[pve-devel] [PATCH proxmox-perl-rs 1/1] firewall: sdn: ignore EPERM when reading the legacy IPAM file
Stefan Hanreich
s.hanreich at proxmox.com
Wed Nov 20 15:47:41 CET 2024
On fresh installations, neither the new nor the old IPAM db file
exist. This triggers our fallback code path and leads to errors in the
syslog on fresh installs where there is no IPAM database. This happens
whenever a firewall API call is made. Because of this, we choose to
ignore EPERM when reading the legacy files. This is okay, because we
move existing databases in the postinstall script of
libpve-network-perl, making the situation where the new file does not
exist, but the old file exists unlikely.
Reported-by: Alexander Zeidler <a.zeidler at proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanreich at proxmox.com>
---
The change from () to {} is due to rustfmt quirks. Adding the or made
rustfmt change () to {()}, leading to another complaint by clippy
about an unnecessary unit type in the closure, which I then removed.
pve-rs/src/firewall/sdn.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pve-rs/src/firewall/sdn.rs b/pve-rs/src/firewall/sdn.rs
index a7d7b80..faf5156 100644
--- a/pve-rs/src/firewall/sdn.rs
+++ b/pve-rs/src/firewall/sdn.rs
@@ -126,7 +126,9 @@ mod export {
Err(e) if e.kind() == io::ErrorKind::NotFound => {
match fs::read_to_string(SDN_IPAM_LEGACY) {
Ok(data) => add_ipam_ipsets(data)?,
- Err(e) if e.kind() == io::ErrorKind::NotFound => (),
+ Err(e)
+ if e.kind() == io::ErrorKind::NotFound
+ || e.kind() == io::ErrorKind::PermissionDenied => {}
Err(e) => bail!("Cannot open legacy IPAM database: {e:#}"),
}
}
--
2.39.5
More information about the pve-devel
mailing list