From: Arthur Bied-Charreton <a.bied-charreton@proxmox.com>
To: Lukas Wagner <l.wagner@proxmox.com>
Cc: pve-devel@lists.proxmox.com
Subject: Re: [PATCH proxmox 2/7] notify (smtp): Introduce state module
Date: Tue, 24 Mar 2026 09:50:35 +0100 [thread overview]
Message-ID: <onks7365xwtqz53vexdferd3gzuhvfik4zu5nkc4w5pz2j7m2d@kzcwir35g2iu> (raw)
In-Reply-To: <DHA5SAKGQAN1.BVWSK7UCNBR8@proxmox.com>
On Mon, Mar 23, 2026 at 01:26:05PM +0100, Lukas Wagner wrote:
[...]
> > + proxmox_sys::fs::ensure_dir_exists(parent, &context().secret_create_options(), false)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))?;
>
> I'm getting a "bad permissions on "/etc/pve/priv/notifications" (0o700
> != 0o600)" error in the system/task logs when the token is refreshed.
> The CreateOptions provided by the context are 0o600, but I think pmxcfs
> automatically enforces the x-bit on directories, leading to 0o700 perms
> on the '/etc/pve/priv/notifications/' directory, which ultimately gives
> us this error. I think you either have to add a separate trait method
> for the directory permissions/CreateOptions, or add the x-bit to the
> existing CreateOptions yourself here at the callsite.
>
Just looked into that, there is a `create_secret_dir` function in
`proxmox-product-config` that does exactly what we need here.
> > +
> > + let s = serde_json::to_string_pretty(&self)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))?;
> > +
> > + proxmox_sys::fs::replace_file(path, s.as_bytes(), context().secret_create_options(), true)
> > + .map_err(|e| Error::ConfigSerialization(e.into()))
> > + }
> > +
> > + /// Set `last_refreshed`.
> > + pub(crate) fn set_last_refreshed(mut self, last_refreshed: i64) -> Self {
> > + self.last_refreshed = last_refreshed;
> > + self
> > + }
> > +
> > + /// Set `oauth2_refresh_token`.
> > + pub(crate) fn set_oauth2_refresh_token(mut self, oauth2_refresh_token: Option<String>) -> Self {
> > + self.oauth2_refresh_token = oauth2_refresh_token;
> > + self
> > + }
> > +}
>
next prev parent reply other threads:[~2026-03-24 8:50 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-13 16:03 [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Arthur Bied-Charreton
2026-02-13 16:03 ` [PATCH proxmox 1/7] notify (smtp): Introduce xoauth2 module Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 2/7] notify (smtp): Introduce state module Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:32 ` Arthur Bied-Charreton
2026-03-24 8:50 ` Arthur Bied-Charreton [this message]
2026-02-13 16:04 ` [PATCH proxmox 3/7] notify (smtp): Factor out transport building logic into own function Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 4/7] notify (smtp): Update API with OAuth2 parameters Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox 5/7] notify (smtp): Add state handling logic Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 6/7] notify (smtp): Add XOAUTH2 authentication support Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox 7/7] notify (smtp): Add logging and state-related error types Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-perl-rs 1/1] notify (smtp): add oauth2 parameters to bindings Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:44 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 1/2] utils: Add OAuth2 flow handlers Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH proxmox-widget-toolkit 2/2] notifications: Add opt-in OAuth2 support for SMTP targets Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:49 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 1/5] notifications: Add OAuth2 parameters to schema and add/update endpoints Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH pve-manager 2/5] notifications: Add trigger-state-refresh endpoint Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-02-13 16:04 ` [PATCH pve-manager 3/5] notifications: Trigger notification target refresh in pveupdate Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 4/5] notifications: Handle OAuth2 callback in login handler Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-manager 5/5] notifications: Opt into OAuth2 authentication Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-cluster 1/1] notifications: Add refresh_targets subroutine to PVE::Notify Arthur Bied-Charreton
2026-03-23 12:26 ` Lukas Wagner
2026-03-23 16:54 ` Arthur Bied-Charreton
2026-02-13 16:04 ` [PATCH pve-docs 1/1] notifications: Add section about OAuth2 to SMTP targets docs Arthur Bied-Charreton
2026-03-23 12:25 ` [PATCH cluster/docs/manager/proxmox{,-perl-rs,-widget-toolkit} 00/17] fix #7238: Add XOAUTH2 authentication support for SMTP notification targets Lukas Wagner
2026-03-25 13:16 ` superseded: " Arthur Bied-Charreton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=onks7365xwtqz53vexdferd3gzuhvfik4zu5nkc4w5pz2j7m2d@kzcwir35g2iu \
--to=a.bied-charreton@proxmox.com \
--cc=l.wagner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox