[pve-devel] [PATCH v2 storage 2/6] check volume access: always allow with Datastore.Allocate privilege

[Fabian Ebner]

Such users are supposed to be administrators of the storage, but
previously, access to backups was not allowed when not also having
VM.Backup.

Suggested-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
---

New in v2.

Technically, a breaking change for pve-manager, because a user without
VM.Backup privilege can now extract the guest config.

 PVE/Storage.pm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index 6112991..0349564 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -477,6 +477,8 @@ sub check_volume_access {
 
     my ($sid, $volname) = parse_volume_id($volid, 1);
     if ($sid) {
+	return if $rpcenv->check($user, "/storage/$sid", ['Datastore.Allocate'], 1);
+
 	my ($vtype, undef, $ownervm) = parse_volname($cfg, $volid);
 	if ($vtype eq 'iso' || $vtype eq 'vztmpl') {
 	    # require at least read access to storage, (custom) templates/ISOs could be sensitive
@@ -487,8 +489,7 @@ sub check_volume_access {
 	    $rpcenv->check($user, "/storage/$sid", ['Datastore.AllocateSpace']);
 	    $rpcenv->check($user, "/vms/$ownervm", ['VM.Backup']);
 	} else {
-	    # allow if we are Datastore administrator
-	    $rpcenv->check($user, "/storage/$sid", ['Datastore.Allocate']);
+	    die "missing privileges to access $volid\n";
 	}
     } else {
 	die "Only root can pass arbitrary filesystem paths."
-- 
2.30.2