From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <f.gruenbichler@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id AC8D162EFB
 for <pve-devel@lists.proxmox.com>; Wed, 28 Oct 2020 14:09:20 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 9C8B71FAEA
 for <pve-devel@lists.proxmox.com>; Wed, 28 Oct 2020 14:08:50 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id DF3EB1FADE
 for <pve-devel@lists.proxmox.com>; Wed, 28 Oct 2020 14:08:48 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A5CCA45E42
 for <pve-devel@lists.proxmox.com>; Wed, 28 Oct 2020 14:08:48 +0100 (CET)
Date: Wed, 28 Oct 2020 14:08:42 +0100
From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= <f.gruenbichler@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
References: <20201001081136.9795-1-f.ebner@proxmox.com>
 <20201001081136.9795-2-f.ebner@proxmox.com>
In-Reply-To: <20201001081136.9795-2-f.ebner@proxmox.com>
MIME-Version: 1.0
User-Agent: astroid/0.15.0 (https://github.com/astroidmail/astroid)
Message-Id: <1603890500.hiez60dg49.astroid@nora.none>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.027 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [storage.pm, proxmox.com]
Subject: [pve-devel] applied-series: [PATCH storage 2/2] fix #1452: also log
 stderr of remote command with insecure storage migration
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Wed, 28 Oct 2020 13:09:20 -0000

On October 1, 2020 10:11 am, Fabian Ebner wrote:
> Commit 8fe00d99449b7c80e81ab3c9826625a4fcd89aa4 already
> introduced the necessary logging for the secure code path,
> so presumably the bug was already fixed for most people.
>=20
> Delay the potential die for the send command to be able to log
> the ouput+error from the receive command. Like this we also see e.g.
> 'volume ... already exists' instead of just 'broken pipe'.
>=20
> Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
> ---
>  PVE/Storage.pm | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)
>=20
> diff --git a/PVE/Storage.pm b/PVE/Storage.pm
> index 4a60615..cd7b5ff 100755
> --- a/PVE/Storage.pm
> +++ b/PVE/Storage.pm
> @@ -8,6 +8,7 @@ use POSIX;
>  use IO::Select;
>  use IO::File;
>  use IO::Socket::IP;
> +use IPC::Open3;
>  use File::Basename;
>  use File::Path;
>  use Cwd 'abs_path';
> @@ -698,15 +699,22 @@ sub storage_migrate {
>      volume_snapshot($cfg, $volid, $snapshot) if $migration_snapshot;
>      eval {
>  	if ($insecure) {
> -	    open(my $info, '-|', @$recv)
> +	    my $input =3D IO::File->new();
> +	    my $info =3D IO::File->new();
> +	    open3($input, $info, $info, @{$recv})
>  		or die "receive command failed: $!\n";
> +	    close($input);
> +
>  	    my ($ip) =3D <$info> =3D~ /^($PVE::Tools::IPRE)$/ or die "no tunnel=
 IP received\n";
>  	    my ($port) =3D <$info> =3D~ /^(\d+)$/ or die "no tunnel port receiv=
ed\n";
>  	    my $socket =3D IO::Socket::IP->new(PeerHost =3D> $ip, PeerPort =3D>=
 $port, Type =3D> SOCK_STREAM)
>  		or die "failed to connect to tunnel at $ip:$port\n";
>  	    # we won't be reading from the socket
>  	    shutdown($socket, 0);
> -	    run_command([$send, @cstream], output =3D> '>&'.fileno($socket), er=
rfunc =3D> $logfunc);
> +
> +	    eval { run_command([$send, @cstream], output =3D> '>&'.fileno($sock=
et), errfunc =3D> $logfunc); };
> +	    my $send_error =3D $@;
> +
>  	    # don't close the connection entirely otherwise the receiving end
>  	    # might not get all buffered data (and fails with 'connection reset=
 by peer')
>  	    shutdown($socket, 1);
> @@ -722,6 +730,8 @@ sub storage_migrate {
>  		die "import failed: $!\n" if $!;
>  		die "import failed: exit code ".($?>>8)."\n";
>  	    }
> +
> +	    die $send_error if $send_error;
>  	} else {
>  	    run_command([$send, @cstream, $recv], logfunc =3D> $match_volid_and=
_log);
>  	}
> --=20
> 2.20.1
>=20
>=20
>=20
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>=20
>=20
>=20
=