RESTenv: fork worker: fallback to 'root@pam' for task log user-id

[pve-common.git] / src / PVE / RESTEnvironment.pm

diff --git a/src/PVE/RESTEnvironment.pm b/src/PVE/RESTEnvironment.pm
index aca18bcacab4a1ceb6534c68689dc4b940a17bf8..abe388b246c063c54a420949f1faded5a1047051 100644 (file)
--- a/src/PVE/RESTEnvironment.pm
+++ b/src/PVE/RESTEnvironment.pm
@@ -7,17 +7,21 @@ package PVE::RESTEnvironment;
 
 use strict;
 use warnings;
-use POSIX qw(:sys_wait_h EINTR);
-use IO::Handle;
+
+use Exporter qw(import);
+use Fcntl qw(:flock);
 use IO::File;
+use IO::Handle;
 use IO::Select;
-use Fcntl qw(:flock);
+use POSIX qw(:sys_wait_h EINTR);
+
 use PVE::Exception qw(raise raise_perm_exc);
-use PVE::SafeSyslog;
-use PVE::Tools;
 use PVE::INotify;
 use PVE::ProcFSTools;
+use PVE::SafeSyslog;
+use PVE::Tools;
 
+our @EXPORT_OK = qw(log_warn);
 
 my $rest_env;
 
@@ -111,11 +115,14 @@ sub init {
 
     # environment types
     # cli  ... command started fron command line
-    # pub  ... access from public server (apache)
+    # pub  ... access from public server (pveproxy)
     # priv ... access from private server (pvedaemon)
-    # ha   ... access from HA resource manager agent (rgmanager)
+    # ha   ... access from HA resource manager agent (pve-ha-manager)
 
-    my $self = { type => $type };
+    my $self = {
+       type => $type,
+       warning_count => 0,
+    };
 
     bless $self, $class;
 
@@ -217,6 +224,34 @@ sub get_user {
     die "user name not set\n";
 }
 
+sub set_u2f_challenge {
+    my ($self, $challenge) = @_;
+
+    $self->{u2f_challenge} = $challenge;
+}
+
+sub get_u2f_challenge {
+    my ($self, $noerr) = @_;
+
+    return $self->{u2f_challenge} if defined($self->{u2f_challenge}) || $noerr;
+
+    die "no active u2f challenge\n";
+}
+
+sub set_request_host {
+    my ($self, $host) = @_;
+
+    $self->{request_host} = $host;
+}
+
+sub get_request_host {
+    my ($self, $noerr) = @_;
+
+    return $self->{request_host} if defined($self->{request_host}) || $noerr;
+
+    die "no hostname available in current environment\n";
+}
+
 sub is_worker {
     my ($class) = @_;
 
@@ -420,7 +455,6 @@ my $tee_worker = sub {
            }
        }
 
-       # get status (error or OK)
        POSIX::read($ctrlfd, $readbuf, 4096);
        if ($readbuf =~ m/^TASK OK\n?$/) {
            # skip printing to stdout
@@ -428,6 +462,9 @@ my $tee_worker = sub {
        } elsif ($readbuf =~ m/^TASK ERROR: (.*)\n?$/) {
            print STDERR "$1\n";
            print $taskfh "\n$readbuf"; # ensure start on new line for webUI
+       } elsif ($readbuf =~ m/^TASK WARNINGS: (\d+)\n?$/) {
+           print STDERR "Task finished with $1 warning(s)!\n";
+           print $taskfh "\n$readbuf"; # ensure start on new line for webUI
        } else {
            die "got unexpected control message: $readbuf\n";
        }
@@ -455,7 +492,8 @@ sub fork_worker {
     $dtype = 'unknown' if !defined ($dtype);
     $id = '' if !defined ($id);
 
-    $user = 'root@pve' if !defined ($user);
+    # note: below is only used for the task log entry
+    $user = $self->get_user(1) // 'root@pam' if !defined($user);
 
     my $sync = ($self->{type} eq 'cli' && !$background) ? 1 : 0;
 
@@ -589,6 +627,9 @@ sub fork_worker {
            syslog('err', $err);
            $msg = "TASK ERROR: $err\n";
            $exitcode = -1;
+       } elsif (my $warnings = $self->{warning_count}) {
+           $msg = "TASK WARNINGS: $warnings\n";
+           $exitcode = 0;
        } else {
            $msg = "TASK OK\n";
            $exitcode = 0;
@@ -675,6 +716,27 @@ sub fork_worker {
     return wantarray ? ($upid, $res) : $upid;
 }
 
+sub log_warn {
+    my ($message) = @_;
+
+    if ($rest_env) {
+       $rest_env->warn($message);
+    } else {
+       chomp($message);
+       print STDERR "WARN: $message\n";
+    }
+}
+
+sub warn {
+    my ($self, $message) = @_;
+
+    chomp($message);
+
+    print STDERR "WARN: $message\n";
+
+    $self->{warning_count}++;
+}
+
 # Abstract function
 
 sub log_cluster_msg {