From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <s.reiter@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 13FC46A15C
 for <pbs-devel@lists.proxmox.com>; Wed, 24 Mar 2021 16:21:09 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 4A3C3C2C9
 for <pbs-devel@lists.proxmox.com>; Wed, 24 Mar 2021 16:21:07 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id C687FC1CF
 for <pbs-devel@lists.proxmox.com>; Wed, 24 Mar 2021 16:21:01 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 856044647A
 for <pbs-devel@lists.proxmox.com>; Wed, 24 Mar 2021 16:21:01 +0100 (CET)
From: Stefan Reiter <s.reiter@proxmox.com>
To: pbs-devel@lists.proxmox.com
Date: Wed, 24 Mar 2021 16:18:07 +0100
Message-Id: <20210324151827.26200-1-s.reiter@proxmox.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.022 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [key.rs, disk.rs, benchmark.rs, config.rs, buildcfg.rs, api2.rs,
 proxmox-backup-proxy.rs, aio.rs, watchdog.rs, mount.rs, auth.rs,
 proxmox-backup-api.rs, proxmox-file-restore.rs, catalog.rs, cpio.rs,
 proxmox-backup-client.rs, tools.rs, zip.rs, server.rs, extract.rs]
Subject: [pbs-devel] [PATCH v2 00/20] Single file restore for VM images
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2021 15:21:09 -0000

Implements CLI-based single file and directory restore for both pxar.didx
archives (containers, hosts) and img.fidx (VMs, raw block devices). The design
for VM restore uses a small virtual machine that the host communicates with via
virtio-vsock.

This is encapsuled into a new package called "proxmox-file-restore", providing a
binary of the same name. A second package is provided in a new git repository
called "proxmox-backup-restore-image", providing a minimal kernel image and a
base initramfs (without the daemon, which is included in proxmox-file-restore).

The first couple patches in the proxmox-backup repo are adapted versions of the
ones Dominik sent to the list a while ago:
https://lists.proxmox.com/pipermail/pbs-devel/2020-December/001788.html

Dependency bump in proxmox-backup for pxar is required.

Tested with ext4 and NTFS VMs, but theoretically includes support for many more
filesystems.

Known issues/Missing features:
* GUI/PVE support
* PBS_PASSWORD/PBS_FINGERPRINT currently have to be set manually for VM restore
* ZFS/LVM/md/... support
* shell auto-complete for "proxmox-file-restore" doesn't seem to work (and I
  don't know why...)
* some patches might include some sneaky rustfmt/clippy fixes that'd better fit
  to a previous patch, sorry for that, rebasing so many patches is annoying ;)


v2:
* rebase on master
* drop applied patches
* pxar: make contents() call available without tokio-io feature (Wolfgang)
* pxar: drop peek() implementation, rework extractor to cope (Wolfgang)
* only move necessary functions to new key_source.rs (Dietmar)
* implement static ticket-based authentication for VMs, as relying on ports
  <1024 does not guarantee security (Dietmar, Wolfgang)
* allow running proxmox-file-restore as regular user by providing setuid-binary
  to start QEMU VMs (setgid kvm is not enough because of /dev/vhost-vsock)
  (Dietmar, Fabian)
* update debian/* with new proxmox-backup-restore-image naming (Thomas)
* encode zip file directly on the VM, only encode pxar when requested (Dominik)
* use tokio task in watchdog, instead of alarm() (Wolfgang)

...plus some reshuffling of patches because of all the changes from above, hope
I didn't miss anything big ;)


pxar: Stefan Reiter (1):
  decoder/aio: add contents() and content_size() calls

 src/decoder/aio.rs | 36 +++++++++++++++++++++++++++++++++++-
 1 file changed, 35 insertions(+), 1 deletion(-)

proxmox-backup: Dominik Csapak (1):
  file-restore: add binary and basic commands

Stefan Reiter (18):
  vsock_client: remove wrong comment
  vsock_client: remove some &mut restrictions and rustfmt
  vsock_client: support authorization header
  proxmox_client_tools: move common key related functions to
    key_source.rs
  file-restore: allow specifying output-format
  server/rest: extract auth to seperate module
  server/rest: add ApiAuth trait to make user auth generic
  file-restore-daemon: add binary with virtio-vsock API server
  file-restore-daemon: add watchdog module
  file-restore-daemon: add disk module
  add tools/cpio encoding module
  file-restore: add qemu-helper setuid binary
  file-restore: add basic VM/block device support
  debian/client: add postinst hook to rebuild file-restore initramfs
  file-restore(-daemon): implement list API
  pxar/extract: add sequential variant to extract_sub_dir
  tools/zip: add zip_directory helper
  file-restore: add 'extract' command for VM file restore

 Cargo.toml                                    |   5 +-
 Makefile                                      |  22 +-
 debian/control                                |  14 +
 debian/control.in                             |  11 +
 debian/proxmox-file-restore.bash-completion   |   1 +
 debian/proxmox-file-restore.bc                |   8 +
 debian/proxmox-file-restore.install           |   5 +
 debian/proxmox-file-restore.postinst          |  63 ++
 debian/proxmox-file-restore.triggers          |   1 +
 debian/rules                                  |   9 +-
 docs/Makefile                                 |  10 +-
 docs/command-line-tools.rst                   |   5 +
 docs/proxmox-file-restore/description.rst     |   3 +
 docs/proxmox-file-restore/man1.rst            |  28 +
 src/api2.rs                                   |   2 +-
 src/api2/types/file_restore.rs                |  15 +
 src/api2/types/mod.rs                         |   3 +
 src/bin/proxmox-backup-api.rs                 |  13 +-
 src/bin/proxmox-backup-client.rs              | 453 +-------------
 src/bin/proxmox-backup-proxy.rs               |   7 +-
 src/bin/proxmox-file-restore.rs               | 446 ++++++++++++++
 src/bin/proxmox-restore-daemon.rs             | 124 ++++
 src/bin/proxmox-restore-qemu-helper.rs        | 372 ++++++++++++
 src/bin/proxmox_backup_client/benchmark.rs    |   4 +-
 src/bin/proxmox_backup_client/catalog.rs      |   3 +-
 src/bin/proxmox_backup_client/key.rs          | 112 +---
 src/bin/proxmox_backup_client/mod.rs          |  28 -
 src/bin/proxmox_backup_client/mount.rs        |   4 +-
 src/bin/proxmox_backup_client/snapshot.rs     |   4 +-
 src/bin/proxmox_client_tools/key_source.rs    | 573 ++++++++++++++++++
 src/bin/proxmox_client_tools/mod.rs           |  65 +-
 src/bin/proxmox_file_restore/block_driver.rs  | 206 +++++++
 .../proxmox_file_restore/block_driver_qemu.rs | 362 +++++++++++
 src/bin/proxmox_file_restore/mod.rs           |   5 +
 src/bin/proxmox_restore_daemon/api.rs         | 369 +++++++++++
 src/bin/proxmox_restore_daemon/auth.rs        |  48 ++
 src/bin/proxmox_restore_daemon/disk.rs        | 341 +++++++++++
 src/bin/proxmox_restore_daemon/mod.rs         |  11 +
 src/bin/proxmox_restore_daemon/watchdog.rs    |  41 ++
 src/buildcfg.rs                               |  21 +
 src/client/vsock_client.rs                    |  78 +--
 src/pxar/extract.rs                           | 214 +++++--
 src/pxar/mod.rs                               |   5 +-
 src/server.rs                                 |   2 +
 src/server/auth.rs                            | 124 ++++
 src/server/config.rs                          |  17 +-
 src/server/rest.rs                            | 141 +----
 src/tools.rs                                  |   1 +
 src/tools/cpio.rs                             |  73 +++
 src/tools/zip.rs                              |  77 +++
 zsh-completions/_proxmox-file-restore         |  13 +
 51 files changed, 3734 insertions(+), 828 deletions(-)
 create mode 100644 debian/proxmox-file-restore.bash-completion
 create mode 100644 debian/proxmox-file-restore.bc
 create mode 100644 debian/proxmox-file-restore.install
 create mode 100755 debian/proxmox-file-restore.postinst
 create mode 100644 debian/proxmox-file-restore.triggers
 create mode 100644 docs/proxmox-file-restore/description.rst
 create mode 100644 docs/proxmox-file-restore/man1.rst
 create mode 100644 src/api2/types/file_restore.rs
 create mode 100644 src/bin/proxmox-file-restore.rs
 create mode 100644 src/bin/proxmox-restore-daemon.rs
 create mode 100644 src/bin/proxmox-restore-qemu-helper.rs
 create mode 100644 src/bin/proxmox_client_tools/key_source.rs
 create mode 100644 src/bin/proxmox_file_restore/block_driver.rs
 create mode 100644 src/bin/proxmox_file_restore/block_driver_qemu.rs
 create mode 100644 src/bin/proxmox_file_restore/mod.rs
 create mode 100644 src/bin/proxmox_restore_daemon/api.rs
 create mode 100644 src/bin/proxmox_restore_daemon/auth.rs
 create mode 100644 src/bin/proxmox_restore_daemon/disk.rs
 create mode 100644 src/bin/proxmox_restore_daemon/mod.rs
 create mode 100644 src/bin/proxmox_restore_daemon/watchdog.rs
 create mode 100644 src/server/auth.rs
 create mode 100644 src/tools/cpio.rs
 create mode 100644 zsh-completions/_proxmox-file-restore

-- 
2.20.1