[pve-devel] [PATCH qemu-server 5/9] api: monitor: require Sys.Audit or Sys.Modify privilege
Fiona Ebner
f.ebner at proxmox.com
Thu Jul 17 15:36:53 CEST 2025
The name VM.Monitor is ambiguous and made it hard to guess what the
privilege is for. The privilege was only used here and for guest agent
operations, where dedicated privileges were introduced. Since only the
'info' and 'help' commands were usable without an additional
Sys.Modify privilege, the VM.Monitor privilege seems superfluous and
was dropped in pve-access-control. As the information accessible via
'info' is very low-level and often related to the QEMU process on the
system, requiring Sys.Audit seems natural.
Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
src/PVE/API2/Qemu.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/API2/Qemu.pm b/src/PVE/API2/Qemu.pm
index 82cdc742..09d4411b 100644
--- a/src/PVE/API2/Qemu.pm
+++ b/src/PVE/API2/Qemu.pm
@@ -5584,7 +5584,7 @@ __PACKAGE__->register_method({
description => "Execute QEMU monitor commands.",
permissions => {
description => PVE::API2::Qemu::HMPPerms::generate_description(),
- check => ['perm', '/vms/{vmid}', ['VM.Monitor']],
+ check => ['perm', '/vms/{vmid}', ['Sys.Audit', 'Sys.Modify'], any => 1],
},
parameters => {
additionalProperties => 0,
--
2.47.2
More information about the pve-devel
mailing list