[pve-devel] [PATCH container 2/2] fix: also remove firewall config after failed restore

Daniel Tschlatscher d.tschlatscher at proxmox.com
Thu Nov 17 10:39:32 CET 2022


Before, a failed restore would only remove the container config, but
the firewall config would remain.
Now, the firewall config is also removed, except for the case when the
user only has the VM.Backup permission. In this case the firewall
would not have been restored/changed by us and is left as is.

Signed-off-by: Daniel Tschlatscher <d.tschlatscher at proxmox.com>
---
 src/PVE/API2/LXC.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index 7cc64af..27b63f2 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -505,6 +505,9 @@ __PACKAGE__->register_method({
 	    if (my $err = $@) {
 		PVE::LXC::destroy_disks($storage_cfg, $vollist);
 		eval { PVE::LXC::Config->destroy_config($vmid) };
+		if (!$skip_fw_config_restore) { # Only if user has permission to change the firewall
+		    PVE::Firewall::remove_vmfw_conf($vmid);
+		}
 		warn $@ if $@;
 		die "$emsg $err";
 	    }
-- 
2.30.2






More information about the pve-devel mailing list