From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 37F2B6FF55 for ; Thu, 2 Sep 2021 08:25:50 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 35C80E9F8 for ; Thu, 2 Sep 2021 08:25:50 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 95F92E9EA for ; Thu, 2 Sep 2021 08:25:45 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 6D341444A9 for ; Thu, 2 Sep 2021 08:25:45 +0200 (CEST) Message-ID: Date: Thu, 2 Sep 2021 08:25:23 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:92.0) Gecko/20100101 Thunderbird/92.0 Content-Language: en-US To: Proxmox Backup Server development discussion , Dominik Csapak References: <20210901082539.1507843-1-d.csapak@proxmox.com> From: Thomas Lamprecht In-Reply-To: <20210901082539.1507843-1-d.csapak@proxmox.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.835 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -1.029 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [RFC PATCH proxmox-backup 0/5] add 'protected' setting for snapshots X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Sep 2021 06:25:50 -0000 On 01.09.21 10:25, Dominik Csapak wrote: > add the means to 'protect' a snapshot against pruning by > adding a file '.protected' in the snapshot folder > > sending as RFC because i am not sure about a couple things, and there > is no gui (yet): > > * does it make sense to protect a snapshot this way? or would it be > better to have a 'central' protected list somewhere? > (sounds not right though..) I find the flag file quite ok, other approach could be to either make the index immutable, which is probably not a good idea as the trouble-maker FS like NFS surely make this a PITA. We could also safe it in the unprotected part of the manifest, similar to how we do with comments, would reduce the file count and often we have that info already anyway, but if not it may be a bit more expensive to check than a stat on a separate file. > * would we want to protect also against manual removal ? or > 'remove-vanished' on sync? Would make sense as long as we allow to "unprotect" it, that's how we do it for guests in PVE too. IMO it's weird/unexpected to mark it protected and allow some API mechanisms to still remove it. > * how should the ui look? do we want *another* button in the content > view? Why not? We explicitly choose the actions columns for that reason, and the row for a specific backup has only verify + delete anyway. Alternatives could be: - add protection column and add an edit button there, similar to how I did the edit pencil for the comments - make a more general edit button for the snapshots, for now this could open a dialogue for owner, protection and comment. Just throwing out things here. > * would it make sense to specify this flag on backup creation too? IMO that could make sense, depends on how we see the actual use case, i.e., reasons for setting it. If I want to make an safety backup before starting a dist upgrade or the like in my guest in PVE, I'd probably like to specify this flag immediately and not wait until the backup is done then login into PBS and set it there. > > the finished series would fix #3602 please add that to the commit subject, at least of the GUI and API patches, i.e., those that actually enable this feature for (non-local-root) users. > > Dominik Csapak (5): > pbs-datastore: add protection info to BackupInfo > pbs-datastore: skip protected backups in pruning > add protected info of snapshots to api and task logs > api2/admin/datastore: add get/set_protection > ui: PruneInputPanel: add keepReason 'protected' for protected backups > > pbs-api-types/src/lib.rs | 2 + > pbs-datastore/src/backup_info.rs | 20 +++++- > pbs-datastore/src/prune.rs | 21 +++--- > src/api2/admin/datastore.rs | 112 ++++++++++++++++++++++++++++++- > src/server/prune_job.rs | 4 +- > www/datastore/Prune.js | 4 ++ > 6 files changed, 148 insertions(+), 15 deletions(-) >