Dear PVE developers,
there is only one privilege for controlling the access to snapshots,
i.e. VM.Snapshot. This makes it impossible to separate administrative
access (create, update, delete) from user access (rollback) to
snapshots. Changing and deleting snapshots can be very sensible
operations in certain environments, e.g. if snapshots are
programmatically used for resetting unit test VMs in an automated test
environment (our use-case). Separating the ability to setup snapshots
from using them becomes crucial in such environments. This separation
can be achieved with an additional privilege, i.e. VM.Snapshot.Rollback,
allowing read and rollback access to snapshots only. See the patches for
pve-manager, pve-container, pve-access-control, and qemu-server below.
There are no side-effects for existing Proxmox installations by adding
this privilege.
***[PATCH manager]***
Signed-off-by: Matthias Urban <matthias.ur...@pure-systems.com>
---
Matthias Urban (1):
VM.Snapshot.Rollback privilege added
www/manager6/lxc/Config.js | 2 +-
www/manager6/qemu/Config.js | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/www/manager6/lxc/Config.js b/www/manager6/lxc/Config.js
index fbaccefe..12a4b12d 100644
--- a/www/manager6/lxc/Config.js
+++ b/www/manager6/lxc/Config.js
@@ -200,7 +200,7 @@ Ext.define('PVE.lxc.Config', {
});
}
- if (caps.vms['VM.Snapshot']) {
+ if (caps.vms['VM.Snapshot'] || caps.vms['VM.Snapshot.Rollback']) {
me.items.push({
title: gettext('Snapshots'),
iconCls: 'fa fa-history',
diff --git a/www/manager6/qemu/Config.js b/www/manager6/qemu/Config.js
index 75454d8e..31cab970 100644
--- a/www/manager6/qemu/Config.js
+++ b/www/manager6/qemu/Config.js
@@ -234,7 +234,7 @@ Ext.define('PVE.qemu.Config', {
});
}
- if (caps.vms['VM.Snapshot'] && !template) {
+ if ((caps.vms['VM.Snapshot'] || caps.vms['VM.Snapshot.Rollback'])
&& !template) {
me.items.push({
title: gettext('Snapshots'),
iconCls: 'fa fa-history',
--
2.14.1
***[PATCH container]***
Signed-off-by: Matthias Urban <matthias.ur...@pure-systems.com>
---
Matthias Urban (1):
VM.Snapshot.Rollback privilege added
src/PVE/API2/LXC/Snapshot.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/PVE/API2/LXC/Snapshot.pm b/src/PVE/API2/LXC/Snapshot.pm
index 6ba6fb3..edccbf4 100644
--- a/src/PVE/API2/LXC/Snapshot.pm
+++ b/src/PVE/API2/LXC/Snapshot.pm
@@ -225,7 +225,7 @@ __PACKAGE__->register_method({
proxyto => 'node',
description => "Rollback LXC state to specified snapshot.",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot',
'VM.Snapshot.Rollback' ], any => 1],
},
parameters => {
additionalProperties => 0,
@@ -328,7 +328,7 @@ __PACKAGE__->register_method({
proxyto => 'node',
description => "Get snapshot configuration",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot',
'VM.Snapshot.Rollback' ], any => 1],
},
parameters => {
additionalProperties => 0,
--
2.14.1
***[PATCH access-control]***
Signed-off-by: Matthias Urban <matthias.ur...@pure-systems.com>
---
Matthias Urban (1):
VM.Snapshot.Rollback privilege added
PVE/AccessControl.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 7d02cdf..2b610b7 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -406,6 +406,7 @@ my $privgroups = {
'VM.Migrate',
'VM.Monitor',
'VM.Snapshot',
+ 'VM.Snapshot.Rollback',
],
user => [
'VM.Config.CDROM', # change CDROM media
--
2.14.1
***[PATCH qemu-server]***
Signed-off-by: Matthias Urban <matthias.ur...@pure-systems.com>
---
Matthias Urban (1):
VM.Snapshot.Rollback privilege added
PVE/API2/Qemu.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index aa7c832..311295b 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -3354,7 +3354,7 @@ __PACKAGE__->register_method({
proxyto => 'node',
description => "Get snapshot configuration",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot',
'VM.Snapshot.Rollback' ], any => 1],
},
parameters => {
additionalProperties => 0,
@@ -3393,7 +3393,7 @@ __PACKAGE__->register_method({
proxyto => 'node',
description => "Rollback VM state to specified snapshot.",
permissions => {
- check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot' ]],
+ check => ['perm', '/vms/{vmid}', [ 'VM.Snapshot',
'VM.Snapshot.Rollback' ], any => 1],
},
parameters => {
additionalProperties => 0,
--
2.14.1
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
