storage => get_standard_option('pve-storage-id'),
},
},
- returns => {},
+ returns => { type => 'object' },
code => sub {
my ($param) = @_;
# fix me in section config create never need an empty entity.
delete $param->{nodes} if !$param->{nodes};
- my $password = extract_param($param, 'password')
- if $type eq 'cifs' && $param->{username};
+ my $password;
+ # always extract pw, else it gets written to the www-data readable scfg
+ if (my $tmp_pw = extract_param($param, 'password')) {
+ if ($type eq 'cifs' && $param->{username}) {
+ $password = $tmp_pw;
+ } else {
+ warn "ignore password parameter\n";
+ }
+ }
if ($param->{portal}) {
$param->{portal} = PVE::Storage::resolv_portal($param->{portal});
$cfg->{ids}->{$storeid} = $opts;
+ my $cred_file = undef;
+
if ($type eq 'lvm' && $opts->{base}) {
my ($baseid, $volname) = PVE::Storage::parse_volume_id($opts->{base});
unlink $ceph_storage_keyring;
die "failed to copy ceph authx keyring for storage '$storeid': $err\n";
}
+ } elsif ($type eq 'cifs' && defined($password)) {
+ # create a password file in /etc/pve/priv,
+ # this file is used as a cert_file at mount time.
+ $cred_file = PVE::Storage::CIFSPlugin::cifs_set_credentials($password, $storeid);
}
- # create a password file in /etc/pve/priv,
- # this file is used as a cert_file at mount time.
- my $cred_file = PVE::Storage::CIFSPlugin::cifs_set_credentials($password, $storeid)
- if $type eq 'cifs' && defined($password);
eval {
# try to activate if enabled on local node,