From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Gabriel Goller <g.goller@proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Subject: Re: [pbs-devel] [PATCH proxmox-backup v4 1/2] fix #5439: allow to reuse existing datastore
Date: Thu, 29 Aug 2024 11:17:39 +0200 [thread overview]
Message-ID: <e4tldstjz5ur3sabj7z6gli5qmflpgev7hsih4n7dls5tgcwvp@lfehryuyu4ic> (raw)
In-Reply-To: <20240829081242.rfsd4uq7zyahzxyz@luna.proxmox.com>
On Thu, Aug 29, 2024 at 10:12:42AM GMT, Gabriel Goller wrote:
> On 28.08.2024 15:48, Wolfgang Bumiller wrote:
> > On Wed, Aug 14, 2024 at 10:57:11AM GMT, Gabriel Goller wrote:
> > > [skip]
> > > /// Opens the chunk store with a new process locker.
> > > ///
> > > /// Note that this must be used with care, as it's dangerous to create two instances on the
> > > /// same base path, as closing the underlying ProcessLocker drops all locks from this process
> > > /// on the lockfile (even if separate FDs)
> > > - pub(crate) fn open<P: Into<PathBuf>>(
> > > + pub fn open<P: Into<PathBuf>>(
> >
> > ^ This is not used and should be dropped.
>
> Correct, no idea why I did this.
>
> > > [skip]
> > > + /// Checks permissions and owner of passed path.
> > > + fn check_permissions<T: AsRef<Path>>(path: T, file_mode: u32) -> Result<(), Error> {
> > > + match nix::sys::stat::stat(path.as_ref()) {
> > > + Ok(stat) => {
> > > + if stat.st_uid != u32::from(pbs_config::backup_user()?.uid)
> > > + || stat.st_gid != u32::from(pbs_config::backup_group()?.gid)
> > > + || stat.st_mode & 0o700 != file_mode
> >
> > Either be exact:
> > st_mode != file_mode
> >
> > or only check the required bits:
> > (st_mode & file_mode) != file_mode
> >
> > (This is one of those rare cases where I'd rather go with the first
> > option. If users modified the permissions via the shell, they can just
> > fix them up, too.)
> >
> > as your current code would for instance fail if the lock file had *more*
> > permissions for the *user* (u+x) but would ignore more permissions for
> > *others* (o+rwx or g+w).
>
> Hmm locally I actually have:
>
> || stat.st_mode & 0o770 < file_mode
>
> with file_mode being 0o640.
> I forgot to add this hunk to the commit :)
>
> Let me know if this is better or if I should revert to your exact
> match (st_mode != file_mode).
The exact one makes more sense to me. Consider that `0o100 > 0x007`
while `0o007` grants *more* permissions.
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2024-08-29 9:17 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-14 8:57 Gabriel Goller
2024-08-14 8:57 ` [pbs-devel] [PATCH proxmox-backup v4 2/2] web: disallow datastore in root, add reuse-datastore flag Gabriel Goller
2024-08-28 13:48 ` [pbs-devel] [PATCH proxmox-backup v4 1/2] fix #5439: allow to reuse existing datastore Wolfgang Bumiller
2024-08-29 8:12 ` Gabriel Goller
2024-08-29 9:17 ` Wolfgang Bumiller [this message]
2024-08-29 10:42 ` Gabriel Goller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e4tldstjz5ur3sabj7z6gli5qmflpgev7hsih4n7dls5tgcwvp@lfehryuyu4ic \
--to=w.bumiller@proxmox.com \
--cc=g.goller@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.