]> git.proxmox.com Git - pve-storage.git/blob - PVE/Storage/CIFSPlugin.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix prune-backups validation (again)
[pve-storage.git] / PVE / Storage / CIFSPlugin.pm
1 package PVE::Storage::CIFSPlugin;
2
3 use strict;
4 use warnings;
5 use Net::IP;
6 use PVE::Tools qw(run_command);
7 use PVE::ProcFSTools;
8 use File::Path;
9 use PVE::Storage::Plugin;
10 use PVE::JSONSchema qw(get_standard_option);
11
12 use base qw(PVE::Storage::Plugin);
13
14 # CIFS helper functions
15
16 sub cifs_is_mounted {
17 my ($server, $share, $mountpoint, $mountdata) = @_;
18
19 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
20 my $source = "//${server}/$share";
21 $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata;
22
23 return $mountpoint if grep {
24 $_->[2] =~ /^cifs/ &&
25 $_->[0] =~ m|^\Q$source\E/?$| &&
26 $_->[1] eq $mountpoint
27 } @$mountdata;
28 return undef;
29 }
30
31 sub cifs_cred_file_name {
32 my ($storeid) = @_;
33 return "/etc/pve/priv/storage/${storeid}.pw";
34 }
35
36 sub cifs_delete_credentials {
37 my ($storeid) = @_;
38
39 if (my $cred_file = get_cred_file($storeid)) {
40 unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n";
41 }
42 }
43
44 sub cifs_set_credentials {
45 my ($password, $storeid) = @_;
46
47 my $cred_file = cifs_cred_file_name($storeid);
48 mkdir "/etc/pve/priv/storage";
49
50 PVE::Tools::file_set_contents($cred_file, "password=$password\n");
51
52 return $cred_file;
53 }
54
55 sub get_cred_file {
56 my ($storeid) = @_;
57
58 my $cred_file = cifs_cred_file_name($storeid);
59
60 if (-e $cred_file) {
61 return $cred_file;
62 }
63 return undef;
64 }
65
66 sub cifs_mount {
67 my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_;
68
69 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
70 my $source = "//${server}/$share";
71
72 my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o'];
73
74 if (my $cred_file = get_cred_file($storeid)) {
75 push @$cmd, "username=$user", '-o', "credentials=$cred_file";
76 push @$cmd, '-o', "domain=$domain" if defined($domain);
77 } else {
78 push @$cmd, 'guest,username=guest';
79 }
80
81 push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=3.0";
82
83 run_command($cmd, errmsg => "mount error");
84 }
85
86 # Configuration
87
88 sub type {
89 return 'cifs';
90 }
91
92 sub plugindata {
93 return {
94 content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
95 backup => 1, snippets => 1}, { images => 1 }],
96 format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
97 };
98 }
99
100 sub properties {
101 return {
102 share => {
103 description => "CIFS share.",
104 type => 'string',
105 },
106 password => {
107 description => "Password for accessing the share/datastore.",
108 type => 'string',
109 maxLength => 256,
110 },
111 domain => {
112 description => "CIFS domain.",
113 type => 'string',
114 optional => 1,
115 maxLength => 256,
116 },
117 smbversion => {
118 description => "SMB protocol version",
119 type => 'string',
120 enum => ['2.0', '2.1', '3.0'],
121 optional => 1,
122 },
123 };
124 }
125
126 sub options {
127 return {
128 path => { fixed => 1 },
129 server => { fixed => 1 },
130 share => { fixed => 1 },
131 nodes => { optional => 1 },
132 disable => { optional => 1 },
133 maxfiles => { optional => 1 },
134 'prune-backups' => { optional => 1 },
135 content => { optional => 1 },
136 format => { optional => 1 },
137 username => { optional => 1 },
138 password => { optional => 1},
139 domain => { optional => 1},
140 smbversion => { optional => 1},
141 mkdir => { optional => 1 },
142 bwlimit => { optional => 1 },
143 };
144 }
145
146
147 sub check_config {
148 my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_;
149
150 $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path};
151
152 return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck);
153 }
154
155 # Storage implementation
156
157 sub on_add_hook {
158 my ($class, $storeid, $scfg, %sensitive) = @_;
159
160 if (defined($sensitive{password})) {
161 cifs_set_credentials($sensitive{password}, $storeid);
162 if (!exists($scfg->{username})) {
163 warn "storage $storeid: ignoring password parameter, no user set\n";
164 }
165 } else {
166 cifs_delete_credentials($storeid);
167 }
168
169 return;
170 }
171
172 sub on_update_hook {
173 my ($class, $storeid, $scfg, %sensitive) = @_;
174
175 return if !exists($sensitive{password});
176
177 if (defined($sensitive{password})) {
178 cifs_set_credentials($sensitive{password}, $storeid);
179 if (!exists($scfg->{username})) {
180 warn "storage $storeid: ignoring password parameter, no user set\n";
181 }
182 } else {
183 cifs_delete_credentials($storeid);
184 }
185
186 return;
187 }
188
189 sub on_delete_hook {
190 my ($class, $storeid, $scfg) = @_;
191
192 cifs_delete_credentials($storeid);
193
194 return;
195 }
196
197 sub status {
198 my ($class, $storeid, $scfg, $cache) = @_;
199
200 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
201 if !$cache->{mountdata};
202
203 my $path = $scfg->{path};
204 my $server = $scfg->{server};
205 my $share = $scfg->{share};
206
207 return undef
208 if !cifs_is_mounted($server, $share, $path, $cache->{mountdata});
209
210 return $class->SUPER::status($storeid, $scfg, $cache);
211 }
212
213 sub activate_storage {
214 my ($class, $storeid, $scfg, $cache) = @_;
215
216 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
217 if !$cache->{mountdata};
218
219 my $path = $scfg->{path};
220 my $server = $scfg->{server};
221 my $share = $scfg->{share};
222
223 if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
224
225 mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir});
226
227 die "unable to activate storage '$storeid' - " .
228 "directory '$path' does not exist\n" if ! -d $path;
229
230 cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion},
231 $scfg->{username}, $scfg->{domain});
232 }
233
234 $class->SUPER::activate_storage($storeid, $scfg, $cache);
235 }
236
237 sub deactivate_storage {
238 my ($class, $storeid, $scfg, $cache) = @_;
239
240 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
241 if !$cache->{mountdata};
242
243 my $path = $scfg->{path};
244 my $server = $scfg->{server};
245 my $share = $scfg->{share};
246
247 if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
248 my $cmd = ['/bin/umount', $path];
249 run_command($cmd, errmsg => 'umount error');
250 }
251 }
252
253 sub check_connection {
254 my ($class, $storeid, $scfg) = @_;
255
256 my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share};
257
258 my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0', '-m'];
259
260 push @$cmd, $scfg->{smbversion} ? "smb".int($scfg->{smbversion}) : 'smb3';
261
262 if (my $cred_file = get_cred_file($storeid)) {
263 push @$cmd, '-U', $scfg->{username}, '-A', $cred_file;
264 push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain});
265 } else {
266 push @$cmd, '-U', 'Guest','-N';
267 }
268 push @$cmd, '-c', 'echo 1 0';
269
270 my $out_str;
271 my $out = sub { $out_str .= shift };
272
273 eval { run_command($cmd, timeout => 10, outfunc => $out, errfunc => sub {}) };
274
275 if (my $err = $@) {
276 die "$out_str\n" if defined($out_str) &&
277 ($out_str =~ m/NT_STATUS_ACCESS_DENIED/);
278 return 0;
279 }
280
281 return 1;
282 }
283
284 sub get_volume_notes {
285 my $class = shift;
286 PVE::Storage::DirPlugin::get_volume_notes($class, @_);
287 }
288 sub update_volume_notes {
289 my $class = shift;
290 PVE::Storage::DirPlugin::update_volume_notes($class, @_);
291 }
292
293 1;
Storage library