]> git.proxmox.com Git - proxmox-backup.git/blob - src/config/network.rs
projects / proxmox-backup.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
src/config/network.rs: use a simple String for comments
[proxmox-backup.git] / src / config / network.rs
1 use std::io::{Write};
2 use std::collections::{HashSet, HashMap};
3
4 use anyhow::{Error, format_err, bail};
5
6 use proxmox::tools::{fs::replace_file, fs::CreateOptions};
7
8 mod helper;
9 pub use helper::*;
10
11 mod lexer;
12 pub use lexer::*;
13
14 mod parser;
15 pub use parser::*;
16
17 use crate::api2::types::{Interface, NetworkConfigMethod, NetworkInterfaceType};
18
19 impl Interface {
20
21 pub fn new(name: String) -> Self {
22 Self {
23 name,
24 interface_type: NetworkInterfaceType::Unknown,
25 auto: false,
26 active: false,
27 method_v4: None,
28 method_v6: None,
29 cidr_v4: None,
30 gateway_v4: None,
31 cidr_v6: None,
32 gateway_v6: None,
33 options_v4: Vec::new(),
34 options_v6: Vec::new(),
35 comments_v4: None,
36 comments_v6: None,
37 mtu: None,
38 bridge_ports: None,
39 bond_slaves: None,
40 }
41 }
42
43 fn set_method_v4(&mut self, method: NetworkConfigMethod) -> Result<(), Error> {
44 if self.method_v4.is_none() {
45 self.method_v4 = Some(method);
46 } else {
47 bail!("inet configuration method already set.");
48 }
49 Ok(())
50 }
51
52 fn set_method_v6(&mut self, method: NetworkConfigMethod) -> Result<(), Error> {
53 if self.method_v6.is_none() {
54 self.method_v6 = Some(method);
55 } else {
56 bail!("inet6 configuration method already set.");
57 }
58 Ok(())
59 }
60
61 fn set_cidr_v4(&mut self, address: String) -> Result<(), Error> {
62 if self.cidr_v4.is_none() {
63 self.cidr_v4 = Some(address);
64 } else {
65 bail!("duplicate IPv4 address.");
66 }
67 Ok(())
68 }
69
70 fn set_gateway_v4(&mut self, gateway: String) -> Result<(), Error> {
71 if self.gateway_v4.is_none() {
72 self.gateway_v4 = Some(gateway);
73 } else {
74 bail!("duplicate IPv4 gateway.");
75 }
76 Ok(())
77 }
78
79 fn set_cidr_v6(&mut self, address: String) -> Result<(), Error> {
80 if self.cidr_v6.is_none() {
81 self.cidr_v6 = Some(address);
82 } else {
83 bail!("duplicate IPv6 address.");
84 }
85 Ok(())
86 }
87
88 fn set_gateway_v6(&mut self, gateway: String) -> Result<(), Error> {
89 if self.gateway_v6.is_none() {
90 self.gateway_v6 = Some(gateway);
91 } else {
92 bail!("duplicate IPv4 gateway.");
93 }
94 Ok(())
95 }
96
97 fn set_interface_type(&mut self, interface_type: NetworkInterfaceType) -> Result<(), Error> {
98 if self.interface_type == NetworkInterfaceType::Unknown {
99 self.interface_type = interface_type;
100 } else if self.interface_type != interface_type {
101 bail!("interface type already defined - cannot change from {:?} to {:?}", self.interface_type, interface_type);
102 }
103 Ok(())
104 }
105
106 pub(crate) fn set_bridge_ports(&mut self, ports: Vec<String>) -> Result<(), Error> {
107 if self.interface_type != NetworkInterfaceType::Bridge {
108 bail!("interface '{}' is no bridge (type is {:?})", self.name, self.interface_type);
109 }
110 self.bridge_ports = Some(ports);
111 Ok(())
112 }
113
114 pub(crate) fn set_bond_slaves(&mut self, slaves: Vec<String>) -> Result<(), Error> {
115 if self.interface_type != NetworkInterfaceType::Bond {
116 bail!("interface '{}' is no bond (type is {:?})", self.name, self.interface_type);
117 }
118 self.bond_slaves = Some(slaves);
119 Ok(())
120 }
121
122 /// Write attributes not dependening on address family
123 fn write_iface_attributes(&self, w: &mut dyn Write) -> Result<(), Error> {
124
125 match self.interface_type {
126 NetworkInterfaceType::Bridge => {
127 if let Some(ref ports) = self.bridge_ports {
128 if ports.is_empty() {
129 writeln!(w, " bridge-ports none")?;
130 } else {
131 writeln!(w, " bridge-ports {}", ports.join(" "))?;
132 }
133 }
134 }
135 NetworkInterfaceType::Bond => {
136 if let Some(ref slaves) = self.bond_slaves {
137 if slaves.is_empty() {
138 writeln!(w, " bond-slaves none")?;
139 } else {
140 writeln!(w, " bond-slaves {}", slaves.join(" "))?;
141 }
142 }
143 }
144 _ => {}
145 }
146
147 if let Some(mtu) = self.mtu {
148 writeln!(w, " mtu {}", mtu)?;
149 }
150
151 Ok(())
152 }
153
154 /// Write attributes dependening on address family inet (IPv4)
155 fn write_iface_attributes_v4(&self, w: &mut dyn Write, method: NetworkConfigMethod) -> Result<(), Error> {
156 if method == NetworkConfigMethod::Static {
157 if let Some(address) = &self.cidr_v4 {
158 writeln!(w, " address {}", address)?;
159 }
160 if let Some(gateway) = &self.gateway_v4 {
161 writeln!(w, " gateway {}", gateway)?;
162 }
163 }
164
165 for option in &self.options_v4 {
166 writeln!(w, " {}", option)?;
167 }
168
169 if let Some(ref comments) = self.comments_v4 {
170 for comment in comments.lines() {
171 writeln!(w, "#{}", comment)?;
172 }
173 }
174
175 Ok(())
176 }
177
178 /// Write attributes dependening on address family inet6 (IPv6)
179 fn write_iface_attributes_v6(&self, w: &mut dyn Write, method: NetworkConfigMethod) -> Result<(), Error> {
180 if method == NetworkConfigMethod::Static {
181 if let Some(address) = &self.cidr_v6 {
182 writeln!(w, " address {}", address)?;
183 }
184 if let Some(gateway) = &self.gateway_v6 {
185 writeln!(w, " gateway {}", gateway)?;
186 }
187 }
188
189 for option in &self.options_v6 {
190 writeln!(w, " {}", option)?;
191 }
192
193 if let Some(ref comments) = self.comments_v6 {
194 for comment in comments.lines() {
195 writeln!(w, "#{}", comment)?;
196 }
197 }
198
199 Ok(())
200 }
201
202 /// Return whether we can write a single entry for inet and inet6
203 fn combine_entry(&self) -> bool {
204 // Note: use match to make sure we considered all values at compile time
205 match self {
206 Interface {
207 method_v4,
208 method_v6,
209 options_v4,
210 options_v6,
211 comments_v4,
212 comments_v6,
213 // the rest does not matter
214 name: _name,
215 interface_type: _interface_type,
216 auto: _auto,
217 active: _active,
218 cidr_v4: _cidr_v4,
219 cidr_v6: _cidr_v6,
220 gateway_v4: _gateway_v4,
221 gateway_v6: _gateway_v6,
222 mtu: _mtu,
223 bridge_ports: _bridge_ports,
224 bond_slaves: _bond_slaves,
225 } => {
226 method_v4 == method_v6
227 && comments_v4.is_none()
228 && comments_v6.is_none()
229 && options_v4.is_empty()
230 && options_v6.is_empty()
231 }
232 }
233 }
234
235 fn write_iface(&self, w: &mut dyn Write) -> Result<(), Error> {
236
237 fn method_to_str(method: NetworkConfigMethod) -> &'static str {
238 match method {
239 NetworkConfigMethod::Static => "static",
240 NetworkConfigMethod::Loopback => "loopback",
241 NetworkConfigMethod::Manual => "manual",
242 NetworkConfigMethod::DHCP => "dhcp",
243 }
244 }
245
246 if self.method_v4.is_none() && self.method_v6.is_none() { return Ok(()); }
247
248 if self.auto {
249 writeln!(w, "auto {}", self.name)?;
250 }
251
252 if self.combine_entry() {
253 if let Some(method) = self.method_v4 {
254 writeln!(w, "iface {} {}", self.name, method_to_str(method))?;
255 self.write_iface_attributes_v4(w, method)?;
256 self.write_iface_attributes_v6(w, method)?;
257 self.write_iface_attributes(w)?;
258 writeln!(w)?;
259 }
260 } else {
261 if let Some(method) = self.method_v4 {
262 writeln!(w, "iface {} inet {}", self.name, method_to_str(method))?;
263 self.write_iface_attributes_v4(w, method)?;
264 self.write_iface_attributes(w)?;
265 writeln!(w)?;
266 }
267 if let Some(method) = self.method_v6 {
268 writeln!(w, "iface {} inet6 {}", self.name, method_to_str(method))?;
269 self.write_iface_attributes_v6(w, method)?;
270 if self.method_v4.is_none() { // only write common attributes once
271 self.write_iface_attributes(w)?;
272 }
273 writeln!(w)?;
274 }
275 }
276 Ok(())
277 }
278 }
279
280 #[derive(Debug)]
281 enum NetworkOrderEntry {
282 Iface(String),
283 Comment(String),
284 Option(String),
285 }
286
287 #[derive(Debug)]
288 pub struct NetworkConfig {
289 pub interfaces: HashMap<String, Interface>,
290 order: Vec<NetworkOrderEntry>,
291 }
292
293 impl NetworkConfig {
294
295 pub fn new() -> Self {
296 Self {
297 interfaces: HashMap::new(),
298 order: Vec::new(),
299 }
300 }
301
302 pub fn lookup(&self, name: &str) -> Result<&Interface, Error> {
303 let interface = self.interfaces.get(name).ok_or_else(|| {
304 format_err!("interface '{}' does not exist.", name)
305 })?;
306 Ok(interface)
307 }
308
309 pub fn lookup_mut(&mut self, name: &str) -> Result<&mut Interface, Error> {
310 let interface = self.interfaces.get_mut(name).ok_or_else(|| {
311 format_err!("interface '{}' does not exist.", name)
312 })?;
313 Ok(interface)
314 }
315
316 pub fn write_config(&self, w: &mut dyn Write) -> Result<(), Error> {
317
318 let mut done = HashSet::new();
319
320 let mut last_entry_was_comment = false;
321
322 for entry in self.order.iter() {
323 match entry {
324 NetworkOrderEntry::Comment(comment) => {
325 writeln!(w, "#{}", comment)?;
326 last_entry_was_comment = true;
327 }
328 NetworkOrderEntry::Option(option) => {
329 if last_entry_was_comment { writeln!(w)?; }
330 last_entry_was_comment = false;
331 writeln!(w, "{}", option)?;
332 writeln!(w)?;
333 }
334 NetworkOrderEntry::Iface(name) => {
335 let interface = match self.interfaces.get(name) {
336 Some(interface) => interface,
337 None => continue,
338 };
339
340 if last_entry_was_comment { writeln!(w)?; }
341 last_entry_was_comment = false;
342
343 if done.contains(name) { continue; }
344 done.insert(name);
345
346 interface.write_iface(w)?;
347 }
348 }
349 }
350
351 for (name, interface) in &self.interfaces {
352 if done.contains(name) { continue; }
353 interface.write_iface(w)?;
354 }
355 Ok(())
356 }
357 }
358
359 pub const NETWORK_INTERFACES_FILENAME: &str = "/etc/network/interfaces";
360 pub const NETWORK_INTERFACES_NEW_FILENAME: &str = "/etc/network/interfaces.new";
361 pub const NETWORK_LOCKFILE: &str = "/var/lock/pve-network.lck";
362
363
364 pub fn config() -> Result<(NetworkConfig, [u8;32]), Error> {
365 let content = std::fs::read(NETWORK_INTERFACES_NEW_FILENAME)
366 .or_else(|err| {
367 if err.kind() == std::io::ErrorKind::NotFound {
368 std::fs::read(NETWORK_INTERFACES_FILENAME)
369 .or_else(|err| {
370 if err.kind() == std::io::ErrorKind::NotFound {
371 Ok(Vec::new())
372 } else {
373 bail!("unable to read '{}' - {}", NETWORK_INTERFACES_FILENAME, err);
374 }
375 })
376 } else {
377 bail!("unable to read '{}' - {}", NETWORK_INTERFACES_NEW_FILENAME, err);
378 }
379 })?;
380
381
382 let digest = openssl::sha::sha256(&content);
383
384 let mut parser = NetworkParser::new(&content[..]);
385 let data = parser.parse_interfaces()?;
386
387 Ok((data, digest))
388 }
389
390 pub fn save_config(config: &NetworkConfig) -> Result<(), Error> {
391
392 let mut raw = Vec::new();
393 config.write_config(&mut raw)?;
394
395 let mode = nix::sys::stat::Mode::from_bits_truncate(0o0644);
396 // set the correct owner/group/permissions while saving file
397 // owner(rw) = root, group(r)=root, others(r)
398 let options = CreateOptions::new()
399 .perm(mode)
400 .owner(nix::unistd::ROOT)
401 .group(nix::unistd::Gid::from_raw(0));
402
403 replace_file(NETWORK_INTERFACES_NEW_FILENAME, &raw, options)?;
404
405 Ok(())
406 }
407
408 // shell completion helper
409 pub fn complete_interface_name(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
410 match config() {
411 Ok((data, _digest)) => data.interfaces.keys().map(|id| id.to_string()).collect(),
412 Err(_) => return vec![],
413 }
414 }
Proxmox Backup Server and Client