[pve-devel] [PATCH pve-container 4/4] Added pct mount
Wolfgang Bumiller
w.bumiller at proxmox.com
Fri Nov 20 14:04:29 CET 2015
It takes a destination directory. To unmount best just use
"umount -R $path".
It uses Sys.Console as permission check as the only way to
actually *use* the mounted data is with access to the
host's filesystem. We do not expose that to the web GUI at
all. Sys.Console allows access to the node's root-shell and
is thus the only permission which has any actual use for
this call.
---
src/PVE/API2/LXC.pm | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++
src/PVE/CLI/pct.pm | 1 +
2 files changed, 66 insertions(+)
diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 4502c59..fe08113 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -1084,4 +1084,69 @@ __PACKAGE__->register_method({
return PVE::LXC::lock_container($vmid, undef, $code);;
}});
+__PACKAGE__->register_method({
+ name => 'mount_vm',
+ path => '{vmid}/mount',
+ method => 'PUT',
+ protected => 1,
+ proxyto => 'node',
+ description => "Mount a container's filesystem.",
+ permissions => {
+ # You can only access mounts when you have access to the host's
+ # filesystem. You can only access the filesystems when you're root or
+ # have access to the node's console.
+ check => ['perm', '/nodes/{node}', [ 'Sys.Console' ]],
+ },
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
+ rootdir => {
+ type => 'string',
+ description => "The mount destination.",
+ },
+ },
+ },
+ returns => {
+ type => 'string',
+ description => "the task ID.",
+ },
+ code => sub {
+ my ($param) = @_;
+
+ my $rpcenv = PVE::RPCEnvironment::get();
+
+ my $authuser = $rpcenv->get_user();
+
+ my $node = extract_param($param, 'node');
+
+ my $vmid = extract_param($param, 'vmid');
+
+ my $rootdir = extract_param($param, 'rootdir');
+ my $storage_cfg = cfs_read_file("storage.cfg");
+
+ my $setup_mountpoint = sub {
+ my ($ms, $mountpoint) = @_;
+ PVE::LXC::mountpoint_mount($mountpoint, $rootdir, $storage_cfg);
+ };
+
+ my $code = sub {
+ my $conf = PVE::LXC::load_config($vmid);
+ PVE::Cluster::log_msg('info', $authuser, "mount CT $vmid: --rootdir $rootdir");
+
+ my $realcmd = sub {
+ my $vollist = PVE::LXC::get_vm_volumes($conf);
+ my $loopdevlist = PVE::LXC::get_vm_volumes($conf, 'rootfs');
+
+ PVE::Storage::activate_volumes($storage_cfg, $vollist);
+ PVE::LXC::foreach_mountpoint($conf, $setup_mountpoint);
+ };
+
+ return $rpcenv->fork_worker('resize', $vmid, $authuser, $realcmd);
+ };
+
+ return PVE::LXC::lock_container($vmid, undef, $code);;
+ }});
+
1;
diff --git a/src/PVE/CLI/pct.pm b/src/PVE/CLI/pct.pm
index 80205bb..a5c962a 100755
--- a/src/PVE/CLI/pct.pm
+++ b/src/PVE/CLI/pct.pm
@@ -226,6 +226,7 @@ our $cmddef = {
set => [ 'PVE::API2::LXC::Config', 'update_vm', ['vmid'], { node => $nodename }],
resize => [ "PVE::API2::LXC", 'resize_vm', ['vmid', 'disk', 'size'], { node => $nodename } ],
+ mount => [ "PVE::API2::LXC", 'mount_vm', ['vmid', 'rootdir'], { node => $nodename } ],
create => [ 'PVE::API2::LXC', 'create_vm', ['vmid', 'ostemplate'], { node => $nodename }, $upid_exit ],
restore => [ 'PVE::API2::LXC', 'create_vm', ['vmid', 'ostemplate'], { node => $nodename, restore => 1 }, $upid_exit ],
--
2.1.4
More information about the pve-devel
mailing list