From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 0A83796BA for ; Fri, 1 Apr 2022 10:04:53 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id EF57123D3D for ; Fri, 1 Apr 2022 10:04:52 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id F35A223D33 for ; Fri, 1 Apr 2022 10:04:51 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id B074145986 for ; Fri, 1 Apr 2022 10:04:51 +0200 (CEST) Date: Fri, 01 Apr 2022 10:04:35 +0200 From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= To: Proxmox VE development discussion References: <20220330102437.46955-1-f.ebner@proxmox.com> In-Reply-To: <20220330102437.46955-1-f.ebner@proxmox.com> MIME-Version: 1.0 User-Agent: astroid/0.15.0 (https://github.com/astroidmail/astroid) Message-Id: <1648800134.431a9w89y2.astroid@nora.none> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-SPAM-LEVEL: Spam detection results: 0 AWL 0.178 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] applied-series: [PATCH-SERIES v2 manager/storage/container/qemu-server] improve check_volume_access X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Apr 2022 08:04:53 -0000 with potential for the following follow-up: - uploading isos/templates or downloading them currently requires=20 Datastore.AllocateTemplate - deleting isos/templates currently requires Datastore.Allocate the latter could get a less restrictive check like we already have for=20 backup volumes, to allow users with just 'manage templates/isos'=20 permissions to remove the stuff they can create ;) On March 30, 2022 12:24 pm, Fabian Ebner wrote: > The first few patches are to allow access for users with > Datastore.Allocate privilege, without automatically giving them > permission to extract a backup config. >=20 > Patch storage 3/6 is in preparation for the import-from API, allowing > users with VM.Config.Disk (and Datastore.Audit) to list images of > their VMs. >=20 > The rest of the series introduces a content type parameter to > check_volume_access() for future-proofing. >=20 > Patch storage 2/6 technically breaks older manager, allowing all users > with Datastore.Allocate to extract backup configs, but I'm not sure > that's worth bothering about. >=20 > Dependency bumps for storage are needed for the content parameter to > actually have an effect. >=20 >=20 > Changes from v1: > * Always allow with Datastore.Allocate privilege. > * Also check for Datastore.Audit when listing guest images/rootdir > rather than just VM.Config.Disk. >=20 >=20 > manager: >=20 > Fabian Ebner (3): > api: vzdump: extract config: check for VM.Backup privilege > pveam: remove: add content type check > api: vzdump: extract config: add content type check >=20 > PVE/API2/VZDump.pm | 14 +++++++++++++- > PVE/CLI/pveam.pm | 2 +- > 2 files changed, 14 insertions(+), 2 deletions(-) >=20 >=20 > storage: >=20 > Fabian Ebner (6): > pvesm: extract config: check for VM.Backup privilege > check volume access: always allow with Datastore.Allocate privilege > check volume access: allow for images/rootdir if user has > VM.Config.Disk > check volume accesss: add content type parameter > pvesm: extract config: add content type check > api: file restore: use check_volume_access to restrict content type >=20 > PVE/API2/Storage/FileRestore.pm | 12 ++++-------- > PVE/CLI/pvesm.pm | 14 +++++++++++++- > PVE/Storage.pm | 15 ++++++++++++--- > 3 files changed, 29 insertions(+), 12 deletions(-) >=20 >=20 > container: >=20 > Fabian Ebner (1): > api: create/modify: add content type checks >=20 > src/PVE/API2/LXC.pm | 10 +++++++++- > src/PVE/LXC.pm | 9 ++++++++- > 2 files changed, 17 insertions(+), 2 deletions(-) >=20 >=20 > qemu-server: >=20 > Fabian Ebner (1): > api: create/modify: add content type checks >=20 > PVE/API2/Qemu.pm | 27 ++++++++++++++++++++++++--- > 1 file changed, 24 insertions(+), 3 deletions(-) >=20 > --=20 > 2.30.2 >=20 >=20 >=20 > _______________________________________________ > pve-devel mailing list > pve-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel >=20 >=20 >=20