[pve-devel] [PATCH qemu-server] fix serial/parallel/numa permissions

Dominik Csapak d.csapak at proxmox.com
Wed Jun 1 12:37:20 CEST 2016


moved numa\d+ persmission to VM.Config.CPU
and serial/parallel to root since it accesses the host hardware

also renamed remainingoptions to generaloptions to
reduce confusion, since the real remaining options
(those that we do not specify) require root

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
since my original fix for #1010 was already applied when
i sent my v2, here are the changes in an extra patch

 PVE/API2/Qemu.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index fc22519..aadfde5 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -205,7 +205,7 @@ my $hwtypeoptions = {
     'watchdog' => 1,
 };
 
-my $remainingoptions = {
+my $generaloptions = {
     'agent' => 1,
     'autostart' => 1,
     'bios' => 1,
@@ -244,13 +244,13 @@ my $check_vm_modify_config_perm = sub {
 	next if PVE::QemuServer::is_valid_drivename($opt);
 	next if $opt eq 'cdrom';
 
-	if ($cpuoptions->{$opt}) {
+	if ($cpuoptions->{$opt} || $opt =~ m/^numa\d+$/) {
 	    $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.CPU']);
 	} elsif ($memoryoptions->{$opt}) {
 	    $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
 	} elsif ($hwtypeoptions->{$opt}) {
 	    $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.HWType']);
-	} elsif ($remainingoptions->{$opt} || $opt =~ m/^(numa|parallell|serial)\d+$/) {
+	} elsif ($generaloptions->{$opt}) {
 	    $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Options']);
 	    # special case for startup since it changes host behaviour
 	    if ($opt eq 'startup') {
-- 
2.1.4





More information about the pve-devel mailing list