From: Arthur Bied-Charreton <a.bied-charreton@proxmox.com>
To: Lukas Wagner <l.wagner@proxmox.com>
Cc: pve-devel@lists.proxmox.com
Subject: Re: [PATCH proxmox 2/7] notify (smtp): Introduce state module
Date: Tue, 24 Mar 2026 09:50:35 +0100 [thread overview]
Message-ID: <onks7365xwtqz53vexdferd3gzuhvfik4zu5nkc4w5pz2j7m2d@kzcwir35g2iu> (raw)
In-Reply-To: <DHA5SAKGQAN1.BVWSK7UCNBR8@proxmox.com>
On Mon, Mar 23, 2026 at 01:26:05PM +0100, Lukas Wagner wrote:
[...]
> > + proxmox_sys::fs::ensure_dir_exists(parent, &context().secret_create_options(), false)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))?;
>
> I'm getting a "bad permissions on "/etc/pve/priv/notifications" (0o700
> != 0o600)" error in the system/task logs when the token is refreshed.
> The CreateOptions provided by the context are 0o600, but I think pmxcfs
> automatically enforces the x-bit on directories, leading to 0o700 perms
> on the '/etc/pve/priv/notifications/' directory, which ultimately gives
> us this error. I think you either have to add a separate trait method
> for the directory permissions/CreateOptions, or add the x-bit to the
> existing CreateOptions yourself here at the callsite.
>
Just looked into that, there is a `create_secret_dir` function in
`proxmox-product-config` that does exactly what we need here.
> > +
> > + let s = serde_json::to_string_pretty(&self)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))?;
> > +
> > + proxmox_sys::fs::replace_file(path, s.as_bytes(), context().secret_create_options(), true)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))
> > + }
> > +
> > + /// Set `last_refreshed`.
> > + pub(crate) fn set_last_refreshed(mut self, last_refreshed: i64) -> Self {
> > + self.last_refreshed = last_refreshed;
> > + self
> > + }
> > +
> > + /// Set `oauth2_refresh_token`.
> > + pub(crate) fn set_oauth2_refresh_token(mut self, oauth2_refresh_token: Option<String>) -> Self {
> > + self.oauth2_refresh_token = oauth2_refresh_token;
> > + self
> > + }
> > +}
>
next prev parent reply other threads:[~2026-03-24 8:50 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-13 16:03 [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Arthur Bied-Charreton
2026-02-13 16:03 ` [PATCH proxmox 1/7] notify (smtp): Introduce xoauth2 module Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 2/7] notify (smtp): Introduce state module Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:32 ` Arthur Bied-Charreton
2026-03-24 8:50 ` Arthur Bied-Charreton [this message]
2026-02-13 16:04 ` [PATCH proxmox 3/7] notify (smtp): Factor out transport building logic into own function Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 4/7] notify (smtp): Update API with OAuth2 parameters Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 5/7] notify (smtp): Add state handling logic Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 6/7] notify (smtp): Add XOAUTH2 authentication support Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 7/7] notify (smtp): Add logging and state-related error types Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-perl-rs 1/1] notify (smtp): add oauth2 parameters to bindings Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:44 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 1/2] utils: Add OAuth2 flow handlers Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 2/2] notifications: Add opt-in OAuth2 support for SMTP targets Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:49 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 1/5] notifications: Add OAuth2 parameters to schema and add/update endpoints Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH pve-manager 2/5] notifications: Add trigger-state-refresh endpoint Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH pve-manager 3/5] notifications: Trigger notification target refresh in pveupdate Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 4/5] notifications: Handle OAuth2 callback in login handler Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 5/5] notifications: Opt into OAuth2 authentication Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-cluster 1/1] notifications: Add refresh_targets subroutine to PVE::Notify Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:54 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-docs 1/1] notifications: Add section about OAuth2 to SMTP targets docs Arthur Bied-Charreton
2026-03-23 12:25 ` [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Lukas Wagner
2026-03-25 13:16 ` superseded: " Arthur Bied-Charreton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=onks7365xwtqz53vexdferd3gzuhvfik4zu5nkc4w5pz2j7m2d@kzcwir35g2iu \
--to=a.bied-charreton@proxmox.com \
--cc=l.wagner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.