my $cpuinfo= PVE::ProcFSTools::read_cpuinfo();
+our $NEW_DISK_RE = qr/^([^:\s]+):(\d+(\.\d+)?)$/;
+
sub config_list {
my $vmlist = PVE::Cluster::get_vmlist();
my $res = {};
my ($rpcenv, $authuser, $vmid, $pool, $newconf, $delete) = @_;
return 1 if $authuser eq 'root@pam';
+ my $storage_cfg = PVE::Storage::config();
my $check = sub {
my ($opt, $delete) = @_;
my $data = PVE::LXC::Config->parse_volume($opt, $newconf->{$opt});
raise_perm_exc("mount point type $data->{type} is only allowed for root\@pam")
if $data->{type} ne 'volume';
+ my $volid = $data->{volume};
+ if ($volid =~ $NEW_DISK_RE) {
+ my $sid = $1;
+ $rpcenv->check($authuser, "/storage/$sid", ['Datastore.AllocateSpace']);
+ } else {
+ PVE::Storage::check_volume_access($rpcenv, $authuser, $storage_cfg, $vmid, $volid);
+ }
} elsif ($opt eq 'memory' || $opt eq 'swap') {
$rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
} elsif ($opt =~ m/^net\d+$/ || $opt eq 'nameserver' ||
return ($volid, $needs_chown);
}
-our $NEW_DISK_RE = qr/^([^:\s]+):(\d+(\.\d+)?)$/;
sub create_disks {
my ($storecfg, $vmid, $settings, $conf, $pending) = @_;