]> git.proxmox.com Git - pve-storage.git/blob - PVE/Storage/CIFSPlugin.pm
bump version to 8.2.9
[pve-storage.git] / PVE / Storage / CIFSPlugin.pm
1 package PVE::Storage::CIFSPlugin;
2
3 use strict;
4 use warnings;
5 use Net::IP;
6 use PVE::Tools qw(run_command);
7 use PVE::ProcFSTools;
8 use File::Path;
9 use PVE::Storage::Plugin;
10 use PVE::JSONSchema qw(get_standard_option);
11
12 use base qw(PVE::Storage::Plugin);
13
14 # CIFS helper functions
15
16 sub cifs_is_mounted {
17 my ($server, $share, $mountpoint, $mountdata) = @_;
18
19 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
20 my $source = "//${server}/$share";
21 $mountdata = PVE::ProcFSTools::parse_proc_mounts() if !$mountdata;
22
23 return $mountpoint if grep {
24 $_->[2] =~ /^cifs/ &&
25 $_->[0] =~ m|^\Q$source\E/?$| &&
26 $_->[1] eq $mountpoint
27 } @$mountdata;
28 return undef;
29 }
30
31 sub cifs_cred_file_name {
32 my ($storeid) = @_;
33 return "/etc/pve/priv/storage/${storeid}.pw";
34 }
35
36 sub cifs_delete_credentials {
37 my ($storeid) = @_;
38
39 if (my $cred_file = get_cred_file($storeid)) {
40 unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n";
41 }
42 }
43
44 sub cifs_set_credentials {
45 my ($password, $storeid) = @_;
46
47 my $cred_file = cifs_cred_file_name($storeid);
48 mkdir "/etc/pve/priv/storage";
49
50 PVE::Tools::file_set_contents($cred_file, "password=$password\n");
51
52 return $cred_file;
53 }
54
55 sub get_cred_file {
56 my ($storeid) = @_;
57
58 my $cred_file = cifs_cred_file_name($storeid);
59
60 if (-e $cred_file) {
61 return $cred_file;
62 }
63 return undef;
64 }
65
66 sub cifs_mount {
67 my ($server, $share, $mountpoint, $storeid, $smbver, $user, $domain) = @_;
68
69 $server = "[$server]" if Net::IP::ip_is_ipv6($server);
70 my $source = "//${server}/$share";
71
72 my $cmd = ['/bin/mount', '-t', 'cifs', $source, $mountpoint, '-o', 'soft', '-o'];
73
74 if (my $cred_file = get_cred_file($storeid)) {
75 push @$cmd, "username=$user", '-o', "credentials=$cred_file";
76 push @$cmd, '-o', "domain=$domain" if defined($domain);
77 } else {
78 push @$cmd, 'guest,username=guest';
79 }
80
81 push @$cmd, '-o', defined($smbver) ? "vers=$smbver" : "vers=default";
82
83 run_command($cmd, errmsg => "mount error");
84 }
85
86 # Configuration
87
88 sub type {
89 return 'cifs';
90 }
91
92 sub plugindata {
93 return {
94 content => [ { images => 1, rootdir => 1, vztmpl => 1, iso => 1,
95 backup => 1, snippets => 1}, { images => 1 }],
96 format => [ { raw => 1, qcow2 => 1, vmdk => 1 } , 'raw' ],
97 };
98 }
99
100 sub properties {
101 return {
102 share => {
103 description => "CIFS share.",
104 type => 'string',
105 },
106 password => {
107 description => "Password for accessing the share/datastore.",
108 type => 'string',
109 maxLength => 256,
110 },
111 domain => {
112 description => "CIFS domain.",
113 type => 'string',
114 optional => 1,
115 maxLength => 256,
116 },
117 smbversion => {
118 description => "SMB protocol version. 'default' if not set, negotiates the highest SMB2+"
119 ." version supported by both the client and server.",
120 type => 'string',
121 default => 'default',
122 enum => ['default', '2.0', '2.1', '3', '3.0', '3.11'],
123 optional => 1,
124 },
125 };
126 }
127
128 sub options {
129 return {
130 path => { fixed => 1 },
131 server => { fixed => 1 },
132 share => { fixed => 1 },
133 nodes => { optional => 1 },
134 disable => { optional => 1 },
135 maxfiles => { optional => 1 },
136 'prune-backups' => { optional => 1 },
137 'max-protected-backups' => { optional => 1 },
138 content => { optional => 1 },
139 format => { optional => 1 },
140 username => { optional => 1 },
141 password => { optional => 1},
142 domain => { optional => 1},
143 smbversion => { optional => 1},
144 mkdir => { optional => 1 },
145 bwlimit => { optional => 1 },
146 preallocation => { optional => 1 },
147 };
148 }
149
150
151 sub check_config {
152 my ($class, $sectionId, $config, $create, $skipSchemaCheck) = @_;
153
154 $config->{path} = "/mnt/pve/$sectionId" if $create && !$config->{path};
155
156 return $class->SUPER::check_config($sectionId, $config, $create, $skipSchemaCheck);
157 }
158
159 # Storage implementation
160
161 sub on_add_hook {
162 my ($class, $storeid, $scfg, %sensitive) = @_;
163
164 if (defined($sensitive{password})) {
165 cifs_set_credentials($sensitive{password}, $storeid);
166 if (!exists($scfg->{username})) {
167 warn "storage $storeid: ignoring password parameter, no user set\n";
168 }
169 } else {
170 cifs_delete_credentials($storeid);
171 }
172
173 return;
174 }
175
176 sub on_update_hook {
177 my ($class, $storeid, $scfg, %sensitive) = @_;
178
179 return if !exists($sensitive{password});
180
181 if (defined($sensitive{password})) {
182 cifs_set_credentials($sensitive{password}, $storeid);
183 if (!exists($scfg->{username})) {
184 warn "storage $storeid: ignoring password parameter, no user set\n";
185 }
186 } else {
187 cifs_delete_credentials($storeid);
188 }
189
190 return;
191 }
192
193 sub on_delete_hook {
194 my ($class, $storeid, $scfg) = @_;
195
196 cifs_delete_credentials($storeid);
197
198 return;
199 }
200
201 sub status {
202 my ($class, $storeid, $scfg, $cache) = @_;
203
204 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
205 if !$cache->{mountdata};
206
207 my $path = $scfg->{path};
208 my $server = $scfg->{server};
209 my $share = $scfg->{share};
210
211 return undef
212 if !cifs_is_mounted($server, $share, $path, $cache->{mountdata});
213
214 return $class->SUPER::status($storeid, $scfg, $cache);
215 }
216
217 sub activate_storage {
218 my ($class, $storeid, $scfg, $cache) = @_;
219
220 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
221 if !$cache->{mountdata};
222
223 my $path = $scfg->{path};
224 my $server = $scfg->{server};
225 my $share = $scfg->{share};
226
227 if (!cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
228
229 mkpath $path if !(defined($scfg->{mkdir}) && !$scfg->{mkdir});
230
231 die "unable to activate storage '$storeid' - " .
232 "directory '$path' does not exist\n" if ! -d $path;
233
234 cifs_mount($server, $share, $path, $storeid, $scfg->{smbversion},
235 $scfg->{username}, $scfg->{domain});
236 }
237
238 $class->SUPER::activate_storage($storeid, $scfg, $cache);
239 }
240
241 sub deactivate_storage {
242 my ($class, $storeid, $scfg, $cache) = @_;
243
244 $cache->{mountdata} = PVE::ProcFSTools::parse_proc_mounts()
245 if !$cache->{mountdata};
246
247 my $path = $scfg->{path};
248 my $server = $scfg->{server};
249 my $share = $scfg->{share};
250
251 if (cifs_is_mounted($server, $share, $path, $cache->{mountdata})) {
252 my $cmd = ['/bin/umount', $path];
253 run_command($cmd, errmsg => 'umount error');
254 }
255 }
256
257 sub check_connection {
258 my ($class, $storeid, $scfg) = @_;
259
260 my $servicename = '//'.$scfg->{server}.'/'.$scfg->{share};
261
262 my $cmd = ['/usr/bin/smbclient', $servicename, '-d', '0'];
263
264 if (defined($scfg->{smbversion}) && $scfg->{smbversion} ne 'default') {
265 # max-protocol version, so basically only relevant for smb2 vs smb3
266 push @$cmd, '-m', "smb" . int($scfg->{smbversion});
267 }
268
269 if (my $cred_file = get_cred_file($storeid)) {
270 push @$cmd, '-U', $scfg->{username}, '-A', $cred_file;
271 push @$cmd, '-W', $scfg->{domain} if defined($scfg->{domain});
272 } else {
273 push @$cmd, '-U', 'Guest','-N';
274 }
275 push @$cmd, '-c', 'echo 1 0';
276
277 my $out_str;
278 my $out = sub { $out_str .= shift };
279
280 eval { run_command($cmd, timeout => 10, outfunc => $out, errfunc => sub {}) };
281
282 if (my $err = $@) {
283 die "$out_str\n" if defined($out_str) &&
284 ($out_str =~ m/NT_STATUS_(ACCESS_DENIED|LOGON_FAILURE)/);
285 return 0;
286 }
287
288 return 1;
289 }
290
291 # FIXME remove on the next APIAGE reset.
292 # Deprecated, use get_volume_attribute instead.
293 sub get_volume_notes {
294 my $class = shift;
295 PVE::Storage::DirPlugin::get_volume_notes($class, @_);
296 }
297
298 # FIXME remove on the next APIAGE reset.
299 # Deprecated, use update_volume_attribute instead.
300 sub update_volume_notes {
301 my $class = shift;
302 PVE::Storage::DirPlugin::update_volume_notes($class, @_);
303 }
304
305 sub get_volume_attribute {
306 return PVE::Storage::DirPlugin::get_volume_attribute(@_);
307 }
308
309 sub update_volume_attribute {
310 return PVE::Storage::DirPlugin::update_volume_attribute(@_);
311 }
312
313 1;