[pve-devel] [PATCH container 2/2] restore: add permission check
Fabian Grünbichler
f.gruenbichler at proxmox.com
Tue Sep 20 13:02:43 CEST 2016
we should probably check the current user just like when
bind/dev mountpoints are passed as regular parameters.
---
src/PVE/API2/LXC.pm | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 12aaffa..83afd56 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -353,6 +353,8 @@ __PACKAGE__->register_method({
my $type = $mountpoint->{type};
die "restoring rootfs to $type mount is only possible by specifying -rootfs manually!\n"
if ($ms eq 'rootfs');
+ die "restoring '$ms' to $type mount is only possible for root\n"
+ if $authuser ne 'root at pam';
if ($mountpoint->{backup}) {
warn "WARNING - unsupported configuration!\n";
--
2.1.4
More information about the pve-devel
mailing list