From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <dietmar@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits))
(No client certificate requested)
by lists.proxmox.com (Postfix) with ESMTPS id B165A7F1BC
for <pbs-devel@lists.proxmox.com>; Fri, 12 Nov 2021 07:54:56 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id A87D214D35
for <pbs-devel@lists.proxmox.com>; Fri, 12 Nov 2021 07:54:56 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
[94.136.29.106])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(No client certificate requested)
by firstgate.proxmox.com (Proxmox) with ESMTPS id CC15F14D2C
for <pbs-devel@lists.proxmox.com>; Fri, 12 Nov 2021 07:54:55 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A3472431C5;
Fri, 12 Nov 2021 07:54:55 +0100 (CET)
From: Dietmar Maurer <dietmar@proxmox.com>
To: pbs-devel@lists.proxmox.com
Date: Fri, 12 Nov 2021 07:54:52 +0100
Message-Id: <20211112065452.2839213-1-dietmar@proxmox.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.498 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
information. [mod.rs, apt.rs, lib.rs, jobstate.rs]
Subject: [pbs-devel] [PATCH proxmox-backup] fix directory permission problems
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
<pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 12 Nov 2021 06:54:56 -0000
By carefully setting options on all create_path() calls,
and by creating "/var/lib/proxmox-backup" at api server startup.
---
pbs-buildcfg/src/lib.rs | 6 ++++++
src/rrd_cache.rs | 5 ++++-
src/server/jobstate.rs | 7 +++++--
src/server/mod.rs | 9 +++++++++
src/tape/mod.rs | 28 ++++++++++++++++++++++------
src/tools/apt.rs | 3 ++-
6 files changed, 48 insertions(+), 10 deletions(-)
diff --git a/pbs-buildcfg/src/lib.rs b/pbs-buildcfg/src/lib.rs
index d89a508b..d6f79de9 100644
--- a/pbs-buildcfg/src/lib.rs
+++ b/pbs-buildcfg/src/lib.rs
@@ -22,6 +22,9 @@ pub const BACKUP_GROUP_NAME: &str = "backup";
#[macro_export]
macro_rules! PROXMOX_BACKUP_RUN_DIR_M { () => ("/run/proxmox-backup") }
+#[macro_export]
+macro_rules! PROXMOX_BACKUP_STATE_DIR_M { () => ("/var/lib/proxmox-backup") }
+
#[macro_export]
macro_rules! PROXMOX_BACKUP_LOG_DIR_M { () => ("/var/log/proxmox-backup") }
@@ -36,6 +39,9 @@ macro_rules! PROXMOX_BACKUP_FILE_RESTORE_BIN_DIR_M {
/// namespaced directory for in-memory (tmpfs) run state
pub const PROXMOX_BACKUP_RUN_DIR: &str = PROXMOX_BACKUP_RUN_DIR_M!();
+/// namespaced directory for persistent state
+pub const PROXMOX_BACKUP_STATE_DIR: &str = PROXMOX_BACKUP_STATE_DIR_M!();
+
/// namespaced directory for persistent logging
pub const PROXMOX_BACKUP_LOG_DIR: &str = PROXMOX_BACKUP_LOG_DIR_M!();
diff --git a/src/rrd_cache.rs b/src/rrd_cache.rs
index d1b8f9a9..45508107 100644
--- a/src/rrd_cache.rs
+++ b/src/rrd_cache.rs
@@ -7,8 +7,11 @@ use proxmox::tools::fs::CreateOptions;
use proxmox_rrd::RRDCache;
use proxmox_rrd::rrd::{RRD, DST, CF};
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_api_types::{RRDMode, RRDTimeFrame};
+const RRD_CACHE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/rrdb");
+
pub static RRD_CACHE: OnceCell<RRDCache> = OnceCell::new();
/// Get the RRD cache instance
@@ -34,7 +37,7 @@ pub fn initialize_rrd_cache() -> Result<&'static RRDCache, Error> {
let apply_interval = 30.0*60.0; // 30 minutes
let cache = RRDCache::new(
- "/var/lib/proxmox-backup/rrdb",
+ RRD_CACHE_BASEDIR,
Some(file_options),
Some(dir_options),
apply_interval,
diff --git a/src/server/jobstate.rs b/src/server/jobstate.rs
index 8df245d6..23e3c2bd 100644
--- a/src/server/jobstate.rs
+++ b/src/server/jobstate.rs
@@ -47,6 +47,8 @@ use proxmox::tools::fs::{
};
use proxmox_systemd::time::{compute_next_event, parse_calendar_event};
+
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_config::{open_backup_lockfile, BackupLockGuard};
use pbs_api_types::{UPID, JobScheduleStatus};
@@ -77,16 +79,17 @@ pub struct Job {
_lock: BackupLockGuard,
}
-const JOB_STATE_BASEDIR: &str = "/var/lib/proxmox-backup/jobstates";
+const JOB_STATE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/jobstates");
/// Create jobstate stat dir with correct permission
pub fn create_jobstate_dir() -> Result<(), Error> {
let backup_user = pbs_config::backup_user()?;
+
let opts = CreateOptions::new()
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(JOB_STATE_BASEDIR, None, Some(opts))
+ create_path(JOB_STATE_BASEDIR, Some(opts.clone()), Some(opts))
.map_err(|err: Error| format_err!("unable to create rrdb stat dir - {}", err))?;
Ok(())
diff --git a/src/server/mod.rs b/src/server/mod.rs
index a6574631..deeb3398 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -62,3 +62,12 @@ pub fn create_run_dir() -> Result<(), Error> {
let _: bool = create_path(pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M!(), None, Some(opts))?;
Ok(())
}
+
+pub fn create_state_dir() -> Result<(), Error> {
+ let backup_user = pbs_config::backup_user()?;
+ let opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+ create_path(pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M!(), None, Some(opts))?;
+ Ok(())
+}
diff --git a/src/tape/mod.rs b/src/tape/mod.rs
index 5d4d46f1..897d1525 100644
--- a/src/tape/mod.rs
+++ b/src/tape/mod.rs
@@ -7,7 +7,7 @@ use proxmox::tools::fs::{
CreateOptions,
};
-use pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M;
+use pbs_buildcfg::{PROXMOX_BACKUP_RUN_DIR_M, PROXMOX_BACKUP_STATE_DIR_M};
#[cfg(test)]
mod test;
@@ -37,7 +37,7 @@ mod pool_writer;
pub use pool_writer::*;
/// Directory path where we store all tape status information
-pub const TAPE_STATUS_DIR: &str = "/var/lib/proxmox-backup/tape";
+pub const TAPE_STATUS_DIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/tape");
/// Directory path where we store drive lock file
pub const DRIVE_LOCK_DIR: &str = concat!(PROXMOX_BACKUP_RUN_DIR_M!(), "/drive-lock");
@@ -66,7 +66,11 @@ pub fn create_tape_status_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(TAPE_STATUS_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(TAPE_STATUS_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create tape status dir - {}", err))?;
Ok(())
@@ -81,7 +85,11 @@ pub fn create_drive_lock_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(DRIVE_LOCK_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(DRIVE_LOCK_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?;
Ok(())
@@ -96,7 +104,11 @@ pub fn create_drive_state_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(DRIVE_STATE_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(DRIVE_STATE_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?;
Ok(())
@@ -111,7 +123,11 @@ pub fn create_changer_state_dir() -> Result<(), Error> {
.owner(backup_user.uid)
.group(backup_user.gid);
- create_path(CHANGER_STATE_DIR, None, Some(options))
+ let parent_opts = CreateOptions::new()
+ .owner(backup_user.uid)
+ .group(backup_user.gid);
+
+ create_path(CHANGER_STATE_DIR, Some(parent_opts), Some(options))
.map_err(|err: Error| format_err!("unable to create changer state dir - {}", err))?;
Ok(())
diff --git a/src/tools/apt.rs b/src/tools/apt.rs
index 1ffaaa6a..e1e8add8 100644
--- a/src/tools/apt.rs
+++ b/src/tools/apt.rs
@@ -7,9 +7,10 @@ use apt_pkg_native::Cache;
use proxmox::tools::fs::{file_read_optional_string, replace_file, CreateOptions};
use proxmox_schema::const_regex;
+use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M;
use pbs_api_types::APTUpdateInfo;
-const APT_PKG_STATE_FN: &str = "/var/lib/proxmox-backup/pkg-state.json";
+const APT_PKG_STATE_FN: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/pkg-state.json");
#[derive(Debug, serde::Serialize, serde::Deserialize)]
/// Some information we cache about the package (update) state, like what pending update version
--
2.30.2