From e5ae548727ea87783f1f6bfaac9181133981d2e9 Mon Sep 17 00:00:00 2001 From: Dietmar Maurer Date: Thu, 28 Feb 2013 10:01:04 +0100 Subject: [PATCH] fix access permissions for backup files bump version to 1.0-26 --- Makefile | 4 ++-- PVE/RPCEnvironment.pm | 7 ++++++- changelog.Debian | 6 ++++++ 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index f541e51..ed340ab 100644 --- a/Makefile +++ b/Makefile @@ -1,8 +1,8 @@ -RELEASE=2.2 +RELEASE=2.3 VERSION=1.0 PACKAGE=libpve-access-control -PKGREL=25 +PKGREL=26 DESTDIR= PREFIX=/usr diff --git a/PVE/RPCEnvironment.pm b/PVE/RPCEnvironment.pm index faa4fb2..eb7b3c7 100644 --- a/PVE/RPCEnvironment.pm +++ b/PVE/RPCEnvironment.pm @@ -295,7 +295,12 @@ sub check_volume_access { ($path, $ownervm, $vtype) = PVE::Storage::path($storecfg, $volid); if ($vtype eq 'iso' || $vtype eq 'vztmpl') { # we simply allow access - } elsif (!$ownervm || ($ownervm != $vmid)) { + } elsif (defined($ownervm) && defined($vmid) && ($ownervm == $vmid)) { + # we are owner - allow access + } elsif ($vtype eq 'backup' && $ownervm) { + $self->check($user, "/storage/$sid", ['Datastore.AllocateSpace']); + $self->check($user, "/vms/$ownervm", ['VM.Backup']); + } else { # allow if we are Datastore administrator $self->check($user, "/storage/$sid", ['Datastore.Allocate']); } diff --git a/changelog.Debian b/changelog.Debian index 50b6c39..6e4790e 100644 --- a/changelog.Debian +++ b/changelog.Debian @@ -1,3 +1,9 @@ +libpve-access-control (1.0-26) unstable; urgency=low + + * check_volume_access: fix access permissions for backup files + + -- Proxmox Support Team Thu, 28 Feb 2013 10:00:14 +0100 + libpve-access-control (1.0-25) unstable; urgency=low * add VM.Snapshot permission -- 2.39.2