]>
Commit | Line | Data |
---|---|---|
4792d439 WL |
1 | package PVE::Storage::CIFSPlugin; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use Net::IP; | |
6 | use PVE::Tools qw(run_command); | |
7 | use PVE::ProcFSTools; | |
8 | use File::Path; | |
9 | use PVE::Storage::Plugin; | |
10 | use PVE::JSONSchema qw(get_standard_option); | |
11 | ||
12 | use base qw(PVE::Storage::Plugin); | |
13 | ||
14 | # CIFS helper functions | |
15 | ||
362159a8 LN |
16 | sub cifs_is_mounted : prototype($$) { |
17 | my ($scfg, $mountdata) = @_; | |
18 | ||
97edd11f | 19 | my ($mountpoint, $server, $share) = $scfg->@{'path', 'server', 'share'}; |
30c0c708 | 20 | my $subdir = $scfg->{subdir} // ''; |
4792d439 WL |
21 | |
22 | $server = "[$server]" if Net::IP::ip_is_ipv6($server); | |
362159a8 | 23 | my $source = "//${server}/$share$subdir"; |
4792d439 WL |
24 | $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata; |
25 | ||
26 | return $mountpoint if grep { | |
27 | $_->[2] =~ /^cifs/ && | |
28 | $_->[0] =~ m|^\Q$source\E/?$| && | |
29 | $_->[1] eq $mountpoint | |
30 | } @$mountdata; | |
31 | return undef; | |
32 | } | |
33 | ||
a9db2ca8 DM |
34 | sub cifs_cred_file_name { |
35 | my ($storeid) = @_; | |
f33533d4 | 36 | return "/etc/pve/priv/storage/${storeid}.pw"; |
a9db2ca8 DM |
37 | } |
38 | ||
e2fc55b4 DM |
39 | sub cifs_delete_credentials { |
40 | my ($storeid) = @_; | |
41 | ||
319441e7 | 42 | if (my $cred_file = get_cred_file($storeid)) { |
e2fc55b4 DM |
43 | unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n"; |
44 | } | |
45 | } | |
46 | ||
a9db2ca8 DM |
47 | sub cifs_set_credentials { |
48 | my ($password, $storeid) = @_; | |
49 | ||
50 | my $cred_file = cifs_cred_file_name($storeid); | |
319441e7 | 51 | mkdir "/etc/pve/priv/storage"; |
a9db2ca8 DM |
52 | |
53 | PVE::Tools::file_set_contents($cred_file, "password=$password\n"); | |
54 | ||
55 | return $cred_file; | |
56 | } | |
57 | ||
4792d439 WL |
58 | sub get_cred_file { |
59 | my ($storeid) = @_; | |
60 | ||
a9db2ca8 | 61 | my $cred_file = cifs_cred_file_name($storeid); |
4792d439 | 62 | |
319441e7 TL |
63 | if (-e $cred_file) { |
64 | return $cred_file; | |
319441e7 TL |
65 | } |
66 | return undef; | |
4792d439 WL |
67 | } |
68 | ||
362159a8 LN |
69 | sub cifs_mount : prototype($$$$$) { |
70 | my ($scfg, $storeid, $smbver, $user, $domain) = @_; | |
71 | ||
97edd11f | 72 | my ($mountpoint, $server, $share) = $scfg->@{'path', 'server', 'share'}; |
30c0c708 | 73 | my $subdir = $scfg->{subdir} // ''; |
4792d439 WL |
74 | |
75 | $server = "[$server]" if Net::IP::ip_is_ipv6($server); | |
362159a8 | 76 | my $source = "//${server}/$share$subdir"; |
4792d439 WL |
77 | |
78 | my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o']; | |
79 | ||
80 | if (my $cred_file = get_cred_file($storeid)) { | |
81 | push @$cmd, "username=$user", '-o', "credentials=$cred_file"; | |
82 | push @$cmd, '-o', "domain=$domain" if defined($domain); | |
83 | } else { | |
84 | push @$cmd, 'guest,username=guest'; | |
85 | } | |
86 | ||
e1667a22 | 87 | push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=default"; |
4792d439 WL |
88 | |
89 | run_command($cmd, errmsg => "mount error"); | |
90 | } | |
91 | ||
92 | # Configuration | |
93 | ||
94 | sub type { | |
95 | return 'cifs'; | |
96 | } | |
97 | ||
98 | sub plugindata { | |
99 | return { | |
100 | content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1, | |
d1eb35ea | 101 | backup => 1, snippets => 1}, { images => 1 }], |
4792d439 WL |
102 | format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ], |
103 | }; | |
104 | } | |
105 | ||
106 | sub properties { | |
107 | return { | |
108 | share => { | |
109 | description => "CIFS share.", | |
110 | type => 'string', | |
111 | }, | |
112 | password => { | |
0f2549ed | 113 | description => "Password for accessing the share/datastore.", |
4792d439 WL |
114 | type => 'string', |
115 | maxLength => 256, | |
116 | }, | |
117 | domain => { | |
118 | description => "CIFS domain.", | |
119 | type => 'string', | |
120 | optional => 1, | |
121 | maxLength => 256, | |
122 | }, | |
123 | smbversion => { | |
e1667a22 TL |
124 | description => "SMB protocol version. 'default' if not set, negotiates the highest SMB2+" |
125 | ." version supported by both the client and server.", | |
4792d439 | 126 | type => 'string', |
e1667a22 | 127 | default => 'default', |
9fff8c7a | 128 | enum => ['default', '2.0', '2.1', '3', '3.0', '3.11'], |
4792d439 WL |
129 | optional => 1, |
130 | }, | |
131 | }; | |
132 | } | |
133 | ||
134 | sub options { | |
135 | return { | |
136 | path => { fixed => 1 }, | |
b539bb46 | 137 | 'content-dirs' => { optional => 1 }, |
4792d439 WL |
138 | server => { fixed => 1 }, |
139 | share => { fixed => 1 }, | |
362159a8 | 140 | subdir => { optional => 1 }, |
4792d439 WL |
141 | nodes => { optional => 1 }, |
142 | disable => { optional => 1 }, | |
143 | maxfiles => { optional => 1 }, | |
3353698f | 144 | 'prune-backups' => { optional => 1 }, |
8009417d | 145 | 'max-protected-backups' => { optional => 1 }, |
4792d439 WL |
146 | content => { optional => 1 }, |
147 | format => { optional => 1 }, | |
148 | username => { optional => 1 }, | |
149 | password => { optional => 1}, | |
150 | domain => { optional => 1}, | |
151 | smbversion => { optional => 1}, | |
3160dbf1 | 152 | mkdir => { optional => 1 }, |
c3ed9ac3 | 153 | bwlimit => { optional => 1 }, |
95ff5dbd | 154 | preallocation => { optional => 1 }, |
4792d439 WL |
155 | }; |
156 | } | |
157 | ||
158 | ||
159 | sub check_config { | |
160 | my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_; | |
161 | ||
162 | $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path}; | |
163 | ||
164 | return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck); | |
165 | } | |
166 | ||
167 | # Storage implementation | |
168 | ||
ab5e32bb | 169 | sub on_add_hook { |
02f43ab4 | 170 | my ($class, $storeid, $scfg, %sensitive) = @_; |
ab5e32bb | 171 | |
02f43ab4 TL |
172 | if (defined($sensitive{password})) { |
173 | cifs_set_credentials($sensitive{password}, $storeid); | |
72385de9 | 174 | if (!exists($scfg->{username})) { |
b4e88b7f | 175 | warn "storage $storeid: ignoring password parameter, no user set\n"; |
72385de9 | 176 | } |
e2fc55b4 DM |
177 | } else { |
178 | cifs_delete_credentials($storeid); | |
179 | } | |
f3ccd0ef FE |
180 | |
181 | return; | |
e2fc55b4 DM |
182 | } |
183 | ||
184 | sub on_update_hook { | |
02f43ab4 | 185 | my ($class, $storeid, $scfg, %sensitive) = @_; |
e2fc55b4 | 186 | |
02f43ab4 | 187 | return if !exists($sensitive{password}); |
e2fc55b4 | 188 | |
02f43ab4 TL |
189 | if (defined($sensitive{password})) { |
190 | cifs_set_credentials($sensitive{password}, $storeid); | |
72385de9 | 191 | if (!exists($scfg->{username})) { |
b4e88b7f | 192 | warn "storage $storeid: ignoring password parameter, no user set\n"; |
72385de9 | 193 | } |
e2fc55b4 DM |
194 | } else { |
195 | cifs_delete_credentials($storeid); | |
ab5e32bb | 196 | } |
f3ccd0ef FE |
197 | |
198 | return; | |
ab5e32bb TL |
199 | } |
200 | ||
201 | sub on_delete_hook { | |
202 | my ($class, $storeid, $scfg) = @_; | |
203 | ||
e2fc55b4 | 204 | cifs_delete_credentials($storeid); |
f3ccd0ef FE |
205 | |
206 | return; | |
ab5e32bb TL |
207 | } |
208 | ||
4792d439 WL |
209 | sub status { |
210 | my ($class, $storeid, $scfg, $cache) = @_; | |
211 | ||
212 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
213 | if !$cache->{mountdata}; | |
214 | ||
4792d439 | 215 | return undef |
362159a8 | 216 | if !cifs_is_mounted($scfg, $cache->{mountdata}); |
4792d439 WL |
217 | |
218 | return $class->SUPER::status($storeid, $scfg, $cache); | |
219 | } | |
220 | ||
221 | sub activate_storage { | |
222 | my ($class, $storeid, $scfg, $cache) = @_; | |
223 | ||
224 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
225 | if !$cache->{mountdata}; | |
226 | ||
227 | my $path = $scfg->{path}; | |
4792d439 | 228 | |
362159a8 | 229 | if (!cifs_is_mounted($scfg, $cache->{mountdata})) { |
4792d439 | 230 | |
3160dbf1 | 231 | mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir}); |
4792d439 WL |
232 | |
233 | die "unable to activate storage '$storeid' - " . | |
234 | "directory '$path' does not exist\n" if ! -d $path; | |
235 | ||
362159a8 | 236 | cifs_mount($scfg, $storeid, $scfg->{smbversion}, |
4792d439 WL |
237 | $scfg->{username}, $scfg->{domain}); |
238 | } | |
239 | ||
240 | $class->SUPER::activate_storage($storeid, $scfg, $cache); | |
241 | } | |
242 | ||
243 | sub deactivate_storage { | |
244 | my ($class, $storeid, $scfg, $cache) = @_; | |
245 | ||
246 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
247 | if !$cache->{mountdata}; | |
248 | ||
249 | my $path = $scfg->{path}; | |
4792d439 | 250 | |
362159a8 | 251 | if (cifs_is_mounted($scfg, $cache->{mountdata})) { |
4792d439 WL |
252 | my $cmd = ['/bin/umount', $path]; |
253 | run_command($cmd, errmsg => 'umount error'); | |
254 | } | |
255 | } | |
256 | ||
257 | sub check_connection { | |
258 | my ($class, $storeid, $scfg) = @_; | |
259 | ||
ff6fa67f | 260 | my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share}; |
4792d439 | 261 | |
e1667a22 | 262 | my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0']; |
4792d439 | 263 | |
e1667a22 TL |
264 | if (defined($scfg->{smbversion}) && $scfg->{smbversion} ne 'default') { |
265 | # max-protocol version, so basically only relevant for smb2 vs smb3 | |
266 | push @$cmd, '-m', "smb" . int($scfg->{smbversion}); | |
267 | } | |
4792d439 WL |
268 | |
269 | if (my $cred_file = get_cred_file($storeid)) { | |
270 | push @$cmd, '-U', $scfg->{username}, '-A', $cred_file; | |
271 | push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain}); | |
272 | } else { | |
273 | push @$cmd, '-U', 'Guest','-N'; | |
274 | } | |
ff6fa67f WL |
275 | push @$cmd, '-c', 'echo 1 0'; |
276 | ||
4792d439 | 277 | my $out_str; |
70232472 TL |
278 | my $out = sub { $out_str .= shift }; |
279 | ||
280 | eval { run_command($cmd, timeout => 10, outfunc => $out, errfunc => sub {}) }; | |
4792d439 WL |
281 | |
282 | if (my $err = $@) { | |
840e3797 | 283 | die "$out_str\n" if defined($out_str) && |
5ef50a82 | 284 | ($out_str =~ m/NT_STATUS_(ACCESS_DENIED|LOGON_FAILURE)/); |
4792d439 WL |
285 | return 0; |
286 | } | |
287 | ||
288 | return 1; | |
289 | } | |
290 | ||
f1de8281 FE |
291 | # FIXME remove on the next APIAGE reset. |
292 | # Deprecated, use get_volume_attribute instead. | |
44fdfb2a TL |
293 | sub get_volume_notes { |
294 | my $class = shift; | |
295 | PVE::Storage::DirPlugin::get_volume_notes($class, @_); | |
296 | } | |
f1de8281 FE |
297 | |
298 | # FIXME remove on the next APIAGE reset. | |
299 | # Deprecated, use update_volume_attribute instead. | |
44fdfb2a TL |
300 | sub update_volume_notes { |
301 | my $class = shift; | |
302 | PVE::Storage::DirPlugin::update_volume_notes($class, @_); | |
303 | } | |
304 | ||
f1de8281 FE |
305 | sub get_volume_attribute { |
306 | return PVE::Storage::DirPlugin::get_volume_attribute(@_); | |
307 | } | |
308 | ||
309 | sub update_volume_attribute { | |
310 | return PVE::Storage::DirPlugin::update_volume_attribute(@_); | |
311 | } | |
312 | ||
4792d439 | 313 | 1; |