On 10/22/21 08:44, Dominik Csapak wrote:
we do not need Permissions.Modify on the pool, so remove it like we did inqemu-server 4fc5242 ("fix pool permission checks on create") Signed-off-by: Dominik Csapak <d.csa...@proxmox.com> --- src/PVE/API2/LXC.pm | 1 - 1 file changed, 1 deletion(-) diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm index 69df366..0ae67a1 100644 --- a/src/PVE/API2/LXC.pm +++ b/src/PVE/API2/LXC.pm @@ -233,7 +233,6 @@ __PACKAGE__->register_method({ my $pool = extract_param($param, 'pool'); if (defined($pool)) { $rpcenv->check_pool_exist($pool); - $rpcenv->check_perm_modify($authuser, "/pool/$pool"); }if ($rpcenv->check($authuser, "/vms/$vmid", ['VM.Allocate'], 1)) {
Works when no Permissions.Modify and no Pool.Allocate permission is set. So consider this: Tested-by: Mira Limbeck <m.limb...@proxmox.com> _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
