permissions

  1. After syncing to a new datastore: backup owner check failed (pve-user@pbs != backup@pam)

    Hi, I wanted to switch to a new datastore (store02) (on different disks) so did the following: Add a second datastore to the pbs server (store02) Added a remote with localhost and the store02 datastore Ran a sync from store01 to the "remote" localhost:store02 Removed store01 Modified the...
  2. Permission set for specific hosts

    Hello, I am trying to achieve some permissions for 2 specific hosts in the cluster. We want to have some usergroup that can administer (create,delete,configure) vms on just 2 hosts. I am thinking of some combination of permissions on /node/<node> /storage and /vms . But as a result I am...
  3. Samba over LXC Permission Issues

    The issue im having is Samba can access a folder however when a new torrent is added to Deluge, Samba becomes unable to touch it and then i have to go chmod it if i wan't to touch it. I have a Samba LXC running as privilleged and a Deluge thin client running as an unprivlleged. I setup the...
  4. Possible issue with permission conjunction for user and group.

    Hi everyone, I'm experimenting with ProxmoxVE and I must say that it's an amazing product! I've been testing permissions and I've noticed something unexpected. There's a group called GR1 with one user USR1. The goal I want to achieve is for everyone from GR1 to be able to view all...
  5. Problem with backups of LXC Containers

    Hi all, I am all of a sudden having an issue with backing up LXC containers on my nodes. I have a couple of servers in LXC format and since a couple of days ago they are all displaying issues when running a backup. Haven't run any updates in a bit, but the nodes also show that there are no...
  6. [SOLVED] Permission issues with snapd and lxc containers.

    I've been trying to get snapd to work in lcx containers butIi get errors on both debian 9 and ubuntu 18.04. I'm using a single node Proxmox VE 5.4-8 that is updated as of 05-july-2019 on the no-subscription repositories with the exception being that pve-manager is still 5.4-8 and not 5.4-10. I...
  7. Adding an OSD requires root

    We've split users into groups and allocated different roles to each group (essentially admins and non-admin users). Non-admin users are limited to performing VM functions, while users in the admin group have the built-in role "Administrator" applied. This should give them the ability to perform...
  8. Unable to change the configuration of container

    ls /etc/pve/nodes/proxmox/lxc/ 100.conf 101.conf 105.conf root@proxmox:~# mkdir /etc/pve/nodes/proxmox/lxc/demo mkdir: cannot create directory '/etc/pve/nodes/proxmox/lxc/demo': Permission denied root@proxmox:~# chmod 0\7277 /etc/pve/nodes/proxmox/lxc/ chmod: changing permissions of...
  9. Permission issue with mounting USB

    I'm trying to mount a USB Zwave device in a container and I had this configuration working in an older installation but now I'm running into permission issues. Here is my conf file for the container: arch: amd64 cores: 2 hostname: hass memory: 8192 net0...
  10. PVEPoolAdmin Role

    If a user is a member of Pool A and Pool B with the PVEPoolAdmin role on both pool A and B, is it possible for that user to move a VM from pool A to pool B ? I noticed if the user removes the VM from the pool, he can't add it back to the pool or to any other pool... which makes sense. But how...
  11. [SOLVED] Permission issue in container with mount

    I have mounted my ZFS share /tank/to my container (8002) with this command: # pct set 8002 -mp0 /tank/,mp=/mnt/tank/ But now when I boot up the container (running ubuntu 18.04) I don't have write permissions. I also can't change the permissions in anyway. How do I give my root user in the...
  12. [SOLVED] Near-root permissions

    Good afternoon. I'm looking for a means to create super user type accounts that are similar to root that authenticate against Active directory. I have AD authentication working but I am unable to fine tune the permissions to allow things for some users/groups to create, stop, out, destroy OSDs...
  13. tighten up security on dump folder

    Hi Everyone, I noticed that the dump folder where all backups go requires and defaults to 777 permissions. Is there a way to remove the rwx permissions to "others" without disrupting Proxmox's backup jobs? Can we specify which user on the host will be running the job that requires full access to...
  14. Datastore.Allocate needed to browse Content (Templates, Backup, etc)?

    I've discovered that the privilege Datastore.Allocate is needed in role in order to grant a user access/browse Content of a storage? This seems pretty backwards - what does then Datastore.AllocateTemplates do? Datastore.Allocate grants users the ability to remove datastores which is not...
  15. User permissions needed for create sheduled backup job

    Hello, I'm trying to create user who can manage VMs (all VM.* permissions) and can create sheduled backup jobs. I found by trying I need Datastore.Audit permission to see storage for backup and Sys.Audit and Sys.Modify to create backup jobs. But with Sys.Modify, I can also modify datastore...
  16. [SOLVED] Kann NFS Share nicht mounten

    Hallo Zusammen Nach langem Suchen über Google und im Forum bin ich leider zu keinem Ergebnis gekommen. Ich habe auf einer Node einen NFS Server installiert und zwei Partitionen unter /mnt/backup und /mnt/isos für die Dementsprechenden Zwecke erstellt und Freigegeben. Die Shares werden auch...
  17. Multiple people create their own vms, but shouldn't see each other. Can we use one lvm-thin?

    I'd like to be able to give access to two-three people so they can install stuff on my proxmox. In order for these guys to be able to create a vm/lxc, they have to have the Datastore.AllocateTemplate on the storage which is only found in PVEDatastoreAdmin. So in order for two people to create...
  18. (Hopefully) Quick question about roles.

    Is it possible to make a role that only allows the user to see the summery tab for the data center, and cluster nodes but do/see nothing else? I want to give a user the ability to see how much the resources are being used and then give them permissions else where (Ive got this part figured out)...
  19. onlime

    Ping with unprivileged user in LXC container / Linux capabilities

    On Proxmox VE 5.1, inside an LXC container, I cannot ping with unprivileged user. It gives me the following error: $ ping google.ch ping: socket: Operation not permitted On the hostnode itself I can ping with both unprivileged user and root, but inside an LXC container only as root. The...
  20. Permission issues when administering unpriviliged containers

    On a completely fresh install of Proxmox VE 5.1, I'm unable to create unprivileged containers from templates and creating backups. I get permission errors when I try. The issue with creating the containers seems to be that templates gets saved with root ownership and strict permissions that...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!