From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 8D6A66A0DF for ; Tue, 15 Mar 2022 12:34:08 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 843B71DBCD for ; Tue, 15 Mar 2022 12:34:08 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 98D531DBC2 for ; Tue, 15 Mar 2022 12:34:07 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 5D32D463EC for ; Tue, 15 Mar 2022 12:34:07 +0100 (CET) Message-ID: <4d53f610-f56b-1184-08fd-998a5e6982ee@proxmox.com> Date: Tue, 15 Mar 2022 12:34:05 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:99.0) Gecko/20100101 Thunderbird/99.0 Content-Language: en-US To: Oguz Bektas , Proxmox VE development discussion , Fabian Ebner References: <20220314135042.1210842-1-o.bektas@proxmox.com> <937a66e6-aa1f-5ef7-5f84-7814f8b6469f@proxmox.com> From: Thomas Lamprecht In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.058 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -0.001 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: Re: [pve-devel] [PATCH v2 common] REST environment: default to root@pam in forked workers if no user was specified X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Mar 2022 11:34:08 -0000 On 15.03.22 12:21, Oguz Bektas wrote: > On Tue, Mar 15, 2022 at 09:57:34AM +0100, Thomas Lamprecht wrote: >> On 15.03.22 08:31, Fabian Ebner wrote: >>> Am 14.03.22 um 14:50 schrieb Oguz Bektas: >>>> first call $rpcenv->get_user() if user was 'undef'. if that doesn't >>>> return then we set it to root@pam. >> >> this is just the "whats done" description, that's not really interesting for >> such a short patch, as it can be read from the code change directly without >> much effort. A sentence about why (original code reason, change reason to the >> new behavior) and impact (what are the call sites that could be affected) >> would be more helpful. > > those were all in the v1 patch for pve-container (which had the only call but there no reference whatsoever to that, so someone checking pve-common's history and stumbling over this commit is not aware at all of any such info. So please either copy (for common) relevant info here or at least reference the repo and commit id of the container patch for context, thx. >>>> + >>>> + if (!defined($user)) { >>>> + warn 'internal error: Worker user was not specified, defaulting to "root@pam"!'; >> >> missing newline at the ends means spamming the log more with internal perl module >> file/line location and I don't really get the warning in the first place, either >> it's OK to fallback or not. >> >> The REST-env should have a valid user for most (all?) API/CLI-handler derived use >> cases, as only the public API calls have no user set but there we don't use fork_worker >> at all. >> >> So, I'd examine possible call sites that won't have a user passed nor available via >> get_user(), and dependening from if they even exist I'd >> >> * check if we could set a sensible user-id, if possible, there already >> * make this either a no-warn or just drop the if-block and avoid passing the $noerr >> to $self->get_user(), making this a usage error. The latter would be cleaner, but >> has some theoretic breakage potential. As call-site evaluation should be done in any >> case, as neither breakage nor defaulting to root@pam is something that should be done >> "blindly" (I mean, root fallback was probably intended originally, just avoided due >> to the realm typo, but still). > > see the v1 patch for pve-container. i didn't find any other call sites, the > warning was in case we forgot any other call sites somewhere. > that's exactly why I'd always like to have some context, allows to safe some typing/research time ^^ > defaulting to 'root@pam' in this case actually has no effect but it's > only in the logging for tasks. if this is only ever used for logging (I did not get that from the commit message) then warning makes not much sense, set $noerr and just fallback, i.e. something like # note: below is for logging purpose only: $user = $self->get_user(1) // 'root@pam' if !defined($user); > > i talked to dietmar about this off-list before sending the v1, since > this bit of code was originally imported from the svn repositories way > back, and he told me that it was intended for the log. k