instead of parsing corosync.conf, and avoid coupling the access-control
API with PVE::Corosync. if corosync.conf and pmxcfs don't agree on how
the cluster is called, there is a bigger issue anyway..
Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com>
---
PVE/API2/AccessControl.pm | 15 +++------------
1 file changed, 3 insertions(+), 12 deletions(-)
diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 6d0ea82..c2324e8 100644
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -10,7 +10,6 @@ use PVE::Exception qw(raise raise_perm_exc);
use PVE::SafeSyslog;
use PVE::RPCEnvironment;
use PVE::Cluster qw(cfs_read_file);
-use PVE::Corosync;
use PVE::RESTHandler;
use PVE::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
@@ -314,17 +313,9 @@ __PACKAGE__->register_method ({
$res->{cap} = &$compute_api_permission($rpcenv, $username)
if !defined($res->{NeedTFA});
- if (PVE::Corosync::check_conf_exists(1)) {
- if ($rpcenv->check($username, '/', ['Sys.Audit'], 1)) {
- eval {
- my $conf = cfs_read_file('corosync.conf');
- my $totem = PVE::Corosync::totem_config($conf);
- if ($totem->{cluster_name}) {
- $res->{clustername} = $totem->{cluster_name};
- }
- };
- warn "$@\n" if $@;
- }
+ my $clinfo = PVE::Cluster::get_clinfo();
+ if ($clinfo->{cluster}->{name} && $rpcenv->check($username, '/',
['Sys.Audit'], 1)) {
+ $res->{clustername} = $clinfo->{cluster}->{name};
}
PVE::Cluster::log_msg('info', 'root@pam', "successful auth for user
'$username'");
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
