[pbs-devel] [PATCH proxmox-backup 3/4] api: refactor remote client and add remote scan
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Nov 5 10:03:08 CET 2020
On 05.11.20 08:42, Fabian Grünbichler wrote:
> On November 4, 2020 5:57 pm, Thomas Lamprecht wrote:
>> On 04.11.20 14:10, Fabian Grünbichler wrote:
>>> to allow on-demand scanning of remote datastores accessible for the
>>> configured remote user.
>>>
>>> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
>>> ---
>>>
>>> Notes:
>>> not 100% sure about PRIV_REMOTE_AUDIT vs PRIV_REMOTE_READ.. the latter is required to use a datastore for syncing/pull purposes
>>
>> you are not syncing here, so why should the permissions required for
>> that matter, when getting a general list of datastores of a remote?
> because the only thing that a remote datastore can currently be used for
> is syncing ;) but I am fine with AUDIT as well, I just wanted to mention
> it.
yes, but just because it will be used for that now, it still has not anything
to do with that directly - so I'd see it just as it's own thing, datastore
scanner - with no opinion on what the user wants to do with that.
>
>> If, that would be an extra filter param to set.
>>
>> I setup a remote with a token, got ->
>> GET /api2/json/config/remote/tuxis/scan: 401 Unauthorized: [client [::ffff:192.168.16.38]:47544] authentication failed - invalid user name in user id
> I think (as we discussed directly) this was an artifact of version
> mismatch?
>
>>> src/api2/config/remote.rs | 66 ++++++++++++++++++++++++++++++-
>>> src/api2/pull.rs | 12 +-----
>>> src/bin/proxmox-backup-manager.rs | 26 +++---------
>>> 3 files changed, 71 insertions(+), 33 deletions(-)
>>>
>>> diff --git a/src/api2/config/remote.rs b/src/api2/config/remote.rs
>>> index ffbba1d2..b415f63d 100644
>>> --- a/src/api2/config/remote.rs
>>> +++ b/src/api2/config/remote.rs
>>> @@ -1,4 +1,4 @@
>>> -use anyhow::{bail, Error};
>>> +use anyhow::{bail, format_err, Error};
>>> use serde_json::Value;
>>> use ::serde::{Deserialize, Serialize};
>>>
>>> @@ -6,6 +6,7 @@ use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission};
>>> use proxmox::tools::fs::open_file_locked;
>>>
>>> use crate::api2::types::*;
>>> +use crate::client::{HttpClient, HttpClientOptions};
>>> use crate::config::cached_user_info::CachedUserInfo;
>>> use crate::config::remote;
>>> use crate::config::acl::{PRIV_REMOTE_AUDIT, PRIV_REMOTE_MODIFY};
>>> @@ -301,10 +302,71 @@ pub fn delete_remote(name: String, digest: Option<String>) -> Result<(), Error>
>>> Ok(())
>>> }
>>>
>>> +/// Helper to get client for remote.cfg entry
>>> +pub async fn remote_client(remote: remote::Remote) -> Result<HttpClient, Error> {
>>> + let options = HttpClientOptions::new()
>>> + .password(Some(remote.password.clone()))
>>> + .fingerprint(remote.fingerprint.clone());
>>> +
>>> + let client = HttpClient::new(
>>> + &remote.host,
>>> + remote.port.unwrap_or(8007),
>>> + &remote.userid,
>> sure about userid, shouldn't this be authid or is that the same here?
>> At least would explain the error I get..
> the field in the config is called userid, it contains an Authid
> (renaming would require postinst fixup, but if you want I can send a
> patch for switching it over).
>
it's a bit confusing, but that's it, was probably more confused in the light
of the outdated server at the other end.. So sorry for the noise :)
More information about the pbs-devel
mailing list