From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 1/2] verify: log/warn on invalid owner
Date: Tue, 10 Nov 2020 13:52:49 +0100 [thread overview]
Message-ID: <20201110125250.3750178-1-f.gruenbichler@proxmox.com> (raw)
in order to trigger a notification/make the problem more visible than
just in syslog.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
Notes:
not filtering in case we don't have an explicit owner passed in to keep
backwards compat - we could also skip verification for them even in the
privileged case.. ?
-w --patience makes this easier to read
src/api2/admin/datastore.rs | 2 +-
src/backup/verify.rs | 42 ++++++++++++++++++++++---------------
2 files changed, 26 insertions(+), 18 deletions(-)
diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs
index 8256f02f..e76867c7 100644
--- a/src/api2/admin/datastore.rs
+++ b/src/api2/admin/datastore.rs
@@ -648,7 +648,7 @@ pub fn verify(
verify_all_backups(datastore, worker.clone(), worker.upid(), owner, None)?
};
if failed_dirs.len() > 0 {
- worker.log("Failed to verify following snapshots:");
+ worker.log("Failed to verify following snapshots/groups:");
for dir in failed_dirs {
worker.log(format!("\t{}", dir));
}
diff --git a/src/backup/verify.rs b/src/backup/verify.rs
index b5bb85fc..512a3805 100644
--- a/src/backup/verify.rs
+++ b/src/backup/verify.rs
@@ -508,23 +508,31 @@ pub fn verify_all_backups(
}
let filter_by_owner = |group: &BackupGroup| {
- if let Some(owner) = &owner {
- match datastore.get_owner(group) {
- Ok(ref group_owner) => {
- group_owner == owner
- || (group_owner.is_token()
- && !owner.is_token()
- && group_owner.user() == owner.user())
- },
- Err(err) => {
- // intentionally not in task log
- // the task user might not be allowed to see this group!
- println!("Failed to get owner of group '{}' - {}", group, err);
- false
- },
- }
- } else {
- true
+ match (datastore.get_owner(group), &owner) {
+ (Ok(ref group_owner), Some(owner)) => {
+ group_owner == owner
+ || (group_owner.is_token()
+ && !owner.is_token()
+ && group_owner.user() == owner.user())
+ },
+ (Ok(_), None) => true,
+ (Err(err), Some(_)) => {
+ // intentionally not in task log
+ // the task user might not be allowed to see this group!
+ println!("Failed to get owner of group '{}' - {}", group, err);
+ false
+ },
+ (Err(err), None) => {
+ // we don't filter by owner, but we want to log the error
+ task_log!(
+ worker,
+ "Failed to get owner of group '{} - {}",
+ group,
+ err,
+ );
+ errors.push(group.to_string());
+ true
+ },
}
};
--
2.20.1
next reply other threads:[~2020-11-10 12:53 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-10 12:52 Fabian Grünbichler [this message]
2020-11-10 12:52 ` [pbs-devel] [PATCH proxmox-backup 2/2] verify: cleanup logging order/messages Fabian Grünbichler
2020-11-10 13:14 ` [pbs-devel] applied-series: [PATCH proxmox-backup 1/2] verify: log/warn on invalid owner Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201110125250.3750178-1-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox