]> git.proxmox.com Git - pve-storage.git/blob - PVE/Storage/CIFSPlugin.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bump version to 8.2.1
[pve-storage.git] / PVE / Storage / CIFSPlugin.pm
1 package PVE::Storage::CIFSPlugin;
2
3 use strict;
4 use warnings;
5 use Net::IP;
6 use PVE::Tools qw(run_command);
7 use PVE::ProcFSTools;
8 use File::Path;
9 use PVE::Storage::Plugin;
10 use PVE::JSONSchema qw(get_standard_option);
11
12 use base qw(PVE::Storage::Plugin);
13
14 # CIFS helper functions
15
16 sub cifs_is_mounted {
17 my ($server, $share, $mountpoint, $mountdata) = @_;
18
19 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
20 my $source = "//${server}/$share";
21 $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata;
22
23 return $mountpoint if grep {
24 $_->[2] =~ /^cifs/ &&
25 $_->[0] =~ m|^\Q$source\E/?$| &&
26 $_->[1] eq $mountpoint
27 } @$mountdata;
28 return undef;
29 }
30
31 sub cifs_cred_file_name {
32 my ($storeid) = @_;
33 return "/etc/pve/priv/storage/${storeid}.pw";
34 }
35
36 sub cifs_delete_credentials {
37 my ($storeid) = @_;
38
39 if (my $cred_file = get_cred_file($storeid)) {
40 unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n";
41 }
42 }
43
44 sub cifs_set_credentials {
45 my ($password, $storeid) = @_;
46
47 my $cred_file = cifs_cred_file_name($storeid);
48 mkdir "/etc/pve/priv/storage";
49
50 PVE::Tools::file_set_contents($cred_file, "password=$password\n");
51
52 return $cred_file;
53 }
54
55 sub get_cred_file {
56 my ($storeid) = @_;
57
58 my $cred_file = cifs_cred_file_name($storeid);
59
60 if (-e $cred_file) {
61 return $cred_file;
62 }
63 return undef;
64 }
65
66 sub cifs_mount {
67 my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_;
68
69 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
70 my $source = "//${server}/$share";
71
72 my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o'];
73
74 if (my $cred_file = get_cred_file($storeid)) {
75 push @$cmd, "username=$user", '-o', "credentials=$cred_file";
76 push @$cmd, '-o', "domain=$domain" if defined($domain);
77 } else {
78 push @$cmd, 'guest,username=guest';
79 }
80
81 push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=default";
82
83 run_command($cmd, errmsg => "mount error");
84 }
85
86 # Configuration
87
88 sub type {
89 return 'cifs';
90 }
91
92 sub plugindata {
93 return {
94 content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
95 backup => 1, snippets => 1}, { images => 1 }],
96 format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
97 };
98 }
99
100 sub properties {
101 return {
102 share => {
103 description => "CIFS share.",
104 type => 'string',
105 },
106 password => {
107 description => "Password for accessing the share/datastore.",
108 type => 'string',
109 maxLength => 256,
110 },
111 domain => {
112 description => "CIFS domain.",
113 type => 'string',
114 optional => 1,
115 maxLength => 256,
116 },
117 smbversion => {
118 description => "SMB protocol version. 'default' if not set, negotiates the highest SMB2+"
119 ." version supported by both the client and server.",
120 type => 'string',
121 default => 'default',
122 enum => ['default', '2.0', '2.1', '3', '3.0', '3.11'],
123 optional => 1,
124 },
125 };
126 }
127
128 sub options {
129 return {
130 path => { fixed => 1 },
131 server => { fixed => 1 },
132 share => { fixed => 1 },
133 nodes => { optional => 1 },
134 disable => { optional => 1 },
135 maxfiles => { optional => 1 },
136 'prune-backups' => { optional => 1 },
137 content => { optional => 1 },
138 format => { optional => 1 },
139 username => { optional => 1 },
140 password => { optional => 1},
141 domain => { optional => 1},
142 smbversion => { optional => 1},
143 mkdir => { optional => 1 },
144 bwlimit => { optional => 1 },
145 preallocation => { optional => 1 },
146 };
147 }
148
149
150 sub check_config {
151 my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_;
152
153 $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path};
154
155 return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck);
156 }
157
158 # Storage implementation
159
160 sub on_add_hook {
161 my ($class, $storeid, $scfg, %sensitive) = @_;
162
163 if (defined($sensitive{password})) {
164 cifs_set_credentials($sensitive{password}, $storeid);
165 if (!exists($scfg->{username})) {
166 warn "storage $storeid: ignoring password parameter, no user set\n";
167 }
168 } else {
169 cifs_delete_credentials($storeid);
170 }
171
172 return;
173 }
174
175 sub on_update_hook {
176 my ($class, $storeid, $scfg, %sensitive) = @_;
177
178 return if !exists($sensitive{password});
179
180 if (defined($sensitive{password})) {
181 cifs_set_credentials($sensitive{password}, $storeid);
182 if (!exists($scfg->{username})) {
183 warn "storage $storeid: ignoring password parameter, no user set\n";
184 }
185 } else {
186 cifs_delete_credentials($storeid);
187 }
188
189 return;
190 }
191
192 sub on_delete_hook {
193 my ($class, $storeid, $scfg) = @_;
194
195 cifs_delete_credentials($storeid);
196
197 return;
198 }
199
200 sub status {
201 my ($class, $storeid, $scfg, $cache) = @_;
202
203 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
204 if !$cache->{mountdata};
205
206 my $path = $scfg->{path};
207 my $server = $scfg->{server};
208 my $share = $scfg->{share};
209
210 return undef
211 if !cifs_is_mounted($server, $share, $path, $cache->{mountdata});
212
213 return $class->SUPER::status($storeid, $scfg, $cache);
214 }
215
216 sub activate_storage {
217 my ($class, $storeid, $scfg, $cache) = @_;
218
219 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
220 if !$cache->{mountdata};
221
222 my $path = $scfg->{path};
223 my $server = $scfg->{server};
224 my $share = $scfg->{share};
225
226 if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
227
228 mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir});
229
230 die "unable to activate storage '$storeid' - " .
231 "directory '$path' does not exist\n" if ! -d $path;
232
233 cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion},
234 $scfg->{username}, $scfg->{domain});
235 }
236
237 $class->SUPER::activate_storage($storeid, $scfg, $cache);
238 }
239
240 sub deactivate_storage {
241 my ($class, $storeid, $scfg, $cache) = @_;
242
243 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
244 if !$cache->{mountdata};
245
246 my $path = $scfg->{path};
247 my $server = $scfg->{server};
248 my $share = $scfg->{share};
249
250 if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
251 my $cmd = ['/bin/umount', $path];
252 run_command($cmd, errmsg => 'umount error');
253 }
254 }
255
256 sub check_connection {
257 my ($class, $storeid, $scfg) = @_;
258
259 my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share};
260
261 my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0'];
262
263 if (defined($scfg->{smbversion}) && $scfg->{smbversion} ne 'default') {
264 # max-protocol version, so basically only relevant for smb2 vs smb3
265 push @$cmd, '-m', "smb" . int($scfg->{smbversion});
266 }
267
268 if (my $cred_file = get_cred_file($storeid)) {
269 push @$cmd, '-U', $scfg->{username}, '-A', $cred_file;
270 push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain});
271 } else {
272 push @$cmd, '-U', 'Guest','-N';
273 }
274 push @$cmd, '-c', 'echo 1 0';
275
276 my $out_str;
277 my $out = sub { $out_str .= shift };
278
279 eval { run_command($cmd, timeout => 10, outfunc => $out, errfunc => sub {}) };
280
281 if (my $err = $@) {
282 die "$out_str\n" if defined($out_str) &&
283 ($out_str =~ m/NT_STATUS_ACCESS_DENIED/);
284 return 0;
285 }
286
287 return 1;
288 }
289
290 sub get_volume_notes {
291 my $class = shift;
292 PVE::Storage::DirPlugin::get_volume_notes($class, @_);
293 }
294 sub update_volume_notes {
295 my $class = shift;
296 PVE::Storage::DirPlugin::update_volume_notes($class, @_);
297 }
298
299 1;
Storage library