live => $live_restore,
override_conf => $param,
};
+ if (my $volid = $archive->{volid}) {
+ # best effort, real check is after restoring!
+ my $merged = eval {
+ my $old_conf = PVE::Storage::extract_vzdump_config($storecfg, $volid);
+ PVE::QemuServer::restore_merge_config("backup/qemu-server/$vmid.conf", $old_conf, $param);
+ };
+ if ($@) {
+ warn "Could not extract backed up config: $@\n";
+ warn "Skipping early checks!\n";
+ } else {
+ PVE::QemuServer::check_restore_permissions($rpcenv, $authuser, $merged);
+ }
+ }
if ($archive->{type} eq 'file' || $archive->{type} eq 'pipe') {
die "live-restore is only compatible with backup images from a Proxmox Backup Server\n"
if $live_restore;
}
};
-# FIXME: improve checks on restore by checking before actually extracing and
-# merging the new config
sub check_restore_permissions {
my ($rpcenv, $user, $conf) = @_;
+
check_bridge_access($rpcenv, $user, $conf);
check_mapping_access($rpcenv, $user, $conf);
}
}
};
-my $restore_merge_config = sub {
+sub restore_merge_config {
my ($filename, $backup_conf_raw, $override_conf) = @_;
my $backup_conf = parse_vm_config($filename, $backup_conf_raw);
}
return $backup_conf;
-};
+}
sub scan_volids {
my ($cfg, $vmid) = @_;
$new_conf_raw .= "\nlock: create";
}
- my $new_conf = $restore_merge_config->($conffile, $new_conf_raw, $options->{override_conf});
+ my $new_conf = restore_merge_config($conffile, $new_conf_raw, $options->{override_conf});
check_restore_permissions($rpcenv, $user, $new_conf);
PVE::QemuConfig->write_config($vmid, $new_conf);
die $err;
}
- my $new_conf = $restore_merge_config->($conffile, $new_conf_raw, $opts->{override_conf});
+ my $new_conf = restore_merge_config($conffile, $new_conf_raw, $opts->{override_conf});
check_restore_permissions($rpcenv, $user, $new_conf);
PVE::QemuConfig->write_config($vmid, $new_conf);