On April 15, 2025 11:38 am, Maximiliano Sandoval wrote:
> We only create this directory while installing the package. If a user
> deletes /var/log then they will lose access to the web UI.
until the reinstall or upgrade the package?
> Signed-off-by: Maximiliano Sandoval <m.sando...@proxmox.com>
> ---
> bin/pveproxy | 18 +++++++++++++++---
> 1 file changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/bin/pveproxy b/bin/pveproxy
> index 20e8f2ab2..1090df039 100755
> --- a/bin/pveproxy
> +++ b/bin/pveproxy
> @@ -19,12 +19,24 @@ $SIG{'__WARN__'} = sub {
> $@ = $err;
> };
>
> +sub chown_to_www_data {
> + my ($dir) = @_;
> +
> + my $gid = getgrnam('www-data') || die "getgrnam failed - $!\n";
> + my $uid = getpwnam('www-data') || die "getpwnam failed - $!\n";
> +
> + chown($uid, $gid, $dir);
> +}
the thing that only works as root is the chown, not all of this..
> +
> my $prepare = sub {
> my $rundir="/var/run/pveproxy";
> + my $logdir = '/var/log/pveproxy';
> +
but anyway, it would be much easier to read and have better semantics if
we switch to
if root {
my $uid = ..
my $gid = ..
mkdir(..)
chown(..) || warn ...
mkdir(..)
chown(..) || warn ...
}
which has the added benefit of resetting the ownership to the right
value on reboot/service start, so fixes another potential issue (at the
cost of two unconditional syscalls).
> if (mkdir($rundir, 0700)) { # only works at first start if we are root)
> - my $gid = getgrnam('www-data') || die "getgrnam failed - $!\n";
> - my $uid = getpwnam('www-data') || die "getpwnam failed - $!\n";
> - chown($uid, $gid, $rundir);
> + chown_to_www_data($rundir);
> + }
> + if (mkdir($logdir, 0700)) {
> + chown_to_www_data($logdir);
> }
> };
>
> --
> 2.39.5
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>
>
>
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
