+use std::panic::UnwindSafe;
use std::path::Path;
use std::sync::Arc;
-use anyhow::{bail, Error};
+use anyhow::{bail, format_err, Error};
use serde_json::Value;
use proxmox::{
section_config::SectionConfigData,
RpcEnvironment,
RpcEnvironmentType,
+ Permission,
Router,
SubdirMap,
},
};
use crate::{
- config,
+ task_log,
+ config::{
+ self,
+ cached_user_info::CachedUserInfo,
+ acl::{
+ PRIV_TAPE_AUDIT,
+ PRIV_TAPE_READ,
+ PRIV_TAPE_WRITE,
+ },
+ },
api2::{
types::{
UPID_SCHEMA,
required_media_changer,
open_drive,
lock_tape_device,
+ set_tape_device_state,
+ get_tape_device_state,
+ tape_alert_flags_critical,
},
changer::update_changer_online_status,
},
};
+fn run_drive_worker<F>(
+ rpcenv: &dyn RpcEnvironment,
+ drive: String,
+ worker_type: &str,
+ job_id: Option<String>,
+ f: F,
+) -> Result<String, Error>
+where
+ F: Send
+ + UnwindSafe
+ + 'static
+ + FnOnce(Arc<WorkerTask>, SectionConfigData) -> Result<(), Error>,
+{
+ // early check/lock before starting worker
+ let (config, _digest) = config::drive::config()?;
+ let lock_guard = lock_tape_device(&config, &drive)?;
+
+ let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
+ let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
+
+ WorkerTask::new_thread(worker_type, job_id, auth_id, to_stdout, move |worker| {
+ let _lock_guard = lock_guard;
+ set_tape_device_state(&drive, &worker.upid().to_string())
+ .map_err(|err| format_err!("could not set tape device state: {}", err))?;
+
+ let result = f(worker, config);
+ set_tape_device_state(&drive, "")
+ .map_err(|err| format_err!("could not unset tape device state: {}", err))?;
+ result
+ })
+}
+
+async fn run_drive_blocking_task<F, R>(drive: String, state: String, f: F) -> Result<R, Error>
+where
+ F: Send + 'static + FnOnce(SectionConfigData) -> Result<R, Error>,
+ R: Send + 'static,
+{
+ // early check/lock before starting worker
+ let (config, _digest) = config::drive::config()?;
+ let lock_guard = lock_tape_device(&config, &drive)?;
+ tokio::task::spawn_blocking(move || {
+ let _lock_guard = lock_guard;
+ set_tape_device_state(&drive, &state)
+ .map_err(|err| format_err!("could not set tape device state: {}", err))?;
+ let result = f(config);
+ set_tape_device_state(&drive, "")
+ .map_err(|err| format_err!("could not unset tape device state: {}", err))?;
+ result
+ })
+ .await?
+}
+
#[api(
input: {
properties: {
},
},
},
+ returns: {
+ schema: UPID_SCHEMA,
+ },
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Load media with specified label
///
/// Issue a media load request to the associated changer device.
-pub async fn load_media(drive: String, label_text: String) -> Result<(), Error> {
-
- let (config, _digest) = config::drive::config()?;
- let lock_guard = lock_tape_device(&config, &drive)?;
+pub fn load_media(
+ drive: String,
+ label_text: String,
+ rpcenv: &mut dyn RpcEnvironment,
+) -> Result<Value, Error> {
+ let job_id = format!("{}:{}", drive, label_text);
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
+ "load-media",
+ Some(job_id),
+ move |worker, config| {
+ task_log!(worker, "loading media '{}' into drive '{}'", label_text, drive);
+ let (mut changer, _) = required_media_changer(&config, &drive)?;
+ changer.load_media(&label_text)?;
+ Ok(())
+ },
+ )?;
- let (mut changer, _) = required_media_changer(&config, &drive)?;
- changer.load_media(&label_text)
- }).await?
+ Ok(upid_str.into())
}
#[api(
},
},
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Load media from the specified slot
///
/// Issue a media load request to the associated changer device.
pub async fn load_slot(drive: String, source_slot: u64) -> Result<(), Error> {
-
- let (config, _digest) = config::drive::config()?;
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
-
- let (mut changer, _) = required_media_changer(&config, &drive)?;
- changer.load_media_from_slot(source_slot)
- }).await?
+ run_drive_blocking_task(
+ drive.clone(),
+ format!("load from slot {}", source_slot),
+ move |config| {
+ let (mut changer, _) = required_media_changer(&config, &drive)?;
+ changer.load_media_from_slot(source_slot)?;
+ Ok(())
+ },
+ )
+ .await
}
#[api(
},
},
returns: {
- description: "The import-export slot number the media was transfered to.",
+ description: "The import-export slot number the media was transferred to.",
type: u64,
minimum: 1,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Export media with specified label
pub async fn export_media(drive: String, label_text: String) -> Result<u64, Error> {
-
- let (config, _digest) = config::drive::config()?;
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
-
- let (mut changer, changer_name) = required_media_changer(&config, &drive)?;
- match changer.export_media(&label_text)? {
- Some(slot) => Ok(slot),
- None => bail!("media '{}' is not online (via changer '{}')", label_text, changer_name),
+ run_drive_blocking_task(
+ drive.clone(),
+ format!("export media {}", label_text),
+ move |config| {
+ let (mut changer, changer_name) = required_media_changer(&config, &drive)?;
+ match changer.export_media(&label_text)? {
+ Some(slot) => Ok(slot),
+ None => bail!(
+ "media '{}' is not online (via changer '{}')",
+ label_text,
+ changer_name
+ ),
+ }
}
- }).await?
+ )
+ .await
}
#[api(
},
},
},
+ returns: {
+ schema: UPID_SCHEMA,
+ },
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Unload media via changer
-pub async fn unload(
+pub fn unload(
drive: String,
target_slot: Option<u64>,
- _param: Value,
-) -> Result<(), Error> {
-
- let (config, _digest) = config::drive::config()?;
- let lock_guard = lock_tape_device(&config, &drive)?;
+ rpcenv: &mut dyn RpcEnvironment,
+) -> Result<Value, Error> {
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
+ "unload-media",
+ Some(drive.clone()),
+ move |worker, config| {
+ task_log!(worker, "unloading media from drive '{}'", drive);
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
+ let (mut changer, _) = required_media_changer(&config, &drive)?;
+ changer.unload_media(target_slot)?;
+ Ok(())
+ },
+ )?;
- let (mut changer, _) = required_media_changer(&config, &drive)?;
- changer.unload_media(target_slot)
- }).await?
+ Ok(upid_str.into())
}
#[api(
optional: true,
default: true,
},
+ "label-text": {
+ schema: MEDIA_LABEL_SCHEMA,
+ optional: true,
+ },
},
},
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_WRITE, false),
+ },
)]
-/// Erase media
+/// Erase media. Check for label-text if given (cancels if wrong media).
pub fn erase_media(
drive: String,
fast: Option<bool>,
+ label_text: Option<String>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
+ "erase-media",
+ Some(drive.clone()),
+ move |worker, config| {
+ if let Some(ref label) = label_text {
+ task_log!(worker, "try to load media '{}'", label);
+ if let Some((mut changer, _)) = media_changer(&config, &drive)? {
+ changer.load_media(label)?;
+ }
+ }
- let (config, _digest) = config::drive::config()?;
+ let mut handle = open_drive(&config, &drive)?;
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
+ match handle.read_label() {
+ Err(err) => {
+ if let Some(label) = label_text {
+ bail!("expected label '{}', found unrelated data", label);
+ }
+ /* assume drive contains no or unrelated data */
+ task_log!(worker, "unable to read media label: {}", err);
+ task_log!(worker, "erase anyways");
+ handle.erase_media(fast.unwrap_or(true))?;
+ }
+ Ok((None, _)) => {
+ if let Some(label) = label_text {
+ bail!("expected label '{}', found empty tape", label);
+ }
+ task_log!(worker, "found empty media - erase anyways");
+ handle.erase_media(fast.unwrap_or(true))?;
+ }
+ Ok((Some(media_id), _key_config)) => {
+ if let Some(label_text) = label_text {
+ if media_id.label.label_text != label_text {
+ bail!(
+ "expected label '{}', found '{}', aborting",
+ label_text,
+ media_id.label.label_text
+ );
+ }
+ }
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
+ task_log!(
+ worker,
+ "found media '{}' with uuid '{}'",
+ media_id.label.label_text, media_id.label.uuid,
+ );
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
+ let status_path = Path::new(TAPE_STATUS_DIR);
+ let mut inventory = Inventory::load(status_path)?;
- let upid_str = WorkerTask::new_thread(
- "erase-media",
- Some(drive.clone()),
- auth_id,
- to_stdout,
- move |_worker| {
- let _lock_guard = lock_guard; // keep lock guard
+ MediaCatalog::destroy(status_path, &media_id.label.uuid)?;
+ inventory.remove_media(&media_id.label.uuid)?;
+ handle.erase_media(fast.unwrap_or(true))?;
+ }
+ }
- let mut drive = open_drive(&config, &drive)?;
- drive.erase_media(fast.unwrap_or(true))?;
Ok(())
- }
+ },
)?;
Ok(upid_str.into())
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Rewind tape
pub fn rewind(
drive: String,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"rewind-media",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |_worker| {
- let _lock_guard = lock_guard; // keep lock guard
+ move |_worker, config| {
let mut drive = open_drive(&config, &drive)?;
drive.rewind()?;
Ok(())
- }
+ },
)?;
Ok(upid_str.into())
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Eject/Unload drive media
pub fn eject_media(
drive: String,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"eject-media",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |_worker| {
- let _lock_guard = lock_guard; // keep lock guard
-
- if let Some((mut changer, _)) = media_changer(&config, &drive)? {
+ move |_worker, config| {
+ if let Some((mut changer, _)) = media_changer(&config, &drive)? {
changer.unload_media(None)?;
} else {
let mut drive = open_drive(&config, &drive)?;
drive.eject_media()?;
}
Ok(())
- })?;
+ },
+ )?;
Ok(upid_str.into())
}
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_WRITE, false),
+ },
)]
/// Label media
///
label_text: String,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
if let Some(ref pool) = pool {
let (pool_config, _digest) = config::media_pool::config()?;
bail!("no such pool ('{}')", pool);
}
}
-
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"label-media",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |worker| {
- let _lock_guard = lock_guard; // keep lock guard
-
+ move |worker, config| {
let mut drive = open_drive(&config, &drive)?;
drive.rewind()?;
};
write_media_label(worker, &mut drive, label, pool)
- }
+ },
)?;
Ok(upid_str.into())
},
},
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Try to restore a tape encryption key
pub async fn restore_key(
drive: String,
password: String,
) -> Result<(), Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "restore key".to_string(),
+ move |config| {
+ let mut drive = open_drive(&config, &drive)?;
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
-
- let mut drive = open_drive(&config, &drive)?;
+ let (_media_id, key_config) = drive.read_label()?;
- let (_media_id, key_config) = drive.read_label()?;
+ if let Some(key_config) = key_config {
+ let password_fn = || { Ok(password.as_bytes().to_vec()) };
+ let (key, ..) = key_config.decrypt(&password_fn)?;
+ config::tape_encryption_keys::insert_key(key, key_config, true)?;
+ } else {
+ bail!("media does not contain any encryption key configuration");
+ }
- if let Some(key_config) = key_config {
- let password_fn = || { Ok(password.as_bytes().to_vec()) };
- let (key, ..) = key_config.decrypt(&password_fn)?;
- config::tape_encryption_keys::insert_key(key, key_config, true)?;
- } else {
- bail!("media does not contain any encryption key configuration");
+ Ok(())
}
-
- Ok(())
- }).await?
+ )
+ .await
}
#[api(
returns: {
type: MediaIdFlat,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Read media label (optionally inventorize media)
pub async fn read_label(
drive: String,
inventorize: Option<bool>,
) -> Result<MediaIdFlat, Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "reading label".to_string(),
+ move |config| {
+ let mut drive = open_drive(&config, &drive)?;
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
-
- let mut drive = open_drive(&config, &drive)?;
-
- let (media_id, _key_config) = drive.read_label()?;
-
- let media_id = match media_id {
- Some(media_id) => {
- let mut flat = MediaIdFlat {
- uuid: media_id.label.uuid.clone(),
- label_text: media_id.label.label_text.clone(),
- ctime: media_id.label.ctime,
- media_set_ctime: None,
- media_set_uuid: None,
- encryption_key_fingerprint: None,
- pool: None,
- seq_nr: None,
- };
- if let Some(ref set) = media_id.media_set_label {
- flat.pool = Some(set.pool.clone());
- flat.seq_nr = Some(set.seq_nr);
- flat.media_set_uuid = Some(set.uuid.clone());
- flat.media_set_ctime = Some(set.ctime);
- flat.encryption_key_fingerprint = set
- .encryption_key_fingerprint
- .as_ref()
- .map(|fp| crate::tools::format::as_fingerprint(fp.bytes()));
-
- let encrypt_fingerprint = set.encryption_key_fingerprint.clone()
- .map(|fp| (fp, set.uuid.clone()));
+ let (media_id, _key_config) = drive.read_label()?;
+
+ let media_id = match media_id {
+ Some(media_id) => {
+ let mut flat = MediaIdFlat {
+ uuid: media_id.label.uuid.clone(),
+ label_text: media_id.label.label_text.clone(),
+ ctime: media_id.label.ctime,
+ media_set_ctime: None,
+ media_set_uuid: None,
+ encryption_key_fingerprint: None,
+ pool: None,
+ seq_nr: None,
+ };
+ if let Some(ref set) = media_id.media_set_label {
+ flat.pool = Some(set.pool.clone());
+ flat.seq_nr = Some(set.seq_nr);
+ flat.media_set_uuid = Some(set.uuid.clone());
+ flat.media_set_ctime = Some(set.ctime);
+ flat.encryption_key_fingerprint = set
+ .encryption_key_fingerprint
+ .as_ref()
+ .map(|fp| crate::tools::format::as_fingerprint(fp.bytes()));
+
+ let encrypt_fingerprint = set.encryption_key_fingerprint.clone()
+ .map(|fp| (fp, set.uuid.clone()));
+
+ if let Err(err) = drive.set_encryption(encrypt_fingerprint) {
+ // try, but ignore errors. just log to stderr
+ eprintln!("uable to load encryption key: {}", err);
+ }
+ }
- if let Err(err) = drive.set_encryption(encrypt_fingerprint) {
- // try, but ignore errors. just log to stderr
- eprintln!("uable to load encryption key: {}", err);
+ if let Some(true) = inventorize {
+ let state_path = Path::new(TAPE_STATUS_DIR);
+ let mut inventory = Inventory::load(state_path)?;
+ inventory.store(media_id, false)?;
}
- }
- if let Some(true) = inventorize {
- let state_path = Path::new(TAPE_STATUS_DIR);
- let mut inventory = Inventory::load(state_path)?;
- inventory.store(media_id, false)?;
+ flat
}
+ None => {
+ bail!("Media is empty (no label).");
+ }
+ };
- flat
- }
- None => {
- bail!("Media is empty (no label).");
- }
- };
-
- Ok(media_id)
- }).await?
+ Ok(media_id)
+ }
+ )
+ .await
}
#[api(
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Clean drive
pub fn clean_drive(
drive: String,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"clean-drive",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |worker| {
- let _lock_guard = lock_guard; // keep lock guard
-
+ move |worker, config| {
let (mut changer, _changer_name) = required_media_changer(&config, &drive)?;
worker.log("Starting drive clean");
changer.clean_drive()?;
- worker.log("Drive cleaned sucessfully");
+ if let Ok(drive_config) = config.lookup::<LinuxTapeDrive>("linux", &drive) {
+ // Note: clean_drive unloads the cleaning media, so we cannot use drive_config.open
+ let mut handle = LinuxTapeHandle::new(open_linux_tape_device(&drive_config.path)?);
+
+ // test for critical tape alert flags
+ if let Ok(alert_flags) = handle.tape_alert_flags() {
+ if !alert_flags.is_empty() {
+ worker.log(format!("TapeAlertFlags: {:?}", alert_flags));
+ if tape_alert_flags_critical(alert_flags) {
+ bail!("found critical tape alert flags: {:?}", alert_flags);
+ }
+ }
+ }
+
+ // test wearout (max. 50 mounts)
+ if let Ok(volume_stats) = handle.volume_statistics() {
+ worker.log(format!("Volume mounts: {}", volume_stats.volume_mounts));
+ let wearout = volume_stats.volume_mounts * 2; // (*100.0/50.0);
+ worker.log(format!("Cleaning tape wearout: {}%", wearout));
+ }
+ }
+
+ worker.log("Drive cleaned successfully");
Ok(())
- })?;
+ },
+ )?;
Ok(upid_str.into())
}
type: LabelUuidMap,
},
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// List known media labels (Changer Inventory)
///
pub async fn inventory(
drive: String,
) -> Result<Vec<LabelUuidMap>, Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "inventorize".to_string(),
+ move |config| {
+ let (mut changer, changer_name) = required_media_changer(&config, &drive)?;
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- tokio::task::spawn_blocking(move || {
- let _lock_guard = lock_guard; // keep lock guard
+ let label_text_list = changer.online_media_label_texts()?;
- let (mut changer, changer_name) = required_media_changer(&config, &drive)?;
+ let state_path = Path::new(TAPE_STATUS_DIR);
- let label_text_list = changer.online_media_label_texts()?;
+ let mut inventory = Inventory::load(state_path)?;
- let state_path = Path::new(TAPE_STATUS_DIR);
+ update_changer_online_status(
+ &config,
+ &mut inventory,
+ &changer_name,
+ &label_text_list,
+ )?;
- let mut inventory = Inventory::load(state_path)?;
+ let mut list = Vec::new();
- update_changer_online_status(
- &config,
- &mut inventory,
- &changer_name,
- &label_text_list,
- )?;
+ for label_text in label_text_list.iter() {
+ if label_text.starts_with("CLN") {
+ // skip cleaning unit
+ continue;
+ }
- let mut list = Vec::new();
+ let label_text = label_text.to_string();
- for label_text in label_text_list.iter() {
- if label_text.starts_with("CLN") {
- // skip cleaning unit
- continue;
+ if let Some(media_id) = inventory.find_media_by_label_text(&label_text) {
+ list.push(LabelUuidMap { label_text, uuid: Some(media_id.label.uuid.clone()) });
+ } else {
+ list.push(LabelUuidMap { label_text, uuid: None });
+ }
}
- let label_text = label_text.to_string();
-
- if let Some(media_id) = inventory.find_media_by_label_text(&label_text) {
- list.push(LabelUuidMap { label_text, uuid: Some(media_id.label.uuid.clone()) });
- } else {
- list.push(LabelUuidMap { label_text, uuid: None });
- }
+ Ok(list)
}
-
- Ok(list)
- }).await?
+ )
+ .await
}
#[api(
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Update inventory
///
read_all_labels: Option<bool>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"inventory-update",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |worker| {
- let _lock_guard = lock_guard; // keep lock guard
-
+ move |worker, config| {
let (mut changer, changer_name) = required_media_changer(&config, &drive)?;
let label_text_list = changer.online_media_label_texts()?;
}
Ok((Some(media_id), _key_config)) => {
if label_text != media_id.label.label_text {
- worker.warn(format!("label text missmatch ({} != {})", label_text, media_id.label.label_text));
+ worker.warn(format!("label text mismatch ({} != {})", label_text, media_id.label.label_text));
continue;
}
worker.log(format!("inventorize media '{}' with uuid '{}'", label_text, media_id.label.uuid));
changer.unload_media(None)?;
}
Ok(())
- }
+ },
)?;
Ok(upid_str.into())
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_WRITE, false),
+ },
)]
/// Label media with barcodes from changer device
pub fn barcode_label_media(
pool: Option<String>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
if let Some(ref pool) = pool {
let (pool_config, _digest) = config::media_pool::config()?;
}
}
- let (drive_config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&drive_config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"barcode-label-media",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |worker| {
- let _lock_guard = lock_guard; // keep lock guard
- barcode_label_media_worker(worker, drive, &drive_config, pool)
- }
+ move |worker, config| barcode_label_media_worker(worker, drive, &config, pool),
)?;
Ok(upid_str.into())
drive_config: &SectionConfigData,
pool: Option<String>,
) -> Result<(), Error> {
-
let (mut changer, changer_name) = required_media_changer(drive_config, &drive)?;
- let label_text_list = changer.online_media_label_texts()?;
+ let mut label_text_list = changer.online_media_label_texts()?;
+
+ // make sure we label them in the right order
+ label_text_list.sort();
let state_path = Path::new(TAPE_STATUS_DIR);
type: MamAttribute,
},
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_AUDIT, false),
+ },
)]
/// Read Cartridge Memory (Medium auxiliary memory attributes)
-pub fn cartridge_memory(drive: String) -> Result<Vec<MamAttribute>, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- let _lock_guard = lock_tape_device(&config, &drive)?;
-
- let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
- let mut handle = drive_config.open()?;
-
- handle.cartridge_memory()
+pub async fn cartridge_memory(drive: String) -> Result<Vec<MamAttribute>, Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "reading cartridge memory".to_string(),
+ move |config| {
+ let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
+ let mut handle = drive_config.open()?;
+
+ handle.cartridge_memory()
+ }
+ )
+ .await
}
#[api(
returns: {
type: Lp17VolumeStatistics,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_AUDIT, false),
+ },
)]
/// Read Volume Statistics (SCSI log page 17h)
-pub fn volume_statistics(drive: String) -> Result<Lp17VolumeStatistics, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- let _lock_guard = lock_tape_device(&config, &drive)?;
-
- let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
- let mut handle = drive_config.open()?;
-
- handle.volume_statistics()
+pub async fn volume_statistics(drive: String) -> Result<Lp17VolumeStatistics, Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "reading volume statistics".to_string(),
+ move |config| {
+ let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
+ let mut handle = drive_config.open()?;
+
+ handle.volume_statistics()
+ }
+ )
+ .await
}
#[api(
returns: {
type: LinuxDriveAndMediaStatus,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_AUDIT, false),
+ },
)]
/// Get drive/media status
-pub fn status(drive: String) -> Result<LinuxDriveAndMediaStatus, Error> {
-
- let (config, _digest) = config::drive::config()?;
-
- let _lock_guard = lock_tape_device(&config, &drive)?;
+pub async fn status(drive: String) -> Result<LinuxDriveAndMediaStatus, Error> {
+ run_drive_blocking_task(
+ drive.clone(),
+ "reading drive status".to_string(),
+ move |config| {
+ let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
- let drive_config: LinuxTapeDrive = config.lookup("linux", &drive)?;
+ // Note: use open_linux_tape_device, because this also works if no medium loaded
+ let file = open_linux_tape_device(&drive_config.path)?;
- // Note: use open_linux_tape_device, because this also works if no medium loaded
- let file = open_linux_tape_device(&drive_config.path)?;
+ let mut handle = LinuxTapeHandle::new(file);
- let mut handle = LinuxTapeHandle::new(file);
-
- handle.get_drive_and_media_status()
+ handle.get_drive_and_media_status()
+ }
+ )
+ .await
}
#[api(
returns: {
schema: UPID_SCHEMA,
},
+ access: {
+ permission: &Permission::Privilege(&["tape", "device", "{drive}"], PRIV_TAPE_READ, false),
+ },
)]
/// Scan media and record content
pub fn catalog_media(
verbose: Option<bool>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
-
let verbose = verbose.unwrap_or(false);
let force = force.unwrap_or(false);
- let (config, _digest) = config::drive::config()?;
-
- // early check/lock before starting worker
- let lock_guard = lock_tape_device(&config, &drive)?;
-
- let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
-
- let to_stdout = rpcenv.env_type() == RpcEnvironmentType::CLI;
-
- let upid_str = WorkerTask::new_thread(
+ let upid_str = run_drive_worker(
+ rpcenv,
+ drive.clone(),
"catalog-media",
Some(drive.clone()),
- auth_id,
- to_stdout,
- move |worker| {
- let _lock_guard = lock_guard; // keep lock guard
-
+ move |worker, config| {
let mut drive = open_drive(&config, &drive)?;
drive.rewind()?;
restore_media(&worker, &mut drive, &media_id, None, verbose)?;
Ok(())
-
- }
+ },
)?;
Ok(upid_str.into())
type: DriveListEntry,
},
},
+ access: {
+ description: "List configured tape drives filtered by Tape.Audit privileges",
+ permission: &Permission::Anybody,
+ },
)]
/// List drives
pub fn list_drives(
changer: Option<String>,
_param: Value,
+ rpcenv: &mut dyn RpcEnvironment,
) -> Result<Vec<DriveListEntry>, Error> {
+ let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
+ let user_info = CachedUserInfo::new()?;
let (config, _) = config::drive::config()?;
continue;
}
+ let privs = user_info.lookup_privs(&auth_id, &["tape", "drive", &drive.name]);
+ if (privs & PRIV_TAPE_AUDIT) == 0 {
+ continue;
+ }
+
let info = lookup_device_identification(&linux_drives, &drive.path);
- let entry = DriveListEntry { config: drive, info };
+ let state = get_tape_device_state(&config, &drive.name)?;
+ let entry = DriveListEntry { config: drive, info, state };
list.push(entry);
}
(
"load-media",
&Router::new()
- .put(&API_METHOD_LOAD_MEDIA)
+ .post(&API_METHOD_LOAD_MEDIA)
),
(
"load-slot",
&Router::new()
.get(&API_METHOD_READ_LABEL)
),
+ (
+ "restore-key",
+ &Router::new()
+ .post(&API_METHOD_RESTORE_KEY)
+ ),
(
"rewind",
&Router::new()
(
"unload",
&Router::new()
- .put(&API_METHOD_UNLOAD)
+ .post(&API_METHOD_UNLOAD)
),
]);