proxyto => 'node',
description => "Suspend virtual machine.",
permissions => {
+ description => "You need 'VM.PowerMgmt' on /vms/{vmid}, and if you have set 'todisk',".
+ " you need also 'VM.Config.Disk' on /vms/{vmid} and 'Datastore.AllocateSpace'".
+ " on the storage for the vmstate.",
check => ['perm', '/vms/{vmid}', [ 'VM.PowerMgmt' ]],
},
parameters => {
die "Cannot suspend HA managed VM to disk\n"
if $todisk && PVE::HA::Config::vm_is_ha_managed($vmid);
+ # early check for storage permission, for better user feedback
+ if ($todisk) {
+ $rpcenv->check_vm_perm($authuser, $vmid, undef, ['VM.Config.Disk']);
+
+ if (!$statestorage) {
+ # get statestorage from config if none is given
+ my $conf = PVE::QemuConfig->load_config($vmid);
+ my $storecfg = PVE::Storage::config();
+ $statestorage = PVE::QemuServer::find_vmstate_storage($conf, $storecfg);
+ }
+
+ $rpcenv->check($authuser, "/storage/$statestorage", ['Datastore.AllocateSpace']);
+ }
+
my $realcmd = sub {
my $upid = shift;
});
}
+# note: if using the statestorage parameter, the caller has to check privileges
sub vm_suspend {
my ($vmid, $skiplock, $includestate, $statestorage) = @_;
$conf->{lock} = 'suspending';
my $date = strftime("%Y-%m-%d", localtime(time()));
$storecfg = PVE::Storage::config();
+ if (!$statestorage) {
+ $statestorage = find_vmstate_storage($conf, $storecfg);
+ # check permissions for the storage
+ my $rpcenv = PVE::RPCEnvironment::get();
+ if ($rpcenv->{type} ne 'cli') {
+ my $authuser = $rpcenv->get_user();
+ $rpcenv->check($authuser, "/storage/$statestorage", ['Datastore.AllocateSpace']);
+ }
+ }
+
+
$vmstate = PVE::QemuConfig->__snapshot_save_vmstate($vmid, $conf, "suspend-$date", $storecfg, $statestorage, 1);
$path = PVE::Storage::path($storecfg, $vmstate);
PVE::QemuConfig->write_config($vmid, $conf);