permissions

Hello everyone, we are running a couple of PVE-Clusters where non Admin Users can manage/create their own VMs. I recently rolled out a script that checks each VM for an HA group and sets the default group accordingly. In order to allow users to add VMs to a specific HA-Group, I need to assign...

Hello everyone! my question is about the permissions within a proxmox cluster. We have 8 nodes in our cluster and want to make some of them available for other users via the resource pools. So I created users, added these users to a group and allowed this group to access the pool. Within the...

Hello guys, I've been trying to find a better solution for my problem: -Allow a user (test) to create VMs and manage those fully, but prevent user (test) from doing anything else, not even seeing if there are other VMs on the Host I did this by moving all VMs to a pool, which user (test) is...

Edit: I solved the issue myself, see the first reply in this thread I am currently trying to get the iGPU to work in an unpriviliged lxc container, which runs Jellyfin. I am trying to figure out what exactly I need to do, and used the following links as a basic: Hardware Acceleration...

I need your help... I already do a search but can't find the solution for this... I'm trying create a new API token but when I save the information, I got this error What I'm doing wrong? EDIT: Proxmox VE 7.2-7

Hi, Not sure what logs or docs to add, please lmk what might help to better understand the issue. I'm running an unprivileged Ubuntu 22.04 Container Template with docker & docker-compile, everything installed as per docker docs instructions. I'm running the Arr suite (Radarr, Sonarr, Lidarr...

So I ended up doing a mistake when I was changing the permissions of some drives I have from when I didn't use Proxmox (just a regular Deb server). I ended up chown -R root / by accident. Yeah big mistake. But not really. Instead of the folder I thought it was going to do, it ended up doing the...

Reading the Unprivileged LXC containers wiki page, it seems UID mappings are needed in the LXC config files to allow permissions for mount points. I thought that the >100000 range of host ids was already mapped to the CT starting with id 0 when you create a new unprivileged CT. Why does the...

I created an unprivileged container with the number 101. I mounted a single disk ZFS pool from the host by adding an mp0: line to the /etc/pve/lxc/101.conf file. I noticed the container does not have write permissions to this mount point. After reading the Unprivileged LXC containers wiki page...

This tutorial will walk through the steps necessary to join your Proxmox server to Microsoft Active Directory on a Windows 2019 Server. You will be able to sync your users and groups into the Proxmox Permissions Panel in the GUI, and log into the web console with active directory credentials...

Background: We run PVE with a couple of LXCs and VMs with one LXC representing a reverse proxy for the different backend services. I was wondering if I could run Fail2Ban on the backends wich would then block/release IPs on the PVE-host by modifying a specific IPset. However, it seems I cannot...

I was fighting to create an already tested state of: "a group [member] who can only manage users within the group foo" and kept failing, and I was thinking it's me: # pveum acl modify /access/realm/pve -groups vmadmin -roles PVEUserAdmin 400 Parameter verification failed. path: invalid ACL path...

Hi there, I've got an SMB share from my NAS server for my data. My Jellyfin instance (hosted via docker inside LXC) should have read-/write-access to this SMB share. The problem is: I always get permission denied issues in my LXC container. The Proxmox host can write inside the share, but not...

In an attempt to give employees an opportunity to shutdown the servers before the power goes out if I'm unreachable, I created a role with only Sys.Console and Sys.PowerMgmt permissions. I then made a "shutdown" group and a "shutdown" user and assigned the role to the group with the only user...

Hello guys, i trying to get proxmox + nextcloud container (from Turnkey image) to host my nextcloud files on USB hard drive. Let's begin: 1. I create a user id, a group id with value 2000 and add the new user to new group on pve host. 2. I do the samething on nextcloud container, so user id and...

Hi guys! I'm pretty new to Proxmox, but I feel like I've been doing pretty fine. However, I've run into this really weird issue where I cannot use APT to install some packages in my LXC container. I also had some issues earlier with Docker, but I fixed those by turning on nesting. However, now...

Hello! I'm trying to configure role for view-only guest accounts that need access to view VMs configuration and console, but should not be able to change anything nor input something to console. I've created role with VM.Audit, VM.Console and VM.Monitor privileges, which kind of does the trick...

I have successfully set up the Nextcloud Turnkey Container. It runs on an internal domain with automatic ACME DNS certs, it has its own Storage assigned and I am quite happy with it, so far. However, now I'd like to add an "External Storage" to the Nextcloud setup, from my Host system (proxmox)...

Hi, I wanted to switch to a new datastore (store02) (on different disks) so did the following: Add a second datastore to the pbs server (store02) Added a remote with localhost and the store02 datastore Ran a sync from store01 to the "remote" localhost:store02 Removed store01 Modified the...

Hello, I am trying to achieve some permissions for 2 specific hosts in the cluster. We want to have some usergroup that can administer (create,delete,configure) vms on just 2 hosts. I am thinking of some combination of permissions on /node/<node> /storage and /vms . But as a result I am...