* [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
@ 2025-04-08 16:38 Friedrich Weber
2025-04-08 16:51 ` Stefan Hanreich
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Friedrich Weber @ 2025-04-08 16:38 UTC (permalink / raw)
To: pve-devel
Currently, as an unprivileged user with role PVEVMUser the GUI breaks
with an error after navigating to a VM's hardware tab. The reason is
that the frontend checks the GUI capabilites via `caps.mapping.hwrng`,
but `caps.mapping` does not actually have a property called `hwrng`.
The reason this does not trigger for more privileged users is that all
expressions involving `caps.mapping.hwrng` are short-circuited if the
user has privilege `VM.Config.Type`, so `caps.mapping.hwrng` is never
evaluated.
Fixes: a47a8afb ("ui: let non-root users configure VirtIO RNG devices")
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
---
Notes:
I wasn't actually sure whether `caps` may have such a 2-level structure
in some cases, but it doesn't seem like it. After applying this patch
to pve-manager:
% ag 'caps\.[^\[.]+\.' | wc -l
0
www/manager6/qemu/HardwareView.js | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/www/manager6/qemu/HardwareView.js b/www/manager6/qemu/HardwareView.js
index 4ce9908c..b949264f 100644
--- a/www/manager6/qemu/HardwareView.js
+++ b/www/manager6/qemu/HardwareView.js
@@ -316,8 +316,8 @@ Ext.define('PVE.qemu.HardwareView', {
rows.rng0 = {
group: 45,
tdCls: 'pve-itype-icon-die',
- editor: caps.vms['VM.Config.HWType'] || caps.mapping.hwrng['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
- never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
+ editor: caps.vms['VM.Config.HWType'] || caps.mapping['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
+ never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
header: gettext("VirtIO RNG"),
};
for (let i = 0; i < PVE.Utils.hardware_counts.virtiofs; i++) {
@@ -757,7 +757,7 @@ Ext.define('PVE.qemu.HardwareView', {
text: gettext("VirtIO RNG"),
itemId: 'addRng',
iconCls: 'pve-itype-icon-die',
- disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
+ disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
handler: editorFactory('RNGEdit'),
},
{
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
2025-04-08 16:38 [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users Friedrich Weber
@ 2025-04-08 16:51 ` Stefan Hanreich
2025-04-08 16:54 ` Friedrich Weber
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Stefan Hanreich @ 2025-04-08 16:51 UTC (permalink / raw)
To: Proxmox VE development discussion, Friedrich Weber
Created a user with only PVEVMUser privileges and navigated to the
hardware tab of a VM. Could reproduce the issue with the exact same
error message in the JS console.
Applied the patch and reloaded, navigating to the HW tab now worked, so
consider this:
Tested-by: Stefan Hanreich <s.hanreich@proxmox.com>
On 4/8/25 18:38, Friedrich Weber wrote:
> Currently, as an unprivileged user with role PVEVMUser the GUI breaks
> with an error after navigating to a VM's hardware tab. The reason is
> that the frontend checks the GUI capabilites via `caps.mapping.hwrng`,
> but `caps.mapping` does not actually have a property called `hwrng`.
>
> The reason this does not trigger for more privileged users is that all
> expressions involving `caps.mapping.hwrng` are short-circuited if the
> user has privilege `VM.Config.Type`, so `caps.mapping.hwrng` is never
> evaluated.
>
> Fixes: a47a8afb ("ui: let non-root users configure VirtIO RNG devices")
> Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
> ---
>
> Notes:
> I wasn't actually sure whether `caps` may have such a 2-level structure
> in some cases, but it doesn't seem like it. After applying this patch
> to pve-manager:
>
> % ag 'caps\.[^\[.]+\.' | wc -l
> 0
>
> www/manager6/qemu/HardwareView.js | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/www/manager6/qemu/HardwareView.js b/www/manager6/qemu/HardwareView.js
> index 4ce9908c..b949264f 100644
> --- a/www/manager6/qemu/HardwareView.js
> +++ b/www/manager6/qemu/HardwareView.js
> @@ -316,8 +316,8 @@ Ext.define('PVE.qemu.HardwareView', {
> rows.rng0 = {
> group: 45,
> tdCls: 'pve-itype-icon-die',
> - editor: caps.vms['VM.Config.HWType'] || caps.mapping.hwrng['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
> - never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
> + editor: caps.vms['VM.Config.HWType'] || caps.mapping['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
> + never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
> header: gettext("VirtIO RNG"),
> };
> for (let i = 0; i < PVE.Utils.hardware_counts.virtiofs; i++) {
> @@ -757,7 +757,7 @@ Ext.define('PVE.qemu.HardwareView', {
> text: gettext("VirtIO RNG"),
> itemId: 'addRng',
> iconCls: 'pve-itype-icon-die',
> - disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
> + disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
> handler: editorFactory('RNGEdit'),
> },
> {
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
2025-04-08 16:38 [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users Friedrich Weber
2025-04-08 16:51 ` Stefan Hanreich
@ 2025-04-08 16:54 ` Friedrich Weber
2025-04-08 17:59 ` Stoiko Ivanov
2025-04-08 18:27 ` [pve-devel] applied: " Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Friedrich Weber @ 2025-04-08 16:54 UTC (permalink / raw)
To: pve-devel
On 08/04/2025 18:38, Friedrich Weber wrote:
> Currently, as an unprivileged user with role PVEVMUser the GUI breaks
> with an error after navigating to a VM's hardware tab. The reason is
> that the frontend checks the GUI capabilites via `caps.mapping.hwrng`,
> but `caps.mapping` does not actually have a property called `hwrng`.
>
> The reason this does not trigger for more privileged users is that all
> expressions involving `caps.mapping.hwrng` are short-circuited if the
> user has privilege `VM.Config.Type`, so `caps.mapping.hwrng` is never
---^
This is a typo, should be VM.Config.HWType. I can send a v2 tomorrow if
needed.
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
2025-04-08 16:38 [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users Friedrich Weber
2025-04-08 16:51 ` Stefan Hanreich
2025-04-08 16:54 ` Friedrich Weber
@ 2025-04-08 17:59 ` Stoiko Ivanov
2025-04-08 18:27 ` [pve-devel] applied: " Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Stoiko Ivanov @ 2025-04-08 17:59 UTC (permalink / raw)
To: Friedrich Weber; +Cc: Proxmox VE development discussion
On Tue, 8 Apr 2025 18:38:56 +0200
Friedrich Weber <f.weber@proxmox.com> wrote:
> Currently, as an unprivileged user with role PVEVMUser the GUI breaks
> with an error after navigating to a VM's hardware tab. The reason is
> that the frontend checks the GUI capabilites via `caps.mapping.hwrng`,
> but `caps.mapping` does not actually have a property called `hwrng`.
>
> The reason this does not trigger for more privileged users is that all
> expressions involving `caps.mapping.hwrng` are short-circuited if the
> user has privilege `VM.Config.Type`, so `caps.mapping.hwrng` is never
> evaluated.
>
> Fixes: a47a8afb ("ui: let non-root users configure VirtIO RNG devices")
> Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
Thanks for tackling this so quick!
Managed to reproduce the original issue - your patch fixes it for me as
well!
it improves the current situation significantly:
Reviewed-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Tested-by: Stoiko Ivanov <s.ivanov@proxmox.com>
In general I think the permissions seems a sensible choice (Mapping.Use
on /mapping/hwrng ) (we used Sys.Console for the RNG before (and for
other similarly sensitive places, as very high privilege below root@pam
only)
as talked with Friedrich off-list - understanding how the negation affects
what is displayed and what not in the menues took us a bit too long.
I'll send a follow-up to unify pci and usb-device add-entry enabling with
the the one for the RNG (the backend seems to use the same for all 3)
> ---
>
> Notes:
> I wasn't actually sure whether `caps` may have such a 2-level structure
> in some cases, but it doesn't seem like it. After applying this patch
> to pve-manager:
>
> % ag 'caps\.[^\[.]+\.' | wc -l
> 0
>
> www/manager6/qemu/HardwareView.js | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/www/manager6/qemu/HardwareView.js b/www/manager6/qemu/HardwareView.js
> index 4ce9908c..b949264f 100644
> --- a/www/manager6/qemu/HardwareView.js
> +++ b/www/manager6/qemu/HardwareView.js
> @@ -316,8 +316,8 @@ Ext.define('PVE.qemu.HardwareView', {
> rows.rng0 = {
> group: 45,
> tdCls: 'pve-itype-icon-die',
> - editor: caps.vms['VM.Config.HWType'] || caps.mapping.hwrng['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
> - never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
> + editor: caps.vms['VM.Config.HWType'] || caps.mapping['Mapping.Use'] ? 'PVE.qemu.RNGEdit' : undefined,
> + never_delete: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
> header: gettext("VirtIO RNG"),
> };
> for (let i = 0; i < PVE.Utils.hardware_counts.virtiofs; i++) {
> @@ -757,7 +757,7 @@ Ext.define('PVE.qemu.HardwareView', {
> text: gettext("VirtIO RNG"),
> itemId: 'addRng',
> iconCls: 'pve-itype-icon-die',
> - disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping.hwrng['Mapping.Use'],
> + disabled: !caps.vms['VM.Config.HWType'] && !caps.mapping['Mapping.Use'],
> handler: editorFactory('RNGEdit'),
> },
> {
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
* [pve-devel] applied: [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
2025-04-08 16:38 [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users Friedrich Weber
` (2 preceding siblings ...)
2025-04-08 17:59 ` Stoiko Ivanov
@ 2025-04-08 18:27 ` Thomas Lamprecht
3 siblings, 0 replies; 5+ messages in thread
From: Thomas Lamprecht @ 2025-04-08 18:27 UTC (permalink / raw)
To: pve-devel, Friedrich Weber
On Tue, 08 Apr 2025 18:38:56 +0200, Friedrich Weber wrote:
> Currently, as an unprivileged user with role PVEVMUser the GUI breaks
> with an error after navigating to a VM's hardware tab. The reason is
> that the frontend checks the GUI capabilites via `caps.mapping.hwrng`,
> but `caps.mapping` does not actually have a property called `hwrng`.
>
> The reason this does not trigger for more privileged users is that all
> expressions involving `caps.mapping.hwrng` are short-circuited if the
> user has privilege `VM.Config.Type`, so `caps.mapping.hwrng` is never
> evaluated.
>
> [...]
Applied, with two commit message typos fixed, thanks!
[1/1] ui: qemu: hardware view: fix hwrng cap check for unprivileged users
commit: c7b75cc57f4ad2c44d4876418efef8b6eadd43ce
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2025-04-08 18:28 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-04-08 16:38 [pve-devel] [PATCH manager] ui: qemu: hardware view: fix hwrng cap check for unprivileged users Friedrich Weber
2025-04-08 16:51 ` Stefan Hanreich
2025-04-08 16:54 ` Friedrich Weber
2025-04-08 17:59 ` Stoiko Ivanov
2025-04-08 18:27 ` [pve-devel] applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal