proxmox-mirrors/pve-manager
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-manager synced 2025-08-14 10:15:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

api: vzdump: soften parameter permission checks

Browse Source 
Allows sufficiently privileged users to pass-in retention and
performance parameters for manual backup, but keeps tmpdir, dumpdir
and script root-only. Such users could already edit the job
accordingly, so essentially not granting anything new.

Suggested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
This commit is contained in:
Fiona Ebner 2022-11-16 15:04:30 +01:00 committed by Thomas Lamprecht
parent f64fa68d8c
commit 2b233ecc08
2 changed files with 28 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
PVE/API2/Backup.pm
View File

@ -40,14 +40,19 @@ my $vzdump_job_id_prop = {
maxLength => 50
};
my $assert_param_permission = sub {
my ($param, $user) = @_;
# NOTE: also used by the vzdump API call.
sub assert_param_permission_common {
my ($rpcenv, $user, $param) = @_;
return if $user eq 'root@pam'; # always OK
for my $key (qw(tmpdir dumpdir script)) {
raise_param_exc({ $key => "Only root may set this option."}) if exists $param->{$key};
}
};
if (defined($param->{bwlimit}) || defined($param->{ionice}) || defined($param->{performance})) {
$rpcenv->check($user, "/", [ 'Sys.Modify' ]);
}
}
my $convert_to_schedule = sub {
my ($job) = @_;
@ -207,7 +212,7 @@ __PACKAGE__->register_method({
my $rpcenv = PVE::RPCEnvironment::get();
my $user = $rpcenv->get_user();
$assert_param_permission->($param, $user);
assert_param_permission_common($rpcenv, $user, $param);
if (my $pool = $param->{pool}) {
$rpcenv->check_pool_exist($pool);
@ -419,7 +424,7 @@ __PACKAGE__->register_method({
my $rpcenv = PVE::RPCEnvironment::get();
my $user = $rpcenv->get_user();
$assert_param_permission->($param, $user);
assert_param_permission_common($rpcenv, $user, $param);
if (my $pool = $param->{pool}) {
$rpcenv->check_pool_exist($pool);

25
PVE/API2/VZDump.pm
View File

@ -14,12 +14,25 @@ use PVE::Tools qw(extract_param);
use PVE::VZDump::Common;
use PVE::VZDump;
use PVE::API2::Backup;
use PVE::API2Tools;
use Data::Dumper; # fixme: remove
use base qw(PVE::RESTHandler);
my sub assert_param_permission_vzdump {
my ($rpcenv, $user, $param) = @_;
return if $user eq 'root@pam'; # always OK
PVE::API2::Backup::assert_param_permission_common($rpcenv, $user, $param);
if (!$param->{dumpdir} && (defined($param->{maxfiles}) || defined($param->{'prune-backups'}))) {
my $storeid = $param->{storage} || 'local';
$rpcenv->check($user, "/storage/$storeid", [ 'Datastore.Allocate' ]);
} # no else branch, because dumpdir is root-only
}
__PACKAGE__->register_method ({
name => 'vzdump',
path => '',
@ -27,9 +40,10 @@ __PACKAGE__->register_method ({
description => "Create backup.",
permissions => {
description => "The user needs 'VM.Backup' permissions on any VM, and "
."'Datastore.AllocateSpace' on the backup storage. The 'maxfiles', 'prune-backups', "
."'tmpdir', 'dumpdir', 'script', 'bwlimit', 'performance' and 'ionice' parameters are "
."restricted to the 'root\@pam' user.",
."'Datastore.AllocateSpace' on the backup storage. The 'tmpdir', 'dumpdir' and "
."'script' parameters are restricted to the 'root\@pam' user. The 'maxfiles' and "
."'prune-backups' settings require 'Datastore.Allocate' on the backup storage. The "
."'bwlimit', 'performance' and 'ionice' parameters require 'Sys.Modify' on '/'.",
user => 'all',
},
protected => 1,
@ -62,10 +76,7 @@ __PACKAGE__->register_method ({
if $param->{stdout};
}
for my $key (qw(maxfiles prune-backups tmpdir dumpdir script bwlimit performance ionice)) {
raise_param_exc({ $key => "Only root may set this option."})
if defined($param->{$key}) && ($user ne 'root@pam');
}
assert_param_permission_vzdump($rpcenv, $user, $param);
PVE::VZDump::verify_vzdump_parameters($param, 1);