5
0
mirror of git://git.proxmox.com/git/pve-common.git synced 2024-12-25 05:33:49 +03:00
Commit Graph

828 Commits

Author SHA1 Message Date
Wolfgang Bumiller
edbdf0b240 net: remove flowid in traffic limit commands
We don't use them and iproute2 4.13.0 has an issue parsing
parameters after a policing description.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-02-05 09:48:32 +01:00
Wolfgang Bumiller
caf3f3a7a1 bump version to 5.0-27
Now breaks qemu-server<<5.0-21

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-01-22 15:10:05 +01:00
Dietmar Maurer
3b671d82b1 INotify.pm - new helper poll_changes
Useful to detect file changes.

Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2018-01-22 14:52:04 +01:00
Dietmar Maurer
04cba6c8c1 read_file: replace $versions->{$filename} with $cver
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2018-01-22 14:52:04 +01:00
Thomas Lamprecht
b8dc43668b CLIHandler: use resolved command definition
For sub commands we resolve the real $cmd, $def and its arguments,
thus we should also get the handler from the resolved $def, not the
global one.

No change for normal (consisting of only the first argument)
commands, for them $cmddef == $def.
This sneaked in in a respin/rebase of the series.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-22 11:07:23 +01:00
Wolfgang Bumiller
ca2835a1d4 bump version to 5.0-26
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-01-18 09:31:02 +01:00
Thomas Lamprecht
c1059f7c17 cli: document $cmddef structure
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-01-18 08:59:34 +01:00
Thomas Lamprecht
6627ae09a0 cli: allow to pass sub commands to help as array
Improves usabillity by allowing to pass a sub copmmand unquoted to
the help command, e.g.:

 # pveum help user delete

without this only a quoted version worked, e.g.:
 # pveum help "user delete"

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-01-18 08:59:34 +01:00
Thomas Lamprecht
50b89b88bb cli: allow specifying sub commands through $cmddef
allow to use sub commands alá
 # pveum user add

The new resolve_cmd traverses $cmddef, resolves one level of aliases
and returns the respective sub command, its cmddef, arguments and if
it was expanded (e.g., pveum u d ... => pveum user delete ...) which
allows quite easy integration in the usage/synopsis generator, bash
completion helper and command handler.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-18 08:59:34 +01:00
Thomas Lamprecht
4c802a572c cli: factor out generate usage string
reduce code reuse and prepare for sub commands

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-18 08:59:34 +01:00
Thomas Lamprecht
5fa768fc8d cli: refactor print_bash_completion
move variables nearer to where they actually used.
drop program name early from argv array
drop unnecessary variables

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-18 08:59:34 +01:00
Thomas Lamprecht
b21cf57546 JSONSchema: add fingerprint-sha256 standard option
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-11 12:20:22 +01:00
Wolfgang Bumiller
2311859b0d fork_worker: guard more setup code with eval
As it might die with an error which should end up in the
_exit() code path rather than bailing out into the upper
scope.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-10 14:12:34 +01:00
Wolfgang Bumiller
4d9f4d62e4 fork_worker: use correct handle type for POSIX::write
$resfh can be a pipe from POSIX::pipe() or the upid output
handle, which is an IO::File, so we need to take its
fileno().

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: ed52a8435a ("fork_worker: use separate pipe for status messages")
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-01-10 14:12:34 +01:00
Thomas Lamprecht
918140af72 cli: factor out abort
will be reused in later patches too

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-29 11:51:20 +01:00
Thomas Lamprecht
7bac844eaa cli: refactor comand name helper
use shorter and also a bit faster methods to expand and get comand
names

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-29 11:51:20 +01:00
Thomas Lamprecht
d204696c52 cli: factor out initialisation check
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-29 11:51:20 +01:00
Thomas Lamprecht
57e67ea354 cli: refactor and use $cmddef directly
passing one param less to the helper methods

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
Acked-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-29 11:51:20 +01:00
Thomas Lamprecht
4fdc9659e9 Tools/df: reuse run_fork_with_timeout
Use the later added run_fork_with_timeout for encapsulating df in a
safely manner.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-21 09:28:47 +01:00
Thomas Lamprecht
ed61b9d675 run_command: add 'quiet' parameter for omitting STD* prints
Without this patch we printed to STDOUT and STDERR, respectively, if
no $outfunc or $errfunc was passed.

Sometimes it's useful if one, or even both, of those prints can
be suppressed, currently this can only be done by either using an array
of arrays or a whole string for the command and redirecting STDOUT
and STDERR.

Add a 'quiet' option which allows to do this in an easier way.
It allows to silent STDERR or STDOUT or both.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-19 13:09:07 +01:00
Thomas Lamprecht
3e2da21600 fork_worker: factor out synced worker output mirroring
When running in sync (CLI environment) we mirror the workers output
to both, STDOUT and th task log file, a similar function as the unix
comand line tool tee provides, thus we borrow its name for the
factored out sub method.

This moves ~60 lines of code out of the big fork_worker sub and makes
it easier to read track what happens there.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-18 13:37:05 +01:00
Thomas Lamprecht
ed52a8435a fork_worker: use separate pipe for status messages
We forced line wise flushing of the workers STDOUT and STDERR to
capture the final status (TASK OK/TASK ERROR).
Thus, if the code executed in the worker wanted to flush explicitly,
e.g., when the last output wasn't new line terminated but needed to
reach the users eyes, the parent just ignored that.
This leads to confusing results in CLI handlers using fork_workers.

So remove the buffering logic completely and introduce a separate
pipe for sending the final status.
Said pipe gets once read after the child closes (EOF) its STDOUT.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-18 13:37:05 +01:00
Thomas Lamprecht
95109cc44e fork_worker: refactor passing $upid to parent for sync
STDOUT and $psync[1] are the same here, so no need to differ.
Also we do this only for letting the parent know tha we're ready, the
parent knows the UPID already as it was generated before forking.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-18 13:37:05 +01:00
Wolfgang Bumiller
5cccb0f200 bump version to 5.0-25
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-15 13:26:33 +01:00
Thomas Lamprecht
21f36fed3c ticket: raise UNAUTHORIZED not FORBIDDEN in verify subs
In the ticket and CSRF prevention token verification methods we used
a raise_perm exception to tell our caller about a failure of such a
verification. raise_perm uses HTTP_FORBIDDEN (403) as code.

Earlier, all such exceptions or die's where caught when the anyevent
http server called the auth_handler method and transformed to
HTTP_UNAUTHORIZED (401).

With commit d8327719e353198a1dffad88c246fee065054a6b from
pve-http-server we gained the ability to tell a client about a server
internal 5XX error, so that clients do not get wrongly logged out if
we have a internal error.
This resulted also in the effect that the exceptions of the
verify_rsa_ticket and verify_csrf_prevention_token sub methods where
passed to the client.

If an old, now invalid, ticket was sent to the server a client got
403 (FORBIDDEN) instead of the 401 (UNAUTHORIZED) - which he was used
to, and thus meant that he did some wrong doing, instead of knowing
that he just needs to login.

As we are not yet logged in here, and thus cannot possibly know if
the call is forbidden or not, HTTP_FORBIDDEN seems the wrong code.
Change it to HTTP_UNAUTHORIZED, which restores it to the code we told
API clients since ever and is the correct one here.

Also RFC 2068 section 10.4.4 [1] defines that for the afformentioned
verify methods FORBIDDEN was not really correct:

 > 403 Forbidden
 >
 >    The server understood the request, but is refusing to fulfill it.
 >    Authorization will not help and the request SHOULD NOT be
 >    repeated. [...]

With a invalid ticket or CSRF prevention token we have a
authorization problem for the current call, not a permission problem
(we may have, but we can't tell yet).

[1] https://tools.ietf.org/html/rfc2068#section-10.4.4

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-15 12:25:10 +01:00
Dominik Csapak
95386dafb7 fix convert_size with decimal numbers and add tests
converting from 0.5 gb to mb resulted in 0 mb
with this patch it correctly returns 512

also add tests and catch more errors

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2017-12-15 11:15:50 +01:00
Wolfgang Bumiller
76cbfc85df bump version to 5.0-24
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-13 15:05:07 +01:00
Wolfgang Bumiller
ee29490fe0 read_password improvements
* Cancel on Ctrl+C (die())
* Finish on Ctrl+D (eof/eot) without appending a newline
* Also finish on \n to be sure.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-13 14:49:14 +01:00
Thomas Lamprecht
590b924e19 wait_for_vnc_port: allow to enforce IP family
Most times a port was requested for a specified IP family (v4, v6)
only. Thus also ensure that the port from the respective family got
ready, else we may return on a false positive.

As we had no user setting the $timeout param we can add the $family
param as second one, it'll get used more often, so no need to put it
at the back.

As we do nothing if not defined this does not changes the behavior of
our users yet.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-05 13:48:49 +01:00
Thomas Lamprecht
8fd0d63460 wait_for_vnc_port: die if port did not get ready
All of our users expected this behavior and did not check for undef

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-12-05 13:48:49 +01:00
Wolfgang Bumiller
2388d0c214 bump version to 5.0-23
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-12-04 10:17:13 +01:00
Wolfgang Bumiller
1672bfe56d buildsys: cleanup and add PTY.pm to install files
There was no obvious order to this list, now there is.
Plus, tabs after non-tabs are evil.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-27 14:21:50 +01:00
Wolfgang Bumiller
1406425133 pty: add read_password helper
Short helper which doesn't need readline and/or deal with
history cleanup.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-27 14:21:50 +01:00
Wolfgang Bumiller
a0f008cd10 Add PVE::PTY helper class
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-27 14:21:50 +01:00
Philip Abernethy
e93833f524 Remove deprecated run_cli subroutine 2017-11-24 09:15:14 +01:00
Wolfgang Bumiller
fce424fda9 bump version to 5.0-22
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-20 14:22:24 +01:00
Thomas Lamprecht
75b6832cf8 daemon: fix send termination to all workers on exit
The hash slice did not work as intented here, it only return the keys
from the last elemend defined in the slice, thus not all workers got
a TERM.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-11-20 13:54:27 +01:00
Dietmar Maurer
8767dd7c1a bump version to 5.0-21 2017-11-14 08:01:56 +01:00
Wolfgang Bumiller
5dff28f062 partially revert: daemon: refactor and cleanup
Reverts a hunk of 0da5a3e43b which removed checking &
untainting of pids from the PVE_DAEMON_WORKER_PIDS env var.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-13 10:32:01 +01:00
Wolfgang Bumiller
563661dd94 daemon: add missing parenthesis around list
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Fixes: 0da5a3e43b ("daemon: refactor and cleanup")
2017-11-10 12:24:06 +01:00
Thomas Lamprecht
e6d1f1e2e5 daemon: terminate_server reduce code reuse
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-11-10 12:14:20 +01:00
Thomas Lamprecht
0da5a3e43b daemon: refactor and cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-11-10 12:14:20 +01:00
Thomas Lamprecht
d0138dbaca daemon: don't send SIGTERM before restart on leave_children_open_on_reload
Else this options is not really useful. First, sending a SIGTERM lets
the children exit, not quite what "leave_children_open_on_reload"
promises.

The problem this causes is that we may get a time window where no
worker is active and thus, for example, our API daemon would not
accept connections during a restart (or better said, reload).

So, don't request termination of any child worker, if this option is
set, but rather just restart (re-exec) ourself, startup a new set of
workers and only then request the termination of the old ones,
allowing a fully seamless reload.

This is only done on `$daemon-exe restart` and thus on
`systemctl reload $daemon`, systemctl restart or any other stop start
cycles always exit all other workers first.

This expects that the worker can do a graceful termination on
SIGTERM, which is already the case for anything using our AnyEvent
based class (which is base of our HTTPServer module).
With graceful termination is meant the following: the worker accepts
no new work and exits immediately after the current queued work is
done.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-11-10 12:14:20 +01:00
Wolfgang Bumiller
3feb2c7661 tests: remove acquire-lock newline termination
Not needed anymore.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2017-11-10 11:29:54 +01:00
Thomas Lamprecht
91bae4c070 lock_file_full: add missing trailing newline
When we do not instantly get the lock we print a respective message
to stderr. This shows also up in the task logs, and if it's the last
message before a 'Task OK' the UI gets confused an shows the task as
erroneous.

Keep the message as its a good feedback for the user to see why an op
seems to do nothing, so simply add a trailing newline.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-11-10 11:28:21 +01:00
Dietmar Maurer
62a8f27b99 JSONSchema.pm - add a 'download' attribute
To mark methods which downloads file content to the client.
2017-11-08 09:42:58 +01:00
Fabian Grünbichler
b50791668c bump version to 5.0-20 2017-10-17 15:08:57 +02:00
Philip Abernethy
3ef20687db cli: whitespace cleanup 2017-10-17 13:27:21 +02:00
Philip Abernethy
367f04c577 cli: code cleanup
Removes obsolete subroutine and unused Dumper
2017-10-17 13:27:21 +02:00
Wolfgang Bumiller
a2d049afde tools: more general run_fork_with_timeout + run_fork 2017-10-13 13:21:44 +02:00