Hi All,
I'm starting to use pools and user privileges on my proxmox cluster to try and make it a little more secure.
I have scripts which manage the creation and setup of VMs. One of the actions I need to do it do set the additional ARGS to enable remote VNC and serial connections.
I've created a new role and given it VM.Config.Options amongst others but I still do not seem to be able to modify the ARGS for the VM. If I connect as root then the script works just fine.
Below is a list of all the Privs which I've granted to this role:
Datastore.AllocateSpace,VM.Allocate,VM.Audit,VM.Cl one,VM.Config.CDROM,VM.Config.CPU,VM.Config.Disk,V M.Config.HWType,VM.Config.Memory,VM.Config.Network ,VM.Config.Options,VM.Console,VM.Migrate,VM.PowerM gmt
The WIKI docs imply that VM.Config.Options is necessary.
Has anyone else done this? and can shed light on which priv I've missed.
Cheers,
---Guy
I'm starting to use pools and user privileges on my proxmox cluster to try and make it a little more secure.
I have scripts which manage the creation and setup of VMs. One of the actions I need to do it do set the additional ARGS to enable remote VNC and serial connections.
I've created a new role and given it VM.Config.Options amongst others but I still do not seem to be able to modify the ARGS for the VM. If I connect as root then the script works just fine.
Below is a list of all the Privs which I've granted to this role:
Datastore.AllocateSpace,VM.Allocate,VM.Audit,VM.Cl one,VM.Config.CDROM,VM.Config.CPU,VM.Config.Disk,V M.Config.HWType,VM.Config.Memory,VM.Config.Network ,VM.Config.Options,VM.Console,VM.Migrate,VM.PowerM gmt
The WIKI docs imply that VM.Config.Options is necessary.
- VM.Config.Options: modify any other VM configuration
Has anyone else done this? and can shed light on which priv I've missed.
Cheers,
---Guy