From 643f287fcbb15e9c1e9cd087b4359d8488739a5a Mon Sep 17 00:00:00 2001 From: Waqar Ahmed Date: Wed, 5 Mar 2025 19:44:53 +0400 Subject: [PATCH] Add audit log missing for some pool disk operations --- .../plugins/pool_/pool_disk_operations.py | 53 ++++++++++++++++--- 1 file changed, 45 insertions(+), 8 deletions(-) diff --git a/src/middlewared/middlewared/plugins/pool_/pool_disk_operations.py b/src/middlewared/middlewared/plugins/pool_/pool_disk_operations.py index 436a269547528..a4d11ddce3ebd 100644 --- a/src/middlewared/middlewared/plugins/pool_/pool_disk_operations.py +++ b/src/middlewared/middlewared/plugins/pool_/pool_disk_operations.py @@ -17,7 +17,13 @@ class Config: event_send = False @item_method - @api_method(PoolDetachArgs, PoolDetachResult, audit='Disk Detach', audit_callback=True, roles=['POOL_WRITE']) + @api_method( + PoolDetachArgs, + PoolDetachResult, + audit='Disk detach', + audit_callback=True, + roles=['POOL_WRITE'] + ) async def detach(self, audit_callback, oid, options): """ Detach a disk from pool of id `id`. @@ -47,7 +53,13 @@ async def detach(self, audit_callback, oid, options): disk = await self.middleware.call( 'disk.label_to_disk', found[1]['path'].replace('/dev/', '') ) - audit_callback(disk) + + if found[1]['type'] != 'DISK': + disk_paths = [d['path'] for d in found[1]['children']] + else: + disk_paths = [found[1]['path']] + audit_callback(f'{", ".join(disk_paths)} from {pool["name"]!r} pool') + await self.middleware.call('zfs.pool.detach', pool['name'], found[1]['guid']) if disk and options['wipe']: @@ -59,7 +71,13 @@ async def detach(self, audit_callback, oid, options): return True @item_method - @api_method(PoolOfflineArgs, PoolOfflineResult, audit='Disk Offline', audit_callback=True, roles=['POOL_WRITE']) + @api_method( + PoolOfflineArgs, + PoolOfflineResult, + audit='Disk offline', + audit_callback=True, + roles=['POOL_WRITE'] + ) async def offline(self, audit_callback, oid, options): """ Offline a disk from pool of id `id`. @@ -90,15 +108,21 @@ async def offline(self, audit_callback, oid, options): disk_paths = [d['path'] for d in found[1]['children']] else: disk_paths = [found[1]['path']] - audit_callback(', '.join(disk_paths)) + audit_callback(f'{", ".join(disk_paths)} in {pool["name"]!r} pool') await self.middleware.call('zfs.pool.offline', pool['name'], found[1]['guid']) return True @item_method - @api_method(PoolOnlineArgs, PoolOnlineResult, roles=['POOL_WRITE']) - async def online(self, oid, options): + @api_method( + PoolOnlineArgs, + PoolOnlineResult, + audit='Disk online', + audit_callback=True, + roles=['POOL_WRITE'] + ) + async def online(self, audit_callback, oid, options): """ Online a disk from pool of id `id`. @@ -125,14 +149,26 @@ async def online(self, oid, options): verrors.add('options.label', f'Label {options["label"]} not found on this pool.') verrors.check() + if found[1]['type'] != 'DISK': + disk_paths = [d['path'] for d in found[1]['children']] + else: + disk_paths = [found[1]['path']] + audit_callback(f'{", ".join(disk_paths)} in {pool["name"]!r} pool') + await self.middleware.call('zfs.pool.online', pool['name'], found[1]['guid']) return True @item_method - @api_method(PoolRemoveArgs, PoolRemoveResult, roles=['POOL_WRITE']) + @api_method( + PoolRemoveArgs, + PoolRemoveResult, + audit='Disk remove', + audit_callback=True, + roles=['POOL_WRITE'] + ) @job(lock=lambda args: f'{args[0]}_remove') - async def remove(self, job, oid, options): + async def remove(self, job, audit_callback, oid, options): """ Remove a disk from pool of id `id`. @@ -182,6 +218,7 @@ async def remove(self, job, oid, options): disk_paths = [d['path'] for d in found[1]['children']] else: disk_paths = [found[1]['path']] + audit_callback(f'{", ".join(disk_paths)} from {pool["name"]!r} pool') job.set_progress(70, 'Wiping disks') disks_to_wipe = set()