use Crypt::OpenSSL::Random;
use Crypt::OpenSSL::RSA;
use Net::SSLeay;
+use Net::IP;
use MIME::Base64;
use Digest::SHA;
use Digest::HMAC_SHA1;
my $cacert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192);
$cacert =~ s/\n/\\n/g;
+ $proxy = "[$proxy]" if Net::IP::ip_is_ipv6($proxy);
my $config = {
'secure-attention' => "Ctrl+Alt+Ins",
'toggle-fullscreen' => "Shift+F11",
return 1 if $data->{enable};
- return 1 if $username eq 'root@pam'; # root is always enabled
-
die "user '$username' is disabled\n" if !$noerr;
return undef;
my $path = "/pool/$pool";
- foreach my $aclpath (keys %{$usercfg->{acl}}) {
- delete ($usercfg->{acl}->{$aclpath})
- if $usercfg->{acl}->{$aclpath} eq 'path';
- }
+ delete ($usercfg->{acl}->{$path})
}
# we automatically create some predefined roles by splitting privs
$cfg->{roles}->{$r} = $special_roles->{$r};
}
- # fixme: remove 'root' group (not required)?
-
- # add root user
- $cfg->{users}->{'root@pam'}->{enable} = 1;
+ # add root user if not exists
+ if (!$cfg->{users}->{'root@pam'}) {
+ $cfg->{users}->{'root@pam'}->{enable} = 1;
+ }
}
sub parse_user_config {
userconfig_force_defaults($cfg);
- while ($raw && $raw =~ s/^(.*?)(\n|$)//) {
+ $raw = '' if !defined($raw);
+ while ($raw =~ /^\s*(.+?)\s*$/gm) {
my $line = $1;
-
- next if $line =~ m/^\s*$/; # skip empty lines
-
my @data;
foreach my $d (split (/:/, $line)) {
return 1;
}
+sub remove_vm_access {
+ my ($vmid) = @_;
+ my $delVMaccessFn = sub {
+ my $usercfg = cfs_read_file("user.cfg");
+
+ if (my $acl = $usercfg->{acl}->{'/vms/'.$vmid}) {
+ delete $usercfg->{acl}->{'/vms/'.$vmid};
+ cfs_write_file("user.cfg", $usercfg);
+ }
+ if (my $pool = $usercfg->{vms}->{$vmid}) {
+ if (my $data = $usercfg->{pools}->{$pool}) {
+ delete $data->{vms}->{$vmid};
+ delete $usercfg->{vms}->{$vmid};
+ cfs_write_file("user.cfg", $usercfg);
+ }
+ }
+ };
+
+ lock_user_config($delVMaccessFn, "access permissions cleanup for VM $vmid failed");
+}
+
sub add_vm_to_pool {
my ($vmid, $pool) = @_;
my $line = shift;
if ($line =~ m/^\d{6}$/) {
- print "GOT:$line\n";
$found = 1 if $otp eq $line;
}
};