From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id B165A7F1BC for ; Fri, 12 Nov 2021 07:54:56 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id A87D214D35 for ; Fri, 12 Nov 2021 07:54:56 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id CC15F14D2C for ; Fri, 12 Nov 2021 07:54:55 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A3472431C5; Fri, 12 Nov 2021 07:54:55 +0100 (CET) From: Dietmar Maurer To: pbs-devel@lists.proxmox.com Date: Fri, 12 Nov 2021 07:54:52 +0100 Message-Id: <20211112065452.2839213-1-dietmar@proxmox.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.498 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [mod.rs, apt.rs, lib.rs, jobstate.rs] Subject: [pbs-devel] [PATCH proxmox-backup] fix directory permission problems X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Nov 2021 06:54:56 -0000 By carefully setting options on all create_path() calls, and by creating "/var/lib/proxmox-backup" at api server startup. --- pbs-buildcfg/src/lib.rs | 6 ++++++ src/rrd_cache.rs | 5 ++++- src/server/jobstate.rs | 7 +++++-- src/server/mod.rs | 9 +++++++++ src/tape/mod.rs | 28 ++++++++++++++++++++++------ src/tools/apt.rs | 3 ++- 6 files changed, 48 insertions(+), 10 deletions(-) diff --git a/pbs-buildcfg/src/lib.rs b/pbs-buildcfg/src/lib.rs index d89a508b..d6f79de9 100644 --- a/pbs-buildcfg/src/lib.rs +++ b/pbs-buildcfg/src/lib.rs @@ -22,6 +22,9 @@ pub const BACKUP_GROUP_NAME: &str = "backup"; #[macro_export] macro_rules! PROXMOX_BACKUP_RUN_DIR_M { () => ("/run/proxmox-backup") } +#[macro_export] +macro_rules! PROXMOX_BACKUP_STATE_DIR_M { () => ("/var/lib/proxmox-backup") } + #[macro_export] macro_rules! PROXMOX_BACKUP_LOG_DIR_M { () => ("/var/log/proxmox-backup") } @@ -36,6 +39,9 @@ macro_rules! PROXMOX_BACKUP_FILE_RESTORE_BIN_DIR_M { /// namespaced directory for in-memory (tmpfs) run state pub const PROXMOX_BACKUP_RUN_DIR: &str = PROXMOX_BACKUP_RUN_DIR_M!(); +/// namespaced directory for persistent state +pub const PROXMOX_BACKUP_STATE_DIR: &str = PROXMOX_BACKUP_STATE_DIR_M!(); + /// namespaced directory for persistent logging pub const PROXMOX_BACKUP_LOG_DIR: &str = PROXMOX_BACKUP_LOG_DIR_M!(); diff --git a/src/rrd_cache.rs b/src/rrd_cache.rs index d1b8f9a9..45508107 100644 --- a/src/rrd_cache.rs +++ b/src/rrd_cache.rs @@ -7,8 +7,11 @@ use proxmox::tools::fs::CreateOptions; use proxmox_rrd::RRDCache; use proxmox_rrd::rrd::{RRD, DST, CF}; +use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M; use pbs_api_types::{RRDMode, RRDTimeFrame}; +const RRD_CACHE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/rrdb"); + pub static RRD_CACHE: OnceCell = OnceCell::new(); /// Get the RRD cache instance @@ -34,7 +37,7 @@ pub fn initialize_rrd_cache() -> Result<&'static RRDCache, Error> { let apply_interval = 30.0*60.0; // 30 minutes let cache = RRDCache::new( - "/var/lib/proxmox-backup/rrdb", + RRD_CACHE_BASEDIR, Some(file_options), Some(dir_options), apply_interval, diff --git a/src/server/jobstate.rs b/src/server/jobstate.rs index 8df245d6..23e3c2bd 100644 --- a/src/server/jobstate.rs +++ b/src/server/jobstate.rs @@ -47,6 +47,8 @@ use proxmox::tools::fs::{ }; use proxmox_systemd::time::{compute_next_event, parse_calendar_event}; + +use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M; use pbs_config::{open_backup_lockfile, BackupLockGuard}; use pbs_api_types::{UPID, JobScheduleStatus}; @@ -77,16 +79,17 @@ pub struct Job { _lock: BackupLockGuard, } -const JOB_STATE_BASEDIR: &str = "/var/lib/proxmox-backup/jobstates"; +const JOB_STATE_BASEDIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/jobstates"); /// Create jobstate stat dir with correct permission pub fn create_jobstate_dir() -> Result<(), Error> { let backup_user = pbs_config::backup_user()?; + let opts = CreateOptions::new() .owner(backup_user.uid) .group(backup_user.gid); - create_path(JOB_STATE_BASEDIR, None, Some(opts)) + create_path(JOB_STATE_BASEDIR, Some(opts.clone()), Some(opts)) .map_err(|err: Error| format_err!("unable to create rrdb stat dir - {}", err))?; Ok(()) diff --git a/src/server/mod.rs b/src/server/mod.rs index a6574631..deeb3398 100644 --- a/src/server/mod.rs +++ b/src/server/mod.rs @@ -62,3 +62,12 @@ pub fn create_run_dir() -> Result<(), Error> { let _: bool = create_path(pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M!(), None, Some(opts))?; Ok(()) } + +pub fn create_state_dir() -> Result<(), Error> { + let backup_user = pbs_config::backup_user()?; + let opts = CreateOptions::new() + .owner(backup_user.uid) + .group(backup_user.gid); + create_path(pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M!(), None, Some(opts))?; + Ok(()) +} diff --git a/src/tape/mod.rs b/src/tape/mod.rs index 5d4d46f1..897d1525 100644 --- a/src/tape/mod.rs +++ b/src/tape/mod.rs @@ -7,7 +7,7 @@ use proxmox::tools::fs::{ CreateOptions, }; -use pbs_buildcfg::PROXMOX_BACKUP_RUN_DIR_M; +use pbs_buildcfg::{PROXMOX_BACKUP_RUN_DIR_M, PROXMOX_BACKUP_STATE_DIR_M}; #[cfg(test)] mod test; @@ -37,7 +37,7 @@ mod pool_writer; pub use pool_writer::*; /// Directory path where we store all tape status information -pub const TAPE_STATUS_DIR: &str = "/var/lib/proxmox-backup/tape"; +pub const TAPE_STATUS_DIR: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/tape"); /// Directory path where we store drive lock file pub const DRIVE_LOCK_DIR: &str = concat!(PROXMOX_BACKUP_RUN_DIR_M!(), "/drive-lock"); @@ -66,7 +66,11 @@ pub fn create_tape_status_dir() -> Result<(), Error> { .owner(backup_user.uid) .group(backup_user.gid); - create_path(TAPE_STATUS_DIR, None, Some(options)) + let parent_opts = CreateOptions::new() + .owner(backup_user.uid) + .group(backup_user.gid); + + create_path(TAPE_STATUS_DIR, Some(parent_opts), Some(options)) .map_err(|err: Error| format_err!("unable to create tape status dir - {}", err))?; Ok(()) @@ -81,7 +85,11 @@ pub fn create_drive_lock_dir() -> Result<(), Error> { .owner(backup_user.uid) .group(backup_user.gid); - create_path(DRIVE_LOCK_DIR, None, Some(options)) + let parent_opts = CreateOptions::new() + .owner(backup_user.uid) + .group(backup_user.gid); + + create_path(DRIVE_LOCK_DIR, Some(parent_opts), Some(options)) .map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?; Ok(()) @@ -96,7 +104,11 @@ pub fn create_drive_state_dir() -> Result<(), Error> { .owner(backup_user.uid) .group(backup_user.gid); - create_path(DRIVE_STATE_DIR, None, Some(options)) + let parent_opts = CreateOptions::new() + .owner(backup_user.uid) + .group(backup_user.gid); + + create_path(DRIVE_STATE_DIR, Some(parent_opts), Some(options)) .map_err(|err: Error| format_err!("unable to create drive state dir - {}", err))?; Ok(()) @@ -111,7 +123,11 @@ pub fn create_changer_state_dir() -> Result<(), Error> { .owner(backup_user.uid) .group(backup_user.gid); - create_path(CHANGER_STATE_DIR, None, Some(options)) + let parent_opts = CreateOptions::new() + .owner(backup_user.uid) + .group(backup_user.gid); + + create_path(CHANGER_STATE_DIR, Some(parent_opts), Some(options)) .map_err(|err: Error| format_err!("unable to create changer state dir - {}", err))?; Ok(()) diff --git a/src/tools/apt.rs b/src/tools/apt.rs index 1ffaaa6a..e1e8add8 100644 --- a/src/tools/apt.rs +++ b/src/tools/apt.rs @@ -7,9 +7,10 @@ use apt_pkg_native::Cache; use proxmox::tools::fs::{file_read_optional_string, replace_file, CreateOptions}; use proxmox_schema::const_regex; +use pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR_M; use pbs_api_types::APTUpdateInfo; -const APT_PKG_STATE_FN: &str = "/var/lib/proxmox-backup/pkg-state.json"; +const APT_PKG_STATE_FN: &str = concat!(PROXMOX_BACKUP_STATE_DIR_M!(), "/pkg-state.json"); #[derive(Debug, serde::Serialize, serde::Deserialize)] /// Some information we cache about the package (update) state, like what pending update version -- 2.30.2