The EFI disk is already pre-existing and should not be removed in case
the VM configuration was modified during the enrollment operation.
It's not critical if the new certs are enrolled but the marker is not
written to the configuration. Worst case, the operation is just done
again, where virt-fw-vars will just skip enrollment after detecting
that the new certs are already on the disk.
Fixes: 95eb95c3 ("qm enroll-efi-keys: move potential blocking operation out of
lock")
Signed-off-by: Fiona Ebner <[email protected]>
---
src/PVE/CLI/qm.pm | 9 +--------
1 file changed, 1 insertion(+), 8 deletions(-)
diff --git a/src/PVE/CLI/qm.pm b/src/PVE/CLI/qm.pm
index 60fe318e..ca57409f 100755
--- a/src/PVE/CLI/qm.pm
+++ b/src/PVE/CLI/qm.pm
@@ -744,14 +744,7 @@ __PACKAGE__->register_method({
my $locked_conf = PVE::QemuConfig->load_config($vmid);
eval { PVE::Tools::assert_if_modified($conf->{digest},
$locked_conf->{digest}) };
- if (my $err = $@) {
- eval {
- my $drive =
PVE::QemuServer::Drive::parse_drive('efidisk0', $updated);
- PVE::Storage::vdisk_free($storecfg, $drive->{file});
- };
- warn "failed to clean-up prepared efidisk volume - $@" if
$@;
- die "VM ${vmid}: $err";
- }
+ die "VM ${vmid}: $@" if $@;
$locked_conf->{efidisk0} = $updated;
PVE::QemuConfig->write_config($vmid, $locked_conf);
--
2.47.3
_______________________________________________
pve-devel mailing list
[email protected]
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
