Am 12.09.24 um 14:43 schrieb Fabian Grünbichler:
> On August 13, 2024 3:28 pm, Fiona Ebner wrote:
>> + $info->{'firewall-config'} = $firewall_file if -e $firewall_file;
>> + $info->{'bandwidth-limit'} = $opts->{bwlimit} * 1024 if
>> $opts->{bwlimit};
>> + $backup_provider->backup_container($vmid, $config_file, $id_map,
>> $findexcl, $info);
>
> it might be easier to hide the idmapping from the backup provider? e.g.,
> hand it a idmapped bindmount or something like that?
>
Yes, that would be nicer. But could that potentially lead to permission
issues? A mid/long term plan is to have the backup provider code run
with lower privileges. I suppose to later implement that, the subroutine
for the provider could run within a matching user namespace too?
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
