X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=blobdiff_plain;f=PVE%2FRPCEnvironment.pm;h=c661edad906a9ef64b0c24fef193d053e9c56085;hp=71e2c43b782d937c4e1b130fc6a3d377ce1f3f5b;hb=1f1c4593a19e4eed928f4518279be23a10898eac;hpb=e42eedbca470cfd545fa386820f0322a05e5e2b4 diff --git a/PVE/RPCEnvironment.pm b/PVE/RPCEnvironment.pm index 71e2c43..c661eda 100644 --- a/PVE/RPCEnvironment.pm +++ b/PVE/RPCEnvironment.pm @@ -2,793 +2,450 @@ package PVE::RPCEnvironment; use strict; use warnings; -use POSIX qw(:sys_wait_h EINTR); -use IO::Handle; -use IO::File; -use IO::Select; -use Fcntl qw(:flock); + +use PVE::RESTEnvironment; + +use PVE::Exception qw(raise raise_perm_exc); use PVE::SafeSyslog; use PVE::Tools; use PVE::INotify; use PVE::Cluster; use PVE::ProcFSTools; use PVE::AccessControl; -use CGI; -# we use this singleton class to pass RPC related environment values +use base qw(PVE::RESTEnvironment); -my $pve_env; +# ACL cache -# save $SIG{CHLD} handler implementation. -# simply set $SIG{CHLD} = $worker_reaper; -# and register forked processes with &$register_worker(pid) -# Note: using $SIG{CHLD} = 'IGNORE' or $SIG{CHLD} = sub { wait (); } or ... -# has serious side effects, because perls built in system() and open() -# functions can't get the correct exit status of a child. So we cant use -# that (also see perlipc) +my $compile_acl_path = sub { + my ($self, $user, $path) = @_; -my $WORKER_PIDS; + my $cfg = $self->{user_cfg}; -my $log_task_result = sub { - my ($upid, $user, $status) = @_; + return undef if !$cfg->{roles}; - my $msg = 'successful'; - my $pri = 'info'; - if ($status != 0) { - my $ec = $status >> 8; - my $ic = $status & 255; - $msg = $ec ? "failed ($ec)" : "interrupted ($ic)"; - $pri = 'err'; - } - my $tlist = active_workers($upid); - PVE::Cluster::broadcast_tasklist($tlist); - my $task; - foreach my $t (@$tlist) { - if ($t->{upid} eq $upid) { - $task = $t; - last; + die "internal error" if $user eq 'root@pam'; + + my $cache = $self->{aclcache}; + $cache->{$user} = {} if !$cache->{$user}; + my $data = $cache->{$user}; + + if (!$data->{poolroles}) { + $data->{poolroles} = {}; + + foreach my $pool (keys %{$cfg->{pools}}) { + my $d = $cfg->{pools}->{$pool}; + my @ra = PVE::AccessControl::roles($cfg, $user, "/pool/$pool"); # pool roles + next if !scalar(@ra); + foreach my $vmid (keys %{$d->{vms}}) { + for my $role (@ra) { + $data->{poolroles}->{"/vms/$vmid"}->{$role} = 1; + } + } + foreach my $storeid (keys %{$d->{storage}}) { + for my $role (@ra) { + $data->{poolroles}->{"/storage/$storeid"}->{$role} = 1; + } + } } } - if ($task && $task->{status}) { - $msg = $task->{status}; - } - PVE::Cluster::log_msg($pri, $user, "end task $upid $msg"); -}; -my $worker_reaper = sub { - local $!; local $?; - foreach my $pid (keys %$WORKER_PIDS) { - my $waitpid = waitpid ($pid, WNOHANG); - if (defined($waitpid) && ($waitpid == $pid)) { - my $info = $WORKER_PIDS->{$pid}; - if ($info && $info->{upid} && $info->{user}) { - &$log_task_result($info->{upid}, $info->{user}, $?); + my @ra = PVE::AccessControl::roles($cfg, $user, $path); + + # apply roles inherited from pools + # Note: assume we do not want to propagate those privs + if ($data->{poolroles}->{$path}) { + if (!($ra[0] && $ra[0] eq 'NoAccess')) { + if ($data->{poolroles}->{$path}->{NoAccess}) { + @ra = ('NoAccess'); + } else { + foreach my $role (keys %{$data->{poolroles}->{$path}}) { + push @ra, $role; + } } - delete ($WORKER_PIDS->{$pid}); } } -}; - -my $register_worker = sub { - my ($pid, $user, $upid) = @_; - return if !$pid; + $data->{roles}->{$path} = [ @ra ]; - # do not register if already finished - my $waitpid = waitpid ($pid, WNOHANG); - if (defined($waitpid) && ($waitpid == $pid)) { - delete ($WORKER_PIDS->{$pid}); - return; + my $privs = {}; + foreach my $role (@ra) { + if (my $privset = $cfg->{roles}->{$role}) { + foreach my $p (keys %$privset) { + $privs->{$p} = 1; + } + } } + $data->{privs}->{$path} = $privs; - $WORKER_PIDS->{$pid} = { - user => $user, - upid => $upid, - }; + return $privs; }; -# ACL cache +sub roles { + my ($self, $user, $path) = @_; -my $compile_acl = sub { - my ($self, $user) = @_; + if ($user eq 'root@pam') { # root can do anything + return ('Administrator'); + } - my $res = {}; - my $cfg = $self->{user_cfg}; + $user = PVE::AccessControl::verify_username($user, 1); + return () if !$user; - return undef if !$cfg->{roles}; + my $cache = $self->{aclcache}; + $cache->{$user} = {} if !$cache->{$user}; - if ($user eq 'root@pam') { # root can do anything - return {'/' => $cfg->{roles}->{'Administrator'}}; - } + my $acl = $cache->{$user}; - foreach my $path (sort keys %{$cfg->{acl}}) { - my @ra = PVE::AccessControl::roles($cfg, $user, $path); + my $roles = $acl->{roles}->{$path}; + return @$roles if $roles; - my $privs = {}; - foreach my $role (@ra) { - if (my $privset = $cfg->{roles}->{$role}) { - foreach my $p (keys %$privset) { - $privs->{$p} = 1; - } - } - } - - $res->{$path} = $privs; - } - - return $res; -}; + &$compile_acl_path($self, $user, $path); + $roles = $acl->{roles}->{$path} || []; + return @$roles; +} sub permissions { my ($self, $user, $path) = @_; + if ($user eq 'root@pam') { # root can do anything + my $cfg = $self->{user_cfg}; + return $cfg->{roles}->{'Administrator'}; + } + $user = PVE::AccessControl::verify_username($user, 1); return {} if !$user; my $cache = $self->{aclcache}; + $cache->{$user} = {} if !$cache->{$user}; my $acl = $cache->{$user}; - if (!$acl) { - if (!($acl = &$compile_acl($self, $user))) { - return {}; - } - $cache->{$user} = $acl; - } - - my $perm; - - if (!($perm = $acl->{$path})) { - $perm = {}; - foreach my $p (sort keys %$acl) { - my $final = ($path eq $p); - - next if !(($p eq '/') || $final || ($path =~ m|^$p/|)); + my $perm = $acl->{privs}->{$path}; + return $perm if $perm; - $perm = $acl->{$p}; - } - $acl->{$path} = $perm; - } - - return $perm; + return &$compile_acl_path($self, $user, $path); } sub check { - my ($self, $user, $path, $privs) = @_; + my ($self, $user, $path, $privs, $noerr) = @_; my $perm = $self->permissions($user, $path); foreach my $priv (@$privs) { - return undef if !$perm->{$priv}; + PVE::AccessControl::verify_privname($priv); + if (!$perm->{$priv}) { + return undef if $noerr; + raise_perm_exc("$path, $priv"); + } }; return 1; }; -sub user_enabled { - my ($self, $user) = @_; - - my $cfg = $self->{user_cfg}; - return PVE::AccessControl::user_enabled($cfg, $user); -} - -# initialize environment - must be called once at program startup -sub init { - my ($class, $type, %params) = @_; - - $class = ref($class) || $class; +sub check_any { + my ($self, $user, $path, $privs, $noerr) = @_; - die "already initialized" if $pve_env; - - die "unknown environment type" if !$type || $type !~ m/^(cli|pub|priv|ha)$/; - - $SIG{CHLD} = $worker_reaper; - - # environment types - # cli ... command started fron command line - # pub ... access from public server (apache) - # priv ... access from private server (pvedaemon) - # ha ... access from HA resource manager agent (rgmanager) - - my $self = { - user_cfg => {}, - aclcache => {}, - aclversion => undef, - type => $type, - }; - - bless $self, $class; + my $perm = $self->permissions($user, $path); - foreach my $p (keys %params) { - if ($p eq 'atfork') { - $self->{$p} = $params{$p}; - } else { - die "unknown option '$p'"; + my $found = 0; + foreach my $priv (@$privs) { + PVE::AccessControl::verify_privname($priv); + if ($perm->{$priv}) { + $found = 1; + last; } - } - - $pve_env = $self; - - my ($sysname, $nodename) = POSIX::uname(); - - $nodename =~ s/\..*$//; # strip domain part, if any - - $self->{nodename} = $nodename; + }; - return $self; -}; + return 1 if $found; -# get the singleton -sub get { + return undef if $noerr; - die "not initialized" if !$pve_env; + raise_perm_exc("$path, " . join("|", @$privs)); +}; - return $pve_env; +sub check_full { + my ($self, $username, $path, $privs, $any, $noerr) = @_; + if ($any) { + return $self->check_any($username, $path, $privs, $noerr); + } else { + return $self->check($username, $path, $privs, $noerr); + } } -sub parse_params { - my ($self, $enable_upload) = @_; +sub check_user_enabled { + my ($self, $user, $noerr) = @_; - if ($self->{request_rec}) { - my $cgi; - if ($enable_upload) { - $cgi = CGI->new($self->{request_rec}); - } else { - # disable upload using empty upload_hook - $cgi = CGI->new($self->{request_rec}, sub {}, undef, 0); - } - $self->{cgi} = $cgi; - my $params = $cgi->Vars(); - return $params; - } elsif ($self->{params}) { - return $self->{params}; - } else { - die "no parameters registered"; - } + my $cfg = $self->{user_cfg}; + return PVE::AccessControl::check_user_enabled($cfg, $user, $noerr); } -sub get_upload_info { - my ($self, $param) = @_; +sub check_user_exist { + my ($self, $user, $noerr) = @_; - my $cgi = $self->{cgi}; - die "CGI not initialized" if !$cgi; + my $cfg = $self->{user_cfg}; + return PVE::AccessControl::check_user_exist($cfg, $user, $noerr); +} - my $pd = $cgi->param($param); - die "unable to get cgi parameter info\n" if !$pd; - my $info = $cgi->uploadInfo($pd); - die "unable to get cgi upload info\n" if !$info; +sub check_pool_exist { + my ($self, $pool, $noerr) = @_; - my $res = { %$info }; + my $cfg = $self->{user_cfg}; - my $tmpfilename = $cgi->tmpFileName($pd); - die "unable to get cgi upload file name\n" if !$tmpfilename; - $res->{tmpfilename} = $tmpfilename; + return 1 if $cfg->{pools}->{$pool}; - #my $hndl = $cgi->upload($param); - #die "unable to get cgi upload handle\n" if !$hndl; - #$res->{handle} = $hndl->handle; + return undef if $noerr; - return $res; + raise_perm_exc("pool '$pool' does not exist"); } -# init_request - must be called before each RPC request -sub init_request { - my ($self, %params) = @_; - - PVE::Cluster::cfs_update(); +sub check_vm_perm { + my ($self, $user, $vmid, $pool, $privs, $any, $noerr) = @_; - my $userconfig; # we use this for regression tests - foreach my $p (keys %params) { - if ($p eq 'userconfig') { - $userconfig = $params{$p}; - } elsif ($p eq 'request_rec') { - # pass Apache2::RequestRec - $self->{request_rec} = $params{$p}; - } elsif ($p eq 'params') { - $self->{params} = $params{$p}; - } else { - die "unknown parameter '$p'"; - } - } + my $cfg = $self->{user_cfg}; - eval { - $self->{aclcache} = {}; - if ($userconfig) { - my $ucdata = PVE::Tools::file_get_contents($userconfig); - my $cfg = PVE::AccessControl::parse_user_config($userconfig, $ucdata); - $self->{user_cfg} = $cfg; - } else { - my $ucvers = PVE::Cluster::cfs_file_version('user.cfg'); - if (!$self->{aclcache} || !defined($self->{aclversion}) || - !defined($ucvers) || ($ucvers ne $self->{aclversion})) { - $self->{aclversion} = $ucvers; - my $cfg = PVE::Cluster::cfs_read_file('user.cfg'); - $self->{user_cfg} = $cfg; - } - } - }; - if (my $err = $@) { - $self->{user_cfg} = {}; - die "Unable to load access control list: $err"; + if ($pool) { + return if $self->check_full($user, "/pool/$pool", $privs, $any, 1); } -} + return $self->check_full($user, "/vms/$vmid", $privs, $any, $noerr); +}; -sub set_client_ip { - my ($self, $ip) = @_; +sub is_group_member { + my ($self, $group, $user) = @_; - $self->{client_ip} = $ip; -} + my $cfg = $self->{user_cfg}; -sub get_client_ip { - my ($self) = @_; + return 0 if !$cfg->{groups}->{$group}; - return $self->{client_ip}; + return defined($cfg->{groups}->{$group}->{users}->{$user}); } -sub set_result_count { - my ($self, $count) = @_; +sub filter_groups { + my ($self, $user, $privs, $any) = @_; - $self->{result_count} = $count; -} + my $cfg = $self->{user_cfg}; -sub get_result_count { - my ($self) = @_; + my $groups = {}; + foreach my $group (keys %{$cfg->{groups}}) { + my $path = "/access/groups/$group"; + if ($self->check_full($user, $path, $privs, $any, 1)) { + $groups->{$group} = $cfg->{groups}->{$group}; + } + } - return $self->{result_count}; + return $groups; } -sub set_language { - my ($self, $lang) = @_; - - # fixme: initialize I18N +sub group_member_join { + my ($self, $grouplist) = @_; - $self->{language} = $lang; -} + my $users = {}; -sub get_language { - my ($self) = @_; + my $cfg = $self->{user_cfg}; + foreach my $group (@$grouplist) { + my $data = $cfg->{groups}->{$group}; + next if !$data; + foreach my $user (keys %{$data->{users}}) { + $users->{$user} = 1; + } + } - return $self->{language}; + return $users; } -sub set_user { - my ($self, $user) = @_; +sub check_perm_modify { + my ($self, $username, $path, $noerr) = @_; - # fixme: get ACLs + return $self->check($username, '/access', [ 'Permissions.Modify' ], $noerr) if !$path; - $self->{user} = $user; -} - -sub get_user { - my ($self) = @_; - - die "user name not set\n" if !$self->{user}; + my $testperms = [ 'Permissions.Modify' ]; + if ($path =~ m|^/storage/.+$|) { + push @$testperms, 'Datastore.Allocate'; + } elsif ($path =~ m|^/vms/.+$|) { + push @$testperms, 'VM.Allocate'; + } elsif ($path =~ m|^/pool/.+$|) { + push @$testperms, 'Pool.Allocate'; + } - return $self->{user}; + return $self->check_any($username, $path, $testperms, $noerr); } -# read/update list of active workers -# we move all finished tasks to the archive index, -# but keep aktive and most recent task in the active file. -# $nocheck ... consider $new_upid still running (avoid that -# we try to read the reult to early. -sub active_workers { - my ($new_upid, $nocheck) = @_; +sub exec_api2_perm_check { + my ($self, $check, $username, $param, $noerr) = @_; - my $lkfn = "/var/log/pve/tasks/.active.lock"; + # syslog("info", "CHECK " . join(', ', @$check)); - my $timeout = 10; - - my $code = sub { - - my $tasklist = PVE::INotify::read_file('active'); - - my @ta; - my $tlist = []; - my $thash = {}; # only list task once - - my $check_task = sub { - my ($task, $running) = @_; - - if ($running || PVE::ProcFSTools::check_process_running($task->{pid}, $task->{pstart})) { - push @$tlist, $task; - } else { - delete $task->{pid}; - push @ta, $task; - } - delete $task->{pstart}; - }; - - foreach my $task (@$tasklist) { - my $upid = $task->{upid}; - next if $thash->{$upid}; - $thash->{$upid} = $task; - &$check_task($task); - } + my $ind = 0; + my $test = $check->[$ind++]; + die "no permission test specified" if !$test; - if ($new_upid && !(my $task = $thash->{$new_upid})) { - $task = PVE::Tools::upid_decode($new_upid); - $task->{upid} = $new_upid; - $thash->{$new_upid} = $task; - &$check_task($task, $nocheck); + if ($test eq 'and') { + while (my $subcheck = $check->[$ind++]) { + $self->exec_api2_perm_check($subcheck, $username, $param); } - - - @ta = sort { $b->{starttime} cmp $a->{starttime} } @ta; - - my $save = defined($new_upid); - - foreach my $task (@ta) { - next if $task->{endtime}; - $task->{endtime} = time(); - $task->{status} = PVE::Tools::upid_read_status($task->{upid}); - $save = 1; + return 1; + } elsif ($test eq 'or') { + while (my $subcheck = $check->[$ind++]) { + return 1 if $self->exec_api2_perm_check($subcheck, $username, $param, 1); } - - my $archive = ''; - my @arlist = (); - foreach my $task (@ta) { - if (!$task->{saved}) { - $archive .= sprintf("$task->{upid} %08X $task->{status}\n", $task->{endtime}); - $save = 1; - push @arlist, $task; - $task->{saved} = 1; - } + return 0 if $noerr; + raise_perm_exc(); + } elsif ($test eq 'perm') { + my ($t, $tmplpath, $privs, %options) = @$check; + my $any = $options{any}; + die "missing parameters" if !($tmplpath && $privs); + my $require_param = $options{require_param}; + if ($require_param && !defined($param->{$require_param})) { + return 0 if $noerr; + raise_perm_exc(); } - - if ($archive) { - my $size = 0; - my $filename = "/var/log/pve/tasks/index"; - eval { - my $fh = IO::File->new($filename, '>>', 0644) || - die "unable to open file '$filename' - $!\n"; - PVE::Tools::safe_print($filename, $fh, $archive); - $size = -s $fh; - close($fh) || - die "unable to close file '$filename' - $!\n"; - }; - my $err = $@; - if ($err) { - syslog('err', $err); - foreach my $task (@arlist) { # mark as not saved - $task->{saved} = 0; + my $path = PVE::Tools::template_replace($tmplpath, $param); + $path = PVE::AccessControl::normalize_path($path); + return $self->check_full($username, $path, $privs, $any, $noerr); + } elsif ($test eq 'userid-group') { + my $userid = $param->{userid}; + my ($t, $privs, %options) = @$check; + return 0 if !$options{groups_param} && !$self->check_user_exist($userid, $noerr); + if (!$self->check_any($username, "/access/groups", $privs, 1)) { + my $groups = $self->filter_groups($username, $privs, 1); + if ($options{groups_param}) { + my @group_param = PVE::Tools::split_list($param->{groups}); + raise_perm_exc("/access/groups, " . join("|", @$privs)) if !scalar(@group_param); + foreach my $pg (@group_param) { + raise_perm_exc("/access/groups/$pg, " . join("|", @$privs)) + if !$groups->{$pg}; + } + } else { + my $allowed_users = $self->group_member_join([keys %$groups]); + if (!$allowed_users->{$userid}) { + return 0 if $noerr; + raise_perm_exc(); } - } - my $maxsize = 50000; # about 1000 entries - if ($size > $maxsize) { - rename($filename, "$filename.1"); } } - - # we try to reduce the amount of data - # list all running tasks and task and a few others - # try to limit to 25 tasks - my $ctime = time(); - my $max = 25 - scalar(@$tlist); - foreach my $task (@ta) { - last if $max <= 0; - push @$tlist, $task; - $max--; + return 1; + } elsif ($test eq 'userid-param') { + my ($userid, undef, $realm) = PVE::AccessControl::verify_username($param->{userid}); + my ($t, $subtest) = @$check; + die "missing parameters" if !$subtest; + if ($subtest eq 'self') { + return 0 if !$self->check_user_exist($userid, $noerr); + return 1 if $username eq $userid; + return 0 if $noerr; + raise_perm_exc(); + } elsif ($subtest eq 'Realm.AllocateUser') { + my $path = "/access/realm/$realm"; + return $self->check($username, $path, ['Realm.AllocateUser'], $noerr); + } else { + die "unknown userid-param test"; } - - PVE::INotify::write_file('active', $tlist) if $save; - - return $tlist; - }; - - my $res = PVE::Tools::lock_file($lkfn, $timeout, $code); - die $@ if $@; - - return $res; -} - -my $kill_process_group = sub { - my ($pid, $pstart) = @_; - - # send kill to process group (negative pid) - my $kpid = -$pid; - - # always send signal to all pgrp members - kill(15, $kpid); # send TERM signal - - # give max 5 seconds to shut down - for (my $i = 0; $i < 5; $i++) { - return if !PVE::ProcFSTools::check_process_running($pid, $pstart); - sleep (1); + } elsif ($test eq 'perm-modify') { + my ($t, $tmplpath) = @$check; + my $path = PVE::Tools::template_replace($tmplpath, $param); + $path = PVE::AccessControl::normalize_path($path); + return $self->check_perm_modify($username, $path, $noerr); + } else { + die "unknown permission test"; } - - # to be sure - kill(9, $kpid); }; -sub check_worker { - my ($upid, $killit) = @_; - - my $task = PVE::Tools::upid_decode($upid); - - my $running = PVE::ProcFSTools::check_process_running($task->{pid}, $task->{pstart}); - - return 0 if !$running; - - if ($killit) { - &$kill_process_group($task->{pid}); - return 0; - } - - return 1; -} - -# start long running workers -# STDIN is redirected to /dev/null -# STDOUT,STDERR are redirected to the filename returned by upid_decode -# NOTE: we simulate running in foreground if ($self->{type} eq 'cli') -sub fork_worker { - my ($self, $dtype, $id, $user, $function) = @_; - - $dtype = 'unknown' if !defined ($dtype); - $id = '' if !defined ($id); +sub check_api2_permissions { + my ($self, $perm, $username, $param) = @_; - $user = 'root@pve' if !defined ($user); + return 1 if !$username && $perm->{user} eq 'world'; - my $sync = $self->{type} eq 'cli' ? 1 : 0; + raise_perm_exc("user != null") if !$username; - local $SIG{INT} = - local $SIG{QUIT} = - local $SIG{PIPE} = - local $SIG{TERM} = 'IGNORE'; + return 1 if $username eq 'root@pam'; - my $starttime = time (); + raise_perm_exc('user != root@pam') if !$perm; - my @psync = POSIX::pipe(); - my @csync = POSIX::pipe(); + return 1 if $perm->{user} && $perm->{user} eq 'all'; - my $node = $self->{nodename}; + return $self->exec_api2_perm_check($perm->{check}, $username, $param) + if $perm->{check}; - my $cpid = fork(); - die "unable to fork worker - $!" if !defined($cpid); - - my $workerpuid = $cpid ? $cpid : $$; - - my $pstart = PVE::ProcFSTools::read_proc_starttime($workerpuid) || - die "unable to read process start time"; - - my $upid = PVE::Tools::upid_encode ({ - node => $node, pid => $workerpuid, pstart => $pstart, - starttime => $starttime, type => $dtype, id => $id, user => $user }); - - my $outfh; - - if (!$cpid) { # child - - $0 = "task $upid"; + raise_perm_exc(); +} - $SIG{INT} = $SIG{QUIT} = $SIG{TERM} = sub { die "received interrupt\n"; }; +sub log_cluster_msg { + my ($self, $pri, $user, $msg) = @_; - $SIG{CHLD} = $SIG{PIPE} = 'DEFAULT'; + PVE::Cluster::log_msg($pri, $user, $msg); +} - # set sess/process group - we want to be able to kill the - # whole process group - POSIX::setsid(); +sub broadcast_tasklist { + my ($self, $tlist) = @_; - POSIX::close ($psync[0]); - POSIX::close ($csync[1]); + PVE::Cluster::broadcast_tasklist($tlist); +} - $outfh = $sync ? $psync[1] : undef; +# initialize environment - must be called once at program startup +sub init { + my ($class, $type, %params) = @_; - eval { - PVE::INotify::inotify_close(); + $class = ref($class) || $class; - if (my $atfork = $self->{atfork}) { - &$atfork(); - } + my $self = $class->SUPER::init($type, %params); - # same algorythm as used inside SA - # STDIN = /dev/null - my $fd = fileno (STDIN); + $self->{user_cfg} = {}; + $self->{aclcache} = {}; + $self->{aclversion} = undef; - if (!$sync) { - close STDIN; - POSIX::close(0) if $fd != 0; + return $self; +}; - die "unable to redirect STDIN - $!" - if !open(STDIN, "&", $outfh); - - STDOUT->autoflush (1); - - # redirect STDERR to STDOUT - $fd = fileno (STDERR); - close STDERR; - POSIX::close(2) if $fd != 2; - - die "unable to redirect STDERR - $!" - if !open(STDERR, ">&1"); - - STDERR->autoflush(1); - }; - if (my $err = $@) { - my $msg = "ERROR: $err"; - POSIX::write($psync[1], $msg, length ($msg)); - POSIX::close($psync[1]); - POSIX::_exit(1); - kill(-9, $$); - } + $self->{result_attributes} = {}; - # sync with parent (signal that we are ready) - if ($sync) { - print "$upid\n"; + my $userconfig; # we use this for regression tests + foreach my $p (keys %params) { + if ($p eq 'userconfig') { + $userconfig = $params{$p}; } else { - POSIX::write($psync[1], $upid, length ($upid)); - POSIX::close($psync[1]); - } - - my $readbuf = ''; - # sync with parent (wait until parent is ready) - POSIX::read($csync[0], $readbuf, 4096); - die "parent setup error\n" if $readbuf ne 'OK'; - - if ($self->{type} eq 'ha') { - print "task started by HA resource agent\n"; + die "unknown parameter '$p'"; } - eval { &$function($upid); }; - my $err = $@; - if ($err) { - chomp $err; - $err =~ s/\n/ /mg; - syslog('err', $err); - print STDERR "TASK ERROR: $err\n"; - POSIX::_exit(-1); - } else { - print STDERR "TASK OK\n"; - POSIX::_exit(0); - } - kill(-9, $$); - } - - # parent - - POSIX::close ($psync[1]); - POSIX::close ($csync[0]); - - my $readbuf = ''; - # sync with child (wait until child starts) - POSIX::read($psync[0], $readbuf, 4096); - - if (!$sync) { - POSIX::close($psync[0]); - &$register_worker($cpid, $user, $upid); - } else { - chomp $readbuf; } eval { - die "got no worker upid - start worker failed\n" if !$readbuf; - - if ($readbuf =~ m/^ERROR:\s*(.+)$/m) { - die "starting worker failed: $1\n"; - } - - if ($readbuf ne $upid) { - die "got strange worker upid ('$readbuf' != '$upid') - start worker failed\n"; - } - - if ($sync) { - $outfh = PVE::Tools::upid_open($upid); + $self->{aclcache} = {}; + if ($userconfig) { + my $ucdata = PVE::Tools::file_get_contents($userconfig); + my $cfg = PVE::AccessControl::parse_user_config($userconfig, $ucdata); + $self->{user_cfg} = $cfg; + } else { + my $ucvers = PVE::Cluster::cfs_file_version('user.cfg'); + if (!$self->{aclcache} || !defined($self->{aclversion}) || + !defined($ucvers) || ($ucvers ne $self->{aclversion})) { + $self->{aclversion} = $ucvers; + my $cfg = PVE::Cluster::cfs_read_file('user.cfg'); + $self->{user_cfg} = $cfg; + } } }; - my $err = $@; - - if (!$err) { - my $msg = 'OK'; - POSIX::write($csync[1], $msg, length ($msg)); - POSIX::close($csync[1]); - - } else { - POSIX::close($csync[1]); - kill(-9, $cpid); # make sure it gets killed - die $err; + if (my $err = $@) { + $self->{user_cfg} = {}; + die "Unable to load access control list: $err"; } +} - PVE::Cluster::log_msg('info', $user, "starting task $upid"); - - my $tlist = active_workers($upid, $sync); - PVE::Cluster::broadcast_tasklist($tlist); - - my $res = 0; - - if ($sync) { - my $count; - my $outbuf = ''; - my $int_count = 0; - eval { - local $SIG{INT} = local $SIG{QUIT} = local $SIG{TERM} = sub { - # always send signal to all pgrp members - my $kpid = -$cpid; - if ($int_count < 3) { - kill(15, $kpid); # send TERM signal - } else { - kill(9, $kpid); # send KILL signal - } - $int_count++; - }; - local $SIG{PIPE} = sub { die "broken pipe\n"; }; - - my $select = new IO::Select; - my $fh = IO::Handle->new_from_fd($psync[0], 'r'); - $select->add($fh); - - while ($select->count) { - my @handles = $select->can_read(1); - if (scalar(@handles)) { - my $count = sysread ($handles[0], $readbuf, 4096); - if (!defined ($count)) { - my $err = $!; - die "sync pipe read error: $err\n"; - } - last if $count == 0; # eof - - $outbuf .= $readbuf; - while ($outbuf =~ s/^(([^\010\r\n]*)(\r|\n|(\010)+|\r\n))//s) { - my $line = $1; - my $data = $2; - if ($data =~ m/^TASK OK$/) { - # skip - } elsif ($data =~ m/^TASK ERROR: (.+)$/) { - print STDERR "$1\n"; - } else { - print $line; - } - if ($outfh) { - print $outfh $line; - $outfh->flush(); - } - } - } else { - # some commands daemonize without closing stdout - last if !PVE::ProcFSTools::check_process_running($cpid); - } - } - }; - my $err = $@; - - POSIX::close($psync[0]); - - if ($outbuf) { # just to be sure - print $outbuf; - if ($outfh) { - print $outfh $outbuf; - } - } - - if ($err) { - $err =~ s/\n/ /mg; - print STDERR "$err\n"; - if ($outfh) { - print $outfh "TASK ERROR: $err\n"; - } - } - - &$kill_process_group($cpid, $pstart); # make sure it gets killed - - close($outfh); +# hacks: to provide better backwards compatibiliy - waitpid($cpid, 0); - $res = $?; - &$log_task_result($upid, $user, $res); - } +# old code uses PVE::RPCEnvironment::get(); +# new code should use PVE::RPCEnvironment->get(); +sub get { + return PVE::RESTEnvironment->get(); +} - return wantarray ? ($upid, $res) : $upid; +# old code uses PVE::RPCEnvironment::is_worker(); +# new code should use PVE::RPCEnvironment->is_worker(); +sub is_worker { + return PVE::RESTEnvironment->is_worker(); } 1;