[pve-storage.git] / PVE / Storage / CIFSPlugin.pm

package PVE::Storage::CIFSPlugin;

use strict;
use warnings;
use Net::IP;
use PVE::Tools qw(run_command);
use PVE::ProcFSTools;
use File::Path;
use PVE::Storage::Plugin;
use PVE::JSONSchema qw(get_standard_option);

use base qw(PVE::Storage::Plugin);

# CIFS helper functions

sub cifs_is_mounted {
    my ($server, $share, $mountpoint, $mountdata) = @_;

    $server = "[$server]" if Net::IP::ip_is_ipv6($server);
    my $source = "//${server}/$share";
    $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata;

    return $mountpoint if grep {
	$_->[2] =~ /^cifs/ &&
	$_->[0] =~ m|^\Q$source\E/?$| &&
	$_->[1] eq $mountpoint
    } @$mountdata;
    return undef;
}

sub cifs_cred_file_name {
    my ($storeid) = @_;

    return "/etc/pve/priv/${storeid}.cred";
}

sub cifs_set_credentials {
    my ($password, $storeid) = @_;

    my $cred_file = cifs_cred_file_name($storeid);

    PVE::Tools::file_set_contents($cred_file, "password=$password\n");

    return $cred_file;
}

sub get_cred_file {
    my ($storeid) = @_;

    my $cred_file = cifs_cred_file_name($storeid);

    return -e $cred_file ? $cred_file : undef;
}

sub cifs_mount {
    my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_;

    $server = "[$server]" if Net::IP::ip_is_ipv6($server);
    my $source = "//${server}/$share";

    my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o'];

    if (my $cred_file = get_cred_file($storeid)) {
	push @$cmd, "username=$user", '-o', "credentials=$cred_file";
	push @$cmd, '-o', "domain=$domain" if defined($domain);
    } else {
	push @$cmd, 'guest,username=guest';
    }

    push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=3.0";

    run_command($cmd, errmsg => "mount error");
}

# Configuration

sub type {
    return 'cifs';
}

sub plugindata {
    return {
	content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
		   backup => 1}, { images => 1 }],
	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
    };
}

sub properties {
    return {
	share => {
	    description => "CIFS share.",
	    type => 'string',
	},
	password => {
	    description => "Password for CIFS share.",
	    type => 'string',
	    maxLength => 256,
	},
	domain => {
	    description => "CIFS domain.",
	    type => 'string',
	    optional => 1,
	    maxLength => 256,
	},
	smbversion => {
	    description => "SMB protocol version",
	    type => 'string',
	    enum => ['2.0', '2.1', '3.0'],
	    optional => 1,
	},
    };
}

sub options {
    return {
	path => { fixed => 1 },
	server => { fixed => 1 },
	share => { fixed => 1 },
	nodes => { optional => 1 },
	disable => { optional => 1 },
	maxfiles => { optional => 1 },
	content => { optional => 1 },
	format => { optional => 1 },
	username => { optional => 1 },
	password => { optional => 1},
	domain => { optional => 1},
	smbversion => { optional => 1},
	mkdir => { optional => 1 },
    };
}


sub check_config {
    my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_;

    $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path};

    return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck);
}

# Storage implementation

sub status {
    my ($class, $storeid, $scfg, $cache) = @_;

    $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	if !$cache->{mountdata};

    my $path = $scfg->{path};
    my $server = $scfg->{server};
    my $share = $scfg->{share};

    return undef
	if !cifs_is_mounted($server, $share, $path, $cache->{mountdata});

    return $class->SUPER::status($storeid, $scfg, $cache);
}

sub activate_storage {
    my ($class, $storeid, $scfg, $cache) = @_;

    $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	if !$cache->{mountdata};

    my $path = $scfg->{path};
    my $server = $scfg->{server};
    my $share = $scfg->{share};

    if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {

	mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir});

	die "unable to activate storage '$storeid' - " .
	    "directory '$path' does not exist\n" if ! -d $path;

	cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion},
	    $scfg->{username}, $scfg->{domain});
    }

    $class->SUPER::activate_storage($storeid, $scfg, $cache);
}

sub deactivate_storage {
    my ($class, $storeid, $scfg, $cache) = @_;

    $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	if !$cache->{mountdata};

    my $path = $scfg->{path};
    my $server = $scfg->{server};
    my $share = $scfg->{share};

    if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
	my $cmd = ['/bin/umount', $path];
	run_command($cmd, errmsg => 'umount error');
    }
}

sub check_connection {
    my ($class, $storeid, $scfg) = @_;

    my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share};

    my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0', '-m'];

    push @$cmd, $scfg->{smbversion} ? "smb".int($scfg->{smbversion}) : 'smb3';

    if (my $cred_file = get_cred_file($storeid)) {
	push @$cmd, '-U', $scfg->{username}, '-A', $cred_file;
	push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain});
    } else {
	push @$cmd, '-U', 'Guest','-N';
    }

    push @$cmd, '-c', 'echo 1 0';

    my $out_str;
    eval {
	run_command($cmd, timeout => 2, outfunc => sub {$out_str .= shift;},
		    errfunc => sub {});
    };

    if (my $err = $@) {
	die "$out_str\n" if defined($out_str) &&
	    ($out_str =~ m/NT_STATUS_ACCESS_DENIED/);
	return 0;
    }

    return 1;
}

1;
Commit	Line	Data
4792d439 WL	1	package PVE::Storage::CIFSPlugin;
	2
	3	use strict;
	4	use warnings;
	5	use Net::IP;
	6	use PVE::Tools qw(run_command);
	7	use PVE::ProcFSTools;
	8	use File::Path;
	9	use PVE::Storage::Plugin;
	10	use PVE::JSONSchema qw(get_standard_option);
	11
	12	use base qw(PVE::Storage::Plugin);
	13
	14	# CIFS helper functions
	15
	16	sub cifs_is_mounted {
	17	my ($server, $share, $mountpoint, $mountdata) = @_;
	18
	19	$server = "[$server]" if Net::IP::ip_is_ipv6($server);
	20	my $source = "//${server}/$share";
	21	$mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata;
	22
	23	return $mountpoint if grep {
	24	$_->[2] =~ /^cifs/ &&
	25	$_->[0] =~ m\|^\Q$source\E/?$\| &&
	26	$_->[1] eq $mountpoint
	27	} @$mountdata;
	28	return undef;
	29	}
	30
a9db2ca8 DM	31	sub cifs_cred_file_name {
	32	my ($storeid) = @_;
	33
	34	return "/etc/pve/priv/${storeid}.cred";
	35	}
	36
	37	sub cifs_set_credentials {
	38	my ($password, $storeid) = @_;
	39
	40	my $cred_file = cifs_cred_file_name($storeid);
	41
	42	PVE::Tools::file_set_contents($cred_file, "password=$password\n");
	43
	44	return $cred_file;
	45	}
	46
4792d439 WL	47	sub get_cred_file {
	48	my ($storeid) = @_;
	49
a9db2ca8	50	my $cred_file = cifs_cred_file_name($storeid);
4792d439	51
a9db2ca8	52	return -e $cred_file ? $cred_file : undef;
4792d439 WL	53	}
	54
	55	sub cifs_mount {
	56	my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_;
	57
	58	$server = "[$server]" if Net::IP::ip_is_ipv6($server);
	59	my $source = "//${server}/$share";
	60
	61	my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o'];
	62
	63	if (my $cred_file = get_cred_file($storeid)) {
	64	push @$cmd, "username=$user", '-o', "credentials=$cred_file";
	65	push @$cmd, '-o', "domain=$domain" if defined($domain);
	66	} else {
	67	push @$cmd, 'guest,username=guest';
	68	}
	69
	70	push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=3.0";
	71
	72	run_command($cmd, errmsg => "mount error");
	73	}
	74
	75	# Configuration
	76
	77	sub type {
	78	return 'cifs';
	79	}
	80
	81	sub plugindata {
	82	return {
	83	content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
	84	backup => 1}, { images => 1 }],
	85	format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
	86	};
	87	}
	88
	89	sub properties {
	90	return {
	91	share => {
	92	description => "CIFS share.",
	93	type => 'string',
	94	},
	95	password => {
	96	description => "Password for CIFS share.",
	97	type => 'string',
	98	maxLength => 256,
	99	},
	100	domain => {
	101	description => "CIFS domain.",
	102	type => 'string',
	103	optional => 1,
	104	maxLength => 256,
	105	},
	106	smbversion => {
5bc3edb2	107	description => "SMB protocol version",
4792d439	108	type => 'string',
c2f12dc6	109	enum => ['2.0', '2.1', '3.0'],
4792d439 WL	110	optional => 1,
	111	},
	112	};
	113	}
	114
	115	sub options {
	116	return {
	117	path => { fixed => 1 },
	118	server => { fixed => 1 },
	119	share => { fixed => 1 },
	120	nodes => { optional => 1 },
	121	disable => { optional => 1 },
	122	maxfiles => { optional => 1 },
	123	content => { optional => 1 },
	124	format => { optional => 1 },
	125	username => { optional => 1 },
	126	password => { optional => 1},
	127	domain => { optional => 1},
	128	smbversion => { optional => 1},
3160dbf1	129	mkdir => { optional => 1 },
4792d439 WL	130	};
	131	}
	132
	133
	134	sub check_config {
	135	my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_;
	136
	137	$config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path};
	138
	139	return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck);
	140	}
	141
	142	# Storage implementation
	143
	144	sub status {
	145	my ($class, $storeid, $scfg, $cache) = @_;
	146
	147	$cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	148	if !$cache->{mountdata};
	149
	150	my $path = $scfg->{path};
	151	my $server = $scfg->{server};
	152	my $share = $scfg->{share};
	153
	154	return undef
	155	if !cifs_is_mounted($server, $share, $path, $cache->{mountdata});
	156
	157	return $class->SUPER::status($storeid, $scfg, $cache);
	158	}
	159
	160	sub activate_storage {
	161	my ($class, $storeid, $scfg, $cache) = @_;
	162
	163	$cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	164	if !$cache->{mountdata};
	165
	166	my $path = $scfg->{path};
	167	my $server = $scfg->{server};
	168	my $share = $scfg->{share};
	169
	170	if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
	171
3160dbf1	172	mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir});
4792d439 WL	173
	174	die "unable to activate storage '$storeid' - " .
	175	"directory '$path' does not exist\n" if ! -d $path;
	176
	177	cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion},
	178	$scfg->{username}, $scfg->{domain});
	179	}
	180
	181	$class->SUPER::activate_storage($storeid, $scfg, $cache);
	182	}
	183
	184	sub deactivate_storage {
	185	my ($class, $storeid, $scfg, $cache) = @_;
	186
	187	$cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
	188	if !$cache->{mountdata};
	189
	190	my $path = $scfg->{path};
	191	my $server = $scfg->{server};
	192	my $share = $scfg->{share};
	193
	194	if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
	195	my $cmd = ['/bin/umount', $path];
	196	run_command($cmd, errmsg => 'umount error');
	197	}
	198	}
	199
	200	sub check_connection {
	201	my ($class, $storeid, $scfg) = @_;
	202
ff6fa67f	203	my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share};
4792d439	204
ff6fa67f	205	my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0', '-m'];
4792d439 WL	206
	207	push @$cmd, $scfg->{smbversion} ? "smb".int($scfg->{smbversion}) : 'smb3';
	208
	209	if (my $cred_file = get_cred_file($storeid)) {
	210	push @$cmd, '-U', $scfg->{username}, '-A', $cred_file;
	211	push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain});
	212	} else {
	213	push @$cmd, '-U', 'Guest','-N';
	214	}
	215
ff6fa67f WL	216	push @$cmd, '-c', 'echo 1 0';
ff6fa67f WL	217
4792d439 WL	218	my $out_str;
	219	eval {
	220	run_command($cmd, timeout => 2, outfunc => sub {$out_str .= shift;},
	221	errfunc => sub {});
	222	};
	223
	224	if (my $err = $@) {
840e3797 WL	225	die "$out_str\n" if defined($out_str) &&
840e3797 WL	226	($out_str =~ m/NT_STATUS_ACCESS_DENIED/);
4792d439 WL	227	return 0;
	228	}
	229
	230	return 1;
	231	}
	232
	233	1;