]>
Commit | Line | Data |
---|---|---|
52389a07 DM |
1 | package PVE::API2::LXC::Config; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | ||
6 | use PVE::SafeSyslog; | |
7 | use PVE::Tools qw(extract_param run_command); | |
8 | use PVE::Exception qw(raise raise_param_exc); | |
9 | use PVE::INotify; | |
10 | use PVE::Cluster qw(cfs_read_file); | |
11 | use PVE::AccessControl; | |
12 | use PVE::Firewall; | |
13 | use PVE::Storage; | |
14 | use PVE::RESTHandler; | |
15 | use PVE::RPCEnvironment; | |
16 | use PVE::LXC; | |
17 | use PVE::LXC::Create; | |
52389a07 DM |
18 | use PVE::JSONSchema qw(get_standard_option); |
19 | use base qw(PVE::RESTHandler); | |
20 | ||
21 | use Data::Dumper; # fixme: remove | |
22 | ||
23 | __PACKAGE__->register_method({ | |
24 | name => 'vm_config', | |
25 | path => '', | |
26 | method => 'GET', | |
27 | proxyto => 'node', | |
28 | description => "Get container configuration.", | |
29 | permissions => { | |
30 | check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]], | |
31 | }, | |
32 | parameters => { | |
33 | additionalProperties => 0, | |
34 | properties => { | |
35 | node => get_standard_option('pve-node'), | |
68e8f3c5 | 36 | vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), |
52389a07 DM |
37 | }, |
38 | }, | |
39 | returns => { | |
40 | type => "object", | |
41 | properties => { | |
42 | digest => { | |
43 | type => 'string', | |
44 | description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.', | |
45 | } | |
46 | }, | |
47 | }, | |
48 | code => sub { | |
49 | my ($param) = @_; | |
50 | ||
67afe46e | 51 | my $conf = PVE::LXC::Config->load_config($param->{vmid}); |
52389a07 DM |
52 | |
53 | delete $conf->{snapshots}; | |
52389a07 DM |
54 | |
55 | return $conf; | |
56 | }}); | |
57 | ||
58 | my $vm_config_perm_list = [ | |
59 | 'VM.Config.Disk', | |
60 | 'VM.Config.CPU', | |
61 | 'VM.Config.Memory', | |
62 | 'VM.Config.Network', | |
63 | 'VM.Config.Options', | |
64 | ]; | |
65 | ||
66 | __PACKAGE__->register_method({ | |
67 | name => 'update_vm', | |
68 | path => '', | |
69 | method => 'PUT', | |
70 | protected => 1, | |
71 | proxyto => 'node', | |
72 | description => "Set container options.", | |
73 | permissions => { | |
74 | check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1], | |
9d294016 | 75 | description => 'non-volume mount points in rootfs and mp[n] are restricted to root@pam', |
52389a07 DM |
76 | }, |
77 | parameters => { | |
78 | additionalProperties => 0, | |
1b4cf758 | 79 | properties => PVE::LXC::Config->json_config_properties( |
52389a07 DM |
80 | { |
81 | node => get_standard_option('pve-node'), | |
68e8f3c5 | 82 | vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }), |
52389a07 DM |
83 | delete => { |
84 | type => 'string', format => 'pve-configid-list', | |
85 | description => "A list of settings you want to delete.", | |
86 | optional => 1, | |
87 | }, | |
88 | digest => { | |
89 | type => 'string', | |
90 | description => 'Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.', | |
91 | maxLength => 40, | |
92 | optional => 1, | |
93 | } | |
94 | }), | |
95 | }, | |
96 | returns => { type => 'null'}, | |
97 | code => sub { | |
98 | my ($param) = @_; | |
99 | ||
100 | my $rpcenv = PVE::RPCEnvironment::get(); | |
101 | ||
102 | my $authuser = $rpcenv->get_user(); | |
103 | ||
104 | my $node = extract_param($param, 'node'); | |
105 | ||
106 | my $vmid = extract_param($param, 'vmid'); | |
107 | ||
108 | my $digest = extract_param($param, 'digest'); | |
109 | ||
110 | die "no options specified\n" if !scalar(keys %$param); | |
111 | ||
112 | my $delete_str = extract_param($param, 'delete'); | |
113 | my @delete = PVE::Tools::split_list($delete_str); | |
114 | ||
f1ba1a4b | 115 | PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, {}, [@delete]); |
52389a07 DM |
116 | |
117 | foreach my $opt (@delete) { | |
118 | raise_param_exc({ delete => "you can't use '-$opt' and " . | |
119 | "-delete $opt' at the same time" }) | |
120 | if defined($param->{$opt}); | |
121 | ||
1b4cf758 | 122 | if (!PVE::LXC::Config->option_exists($opt)) { |
52389a07 DM |
123 | raise_param_exc({ delete => "unknown option '$opt'" }); |
124 | } | |
125 | } | |
126 | ||
f1ba1a4b | 127 | PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, $param, []); |
52389a07 DM |
128 | |
129 | my $storage_cfg = cfs_read_file("storage.cfg"); | |
130 | ||
131 | my $code = sub { | |
132 | ||
67afe46e FG |
133 | my $conf = PVE::LXC::Config->load_config($vmid); |
134 | PVE::LXC::Config->check_lock($conf); | |
52389a07 DM |
135 | |
136 | PVE::Tools::assert_if_modified($digest, $conf->{digest}); | |
137 | ||
138 | my $running = PVE::LXC::check_running($vmid); | |
139 | ||
1b4cf758 | 140 | PVE::LXC::Config->update_pct_config($vmid, $conf, $running, $param, \@delete); |
52389a07 | 141 | |
67afe46e | 142 | PVE::LXC::Config->write_config($vmid, $conf); |
f91f3669 | 143 | PVE::LXC::update_lxc_config($vmid, $conf); |
52389a07 DM |
144 | }; |
145 | ||
67afe46e | 146 | PVE::LXC::Config->lock_config($vmid, $code); |
52389a07 DM |
147 | |
148 | return undef; | |
149 | }}); | |
150 | ||
151 | 1; |