[pdm-devel] [PATCH manager 1/3] api: termproxy/vncwebsocket: allow tokens

[Fabian Grünbichler]

this is required for PDM to access a PVE node shell, since the PVE client uses
tokens for authentication. the user still needs a local PAM login to use the
shell.

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---

Notes:
    v1: use new termproxy option to switch to new auth endpoint

 PVE/API2/Nodes.pm | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index 4590b6186..459e0ed0a 100644
--- a/PVE/API2/Nodes.pm
+++ b/PVE/API2/Nodes.pm
@@ -1338,7 +1338,7 @@ __PACKAGE__->register_method({
         my ($param) = @_;
 
         my $rpcenv = PVE::RPCEnvironment::get();
-        my ($user, undef, $realm) = PVE::AccessControl::verify_username($rpcenv->get_user());
+        my $user = $rpcenv->get_user();
 
         my $node = $param->{node};
         my $authpath = "/nodes/$node";
@@ -1354,7 +1354,7 @@ __PACKAGE__->register_method({
             syslog('info', "starting termproxy $upid\n");
 
             my $cmd = [
-                '/usr/bin/termproxy', $port, '--path', $authpath, '--perm', 'Sys.Console', '--',
+                '/usr/bin/termproxy', $port, '--path', $authpath, '--perm', 'Sys.Console', '--vncticket-endpoint', '--',
             ];
             push @$cmd, @$shcmd;
 
@@ -1410,7 +1410,7 @@ __PACKAGE__->register_method({
 
         my $rpcenv = PVE::RPCEnvironment::get();
 
-        my ($user, undef, $realm) = PVE::AccessControl::verify_username($rpcenv->get_user());
+        my $user = $rpcenv->get_user();
 
         my $authpath = "/nodes/$param->{node}";
 
-- 
2.47.3