[pve-devel] applied: [PATCH v6 manager 1/6] unified the classification of the passed command for all shell apis

Thomas Lamprecht t.lamprecht at proxmox.com
Thu Feb 28 13:36:36 CET 2019


On 2/27/19 3:01 PM, Tim Marx wrote:
> As discussed on the pve-devel list [0] I extracted the identical chunks from each
> shell api into one function as basis for future changes.
> 
> [0] https://pve.proxmox.com/pipermail/pve-devel/2019-January/035387.html
> 

applied, but renamed "$cmdMapper" to "$shell_cmd_map" as requested[0], thanks!

[0]: https://pve.proxmox.com/pipermail/pve-devel/2019-February/035609.html

> Signed-off-by: Tim Marx <t.marx at proxmox.com>
> ---
>  PVE/API2/Nodes.pm | 84 +++++++++++++++++++++++++++++++++----------------------
>  1 file changed, 50 insertions(+), 34 deletions(-)
> 
> diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
> index a44b5ac2..1a1e260a 100644
> --- a/PVE/API2/Nodes.pm
> +++ b/PVE/API2/Nodes.pm
> @@ -701,6 +701,25 @@ __PACKAGE__->register_method({
>  
>  my $sslcert;
>  
> +my $cmdMapper = {
> +    'login' => [ '/bin/login', '-f', 'root' ],
> +    'upgrade' => [ '/usr/bin/pveupgrade', '--shell' ],
> +};
> +
> +sub get_shell_command  {
> +    my ($user, $shellcmd) = @_;
> +
> +    if ($user eq 'root at pam') {
> +	if (exists($cmdMapper->{$shellcmd})) {
> +	    return $cmdMapper->{$shellcmd};
> +	} else {
> +	    return [ '/bin/login', '-f', 'root' ];
> +	}
> +    } else {
> +	return [ '/bin/login' ];
> +    }
> +}
> +
>  __PACKAGE__->register_method ({
>      name => 'vncshell',
>      path => 'vncshell',
> @@ -721,6 +740,13 @@ __PACKAGE__->register_method ({
>  		optional => 1,
>  		default => 0,
>  	    },
> +	    cmd => {
> +		type => 'string',
> +		description => "Run specific command or default to login.",
> +		enum => [keys %$cmdMapper],
> +		optional => 1,
> +		default => 'login',
> +	    },
>  	    websocket => {
>  		optional => 1,
>  		type => 'boolean',
> @@ -787,19 +813,10 @@ __PACKAGE__->register_method ({
>  	my $remcmd = $remip ?
>  	    ['/usr/bin/ssh', '-e', 'none', '-t', $remip] : [];
>  
> -	my $shcmd;
> -
> -	if ($user eq 'root at pam') {
> -	    if ($param->{upgrade}) {
> -		my $upgradecmd = "pveupgrade --shell";
> -		$upgradecmd = PVE::Tools::shellquote($upgradecmd) if $remip;
> -		$shcmd = [ '/bin/bash', '-c', $upgradecmd ];
> -	    } else {
> -		$shcmd = [ '/bin/login', '-f', 'root' ];
> -	    }
> -	} else {
> -	    $shcmd = [ '/bin/login' ];
> +	if ($param->{upgrade}) {
> +	    $param->{cmd} = 'upgrade';
>  	}
> +	my $shcmd = get_shell_command($user, $param->{cmd});
>  
>  	my $timeout = 10;
>  
> @@ -880,6 +897,13 @@ __PACKAGE__->register_method ({
>  		optional => 1,
>  		default => 0,
>  	    },
> +	    cmd => {
> +		type => 'string',
> +		description => "Run specific command or default to login.",
> +		enum => [keys %$cmdMapper],
> +		optional => 1,
> +		default => 'login',
> +	    },
>  	},
>      },
>      returns => {
> @@ -919,17 +943,10 @@ __PACKAGE__->register_method ({
>  	my $remcmd = $remip ?
>  	    ['/usr/bin/ssh', '-e', 'none', '-t', $remip , '--'] : [];
>  
> -	my $concmd;
> -
> -	if ($user eq 'root at pam') {
> -	    if ($param->{upgrade}) {
> -		$concmd = [ '/usr/bin/pveupgrade', '--shell' ];
> -	    } else {
> -		$concmd = [ '/bin/login', '-f', 'root' ];
> -	    }
> -	} else {
> -	    $concmd = [ '/bin/login' ];
> +	if ($param->{upgrade}) {
> +	    $param->{cmd} = 'upgrade';
>  	}
> +	my $shcmd = get_shell_command($user, $param->{cmd});
>  
>  	my $realcmd = sub {
>  	    my $upid = shift;
> @@ -938,7 +955,7 @@ __PACKAGE__->register_method ({
>  
>  	    my $cmd = ['/usr/bin/termproxy', $port, '--path', $authpath,
>  		       '--perm', 'Sys.Console',  '--'];
> -	    push  @$cmd, @$remcmd, @$concmd;
> +	    push  @$cmd, @$remcmd, @$shcmd;
>  
>  	    PVE::Tools::run_command($cmd);
>  	};
> @@ -1027,6 +1044,13 @@ __PACKAGE__->register_method ({
>  		optional => 1,
>  		default => 0,
>  	    },
> +	    cmd => {
> +		type => 'string',
> +		description => "Run specific command or default to login.",
> +		enum => [keys %$cmdMapper],
> +		optional => 1,
> +		default => 'login',
> +	    },
>  	},
>      },
>      returns => get_standard_option('remote-viewer-config'),
> @@ -1048,18 +1072,10 @@ __PACKAGE__->register_method ({
>  	my $authpath = "/nodes/$node";
>  	my $permissions = 'Sys.Console';
>  
> -	my $shcmd;
> -
> -	if ($user eq 'root at pam') {
> -	    if ($param->{upgrade}) {
> -		my $upgradecmd = "pveupgrade --shell";
> -		$shcmd = [ '/bin/bash', '-c', $upgradecmd ];
> -	    } else {
> -		$shcmd = [ '/bin/login', '-f', 'root' ];
> -	    }
> -	} else {
> -	    $shcmd = [ '/bin/login' ];
> +	if ($param->{upgrade}) {
> +	    $param->{cmd} = 'upgrade';
>  	}
> +	my $shcmd = get_shell_command($user, $param->{cmd});
>  
>  	my $title = "Shell on '$node'";
>  
> 




More information about the pve-devel mailing list