CT modification: fix hostname/DNS perm check

the old broken code tried to parse the hostname, searchdomain and nameserver
options as guest NIC, which obviously cannot work.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 37f184d046c9832e6f1674b33ceff987da3e4ae4..a531ea513367b331d40d78d3690dafdb293e4be3 100644 (file)
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -1314,10 +1314,11 @@ sub check_ct_modify_config_perm {
            }
        } elsif ($opt eq 'memory' || $opt eq 'swap') {
            $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Memory']);
-       } elsif ($opt =~ m/^net\d+$/ || $opt eq 'nameserver' ||
-                $opt eq 'searchdomain' || $opt eq 'hostname') {
+       } elsif ($opt =~ m/^net\d+$/) {
            $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']);
            PVE::LXC::check_bridge_access($rpcenv, $authuser, $newconf->{$opt});
+       } elsif ($opt eq 'nameserver' || $opt eq 'searchdomain' || $opt eq 'hostname') {
+           $rpcenv->check_vm_perm($authuser, $vmid, $pool, ['VM.Config.Network']);
        } elsif ($opt eq 'features') {
            raise_perm_exc("changing feature flags for privileged container is only allowed for root\@pam")
                if !$unprivileged;