From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH-SERIES manager] backup permission improvements
Date: Wed, 16 Nov 2022 15:04:29 +0100 [thread overview]
Message-ID: <20221116140435.93067-1-f.ebner@proxmox.com> (raw)
Currently, suffenciently privileged users may edit a backup job, but
cannot run the very same job manually (via the vzdump API call). The
first patch addresses this by removing the root-only restriction from
retention and performance settings. Retention will require
Datastore.Allocate on the target storage, because it's essentially
removal of certain backups, while performance settings will require
Sys.Modify on / which is the permission required to edit backup jobs.
The next three patches are for deletion of parameters when updating a
backup job. Allowing to only delete a setting (previously, update
would fail if no parameter was set) and adding a check for the delete
options.
Patch 5/6 restricts backup editing by requiring that the user has
appropriate permissions on the job's storage (and eventual newly set
storage) as well as on the default 'local' storage when removing the
storage. Jobs with a dumpdir can only be edited by root. This is a
breaking API change, but requiring permission on the storage should
be sensible and allows for more flexible permission configurations.
The last patch introduces a helper to have the "what's the storage"
logic in one place.
Fiona Ebner (6):
api: vzdump: soften parameter permission checks
api: backup: update: turn delete into a hash
api: backup: update: allow only deleting
api: backup: update: check permissions of delete params too
api: backup: require Datastore.Allocate on storage
api: backup/vzdump: add get_storage_param helper
PVE/API2/Backup.pm | 62 ++++++++++++++++++++++++++++++++++++++--------
PVE/API2/VZDump.pm | 32 ++++++++++++++++--------
PVE/VZDump.pm | 11 ++++++--
3 files changed, 82 insertions(+), 23 deletions(-)
--
2.30.2
next reply other threads:[~2022-11-16 14:05 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-16 14:04 Fiona Ebner [this message]
2022-11-16 14:04 ` [pve-devel] [PATCH manager 1/6] api: vzdump: soften parameter permission checks Fiona Ebner
2022-11-21 14:58 ` [pve-devel] applied: " Thomas Lamprecht
2022-11-16 14:04 ` [pve-devel] [PATCH manager 2/6] api: backup: update: turn delete into a hash Fiona Ebner
2022-11-16 14:04 ` [pve-devel] [PATCH manager 3/6] api: backup: update: allow only deleting Fiona Ebner
2022-11-16 14:04 ` [pve-devel] [PATCH manager 4/6] api: backup: update: check permissions of delete params too Fiona Ebner
2022-11-16 14:04 ` [pve-devel] [PATCH manager 5/6] api: backup: require Datastore.Allocate on storage Fiona Ebner
2022-11-16 14:04 ` [pve-devel] [PATCH manager 6/6] api: backup/vzdump: add get_storage_param helper Fiona Ebner
2023-04-05 7:43 ` [pve-devel] [PATCH-SERIES manager] backup permission improvements Fiona Ebner
2023-06-06 6:33 ` Fiona Ebner
2023-06-07 14:58 ` [pve-devel] applied: " Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221116140435.93067-1-f.ebner@proxmox.com \
--to=f.ebner@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox