This commits also makes user authentication async, so that e.g. a not
responding LDAP server cannot block other logins.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Note: bind-passwords set via the API are not stored in `domains.cfg`,
but in a separate `ldap_passwords.json` file located in
`/etc/proxmox-backup/`.
Similar to the already existing `shadow.json`, the file is
stored with 0600 permissions and is owned by root.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
The properties are mainly based on the ones from PVE, except:
* consistent use of kebab-cases
* `mode` replaces deprecated `secure`
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
This allows specifying a user's realm when adding a new user.
For now, adding users to the PAM realm is explicitely disabled
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
... allows the deletion of an authid from the whole tree. Needed
for removing deleted users/tokens.
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
The function was moved to proxmox-rest-server to make it
usable in the proxmox-backup-manager cli binary.
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Running configured jobs was already possible using the Web UI, but not
using the CLI. To fix that, this commit adds the following commands to
`proxmox-backup-manager`:
* prune-job run <id>
* sync-job run <id>
* verify-job run <id>
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
instead of
Error: unable to open snapshot directory "/full/path/to/snapshot" for locking - ENOENT: No such file or directory
this will now print
Error: Snapshot vm/800/2023-01-16T12:28:11Z does not exist.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
In former commit, the enum members were renamed to be CamelCase, in
accordance with the usual Rust style guide. However, this broke the
GUI in some places due to failing JSON property deserialization.
To fix this, some serde(rename = "kebab-case") directives were added.
Some properties were also serde-renamed to snake_case, otherwise
it would have been necessary to also modify proxmox-widget-toolkit
as well as PVE source code. This can follow in a later commit if so
desired.
Fixes: a2055c38 fix non-camel-case enums
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Instead of percent-encoding the UPID on every loop iteration plus on
abort, just encode it once before entering the loop.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
`proxmox-backup-client task log ..` and `proxmox-backup-manager task log ..`
are used to view the logs of tasks that have been started by another client, so
interrupting the task progress view should not forward the interrupt to the
running task. other call sites of the same helper(s) that spawn a task and then
print its progress should keep the old behaviour of interrupting the spawned
task on C^c.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Was a bit odd that the very similar (same return type) methods used
a for+if/else+push and a iter+filter+collect approach.
Switch both to the latter and use a match instead of if/else for
shorter code
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
while refactoring the the empty media set checks, we accidentally
reversed one check from !is_empty to unassigned, which now never
included the right media sets.
reversing the condition fixes that.
fixes
52517f7b: ("tape: hide internal use of all zero uuid for unassigned tapes")
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
as a stop-gap measure. Otherwise, task logs for PVE backups started
via non-CLI will have the message
> storing login ticket failed: $XDG_RUNTIME_DIR must be set
show up when running a proxmox-backup-client command (e.g. setting
notes and when uploading the log). This is confusing to users[0].
[0]: https://forum.proxmox.com/threads/120492/
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
zfs errors might include a newline in the output (e.g. when trying to
create a mirror on two differently sized disks), which trips up our
task log status parser since that expectes a 'TASK {status}' on the
beginning of the first line.
print the error from zfs into the log and bail out with a short notice
to check the task log
this fixes the 'unknown error' issue in the ui when an error happnes
during the zfs commands
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
.. in the same way the PVE api does, esp. regarding the logic to handle
oneshot and missing services.
This then allows re-using the GUI parts from there as well, so that the
services page in PVE and PBS looks the same.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Instead, report an error if storing the ticket info failed, so that the
user is informed that something went wrong and follow-up commands might
require authentication again.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
no longer needed, it inherits the workspace/proxmox-backup version now, there
is no risk of forgetting to update its version anymore.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
similar to what's done in the proxmox repo/workspace, to avoid them getting out
of sync. before this change, the recently introduced pbs-key-config was
missing.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
A #[default] attribute now conflicts with an explicitly
defined #[api(default: ...)] value for obvious reasons.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
