From: Dominik Csapak <d.csapak@proxmox.com>
To: Dietmar Maurer <dietmar@proxmox.com>,
Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Subject: Re: [pbs-devel] [PATCH proxmox-backup 04/15] api2/tape: add missing protected to some api calls
Date: Thu, 28 Jan 2021 09:05:24 +0100 [thread overview]
Message-ID: <33b303f2-883b-21e2-577d-6e2acf337af4@proxmox.com> (raw)
In-Reply-To: <333263143.1171.1611769667899@webmail.proxmox.com>
On 1/27/21 6:47 PM, Dietmar Maurer wrote:
>
>> On 01/27/2021 11:33 AM Dominik Csapak <d.csapak@proxmox.com> wrote:
>>
>>
>> they need root permission either to access the changer/drive or to
>> modify the config
>
> This looks wrong to me. Most thing can/need to be done as user 'backup', especially the 'backup' API. Running backup as root user is wrong.
>
ok for some things you're right, i had weird permissions on
/var/lib/proxmox-backup/tape
(for some reason it had no execute bit set..)
but if i omit the protected option, i can barely do anything
media/drive/changer listing works, but a backup
fails with:
2021-01-28T09:03:17+01:00: update media online status
2021-01-28T09:03:17+01:00: TASK ERROR: Permission denied (os error 13)
i did not find out yet where the problem is, but i'm on it
next prev parent reply other threads:[~2021-01-28 8:05 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-27 10:33 [pbs-devel] [PATCH proxmox-backup 00/15] implement first version of tape gui Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 01/15] api2/types/tape/drive: add changer_drivenum Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 02/15] api2/tape/changer: add get_drives api call Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 03/15] api2/tape/drive: reorganize drive api Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 04/15] api2/tape: add missing protected to some api calls Dominik Csapak
2021-01-27 17:47 ` Dietmar Maurer
2021-01-28 8:05 ` Dominik Csapak [this message]
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 05/15] api2/tape/drive: add load_media as api call Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 06/15] api2/tape/drive: change methods of some api calls from put to get Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 07/15] api2/config/{drive, changer}: prevent adding same device multiple times Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 08/15] ui: tape: add form fields Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 09/15] ui: tape: add Edit Windows Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 10/15] ui: tape: add BackupOverview Panel Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 11/15] ui: tape: add ChangerStatus panel Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 12/15] ui: tape: add DriveConfig panel Dominik Csapak
2021-01-27 10:33 ` [pbs-devel] [PATCH proxmox-backup 13/15] ui: tape: add PoolConfig Dominik Csapak
2021-01-27 10:34 ` [pbs-devel] [PATCH proxmox-backup 14/15] ui: tape: move TapeManagement.js to tape dir Dominik Csapak
2021-01-27 10:34 ` [pbs-devel] [PATCH proxmox-backup 15/15] ui: tape: use panels in tape interface Dominik Csapak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=33b303f2-883b-21e2-577d-6e2acf337af4@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=dietmar@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal