[SOLVED] agent/exec-status and agent/file-read issue

G

g0ha

Active Member
Jan 11, 2019
25
4
43
39
Aloha! Accoding to https://pve.proxmox.com/pve-docs/api-viewer/ api methods "GET /api2/json/nodes/{node}/qemu/{vmid}/agent/exec-status" and "GET /api2/json/nodes/{node}/qemu/{vmid}/agent/file-read" are using request type GET, there no present request type POST for this commands. However, for using this methods we need to pass to API "pid" parameter for exec-status and "file" parameter for file-read. Also we know (accoding to https://pve.proxmox.com/wiki/Proxmox_VE_API), that csrf token header need only for PUT, POST or DELETE requests.

Now, i try to use this 2 methods, using root account for access (it have VM.Monitor permissions), but get "401 Permission denied - invalid csrf token", as if proxmox wants to user POST method. Same i see in /var/log/pveproxy/access.log:

192.168.5.4 - root@pam [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec HTTP/1.1" 200 21
192.168.5.4 - - [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec-status HTTP/1.1" 401 -
192.168.5.4 - - [31/01/2020:16:51:17 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/file-read HTTP/1.1" 401 -

In same time, if i use same methods over pvesh all works fine.
Also i know, that csrf token is correct, i use it via call agent/exec and get status 200
I try add token to request but get "501 Unexpected content for method 'GET'"

request example:

curl -sS --insecure --cookie "$cookie" --data-urlencode file="/etc/hosts" "https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read"

Same problems i have on 6.1 and on 5.4 versions

What's the catch?
 
hi,

g0ha said:
Now, i try to use this 2 methods, using root account for access (it have VM.Monitor permissions), but get "401 Permission denied - invalid csrf token", as if proxmox wants to user POST method. Same i see in /var/log/pveproxy/access.log:

192.168.5.4 - root@pam [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec HTTP/1.1" 200 21
192.168.5.4 - - [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec-status HTTP/1.1" 401 -
192.168.5.4 - - [31/01/2020:16:51:17 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/file-read HTTP/1.1" 401 -
Click to expand...

pveproxy access log clearly shows you're sending POST requests instead of GET. that's why it's not working (and asks for the csrf token since you're sending a POST).

g0ha said:
In same time, if i use same methods over pvesh all works fine.
Click to expand...
because pvesh sends the correct type of HTTP request

g0ha said:
request example:

curl -sS --insecure --cookie "$cookie" --data-urlencode file="/etc/hosts" "https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read"
Click to expand...

try like this:

Code: 
curl --insecure --cookie "$(<cookie)" -XGET https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read\?file\=/etc/hosts
 
great!

please mark the thread [SOLVED] so others know what to expect
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back