Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
description => "Set container options.",
permissions => {
check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1],
+ description => 'non-volume mount points in rootfs and mp[n] are restricted to root@pam',
},
parameters => {
additionalProperties => 0,
return if $delete;
my $data = $opt eq 'rootfs' ? PVE::LXC::Config->parse_ct_rootfs($newconf->{$opt})
: PVE::LXC::Config->parse_ct_mountpoint($newconf->{$opt});
- raise_perm_exc("mount point type $data->{type}") if $data->{type} ne 'volume';
+ raise_perm_exc("mount point type $data->{type} is only allowed for root\@pam")
+ if $data->{type} ne 'volume';
} elsif ($opt eq 'memory' || $opt eq 'swap') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
} elsif ($opt =~ m/^net\d+$/ || $opt eq 'nameserver' ||