User permission and roles...

Is it possible to change or add a role? I need a user, that has the same permissions/role like "PVEVMUser" + VM.Config.CDROM permission. How do I do that?

Latest package already include VM.Config.CDROM privilege on PVEVMUser. Please update and test.
 
I am working on a patch , to be able to store this info in ldap. ( we are using a external LDAP tool do grant permissions.)
Could one get a explanation on the syntax of the user.cfg file ?
As i will need to add this patch so it checks both user.cfg and ldap i would need to know what file is handeling that today and i rather not have to do full search in the source, so maby someone could tell me what file it is ?


//Coffe

( Trying to integrate pm2.0 with Fusiondirector/Gosa using sssd for pam )
 
Latest package already include VM.Config.CDROM privilege on PVEVMUser. Please update and test.

Thanks. Now the user is able to change the cd-rom image - theoretically (the storage and iso-image-list is empty for the user, but is required). The user is also unable to upload new images. It's not the first priority to upload new images from the user account, but at least he should be able to choose between one of the already uploaded images - which isn't possible at the moment.
 
Last edited:
but at least he should be able to choose between one of the already uploaded images - which isn't possible at the moment.

Please can you post the file /etc/pve/users.cfg? Also make sure you run the latest version.
 
Please can you post the file /etc/pve/users.cfg? Also make sure you run the latest version.

Version: pve-manager/2.0/af81df02
user.cfg

user:****@pve:1:0:::::
user:****@pve:1:0:::::
user:****@pve:1:0:::::
user:testvm@pve:1:0:::::
user:****@pve:1:0:::::
user:root@pam:1:0:::support@******.de::

group:users:****@pve,****@pve,****@pve,testvm@pve,****@pve::



acl:1:/storage/local:testvm@pve:PVEVMUser:
acl:1:/storage/test:testvm@pve:PVEVMAdmin:
acl:0:/vms/200:testvm@pve:PVEVMUser:
acl:0:/vms/201:****@pve:PVEVMUser:
acl:0:/vms/202:****@pve:PVEVMUser:
acl:0:/vms/203:****@pve:PVEVMUser:
acl:1:/vms/204:****@pve:PVEVMUser:


I'm testing via "testvm" user
 
Last edited:
acl:1:/storage/local:testvm@pve:PVEVMUser:
acl:1:/storage/test:testvm@pve:PVEVMAdmin:

Well, VM permissions does not help on storage, try the following instead:

Code:
acl:1:/storage/local:testvm@pve:PVEDatastoreUser:
acl:1:/storage/test:testvm@pve:PVEDatastoreAdmin:
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!