Gabriel Goller [Tue, 22 Aug 2023 14:05:17 +0000 (16:05 +0200)]
fix #4380: check if file is excluded before running `stat()`
Passed a closure with the `stat()` function call to `matches()`. This
will traverse through all patterns and try to match using the path only, if a
`file_mode` is needed, it will run the closure. This means that if we exclude
a file with the `MatchType::ANY_FILE_TYPE`, we will skip it without running
`stat()` on it. As we updated the `matches()` function, we also updated all the
invocations of it.
Added `pathpatterns` crate to local overrides in cargo.toml.
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
Christian Ebner [Fri, 11 Aug 2023 11:09:05 +0000 (13:09 +0200)]
docs: update external link to www.proxmox.com
During the redesign of www.proxmox.com the menu structure and therefore
some url changed. Update the external link in order to avoid an
unneccessary redirect.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
Stefan Sterz [Thu, 10 Aug 2023 15:37:04 +0000 (17:37 +0200)]
fix: api-types: add support for lto 9 tape density
lto 9 tapes have a new density code which leads to these tapes not
being recognized properly. add the new density code and TapeDensity to
improve lto 9 support. since the documentation states that we support
lto 5 and above this constitutes a bug fix for lto 9 support.
Christoph Heiss [Mon, 7 Aug 2023 07:57:24 +0000 (09:57 +0200)]
api-types: drop unused leftover file
Commit d97ff8ae ("use new auth api crate") moved all auth-related code
into it's own crate inside the `proxmox` repo, including this file. Thus
drop it here, it's not even included in the compile.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Revert "fix #4380: stat() is run when file is executed"
this actually affected the matcher's ability to differentiate between directory
and file patterns, and the alternative would require matching patterns twice
for full coverage, so let's try a different approach altogether.
Gabriel Goller [Thu, 3 Aug 2023 15:22:38 +0000 (17:22 +0200)]
fix #4380: stat() is run when file is executed
When executing `proxmox-backup-client backup ...
--exclude "test/test.txt"` it still executed stat() on "test.txt",
which won't work when the current user doesn't have access to the
file or the parent folder. Now we check if the file is excluded,
and if it is not, then we execute stat().
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
Philipp Hufnagl [Tue, 11 Jul 2023 07:56:51 +0000 (09:56 +0200)]
docs: replace concrete device paths with pseudo paths
Having commonly used device paths (like /dev/sdb) in an example
command may cause damage if the user simply copies them without
checking. With a pseudo device path (like /dev/sdX), they would simply
get an error
Signed-off-by: Philipp Hufnagl <p.hufnagl@proxmox.com> Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Max Carrara [Mon, 17 Jul 2023 08:04:08 +0000 (10:04 +0200)]
pbs-client: pxar: add PxarExtractContext
This enum's purpose is to provide context to errors that occur during
the extraction of a pxar archive, making it possible to handle
extraction errors in a more granular manner.
For now, it's only implemented in `ExtractorIter::next()`, but may be
used in other places if necessary or desired.
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
Max Carrara [Mon, 17 Jul 2023 08:04:07 +0000 (10:04 +0200)]
pbs-client: pxar: refactor body of `extract_archive` to `ExtractorIter`
This change factors the body of `extract_archive()` into a separate
struct named `ExtractorIter` which implements the `Iterator` trait.
This refactor has two goals:
* Make it easier to provide and propagate errors and additional
information via `anyhow::Context`
* Introduce a means to handle errors that occur during extraction,
with the possibility to continue extraction if the handler decides
that the error is not fatal
The latter point benefits from the information provided by the former;
previously, errors could only be handled in certain locations
(e.g. application of metadata), but not on a "per-entry" basis.
Since `extract_archive()` was already using a "desugared" version of
the iterator pattern to begin with, wrapping its body up in an actual
`Iterator` made the most sense, as it didn't require changing the already
existing control flow that much.
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
Max Carrara [Mon, 17 Jul 2023 08:04:06 +0000 (10:04 +0200)]
pbs-client: pxar: preserve error context
In order to preserve the source(s) of errors, `anyhow::Context` is
used instead of propagating errors via `Result::map_err()` and / or
`anyhow::format_err!()`.
This makes it possible to access e.g. an underlying `io::Error` or
`nix::Errno` etc. that caused an execution path to fail.
Certain usages of `anyhow::bail!()` are also changed / replaced
in order to preserve context.
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
Noel Ullreich [Tue, 27 Jun 2023 12:40:08 +0000 (14:40 +0200)]
fix spelling of command line/command-line
"Commandline", "command line" & "command-line" were being used
interchangeably, which is not correct use command-line when it is an
adjective (e.g. "command-line interface") and use command line when
it is a noun (e.g. "change the setting from the command line")
Signed-off-by: Noel Ullreich <n.ullreich@proxmox.com>
[T: fix typos in commit message and reflow ] Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Tue, 27 Jun 2023 11:27:07 +0000 (13:27 +0200)]
ui: user view: fix refresh for totp locked column
by adding the 'totp-locked' column to the model
a diff store can only know if a column has changed if the column is
defined in the model, otherwise it'll only load it the first time
(when the 'load' called on the diff store)
Stefan Sterz [Mon, 26 Jun 2023 13:17:46 +0000 (15:17 +0200)]
access: ldap check connection on creation and change
this commit makes the ldap realm endpoints check whether a new or
updated configuration works correctly. it uses the new
`check_connection` function to make sure that a configuration can be
successfully used to connect to and query an ldap directory.
doing so allows us to remove the ldap domain regex. instead of relying
on a regex to make sure that a given distinguished name (dn) could be
correct, we simply let the ldap directory tell us whether it accepts
it. this should also aid with usability as a dn that looks correct
could still be invalid.
this also implicitly removes unauthenticated binds, since the new
`check_connection` function does not support those. it will simply
bail out of the check if a `bind_dn` but no password is configured.
therefore, this is a breaking change.
while the current logic would still set the min_size to 32M (it's
max(32M, allmem/32), which results to 32M for memory sizes up to
1024M), setting it explicitly to the minimum makes it clear, and will
still be kept should the restore vm have more than 1G of memory at
some point.
Stoiko Ivanov [Thu, 15 Jun 2023 10:42:55 +0000 (12:42 +0200)]
file-restore: add zfs. prefix to arc_min/max settings
Currently the values set for zfs_arc_min and zfs_arc_max are ignored
by the kernel:
```
Unknown kernel command line parameters... will be passed to user space
```
module parameters provided on the commandline usually need to be
prefixed with the modulename (e.g. zfs.zfs_arc_min, see [0] for a bit
on related information (the issue itself is not related)).
Paradoxically currently ZFS will print spurious warnings about
settings being ignored when they are actually set - see [1].
Booting the debug image and connecting the shell on the serial console
confirmed that the values did not seem to be set:
`grep '^c_' /proc/spl/kstat/zfs/arcstats` showed half of the memory
for c_max.
Dominik Csapak [Tue, 6 Jun 2023 09:20:45 +0000 (11:20 +0200)]
ui: tape: fix restore datastore mapping parameter construction
We recently took into account the selected datastore when restoring
from tape, but the snapshot grids value may not only be a single
datastore, it can also be a list of snapshots, datastores or 'all'.
Handle these cases and extract the source datastore correctly.
This fixes tape restoration when not a whole datastore is selected.
Reported in the forum:
https://forum.proxmox.com/threads/restore-from-lto-parameter-verification-errors-store.128445
Fixes: df881ed0 ("ui: tape: fix restoring a single datastore") Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Stefan Sterz [Tue, 6 Jun 2023 07:50:18 +0000 (09:50 +0200)]
buildsys: switch from '\s' as a whitespace matcher to `[[:space:]]`
previously the build process was broken for some versions of `awk`
(most notably `mawk`) as they did not understand the shorthand `\s`
notation for matching a whitspace. use the more universal and more
explicit `[[:space:]]` instead.
projects / proxmox-backup.git / log