]>
Commit | Line | Data |
---|---|---|
4792d439 WL |
1 | package PVE::Storage::CIFSPlugin; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use Net::IP; | |
6 | use PVE::Tools qw(run_command); | |
7 | use PVE::ProcFSTools; | |
8 | use File::Path; | |
9 | use PVE::Storage::Plugin; | |
10 | use PVE::JSONSchema qw(get_standard_option); | |
11 | ||
12 | use base qw(PVE::Storage::Plugin); | |
13 | ||
14 | # CIFS helper functions | |
15 | ||
16 | sub cifs_is_mounted { | |
17 | my ($server, $share, $mountpoint, $mountdata) = @_; | |
18 | ||
19 | $server = "[$server]" if Net::IP::ip_is_ipv6($server); | |
20 | my $source = "//${server}/$share"; | |
21 | $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata; | |
22 | ||
23 | return $mountpoint if grep { | |
24 | $_->[2] =~ /^cifs/ && | |
25 | $_->[0] =~ m|^\Q$source\E/?$| && | |
26 | $_->[1] eq $mountpoint | |
27 | } @$mountdata; | |
28 | return undef; | |
29 | } | |
30 | ||
a9db2ca8 DM |
31 | sub cifs_cred_file_name { |
32 | my ($storeid) = @_; | |
f33533d4 | 33 | return "/etc/pve/priv/storage/${storeid}.pw"; |
a9db2ca8 DM |
34 | } |
35 | ||
e2fc55b4 DM |
36 | sub cifs_delete_credentials { |
37 | my ($storeid) = @_; | |
38 | ||
319441e7 | 39 | if (my $cred_file = get_cred_file($storeid)) { |
e2fc55b4 DM |
40 | unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n"; |
41 | } | |
42 | } | |
43 | ||
a9db2ca8 DM |
44 | sub cifs_set_credentials { |
45 | my ($password, $storeid) = @_; | |
46 | ||
47 | my $cred_file = cifs_cred_file_name($storeid); | |
319441e7 | 48 | mkdir "/etc/pve/priv/storage"; |
a9db2ca8 DM |
49 | |
50 | PVE::Tools::file_set_contents($cred_file, "password=$password\n"); | |
51 | ||
52 | return $cred_file; | |
53 | } | |
54 | ||
4792d439 WL |
55 | sub get_cred_file { |
56 | my ($storeid) = @_; | |
57 | ||
a9db2ca8 | 58 | my $cred_file = cifs_cred_file_name($storeid); |
4792d439 | 59 | |
319441e7 TL |
60 | if (-e $cred_file) { |
61 | return $cred_file; | |
f33533d4 | 62 | } elsif (-e "/etc/pve/priv/${storeid}.cred") { |
319441e7 TL |
63 | # FIXME: remove fallback with 7.0 by doing a rename on upgrade from 6.x |
64 | return "/etc/pve/priv/${storeid}.cred"; | |
65 | } | |
66 | return undef; | |
4792d439 WL |
67 | } |
68 | ||
69 | sub cifs_mount { | |
70 | my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_; | |
71 | ||
72 | $server = "[$server]" if Net::IP::ip_is_ipv6($server); | |
73 | my $source = "//${server}/$share"; | |
74 | ||
75 | my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o']; | |
76 | ||
77 | if (my $cred_file = get_cred_file($storeid)) { | |
78 | push @$cmd, "username=$user", '-o', "credentials=$cred_file"; | |
79 | push @$cmd, '-o', "domain=$domain" if defined($domain); | |
80 | } else { | |
81 | push @$cmd, 'guest,username=guest'; | |
82 | } | |
83 | ||
84 | push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=3.0"; | |
85 | ||
86 | run_command($cmd, errmsg => "mount error"); | |
87 | } | |
88 | ||
89 | # Configuration | |
90 | ||
91 | sub type { | |
92 | return 'cifs'; | |
93 | } | |
94 | ||
95 | sub plugindata { | |
96 | return { | |
97 | content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1, | |
d1eb35ea | 98 | backup => 1, snippets => 1}, { images => 1 }], |
4792d439 WL |
99 | format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ], |
100 | }; | |
101 | } | |
102 | ||
103 | sub properties { | |
104 | return { | |
105 | share => { | |
106 | description => "CIFS share.", | |
107 | type => 'string', | |
108 | }, | |
109 | password => { | |
0f2549ed | 110 | description => "Password for accessing the share/datastore.", |
4792d439 WL |
111 | type => 'string', |
112 | maxLength => 256, | |
113 | }, | |
114 | domain => { | |
115 | description => "CIFS domain.", | |
116 | type => 'string', | |
117 | optional => 1, | |
118 | maxLength => 256, | |
119 | }, | |
120 | smbversion => { | |
5bc3edb2 | 121 | description => "SMB protocol version", |
4792d439 | 122 | type => 'string', |
c2f12dc6 | 123 | enum => ['2.0', '2.1', '3.0'], |
4792d439 WL |
124 | optional => 1, |
125 | }, | |
126 | }; | |
127 | } | |
128 | ||
129 | sub options { | |
130 | return { | |
131 | path => { fixed => 1 }, | |
132 | server => { fixed => 1 }, | |
133 | share => { fixed => 1 }, | |
134 | nodes => { optional => 1 }, | |
135 | disable => { optional => 1 }, | |
136 | maxfiles => { optional => 1 }, | |
3353698f | 137 | 'prune-backups' => { optional => 1 }, |
4792d439 WL |
138 | content => { optional => 1 }, |
139 | format => { optional => 1 }, | |
140 | username => { optional => 1 }, | |
141 | password => { optional => 1}, | |
142 | domain => { optional => 1}, | |
143 | smbversion => { optional => 1}, | |
3160dbf1 | 144 | mkdir => { optional => 1 }, |
c3ed9ac3 | 145 | bwlimit => { optional => 1 }, |
4792d439 WL |
146 | }; |
147 | } | |
148 | ||
149 | ||
150 | sub check_config { | |
151 | my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_; | |
152 | ||
153 | $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path}; | |
154 | ||
155 | return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck); | |
156 | } | |
157 | ||
158 | # Storage implementation | |
159 | ||
ab5e32bb TL |
160 | sub on_add_hook { |
161 | my ($class, $storeid, $scfg, %param) = @_; | |
162 | ||
e2fc55b4 DM |
163 | if (defined($param{password})) { |
164 | cifs_set_credentials($param{password}, $storeid); | |
72385de9 WB |
165 | if (!exists($scfg->{username})) { |
166 | warn "ignoring password parameter\n"; | |
167 | } | |
e2fc55b4 DM |
168 | } else { |
169 | cifs_delete_credentials($storeid); | |
170 | } | |
f3ccd0ef FE |
171 | |
172 | return; | |
e2fc55b4 DM |
173 | } |
174 | ||
175 | sub on_update_hook { | |
176 | my ($class, $storeid, $scfg, %param) = @_; | |
177 | ||
178 | return if !exists($param{password}); | |
179 | ||
180 | if (defined($param{password})) { | |
181 | cifs_set_credentials($param{password}, $storeid); | |
72385de9 WB |
182 | if (!exists($scfg->{username})) { |
183 | warn "ignoring password parameter\n"; | |
184 | } | |
e2fc55b4 DM |
185 | } else { |
186 | cifs_delete_credentials($storeid); | |
ab5e32bb | 187 | } |
f3ccd0ef FE |
188 | |
189 | return; | |
ab5e32bb TL |
190 | } |
191 | ||
192 | sub on_delete_hook { | |
193 | my ($class, $storeid, $scfg) = @_; | |
194 | ||
e2fc55b4 | 195 | cifs_delete_credentials($storeid); |
f3ccd0ef FE |
196 | |
197 | return; | |
ab5e32bb TL |
198 | } |
199 | ||
4792d439 WL |
200 | sub status { |
201 | my ($class, $storeid, $scfg, $cache) = @_; | |
202 | ||
203 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
204 | if !$cache->{mountdata}; | |
205 | ||
206 | my $path = $scfg->{path}; | |
207 | my $server = $scfg->{server}; | |
208 | my $share = $scfg->{share}; | |
209 | ||
210 | return undef | |
211 | if !cifs_is_mounted($server, $share, $path, $cache->{mountdata}); | |
212 | ||
213 | return $class->SUPER::status($storeid, $scfg, $cache); | |
214 | } | |
215 | ||
216 | sub activate_storage { | |
217 | my ($class, $storeid, $scfg, $cache) = @_; | |
218 | ||
219 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
220 | if !$cache->{mountdata}; | |
221 | ||
222 | my $path = $scfg->{path}; | |
223 | my $server = $scfg->{server}; | |
224 | my $share = $scfg->{share}; | |
225 | ||
226 | if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) { | |
227 | ||
3160dbf1 | 228 | mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir}); |
4792d439 WL |
229 | |
230 | die "unable to activate storage '$storeid' - " . | |
231 | "directory '$path' does not exist\n" if ! -d $path; | |
232 | ||
233 | cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion}, | |
234 | $scfg->{username}, $scfg->{domain}); | |
235 | } | |
236 | ||
237 | $class->SUPER::activate_storage($storeid, $scfg, $cache); | |
238 | } | |
239 | ||
240 | sub deactivate_storage { | |
241 | my ($class, $storeid, $scfg, $cache) = @_; | |
242 | ||
243 | $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts() | |
244 | if !$cache->{mountdata}; | |
245 | ||
246 | my $path = $scfg->{path}; | |
247 | my $server = $scfg->{server}; | |
248 | my $share = $scfg->{share}; | |
249 | ||
250 | if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) { | |
251 | my $cmd = ['/bin/umount', $path]; | |
252 | run_command($cmd, errmsg => 'umount error'); | |
253 | } | |
254 | } | |
255 | ||
256 | sub check_connection { | |
257 | my ($class, $storeid, $scfg) = @_; | |
258 | ||
ff6fa67f | 259 | my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share}; |
4792d439 | 260 | |
ff6fa67f | 261 | my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0', '-m']; |
4792d439 WL |
262 | |
263 | push @$cmd, $scfg->{smbversion} ? "smb".int($scfg->{smbversion}) : 'smb3'; | |
264 | ||
265 | if (my $cred_file = get_cred_file($storeid)) { | |
266 | push @$cmd, '-U', $scfg->{username}, '-A', $cred_file; | |
267 | push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain}); | |
268 | } else { | |
269 | push @$cmd, '-U', 'Guest','-N'; | |
270 | } | |
ff6fa67f WL |
271 | push @$cmd, '-c', 'echo 1 0'; |
272 | ||
4792d439 | 273 | my $out_str; |
70232472 TL |
274 | my $out = sub { $out_str .= shift }; |
275 | ||
276 | eval { run_command($cmd, timeout => 10, outfunc => $out, errfunc => sub {}) }; | |
4792d439 WL |
277 | |
278 | if (my $err = $@) { | |
840e3797 WL |
279 | die "$out_str\n" if defined($out_str) && |
280 | ($out_str =~ m/NT_STATUS_ACCESS_DENIED/); | |
4792d439 WL |
281 | return 0; |
282 | } | |
283 | ||
284 | return 1; | |
285 | } | |
286 | ||
44fdfb2a TL |
287 | sub get_volume_notes { |
288 | my $class = shift; | |
289 | PVE::Storage::DirPlugin::get_volume_notes($class, @_); | |
290 | } | |
291 | sub update_volume_notes { | |
292 | my $class = shift; | |
293 | PVE::Storage::DirPlugin::update_volume_notes($class, @_); | |
294 | } | |
295 | ||
4792d439 | 296 | 1; |