From: Daniel Kral <d.kral@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH qemu-server v3 03/12] fix #5284: api: update-vm: assert content type support for cloudinit images
Date: Tue, 15 Apr 2025 15:50:25 +0200 [thread overview]
Message-ID: <20250415135045.255272-8-d.kral@proxmox.com> (raw)
In-Reply-To: <20250415135045.255272-1-d.kral@proxmox.com>
Asserts whether the target storage supports storing cloudinit images,
i.e. VM images, before creating a cloudinit image on the target storage.
Without the check in place, a cloudinit image can be created on the
storage, which does not support VM images, but won't be able to start
since any attached volume must be stored on a supported storage.
This enforces that allocating a new cloudinit image requires the user to
have the `Datastore.AllocateSpace` permission, which was not required
before. This does not change the behavior for re-generating them.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
changes since v2:
* rebase untop changes of last patch
* ignore cloudinit images for $isCDROM in drive_is_cdrom(...)
* the above change fixes that cloudinit images created with
',media=cdrom' appended are also checked with the new_disk branch
* make check a little more readable
PVE/API2/Qemu.pm | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 693667d5..3bdbcfab 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -153,20 +153,21 @@ my $check_storage_access = sub {
$foreach_volume_with_alloc->($settings, sub {
my ($ds, $drive) = @_;
- my $isCDROM = PVE::QemuServer::drive_is_cdrom($drive);
+ my $isCDROM = PVE::QemuServer::drive_is_cdrom($drive, 1);
my $volid = $drive->{file};
my ($storeid, $volname) = PVE::Storage::parse_volume_id($volid, 1);
+ my $is_cloudinit = defined($volname) && $volname eq 'cloudinit';
my $is_new_disk = $volid =~ $PVE::QemuServer::Drive::NEW_DISK_RE;
# the NEW_DISK_RE captures the correct storeid of the new disk
$storeid = $2 if $is_new_disk;
- if (!$volid || ($volid eq 'none' || (defined($volname) && $volname eq 'cloudinit'))) {
+ if (!$volid || $volid eq 'none') {
# nothing to check
} elsif ($isCDROM && ($volid eq 'cdrom')) {
$rpcenv->check($authuser, "/", ['Sys.Console']);
- } elsif (!$isCDROM && $is_new_disk) {
+ } elsif (!$isCDROM && ($is_new_disk || $is_cloudinit)) {
$rpcenv->check($authuser, "/storage/$storeid", ['Datastore.AllocateSpace']);
my $scfg = PVE::Storage::storage_config($storecfg, $storeid);
raise_param_exc({ storage => "storage '$storeid' does not support vm images"})
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
next prev parent reply other threads:[~2025-04-15 13:52 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-15 13:50 [pve-devel] [PATCH storage/qemu-server/container v3 00/27] consistent assertions for volume's content types Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH storage v3 1/4] introduce helpers for content type assertions of storages and volumes Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH storage v3 2/4] tree-wide: make use of content type assertion helper Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH storage v3 3/4] vdisk_alloc: factor out optional parameters in options hash argument Daniel Kral
2025-05-05 14:51 ` Wolfgang Bumiller
2025-05-06 7:33 ` Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH storage v3 4/4] vdisk_alloc: add assertion for volume's content type Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 01/12] fix #5284: cli: importovf: assert content type support for target storage Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 02/12] api: remove unusable default storage parameter in check_storage_access Daniel Kral
2025-04-15 13:50 ` Daniel Kral [this message]
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 04/12] tree-wide: update vdisk_alloc optional arguments signature Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 05/12] tree-wide: update vdisk_alloc vtype argument signature Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 06/12] cfg2cmd: improve error message for invalid volume content type Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 07/12] api: {clone, move}_vm: use volume content type assertion helpers Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 08/12] api: {create, update}_vm: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 09/12] api: import{disk, ovf}: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 10/12] api: qmrestore: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 11/12] api: migrate_vm: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH qemu-server v3 12/12] tree-wide: add todos for breaking content type assertions Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 01/11] migration: prepare: factor out common read-only variables Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 02/11] tests: add tests for expected behavior of alloc_disk wrapper Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 03/11] alloc disk: fix content type check for ZFS storages Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 04/11] alloc_disk: factor out common arguments for call to vdisk_alloc Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 05/11] alloc_disk: simplify storage-specific logic for vdisk_alloc arguments Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 06/11] alloc_disk: update vdisk_alloc optional arguments signature Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 07/11] alloc_disk: use volume content type assertion helpers Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 08/11] api: create: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 09/11] migration: prepare: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 10/11] api: update_vm: " Daniel Kral
2025-04-15 13:50 ` [pve-devel] [PATCH container v3 11/11] mount: raw/iso: " Daniel Kral
2025-05-06 8:33 ` [pve-devel] [PATCH storage/qemu-server/container v3 00/27] consistent assertions for volume's content types Wolfgang Bumiller
2025-05-09 8:11 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250415135045.255272-8-d.kral@proxmox.com \
--to=d.kral@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal