6 use Date
::Format
qw(time2str);
10 use Fcntl
qw(:DEFAULT :flock);
12 use File
::Path
qw(make_path);
13 use Filesys
::Df
(); # don't overwrite our df()
22 use POSIX
qw(EINTR EEXIST EOPNOTSUPP);
23 use Scalar
::Util
'weaken';
24 use Socket
qw(AF_INET AF_INET6 AI_ALL AI_V4MAPPED AI_CANONNAME SOCK_DGRAM IPPROTO_TCP);
25 use String
::ShellQuote
;
27 use Time
::HiRes
qw(usleep gettimeofday tv_interval alarm);
33 # avoid warning when parsing long hex values with hex()
34 no warnings
'portable'; # Support for 64-bit ints required
52 extract_sensitive_params
67 my $pvelogdir = "/var/log/pve";
68 my $pvetaskdir = "$pvelogdir/tasks";
73 my $IPV4OCTET = "(?:25[0-5]|(?:2[0-4]|1[0-9]|[1-9])?[0-9])";
74 our $IPV4RE = "(?:(?:$IPV4OCTET\\.){3}$IPV4OCTET)";
75 my $IPV6H16 = "(?:[0-9a-fA-F]{1,4})";
76 my $IPV6LS32 = "(?:(?:$IPV4RE|$IPV6H16:$IPV6H16))";
79 "(?:(?:" . "(?:$IPV6H16:){6})$IPV6LS32)|" .
80 "(?:(?:" . "::(?:$IPV6H16:){5})$IPV6LS32)|" .
81 "(?:(?:(?:" . "$IPV6H16)?::(?:$IPV6H16:){4})$IPV6LS32)|" .
82 "(?:(?:(?:(?:$IPV6H16:){0,1}$IPV6H16)?::(?:$IPV6H16:){3})$IPV6LS32)|" .
83 "(?:(?:(?:(?:$IPV6H16:){0,2}$IPV6H16)?::(?:$IPV6H16:){2})$IPV6LS32)|" .
84 "(?:(?:(?:(?:$IPV6H16:){0,3}$IPV6H16)?::(?:$IPV6H16:){1})$IPV6LS32)|" .
85 "(?:(?:(?:(?:$IPV6H16:){0,4}$IPV6H16)?::" . ")$IPV6LS32)|" .
86 "(?:(?:(?:(?:$IPV6H16:){0,5}$IPV6H16)?::" . ")$IPV6H16)|" .
87 "(?:(?:(?:(?:$IPV6H16:){0,6}$IPV6H16)?::" . ")))";
89 our $IPRE = "(?:$IPV4RE|$IPV6RE)";
91 our $EMAIL_USER_RE = qr/[\w\+\-\~]+(\.[\w\+\-\~]+)*/;
92 our $EMAIL_RE = qr/$EMAIL_USER_RE@[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*/;
94 use constant {CLONE_NEWNS
=> 0x00020000,
95 CLONE_NEWUTS
=> 0x04000000,
96 CLONE_NEWIPC
=> 0x08000000,
97 CLONE_NEWUSER
=> 0x10000000,
98 CLONE_NEWPID
=> 0x20000000,
99 CLONE_NEWNET
=> 0x40000000};
101 use constant {O_PATH
=> 0x00200000,
102 O_CLOEXEC
=> 0x00080000,
103 O_TMPFILE
=> 0x00400000 | O_DIRECTORY
};
105 use constant {AT_EMPTY_PATH
=> 0x1000,
109 use constant {RENAME_NOREPLACE
=> (1 << 0),
110 RENAME_EXCHANGE
=> (1 << 1),
111 RENAME_WHITEOUT
=> (1 << 2)};
113 sub run_with_timeout
{
114 my ($timeout, $code, @param) = @_;
116 die "got timeout\n" if $timeout <= 0;
118 my $prev_alarm = alarm 0; # suspend outer alarm early
126 local $SIG{ALRM
} = sub { $sigcount++; $got_timeout = 1; die "got timeout\n"; };
127 local $SIG{PIPE
} = sub { $sigcount++; die "broken pipe\n" };
128 local $SIG{__DIE__
}; # see SA bug 4631
132 eval { $res = &$code(@param); };
134 alarm(0); # avoid race conditions
143 # this shouldn't happen anymore?
144 die "unknown error" if $sigcount && !$err; # seems to happen sometimes
146 # assume that user handles timeout err if called in list context
147 die $err if $err && (!wantarray || !$got_timeout);
149 return wantarray ?
($res, $got_timeout) : $res;
152 # flock: we use one file handle per process, so lock file
153 # can be nested multiple times and succeeds for the same process.
155 # Since this is the only way we lock now and we don't have the old
156 # 'lock(); code(); unlock();' pattern anymore we do not actually need to
157 # count how deep we're nesting. Therefore this hash now stores a weak reference
158 # to a boolean telling us whether we already have a lock.
160 my $lock_handles = {};
163 my ($filename, $timeout, $shared, $code, @param) = @_;
165 $timeout = 10 if !$timeout;
167 my $mode = $shared ? LOCK_SH
: LOCK_EX
;
169 my $lockhash = ($lock_handles->{$$} //= {});
171 # Returns a locked file handle.
172 my $get_locked_file = sub {
173 my $fh = IO
::File-
>new(">>$filename")
174 or die "can't open file - $!\n";
176 if (!flock($fh, $mode|LOCK_NB
)) {
177 print STDERR
"trying to acquire lock...\n";
180 $success = flock($fh, $mode);
181 # try again on EINTR (see bug #273)
182 if ($success || ($! != EINTR
)) {
187 print STDERR
" failed\n";
188 die "can't acquire lock '$filename' - $!\n";
190 print STDERR
" OK\n";
197 my $checkptr = $lockhash->{$filename};
198 my $check = 0; # This must not go out of scope before running the code.
199 my $local_fh; # This must stay local
200 if (!$checkptr || !$$checkptr) {
201 # We cannot create a weak reference in a single atomic step, so we first
202 # create a false-value, then create a reference to it, then weaken it,
203 # and after successfully locking the file we change the boolean value.
205 # The reason for this is that if an outer SIGALRM throws an exception
206 # between creating the reference and weakening it, a subsequent call to
207 # lock_file_full() will see a leftover full reference to a valid
208 # variable. This variable must be 0 in order for said call to attempt to
209 # lock the file anew.
211 # An externally triggered exception elsewhere in the code will cause the
212 # weak reference to become 'undef', and since the file handle is only
213 # stored in the local scope in $local_fh, the file will be closed by
214 # perl's cleanup routines as well.
216 # This still assumes that an IO::File handle can properly deal with such
217 # exceptions thrown during its own destruction, but that's up to perls
219 $lockhash->{$filename} = \
$check;
220 weaken
$lockhash->{$filename};
221 $local_fh = eval { run_with_timeout
($timeout, $get_locked_file) };
223 $@ = "can't lock file '$filename' - $@";
228 $res = eval { &$code(@param); };
235 my ($filename, $timeout, $code, @param) = @_;
237 return lock_file_full
($filename, $timeout, 0, $code, @param);
240 sub file_set_contents
{
241 my ($filename, $data, $perm, $force_utf8) = @_;
243 $perm = 0644 if !defined($perm);
245 my $tmpname = "$filename.tmp.$$";
248 my ($fh, $tries) = (undef, 0);
249 while (!$fh && $tries++ < 3) {
250 $fh = IO
::File-
>new($tmpname, O_WRONLY
|O_CREAT
|O_EXCL
, $perm);
251 if (!$fh && $! == EEXIST
) {
252 unlink($tmpname) or die "unable to delete old temp file: $!\n";
255 die "unable to open file '$tmpname' - $!\n" if !$fh;
257 binmode($fh, ":encoding(UTF-8)") if $force_utf8;
259 die "unable to write '$tmpname' - $!\n" unless print $fh $data;
260 die "closing file '$tmpname' failed - $!\n" unless close $fh;
269 if (!rename($tmpname, $filename)) {
270 my $msg = "close (rename) atomic file '$filename' failed: $!\n";
276 sub file_get_contents
{
277 my ($filename, $max) = @_;
279 my $fh = IO
::File-
>new($filename, "r") ||
280 die "can't open '$filename' - $!\n";
282 my $content = safe_read_from
($fh, $max, 0, $filename);
290 my ($filename, $dst, $max, $perm) = @_;
292 file_set_contents
($dst, file_get_contents
($filename, $max), $perm);
295 sub file_read_firstline
{
298 my $fh = IO
::File-
>new ($filename, "r");
300 return undef if $! == POSIX
::ENOENT
;
301 die "file '$filename' exists but open for reading failed - $!\n";
310 my ($fh, $max, $oneline, $filename) = @_;
312 # pmxcfs file size limit
313 $max = 1024 * 1024 if !$max;
315 my $subject = defined($filename) ?
"file '$filename'" : 'input';
320 while ($count = sysread($fh, $input, 8192, $br)) {
322 die "$subject too long - aborting\n" if $br > $max;
323 if ($oneline && $input =~ m/^(.*)\n/) {
328 die "unable to read $subject - $!\n" if !defined($count);
333 # The $cmd parameter can be:
335 # This is generally executed by passing it to the shell with the -c option.
336 # However, it can be executed in one of two ways, depending on whether
337 # there's a pipe involved:
338 # *) with pipe: passed explicitly to bash -c, prefixed with:
340 # *) without a pipe: passed to perl's open3 which uses 'sh -c'
341 # (Note that this may result in two different syntax requirements!)
343 # -) an array of arguments (strings)
344 # Will be executed without interference from a shell. (Parameters are passed
345 # as is, no escape sequences of strings will be touched.)
346 # -) an array of arrays
347 # Each array represents a command, and each command's output is piped into
348 # the following command's standard input.
349 # For this a shell command string is created with pipe symbols between each
351 # Each command is a list of strings meant to end up in the final command
352 # unchanged. In order to achieve this, every argument is shell-quoted.
353 # Quoting can be disabled for a particular argument by turning it into a
354 # reference, this allows inserting arbitrary shell options.
355 # For instance: the $cmd [ [ 'echo', 'hello', \'>/dev/null' ] ] will not
356 # produce any output, while the $cmd [ [ 'echo', 'hello', '>/dev/null' ] ]
357 # will literally print: hello >/dev/null
359 my ($cmd, %param) = @_;
364 if (my $ref = ref($cmd)) {
365 if (ref($cmd->[0])) {
366 $cmdstr = 'set -o pipefail && ';
368 foreach my $command (@$cmd) {
369 # concatenate quoted parameters
370 # strings which are passed by reference are NOT shell quoted
371 $cmdstr .= $pipe . join(' ', map { ref($_) ?
$$_ : shellquote
($_) } @$command);
374 $cmd = [ '/bin/bash', '-c', "$cmdstr" ];
376 $cmdstr = cmd2string
($cmd);
381 # see 'man bash' for option pipefail
382 $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmd" ];
407 foreach my $p (keys %param) {
408 if ($p eq 'timeout') {
409 $timeout = $param{$p};
410 } elsif ($p eq 'umask') {
411 $old_umask = umask($param{$p});
412 } elsif ($p eq 'errmsg') {
413 $errmsg = $param{$p};
414 } elsif ($p eq 'input') {
416 } elsif ($p eq 'output') {
417 $output = $param{$p};
418 } elsif ($p eq 'outfunc') {
419 $outfunc = $param{$p};
420 } elsif ($p eq 'errfunc') {
421 $errfunc = $param{$p};
422 } elsif ($p eq 'logfunc') {
423 $logfunc = $param{$p};
424 } elsif ($p eq 'afterfork') {
425 $afterfork = $param{$p};
426 } elsif ($p eq 'noerr') {
428 } elsif ($p eq 'keeplocale') {
429 $keeplocale = $param{$p};
430 } elsif ($p eq 'quiet') {
433 die "got unknown parameter '$p' for run_command\n";
438 my $origerrfunc = $errfunc;
442 &$origerrfunc("$laststderr\n");
444 print STDERR
"$laststderr\n" if $laststderr;
451 my $reader = $output && $output =~ m/^>&/ ?
$output : IO
::File-
>new();
452 my $writer = $input && $input =~ m/^<&/ ?
$input : IO
::File-
>new();
453 my $error = IO
::File-
>new();
458 local $ENV{LC_ALL
} = 'C' if !$keeplocale;
460 # suppress LVM warnings like: "File descriptor 3 left open";
461 local $ENV{LVM_SUPPRESS_FD_WARNINGS
} = "1";
463 $pid = open3
($writer, $reader, $error, @$cmd) || die $!;
465 # if we pipe fron STDIN, open3 closes STDIN, so we get a perl warning like
466 # "Filehandle STDIN reopened as GENXYZ .. " as soon as we open a new file.
467 # to avoid that we open /dev/null
468 if (!ref($writer) && !defined(fileno(STDIN
))) {
470 open(STDIN
, '<', '/dev/null');
477 if ($orig_pid != $$) {
485 local $SIG{ALRM
} = sub { die "got timeout\n"; } if $timeout;
486 $oldtimeout = alarm($timeout) if $timeout;
488 &$afterfork() if $afterfork;
491 print $writer $input if defined $input;
495 my $select = IO
::Select-
>new();
496 $select->add($reader) if ref($reader);
497 $select->add($error);
502 my $starttime = time();
504 while ($select->count) {
505 my @handles = $select->can_read(1);
507 foreach my $h (@handles) {
509 my $count = sysread ($h, $buf, 4096);
510 if (!defined ($count)) {
516 $select->remove ($h) if !$count;
518 if ($outfunc || $logfunc) {
520 while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) {
521 my $line = $outlog . $1;
523 &$outfunc($line) if $outfunc;
524 &$logfunc($line) if $logfunc;
538 } elsif ($h eq $error) {
539 if ($errfunc || $logfunc) {
541 while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) {
542 my $line = $errlog . $1;
544 &$errfunc($line) if $errfunc;
545 &$logfunc($line) if $logfunc;
563 &$outfunc($outlog) if $outfunc && $outlog;
564 &$logfunc($outlog) if $logfunc && $outlog;
566 &$errfunc($errlog) if $errfunc && $errlog;
567 &$logfunc($errlog) if $logfunc && $errlog;
572 die "failed to execute\n";
573 } elsif (my $sig = ($? & 127)) {
574 die "got signal $sig\n";
575 } elsif ($exitcode = ($? >> 8)) {
576 if (!($exitcode == 24 && ($cmdstr =~ m
|^(\S
+/)?rsync\s
|))) {
577 if ($errmsg && $laststderr) {
578 my $lerr = $laststderr;
582 die "exit code $exitcode\n";
593 if ($errmsg && $laststderr) {
594 &$errfunc(undef); # flush laststderr
597 umask ($old_umask) if defined($old_umask);
599 alarm($oldtimeout) if $oldtimeout;
602 if ($pid && ($err eq "got timeout\n")) {
605 die "command '$cmdstr' failed: $err";
609 $err =~ s/^usermod:\s*// if $cmdstr =~ m
|^(\S
+/)?usermod\s
|;
612 die "command '$cmdstr' failed: $err";
619 # Run a command with a tcp socket as standard input.
620 sub pipe_socket_to_command
{
621 my ($cmd, $ip, $port) = @_;
626 Proto
=> &Socket
::IPPROTO_TCP
,
627 GetAddrInfoFlags
=> 0,
631 my $socket = IO
::Socket
::IP-
>new(%$params) or die "failed to open socket: $!\n";
633 print "$ip\n$port\n"; # tell remote where to connect
637 local $SIG{ALRM
} = sub { die "timed out waiting for client\n" };
639 my $client = $socket->accept; # Wait for a client
643 # We want that the command talks over the TCP socket and takes
644 # ownership of it, so that when it closes it the connection is
645 # terminated, so we need to be able to close the socket. So we
646 # can't really use PVE::Tools::run_command().
647 my $pid = fork() // die "fork failed: $!\n";
649 POSIX
::dup2
(fileno($client), 0);
650 POSIX
::dup2
(fileno($client), 1);
652 exec {$cmd->[0]} @$cmd or do {
653 warn "exec failed: $!\n";
659 if (waitpid($pid, 0) != $pid) {
660 kill(15 => $pid); # if we got interrupted terminate the child
662 while (waitpid($pid, POSIX
::WNOHANG
) != $pid) {
665 kill(9 => $pid), last if $count > 300; # 30 second timeout
668 if (my $sig = ($? & 127)) {
669 die "got signal $sig\n";
670 } elsif (my $exitcode = ($? >> 8)) {
671 die "exit code $exitcode\n";
678 my $listtxt = shift // '';
680 return split (/\0/, $listtxt) if $listtxt =~ m/\0/;
682 $listtxt =~ s/[,;]/ /g;
683 $listtxt =~ s/^\s+//;
685 my @data = split (/\s+/, $listtxt);
693 return $txt if !defined($txt);
701 # simple uri templates like "/vms/{vmid}"
702 sub template_replace
{
703 my ($tmpl, $data) = @_;
705 return $tmpl if !$tmpl;
708 while ($tmpl =~ m/([^{]+)?(\{([^}]+)\})?/g) {
710 $res .= ($data->{$3} || '-') if $2;
716 my ($filename, $fh, $data) = @_;
720 my $res = print $fh $data;
722 die "write to '$filename' failed\n" if !$res;
728 'at' => 'ftp.at.debian.org',
729 'au' => 'ftp.au.debian.org',
730 'be' => 'ftp.be.debian.org',
731 'bg' => 'ftp.bg.debian.org',
732 'br' => 'ftp.br.debian.org',
733 'ca' => 'ftp.ca.debian.org',
734 'ch' => 'ftp.ch.debian.org',
735 'cl' => 'ftp.cl.debian.org',
736 'cz' => 'ftp.cz.debian.org',
737 'de' => 'ftp.de.debian.org',
738 'dk' => 'ftp.dk.debian.org',
739 'ee' => 'ftp.ee.debian.org',
740 'es' => 'ftp.es.debian.org',
741 'fi' => 'ftp.fi.debian.org',
742 'fr' => 'ftp.fr.debian.org',
743 'gr' => 'ftp.gr.debian.org',
744 'hk' => 'ftp.hk.debian.org',
745 'hr' => 'ftp.hr.debian.org',
746 'hu' => 'ftp.hu.debian.org',
747 'ie' => 'ftp.ie.debian.org',
748 'is' => 'ftp.is.debian.org',
749 'it' => 'ftp.it.debian.org',
750 'jp' => 'ftp.jp.debian.org',
751 'kr' => 'ftp.kr.debian.org',
752 'mx' => 'ftp.mx.debian.org',
753 'nl' => 'ftp.nl.debian.org',
754 'no' => 'ftp.no.debian.org',
755 'nz' => 'ftp.nz.debian.org',
756 'pl' => 'ftp.pl.debian.org',
757 'pt' => 'ftp.pt.debian.org',
758 'ro' => 'ftp.ro.debian.org',
759 'ru' => 'ftp.ru.debian.org',
760 'se' => 'ftp.se.debian.org',
761 'si' => 'ftp.si.debian.org',
762 'sk' => 'ftp.sk.debian.org',
763 'tr' => 'ftp.tr.debian.org',
764 'tw' => 'ftp.tw.debian.org',
765 'gb' => 'ftp.uk.debian.org',
766 'us' => 'ftp.us.debian.org',
771 'dk' => ['Danish', 'da', 'qwerty/dk-latin1.kmap.gz', 'dk', 'nodeadkeys'],
772 'de' => ['German', 'de', 'qwertz/de-latin1-nodeadkeys.kmap.gz', 'de', 'nodeadkeys' ],
773 'de-ch' => ['Swiss-German', 'de-ch', 'qwertz/sg-latin1.kmap.gz', 'ch', 'de_nodeadkeys' ],
774 'en-gb' => ['United Kingdom', 'en-gb', 'qwerty/uk.kmap.gz' , 'gb', undef],
775 'en-us' => ['U.S. English', 'en-us', 'qwerty/us-latin1.kmap.gz', 'us', undef ],
776 'es' => ['Spanish', 'es', 'qwerty/es.kmap.gz', 'es', 'nodeadkeys'],
777 #'et' => [], # Ethopia or Estonia ??
778 'fi' => ['Finnish', 'fi', 'qwerty/fi-latin1.kmap.gz', 'fi', 'nodeadkeys'],
779 #'fo' => ['Faroe Islands', 'fo', ???, 'fo', 'nodeadkeys'],
780 'fr' => ['French', 'fr', 'azerty/fr-latin1.kmap.gz', 'fr', 'nodeadkeys'],
781 'fr-be' => ['Belgium-French', 'fr-be', 'azerty/be2-latin1.kmap.gz', 'be', 'nodeadkeys'],
782 'fr-ca' => ['Canada-French', 'fr-ca', 'qwerty/cf.kmap.gz', 'ca', 'fr-legacy'],
783 'fr-ch' => ['Swiss-French', 'fr-ch', 'qwertz/fr_CH-latin1.kmap.gz', 'ch', 'fr_nodeadkeys'],
784 #'hr' => ['Croatia', 'hr', 'qwertz/croat.kmap.gz', 'hr', ??], # latin2?
785 'hu' => ['Hungarian', 'hu', 'qwertz/hu.kmap.gz', 'hu', undef],
786 'is' => ['Icelandic', 'is', 'qwerty/is-latin1.kmap.gz', 'is', 'nodeadkeys'],
787 'it' => ['Italian', 'it', 'qwerty/it2.kmap.gz', 'it', 'nodeadkeys'],
788 'jp' => ['Japanese', 'ja', 'qwerty/jp106.kmap.gz', 'jp', undef],
789 'lt' => ['Lithuanian', 'lt', 'qwerty/lt.kmap.gz', 'lt', 'std'],
790 #'lv' => ['Latvian', 'lv', 'qwerty/lv-latin4.kmap.gz', 'lv', ??], # latin4 or latin7?
791 'mk' => ['Macedonian', 'mk', 'qwerty/mk.kmap.gz', 'mk', 'nodeadkeys'],
792 'nl' => ['Dutch', 'nl', 'qwerty/nl.kmap.gz', 'nl', undef],
793 #'nl-be' => ['Belgium-Dutch', 'nl-be', ?, ?, ?],
794 'no' => ['Norwegian', 'no', 'qwerty/no-latin1.kmap.gz', 'no', 'nodeadkeys'],
795 'pl' => ['Polish', 'pl', 'qwerty/pl.kmap.gz', 'pl', undef],
796 'pt' => ['Portuguese', 'pt', 'qwerty/pt-latin1.kmap.gz', 'pt', 'nodeadkeys'],
797 'pt-br' => ['Brazil-Portuguese', 'pt-br', 'qwerty/br-latin1.kmap.gz', 'br', 'nodeadkeys'],
798 #'ru' => ['Russian', 'ru', 'qwerty/ru.kmap.gz', 'ru', undef], # don't know?
799 'si' => ['Slovenian', 'sl', 'qwertz/slovene.kmap.gz', 'si', undef],
800 'se' => ['Swedish', 'sv', 'qwerty/se-latin1.kmap.gz', 'se', 'nodeadkeys'],
802 'tr' => ['Turkish', 'tr', 'qwerty/trq.kmap.gz', 'tr', undef],
805 my $kvmkeymaparray = [];
806 foreach my $lc (sort keys %$keymaphash) {
807 push @$kvmkeymaparray, $keymaphash->{$lc}->[1];
815 return $kvmkeymaparray;
819 my ($param, $key) = @_;
821 my $res = $param->{$key};
822 delete $param->{$key};
827 # For extracting sensitive keys (e.g. password), to avoid writing them to www-data owned configs
828 sub extract_sensitive_params
:prototype($$$) {
829 my ($param, $sensitive_list, $delete_list) = @_;
831 my %delete = map { $_ => 1 } ($delete_list || [])->@*;
834 for my $opt (@$sensitive_list) {
835 # handle deletions as explicitly setting `undef`, so subs which only have $param but not
836 # $delete_list available can recognize them. Afterwards new values may override.
837 if (exists($delete{$opt})) {
838 $sensitive->{$opt} = undef;
841 if (defined(my $value = extract_param
($param, $opt))) {
842 $sensitive->{$opt} = $value;
849 # Note: we use this to wait until vncterm/spiceterm is ready
850 sub wait_for_vnc_port
{
851 my ($port, $family, $timeout) = @_;
853 $timeout = 5 if !$timeout;
855 my $starttime = [gettimeofday
];
858 my $cmd = ['/bin/ss', '-Htln', "sport = :$port"];
859 push @$cmd, $family == AF_INET6 ?
'-6' : '-4' if defined($family);
862 while (($elapsed = tv_interval
($starttime)) < $timeout) {
863 # -Htln = don't print header, tcp, listening sockets only, numeric ports
864 run_command
($cmd, outfunc
=> sub {
866 if ($line =~ m/^LISTEN\s+\d+\s+\d+\s+\S+:(\d+)\s/) {
867 $found = 1 if ($port == $1);
871 $sleeptime += 100000 if $sleeptime < 1000000;
875 die "Timeout while waiting for port '$port' to get ready!\n";
878 sub next_unused_port
{
879 my ($range_start, $range_end, $family, $address) = @_;
881 # We use a file to register allocated ports.
882 # Those registrations expires after $expiretime.
883 # We use this to avoid race conditions between
884 # allocation and use of ports.
886 my $filename = "/var/tmp/pve-reserved-ports";
895 if (my $fh = IO
::File-
>new ($filename, "r")) {
896 while (my $line = <$fh>) {
897 if ($line =~ m/^(\d+)\s(\d+)$/) {
898 my ($port, $timestamp) = ($1, $2);
899 if (($timestamp + $expiretime) > $ctime) {
900 $ports->{$port} = $timestamp; # not expired
907 my %sockargs = (Listen
=> 5,
910 Proto
=> IPPROTO_TCP
,
911 GetAddrInfoFlags
=> 0);
912 $sockargs{LocalAddr
} = $address if defined($address);
914 for (my $p = $range_start; $p < $range_end; $p++) {
915 next if $ports->{$p}; # reserved
917 $sockargs{LocalPort
} = $p;
918 my $sock = IO
::Socket
::IP-
>new(%sockargs);
923 $ports->{$p} = $ctime;
929 foreach my $p (keys %$ports) {
930 $data .= "$p $ports->{$p}\n";
933 file_set_contents
($filename, $data);
938 my $p = lock_file
('/var/lock/pve-ports.lck', 10, $code);
941 die "unable to find free port (${range_start}-${range_end})\n" if !$p;
946 sub next_migrate_port
{
947 my ($family, $address) = @_;
948 return next_unused_port
(60000, 60050, $family, $address);
952 my ($family, $address) = @_;
953 return next_unused_port
(5900, 6000, $family, $address);
956 sub spice_port_range
{
957 return (61000, 61999);
960 sub next_spice_port
{
961 my ($family, $address) = @_;
962 return next_unused_port
(spice_port_range
(), $family, $address);
967 eval { $value = "$value" };
968 return "error turning value into a string: $@" if $@;
972 # sigkill after $timeout a $sub running in a fork if it can't write a pipe
973 # the $sub has to return a single scalar
974 sub run_fork_with_timeout
{
975 my ($timeout, $sub) = @_;
979 my $pipe_out = IO
::Pipe-
>new();
981 # disable pending alarms, save their remaining time
982 my $prev_alarm = alarm 0;
984 # avoid leaving a zombie if the parent gets interrupted
988 if (!defined($child)) {
989 die "fork failed: $!\n";
998 print {$pipe_out} encode_json
({ result
=> $res });
1002 print {$pipe_out} encode_json
({ error
=> must_stringify
($err) });
1009 local $SIG{INT
} = sub { $sig_received++; };
1010 local $SIG{TERM
} = sub {
1011 $error //= "interrupted by unexpected signal\n";
1012 kill('TERM', $child);
1015 $pipe_out->reader();
1017 my $readvalues = sub {
1019 my $child_res = decode_json
(readline_nointr
($pipe_out));
1020 $res = $child_res->{result
};
1021 $error = $child_res->{error
};
1024 my $got_timeout = 0;
1025 my $wantarray = wantarray; # so it can be queried inside eval
1027 if (defined($timeout)) {
1029 (undef, $got_timeout) = run_with_timeout
($timeout, $readvalues);
1031 run_with_timeout
($timeout, $readvalues);
1039 kill('KILL', $child);
1040 # FIXME: hangs if $child doesn't exits?! (D state)
1044 die "interrupted by unexpected signal\n" if $sig_received;
1046 die $error if $error;
1047 return wantarray ?
($res, $got_timeout) : $res;
1052 return run_fork_with_timeout
(undef, $code);
1055 # NOTE: NFS syscall can't be interrupted, so alarm does
1056 # not work to provide timeouts.
1057 # from 'man nfs': "Only SIGKILL can interrupt a pending NFS operation"
1058 # So fork() before using Filesys::Df
1060 my ($path, $timeout) = @_;
1062 my $df = sub { return Filesys
::Df
::df
($path, 1) };
1064 my $res = eval { run_fork_with_timeout
($timeout, $df) } // {};
1067 # untaint, but be flexible: PB usage can result in scientific notation
1068 my ($blocks, $used, $bavail) = map { defined($_) ?
(/^([\d\.e\-+]+)$/) : 0 }
1069 $res->@{qw(blocks used bavail)};
1079 my ($path, $timeout) = @_;
1088 if ($line =~ m/^(\d+)\s+total$/) {
1093 run_command
(['du', '-scb', $path], outfunc
=> $parser, timeout
=> $timeout);
1099 # We use this to uniquely identify a process.
1100 # An 'Unique Process ID' has the following format:
1101 # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user"
1106 # Note: pstart can be > 32bit if uptime > 497 days, so this can result in
1107 # more that 8 characters for pstart
1108 return sprintf("UPID:%s:%08X:%08X:%08X:%s:%s:%s:", $d->{node
}, $d->{pid
},
1109 $d->{pstart
}, $d->{starttime
}, $d->{type
}, $d->{id
},
1114 my ($upid, $noerr) = @_;
1119 # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user"
1120 # Note: allow up to 9 characters for pstart (work until 20 years uptime)
1121 if ($upid =~ m/^UPID:([a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):([0-9A-Fa-f]{8}):([0-9A-Fa-f]{8,9}):([0-9A-Fa-f]{8}):([^:\s]+):([^:\s]*):([^:\s]+):$/) {
1123 $res->{pid
} = hex($3);
1124 $res->{pstart
} = hex($4);
1125 $res->{starttime
} = hex($5);
1130 my $subdir = substr($5, 7, 8);
1131 $filename = "$pvetaskdir/$subdir/$upid";
1134 return undef if $noerr;
1135 die "unable to parse worker upid '$upid'\n";
1138 return wantarray ?
($res, $filename) : $res;
1144 my ($task, $filename) = upid_decode
($upid);
1146 my $dirname = dirname
($filename);
1147 make_path
($dirname);
1149 my $wwwid = getpwnam('www-data') ||
1150 die "getpwnam failed";
1154 my $outfh = IO
::File-
>new ($filename, O_WRONLY
|O_CREAT
|O_EXCL
, $perm) ||
1155 die "unable to create output file '$filename' - $!\n";
1156 chown $wwwid, -1, $outfh;
1161 sub upid_read_status
{
1164 my ($task, $filename) = upid_decode
($upid);
1165 my $fh = IO
::File-
>new($filename, "r");
1166 return "unable to open file - $!" if !$fh;
1168 sysseek($fh, -$maxlen, 2);
1170 my $br = sysread($fh, $readbuf, $maxlen);
1173 return "unable to extract last line"
1174 if $readbuf !~ m/\n?(.+)$/;
1176 if ($line =~ m/^TASK OK$/) {
1178 } elsif ($line =~ m/^TASK ERROR: (.+)$/) {
1180 } elsif ($line =~ m/^TASK (WARNINGS: \d+)$/) {
1183 return "unexpected status";
1186 return "unable to read tail (got $br bytes)";
1189 # Check if the status returned by upid_read_status is an error status.
1190 # If the status could not be parsed it's also treated as an error.
1191 sub upid_status_is_error
{
1194 return !($status eq 'OK' || $status =~ m/^WARNINGS: \d+$/);
1197 # takes the parsed status and returns the type, either ok, warning, error or unknown
1198 sub upid_normalize_status_type
{
1203 } elsif ($status eq 'OK') {
1205 } elsif ($status =~ m/^WARNINGS: \d+$/) {
1207 } elsif ($status eq 'unexpected status') {
1214 # useful functions to store comments in config files
1218 # all control and hi-bit characters, and ':'
1219 my $unsafe = "^\x20-\x39\x3b-\x7e";
1220 return uri_escape
(Encode
::encode
("utf8", $text), $unsafe);
1226 return Encode
::decode
("utf8", uri_unescape
($data));
1229 # NOTE: deprecated - do not use! we now decode all parameters by default
1230 sub decode_utf8_parameters
{
1233 foreach my $p (qw(comment description firstname lastname)) {
1234 $param->{$p} = decode
('utf8', $param->{$p}) if $param->{$p};
1240 sub random_ether_addr
{
1243 my ($seconds, $microseconds) = gettimeofday
;
1245 my $rand = Digest
::SHA
::sha1
($$, rand(), $seconds, $microseconds);
1247 # clear multicast, set local id
1248 vec($rand, 0, 8) = (vec($rand, 0, 8) & 0xfe) | 2;
1250 my $addr = sprintf("%02X:%02X:%02X:%02X:%02X:%02X", unpack("C6", $rand));
1251 if (defined($prefix)) {
1252 $addr = uc($prefix) . substr($addr, length($prefix));
1260 return String
::ShellQuote
::shell_quote
($str);
1266 die "no arguments" if !$cmd;
1268 return $cmd if !ref($cmd);
1271 foreach my $arg (@$cmd) { push @qa, shellquote
($arg); }
1273 return join (' ', @qa);
1276 # split an shell argument string into an array,
1280 return $str ?
[ Text
::ParseWords
::shellwords
($str) ] : [];
1283 sub dump_logfile_by_filehandle
{
1284 my ($fh, $filter, $state) = @_;
1286 my $count = ($state->{count
} //= 0);
1287 my $lines = ($state->{lines
} //= []);
1288 my $start = ($state->{start
} //= 0);
1289 my $limit = ($state->{limit
} //= 50);
1290 my $final = ($state->{final
} //= 1);
1291 my $read_until_end = ($state->{read_until_end
} //= $limit == 0);
1295 # duplicate code, so that we do not slow down normal path
1296 while (defined($line = <$fh>)) {
1297 if (ref($filter) eq 'CODE') {
1298 next if !$filter->($line);
1300 next if $line !~ m/$filter/;
1302 next if $count++ < $start;
1303 if (!$read_until_end) {
1304 next if $limit <= 0;
1308 push @$lines, { n
=> $count, t
=> $line};
1311 while (defined($line = <$fh>)) {
1312 next if $count++ < $start;
1313 if (!$read_until_end) {
1314 next if $limit <= 0;
1318 push @$lines, { n
=> $count, t
=> $line};
1322 # HACK: ExtJS store.guaranteeRange() does not like empty array
1324 if (!$count && $final) {
1326 push @$lines, { n
=> $count, t
=> "no content"};
1329 $state->{count
} = $count;
1330 $state->{limit
} = $limit;
1334 my ($filename, $start, $limit, $filter) = @_;
1336 my $fh = IO
::File-
>new($filename, "r");
1338 return (1, { n
=> 1, t
=> "unable to open file - $!"});
1348 dump_logfile_by_filehandle
($fh, $filter, \
%state);
1352 return ($state{'count'}, $state{'lines'});
1356 my ($start, $limit, $since, $until, $service) = @_;
1361 $start = 0 if !$start;
1362 $limit = 50 if !$limit;
1367 return if $count++ < $start;
1368 return if $limit <= 0;
1369 push @$lines, { n
=> int($count), t
=> $line};
1373 my $cmd = ['journalctl', '-o', 'short', '--no-pager'];
1375 push @$cmd, '--unit', $service if $service;
1376 push @$cmd, '--since', $since if $since;
1377 push @$cmd, '--until', $until if $until;
1378 run_command
($cmd, outfunc
=> $parser);
1380 # HACK: ExtJS store.guaranteeRange() does not like empty array
1384 push @$lines, { n
=> $count, t
=> "no content"};
1387 return ($count, $lines);
1390 sub dir_glob_regex
{
1391 my ($dir, $regex) = @_;
1393 my $dh = IO
::Dir-
>new ($dir);
1394 return wantarray ?
() : undef if !$dh;
1396 while (defined(my $tmp = $dh->read)) {
1397 if (my @res = $tmp =~ m/^($regex)$/) {
1399 return wantarray ?
@res : $tmp;
1404 return wantarray ?
() : undef;
1407 sub dir_glob_foreach
{
1408 my ($dir, $regex, $func) = @_;
1410 my $dh = IO
::Dir-
>new ($dir);
1412 while (defined(my $tmp = $dh->read)) {
1413 if (my @res = $tmp =~ m/^($regex)$/) {
1420 sub assert_if_modified
{
1421 my ($digest1, $digest2) = @_;
1423 if ($digest1 && $digest2 && ($digest1 ne $digest2)) {
1424 die "detected modified configuration - file changed by other user? Try again.\n";
1428 # Digest for short strings
1429 # like FNV32a, but we only return 31 bits (positive numbers)
1433 my $hval = 0x811c9dc5;
1435 foreach my $c (unpack('C*', $string)) {
1443 $hval = $hval & 0xffffffff;
1445 return $hval & 0x7fffffff;
1448 sub fnv31a_hex
{ return sprintf("%X", fnv31a
(@_)); }
1450 sub unpack_sockaddr_in46
{
1452 my $family = Socket
::sockaddr_family
($sin);
1453 my ($port, $host) = ($family == AF_INET6 ? Socket
::unpack_sockaddr_in6
($sin)
1454 : Socket
::unpack_sockaddr_in
($sin));
1455 return ($family, $port, $host);
1458 sub getaddrinfo_all
{
1459 my ($hostname, @opts) = @_;
1461 flags
=> AI_V4MAPPED
| AI_ALL
,
1464 my ($err, @res) = Socket
::getaddrinfo
($hostname, '0', \
%hints);
1465 die "failed to get address info for: $hostname: $err\n" if $err;
1469 sub get_host_address_family
{
1470 my ($hostname, $socktype) = @_;
1471 my @res = getaddrinfo_all
($hostname, socktype
=> $socktype);
1472 return $res[0]->{family
};
1475 # get the fully qualified domain name of a host
1476 # same logic as hostname(1): The FQDN is the name getaddrinfo(3) returns,
1477 # given a nodename as a parameter
1479 my ($nodename) = @_;
1482 flags
=> AI_CANONNAME
,
1483 socktype
=> SOCK_DGRAM
1486 my ($err, @addrs) = Socket
::getaddrinfo
($nodename, undef, $hints);
1488 die "getaddrinfo: $err" if $err;
1490 return $addrs[0]->{canonname
};
1493 # Parses any sane kind of host, or host+port pair:
1494 # The port is always optional and thus may be undef.
1495 sub parse_host_and_port
{
1497 if ($address =~ /^($IPV4RE|[[:alnum:]\-.]+)(?::(\d+))?$/ || # ipv4 or host with optional ':port'
1498 $address =~ /^\[($IPV6RE|$IPV4RE|[[:alnum:]\-.]+)\](?::(\d+))?$/ || # anything in brackets with optional ':port'
1499 $address =~ /^($IPV6RE)(?:\.(\d+))?$/) # ipv6 with optional port separated by dot
1501 return ($1, $2, 1); # end with 1 to support simple if(parse...) tests
1506 sub setresuid
($$$) {
1507 my ($ruid, $euid, $suid) = @_;
1508 return 0 == syscall(PVE
::Syscall
::setresuid
, int($ruid), int($euid), int($suid));
1513 return 0 == syscall(PVE
::Syscall
::unshare
, int($flags));
1517 my ($fileno, $nstype) = @_;
1518 return 0 == syscall(PVE
::Syscall
::setns
, int($fileno), int($nstype));
1523 return 0 == syscall(PVE
::Syscall
::syncfs
, int($fileno));
1528 return 0 == syscall(PVE
::Syscall
::fsync
, int($fileno));
1531 sub renameat2
($$$$$) {
1532 my ($olddirfd, $oldpath, $newdirfd, $newpath, $flags) = @_;
1533 return 0 == syscall(
1534 PVE
::Syscall
::renameat2
,
1543 sub sync_mountpoint
{
1545 sysopen my $fd, $path, O_RDONLY
|O_CLOEXEC
or die "failed to open $path: $!\n";
1547 if (!syncfs
(fileno($fd))) {
1551 die "syncfs '$path' failed - $syncfs_err\n" if defined $syncfs_err;
1554 my sub check_mail_addr
{
1556 die "'$addr' does not look like a valid email address or username\n"
1557 if $addr !~ /^$EMAIL_RE$/ && $addr !~ /^$EMAIL_USER_RE$/;
1560 # support sending multi-part mail messages with a text and or a HTML part
1561 # mailto may be a single email string or an array of receivers
1563 my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_;
1565 $mailto = [ $mailto ] if !ref($mailto);
1567 check_mail_addr
($_) for $mailto->@*;
1568 my $to_quoted = [ map { shellquote
($_) } $mailto->@* ];
1570 $mailfrom = $mailfrom || "root";
1571 check_mail_addr
($mailfrom);
1572 my $from_quoted = shellquote
($mailfrom);
1574 $author = $author // 'Proxmox VE';
1576 open (my $mail, "|-", "sendmail", "-B", "8BITMIME", "-f", $from_quoted, "--", $to_quoted->@*)
1577 or die "unable to open 'sendmail' - $!";
1579 my $is_multipart = $text && $html;
1580 my $boundary = "----_=_NextPart_001_" . int(time()) . $$; # multipart spec, see rfc 1521
1582 $subject = Encode
::encode
('MIME-Header', $subject) if $subject =~ /[^[:ascii:]]/;
1584 print $mail "MIME-Version: 1.0\n" if $subject =~ /[^[:ascii:]]/ || $is_multipart;
1586 print $mail "From: $author <$mailfrom>\n";
1587 print $mail "To: " . join(', ', @$mailto) ."\n";
1588 print $mail "Date: " . time2str
('%a, %d %b %Y %H:%M:%S %z', time()) . "\n";
1589 print $mail "Subject: $subject\n";
1591 if ($is_multipart) {
1592 print $mail "Content-Type: multipart/alternative;\n";
1593 print $mail "\tboundary=\"$boundary\"\n";
1595 print $mail "This
is a multi-part message
in MIME format
.\n\n";
1596 print $mail "--$boundary\n";
1599 if (defined($text)) {
1600 print $mail "Content-Type
: text
/plain
;\n";
1601 print $mail "Auto-Submitted
: auto-generated
;\n";
1602 print $mail "\tcharset
=\"UTF-8
\"\n";
1603 print $mail "Content-Transfer-Encoding
: 8bit
\n";
1606 # avoid 'remove extra line breaks' issue (MS Outlook)
1608 $text =~ s/^/$fill/gm;
1612 print $mail "\n--$boundary\n" if $is_multipart;
1615 if (defined($html)) {
1616 print $mail "Content-Type
: text
/html
;\n";
1617 print $mail "Auto-Submitted
: auto-generated
;\n";
1618 print $mail "\tcharset
=\"UTF-8
\"\n";
1619 print $mail "Content-Transfer-Encoding
: 8bit
\n";
1624 print $mail "\n--$boundary--\n" if $is_multipart;
1630 # creates a temporary file that does not shows up on the file system hierarchy.
1632 # Uses O_TMPFILE if available, which makes it just an anon inode that never shows up in the FS.
1633 # If O_TMPFILE is not available, which unlikely nowadays (added in 3.11 kernel and all FS relevant
1634 # for us support it) back to open-create + immediate unlink while still holding the file handle.
1636 # TODO: to avoid FS dependent features we could (transparently) switch to memfd_create as backend
1638 my ($perm, %opts) = @_;
1640 # default permissions are stricter than with file_set_contents
1641 $perm = 0600 if !defined($perm);
1643 my $dir = $opts{dir};
1645 if (-d "/run/user
/$<") {
1646 $dir = "/run/user
/$<";
1653 my $mode = $opts{mode} // O_RDWR;
1654 $mode |= O_EXCL if !$opts{allow_links};
1656 my $fh = IO::File->new($dir, $mode | O_TMPFILE, $perm);
1657 if (!$fh && $! == EOPNOTSUPP) {
1658 $dir = '/tmp' if !defined($opts{dir});
1659 $dir .= "/.tmpfile
.$$";
1660 $fh = IO::File->new($dir, $mode | O_CREAT | O_EXCL, $perm);
1661 unlink($dir) if $fh;
1663 die "failed to create tempfile
: $!\n" if !$fh;
1667 # create an (ideally) anon file with the $data as content and return its FD-path and FH
1668 sub tempfile_contents {
1669 my ($data, $perm, %opts) = @_;
1671 my $fh = tempfile($perm, %opts);
1673 die "unable to
write to tempfile
: $!\n" if !print {$fh} $data;
1674 die "unable to flush to tempfile
: $!\n" if !defined($fh->flush());
1681 return ("/proc/$$/fd/".$fh->fileno, $fh);
1684 sub validate_ssh_public_keys {
1686 my @lines = split(/\n/, $raw);
1688 foreach my $line (@lines) {
1689 next if $line =~ m/^\s*$/;
1691 my ($filename, $handle) = tempfile_contents($line);
1692 run_command(["ssh-keygen
", "-l
", "-f
", $filename],
1693 outfunc => sub {}, errfunc => sub {});
1695 die "SSH public key validation error
\n" if $@;
1700 my ($dirfd, $pathname, $flags, $mode) = @_;
1701 $dirfd = int($dirfd);
1702 $flags = int($flags);
1703 $mode = int($mode // 0);
1705 my $fd = syscall(PVE::Syscall::openat, $dirfd, $pathname, $flags, $mode);
1706 return undef if $fd < 0;
1707 # sysopen() doesn't deal with numeric file descriptors apparently
1708 # so we need to convert to a mode string for IO::Handle->new_from_fd
1709 my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r';
1710 my $handle = IO::Handle->new_from_fd($fd, $flagstr);
1711 return $handle if $handle;
1712 my $err = $!; # save error before closing the raw fd
1713 syscall(PVE::Syscall::close, $fd); # close
1719 my ($dirfd, $name, $mode) = @_;
1720 return syscall(PVE::Syscall::mkdirat, int($dirfd), $name, int($mode)) == 0;
1724 my ($filename, $mode, $dev) = @_;
1725 return syscall(PVE::Syscall::SYS_mknod, $filename, int($mode), int($dev)) == 0;
1728 sub fchownat($$$$$) {
1729 my ($dirfd, $pathname, $owner, $group, $flags) = @_;
1731 PVE::Syscall::fchownat,
1740 my $salt_starter = time();
1746 my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8);
1748 # crypt does not want '+' in salt (see 'man crypt')
1751 return crypt(encode("utf8
", $pw), "\
$5\$$salt\$");
1754 # intended usage: convert_size($val, "kb
" => "gb
")
1755 # we round up to the next integer by default
1756 # E.g. `convert_size(1023, "b
" => "kb
")` returns 1
1757 # use $no_round_up to switch this off, above example would then return 0
1758 # this is also true for converting down e.g. 0.0005 gb to mb returns 1
1759 # (0 if $no_round_up is true)
1760 # allowed formats for value:
1766 my ($value, $from, $to, $no_round_up) = @_;
1777 die "no value
given"
1778 if !defined($value) || $value eq "";
1780 $from = lc($from // ''); $to = lc($to // '');
1781 die "unknown
'from' and/or 'to' units
($from => $to)"
1782 if !defined($units->{$from}) || !defined($units->{$to});
1784 die "value
'$value' is not a valid
, positive number
"
1785 if $value !~ m/^(?:[0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)$/;
1787 my $shift_amount = ($units->{$from} - $units->{$to}) * 10;
1789 $value *= 2**$shift_amount;
1790 $value++ if !$no_round_up && ($value - int($value)) > 0.0;
1795 # uninterruptible readline
1797 sub readline_nointr {
1802 last if defined($line) || ($! != EINTR);
1809 $host_arch = (POSIX::uname())[4] if !$host_arch;
1813 # Devices are: [ (12 bits minor) (12 bits major) (8 bits minor) ]
1814 sub dev_t_major($) {
1816 return (int($dev_t) & 0xfff00) >> 8;
1819 sub dev_t_minor($) {
1821 $dev_t = int($dev_t);
1822 return (($dev_t >> 12) & 0xfff00) | ($dev_t & 0xff);
1825 # Given an array of array refs [ \[a b c], \[a b b], \[e b a] ]
1826 # Returns the intersection of elements as a single array [a b]
1827 sub array_intersect {
1830 if (!ref($arrays->[0])) {
1831 $arrays = [ grep { ref($_) eq 'ARRAY' } @_ ];
1834 return [] if scalar(@$arrays) == 0;
1835 return $arrays->[0] if scalar(@$arrays) == 1;
1837 my $array_unique = sub {
1839 return grep { ! $seen{ $_ }++ } @_;
1842 # base idea is to get all unique members from the first array, then
1843 # check the common elements with the next (uniquely made) one, only keep
1844 # those. Repeat for every array and at the end we only have those left
1845 # which exist in all arrays
1846 my $return_arr = [ $array_unique->(@{$arrays->[0]}) ];
1847 for my $i (1 .. $#$arrays) {
1849 # $return_arr is already unique, explicit at before the loop, implicit below.
1850 foreach my $element (@$return_arr, $array_unique->(@{$arrays->[$i]})) {
1854 foreach my $element (keys %count) {
1855 push @$return_arr, $element if $count{$element} > 1;
1857 last if scalar(@$return_arr) == 0; # empty intersection, early exit
1863 sub open_tree($$$) {
1864 my ($dfd, $pathname, $flags) = @_;
1865 return PVE::Syscall::file_handle_result(syscall(
1866 &PVE::Syscall::open_tree,
1873 sub move_mount($$$$$) {
1874 my ($from_dirfd, $from_pathname, $to_dirfd, $to_pathname, $flags) = @_;
1875 return 0 == syscall(
1876 &PVE::Syscall::move_mount,
1886 my ($fsname, $flags) = @_;
1887 return PVE::Syscall::file_handle_result(syscall(&PVE::Syscall::fsopen, $fsname, int($flags)));
1891 my ($fd, $flags, $mount_attrs) = @_;
1892 return PVE::Syscall::file_handle_result(syscall(
1893 &PVE::Syscall::fsmount,
1901 my ($dirfd, $pathname, $flags) = @_;
1902 return PVE::Syscall::file_handle_result(syscall(
1903 &PVE::Syscall::fspick,
1910 sub fsconfig($$$$$) {
1911 my ($fd, $command, $key, $value, $aux) = @_;
1912 return 0 == syscall(
1913 &PVE::Syscall::fsconfig,
1922 # "raw
" mount, old api, not for generic use (as it does not invoke any helpers).
1923 # use for lower level stuff such as bind/remount/... or simple tmpfs mounts
1925 my ($source, $target, $filesystemtype, $mountflags, $data) = @_;
1926 return 0 == syscall(
1927 &PVE::Syscall::mount,
1936 # size is optional and defaults to 256, note that xattr limits are FS specific and that xattrs can
1937 # get arbitrary long. pass `0` for $size in array context to get the actual size of a value
1938 sub getxattr($$;$) {
1939 my ($path_or_handle, $name, $size) = @_;
1941 my $buf = pack("x
${size
}");
1943 my $xattr_size = -1; # the actual size of the xattr, can be zero
1944 if (defined(my $fd = fileno($path_or_handle))) {
1945 $xattr_size = syscall(&PVE::Syscall::fgetxattr, $fd, $name, $buf, int($size));
1947 $xattr_size = syscall(&PVE::Syscall::getxattr, $path_or_handle, $name, $buf, int($size));
1949 if ($xattr_size < 0) {
1952 $buf = substr($buf, 0, $xattr_size);
1953 return wantarray ? ($buf, $xattr_size) : $buf;
1956 # NOTE: can take either a path or an open file handle, i.e., its multiplexing setxattr and fsetxattr
1957 sub setxattr($$$;$) {
1958 my ($path_or_handle, $name, $value, $flags) = @_;
1959 my $size = length($value); # NOTE: seems to get correct length also for wide-characters in text..
1961 if (defined(my $fd = fileno($path_or_handle))) {
1962 return 0 == syscall(
1963 &PVE::Syscall::fsetxattr,
1971 return 0 == syscall(
1972 &PVE::Syscall::setxattr,
1983 my ($left, $right, $cmp) = @_;
1985 return 0 if !defined($left) && !defined($right);
1986 return -1 if !defined($left);
1987 return 1 if !defined($right);
1988 return $cmp->($left, $right);
1992 # opts is a hash ref with the following known properties
1993 # allow_overwrite - if 1, overwriting existing files is allowed, use with care. Default to false
1994 # hash_required - if 1, at least one checksum has to be specified otherwise an error will be thrown
1997 # verify_certificates - if 0 (false) we tell wget to ignore untrusted TLS certs. Default to true
1998 # md5sum|sha(1|224|256|384|512)sum - the respective expected checksum string
1999 sub download_file_from_url {
2000 my ($dest, $url, $opts) = @_;
2002 my ($checksum_algorithm, $checksum_expected);
2003 for ('sha512', 'sha384', 'sha256', 'sha224', 'sha1', 'md5') {
2004 if (defined($opts->{"${_
}sum
"})) {
2005 $checksum_algorithm = $_;
2006 $checksum_expected = $opts->{"${_
}sum
"};
2010 die "checksum required but
not specified
\n" if ($opts->{hash_required} && !$checksum_algorithm);
2012 print "downloading
$url to
$dest\n";
2015 if ($checksum_algorithm) {
2016 print "calculating checksum of existing file
...";
2017 my $checksum_got = get_file_hash($checksum_algorithm, $dest);
2019 if (lc($checksum_got) eq lc($checksum_expected)) {
2020 print "OK
, got correct file already
, no need to download
\n";
2022 } elsif ($opts->{allow_overwrite}) {
2023 print "checksum mismatch
: got
'$checksum_got' != expect
'$checksum_expected', re-download
\n";
2025 print "\n"; # the front end expects the error to reside at the last line without any noise
2026 die "checksum mismatch
: got
'$checksum_got' != expect
'$checksum_expected', aborting
\n";
2028 } elsif (!$opts->{allow_overwrite}) {
2029 die "refusing to override existing file
'$dest'\n";
2033 my $tmp_download = "$dest.tmp_dwnl
.$$";
2034 my $tmp_decomp = "$dest.tmp_dcom
.$$";
2036 local $SIG{INT} = sub {
2037 unlink $tmp_download or warn "could
not cleanup temporary file
: $!"
2038 if -e $tmp_download;
2039 unlink $tmp_decomp or warn "could
not cleanup temporary file
: $!"
2040 if $opts->{decompression_command} && -e $tmp_decomp;
2041 die "got interrupted by signal
\n";
2044 { # limit the scope of the ENV change
2046 if ($opts->{http_proxy}) {
2047 $ENV{http_proxy} = $opts->{http_proxy};
2049 if ($opts->{https_proxy}) {
2050 $ENV{https_proxy} = $opts->{https_proxy};
2053 my $cmd = ['wget', '--progress=dot:giga', '-O', $tmp_download, $url];
2055 if (!($opts->{verify_certificates} // 1)) { # default to true
2056 push @$cmd, '--no-check-certificate';
2059 run_command($cmd, errmsg => "download failed
");
2062 if ($checksum_algorithm) {
2063 print "calculating checksum
...";
2065 my $checksum_got = get_file_hash($checksum_algorithm, $tmp_download);
2067 if (lc($checksum_got) eq lc($checksum_expected)) {
2068 print "OK
, checksum verified
\n";
2070 print "\n"; # the front end expects the error to reside at the last line without any noise
2071 die "checksum mismatch
: got
'$checksum_got' != expect
'$checksum_expected'\n";
2075 if (my $cmd = $opts->{decompression_command}) {
2076 push @$cmd, $tmp_download;
2078 if (!open($fh, ">", "$tmp_decomp")) {
2079 die "cant
open temporary file
$tmp_decomp for decompresson
: $!\n";
2081 print "decompressing
$tmp_download to
$tmp_decomp\n";
2082 run_command($cmd, output => '>&'.fileno($fh));
2083 unlink $tmp_download;
2084 rename($tmp_decomp, $dest) or die "unable to
rename temporary file
: $!\n";
2086 rename($tmp_download, $dest) or die "unable to
rename temporary file
: $!\n";
2090 unlink $tmp_download or warn "could
not cleanup temporary file
: $!"
2091 if -e $tmp_download;
2092 unlink $tmp_decomp or warn "could
not cleanup temporary file
: $!"
2093 if $opts->{decompression_command} && -e $tmp_decomp;
2097 print "download of
'$url' to
'$dest' finished
\n";
2101 my ($algorithm, $filename) = @_;
2103 my $algorithm_map = {
2104 'md5' => sub { Digest::MD5->new },
2105 'sha1' => sub { Digest::SHA->new(1) },
2106 'sha224' => sub { Digest::SHA->new(224) },
2107 'sha256' => sub { Digest::SHA->new(256) },
2108 'sha384' => sub { Digest::SHA->new(384) },
2109 'sha512' => sub { Digest::SHA->new(512) },
2112 my $digester = $algorithm_map->{$algorithm}->() or die "unknown algorithm
'$algorithm'\n";
2114 open(my $fh, '<', $filename) or die "unable to
open '$filename': $!\n";
2117 my $digest = $digester->addfile($fh)->hexdigest;