On Wed, Nov 15, 2023 at 03:14:50PM +0100, Thomas Lamprecht wrote:
> concept wise this looks pretty much OK, but a few (mostly code-style)
> comments in line
>
> Am 13/11/2023 um 11:30 schrieb Filip Schauer:
> > diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
> > index 56e1f10..9f325f2 100644
> > --- a/src/PVE/LXC/Config.pm
> > +++ b/src/PVE/LXC/Config.pm
> > @@ -29,6 +29,7 @@ mkdir $lockdir;
> > mkdir "/etc/pve/nodes/$nodename/lxc";
> > my $MAX_MOUNT_POINTS = 256;
> > my $MAX_UNUSED_DISKS = $MAX_MOUNT_POINTS;
> > +my $MAX_DEVICES = 256;
> >
> > # BEGIN implemented abstract methods from PVE::AbstractConfig
> >
> > @@ -908,6 +909,71 @@ for (my $i = 0; $i < $MAX_UNUSED_DISKS; $i++) {
> > }
> > }
> >
> > +PVE::JSONSchema::register_format('pve-lxc-dev-string',
> > \&verify_lxc_dev_string);
> > +sub verify_lxc_dev_string {
> > + my ($dev, $noerr) = @_;
> > +
> > + if (
> > + $dev =~ m@/\.\.?/@ ||
> > + $dev =~ m@/\.\.?$@ ||
>
> could be a single regex:
>
> $dev =~ @/\.\.?(?:/|$)@
>
> but no hard feelings, all variant are not easily readable and need close
> checking anyway (iow. like most regexes)
>
> > + $dev !~ m!^/dev/!
> > + ) {
> > + return undef if $noerr;
> > + die "$dev is not a valid device path\n";
> > + }
> > +
> > + return $dev;
> > +}
> > +
> > +PVE::JSONSchema::register_format('file-access-mode-string',
> > \&verify_file_access_mode);
> > +sub verify_file_access_mode {
> > + my ($mode, $noerr) = @_;
> > +
> > + if ($mode !~ /^[0-7]*$/) {
>
> this would allow an empty mode though? Also, not sure if we want to allow
> partial modes like 77 ?
Yeah, an empty mode should not be allowed. Not sure what you mean by
partial though, other than the missing leading zero.
For octal we should definitely enforce the leading zero.
>
> > + return undef if $noerr;
> > + die "$mode is not a valid file access mode\n";
> > + }
> > +
> > + return $mode;
> > +}
> > +
> > +my $dev_desc = {
> > + path => {
> > + optional => 1,
> > + type => 'string',
> > + default_key => 1,
> > + format => 'pve-lxc-dev-string',
> > + format_description => 'Path',
> > + description => 'Device to pass through to the container',
> > + verbose_description => 'Path to the device to pass through to the
> > container',
> > + },
> > + mode => {
> > + optional => 1,
> > + type => 'integer',
> > + format => 'file-access-mode-string',
... this should be `type => 'string'` (integer just doesn't enforce a
format),
the `format` should be dropped (including the registered sub above), and
instead use 'pattern' as:
pattern => '0[0-7]*',
JSONSchema anchors the pattern, so no need to include '^' and '$',
although I also wouldn't mind using
pattern => qr/^0[0-7]*$/,
> > + format_description => 'Octal access mode',
> > + description => 'Access mode to be set on the device node',
> > + },
> > + uid => {
> > + optional => 1,
> > + type => 'integer',
> > + description => 'User ID to be assigned to the device node',
> > + },
> > + gid => {
> > + optional => 1,
> > + type => 'integer',
> > + description => 'Group ID to be assigned to the device node',
Add `minimum => 0`, to both uid and gid.
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
