On 10/22/21 08:44, Dominik Csapak wrote:
we do not need Permissions.Modify on the pool, so remove it like
we did in
qemu-server 4fc5242 ("fix pool permission checks on create")
Signed-off-by: Dominik Csapak <d.csa...@proxmox.com>
---
src/PVE/API2/LXC.pm | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 69df366..0ae67a1 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -233,7 +233,6 @@ __PACKAGE__->register_method({
my $pool = extract_param($param, 'pool');
if (defined($pool)) {
$rpcenv->check_pool_exist($pool);
- $rpcenv->check_perm_modify($authuser, "/pool/$pool");
}
if ($rpcenv->check($authuser, "/vms/$vmid", ['VM.Allocate'], 1)) {
Works when no Permissions.Modify and no Pool.Allocate permission is set.
So consider this:
Tested-by: Mira Limbeck <m.limb...@proxmox.com>
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel