From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 697E11FF15C for ; Wed, 7 Aug 2024 11:24:41 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 0ED02335B; Wed, 7 Aug 2024 11:24:51 +0200 (CEST) Message-ID: <7f5d7334-d6a8-4447-87a8-6c4400071544@proxmox.com> Date: Wed, 7 Aug 2024 11:24:19 +0200 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Lukas Wagner To: Proxmox Backup Server development discussion , Christoph Heiss References: <20240716134514.1656795-1-c.heiss@proxmox.com> <20240716134514.1656795-11-c.heiss@proxmox.com> Content-Language: de-AT, en-US In-Reply-To: <20240716134514.1656795-11-c.heiss@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.007 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [PATCH proxmox-backup 10/14] config: use new dedicated PAM and PBS realm types X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" On 2024-07-16 15:45, Christoph Heiss wrote: > diff --git a/src/config/mod.rs b/src/config/mod.rs > index 324fabca..3931eee9 100644 > --- a/src/config/mod.rs > +++ b/src/config/mod.rs > @@ -12,6 +12,7 @@ use std::path::Path; > > use proxmox_lang::try_block; > > +use pbs_api_types::{PamRealmConfig, PbsRealmConfig}; > use pbs_buildcfg::{self, configdir}; > > pub mod acme; > @@ -194,3 +195,36 @@ pub(crate) fn set_proxy_certificate(cert_pem: &[u8], key_pem: &[u8]) -> Result<( > > Ok(()) > } > + > +pub fn update_default_realms() -> Result<(), Error> { > + let _lock = pbs_config::domains::lock_config()?; > + let (mut domains, _) = pbs_config::domains::config()?; > + > + if !pbs_config::domains::exists(&domains, "pam") { > + domains.set_data( > + "pam", > + "pam", > + PamRealmConfig { > + realm: "pam".to_owned(), > + comment: Some("Linux PAM standard authentication".to_owned()), > + // Setting it as default here is safe, because if we perform this > + // migration, the user had not had any chance to set a custom default anyway. > + default: Some(true), > + }, > + )?; > + } > + > + if !pbs_config::domains::exists(&domains, "pbs") { > + domains.set_data( > + "pbs", > + "pbs", > + PbsRealmConfig { > + realm: "pbs".to_owned(), > + comment: Some("Proxmox Backup authentication server".to_owned()), > + default: None, > + }, > + )?; > + } Just wondering, would it be a good idea to encode these defaults as the `Default::default()` impl for these two types? What do you think? > + > + pbs_config::domains::save_config(&domains) > +} -- - Lukas _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel