On fresh installations, neither the new nor the old IPAM db file
exist. This triggers our fallback code path and leads to errors in the
syslog on fresh installs where there is no IPAM database. This happens
whenever a firewall API call is made. Because of this, we choose to
ignore EPERM when reading the legacy files. This is okay, because we
move existing databases in the postinstall script of
libpve-network-perl, making the situation where the new file does not
exist, but the old file exists unlikely.
Reported-by: Alexander Zeidler <a.zeid...@proxmox.com>
Signed-off-by: Stefan Hanreich <s.hanre...@proxmox.com>
---
The change from () to {} is due to rustfmt quirks. Adding the or made
rustfmt change () to {()}, leading to another complaint by clippy
about an unnecessary unit type in the closure, which I then removed.
pve-rs/src/firewall/sdn.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pve-rs/src/firewall/sdn.rs b/pve-rs/src/firewall/sdn.rs
index a7d7b80..faf5156 100644
--- a/pve-rs/src/firewall/sdn.rs
+++ b/pve-rs/src/firewall/sdn.rs
@@ -126,7 +126,9 @@ mod export {
Err(e) if e.kind() == io::ErrorKind::NotFound => {
match fs::read_to_string(SDN_IPAM_LEGACY) {
Ok(data) => add_ipam_ipsets(data)?,
- Err(e) if e.kind() == io::ErrorKind::NotFound => (),
+ Err(e)
+ if e.kind() == io::ErrorKind::NotFound
+ || e.kind() == io::ErrorKind::PermissionDenied =>
{}
Err(e) => bail!("Cannot open legacy IPAM database: {e:#}"),
}
}
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
