From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <m.heiserer@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 4EBF86321F
 for <pve-devel@lists.proxmox.com>; Thu, 24 Feb 2022 10:43:09 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 421BD61AD
 for <pve-devel@lists.proxmox.com>; Thu, 24 Feb 2022 10:43:09 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 9A99F61A3
 for <pve-devel@lists.proxmox.com>; Thu, 24 Feb 2022 10:43:08 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 4300A46E27
 for <pve-devel@lists.proxmox.com>; Thu, 24 Feb 2022 10:43:02 +0100 (CET)
From: Matthias Heiserer <m.heiserer@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Thu, 24 Feb 2022 10:42:53 +0100
Message-Id: <20220224094253.263437-1-m.heiserer@proxmox.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.002 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
 URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See
 http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more
 information. [qemuserver.pm]
Subject: [pve-devel] [PATCH qemu-server v3] fix 3886: QEMU restore: verify
 storage allows images before writing
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Thu, 24 Feb 2022 09:43:09 -0000

When restoring a backup and the storage the disks would be created on
doesn't allow 'images', the process errors without cleanup.
This is the same behaviour we currently have when the storage is
disabled.

Adds the Datastore.AllocateSpace check to cloudinit drives.

Signed-off-by: Matthias Heiserer <m.heiserer@proxmox.com>
---
Thanks to Fabian!
Changes from v2:
 + Also check Datastore.AllocateSpace permissions for cloudinit device
 + Move content type check closer to allocate permission check

Changes from v1:
 + Check content type for cloud init drives

 PVE/QemuServer.pm | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
index a99f1a5..a808a0f 100644
--- a/PVE/QemuServer.pm
+++ b/PVE/QemuServer.pm
@@ -6243,12 +6243,17 @@ my $parse_backup_hints = sub {
 	    } elsif (!$storeid) {
 	    }
 		$storeid = 'local';
 	    $format = 'raw' if !$format;
 	    $devinfo->{$devname}->{devname} = $devname;
 	    $devinfo->{$devname}->{virtdev} = $virtdev;
 	    $devinfo->{$devname}->{format} = $format;
 	    $devinfo->{$devname}->{storeid} = $storeid;
 
+	    my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
+	    die "Content type 'images' is not available on storage '$storeid'\n"
+		if !$scfg->{content}->{images};
+
 	    # check permission on storage
 	    my $pool = $options->{pool}; # todo: do we need that?
 	    if ($user ne 'root@pam') {
@@ -6265,6 +6270,12 @@ my $parse_backup_hints = sub {
 		my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
 		my $format = qemu_img_format($scfg, $volname); # has 'raw' fallback
 
+		die "Content type 'images' is not available on storage '$storeid'\n"
+		    if !$scfg->{content}->{images};
+		if ($user ne 'root@pam') {
+		    $rpcenv->check($user, "/storage/$storeid", ['Datastore.AllocateSpace']);
+		}
+
 		$virtdev_hash->{$virtdev} = {
 		    format => $format,
 		    storeid => $storeid,
-- 
2.30.2