.com>
X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2
X-Bm-Transport-Timestamp: 1776240154088
X-SPAM-LEVEL: Spam detection results:  0
	AWL                    -0.921 Adjusted score from AWL reputation of From:
 address
	BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
	DMARC_MISSING             0.1 Missing DMARC policy
	KAM_DMARC_STATUS         0.01 Test Rule for DKIM or SPF Failure with Strict
 Alignment
	KAM_MAILER                  2 Automated Mailer Tag Left in Email
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	RCVD_IN_VALIDITY_RPBL_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	RCVD_IN_VALIDITY_SAFE_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked.  See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
	SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
	SPF_PASS               -0.001 SPF: sender matches SPF record
	URIBL_BLOCKED           0.001 ADMINISTRATOR NOTICE: The query to URIBL was
 blocked.  See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
 for more information. [rust-lang.org]
Message-ID-Hash: JNODXM5NQKO73RLMSKGEXCTLDAXPUMS5
X-Message-ID-Hash: JNODXM5NQKO73RLMSKGEXCTLDAXPUMS5
X-MailFrom: d.kral@proxmox.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; emergency; member-moderation; nonmember-moderation;
 administrivia; implicit-dest; max-recipients; max-size; news-moderation;
 no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Owner: <mailto:pbs-devel-owner@lists.proxmox.com>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Subscribe: <mailto:pbs-devel-join@lists.proxmox.com>
List-Unsubscribe: <mailto:pbs-devel-leave@lists.proxmox.com>

On Wed Apr 15, 2026 at 8:48 AM CEST, Christian Ebner wrote:
> On 4/14/26 4:31 PM, Michael K=C3=B6ppl wrote:
>> 2 comments inline
>>=20
>> On Tue Apr 14, 2026 at 2:59 PM CEST, Christian Ebner wrote:
>>=20
>> [snip]
>>=20
>>> +/// Store the encryption key to file.
>>> +///
>>> +/// Inserts the key in the config and stores it to the given file.
>>> +pub fn store_key(id: &str, key: &KeyConfig) -> Result<(), Error> {
>>> +    let _lock =3D lock_config()?;
>>> +    let (mut config, _digest) =3D config()?;
>>> +
>>> +    if config.sections.contains_key(id) {
>>> +        bail!("key with id '{id}' already exists.");
>>> +    }
>>> +
>>> +    let backup_user =3D crate::backup_user()?;
>>> +    let dir_options =3D CreateOptions::new()
>>> +        .perm(Mode::from_bits_truncate(0o0750))
>>> +        .owner(Uid::from_raw(0))
>>> +        .group(backup_user.gid);
>>> +
>>> +    proxmox_sys::fs::ensure_dir_exists(ENCRYPTION_KEYS_DIR, &dir_optio=
ns, true)?;
>>> +
>>> +    let key_path =3D format!("{ENCRYPTION_KEYS_DIR}{id}.enc");
>>> +    let key_lock_path =3D format!("{key_path}.lck");
>>> +
>>> +    // lock to avoid race with key deletion
>>> +    open_backup_lockfile(&key_lock_path, None, true)?;
>>=20
>> This needs to be assigned to a variable, no? Otherwise, the lock would
>> be immediately dropped.
>
> Oh, good catch! Indeed without this the lock would be immediately=20
> dropped, will be fixed. Thanks!
>

Would it make sense to add a #[must_use =3D "..."] attribute [0] to
open_backup_lockfile() or even the BackupLockGuard in general or would
it be too strict here?

[0] https://doc.rust-lang.org/reference/attributes/diagnostics.html#the-mus=
t_use-attribute

>>=20
>> In other places we have something like let _lock =3D lock_config()?;
>>=20