]>
Commit | Line | Data |
---|---|---|
e143e9d8 DM |
1 | package PVE::Tools; |
2 | ||
3 | use strict; | |
c36f332e | 4 | use warnings; |
dc4bc969 | 5 | |
2531c455 TL |
6 | use Date::Format qw(time2str); |
7 | use Digest::MD5; | |
8 | use Digest::SHA; | |
9 | use Encode; | |
10 | use Fcntl qw(:DEFAULT :flock); | |
e143e9d8 DM |
11 | use File::Basename; |
12 | use File::Path qw(make_path); | |
97c8c857 | 13 | use Filesys::Df (); # don't overwrite our df() |
7eb283fb | 14 | use IO::Dir; |
2531c455 | 15 | use IO::File; |
21c56a96 | 16 | use IO::Handle; |
2531c455 TL |
17 | use IO::Pipe; |
18 | use IO::Select; | |
19 | use IO::Socket::IP; | |
e143e9d8 | 20 | use IPC::Open3; |
f2c72fc3 | 21 | use JSON; |
2531c455 TL |
22 | use POSIX qw(EINTR EEXIST EOPNOTSUPP); |
23 | use Scalar::Util 'weaken'; | |
24 | use Socket qw(AF_INET AF_INET6 AI_ALL AI_V4MAPPED AI_CANONNAME SOCK_DGRAM IPPROTO_TCP); | |
7514b23a | 25 | use String::ShellQuote; |
2531c455 | 26 | use Text::ParseWords; |
c38cea65 | 27 | use Time::HiRes qw(usleep gettimeofday tv_interval alarm); |
2531c455 TL |
28 | use URI::Escape; |
29 | use base 'Exporter'; | |
b18826ce | 30 | |
c8e94d4b | 31 | use PVE::Syscall; |
e143e9d8 | 32 | |
57eeea0c DM |
33 | # avoid warning when parsing long hex values with hex() |
34 | no warnings 'portable'; # Support for 64-bit ints required | |
35 | ||
e143e9d8 | 36 | our @EXPORT_OK = qw( |
602ec0cd DM |
37 | $IPV6RE |
38 | $IPV4RE | |
813a5c0d | 39 | lock_file |
493004a2 | 40 | lock_file_full |
813a5c0d DC |
41 | run_command |
42 | file_set_contents | |
e143e9d8 DM |
43 | file_get_contents |
44 | file_read_firstline | |
7eb283fb DM |
45 | dir_glob_regex |
46 | dir_glob_foreach | |
e143e9d8 DM |
47 | split_list |
48 | template_replace | |
49 | safe_print | |
50 | trim | |
51 | extract_param | |
40682a69 | 52 | extract_sensitive_params |
23e0e0d7 | 53 | file_copy |
ce007e99 | 54 | get_host_arch |
c0647765 WB |
55 | O_PATH |
56 | O_TMPFILE | |
1b0bc6c0 WB |
57 | AT_EMPTY_PATH |
58 | AT_FDCWD | |
59 | CLONE_NEWNS | |
60 | CLONE_NEWUTS | |
61 | CLONE_NEWIPC | |
62 | CLONE_NEWUSER | |
63 | CLONE_NEWPID | |
64 | CLONE_NEWNET | |
fe468fad FS |
65 | MS_RDONLY |
66 | MS_NOSUID | |
67 | MS_NODEV | |
68 | MS_NOEXEC | |
69 | MS_SYNCHRONOUS | |
70 | MS_REMOUNT | |
71 | MS_MANDLOCK | |
72 | MS_DIRSYNC | |
73 | MS_NOSYMFOLLOW | |
74 | MS_NOATIME | |
75 | MS_NODIRATIME | |
76 | MS_BIND | |
77 | MS_MOVE | |
78 | MS_REC | |
e143e9d8 DM |
79 | ); |
80 | ||
81 | my $pvelogdir = "/var/log/pve"; | |
82 | my $pvetaskdir = "$pvelogdir/tasks"; | |
83 | ||
84 | mkdir $pvelogdir; | |
85 | mkdir $pvetaskdir; | |
86 | ||
cd9bd252 | 87 | my $IPV4OCTET = "(?:25[0-5]|(?:2[0-4]|1[0-9]|[1-9])?[0-9])"; |
602ec0cd DM |
88 | our $IPV4RE = "(?:(?:$IPV4OCTET\\.){3}$IPV4OCTET)"; |
89 | my $IPV6H16 = "(?:[0-9a-fA-F]{1,4})"; | |
90 | my $IPV6LS32 = "(?:(?:$IPV4RE|$IPV6H16:$IPV6H16))"; | |
91 | ||
92 | our $IPV6RE = "(?:" . | |
93 | "(?:(?:" . "(?:$IPV6H16:){6})$IPV6LS32)|" . | |
94 | "(?:(?:" . "::(?:$IPV6H16:){5})$IPV6LS32)|" . | |
95 | "(?:(?:(?:" . "$IPV6H16)?::(?:$IPV6H16:){4})$IPV6LS32)|" . | |
96 | "(?:(?:(?:(?:$IPV6H16:){0,1}$IPV6H16)?::(?:$IPV6H16:){3})$IPV6LS32)|" . | |
97 | "(?:(?:(?:(?:$IPV6H16:){0,2}$IPV6H16)?::(?:$IPV6H16:){2})$IPV6LS32)|" . | |
98 | "(?:(?:(?:(?:$IPV6H16:){0,3}$IPV6H16)?::(?:$IPV6H16:){1})$IPV6LS32)|" . | |
99 | "(?:(?:(?:(?:$IPV6H16:){0,4}$IPV6H16)?::" . ")$IPV6LS32)|" . | |
100 | "(?:(?:(?:(?:$IPV6H16:){0,5}$IPV6H16)?::" . ")$IPV6H16)|" . | |
101 | "(?:(?:(?:(?:$IPV6H16:){0,6}$IPV6H16)?::" . ")))"; | |
102 | ||
176b1186 WB |
103 | our $IPRE = "(?:$IPV4RE|$IPV6RE)"; |
104 | ||
4c4bd104 FE |
105 | our $EMAIL_USER_RE = qr/[\w\+\-\~]+(\.[\w\+\-\~]+)*/; |
106 | our $EMAIL_RE = qr/$EMAIL_USER_RE@[a-zA-Z0-9\-]+(\.[a-zA-Z0-9\-]+)*/; | |
107 | ||
be8f0477 | 108 | use constant {CLONE_NEWNS => 0x00020000, |
952fd95e WB |
109 | CLONE_NEWUTS => 0x04000000, |
110 | CLONE_NEWIPC => 0x08000000, | |
111 | CLONE_NEWUSER => 0x10000000, | |
112 | CLONE_NEWPID => 0x20000000, | |
be8f0477 | 113 | CLONE_NEWNET => 0x40000000}; |
952fd95e | 114 | |
26598a51 | 115 | use constant {O_PATH => 0x00200000, |
b260d4e3 | 116 | O_CLOEXEC => 0x00080000, |
4cb946a8 | 117 | O_TMPFILE => 0x00400000 | O_DIRECTORY}; |
44acb12c | 118 | |
1b0bc6c0 WB |
119 | use constant {AT_EMPTY_PATH => 0x1000, |
120 | AT_FDCWD => -100}; | |
6cf6b404 | 121 | |
bd9eb367 WB |
122 | # from <linux/fs.h> |
123 | use constant {RENAME_NOREPLACE => (1 << 0), | |
124 | RENAME_EXCHANGE => (1 << 1), | |
125 | RENAME_WHITEOUT => (1 << 2)}; | |
126 | ||
fe468fad FS |
127 | use constant { |
128 | MS_RDONLY => (1), | |
129 | MS_NOSUID => (1 << 1), | |
130 | MS_NODEV => (1 << 2), | |
131 | MS_NOEXEC => (1 << 3), | |
132 | MS_SYNCHRONOUS => (1 << 4), | |
133 | MS_REMOUNT => (1 << 5), | |
134 | MS_MANDLOCK => (1 << 6), | |
135 | MS_DIRSYNC => (1 << 7), | |
136 | MS_NOSYMFOLLOW => (1 << 8), | |
137 | MS_NOATIME => (1 << 10), | |
138 | MS_NODIRATIME => (1 << 11), | |
139 | MS_BIND => (1 << 12), | |
140 | MS_MOVE => (1 << 13), | |
141 | MS_REC => (1 << 14), | |
142 | }; | |
143 | ||
0f0990f1 DM |
144 | sub run_with_timeout { |
145 | my ($timeout, $code, @param) = @_; | |
e143e9d8 | 146 | |
0f0990f1 | 147 | die "got timeout\n" if $timeout <= 0; |
e143e9d8 | 148 | |
c38cea65 | 149 | my $prev_alarm = alarm 0; # suspend outer alarm early |
0f0990f1 DM |
150 | |
151 | my $sigcount = 0; | |
a6aa0ae9 | 152 | my $got_timeout = 0; |
e143e9d8 DM |
153 | |
154 | my $res; | |
155 | ||
e143e9d8 | 156 | eval { |
a6aa0ae9 | 157 | local $SIG{ALRM} = sub { $sigcount++; $got_timeout = 1; die "got timeout\n"; }; |
0f0990f1 DM |
158 | local $SIG{PIPE} = sub { $sigcount++; die "broken pipe\n" }; |
159 | local $SIG{__DIE__}; # see SA bug 4631 | |
e143e9d8 | 160 | |
c38cea65 | 161 | alarm($timeout); |
e143e9d8 | 162 | |
c38cea65 | 163 | eval { $res = &$code(@param); }; |
0f0990f1 DM |
164 | |
165 | alarm(0); # avoid race conditions | |
c38cea65 WB |
166 | |
167 | die $@ if $@; | |
0f0990f1 DM |
168 | }; |
169 | ||
170 | my $err = $@; | |
171 | ||
c38cea65 | 172 | alarm $prev_alarm; |
0f0990f1 | 173 | |
c38cea65 | 174 | # this shouldn't happen anymore? |
0f0990f1 DM |
175 | die "unknown error" if $sigcount && !$err; # seems to happen sometimes |
176 | ||
eac8b4b8 FE |
177 | # assume that user handles timeout err if called in list context |
178 | die $err if $err && (!wantarray || !$got_timeout); | |
0f0990f1 | 179 | |
a6aa0ae9 | 180 | return wantarray ? ($res, $got_timeout) : $res; |
0f0990f1 | 181 | } |
e143e9d8 | 182 | |
0f0990f1 | 183 | # flock: we use one file handle per process, so lock file |
d9f86d0d WB |
184 | # can be nested multiple times and succeeds for the same process. |
185 | # | |
186 | # Since this is the only way we lock now and we don't have the old | |
187 | # 'lock(); code(); unlock();' pattern anymore we do not actually need to | |
188 | # count how deep we're nesting. Therefore this hash now stores a weak reference | |
189 | # to a boolean telling us whether we already have a lock. | |
0f0990f1 DM |
190 | |
191 | my $lock_handles = {}; | |
192 | ||
493004a2 DM |
193 | sub lock_file_full { |
194 | my ($filename, $timeout, $shared, $code, @param) = @_; | |
0f0990f1 DM |
195 | |
196 | $timeout = 10 if !$timeout; | |
197 | ||
493004a2 DM |
198 | my $mode = $shared ? LOCK_SH : LOCK_EX; |
199 | ||
d9f86d0d | 200 | my $lockhash = ($lock_handles->{$$} //= {}); |
e143e9d8 | 201 | |
d9f86d0d WB |
202 | # Returns a locked file handle. |
203 | my $get_locked_file = sub { | |
204 | my $fh = IO::File->new(">>$filename") | |
205 | or die "can't open file - $!\n"; | |
206 | ||
207 | if (!flock($fh, $mode|LOCK_NB)) { | |
91bae4c0 | 208 | print STDERR "trying to acquire lock...\n"; |
b5d12b08 DM |
209 | my $success; |
210 | while(1) { | |
d9f86d0d | 211 | $success = flock($fh, $mode); |
b5d12b08 DM |
212 | # try again on EINTR (see bug #273) |
213 | if ($success || ($! != EINTR)) { | |
214 | last; | |
215 | } | |
216 | } | |
d9f86d0d WB |
217 | if (!$success) { |
218 | print STDERR " failed\n"; | |
219 | die "can't acquire lock '$filename' - $!\n"; | |
220 | } | |
221 | print STDERR " OK\n"; | |
222 | } | |
223 | ||
224 | return $fh; | |
e143e9d8 DM |
225 | }; |
226 | ||
0f0990f1 | 227 | my $res; |
d9f86d0d WB |
228 | my $checkptr = $lockhash->{$filename}; |
229 | my $check = 0; # This must not go out of scope before running the code. | |
230 | my $local_fh; # This must stay local | |
231 | if (!$checkptr || !$$checkptr) { | |
232 | # We cannot create a weak reference in a single atomic step, so we first | |
233 | # create a false-value, then create a reference to it, then weaken it, | |
234 | # and after successfully locking the file we change the boolean value. | |
235 | # | |
236 | # The reason for this is that if an outer SIGALRM throws an exception | |
237 | # between creating the reference and weakening it, a subsequent call to | |
238 | # lock_file_full() will see a leftover full reference to a valid | |
239 | # variable. This variable must be 0 in order for said call to attempt to | |
240 | # lock the file anew. | |
241 | # | |
242 | # An externally triggered exception elsewhere in the code will cause the | |
243 | # weak reference to become 'undef', and since the file handle is only | |
244 | # stored in the local scope in $local_fh, the file will be closed by | |
245 | # perl's cleanup routines as well. | |
246 | # | |
247 | # This still assumes that an IO::File handle can properly deal with such | |
248 | # exceptions thrown during its own destruction, but that's up to perls | |
249 | # guts now. | |
250 | $lockhash->{$filename} = \$check; | |
251 | weaken $lockhash->{$filename}; | |
252 | $local_fh = eval { run_with_timeout($timeout, $get_locked_file) }; | |
253 | if ($@) { | |
254 | $@ = "can't lock file '$filename' - $@"; | |
255 | return undef; | |
f127adab | 256 | } |
d9f86d0d | 257 | $check = 1; |
e143e9d8 | 258 | } |
d9f86d0d WB |
259 | $res = eval { &$code(@param); }; |
260 | return undef if $@; | |
e143e9d8 DM |
261 | return $res; |
262 | } | |
263 | ||
493004a2 DM |
264 | |
265 | sub lock_file { | |
266 | my ($filename, $timeout, $code, @param) = @_; | |
267 | ||
268 | return lock_file_full($filename, $timeout, 0, $code, @param); | |
269 | } | |
270 | ||
e143e9d8 | 271 | sub file_set_contents { |
2943910e | 272 | my ($filename, $data, $perm, $force_utf8) = @_; |
e143e9d8 DM |
273 | |
274 | $perm = 0644 if !defined($perm); | |
275 | ||
276 | my $tmpname = "$filename.tmp.$$"; | |
277 | ||
278 | eval { | |
ce338f4f WB |
279 | my ($fh, $tries) = (undef, 0); |
280 | while (!$fh && $tries++ < 3) { | |
281 | $fh = IO::File->new($tmpname, O_WRONLY|O_CREAT|O_EXCL, $perm); | |
282 | if (!$fh && $! == EEXIST) { | |
283 | unlink($tmpname) or die "unable to delete old temp file: $!\n"; | |
284 | } | |
285 | } | |
e143e9d8 | 286 | die "unable to open file '$tmpname' - $!\n" if !$fh; |
2943910e LW |
287 | |
288 | binmode($fh, ":encoding(UTF-8)") if $force_utf8; | |
289 | ||
e143e9d8 DM |
290 | die "unable to write '$tmpname' - $!\n" unless print $fh $data; |
291 | die "closing file '$tmpname' failed - $!\n" unless close $fh; | |
292 | }; | |
293 | my $err = $@; | |
294 | ||
295 | if ($err) { | |
296 | unlink $tmpname; | |
297 | die $err; | |
298 | } | |
299 | ||
300 | if (!rename($tmpname, $filename)) { | |
301 | my $msg = "close (rename) atomic file '$filename' failed: $!\n"; | |
302 | unlink $tmpname; | |
813a5c0d | 303 | die $msg; |
e143e9d8 DM |
304 | } |
305 | } | |
306 | ||
307 | sub file_get_contents { | |
308 | my ($filename, $max) = @_; | |
309 | ||
310 | my $fh = IO::File->new($filename, "r") || | |
311 | die "can't open '$filename' - $!\n"; | |
312 | ||
034a8181 | 313 | my $content = safe_read_from($fh, $max, 0, $filename); |
e143e9d8 DM |
314 | |
315 | close $fh; | |
316 | ||
317 | return $content; | |
318 | } | |
319 | ||
23e0e0d7 WL |
320 | sub file_copy { |
321 | my ($filename, $dst, $max, $perm) = @_; | |
322 | ||
323 | file_set_contents ($dst, file_get_contents($filename, $max), $perm); | |
324 | } | |
325 | ||
e143e9d8 DM |
326 | sub file_read_firstline { |
327 | my ($filename) = @_; | |
328 | ||
329 | my $fh = IO::File->new ($filename, "r"); | |
1ac0a30a TL |
330 | if (!$fh) { |
331 | return undef if $! == POSIX::ENOENT; | |
332 | die "file '$filename' exists but open for reading failed - $!\n"; | |
333 | } | |
e143e9d8 | 334 | my $res = <$fh>; |
88955a2e | 335 | chomp $res if $res; |
e143e9d8 DM |
336 | $fh->close; |
337 | return $res; | |
338 | } | |
339 | ||
340 | sub safe_read_from { | |
034a8181 | 341 | my ($fh, $max, $oneline, $filename) = @_; |
e143e9d8 | 342 | |
8fb28ab9 | 343 | # pmxcfs file size limit |
d94f7005 | 344 | $max = 1024 * 1024 if !$max; |
e143e9d8 | 345 | |
034a8181 DM |
346 | my $subject = defined($filename) ? "file '$filename'" : 'input'; |
347 | ||
e143e9d8 DM |
348 | my $br = 0; |
349 | my $input = ''; | |
350 | my $count; | |
351 | while ($count = sysread($fh, $input, 8192, $br)) { | |
352 | $br += $count; | |
034a8181 | 353 | die "$subject too long - aborting\n" if $br > $max; |
e143e9d8 DM |
354 | if ($oneline && $input =~ m/^(.*)\n/) { |
355 | $input = $1; | |
356 | last; | |
357 | } | |
813a5c0d | 358 | } |
034a8181 | 359 | die "unable to read $subject - $!\n" if !defined($count); |
e143e9d8 DM |
360 | |
361 | return $input; | |
362 | } | |
363 | ||
bd9c3a36 WB |
364 | # The $cmd parameter can be: |
365 | # -) a string | |
366 | # This is generally executed by passing it to the shell with the -c option. | |
367 | # However, it can be executed in one of two ways, depending on whether | |
368 | # there's a pipe involved: | |
369 | # *) with pipe: passed explicitly to bash -c, prefixed with: | |
370 | # set -o pipefail && | |
371 | # *) without a pipe: passed to perl's open3 which uses 'sh -c' | |
372 | # (Note that this may result in two different syntax requirements!) | |
373 | # FIXME? | |
374 | # -) an array of arguments (strings) | |
375 | # Will be executed without interference from a shell. (Parameters are passed | |
376 | # as is, no escape sequences of strings will be touched.) | |
fcdc0cfc WB |
377 | # -) an array of arrays |
378 | # Each array represents a command, and each command's output is piped into | |
379 | # the following command's standard input. | |
380 | # For this a shell command string is created with pipe symbols between each | |
381 | # command. | |
382 | # Each command is a list of strings meant to end up in the final command | |
383 | # unchanged. In order to achieve this, every argument is shell-quoted. | |
384 | # Quoting can be disabled for a particular argument by turning it into a | |
385 | # reference, this allows inserting arbitrary shell options. | |
386 | # For instance: the $cmd [ [ 'echo', 'hello', \'>/dev/null' ] ] will not | |
387 | # produce any output, while the $cmd [ [ 'echo', 'hello', '>/dev/null' ] ] | |
388 | # will literally print: hello >/dev/null | |
e143e9d8 DM |
389 | sub run_command { |
390 | my ($cmd, %param) = @_; | |
391 | ||
392 | my $old_umask; | |
ded47a61 | 393 | my $cmdstr; |
e143e9d8 | 394 | |
fcdc0cfc WB |
395 | if (my $ref = ref($cmd)) { |
396 | if (ref($cmd->[0])) { | |
397 | $cmdstr = 'set -o pipefail && '; | |
398 | my $pipe = ''; | |
399 | foreach my $command (@$cmd) { | |
400 | # concatenate quoted parameters | |
401 | # strings which are passed by reference are NOT shell quoted | |
402 | $cmdstr .= $pipe . join(' ', map { ref($_) ? $$_ : shellquote($_) } @$command); | |
403 | $pipe = ' | '; | |
404 | } | |
1a0c0103 | 405 | $cmd = [ '/bin/bash', '-c', "$cmdstr" ]; |
fcdc0cfc WB |
406 | } else { |
407 | $cmdstr = cmd2string($cmd); | |
408 | } | |
409 | } else { | |
ded47a61 | 410 | $cmdstr = $cmd; |
22d4efe6 | 411 | if ($cmd =~ m/\|/) { |
e0cabd2c DM |
412 | # see 'man bash' for option pipefail |
413 | $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmd" ]; | |
414 | } else { | |
415 | $cmd = [ $cmd ]; | |
416 | } | |
ded47a61 | 417 | } |
e143e9d8 DM |
418 | |
419 | my $errmsg; | |
420 | my $laststderr; | |
421 | my $timeout; | |
422 | my $oldtimeout; | |
423 | my $pid; | |
38d9aa12 | 424 | my $exitcode = -1; |
e143e9d8 | 425 | |
4630cb95 DM |
426 | my $outfunc; |
427 | my $errfunc; | |
428 | my $logfunc; | |
429 | my $input; | |
430 | my $output; | |
a417477c | 431 | my $afterfork; |
7e826928 | 432 | my $noerr; |
0f3f314e | 433 | my $keeplocale; |
ed61b9d6 | 434 | my $quiet; |
4630cb95 | 435 | |
e143e9d8 | 436 | eval { |
e143e9d8 DM |
437 | |
438 | foreach my $p (keys %param) { | |
439 | if ($p eq 'timeout') { | |
440 | $timeout = $param{$p}; | |
441 | } elsif ($p eq 'umask') { | |
eb9e24df | 442 | $old_umask = umask($param{$p}); |
e143e9d8 DM |
443 | } elsif ($p eq 'errmsg') { |
444 | $errmsg = $param{$p}; | |
e143e9d8 DM |
445 | } elsif ($p eq 'input') { |
446 | $input = $param{$p}; | |
1c50a24a DM |
447 | } elsif ($p eq 'output') { |
448 | $output = $param{$p}; | |
e143e9d8 DM |
449 | } elsif ($p eq 'outfunc') { |
450 | $outfunc = $param{$p}; | |
451 | } elsif ($p eq 'errfunc') { | |
452 | $errfunc = $param{$p}; | |
776fbfa8 DM |
453 | } elsif ($p eq 'logfunc') { |
454 | $logfunc = $param{$p}; | |
a417477c DM |
455 | } elsif ($p eq 'afterfork') { |
456 | $afterfork = $param{$p}; | |
7e826928 TL |
457 | } elsif ($p eq 'noerr') { |
458 | $noerr = $param{$p}; | |
0f3f314e DC |
459 | } elsif ($p eq 'keeplocale') { |
460 | $keeplocale = $param{$p}; | |
ed61b9d6 TL |
461 | } elsif ($p eq 'quiet') { |
462 | $quiet = $param{$p}; | |
e143e9d8 DM |
463 | } else { |
464 | die "got unknown parameter '$p' for run_command\n"; | |
465 | } | |
466 | } | |
467 | ||
4630cb95 DM |
468 | if ($errmsg) { |
469 | my $origerrfunc = $errfunc; | |
470 | $errfunc = sub { | |
471 | if ($laststderr) { | |
472 | if ($origerrfunc) { | |
473 | &$origerrfunc("$laststderr\n"); | |
474 | } else { | |
475 | print STDERR "$laststderr\n" if $laststderr; | |
476 | } | |
477 | } | |
813a5c0d | 478 | $laststderr = shift; |
4630cb95 DM |
479 | }; |
480 | } | |
481 | ||
1c50a24a DM |
482 | my $reader = $output && $output =~ m/^>&/ ? $output : IO::File->new(); |
483 | my $writer = $input && $input =~ m/^<&/ ? $input : IO::File->new(); | |
484 | my $error = IO::File->new(); | |
485 | ||
e143e9d8 DM |
486 | my $orig_pid = $$; |
487 | ||
488 | eval { | |
0f3f314e | 489 | local $ENV{LC_ALL} = 'C' if !$keeplocale; |
e143e9d8 DM |
490 | |
491 | # suppress LVM warnings like: "File descriptor 3 left open"; | |
492 | local $ENV{LVM_SUPPRESS_FD_WARNINGS} = "1"; | |
493 | ||
494 | $pid = open3($writer, $reader, $error, @$cmd) || die $!; | |
f38995ab | 495 | |
b296c4dd TL |
496 | # if we pipe fron STDIN, open3 closes STDIN, so we get a perl warning like |
497 | # "Filehandle STDIN reopened as GENXYZ .. " as soon as we open a new file. | |
f38995ab DM |
498 | # to avoid that we open /dev/null |
499 | if (!ref($writer) && !defined(fileno(STDIN))) { | |
500 | POSIX::close(0); | |
7ac222d1 | 501 | open(STDIN, '<', '/dev/null'); |
f38995ab | 502 | } |
e143e9d8 DM |
503 | }; |
504 | ||
505 | my $err = $@; | |
506 | ||
507 | # catch exec errors | |
508 | if ($orig_pid != $$) { | |
509 | warn "ERROR: $err"; | |
813a5c0d DC |
510 | POSIX::_exit (1); |
511 | kill ('KILL', $$); | |
e143e9d8 DM |
512 | } |
513 | ||
514 | die $err if $err; | |
515 | ||
516 | local $SIG{ALRM} = sub { die "got timeout\n"; } if $timeout; | |
517 | $oldtimeout = alarm($timeout) if $timeout; | |
518 | ||
a417477c DM |
519 | &$afterfork() if $afterfork; |
520 | ||
f38995ab DM |
521 | if (ref($writer)) { |
522 | print $writer $input if defined $input; | |
523 | close $writer; | |
524 | } | |
e143e9d8 | 525 | |
7ac222d1 | 526 | my $select = IO::Select->new(); |
f38995ab | 527 | $select->add($reader) if ref($reader); |
e143e9d8 DM |
528 | $select->add($error); |
529 | ||
530 | my $outlog = ''; | |
531 | my $errlog = ''; | |
532 | ||
533 | my $starttime = time(); | |
534 | ||
535 | while ($select->count) { | |
536 | my @handles = $select->can_read(1); | |
537 | ||
538 | foreach my $h (@handles) { | |
539 | my $buf = ''; | |
540 | my $count = sysread ($h, $buf, 4096); | |
541 | if (!defined ($count)) { | |
542 | my $err = $!; | |
543 | kill (9, $pid); | |
544 | waitpid ($pid, 0); | |
545 | die $err; | |
546 | } | |
547 | $select->remove ($h) if !$count; | |
548 | if ($h eq $reader) { | |
776fbfa8 | 549 | if ($outfunc || $logfunc) { |
e143e9d8 | 550 | eval { |
ba104d67 | 551 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
552 | my $line = $outlog . $1; |
553 | $outlog = ''; | |
776fbfa8 DM |
554 | &$outfunc($line) if $outfunc; |
555 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 556 | } |
cb9db10c | 557 | $outlog .= $buf; |
e143e9d8 DM |
558 | }; |
559 | my $err = $@; | |
560 | if ($err) { | |
561 | kill (9, $pid); | |
562 | waitpid ($pid, 0); | |
563 | die $err; | |
564 | } | |
ed61b9d6 | 565 | } elsif (!$quiet) { |
e143e9d8 DM |
566 | print $buf; |
567 | *STDOUT->flush(); | |
568 | } | |
569 | } elsif ($h eq $error) { | |
776fbfa8 | 570 | if ($errfunc || $logfunc) { |
e143e9d8 | 571 | eval { |
ba104d67 | 572 | while ($buf =~ s/^([^\010\r\n]*)(?:\n|(?:\010)+|\r\n?)//) { |
cb9db10c DC |
573 | my $line = $errlog . $1; |
574 | $errlog = ''; | |
776fbfa8 DM |
575 | &$errfunc($line) if $errfunc; |
576 | &$logfunc($line) if $logfunc; | |
e143e9d8 | 577 | } |
cb9db10c | 578 | $errlog .= $buf; |
e143e9d8 DM |
579 | }; |
580 | my $err = $@; | |
581 | if ($err) { | |
582 | kill (9, $pid); | |
583 | waitpid ($pid, 0); | |
584 | die $err; | |
585 | } | |
ed61b9d6 | 586 | } elsif (!$quiet) { |
e143e9d8 DM |
587 | print STDERR $buf; |
588 | *STDERR->flush(); | |
589 | } | |
590 | } | |
591 | } | |
592 | } | |
593 | ||
594 | &$outfunc($outlog) if $outfunc && $outlog; | |
776fbfa8 DM |
595 | &$logfunc($outlog) if $logfunc && $outlog; |
596 | ||
e143e9d8 | 597 | &$errfunc($errlog) if $errfunc && $errlog; |
776fbfa8 | 598 | &$logfunc($errlog) if $logfunc && $errlog; |
e143e9d8 DM |
599 | |
600 | waitpid ($pid, 0); | |
813a5c0d | 601 | |
e143e9d8 DM |
602 | if ($? == -1) { |
603 | die "failed to execute\n"; | |
604 | } elsif (my $sig = ($? & 127)) { | |
605 | die "got signal $sig\n"; | |
7e826928 TL |
606 | } elsif ($exitcode = ($? >> 8)) { |
607 | if (!($exitcode == 24 && ($cmdstr =~ m|^(\S+/)?rsync\s|))) { | |
1c50a24a DM |
608 | if ($errmsg && $laststderr) { |
609 | my $lerr = $laststderr; | |
610 | $laststderr = undef; | |
611 | die "$lerr\n"; | |
612 | } | |
7e826928 | 613 | die "exit code $exitcode\n"; |
e143e9d8 | 614 | } |
e143e9d8 DM |
615 | } |
616 | ||
4bb9bfe7 | 617 | alarm(0); |
e143e9d8 DM |
618 | }; |
619 | ||
620 | my $err = $@; | |
621 | ||
622 | alarm(0); | |
623 | ||
4630cb95 DM |
624 | if ($errmsg && $laststderr) { |
625 | &$errfunc(undef); # flush laststderr | |
626 | } | |
e143e9d8 DM |
627 | |
628 | umask ($old_umask) if defined($old_umask); | |
629 | ||
630 | alarm($oldtimeout) if $oldtimeout; | |
631 | ||
632 | if ($err) { | |
633 | if ($pid && ($err eq "got timeout\n")) { | |
634 | kill (9, $pid); | |
635 | waitpid ($pid, 0); | |
636 | die "command '$cmdstr' failed: $err"; | |
637 | } | |
638 | ||
639 | if ($errmsg) { | |
adbc988d | 640 | $err =~ s/^usermod:\s*// if $cmdstr =~ m|^(\S+/)?usermod\s|; |
e143e9d8 | 641 | die "$errmsg: $err"; |
7e826928 | 642 | } elsif(!$noerr) { |
e143e9d8 DM |
643 | die "command '$cmdstr' failed: $err"; |
644 | } | |
645 | } | |
1c50a24a | 646 | |
7e826928 | 647 | return $exitcode; |
e143e9d8 DM |
648 | } |
649 | ||
2d38b8a1 TL |
650 | # Run a command with a tcp socket as standard input. |
651 | sub pipe_socket_to_command { | |
652 | my ($cmd, $ip, $port) = @_; | |
653 | ||
654 | my $params = { | |
655 | Listen => 1, | |
656 | ReuseAddr => 1, | |
657 | Proto => &Socket::IPPROTO_TCP, | |
658 | GetAddrInfoFlags => 0, | |
659 | LocalAddr => $ip, | |
660 | LocalPort => $port, | |
661 | }; | |
662 | my $socket = IO::Socket::IP->new(%$params) or die "failed to open socket: $!\n"; | |
663 | ||
664 | print "$ip\n$port\n"; # tell remote where to connect | |
665 | *STDOUT->flush(); | |
666 | ||
667 | alarm 0; | |
668 | local $SIG{ALRM} = sub { die "timed out waiting for client\n" }; | |
669 | alarm 30; | |
670 | my $client = $socket->accept; # Wait for a client | |
671 | alarm 0; | |
672 | close($socket); | |
673 | ||
674 | # We want that the command talks over the TCP socket and takes | |
675 | # ownership of it, so that when it closes it the connection is | |
676 | # terminated, so we need to be able to close the socket. So we | |
677 | # can't really use PVE::Tools::run_command(). | |
678 | my $pid = fork() // die "fork failed: $!\n"; | |
679 | if (!$pid) { | |
680 | POSIX::dup2(fileno($client), 0); | |
681 | POSIX::dup2(fileno($client), 1); | |
682 | close($client); | |
683 | exec {$cmd->[0]} @$cmd or do { | |
684 | warn "exec failed: $!\n"; | |
685 | POSIX::_exit(1); | |
686 | }; | |
687 | } | |
688 | ||
689 | close($client); | |
690 | if (waitpid($pid, 0) != $pid) { | |
691 | kill(15 => $pid); # if we got interrupted terminate the child | |
692 | my $count = 0; | |
693 | while (waitpid($pid, POSIX::WNOHANG) != $pid) { | |
694 | usleep(100000); | |
695 | $count++; | |
696 | kill(9 => $pid), last if $count > 300; # 30 second timeout | |
697 | } | |
698 | } | |
699 | if (my $sig = ($? & 127)) { | |
700 | die "got signal $sig\n"; | |
701 | } elsif (my $exitcode = ($? >> 8)) { | |
702 | die "exit code $exitcode\n"; | |
703 | } | |
704 | ||
705 | return undef; | |
706 | } | |
707 | ||
e143e9d8 | 708 | sub split_list { |
0a3de87e | 709 | my $listtxt = shift // ''; |
e143e9d8 | 710 | |
d2b0374d | 711 | return split (/\0/, $listtxt) if $listtxt =~ m/\0/; |
813a5c0d | 712 | |
d2b0374d | 713 | $listtxt =~ s/[,;]/ /g; |
e143e9d8 DM |
714 | $listtxt =~ s/^\s+//; |
715 | ||
716 | my @data = split (/\s+/, $listtxt); | |
717 | ||
718 | return @data; | |
719 | } | |
720 | ||
721 | sub trim { | |
722 | my $txt = shift; | |
723 | ||
724 | return $txt if !defined($txt); | |
725 | ||
726 | $txt =~ s/^\s+//; | |
727 | $txt =~ s/\s+$//; | |
813a5c0d | 728 | |
e143e9d8 DM |
729 | return $txt; |
730 | } | |
731 | ||
732 | # simple uri templates like "/vms/{vmid}" | |
733 | sub template_replace { | |
734 | my ($tmpl, $data) = @_; | |
735 | ||
3250f5c7 | 736 | return $tmpl if !$tmpl; |
813a5c0d | 737 | |
e143e9d8 | 738 | my $res = ''; |
14410e5f | 739 | while ($tmpl =~ m/([^{]+)?(\{([^}]+)\})?/g) { |
e143e9d8 DM |
740 | $res .= $1 if $1; |
741 | $res .= ($data->{$3} || '-') if $2; | |
742 | } | |
743 | return $res; | |
744 | } | |
745 | ||
746 | sub safe_print { | |
747 | my ($filename, $fh, $data) = @_; | |
748 | ||
749 | return if !$data; | |
750 | ||
751 | my $res = print $fh $data; | |
752 | ||
753 | die "write to '$filename' failed\n" if !$res; | |
754 | } | |
755 | ||
756 | sub debmirrors { | |
757 | ||
758 | return { | |
759 | 'at' => 'ftp.at.debian.org', | |
760 | 'au' => 'ftp.au.debian.org', | |
761 | 'be' => 'ftp.be.debian.org', | |
762 | 'bg' => 'ftp.bg.debian.org', | |
763 | 'br' => 'ftp.br.debian.org', | |
764 | 'ca' => 'ftp.ca.debian.org', | |
765 | 'ch' => 'ftp.ch.debian.org', | |
766 | 'cl' => 'ftp.cl.debian.org', | |
767 | 'cz' => 'ftp.cz.debian.org', | |
768 | 'de' => 'ftp.de.debian.org', | |
769 | 'dk' => 'ftp.dk.debian.org', | |
770 | 'ee' => 'ftp.ee.debian.org', | |
771 | 'es' => 'ftp.es.debian.org', | |
772 | 'fi' => 'ftp.fi.debian.org', | |
773 | 'fr' => 'ftp.fr.debian.org', | |
774 | 'gr' => 'ftp.gr.debian.org', | |
775 | 'hk' => 'ftp.hk.debian.org', | |
776 | 'hr' => 'ftp.hr.debian.org', | |
777 | 'hu' => 'ftp.hu.debian.org', | |
778 | 'ie' => 'ftp.ie.debian.org', | |
779 | 'is' => 'ftp.is.debian.org', | |
780 | 'it' => 'ftp.it.debian.org', | |
781 | 'jp' => 'ftp.jp.debian.org', | |
782 | 'kr' => 'ftp.kr.debian.org', | |
783 | 'mx' => 'ftp.mx.debian.org', | |
784 | 'nl' => 'ftp.nl.debian.org', | |
785 | 'no' => 'ftp.no.debian.org', | |
786 | 'nz' => 'ftp.nz.debian.org', | |
787 | 'pl' => 'ftp.pl.debian.org', | |
788 | 'pt' => 'ftp.pt.debian.org', | |
789 | 'ro' => 'ftp.ro.debian.org', | |
790 | 'ru' => 'ftp.ru.debian.org', | |
791 | 'se' => 'ftp.se.debian.org', | |
792 | 'si' => 'ftp.si.debian.org', | |
793 | 'sk' => 'ftp.sk.debian.org', | |
794 | 'tr' => 'ftp.tr.debian.org', | |
795 | 'tw' => 'ftp.tw.debian.org', | |
796 | 'gb' => 'ftp.uk.debian.org', | |
797 | 'us' => 'ftp.us.debian.org', | |
798 | }; | |
799 | } | |
800 | ||
910d57b0 DM |
801 | my $keymaphash = { |
802 | 'dk' => ['Danish', 'da', 'qwerty/dk-latin1.kmap.gz', 'dk', 'nodeadkeys'], | |
803 | 'de' => ['German', 'de', 'qwertz/de-latin1-nodeadkeys.kmap.gz', 'de', 'nodeadkeys' ], | |
813a5c0d | 804 | 'de-ch' => ['Swiss-German', 'de-ch', 'qwertz/sg-latin1.kmap.gz', 'ch', 'de_nodeadkeys' ], |
5a5ca434 DM |
805 | 'en-gb' => ['United Kingdom', 'en-gb', 'qwerty/uk.kmap.gz' , 'gb', undef], |
806 | 'en-us' => ['U.S. English', 'en-us', 'qwerty/us-latin1.kmap.gz', 'us', undef ], | |
910d57b0 DM |
807 | 'es' => ['Spanish', 'es', 'qwerty/es.kmap.gz', 'es', 'nodeadkeys'], |
808 | #'et' => [], # Ethopia or Estonia ?? | |
809 | 'fi' => ['Finnish', 'fi', 'qwerty/fi-latin1.kmap.gz', 'fi', 'nodeadkeys'], | |
810 | #'fo' => ['Faroe Islands', 'fo', ???, 'fo', 'nodeadkeys'], | |
811 | 'fr' => ['French', 'fr', 'azerty/fr-latin1.kmap.gz', 'fr', 'nodeadkeys'], | |
812 | 'fr-be' => ['Belgium-French', 'fr-be', 'azerty/be2-latin1.kmap.gz', 'be', 'nodeadkeys'], | |
813 | 'fr-ca' => ['Canada-French', 'fr-ca', 'qwerty/cf.kmap.gz', 'ca', 'fr-legacy'], | |
814 | 'fr-ch' => ['Swiss-French', 'fr-ch', 'qwertz/fr_CH-latin1.kmap.gz', 'ch', 'fr_nodeadkeys'], | |
815 | #'hr' => ['Croatia', 'hr', 'qwertz/croat.kmap.gz', 'hr', ??], # latin2? | |
816 | 'hu' => ['Hungarian', 'hu', 'qwertz/hu.kmap.gz', 'hu', undef], | |
817 | 'is' => ['Icelandic', 'is', 'qwerty/is-latin1.kmap.gz', 'is', 'nodeadkeys'], | |
818 | 'it' => ['Italian', 'it', 'qwerty/it2.kmap.gz', 'it', 'nodeadkeys'], | |
819 | 'jp' => ['Japanese', 'ja', 'qwerty/jp106.kmap.gz', 'jp', undef], | |
820 | 'lt' => ['Lithuanian', 'lt', 'qwerty/lt.kmap.gz', 'lt', 'std'], | |
821 | #'lv' => ['Latvian', 'lv', 'qwerty/lv-latin4.kmap.gz', 'lv', ??], # latin4 or latin7? | |
822 | 'mk' => ['Macedonian', 'mk', 'qwerty/mk.kmap.gz', 'mk', 'nodeadkeys'], | |
823 | 'nl' => ['Dutch', 'nl', 'qwerty/nl.kmap.gz', 'nl', undef], | |
824 | #'nl-be' => ['Belgium-Dutch', 'nl-be', ?, ?, ?], | |
813a5c0d | 825 | 'no' => ['Norwegian', 'no', 'qwerty/no-latin1.kmap.gz', 'no', 'nodeadkeys'], |
910d57b0 DM |
826 | 'pl' => ['Polish', 'pl', 'qwerty/pl.kmap.gz', 'pl', undef], |
827 | 'pt' => ['Portuguese', 'pt', 'qwerty/pt-latin1.kmap.gz', 'pt', 'nodeadkeys'], | |
828 | 'pt-br' => ['Brazil-Portuguese', 'pt-br', 'qwerty/br-latin1.kmap.gz', 'br', 'nodeadkeys'], | |
fb3a1b29 | 829 | #'ru' => ['Russian', 'ru', 'qwerty/ru.kmap.gz', 'ru', undef], # don't know? |
910d57b0 | 830 | 'si' => ['Slovenian', 'sl', 'qwertz/slovene.kmap.gz', 'si', undef], |
9934cd0b | 831 | 'se' => ['Swedish', 'sv', 'qwerty/se-latin1.kmap.gz', 'se', 'nodeadkeys'], |
910d57b0 | 832 | #'th' => [], |
c10cc112 | 833 | 'tr' => ['Turkish', 'tr', 'qwerty/trq.kmap.gz', 'tr', undef], |
910d57b0 DM |
834 | }; |
835 | ||
836 | my $kvmkeymaparray = []; | |
0a7de820 | 837 | foreach my $lc (sort keys %$keymaphash) { |
910d57b0 DM |
838 | push @$kvmkeymaparray, $keymaphash->{$lc}->[1]; |
839 | } | |
840 | ||
e143e9d8 | 841 | sub kvmkeymaps { |
910d57b0 DM |
842 | return $keymaphash; |
843 | } | |
844 | ||
845 | sub kvmkeymaplist { | |
846 | return $kvmkeymaparray; | |
e143e9d8 DM |
847 | } |
848 | ||
849 | sub extract_param { | |
850 | my ($param, $key) = @_; | |
851 | ||
852 | my $res = $param->{$key}; | |
853 | delete $param->{$key}; | |
854 | ||
855 | return $res; | |
856 | } | |
857 | ||
9d52694b | 858 | # For extracting sensitive keys (e.g. password), to avoid writing them to www-data owned configs |
40682a69 DC |
859 | sub extract_sensitive_params :prototype($$$) { |
860 | my ($param, $sensitive_list, $delete_list) = @_; | |
861 | ||
40682a69 DC |
862 | my %delete = map { $_ => 1 } ($delete_list || [])->@*; |
863 | ||
9d52694b | 864 | my $sensitive = {}; |
40682a69 | 865 | for my $opt (@$sensitive_list) { |
9d52694b TL |
866 | # handle deletions as explicitly setting `undef`, so subs which only have $param but not |
867 | # $delete_list available can recognize them. Afterwards new values may override. | |
40682a69 DC |
868 | if (exists($delete{$opt})) { |
869 | $sensitive->{$opt} = undef; | |
870 | } | |
871 | ||
872 | if (defined(my $value = extract_param($param, $opt))) { | |
873 | $sensitive->{$opt} = $value; | |
874 | } | |
875 | } | |
876 | ||
877 | return $sensitive; | |
878 | } | |
879 | ||
eb7047f6 | 880 | # Note: we use this to wait until vncterm/spiceterm is ready |
ec6d95b4 | 881 | sub wait_for_vnc_port { |
590b924e | 882 | my ($port, $family, $timeout) = @_; |
ec6d95b4 DM |
883 | |
884 | $timeout = 5 if !$timeout; | |
eb7047f6 DM |
885 | my $sleeptime = 0; |
886 | my $starttime = [gettimeofday]; | |
887 | my $elapsed; | |
ec6d95b4 | 888 | |
590b924e TL |
889 | my $cmd = ['/bin/ss', '-Htln', "sport = :$port"]; |
890 | push @$cmd, $family == AF_INET6 ? '-6' : '-4' if defined($family); | |
891 | ||
9a41a7b7 | 892 | my $found; |
eb7047f6 | 893 | while (($elapsed = tv_interval($starttime)) < $timeout) { |
9a41a7b7 | 894 | # -Htln = don't print header, tcp, listening sockets only, numeric ports |
590b924e | 895 | run_command($cmd, outfunc => sub { |
9a41a7b7 TL |
896 | my $line = shift; |
897 | if ($line =~ m/^LISTEN\s+\d+\s+\d+\s+\S+:(\d+)\s/) { | |
898 | $found = 1 if ($port == $1); | |
ec6d95b4 | 899 | } |
9a41a7b7 TL |
900 | }); |
901 | return 1 if $found; | |
eb7047f6 DM |
902 | $sleeptime += 100000 if $sleeptime < 1000000; |
903 | usleep($sleeptime); | |
ec6d95b4 DM |
904 | } |
905 | ||
8fd0d634 | 906 | die "Timeout while waiting for port '$port' to get ready!\n"; |
ec6d95b4 DM |
907 | } |
908 | ||
59b3f563 | 909 | sub next_unused_port { |
c14960cc | 910 | my ($range_start, $range_end, $family, $address) = @_; |
59b3f563 DM |
911 | |
912 | # We use a file to register allocated ports. | |
913 | # Those registrations expires after $expiretime. | |
914 | # We use this to avoid race conditions between | |
915 | # allocation and use of ports. | |
916 | ||
917 | my $filename = "/var/tmp/pve-reserved-ports"; | |
e143e9d8 | 918 | |
59b3f563 | 919 | my $code = sub { |
e143e9d8 | 920 | |
59b3f563 DM |
921 | my $expiretime = 5; |
922 | my $ctime = time(); | |
e143e9d8 | 923 | |
59b3f563 DM |
924 | my $ports = {}; |
925 | ||
926 | if (my $fh = IO::File->new ($filename, "r")) { | |
927 | while (my $line = <$fh>) { | |
928 | if ($line =~ m/^(\d+)\s(\d+)$/) { | |
929 | my ($port, $timestamp) = ($1, $2); | |
930 | if (($timestamp + $expiretime) > $ctime) { | |
931 | $ports->{$port} = $timestamp; # not expired | |
813a5c0d | 932 | } |
59b3f563 DM |
933 | } |
934 | } | |
e143e9d8 | 935 | } |
813a5c0d | 936 | |
59b3f563 | 937 | my $newport; |
c14960cc WB |
938 | my %sockargs = (Listen => 5, |
939 | ReuseAddr => 1, | |
940 | Family => $family, | |
a0ecb159 | 941 | Proto => IPPROTO_TCP, |
c14960cc WB |
942 | GetAddrInfoFlags => 0); |
943 | $sockargs{LocalAddr} = $address if defined($address); | |
59b3f563 DM |
944 | |
945 | for (my $p = $range_start; $p < $range_end; $p++) { | |
946 | next if $ports->{$p}; # reserved | |
947 | ||
c14960cc WB |
948 | $sockargs{LocalPort} = $p; |
949 | my $sock = IO::Socket::IP->new(%sockargs); | |
59b3f563 DM |
950 | |
951 | if ($sock) { | |
952 | close($sock); | |
953 | $newport = $p; | |
954 | $ports->{$p} = $ctime; | |
955 | last; | |
956 | } | |
957 | } | |
813a5c0d | 958 | |
59b3f563 DM |
959 | my $data = ""; |
960 | foreach my $p (keys %$ports) { | |
961 | $data .= "$p $ports->{$p}\n"; | |
962 | } | |
813a5c0d | 963 | |
59b3f563 | 964 | file_set_contents($filename, $data); |
e143e9d8 | 965 | |
59b3f563 DM |
966 | return $newport; |
967 | }; | |
968 | ||
3c476ed5 | 969 | my $p = lock_file('/var/lock/pve-ports.lck', 10, $code); |
59b3f563 | 970 | die $@ if $@; |
813a5c0d | 971 | |
59b3f563 DM |
972 | die "unable to find free port (${range_start}-${range_end})\n" if !$p; |
973 | ||
974 | return $p; | |
975 | } | |
976 | ||
977 | sub next_migrate_port { | |
c14960cc WB |
978 | my ($family, $address) = @_; |
979 | return next_unused_port(60000, 60050, $family, $address); | |
59b3f563 DM |
980 | } |
981 | ||
982 | sub next_vnc_port { | |
c14960cc WB |
983 | my ($family, $address) = @_; |
984 | return next_unused_port(5900, 6000, $family, $address); | |
59b3f563 | 985 | } |
e143e9d8 | 986 | |
30aeac2e DC |
987 | sub spice_port_range { |
988 | return (61000, 61999); | |
989 | } | |
990 | ||
2f13cbb5 | 991 | sub next_spice_port { |
c14960cc | 992 | my ($family, $address) = @_; |
30aeac2e | 993 | return next_unused_port(spice_port_range(), $family, $address); |
2f13cbb5 DM |
994 | } |
995 | ||
893ec6f2 WB |
996 | sub must_stringify { |
997 | my ($value) = @_; | |
998 | eval { $value = "$value" }; | |
999 | return "error turning value into a string: $@" if $@; | |
1000 | return $value; | |
1001 | } | |
1002 | ||
72fba911 EK |
1003 | # sigkill after $timeout a $sub running in a fork if it can't write a pipe |
1004 | # the $sub has to return a single scalar | |
1005 | sub run_fork_with_timeout { | |
1006 | my ($timeout, $sub) = @_; | |
1007 | ||
1008 | my $res; | |
1009 | my $error; | |
1010 | my $pipe_out = IO::Pipe->new(); | |
72fba911 EK |
1011 | |
1012 | # disable pending alarms, save their remaining time | |
1013 | my $prev_alarm = alarm 0; | |
1014 | ||
eead1cca | 1015 | # avoid leaving a zombie if the parent gets interrupted |
72fba911 | 1016 | my $sig_received; |
72fba911 EK |
1017 | |
1018 | my $child = fork(); | |
1019 | if (!defined($child)) { | |
1020 | die "fork failed: $!\n"; | |
1021 | return $res; | |
1022 | } | |
1023 | ||
1024 | if (!$child) { | |
1025 | $pipe_out->writer(); | |
72fba911 EK |
1026 | |
1027 | eval { | |
1028 | $res = $sub->(); | |
f2c72fc3 | 1029 | print {$pipe_out} encode_json({ result => $res }); |
72fba911 EK |
1030 | $pipe_out->flush(); |
1031 | }; | |
1032 | if (my $err = $@) { | |
893ec6f2 | 1033 | print {$pipe_out} encode_json({ error => must_stringify($err) }); |
f2c72fc3 | 1034 | $pipe_out->flush(); |
72fba911 EK |
1035 | POSIX::_exit(1); |
1036 | } | |
1037 | POSIX::_exit(0); | |
1038 | } | |
1039 | ||
2e353dfb DC |
1040 | local $SIG{INT} = sub { $sig_received++; }; |
1041 | local $SIG{TERM} = sub { | |
1042 | $error //= "interrupted by unexpected signal\n"; | |
1043 | kill('TERM', $child); | |
1044 | }; | |
1045 | ||
72fba911 | 1046 | $pipe_out->reader(); |
72fba911 EK |
1047 | |
1048 | my $readvalues = sub { | |
1049 | local $/ = undef; | |
2e353dfb | 1050 | my $child_res = decode_json(readline_nointr($pipe_out)); |
f2c72fc3 TL |
1051 | $res = $child_res->{result}; |
1052 | $error = $child_res->{error}; | |
72fba911 | 1053 | }; |
41ed4396 | 1054 | |
a6aa0ae9 | 1055 | my $got_timeout = 0; |
41ed4396 | 1056 | my $wantarray = wantarray; # so it can be queried inside eval |
72fba911 | 1057 | eval { |
a2d049af | 1058 | if (defined($timeout)) { |
41ed4396 FE |
1059 | if ($wantarray) { |
1060 | (undef, $got_timeout) = run_with_timeout($timeout, $readvalues); | |
1061 | } else { | |
1062 | run_with_timeout($timeout, $readvalues); | |
1063 | } | |
a2d049af WB |
1064 | } else { |
1065 | $readvalues->(); | |
1066 | } | |
72fba911 EK |
1067 | }; |
1068 | warn $@ if $@; | |
1069 | $pipe_out->close(); | |
72fba911 | 1070 | kill('KILL', $child); |
c663330d | 1071 | # FIXME: hangs if $child doesn't exits?! (D state) |
72fba911 EK |
1072 | waitpid($child, 0); |
1073 | ||
1074 | alarm $prev_alarm; | |
1075 | die "interrupted by unexpected signal\n" if $sig_received; | |
1076 | ||
1077 | die $error if $error; | |
a6aa0ae9 | 1078 | return wantarray ? ($res, $got_timeout) : $res; |
72fba911 EK |
1079 | } |
1080 | ||
a2d049af WB |
1081 | sub run_fork { |
1082 | my ($code) = @_; | |
1083 | return run_fork_with_timeout(undef, $code); | |
1084 | } | |
1085 | ||
813a5c0d | 1086 | # NOTE: NFS syscall can't be interrupted, so alarm does |
e143e9d8 DM |
1087 | # not work to provide timeouts. |
1088 | # from 'man nfs': "Only SIGKILL can interrupt a pending NFS operation" | |
97c8c857 | 1089 | # So fork() before using Filesys::Df |
e143e9d8 DM |
1090 | sub df { |
1091 | my ($path, $timeout) = @_; | |
1092 | ||
4fdc9659 | 1093 | my $df = sub { return Filesys::Df::df($path, 1) }; |
97c8c857 | 1094 | |
4fdc9659 TL |
1095 | my $res = eval { run_fork_with_timeout($timeout, $df) } // {}; |
1096 | warn $@ if $@; | |
97c8c857 | 1097 | |
8bc99fda TL |
1098 | # untaint, but be flexible: PB usage can result in scientific notation |
1099 | my ($blocks, $used, $bavail) = map { defined($_) ? (/^([\d\.e\-+]+)$/) : 0 } | |
fd58bb2b DC |
1100 | $res->@{qw(blocks used bavail)}; |
1101 | ||
4fdc9659 | 1102 | return { |
fd58bb2b DC |
1103 | total => $blocks, |
1104 | used => $used, | |
1105 | avail => $bavail, | |
e143e9d8 | 1106 | }; |
e143e9d8 DM |
1107 | } |
1108 | ||
62635f92 DM |
1109 | sub du { |
1110 | my ($path, $timeout) = @_; | |
1111 | ||
1112 | my $size; | |
1113 | ||
1114 | $timeout //= 10; | |
1115 | ||
1116 | my $parser = sub { | |
1117 | my $line = shift; | |
1118 | ||
1119 | if ($line =~ m/^(\d+)\s+total$/) { | |
1120 | $size = $1; | |
1121 | } | |
1122 | }; | |
1123 | ||
1124 | run_command(['du', '-scb', $path], outfunc => $parser, timeout => $timeout); | |
1125 | ||
1126 | return $size; | |
1127 | } | |
1128 | ||
e143e9d8 DM |
1129 | # UPID helper |
1130 | # We use this to uniquely identify a process. | |
813a5c0d | 1131 | # An 'Unique Process ID' has the following format: |
e143e9d8 DM |
1132 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" |
1133 | ||
1134 | sub upid_encode { | |
1135 | my $d = shift; | |
1136 | ||
19cec230 DM |
1137 | # Note: pstart can be > 32bit if uptime > 497 days, so this can result in |
1138 | # more that 8 characters for pstart | |
813a5c0d DC |
1139 | return sprintf("UPID:%s:%08X:%08X:%08X:%s:%s:%s:", $d->{node}, $d->{pid}, |
1140 | $d->{pstart}, $d->{starttime}, $d->{type}, $d->{id}, | |
e143e9d8 DM |
1141 | $d->{user}); |
1142 | } | |
1143 | ||
1144 | sub upid_decode { | |
1145 | my ($upid, $noerr) = @_; | |
1146 | ||
1147 | my $res; | |
1148 | my $filename; | |
1149 | ||
1150 | # "UPID:$node:$pid:$pstart:$startime:$dtype:$id:$user" | |
19cec230 DM |
1151 | # Note: allow up to 9 characters for pstart (work until 20 years uptime) |
1152 | if ($upid =~ m/^UPID:([a-zA-Z0-9]([a-zA-Z0-9\-]*[a-zA-Z0-9])?):([0-9A-Fa-f]{8}):([0-9A-Fa-f]{8,9}):([0-9A-Fa-f]{8}):([^:\s]+):([^:\s]*):([^:\s]+):$/) { | |
e143e9d8 | 1153 | $res->{node} = $1; |
3702f038 DM |
1154 | $res->{pid} = hex($3); |
1155 | $res->{pstart} = hex($4); | |
1156 | $res->{starttime} = hex($5); | |
1157 | $res->{type} = $6; | |
1158 | $res->{id} = $7; | |
1159 | $res->{user} = $8; | |
1160 | ||
1161 | my $subdir = substr($5, 7, 8); | |
e143e9d8 DM |
1162 | $filename = "$pvetaskdir/$subdir/$upid"; |
1163 | ||
1164 | } else { | |
1165 | return undef if $noerr; | |
1166 | die "unable to parse worker upid '$upid'\n"; | |
1167 | } | |
1168 | ||
1169 | return wantarray ? ($res, $filename) : $res; | |
1170 | } | |
1171 | ||
1172 | sub upid_open { | |
1173 | my ($upid) = @_; | |
1174 | ||
813a5c0d | 1175 | my ($task, $filename) = upid_decode($upid); |
e143e9d8 DM |
1176 | |
1177 | my $dirname = dirname($filename); | |
1178 | make_path($dirname); | |
1179 | ||
1180 | my $wwwid = getpwnam('www-data') || | |
1181 | die "getpwnam failed"; | |
1182 | ||
1183 | my $perm = 0640; | |
813a5c0d | 1184 | |
e143e9d8 DM |
1185 | my $outfh = IO::File->new ($filename, O_WRONLY|O_CREAT|O_EXCL, $perm) || |
1186 | die "unable to create output file '$filename' - $!\n"; | |
2b8e0f12 | 1187 | chown $wwwid, -1, $outfh; |
e143e9d8 DM |
1188 | |
1189 | return $outfh; | |
1190 | }; | |
1191 | ||
1192 | sub upid_read_status { | |
1193 | my ($upid) = @_; | |
1194 | ||
1195 | my ($task, $filename) = upid_decode($upid); | |
1196 | my $fh = IO::File->new($filename, "r"); | |
1197 | return "unable to open file - $!" if !$fh; | |
cc9121d3 | 1198 | my $maxlen = 4096; |
e143e9d8 DM |
1199 | sysseek($fh, -$maxlen, 2); |
1200 | my $readbuf = ''; | |
1201 | my $br = sysread($fh, $readbuf, $maxlen); | |
1202 | close($fh); | |
1203 | if ($br) { | |
1204 | return "unable to extract last line" | |
1205 | if $readbuf !~ m/\n?(.+)$/; | |
1206 | my $line = $1; | |
1207 | if ($line =~ m/^TASK OK$/) { | |
1208 | return 'OK'; | |
1209 | } elsif ($line =~ m/^TASK ERROR: (.+)$/) { | |
1210 | return $1; | |
ff79ee65 FE |
1211 | } elsif ($line =~ m/^TASK (WARNINGS: \d+)$/) { |
1212 | return $1; | |
e143e9d8 DM |
1213 | } else { |
1214 | return "unexpected status"; | |
1215 | } | |
1216 | } | |
1217 | return "unable to read tail (got $br bytes)"; | |
1218 | } | |
1219 | ||
4cc5b13d FE |
1220 | # Check if the status returned by upid_read_status is an error status. |
1221 | # If the status could not be parsed it's also treated as an error. | |
1222 | sub upid_status_is_error { | |
1223 | my ($status) = @_; | |
1224 | ||
1225 | return !($status eq 'OK' || $status =~ m/^WARNINGS: \d+$/); | |
1226 | } | |
1227 | ||
ae54eabf TL |
1228 | # takes the parsed status and returns the type, either ok, warning, error or unknown |
1229 | sub upid_normalize_status_type { | |
4e536038 DC |
1230 | my ($status) = @_; |
1231 | ||
1232 | if (!$status) { | |
1233 | return 'unknown'; | |
ae54eabf | 1234 | } elsif ($status eq 'OK') { |
4e536038 DC |
1235 | return 'ok'; |
1236 | } elsif ($status =~ m/^WARNINGS: \d+$/) { | |
1237 | return 'warning'; | |
1238 | } elsif ($status eq 'unexpected status') { | |
1239 | return 'unknown'; | |
1240 | } else { | |
1241 | return 'error'; | |
1242 | } | |
1243 | } | |
1244 | ||
813a5c0d | 1245 | # useful functions to store comments in config files |
e143e9d8 DM |
1246 | sub encode_text { |
1247 | my ($text) = @_; | |
1248 | ||
1249 | # all control and hi-bit characters, and ':' | |
1250 | my $unsafe = "^\x20-\x39\x3b-\x7e"; | |
1251 | return uri_escape(Encode::encode("utf8", $text), $unsafe); | |
1252 | } | |
1253 | ||
1254 | sub decode_text { | |
1255 | my ($data) = @_; | |
1256 | ||
1257 | return Encode::decode("utf8", uri_unescape($data)); | |
1258 | } | |
1259 | ||
a45a1df1 | 1260 | # NOTE: deprecated - do not use! we now decode all parameters by default |
815b2aba DM |
1261 | sub decode_utf8_parameters { |
1262 | my ($param) = @_; | |
1263 | ||
34ebb226 | 1264 | foreach my $p (qw(comment description firstname lastname)) { |
815b2aba DM |
1265 | $param->{$p} = decode('utf8', $param->{$p}) if $param->{$p}; |
1266 | } | |
1267 | ||
1268 | return $param; | |
1269 | } | |
1270 | ||
a413a515 | 1271 | sub random_ether_addr { |
12392173 | 1272 | my ($prefix) = @_; |
a413a515 | 1273 | |
46a11c00 DM |
1274 | my ($seconds, $microseconds) = gettimeofday; |
1275 | ||
d743b69c | 1276 | my $rand = Digest::SHA::sha1($$, rand(), $seconds, $microseconds); |
a413a515 | 1277 | |
85d5625a | 1278 | # clear multicast, set local id |
de9a267f | 1279 | vec($rand, 0, 8) = (vec($rand, 0, 8) & 0xfe) | 2; |
a413a515 | 1280 | |
12392173 WB |
1281 | my $addr = sprintf("%02X:%02X:%02X:%02X:%02X:%02X", unpack("C6", $rand)); |
1282 | if (defined($prefix)) { | |
1283 | $addr = uc($prefix) . substr($addr, length($prefix)); | |
1284 | } | |
1285 | return $addr; | |
a413a515 | 1286 | } |
e143e9d8 | 1287 | |
762e3223 DM |
1288 | sub shellquote { |
1289 | my $str = shift; | |
1290 | ||
7514b23a | 1291 | return String::ShellQuote::shell_quote($str); |
762e3223 DM |
1292 | } |
1293 | ||
65e1d3fc DM |
1294 | sub cmd2string { |
1295 | my ($cmd) = @_; | |
1296 | ||
1297 | die "no arguments" if !$cmd; | |
1298 | ||
1299 | return $cmd if !ref($cmd); | |
1300 | ||
1301 | my @qa = (); | |
1302 | foreach my $arg (@$cmd) { push @qa, shellquote($arg); } | |
1303 | ||
1304 | return join (' ', @qa); | |
1305 | } | |
1306 | ||
e38bcd35 | 1307 | # split an shell argument string into an array, |
f9125663 DM |
1308 | sub split_args { |
1309 | my ($str) = @_; | |
1310 | ||
e38bcd35 | 1311 | return $str ? [ Text::ParseWords::shellwords($str) ] : []; |
f9125663 DM |
1312 | } |
1313 | ||
12a0ec18 CE |
1314 | sub dump_logfile_by_filehandle { |
1315 | my ($fh, $filter, $state) = @_; | |
804b1041 | 1316 | |
12a0ec18 CE |
1317 | my $count = ($state->{count} //= 0); |
1318 | my $lines = ($state->{lines} //= []); | |
1319 | my $start = ($state->{start} //= 0); | |
1320 | my $limit = ($state->{limit} //= 50); | |
1321 | my $final = ($state->{final} //= 1); | |
1322 | my $read_until_end = ($state->{read_until_end} //= $limit == 0); | |
804b1041 DM |
1323 | |
1324 | my $line; | |
eb7e5538 DM |
1325 | if ($filter) { |
1326 | # duplicate code, so that we do not slow down normal path | |
1327 | while (defined($line = <$fh>)) { | |
12a0ec18 CE |
1328 | if (ref($filter) eq 'CODE') { |
1329 | next if !$filter->($line); | |
1330 | } else { | |
1331 | next if $line !~ m/$filter/; | |
1332 | } | |
eb7e5538 | 1333 | next if $count++ < $start; |
f0c1b0c0 DT |
1334 | if (!$read_until_end) { |
1335 | next if $limit <= 0; | |
1336 | $limit--; | |
1337 | } | |
eb7e5538 DM |
1338 | chomp $line; |
1339 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 DM |
1340 | } |
1341 | } else { | |
1342 | while (defined($line = <$fh>)) { | |
1343 | next if $count++ < $start; | |
f0c1b0c0 DT |
1344 | if (!$read_until_end) { |
1345 | next if $limit <= 0; | |
1346 | $limit--; | |
1347 | } | |
eb7e5538 DM |
1348 | chomp $line; |
1349 | push @$lines, { n => $count, t => $line}; | |
eb7e5538 | 1350 | } |
804b1041 DM |
1351 | } |
1352 | ||
6de95a66 DM |
1353 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1354 | # so we add a line | |
12a0ec18 | 1355 | if (!$count && $final) { |
6de95a66 DM |
1356 | $count++; |
1357 | push @$lines, { n => $count, t => "no content"}; | |
1358 | } | |
1359 | ||
12a0ec18 CE |
1360 | $state->{count} = $count; |
1361 | $state->{limit} = $limit; | |
1362 | } | |
1363 | ||
1364 | sub dump_logfile { | |
1365 | my ($filename, $start, $limit, $filter) = @_; | |
1366 | ||
1367 | my $fh = IO::File->new($filename, "r"); | |
1368 | if (!$fh) { | |
1369 | return (1, { n => 1, t => "unable to open file - $!"}); | |
1370 | } | |
1371 | ||
1372 | my %state = ( | |
1373 | 'count' => 0, | |
1374 | 'lines' => [], | |
1375 | 'start' => $start, | |
1376 | 'limit' => $limit, | |
1377 | ); | |
1378 | ||
1379 | dump_logfile_by_filehandle($fh, $filter, \%state); | |
1380 | ||
1381 | close($fh); | |
1382 | ||
1383 | return ($state{'count'}, $state{'lines'}); | |
6de95a66 DM |
1384 | } |
1385 | ||
1386 | sub dump_journal { | |
ccf60d3b | 1387 | my ($start, $limit, $since, $until, $service) = @_; |
6de95a66 DM |
1388 | |
1389 | my $lines = []; | |
1390 | my $count = 0; | |
813a5c0d | 1391 | |
6de95a66 DM |
1392 | $start = 0 if !$start; |
1393 | $limit = 50 if !$limit; | |
1394 | ||
1395 | my $parser = sub { | |
1396 | my $line = shift; | |
1397 | ||
4bb9bfe7 | 1398 | return if $count++ < $start; |
6de95a66 DM |
1399 | return if $limit <= 0; |
1400 | push @$lines, { n => int($count), t => $line}; | |
1401 | $limit--; | |
1402 | }; | |
1403 | ||
1404 | my $cmd = ['journalctl', '-o', 'short', '--no-pager']; | |
19e95cd0 | 1405 | |
ccf60d3b | 1406 | push @$cmd, '--unit', $service if $service; |
19e95cd0 TL |
1407 | push @$cmd, '--since', $since if $since; |
1408 | push @$cmd, '--until', $until if $until; | |
6de95a66 DM |
1409 | run_command($cmd, outfunc => $parser); |
1410 | ||
804b1041 DM |
1411 | # HACK: ExtJS store.guaranteeRange() does not like empty array |
1412 | # so we add a line | |
1413 | if (!$count) { | |
1414 | $count++; | |
1415 | push @$lines, { n => $count, t => "no content"}; | |
1416 | } | |
1417 | ||
1418 | return ($count, $lines); | |
1419 | } | |
1420 | ||
7eb283fb DM |
1421 | sub dir_glob_regex { |
1422 | my ($dir, $regex) = @_; | |
1423 | ||
1424 | my $dh = IO::Dir->new ($dir); | |
1425 | return wantarray ? () : undef if !$dh; | |
813a5c0d DC |
1426 | |
1427 | while (defined(my $tmp = $dh->read)) { | |
7eb283fb DM |
1428 | if (my @res = $tmp =~ m/^($regex)$/) { |
1429 | $dh->close; | |
1430 | return wantarray ? @res : $tmp; | |
1431 | } | |
1432 | } | |
1433 | $dh->close; | |
1434 | ||
1435 | return wantarray ? () : undef; | |
1436 | } | |
1437 | ||
1438 | sub dir_glob_foreach { | |
1439 | my ($dir, $regex, $func) = @_; | |
1440 | ||
1441 | my $dh = IO::Dir->new ($dir); | |
1442 | if (defined $dh) { | |
1443 | while (defined(my $tmp = $dh->read)) { | |
1444 | if (my @res = $tmp =~ m/^($regex)$/) { | |
1445 | &$func (@res); | |
1446 | } | |
1447 | } | |
813a5c0d | 1448 | } |
7eb283fb DM |
1449 | } |
1450 | ||
a345b9d5 DM |
1451 | sub assert_if_modified { |
1452 | my ($digest1, $digest2) = @_; | |
1453 | ||
1454 | if ($digest1 && $digest2 && ($digest1 ne $digest2)) { | |
212fc0b7 | 1455 | die "detected modified configuration - file changed by other user? Try again.\n"; |
a345b9d5 DM |
1456 | } |
1457 | } | |
1458 | ||
2d3bca34 DM |
1459 | # Digest for short strings |
1460 | # like FNV32a, but we only return 31 bits (positive numbers) | |
1461 | sub fnv31a { | |
1462 | my ($string) = @_; | |
1463 | ||
1464 | my $hval = 0x811c9dc5; | |
1465 | ||
1466 | foreach my $c (unpack('C*', $string)) { | |
1467 | $hval ^= $c; | |
1468 | $hval += ( | |
1469 | (($hval << 1) ) + | |
1470 | (($hval << 4) ) + | |
1471 | (($hval << 7) ) + | |
1472 | (($hval << 8) ) + | |
1473 | (($hval << 24) ) ); | |
1474 | $hval = $hval & 0xffffffff; | |
1475 | } | |
1476 | return $hval & 0x7fffffff; | |
1477 | } | |
1478 | ||
1479 | sub fnv31a_hex { return sprintf("%X", fnv31a(@_)); } | |
1480 | ||
8df6b794 WB |
1481 | sub unpack_sockaddr_in46 { |
1482 | my ($sin) = @_; | |
1483 | my $family = Socket::sockaddr_family($sin); | |
1484 | my ($port, $host) = ($family == AF_INET6 ? Socket::unpack_sockaddr_in6($sin) | |
1485 | : Socket::unpack_sockaddr_in($sin)); | |
1486 | return ($family, $port, $host); | |
1487 | } | |
1488 | ||
a0b6ef52 WB |
1489 | sub getaddrinfo_all { |
1490 | my ($hostname, @opts) = @_; | |
7a2e8ca1 TL |
1491 | my %hints = ( |
1492 | flags => AI_V4MAPPED | AI_ALL, | |
1493 | @opts, | |
1494 | ); | |
a956854f | 1495 | my ($err, @res) = Socket::getaddrinfo($hostname, '0', \%hints); |
a0b6ef52 WB |
1496 | die "failed to get address info for: $hostname: $err\n" if $err; |
1497 | return @res; | |
1498 | } | |
a956854f | 1499 | |
a0b6ef52 WB |
1500 | sub get_host_address_family { |
1501 | my ($hostname, $socktype) = @_; | |
1502 | my @res = getaddrinfo_all($hostname, socktype => $socktype); | |
1503 | return $res[0]->{family}; | |
a956854f WB |
1504 | } |
1505 | ||
d3c8f0c1 EK |
1506 | # get the fully qualified domain name of a host |
1507 | # same logic as hostname(1): The FQDN is the name getaddrinfo(3) returns, | |
1508 | # given a nodename as a parameter | |
1509 | sub get_fqdn { | |
1510 | my ($nodename) = @_; | |
1511 | ||
1512 | my $hints = { | |
1513 | flags => AI_CANONNAME, | |
1514 | socktype => SOCK_DGRAM | |
1515 | }; | |
1516 | ||
1517 | my ($err, @addrs) = Socket::getaddrinfo($nodename, undef, $hints); | |
1518 | ||
1519 | die "getaddrinfo: $err" if $err; | |
1520 | ||
1521 | return $addrs[0]->{canonname}; | |
1522 | } | |
1523 | ||
b2613777 WB |
1524 | # Parses any sane kind of host, or host+port pair: |
1525 | # The port is always optional and thus may be undef. | |
1526 | sub parse_host_and_port { | |
1527 | my ($address) = @_; | |
1528 | if ($address =~ /^($IPV4RE|[[:alnum:]\-.]+)(?::(\d+))?$/ || # ipv4 or host with optional ':port' | |
1529 | $address =~ /^\[($IPV6RE|$IPV4RE|[[:alnum:]\-.]+)\](?::(\d+))?$/ || # anything in brackets with optional ':port' | |
1530 | $address =~ /^($IPV6RE)(?:\.(\d+))?$/) # ipv6 with optional port separated by dot | |
1531 | { | |
1532 | return ($1, $2, 1); # end with 1 to support simple if(parse...) tests | |
1533 | } | |
1534 | return; # nothing | |
1535 | } | |
1536 | ||
0c078e66 SI |
1537 | sub setresuid($$$) { |
1538 | my ($ruid, $euid, $suid) = @_; | |
6647801c | 1539 | return 0 == syscall(PVE::Syscall::setresuid, int($ruid), int($euid), int($suid)); |
0c078e66 SI |
1540 | } |
1541 | ||
817c6be0 | 1542 | sub unshare($) { |
952fd95e | 1543 | my ($flags) = @_; |
6647801c | 1544 | return 0 == syscall(PVE::Syscall::unshare, int($flags)); |
952fd95e WB |
1545 | } |
1546 | ||
891b224a WB |
1547 | sub setns($$) { |
1548 | my ($fileno, $nstype) = @_; | |
6647801c | 1549 | return 0 == syscall(PVE::Syscall::setns, int($fileno), int($nstype)); |
891b224a WB |
1550 | } |
1551 | ||
44acb12c WB |
1552 | sub syncfs($) { |
1553 | my ($fileno) = @_; | |
6647801c | 1554 | return 0 == syscall(PVE::Syscall::syncfs, int($fileno)); |
44acb12c WB |
1555 | } |
1556 | ||
cee0e23a TL |
1557 | sub fsync($) { |
1558 | my ($fileno) = @_; | |
6647801c | 1559 | return 0 == syscall(PVE::Syscall::fsync, int($fileno)); |
cee0e23a TL |
1560 | } |
1561 | ||
bd9eb367 WB |
1562 | sub renameat2($$$$$) { |
1563 | my ($olddirfd, $oldpath, $newdirfd, $newpath, $flags) = @_; | |
6647801c WB |
1564 | return 0 == syscall( |
1565 | PVE::Syscall::renameat2, | |
1566 | int($olddirfd), | |
1567 | $oldpath, | |
1568 | int($newdirfd), | |
1569 | $newpath, | |
1570 | int($flags), | |
1571 | ); | |
bd9eb367 WB |
1572 | } |
1573 | ||
44acb12c WB |
1574 | sub sync_mountpoint { |
1575 | my ($path) = @_; | |
b260d4e3 | 1576 | sysopen my $fd, $path, O_RDONLY|O_CLOEXEC or die "failed to open $path: $!\n"; |
09d47f9d TL |
1577 | my $syncfs_err; |
1578 | if (!syncfs(fileno($fd))) { | |
1579 | $syncfs_err = "$!"; | |
1580 | } | |
44acb12c | 1581 | close($fd); |
09d47f9d | 1582 | die "syncfs '$path' failed - $syncfs_err\n" if defined $syncfs_err; |
44acb12c WB |
1583 | } |
1584 | ||
9915a41b TL |
1585 | my sub check_mail_addr { |
1586 | my ($addr) = @_; | |
1587 | die "'$addr' does not look like a valid email address or username\n" | |
1588 | if $addr !~ /^$EMAIL_RE$/ && $addr !~ /^$EMAIL_USER_RE$/; | |
1589 | } | |
1590 | ||
b61a47db TL |
1591 | # support sending multi-part mail messages with a text and or a HTML part |
1592 | # mailto may be a single email string or an array of receivers | |
1593 | sub sendmail { | |
1594 | my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_; | |
1595 | ||
5a873e6d | 1596 | $mailto = [ $mailto ] if !ref($mailto); |
b61a47db | 1597 | |
9915a41b TL |
1598 | check_mail_addr($_) for $mailto->@*; |
1599 | my $to_quoted = [ map { shellquote($_) } $mailto->@* ]; | |
b61a47db TL |
1600 | |
1601 | $mailfrom = $mailfrom || "root"; | |
9915a41b TL |
1602 | check_mail_addr($mailfrom); |
1603 | my $from_quoted = shellquote($mailfrom); | |
c9c6d910 | 1604 | |
a24d91ea | 1605 | $author = $author // 'Proxmox VE'; |
b61a47db | 1606 | |
9915a41b | 1607 | open (my $mail, "|-", "sendmail", "-B", "8BITMIME", "-f", $from_quoted, "--", $to_quoted->@*) |
7ac222d1 | 1608 | or die "unable to open 'sendmail' - $!"; |
b61a47db | 1609 | |
b18826ce | 1610 | my $is_multipart = $text && $html; |
9915a41b | 1611 | my $boundary = "----_=_NextPart_001_" . int(time()) . $$; # multipart spec, see rfc 1521 |
b18826ce | 1612 | |
9915a41b | 1613 | $subject = Encode::encode('MIME-Header', $subject) if $subject =~ /[^[:ascii:]]/; |
b61a47db | 1614 | |
9915a41b | 1615 | print $mail "MIME-Version: 1.0\n" if $subject =~ /[^[:ascii:]]/ || $is_multipart; |
b61a47db | 1616 | |
7ac222d1 | 1617 | print $mail "From: $author <$mailfrom>\n"; |
9915a41b TL |
1618 | print $mail "To: " . join(', ', @$mailto) ."\n"; |
1619 | print $mail "Date: " . time2str('%a, %d %b %Y %H:%M:%S %z', time()) . "\n"; | |
7ac222d1 | 1620 | print $mail "Subject: $subject\n"; |
b18826ce SI |
1621 | |
1622 | if ($is_multipart) { | |
7ac222d1 TL |
1623 | print $mail "Content-Type: multipart/alternative;\n"; |
1624 | print $mail "\tboundary=\"$boundary\"\n"; | |
1625 | print $mail "\n"; | |
1626 | print $mail "This is a multi-part message in MIME format.\n\n"; | |
1627 | print $mail "--$boundary\n"; | |
b18826ce | 1628 | } |
b61a47db | 1629 | |
5a873e6d | 1630 | if (defined($text)) { |
7ac222d1 | 1631 | print $mail "Content-Type: text/plain;\n"; |
a992ba13 | 1632 | print $mail "Auto-Submitted: auto-generated;\n"; |
7ac222d1 TL |
1633 | print $mail "\tcharset=\"UTF-8\"\n"; |
1634 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1635 | print $mail "\n"; | |
b61a47db TL |
1636 | |
1637 | # avoid 'remove extra line breaks' issue (MS Outlook) | |
1638 | my $fill = ' '; | |
1639 | $text =~ s/^/$fill/gm; | |
1640 | ||
7ac222d1 | 1641 | print $mail $text; |
b61a47db | 1642 | |
7ac222d1 | 1643 | print $mail "\n--$boundary\n" if $is_multipart; |
b61a47db TL |
1644 | } |
1645 | ||
5a873e6d | 1646 | if (defined($html)) { |
7ac222d1 | 1647 | print $mail "Content-Type: text/html;\n"; |
a992ba13 | 1648 | print $mail "Auto-Submitted: auto-generated;\n"; |
7ac222d1 TL |
1649 | print $mail "\tcharset=\"UTF-8\"\n"; |
1650 | print $mail "Content-Transfer-Encoding: 8bit\n"; | |
1651 | print $mail "\n"; | |
b61a47db | 1652 | |
7ac222d1 | 1653 | print $mail $html; |
b61a47db | 1654 | |
7ac222d1 | 1655 | print $mail "\n--$boundary--\n" if $is_multipart; |
b61a47db TL |
1656 | } |
1657 | ||
7ac222d1 | 1658 | close($mail); |
b61a47db TL |
1659 | } |
1660 | ||
85237c0b TL |
1661 | # creates a temporary file that does not shows up on the file system hierarchy. |
1662 | # | |
1663 | # Uses O_TMPFILE if available, which makes it just an anon inode that never shows up in the FS. | |
1664 | # If O_TMPFILE is not available, which unlikely nowadays (added in 3.11 kernel and all FS relevant | |
1665 | # for us support it) back to open-create + immediate unlink while still holding the file handle. | |
1666 | # | |
1667 | # TODO: to avoid FS dependent features we could (transparently) switch to memfd_create as backend | |
26598a51 WB |
1668 | sub tempfile { |
1669 | my ($perm, %opts) = @_; | |
1670 | ||
1671 | # default permissions are stricter than with file_set_contents | |
1672 | $perm = 0600 if !defined($perm); | |
1673 | ||
9cccad5e TL |
1674 | my $dir = $opts{dir}; |
1675 | if (!$dir) { | |
1676 | if (-d "/run/user/$<") { | |
1677 | $dir = "/run/user/$<"; | |
1678 | } elsif ($< == 0) { | |
1679 | $dir = "/run"; | |
1680 | } else { | |
1681 | $dir = "/tmp"; | |
1682 | } | |
1683 | } | |
26598a51 WB |
1684 | my $mode = $opts{mode} // O_RDWR; |
1685 | $mode |= O_EXCL if !$opts{allow_links}; | |
1686 | ||
7e1ee743 WB |
1687 | my $fh = IO::File->new($dir, $mode | O_TMPFILE, $perm); |
1688 | if (!$fh && $! == EOPNOTSUPP) { | |
77b2b96f | 1689 | $dir = '/tmp' if !defined($opts{dir}); |
7e1ee743 WB |
1690 | $dir .= "/.tmpfile.$$"; |
1691 | $fh = IO::File->new($dir, $mode | O_CREAT | O_EXCL, $perm); | |
1692 | unlink($dir) if $fh; | |
1693 | } | |
1694 | die "failed to create tempfile: $!\n" if !$fh; | |
26598a51 WB |
1695 | return $fh; |
1696 | } | |
1697 | ||
85237c0b | 1698 | # create an (ideally) anon file with the $data as content and return its FD-path and FH |
26598a51 WB |
1699 | sub tempfile_contents { |
1700 | my ($data, $perm, %opts) = @_; | |
1701 | ||
1702 | my $fh = tempfile($perm, %opts); | |
1703 | eval { | |
1704 | die "unable to write to tempfile: $!\n" if !print {$fh} $data; | |
1705 | die "unable to flush to tempfile: $!\n" if !defined($fh->flush()); | |
1706 | }; | |
1707 | if (my $err = $@) { | |
1708 | close $fh; | |
1709 | die $err; | |
1710 | } | |
1711 | ||
1712 | return ("/proc/$$/fd/".$fh->fileno, $fh); | |
1713 | } | |
1714 | ||
48df47a4 FG |
1715 | sub validate_ssh_public_keys { |
1716 | my ($raw) = @_; | |
1717 | my @lines = split(/\n/, $raw); | |
1718 | ||
1719 | foreach my $line (@lines) { | |
1720 | next if $line =~ m/^\s*$/; | |
1721 | eval { | |
1722 | my ($filename, $handle) = tempfile_contents($line); | |
1723 | run_command(["ssh-keygen", "-l", "-f", $filename], | |
1724 | outfunc => sub {}, errfunc => sub {}); | |
1725 | }; | |
1726 | die "SSH public key validation error\n" if $@; | |
1727 | } | |
1728 | } | |
1729 | ||
21c56a96 WB |
1730 | sub openat($$$;$) { |
1731 | my ($dirfd, $pathname, $flags, $mode) = @_; | |
6647801c WB |
1732 | $dirfd = int($dirfd); |
1733 | $flags = int($flags); | |
1734 | $mode = int($mode // 0); | |
1735 | ||
1736 | my $fd = syscall(PVE::Syscall::openat, $dirfd, $pathname, $flags, $mode); | |
21c56a96 WB |
1737 | return undef if $fd < 0; |
1738 | # sysopen() doesn't deal with numeric file descriptors apparently | |
1739 | # so we need to convert to a mode string for IO::Handle->new_from_fd | |
1740 | my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r'; | |
1741 | my $handle = IO::Handle->new_from_fd($fd, $flagstr); | |
1742 | return $handle if $handle; | |
1743 | my $err = $!; # save error before closing the raw fd | |
c8e94d4b | 1744 | syscall(PVE::Syscall::close, $fd); # close |
21c56a96 WB |
1745 | $! = $err; |
1746 | return undef; | |
1747 | } | |
1748 | ||
1749 | sub mkdirat($$$) { | |
1750 | my ($dirfd, $name, $mode) = @_; | |
6647801c | 1751 | return syscall(PVE::Syscall::mkdirat, int($dirfd), $name, int($mode)) == 0; |
21c56a96 WB |
1752 | } |
1753 | ||
b792e8df FS |
1754 | sub mknod($$$) { |
1755 | my ($filename, $mode, $dev) = @_; | |
1756 | return syscall(PVE::Syscall::SYS_mknod, $filename, int($mode), int($dev)) == 0; | |
1757 | } | |
1758 | ||
6cf6b404 FG |
1759 | sub fchownat($$$$$) { |
1760 | my ($dirfd, $pathname, $owner, $group, $flags) = @_; | |
6647801c WB |
1761 | return syscall( |
1762 | PVE::Syscall::fchownat, | |
1763 | int($dirfd), | |
1764 | $pathname, | |
1765 | int($owner), | |
1766 | int($group), | |
1767 | int($flags), | |
1768 | ) == 0; | |
6cf6b404 FG |
1769 | } |
1770 | ||
9867ff7a DM |
1771 | my $salt_starter = time(); |
1772 | ||
1773 | sub encrypt_pw { | |
1774 | my ($pw) = @_; | |
1775 | ||
1776 | $salt_starter++; | |
1777 | my $salt = substr(Digest::SHA::sha1_base64(time() + $salt_starter + $$), 0, 8); | |
1778 | ||
1779 | # crypt does not want '+' in salt (see 'man crypt') | |
1780 | $salt =~ s/\+/X/g; | |
1781 | ||
1782 | return crypt(encode("utf8", $pw), "\$5\$$salt\$"); | |
1783 | } | |
1784 | ||
8e677e74 | 1785 | # intended usage: convert_size($val, "kb" => "gb") |
95386daf DC |
1786 | # we round up to the next integer by default |
1787 | # E.g. `convert_size(1023, "b" => "kb")` returns 1 | |
8e677e74 | 1788 | # use $no_round_up to switch this off, above example would then return 0 |
95386daf DC |
1789 | # this is also true for converting down e.g. 0.0005 gb to mb returns 1 |
1790 | # (0 if $no_round_up is true) | |
1791 | # allowed formats for value: | |
1792 | # 1234 | |
1793 | # 1234. | |
1794 | # 1234.1234 | |
1795 | # .1234 | |
8e677e74 TL |
1796 | sub convert_size { |
1797 | my ($value, $from, $to, $no_round_up) = @_; | |
1798 | ||
1799 | my $units = { | |
1800 | b => 0, | |
1801 | kb => 1, | |
1802 | mb => 2, | |
1803 | gb => 3, | |
1804 | tb => 4, | |
1805 | pb => 5, | |
1806 | }; | |
1807 | ||
95386daf DC |
1808 | die "no value given" |
1809 | if !defined($value) || $value eq ""; | |
1810 | ||
1811 | $from = lc($from // ''); $to = lc($to // ''); | |
8e677e74 | 1812 | die "unknown 'from' and/or 'to' units ($from => $to)" |
95386daf | 1813 | if !defined($units->{$from}) || !defined($units->{$to}); |
8e677e74 | 1814 | |
95386daf DC |
1815 | die "value '$value' is not a valid, positive number" |
1816 | if $value !~ m/^(?:[0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)$/; | |
8e677e74 | 1817 | |
95386daf DC |
1818 | my $shift_amount = ($units->{$from} - $units->{$to}) * 10; |
1819 | ||
1820 | $value *= 2**$shift_amount; | |
1821 | $value++ if !$no_round_up && ($value - int($value)) > 0.0; | |
8e677e74 | 1822 | |
95386daf | 1823 | return int($value); |
8e677e74 TL |
1824 | } |
1825 | ||
e03a8365 DC |
1826 | # uninterruptible readline |
1827 | # retries on EINTR | |
1828 | sub readline_nointr { | |
1829 | my ($fh) = @_; | |
1830 | my $line; | |
1831 | while (1) { | |
1832 | $line = <$fh>; | |
1833 | last if defined($line) || ($! != EINTR); | |
1834 | } | |
1835 | return $line; | |
1836 | } | |
1837 | ||
ce007e99 | 1838 | my $host_arch; |
b8faece3 | 1839 | sub get_host_arch { |
ce007e99 SR |
1840 | $host_arch = (POSIX::uname())[4] if !$host_arch; |
1841 | return $host_arch; | |
732b693f DM |
1842 | } |
1843 | ||
243c4e58 WB |
1844 | # Devices are: [ (12 bits minor) (12 bits major) (8 bits minor) ] |
1845 | sub dev_t_major($) { | |
1846 | my ($dev_t) = @_; | |
1847 | return (int($dev_t) & 0xfff00) >> 8; | |
1848 | } | |
1849 | ||
1850 | sub dev_t_minor($) { | |
1851 | my ($dev_t) = @_; | |
1852 | $dev_t = int($dev_t); | |
1853 | return (($dev_t >> 12) & 0xfff00) | ($dev_t & 0xff); | |
1854 | } | |
1855 | ||
a59544e7 SR |
1856 | # Given an array of array refs [ \[a b c], \[a b b], \[e b a] ] |
1857 | # Returns the intersection of elements as a single array [a b] | |
1858 | sub array_intersect { | |
1859 | my ($arrays) = @_; | |
1860 | ||
3982313e TL |
1861 | if (!ref($arrays->[0])) { |
1862 | $arrays = [ grep { ref($_) eq 'ARRAY' } @_ ]; | |
1863 | } | |
1864 | ||
38586028 TL |
1865 | return [] if scalar(@$arrays) == 0; |
1866 | return $arrays->[0] if scalar(@$arrays) == 1; | |
a59544e7 | 1867 | |
4c28a8bc TL |
1868 | my $array_unique = sub { |
1869 | my %seen = (); | |
1870 | return grep { ! $seen{ $_ }++ } @_; | |
1871 | }; | |
1872 | ||
38586028 TL |
1873 | # base idea is to get all unique members from the first array, then |
1874 | # check the common elements with the next (uniquely made) one, only keep | |
1875 | # those. Repeat for every array and at the end we only have those left | |
1876 | # which exist in all arrays | |
1877 | my $return_arr = [ $array_unique->(@{$arrays->[0]}) ]; | |
a59544e7 SR |
1878 | for my $i (1 .. $#$arrays) { |
1879 | my %count = (); | |
38586028 | 1880 | # $return_arr is already unique, explicit at before the loop, implicit below. |
4c28a8bc | 1881 | foreach my $element (@$return_arr, $array_unique->(@{$arrays->[$i]})) { |
a59544e7 SR |
1882 | $count{$element}++; |
1883 | } | |
1884 | $return_arr = []; | |
1885 | foreach my $element (keys %count) { | |
1886 | push @$return_arr, $element if $count{$element} > 1; | |
1887 | } | |
26a68cf6 | 1888 | last if scalar(@$return_arr) == 0; # empty intersection, early exit |
a59544e7 SR |
1889 | } |
1890 | ||
1891 | return $return_arr; | |
1892 | } | |
1893 | ||
76c5fee8 WB |
1894 | sub open_tree($$$) { |
1895 | my ($dfd, $pathname, $flags) = @_; | |
1896 | return PVE::Syscall::file_handle_result(syscall( | |
1897 | &PVE::Syscall::open_tree, | |
6647801c | 1898 | int($dfd), |
76c5fee8 | 1899 | $pathname, |
6647801c | 1900 | int($flags), |
76c5fee8 WB |
1901 | )); |
1902 | } | |
1903 | ||
1904 | sub move_mount($$$$$) { | |
1905 | my ($from_dirfd, $from_pathname, $to_dirfd, $to_pathname, $flags) = @_; | |
1906 | return 0 == syscall( | |
1907 | &PVE::Syscall::move_mount, | |
6647801c | 1908 | int($from_dirfd), |
76c5fee8 | 1909 | $from_pathname, |
6647801c | 1910 | int($to_dirfd), |
76c5fee8 | 1911 | $to_pathname, |
6647801c | 1912 | int($flags), |
76c5fee8 WB |
1913 | ); |
1914 | } | |
1915 | ||
1916 | sub fsopen($$) { | |
1917 | my ($fsname, $flags) = @_; | |
6647801c | 1918 | return PVE::Syscall::file_handle_result(syscall(&PVE::Syscall::fsopen, $fsname, int($flags))); |
76c5fee8 WB |
1919 | } |
1920 | ||
1921 | sub fsmount($$$) { | |
1922 | my ($fd, $flags, $mount_attrs) = @_; | |
1923 | return PVE::Syscall::file_handle_result(syscall( | |
1924 | &PVE::Syscall::fsmount, | |
6647801c WB |
1925 | int($fd), |
1926 | int($flags), | |
1927 | int($mount_attrs), | |
76c5fee8 WB |
1928 | )); |
1929 | } | |
1930 | ||
1931 | sub fspick($$$) { | |
1932 | my ($dirfd, $pathname, $flags) = @_; | |
1933 | return PVE::Syscall::file_handle_result(syscall( | |
1934 | &PVE::Syscall::fspick, | |
6647801c | 1935 | int($dirfd), |
76c5fee8 | 1936 | $pathname, |
6647801c | 1937 | int($flags), |
76c5fee8 WB |
1938 | )); |
1939 | } | |
1940 | ||
1941 | sub fsconfig($$$$$) { | |
1942 | my ($fd, $command, $key, $value, $aux) = @_; | |
6647801c WB |
1943 | return 0 == syscall( |
1944 | &PVE::Syscall::fsconfig, | |
1945 | int($fd), | |
1946 | int($command), | |
1947 | $key, | |
1948 | $value, | |
1949 | int($aux), | |
1950 | ); | |
76c5fee8 WB |
1951 | } |
1952 | ||
1953 | # "raw" mount, old api, not for generic use (as it does not invoke any helpers). | |
1954 | # use for lower level stuff such as bind/remount/... or simple tmpfs mounts | |
1955 | sub mount($$$$$) { | |
1956 | my ($source, $target, $filesystemtype, $mountflags, $data) = @_; | |
1957 | return 0 == syscall( | |
1958 | &PVE::Syscall::mount, | |
1959 | $source, | |
1960 | $target, | |
1961 | $filesystemtype, | |
6647801c | 1962 | int($mountflags), |
76c5fee8 WB |
1963 | $data, |
1964 | ); | |
1965 | } | |
a59544e7 | 1966 | |
4c0c5c90 | 1967 | # size is optional and defaults to 256, note that xattr limits are FS specific and that xattrs can |
c1e4c83c | 1968 | # get arbitrary long. pass `0` for $size in array context to get the actual size of a value |
4c0c5c90 TL |
1969 | sub getxattr($$;$) { |
1970 | my ($path_or_handle, $name, $size) = @_; | |
1971 | $size //= 256; | |
1972 | my $buf = pack("x${size}"); | |
1973 | ||
1974 | my $xattr_size = -1; # the actual size of the xattr, can be zero | |
1975 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c | 1976 | $xattr_size = syscall(&PVE::Syscall::fgetxattr, $fd, $name, $buf, int($size)); |
4c0c5c90 | 1977 | } else { |
6647801c | 1978 | $xattr_size = syscall(&PVE::Syscall::getxattr, $path_or_handle, $name, $buf, int($size)); |
4c0c5c90 TL |
1979 | } |
1980 | if ($xattr_size < 0) { | |
4c0c5c90 | 1981 | return undef; |
4c0c5c90 | 1982 | } |
d9339d01 | 1983 | $buf = substr($buf, 0, $xattr_size); |
4c0c5c90 TL |
1984 | return wantarray ? ($buf, $xattr_size) : $buf; |
1985 | } | |
1986 | ||
1987 | # NOTE: can take either a path or an open file handle, i.e., its multiplexing setxattr and fsetxattr | |
1988 | sub setxattr($$$;$) { | |
1989 | my ($path_or_handle, $name, $value, $flags) = @_; | |
1990 | my $size = length($value); # NOTE: seems to get correct length also for wide-characters in text.. | |
1991 | ||
1992 | if (defined(my $fd = fileno($path_or_handle))) { | |
6647801c WB |
1993 | return 0 == syscall( |
1994 | &PVE::Syscall::fsetxattr, | |
1995 | $fd, | |
1996 | $name, | |
1997 | $value, | |
1998 | int($size), | |
1999 | int($flags // 0), | |
2000 | ); | |
4c0c5c90 | 2001 | } else { |
6647801c WB |
2002 | return 0 == syscall( |
2003 | &PVE::Syscall::setxattr, | |
2004 | $path_or_handle, | |
2005 | $name, | |
2006 | $value, | |
2007 | int($size), | |
2008 | int($flags // 0), | |
2009 | ); | |
4c0c5c90 TL |
2010 | } |
2011 | } | |
2012 | ||
890d25d9 FE |
2013 | sub safe_compare { |
2014 | my ($left, $right, $cmp) = @_; | |
2015 | ||
2016 | return 0 if !defined($left) && !defined($right); | |
2017 | return -1 if !defined($left); | |
2018 | return 1 if !defined($right); | |
2019 | return $cmp->($left, $right); | |
2020 | } | |
2021 | ||
a3327ea6 | 2022 | |
60fb1c26 | 2023 | # opts is a hash ref with the following known properties |
06c1c13f | 2024 | # allow_overwrite - if 1, overwriting existing files is allowed, use with care. Default to false |
60fb1c26 TL |
2025 | # hash_required - if 1, at least one checksum has to be specified otherwise an error will be thrown |
2026 | # http_proxy | |
2027 | # https_proxy | |
2028 | # verify_certificates - if 0 (false) we tell wget to ignore untrusted TLS certs. Default to true | |
2029 | # md5sum|sha(1|224|256|384|512)sum - the respective expected checksum string | |
a3327ea6 LS |
2030 | sub download_file_from_url { |
2031 | my ($dest, $url, $opts) = @_; | |
2032 | ||
60fb1c26 | 2033 | my ($checksum_algorithm, $checksum_expected); |
a3327ea6 LS |
2034 | for ('sha512', 'sha384', 'sha256', 'sha224', 'sha1', 'md5') { |
2035 | if (defined($opts->{"${_}sum"})) { | |
60fb1c26 TL |
2036 | $checksum_algorithm = $_; |
2037 | $checksum_expected = $opts->{"${_}sum"}; | |
a3327ea6 LS |
2038 | last; |
2039 | } | |
2040 | } | |
60fb1c26 | 2041 | die "checksum required but not specified\n" if ($opts->{hash_required} && !$checksum_algorithm); |
a3327ea6 | 2042 | |
60fb1c26 | 2043 | print "downloading $url to $dest\n"; |
a3327ea6 | 2044 | |
06c1c13f TL |
2045 | if (-f $dest) { |
2046 | if ($checksum_algorithm) { | |
2047 | print "calculating checksum of existing file..."; | |
2048 | my $checksum_got = get_file_hash($checksum_algorithm, $dest); | |
a3327ea6 | 2049 | |
06c1c13f TL |
2050 | if (lc($checksum_got) eq lc($checksum_expected)) { |
2051 | print "OK, got correct file already, no need to download\n"; | |
2052 | return; | |
2053 | } elsif ($opts->{allow_overwrite}) { | |
2054 | print "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', re-download\n"; | |
2055 | } else { | |
2056 | print "\n"; # the front end expects the error to reside at the last line without any noise | |
2057 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected', aborting\n"; | |
2058 | } | |
2059 | } elsif (!$opts->{allow_overwrite}) { | |
2060 | die "refusing to override existing file '$dest'\n"; | |
60fb1c26 | 2061 | } |
f52ecff9 | 2062 | } |
a3327ea6 | 2063 | |
7c3e155b PH |
2064 | my $tmp_download = "$dest.tmp_dwnl.$$"; |
2065 | my $tmp_decomp = "$dest.tmp_dcom.$$"; | |
f52ecff9 | 2066 | eval { |
3a946485 | 2067 | local $SIG{INT} = sub { |
0bf2e89a FG |
2068 | unlink $tmp_download or warn "could not cleanup temporary file: $!" |
2069 | if -e $tmp_download; | |
7c3e155b | 2070 | unlink $tmp_decomp or warn "could not cleanup temporary file: $!" |
0bf2e89a | 2071 | if $opts->{decompression_command} && -e $tmp_decomp; |
3a946485 TL |
2072 | die "got interrupted by signal\n"; |
2073 | }; | |
2074 | ||
60fb1c26 | 2075 | { # limit the scope of the ENV change |
a3327ea6 LS |
2076 | local %ENV; |
2077 | if ($opts->{http_proxy}) { | |
2078 | $ENV{http_proxy} = $opts->{http_proxy}; | |
2079 | } | |
2080 | if ($opts->{https_proxy}) { | |
2081 | $ENV{https_proxy} = $opts->{https_proxy}; | |
2082 | } | |
2083 | ||
7c3e155b | 2084 | my $cmd = ['wget', '--progress=dot:giga', '-O', $tmp_download, $url]; |
a3327ea6 | 2085 | |
60fb1c26 TL |
2086 | if (!($opts->{verify_certificates} // 1)) { # default to true |
2087 | push @$cmd, '--no-check-certificate'; | |
a3327ea6 LS |
2088 | } |
2089 | ||
60fb1c26 TL |
2090 | run_command($cmd, errmsg => "download failed"); |
2091 | } | |
2092 | ||
2093 | if ($checksum_algorithm) { | |
2094 | print "calculating checksum..."; | |
a3327ea6 | 2095 | |
7c3e155b | 2096 | my $checksum_got = get_file_hash($checksum_algorithm, $tmp_download); |
a3327ea6 | 2097 | |
60fb1c26 TL |
2098 | if (lc($checksum_got) eq lc($checksum_expected)) { |
2099 | print "OK, checksum verified\n"; | |
a3327ea6 | 2100 | } else { |
43cb80c5 LS |
2101 | print "\n"; # the front end expects the error to reside at the last line without any noise |
2102 | die "checksum mismatch: got '$checksum_got' != expect '$checksum_expected'\n"; | |
a3327ea6 | 2103 | } |
a3327ea6 LS |
2104 | } |
2105 | ||
bf8f0ca2 FG |
2106 | if (my $cmd = $opts->{decompression_command}) { |
2107 | push @$cmd, $tmp_download; | |
2108 | my $fh; | |
2109 | if (!open($fh, ">", "$tmp_decomp")) { | |
2110 | die "cant open temporary file $tmp_decomp for decompresson: $!\n"; | |
2111 | } | |
2112 | print "decompressing $tmp_download to $tmp_decomp\n"; | |
a4df8398 | 2113 | run_command($cmd, output => '>&'.fileno($fh)); |
bf8f0ca2 | 2114 | unlink $tmp_download; |
bf8f0ca2 FG |
2115 | rename($tmp_decomp, $dest) or die "unable to rename temporary file: $!\n"; |
2116 | } else { | |
2117 | rename($tmp_download, $dest) or die "unable to rename temporary file: $!\n"; | |
2118 | } | |
a3327ea6 | 2119 | }; |
60fb1c26 | 2120 | if (my $err = $@) { |
0bf2e89a FG |
2121 | unlink $tmp_download or warn "could not cleanup temporary file: $!" |
2122 | if -e $tmp_download; | |
7c3e155b | 2123 | unlink $tmp_decomp or warn "could not cleanup temporary file: $!" |
0bf2e89a | 2124 | if $opts->{decompression_command} && -e $tmp_decomp; |
60fb1c26 TL |
2125 | die $err; |
2126 | } | |
a3327ea6 | 2127 | |
60fb1c26 | 2128 | print "download of '$url' to '$dest' finished\n"; |
a3327ea6 LS |
2129 | } |
2130 | ||
60fb1c26 TL |
2131 | sub get_file_hash { |
2132 | my ($algorithm, $filename) = @_; | |
a3327ea6 LS |
2133 | |
2134 | my $algorithm_map = { | |
2135 | 'md5' => sub { Digest::MD5->new }, | |
2136 | 'sha1' => sub { Digest::SHA->new(1) }, | |
2137 | 'sha224' => sub { Digest::SHA->new(224) }, | |
2138 | 'sha256' => sub { Digest::SHA->new(256) }, | |
2139 | 'sha384' => sub { Digest::SHA->new(384) }, | |
2140 | 'sha512' => sub { Digest::SHA->new(512) }, | |
2141 | }; | |
2142 | ||
2143 | my $digester = $algorithm_map->{$algorithm}->() or die "unknown algorithm '$algorithm'\n"; | |
2144 | ||
2145 | open(my $fh, '<', $filename) or die "unable to open '$filename': $!\n"; | |
2146 | binmode($fh); | |
2147 | ||
2148 | my $digest = $digester->addfile($fh)->hexdigest; | |
2149 | ||
60fb1c26 | 2150 | return lc($digest); |
a3327ea6 LS |
2151 | } |
2152 | ||
15645af1 DC |
2153 | # compare two perl variables recursively, so this works for scalars, nested |
2154 | # hashes and nested arrays | |
2155 | sub is_deeply { | |
2156 | my ($a, $b) = @_; | |
2157 | ||
2158 | return 0 if defined($a) != defined($b); | |
2159 | return 1 if !defined($a); # both are undef | |
2160 | ||
2161 | my ($ref_a, $ref_b) = (ref($a), ref($b)); | |
2162 | ||
2163 | # scalar case | |
2164 | return 0 if !$ref_a && !$ref_b && "$a" ne "$b"; | |
2165 | ||
2166 | # different types, ok because ref never returns undef, only empty string | |
2167 | return 0 if $ref_a ne $ref_b; | |
2168 | ||
2169 | if ($ref_a eq 'HASH') { | |
2170 | return 0 if scalar(keys $a->%*) != scalar(keys $b->%*); | |
2171 | for my $opt (keys $a->%*) { | |
2172 | return 0 if !is_deeply($a->{$opt}, $b->{$opt}); | |
2173 | } | |
2174 | } elsif ($ref_a eq 'ARRAY') { | |
2175 | return 0 if scalar($a->@*) != scalar($b->@*); | |
2176 | for (my $i = 0; $i < $a->@*; $i++) { | |
2177 | return 0 if !is_deeply($a->[$i], $b->[$i]); | |
2178 | } | |
2179 | } | |
2180 | ||
2181 | return 1; | |
2182 | } | |
2183 | ||
e143e9d8 | 2184 | 1; |