Datastore.Audit: view/browse a datastore -> I can not browse it, see an empty store

[ednt]

As written:
I created a role with only Datastore,Audit as privilege
Then I added a permission on a storage path with this role for a specific group.

If the user logs in, he can see the datastore but with no content.

From the description, this privilege is view/browse

And that is what we want, the user should only see the available backups, but should not be able to do something with the backups.

But at the momemt the user sees no content.

Where is the problem?

And please: give a also a final reply, not like in my other post:

E

Post in thread 'Which priviledge is needed for disconnect a network interface?'

Feb 23, 2026

Is it a bug or do I something wrong?

• ednt

Best regards

 

[Onslow]

"Propagation" "Propagate" flag may be needed.
P.S.
https://pbs.proxmox.com/docs/user-management.html#objects-and-paths

P.S. 2.
Also remember that both the user and the token must have the proper permissions.

 

[ednt]

Propagination is default true

 

[fabian]

https://bugzilla.proxmox.com/show_bug.cgi?id=5492

 

[ednt]

Ok, but ....

sInce 2024.09.20 is a long time and still nothing happened?

Or at least the documentation of the privileges is still wrong.
It needs to be: Datastore.Audit: view nothing/browse nothing of a datastore, only show the datastore itself

 

[ednt]

And ...
we have a customer which should see that the backups are done, but should not be able to do anything.
How can this be resolved?

 

[fabian]

you could implement a notification target that notifies them, there is currently no way to implement your desired semantics without either giving the user access to unrelated task logs or backup access.

edit: updated issue with an implementation approach that might allow us to not require a new privilege, which would make this easier to implement and at least unlock the "per-guest" backup list view for your usecase..