Permissions for User to hibernate VM and change hardware

E

Eumel

New Member
Jul 27, 2021
5
0
1
34
What permissions do users need to be able to hibernate a VM?
I gave him PVEAdmin but he still gets a" no permission for Datastore.AllocateSpace" error.

The same question goes for changing hardware, two users share a GPU on passthrough. Currently if they want to swap it has to go through me to remove and add the pci device since they dont get permission.
 
Last edited:
Hi,
besides the rights to the VM they also need the right to allocate storage in the storage selected within the options of the VM under Options/VM State Storage. The default location is the "local" storage. I didn't check if these are the least permissions possible, but setting these two I could send the VM into hibernation with my "fun" user.

1655111010573.png
 
shrdlicka said:
Hi,
besides the rights to the VM they also need the right to allocate storage in the storage selected within the options of the VM under Options/VM State Storage. The default location is the "local" storage. I didn't check if these are the least permissions possible, but setting these two I could send the VM into hibernation with my "fun" user.

View attachment 37899
Click to expand...
Perfect, that did the trick.
I guess we have a different version installed, for me it was under the storage for my node (for future reference only).

Any idea on the adding and removing PCI devices front?
 
Last edited:
Can you post the error message the users are getting when they try to remove PCI devices?
 
PCI passthrough requires root privileges (as it can easily cause problems for the whole system), that is currently not assignable to other users. there is a patch series for allowing that being worked on - but obviously this is not something you want to allow for random users, but rather for admin accounts that would otherwise also have root-level access (e.g. via a personalized login that can do `sudo`).
 
  • Like
Reactions: shrdlicka
shrdlicka said:
Can you post the error message the users are getting when they try to remove PCI devices?
Click to expand...
Theres not really an error, adding and removing pci devices is greyed out for them
fabian said:
PCI passthrough requires root privileges (as it can easily cause problems for the whole system), that is currently not assignable to other users. there is a patch series for allowing that being worked on - but obviously this is not something you want to allow for random users, but rather for admin accounts that would otherwise also have root-level access (e.g. via a personalized login that can do `sudo`).
Click to expand...
The passthrough is active either way afaik, I only want to map it to different VMs in the webview.
These are also trusted users, if this wont work theyll get the root login. The seperation now is mainly for good form.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back