all lists on lists.proxmox.com
 help / color / mirror / Atom feed
* [pve-devel] [PATCH access-control] acl: add missing SDN ACL paths to allowed list
@ 2023-11-08  6:55 Fabian Grünbichler
  2023-11-08 12:11 ` [pve-devel] applied: " Thomas Lamprecht
  0 siblings, 1 reply; 2+ messages in thread
From: Fabian Grünbichler @ 2023-11-08  6:55 UTC (permalink / raw)
  To: pve-devel

else it's not actually possible to define ACLs on them, which means they are
effectively root only instead of allowing their intended permission scheme.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 src/PVE/AccessControl.pm | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index cc0f00b..9600e59 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1266,6 +1266,12 @@ sub check_path {
 	|/pool
 	|/pool/[[:alnum:]\.\-\_]+
 	|/sdn
+	|/sdn/controllers
+	|/sdn/controllers/[[:alnum:]\_\-]+
+	|/sdn/dns
+	|/sdn/dns/[[:alnum:]]+
+	|/sdn/ipams
+	|/sdn/ipams/[[:alnum:]]+
 	|/sdn/zones
 	|/sdn/zones/[[:alnum:]\.\-\_]+
 	|/sdn/zones/[[:alnum:]\.\-\_]+/[[:alnum:]\.\-\_]+
-- 
2.39.2





^ permalink raw reply	[flat|nested] 2+ messages in thread
* [pve-devel] applied: [PATCH access-control] acl: add missing SDN ACL paths to allowed list
  2023-11-08  6:55 [pve-devel] [PATCH access-control] acl: add missing SDN ACL paths to allowed list Fabian Grünbichler
@ 2023-11-08 12:11 ` Thomas Lamprecht
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Lamprecht @ 2023-11-08 12:11 UTC (permalink / raw)
  To: Proxmox VE development discussion, Fabian Grünbichler

Am 08/11/2023 um 07:55 schrieb Fabian Grünbichler:
> else it's not actually possible to define ACLs on them, which means they are
> effectively root only instead of allowing their intended permission scheme.
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
> ---
>  src/PVE/AccessControl.pm | 6 ++++++
>  1 file changed, 6 insertions(+)
> 
>

applied, thanks!




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-11-08 12:12 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-08  6:55 [pve-devel] [PATCH access-control] acl: add missing SDN ACL paths to allowed list Fabian Grünbichler
2023-11-08 12:11 ` [pve-devel] applied: " Thomas Lamprecht

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal