From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 23BCA6CD30 for ; Fri, 24 Sep 2021 13:49:26 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 1A744A6B1 for ; Fri, 24 Sep 2021 13:48:56 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id D324CA6A6 for ; Fri, 24 Sep 2021 13:48:54 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id AE1A34463F; Fri, 24 Sep 2021 13:48:54 +0200 (CEST) Message-ID: <404419e3-fe1d-4bf5-debf-135e506ad12e@proxmox.com> Date: Fri, 24 Sep 2021 13:48:53 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:93.0) Gecko/20100101 Thunderbird/93.0 Content-Language: en-US To: Fabian Ebner , Proxmox VE development discussion References: <20210917130227.248852-1-f.ebner@proxmox.com> <20210917130227.248852-7-f.ebner@proxmox.com> <3bf999e0-4ef9-bfbf-57f4-34ca3410463a@proxmox.com> From: Dominik Csapak In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.354 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [pbsplugin.pm, proxmox.com] Subject: Re: [pve-devel] [RFC storage 6/6] pbs: integrate support for protected X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Sep 2021 11:49:26 -0000 On 9/24/21 13:32, Fabian Ebner wrote: > Am 24.09.21 um 10:55 schrieb Dominik Csapak: >> On 9/17/21 15:02, Fabian Ebner wrote: >>> free_image doesn't need to check for protection, because that will >>> happen on the server. >>> >>> Getting/updating notes has also been refactored to re-use the code >>> for the PBS api calls. >>> >>> Signed-off-by: Fabian Ebner >>> --- >>> >>> Needs new external dependency for strptime (libposix-strptime-perl), >>> because it's not in perl's POSIX module. >>> >>> An alternative would be to use perlmod and export the proxmox crate's >>> function for parsing the timestring. >>> >>> It depends on Dominik's patches for PBS to work: >>> https://lists.proxmox.com/pipermail/pbs-devel/2021-September/003926.html >>> >>>   PVE/Storage/PBSPlugin.pm | 59 ++++++++++++++++++++++++++++++++++------ >>>   1 file changed, 51 insertions(+), 8 deletions(-) >>> >>> diff --git a/PVE/Storage/PBSPlugin.pm b/PVE/Storage/PBSPlugin.pm >>> index d8e1ac8..082d138 100644 >>> --- a/PVE/Storage/PBSPlugin.pm >>> +++ b/PVE/Storage/PBSPlugin.pm >>> @@ -9,7 +9,8 @@ use Fcntl qw(F_GETFD F_SETFD FD_CLOEXEC); >>>   use IO::File; >>>   use JSON; >>>   use MIME::Base64 qw(decode_base64); >>> -use POSIX qw(strftime ENOENT); >>> +use POSIX qw(mktime strftime ENOENT); >>> +use POSIX::strptime; >> >> nit: couldn't we combine those two lines? >> > > As noted above, this is a different dependency/package. It's not part of > the usual POSIX package. yeah i read the debian package part, i did not notice that POSIX::strptime is a seperate perl package as well and thought it would be automatically exposed in the POSIX module > >>>   use PVE::APIClient::LWP; >>>   use PVE::JSONSchema qw(get_standard_option); >>> @@ -218,6 +219,36 @@ sub print_volid { >>>       return "${storeid}:${volname}"; >>>   } >>> +# essentially the inverse of print_volid >>> +sub api_param_from_volname { >>> +    my ($class, $volname) = @_; >>> + >>> +    my $name = ($class->parse_volname($volname))[1]; >>> + >>> +    my ($btype, $bid, $timestr) = split('/', $name); >>> + >>> +    my @tm = (POSIX::strptime($timestr, "%FT%TZ")); >>> +    # expect sec, min, hour, mday, mon, year >>> +    die "error parsing time from '$volname'" if grep { !defined($_) >>> } @tm[0..5]; >>> + >>> +    my $btime; >>> +    { >>> +    local $ENV{TZ} = 'UTC'; # $timestr is UTC >>> + >>> +    # Fill in isdst to avoid undef warning. No daylight saving time >>> for UTC. >>> +    $tm[8] //= 0; >>> + >>> +    my $since_epoch = mktime(@tm) or die "error converting time from >>> '$volname'\n"; >>> +    $btime = int($since_epoch); >>> +    } >>> + >>> +    return { >>> +    'backup-type' => $btype, >>> +    'backup-id' => $bid, >>> +    'backup-time' => $btime, >>> +    }; >>> +} >>> + >>>   my $USE_CRYPT_PARAMS = { >>>       backup => 1, >>>       restore => 1, >>> @@ -658,6 +689,7 @@ sub list_volumes { >>>       $info->{verification} = $item->{verification} if >>> defined($item->{verification}); >>>       $info->{notes} = $item->{comment} if defined($item->{comment}); >>> +    $info->{protected} = 1 if $item->{protected}; >>>       if (defined($item->{fingerprint})) { >>>           $info->{encrypted} = $item->{fingerprint}; >>>       } elsif (snapshot_files_encrypted($item->{files})) { >>> @@ -785,12 +817,19 @@ sub deactivate_volume { >>>   sub get_volume_attribute { >>>       my ($class, $scfg, $storeid, $volname, $attribute) = @_; >>> -    if ($attribute eq 'notes') { >>> -    my (undef, $name,  undef, undef, undef, undef, $format) = >>> $class->parse_volname($volname); >>> +    if ($attribute eq 'notes' || $attribute eq 'protected') { >>> +    my $param = $class->api_param_from_volname($volname); >>> -    my $data = run_client_cmd($scfg, $storeid, "snapshot", [ >>> "notes", "show", $name ]); >>> +    my $password = pbs_get_password($scfg, $storeid); >>> +    my $conn = pbs_api_connect($scfg, $password); >>> +    my $datastore = $scfg->{datastore}; >>> -    return $data->{notes} // ''; >>> +    my $res = eval { >>> $conn->get("/api2/json/admin/datastore/$datastore/$attribute", >>> $param); }; >>> +    if (my $err = $@) { >>> +        return if $err->{code} == 404; # not supported >>> +        die $err; >>> +    } >>> +    return $res; >>>       } >>>       return; >>> @@ -799,11 +838,15 @@ sub get_volume_attribute { >>>   sub update_volume_attribute { >>>       my ($class, $scfg, $storeid, $volname, $attribute, $value) = @_; >>> -    if ($attribute eq 'notes') { >>> -    my (undef, $name,  undef, undef, undef, undef, $format) = >>> $class->parse_volname($volname); >>> +    if ($attribute eq 'notes' || $attribute eq 'protected') { >>> +    my $param = $class->api_param_from_volname($volname); >>> +    $param->{$attribute} = $value; >>> -    run_client_cmd($scfg, $storeid, "snapshot", [ "notes", "update", >>> $name, $value ], 1); >>> +    my $password = pbs_get_password($scfg, $storeid); >>> +    my $conn = pbs_api_connect($scfg, $password); >>> +    my $datastore = $scfg->{datastore}; >>> +    $conn->put("/api2/json/admin/datastore/$datastore/$attribute", >>> $param); >>>       return; >>>       } >>> >> >>