From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pbs-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
by lore.proxmox.com (Postfix) with ESMTPS id 697E11FF15C
for <inbox@lore.proxmox.com>; Wed, 7 Aug 2024 11:24:41 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 0ED02335B;
Wed, 7 Aug 2024 11:24:51 +0200 (CEST)
Message-ID: <7f5d7334-d6a8-4447-87a8-6c4400071544@proxmox.com>
Date: Wed, 7 Aug 2024 11:24:19 +0200
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: Lukas Wagner <l.wagner@proxmox.com>
To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>, Christoph Heiss <c.heiss@proxmox.com>
References: <20240716134514.1656795-1-c.heiss@proxmox.com>
<20240716134514.1656795-11-c.heiss@proxmox.com>
Content-Language: de-AT, en-US
In-Reply-To: <20240716134514.1656795-11-c.heiss@proxmox.com>
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.007 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
Subject: Re: [pbs-devel] [PATCH proxmox-backup 10/14] config: use new
dedicated PAM and PBS realm types
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
<pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pbs-devel-bounces@lists.proxmox.com
Sender: "pbs-devel" <pbs-devel-bounces@lists.proxmox.com>
On 2024-07-16 15:45, Christoph Heiss wrote:
> diff --git a/src/config/mod.rs b/src/config/mod.rs
> index 324fabca..3931eee9 100644
> --- a/src/config/mod.rs
> +++ b/src/config/mod.rs
> @@ -12,6 +12,7 @@ use std::path::Path;
>
> use proxmox_lang::try_block;
>
> +use pbs_api_types::{PamRealmConfig, PbsRealmConfig};
> use pbs_buildcfg::{self, configdir};
>
> pub mod acme;
> @@ -194,3 +195,36 @@ pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<(
>
> Ok(())
> }
> +
> +pub fn update_default_realms() -> Result<(), Error> {
> + let _lock = pbs_config::domains::lock_config()?;
> + let (mut domains, _) = pbs_config::domains::config()?;
> +
> + if !pbs_config::domains::exists(&domains, "pam") {
> + domains.set_data(
> + "pam",
> + "pam",
> + PamRealmConfig {
> + realm: "pam".to_owned(),
> + comment: Some("Linux PAM standard authentication".to_owned()),
> + // Setting it as default here is safe, because if we perform this
> + // migration, the user had not had any chance to set a custom default anyway.
> + default: Some(true),
> + },
> + )?;
> + }
> +
> + if !pbs_config::domains::exists(&domains, "pbs") {
> + domains.set_data(
> + "pbs",
> + "pbs",
> + PbsRealmConfig {
> + realm: "pbs".to_owned(),
> + comment: Some("Proxmox Backup authentication server".to_owned()),
> + default: None,
> + },
> + )?;
> + }
Just wondering, would it be a good idea to encode these defaults as
the `Default::default()` impl for these two types? What do you think?
> +
> + pbs_config::domains::save_config(&domains)
> +}
--
- Lukas
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel