acl.cfg

Description

The file /etc/proxmox-backup/acl.cfg is a configuration file for Proxmox Backup Server. It contains the access control configuration for the API.

File Format

This file contains the access control list for the Proxmox Backup Server API.

Each line starts with acl:, followed by 4 additional values separated by colon.

propagate

Propagate permissions down the hierarchy

path

The object path

User/Token

List of users and tokens

Role

List of assigned roles

Here is an example list:

acl:1:/:root@pam!test:Admin
acl:1:/datastore/store1:user1@pbs:DatastoreAdmin

You can use the proxmox-backup-manager acl command to manipulate this file.

Roles

The following roles exist:

Admin

Administrator

Audit

Auditor

NoAccess

Disable Access

DatastoreAdmin

Datastore Administrator

DatastoreReader

Datastore Reader (inspect datastore content and do restores)

DatastoreBackup

Datastore Backup (backup and restore owned backups)

DatastorePowerUser

Datastore PowerUser (backup, restore and prune owned backup)

DatastoreAudit

Datastore Auditor

RemoteAudit

Remote Auditor

RemoteAdmin

Remote Administrator

RemoteSyncOperator

Syncronisation Opertator

TapeAudit

Tape Auditor

TapeAdmin

Tape Administrator

TapeOperator

Tape Operator

TapeReader

Tape Reader

Copyright and Disclaimer

Copyright (C) 2019-2022, Proxmox Server Solutions GmbH

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see http://www.gnu.org/licenses/