From: Fabian Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH storage 2/2] fix #1452: also log stderr of remote command with insecure storage migration
Date: Thu, 1 Oct 2020 10:11:36 +0200 [thread overview]
Message-ID: <20201001081136.9795-2-f.ebner@proxmox.com> (raw)
In-Reply-To: <20201001081136.9795-1-f.ebner@proxmox.com>
Commit 8fe00d99449b7c80e81ab3c9826625a4fcd89aa4 already
introduced the necessary logging for the secure code path,
so presumably the bug was already fixed for most people.
Delay the potential die for the send command to be able to log
the ouput+error from the receive command. Like this we also see e.g.
'volume ... already exists' instead of just 'broken pipe'.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
---
PVE/Storage.pm | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index 4a60615..cd7b5ff 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -8,6 +8,7 @@ use POSIX;
use IO::Select;
use IO::File;
use IO::Socket::IP;
+use IPC::Open3;
use File::Basename;
use File::Path;
use Cwd 'abs_path';
@@ -698,15 +699,22 @@ sub storage_migrate {
volume_snapshot($cfg, $volid, $snapshot) if $migration_snapshot;
eval {
if ($insecure) {
- open(my $info, '-|', @$recv)
+ my $input = IO::File->new();
+ my $info = IO::File->new();
+ open3($input, $info, $info, @{$recv})
or die "receive command failed: $!\n";
+ close($input);
+
my ($ip) = <$info> =~ /^($PVE::Tools::IPRE)$/ or die "no tunnel IP received\n";
my ($port) = <$info> =~ /^(\d+)$/ or die "no tunnel port received\n";
my $socket = IO::Socket::IP->new(PeerHost => $ip, PeerPort => $port, Type => SOCK_STREAM)
or die "failed to connect to tunnel at $ip:$port\n";
# we won't be reading from the socket
shutdown($socket, 0);
- run_command([$send, @cstream], output => '>&'.fileno($socket), errfunc => $logfunc);
+
+ eval { run_command([$send, @cstream], output => '>&'.fileno($socket), errfunc => $logfunc); };
+ my $send_error = $@;
+
# don't close the connection entirely otherwise the receiving end
# might not get all buffered data (and fails with 'connection reset by peer')
shutdown($socket, 1);
@@ -722,6 +730,8 @@ sub storage_migrate {
die "import failed: $!\n" if $!;
die "import failed: exit code ".($?>>8)."\n";
}
+
+ die $send_error if $send_error;
} else {
run_command([$send, @cstream, $recv], logfunc => $match_volid_and_log);
}
--
2.20.1
next prev parent reply other threads:[~2020-10-01 8:12 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-01 8:11 [pve-devel] [PATCH storage 1/2] avoid output of zfs get command on volume import Fabian Ebner
2020-10-01 8:11 ` Fabian Ebner [this message]
2020-10-28 13:08 ` [pve-devel] applied-series: [PATCH storage 2/2] fix #1452: also log stderr of remote command with insecure storage migration Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201001081136.9795-2-f.ebner@proxmox.com \
--to=f.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox