From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id D1EA78DE30; Thu, 10 Nov 2022 11:37:09 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9AAB925048; Thu, 10 Nov 2022 11:36:39 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS; Thu, 10 Nov 2022 11:36:38 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id B3230422FF; Thu, 10 Nov 2022 11:36:35 +0100 (CET) From: Dominik Csapak To: pve-devel@lists.proxmox.com, pbs-devel@lists.proxmox.com Date: Thu, 10 Nov 2022 11:36:34 +0100 Message-Id: <20221110103634.2177856-7-d.csapak@proxmox.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20221110103634.2177856-1-d.csapak@proxmox.com> References: <20221110103634.2177856-1-d.csapak@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.065 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH storage v4 3/3] api: FileRestore: allow automatic memory increase for privileged users X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Nov 2022 10:37:10 -0000 if the user has the appropriate rights (details in the comments of 'check_allow_dynamic_memory') enable the dynamic memory behaviour of the file-restore binary Signed-off-by: Dominik Csapak --- new in v4: depends on pve-common 2/2 PVE/API2/Storage/FileRestore.pm | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/PVE/API2/Storage/FileRestore.pm b/PVE/API2/Storage/FileRestore.pm index 764ebfb..4b50eed 100644 --- a/PVE/API2/Storage/FileRestore.pm +++ b/PVE/API2/Storage/FileRestore.pm @@ -33,6 +33,19 @@ my $parse_volname_or_id = sub { return $volid; }; +# returns one if file-restore vms memory increase should be allowed +# user needs either +# 'VM.Allocate' on '/vms' (can create any number of vms) +# or 'Sys.Modify' on '/' (can modify the system to a state where it no longer functions) +my sub check_allow_dynamic_memory { + my ($rpcenv, $user) = @_; + + return 1 if $rpcenv->check($user, '/vms', ['VM.Allocate'], 1); + return 1 if $rpcenv->check($user, '/', ['Sys.Modify'], 1); + + return 0; +} + __PACKAGE__->register_method ({ name => 'list', path => 'list', @@ -119,7 +132,11 @@ __PACKAGE__->register_method ({ my (undef, $snap) = PVE::Storage::parse_volname($cfg, $volid); my $client = PVE::PBSClient->new($scfg, $storeid); - my $ret = $client->file_restore_list($snap, $path, $base64, { timeout => 25 }); + my $extract_params = { + timeout => 25, + 'dynamic-memory' => check_allow_dynamic_memory($rpcenv, $user), + }; + my $ret = $client->file_restore_list($snap, $path, $base64, $extract_params); if (ref($ret) eq "HASH") { my $msg = $ret->{message}; @@ -196,10 +213,14 @@ __PACKAGE__->register_method ({ my $client = PVE::PBSClient->new($scfg, $storeid); my $fifo = $client->file_restore_extract_prepare(); + my $extra_params = { + 'dynamic-memory' => check_allow_dynamic_memory($rpcenv, $user), + }; + $rpcenv->fork_worker('pbs-download', undef, $user, sub { my $name = decode_base64($path); print "Starting download of file: $name\n"; - $client->file_restore_extract($fifo, $snap, $path, 1); + $client->file_restore_extract($fifo, $snap, $path, 1, $extra_params); }); my $ret = { -- 2.30.2