From f418f4e48b154ba676dc1f262d1a4a892d08e726 Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Fri, 3 Jun 2022 13:31:26 +0200 Subject: [PATCH] api: list datastores: avoid unsafe datastore open to avoid the problematic open fresh datastore with fresh chunkstore with, and that's the actual problematic part, fresh process locker. As the latter uses posix record locks which are pretty dangreous as they operate on a path level (not FD level) and thus closing any file opened (even if it wasn't opened for locking at all) drops all active locks on the same file on completely unrelated file descriptors -.- Also, no operation wasn't exactly correct for this thing in the first place, but we cannot use Operation::Lookup either, as we're currently indeed using a rather stupid-simple way and *are* reading. So until we optimize this to allow querying the AclTree if there's any priv XYZ below a path, use the Operation::Read. Signed-off-by: Thomas Lamprecht --- src/api2/admin/datastore.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs index 44208a4c..ca2dc8db 100644 --- a/src/api2/admin/datastore.rs +++ b/src/api2/admin/datastore.rs @@ -1193,11 +1193,11 @@ pub fn get_datastore_list( let mut allow_id = false; if !allowed { - let scfg: pbs_api_types::DataStoreConfig = serde_json::from_value(data.to_owned())?; - // safety: we just cannot go through lookup as we must avoid an operation check - if let Ok(datastore) = unsafe { DataStore::open_from_config(scfg, None) } { + if let Ok(datastore) = DataStore::lookup_datastore(store, Some(Operation::Read)) { allow_id = can_access_any_namespace(datastore, &auth_id, &user_info); } + // FIXME: check for any ACL on the datastore below in the error case, otherwise offline + // datastore will disappear for users that can only access a specific namespace } if allowed || allow_id {