[pve-devel] [PATCH manager] d/tmpfiles: fix permission regression for /run/pve directory
Fiona Ebner
f.ebner at proxmox.com
Tue Aug 5 12:03:24 CEST 2025
There is a regression regarding the permission for the /run/pve
directory. In Proxmox VE 8, the directory had root:root 0755
permissions, being auto-created as the lxc-syscalld runtime directory.
In Proxmox VE 9, the permissions were restricted to root:root 0750,
but this leads to an issue with remote migration, when pveproxy tries
to access the mtunnel socket:
pveproxy[2484]: connect to 'unix/:/run/pve/ct-112.mtunnel' failed: Permission denied
Relax the permissions again by allowing the www-data group
read-access, so that pveproxy can access the socket.
This aligns the permissions with what /run/pve-cluster has.
Reported-by: Hannes Laimer <h.laimer at proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
debian/tmpfiles | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/debian/tmpfiles b/debian/tmpfiles
index 98b8fb96..1263300f 100644
--- a/debian/tmpfiles
+++ b/debian/tmpfiles
@@ -1,2 +1,2 @@
-#Type Path Mode User Group Age Argument
-d /run/pve 0750 root root - -
+#Type Path Mode User Group Age Argument
+d /run/pve 0750 root www-data - -
--
2.47.2
More information about the pve-devel
mailing list