Bug with the proxmox Rest api?

W

whiggs

New Member
Dec 11, 2024
14
0
1
Hey Everyone. So I think I may have found a bug with the proxmox api. Consider the below powershell script that I wrote which utilizes the Corsinvest.ProxmoxVE.Api Powershell module to create a vm:

Code: 
$apikey = 'root@pam!api=Idontthinkso'
$key = Connect-PveCluster -HostsAndPorts 192.168.1.15:8006 -SkipCertificateCheck -ApiToken $apikey
$sata = @{}
$sata.add("0", "fourt:100")
$sata.Add("1", "fourt:0,import-from=/mnt/pve/iso/template/iso/SERVER.VHD")
$ide = @{}
$ide.Add("2", "big:iso/virtio-win-0.1.266.iso,media=cdrom")
$usb = @{}
$usb.Add("0", "spice,usb3=1")
$net = @{}
$net.Add(0, "model=e1000,bridge=vmbr0,firewall=1")
$vmid = 100
New-PveQemu -Memory "4096" -Bios ovmf -Cpu host -Cores 4 -Machine q35 -Node prox -Pool res -Ostype win10 -Scsihw virtio-scsi-pci -Vmid 100 -Name "PB99976-P05" -Storage fourt -Vga "type=qxl,memory=128" -NetN $net -Efidisk0 "fourt:1,efitype=4m,pre-enrolled-keys=1" -Agent "1" -SataN $sata -IdeN $ide -Boot "order=sata1;sata0;ide2" -UsbN $usb

As you can see, one of the disks that I have defined imports an existing disk image. I point this out simply because it is the part of the script that is referenced in the error message. When I attempt to run the above script, the proxmox api returns the following error:

Code: 
Only root can pass arbitrary filesystem paths. at /usr/share/perl5/PVE/Storage.pm line 561.

The path that the error is referring to is the path I passed to the "import-from" property when creating one of the disks. I find this error odd because, as you can see for yourself, the api key that I use in my script (which I redacted of course) was created to authenticate the root user. As a test, I attempted running the above script again, except I authenticated to the proxmox server using the root accounts actual credentials, and the script worked perfectly. So, it would seem, as far as the permissions needed to "pass an arbitrary filesystem path" to the proxmox api, authenticating to the proxmox server using an api key generated by the root user does not have the permissions of the root user.
 
mkoeppl said:
Hello!

It seems that this is a known bug/problem and that there is a patch for it that never really got applied.
Click to expand...
Thank you for your reply. OK. Well, I am glad that the proxmox team is aware that this is a bug, but can I get you to clarify what you mean when you say "there is a patch that never got applied?" Because when I read that, what I hear is "there is a patch that fixes the issue, but for reasons that I am sure are super duper important, nobody has bothered to make the publicly available." Is that accurate?
 
You should be able to circumvent needing the root user by moving the volume to the import directory of the storage you're using. You can then refer to your volume in import-from via its volume ID.

An example of this would be:
Code: 
import-from=<storage>:100/vm-100-disk-0.qcow2
 
mkoeppl said:
You should be able to circumvent needing the root user by moving the volume to the import directory of the storage you're using. You can then refer to your volume in import-from via its volume ID.

An example of this would be:
Code: 
import-from=<storage>:100/vm-100-disk-0.qcow2
Click to expand...

That really doesn't address the root problem though, does it? And you did not answer my question. If proxmox is going to be a product that is marketed as an enterprise tool, there is an expectation of consistency. Furthermore, your workaround does not work for my particular scenario. Take a look at the file specified in the "import-from" property. The file has an extention of VHD, due to the fact that the image was captured using Microsoft Sysinternal's Disk2vhd tool. I believe that it is due to the file type that proxmox does not view it as a valid disk image, and therefore does not allow me to shorten the path in the manner you specified. I normally have to convert the image from vhd to a format that proxmox recognizes. Take a look at what happens when I try. The vhd in question is stored in the directory where all my iso files are stored:

r8UKhHI.png
JaNPFO0.png

So, the vhd files are stored on the "big" datastore, right? Yet, when I try specify the object in the manner you specified (I have tried both import-from=big:iso/SERVER.VHD" and import-from=big:templates/iso/SERVER.VHD", I get the error "unable to parse directory volume name."
 
Last edited:
You must log in or register to reply here.
Top Bottom