[SOLVED] agent/exec-status and agent/file-read issue

G

g0ha

Active Member
Jan 11, 2019
25
4
43
39
Aloha! Accoding to https://pve.proxmox.com/pve-docs/api-viewer/ api methods "GET /api2/json/nodes/{node}/qemu/{vmid}/agent/exec-status" and "GET /api2/json/nodes/{node}/qemu/{vmid}/agent/file-read" are using request type GET, there no present request type POST for this commands. However, for using this methods we need to pass to API "pid" parameter for exec-status and "file" parameter for file-read. Also we know (accoding to https://pve.proxmox.com/wiki/Proxmox_VE_API), that csrf token header need only for PUT, POST or DELETE requests.

Now, i try to use this 2 methods, using root account for access (it have VM.Monitor permissions), but get "401 Permission denied - invalid csrf token", as if proxmox wants to user POST method. Same i see in /var/log/pveproxy/access.log:

192.168.5.4 - root@pam [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec HTTP/1.1" 200 21
192.168.5.4 - - [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec-status HTTP/1.1" 401 -
192.168.5.4 - - [31/01/2020:16:51:17 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/file-read HTTP/1.1" 401 -

In same time, if i use same methods over pvesh all works fine.
Also i know, that csrf token is correct, i use it via call agent/exec and get status 200
I try add token to request but get "501 Unexpected content for method 'GET'"

request example:

curl -sS --insecure --cookie "$cookie" --data-urlencode file="/etc/hosts" "https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read"

Same problems i have on 6.1 and on 5.4 versions

What's the catch?
 
hi,

g0ha said:
Now, i try to use this 2 methods, using root account for access (it have VM.Monitor permissions), but get "401 Permission denied - invalid csrf token", as if proxmox wants to user POST method. Same i see in /var/log/pveproxy/access.log:

192.168.5.4 - root@pam [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec HTTP/1.1" 200 21
192.168.5.4 - - [31/01/2020:16:51:13 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/exec-status HTTP/1.1" 401 -
192.168.5.4 - - [31/01/2020:16:51:17 +0300] "POST /api2/json/nodes/prox-test/qemu/1469/agent/file-read HTTP/1.1" 401 -
Click to expand...

pveproxy access log clearly shows you're sending POST requests instead of GET. that's why it's not working (and asks for the csrf token since you're sending a POST).

g0ha said:
In same time, if i use same methods over pvesh all works fine.
Click to expand...
because pvesh sends the correct type of HTTP request

g0ha said:
request example:

curl -sS --insecure --cookie "$cookie" --data-urlencode file="/etc/hosts" "https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read"
Click to expand...

try like this:

Code: 
curl --insecure --cookie "$(<cookie)" -XGET https://<IP>:8006/api2/json/nodes/<node>/qemu/<vmid>/agent/file-read\?file\=/etc/hosts
 
great!

please mark the thread [SOLVED] so others know what to expect
 
You must log in or register to reply here.
Top Bottom