From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pbs-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id C32AD1FF16B
	for <inbox@lore.proxmox.com>; Thu, 29 Aug 2024 12:42:13 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 23EBB1A3E4;
	Thu, 29 Aug 2024 12:42:42 +0200 (CEST)
Date: Thu, 29 Aug 2024 12:42:38 +0200
From: Gabriel Goller <g.goller@proxmox.com>
To: Wolfgang Bumiller <w.bumiller@proxmox.com>
Message-ID: <20240829104238.fjo7khn4zgni6ppx@luna.proxmox.com>
References: <20240814085712.174810-1-g.goller@proxmox.com>
 <nflg7f54pnpm5ob5bed4ofyavvzi5yfmfpumto7wn25da2pss4@ztnhnpqpp7br>
 <20240829081242.rfsd4uq7zyahzxyz@luna.proxmox.com>
 <e4tldstjz5ur3sabj7z6gli5qmflpgev7hsih4n7dls5tgcwvp@lfehryuyu4ic>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <e4tldstjz5ur3sabj7z6gli5qmflpgev7hsih4n7dls5tgcwvp@lfehryuyu4ic>
User-Agent: NeoMutt/20220429
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.042 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to
 Validity was blocked. See
 https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more
 information.
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: Re: [pbs-devel] [PATCH proxmox-backup v4 1/2] fix #5439: allow to
 reuse existing datastore
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Backup Server development discussion
 <pbs-devel@lists.proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: pbs-devel-bounces@lists.proxmox.com
Sender: "pbs-devel" <pbs-devel-bounces@lists.proxmox.com>

On 29.08.2024 11:17, Wolfgang Bumiller wrote:
>On Thu, Aug 29, 2024 at 10:12:42AM GMT, Gabriel Goller wrote:
>> On 28.08.2024 15:48, Wolfgang Bumiller wrote:
>> > On Wed, Aug 14, 2024 at 10:57:11AM GMT, Gabriel Goller wrote:
>> > > [skip]
>> > >      /// Opens the chunk store with a new process locker.
>> > >      ///
>> > >      /// Note that this must be used with care, as it's dangerous to create two instances on the
>> > >      /// same base path, as closing the underlying ProcessLocker drops all locks from this process
>> > >      /// on the lockfile (even if separate FDs)
>> > > -    pub(crate) fn open<P: Into<PathBuf>>(
>> > > +    pub fn open<P: Into<PathBuf>>(
>> >
>> > ^ This is not used and should be dropped.
>>
>> Correct, no idea why I did this.
>>
>> > > [skip]
>> > > +    /// Checks permissions and owner of passed path.
>> > > +    fn check_permissions<T: AsRef<Path>>(path: T, file_mode: u32) -> Result<(), Error> {
>> > > +        match nix::sys::stat::stat(path.as_ref()) {
>> > > +            Ok(stat) => {
>> > > +                if stat.st_uid != u32::from(pbs_config::backup_user()?.uid)
>> > > +                    || stat.st_gid != u32::from(pbs_config::backup_group()?.gid)
>> > > +                    || stat.st_mode & 0o700 != file_mode
>> >
>> > Either be exact:
>> >    st_mode != file_mode
>> >
>> > or only check the required bits:
>> >    (st_mode & file_mode) != file_mode
>> >
>> > (This is one of those rare cases where I'd rather go with the first
>> > option. If users modified the permissions via the shell, they can just
>> > fix them up, too.)
>> >
>> > as your current code would for instance fail if the lock file had *more*
>> > permissions for the *user* (u+x) but would ignore more permissions for
>> > *others* (o+rwx or g+w).
>>
>> Hmm locally I actually have:
>>
>>     || stat.st_mode & 0o770 < file_mode
>>
>> with file_mode being 0o640.
>> I forgot to add this hunk to the commit :)
>>
>> Let me know if this is better or if I should revert to your exact
>> match (st_mode != file_mode).
>
>The exact one makes more sense to me. Consider that `0o100 > 0x007`
>while `0o007` grants *more* permissions.

Ok, looks good!
Have submitted a new v5!



_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel