INotify: remove allow-hotplug from /etc/network/interfaces
for user installing proxmox on top of debian,
debian install by default the first nic with allow-hotplug.
This is conflicting with "auto ...", but worst with ovs "allow-ovs ...".
User have reported race with ovs, where ovs vmbr was up before the nic.
https://forum.proxmox.com/threads/no-network-on-server-unless-i-ifdown-ifup-vmbr0.62733/
Dominik Csapak [Tue, 12 Nov 2019 12:56:20 +0000 (13:56 +0100)]
fix Tools::df for big storage usage values
if the size/avail of a mount is bigger than a certain amount,
json_encode writes the number in scientific format, which was not
matched by our \d+ regex.
This then resulted in 'undef' values for the result hash and
subsequently led to errors and warnings.
Extend the regex to also match scientific formatted numbers,
perl can then use them as is, no need for any conversion.
Dominik Csapak [Thu, 3 Oct 2019 11:50:07 +0000 (13:50 +0200)]
JSONSchema: add pve-tag format
this will be used for vm/ct tag-lists, so that (config) management systems
or similar add additional information that does not reside in the
description
putting it here, since we want to eventually have it also for
nodes,storages,etc.
Thomas Lamprecht [Tue, 29 Oct 2019 06:28:52 +0000 (07:28 +0100)]
d/control: record breaks of pve-container (<< 3.0-9)
As we drop the arch translation part used by pve-container packages
in version 3.0-8 or older we need to break them, to avoid broken
newly created containers.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
JSONSchema: add TFA-secret format; support longer secrets
The old format used 16 base32 chars or 40 hex digits. Since they have
a common subset it's hard to distinguish them without the our
previous length constraints, so prefix a 'v2-' of the format to
support arbitrary lengths properly.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
add postinst hook to fix /etc/aliases whitespace error
This was wrongly shipped by our ISO since quite a bit (AFAICT, at
least 4.x), so fix it up in a versioned postinst snippet.
Do so by usind sed with the following pattern:
# sed -E -i -e 's/^www:(\w)/www: \1/' /etc/aliases
proposed by Musee Ullah[0]. It even catches a bit more than exactly
our misstep, may help if one copied this line, or added some other
addresses to this specific aliases entry.
Do this here, in pve-common, as it makes it sligthly simpler to roll
the change out to both, PVE and PMG.
Fabian Ebner [Wed, 28 Aug 2019 09:22:38 +0000 (11:22 +0200)]
Fix 2339: Handle multiple blank lines correctly in SectionConfig
It turns out that the line number counting was also broken (even on
files without multiple blanks), since the body of the while inside
the nextline subroutine would not be executed for a blank.
I guess the subroutine was intended to skip comments and blanks, but
since we use blanks to recognize the end of a section, I changed it
to only skip comments.
and constant AT_EMPTY_PATH for chowning a directory/file opened via
openat(2), for example when walking/creating a directory tree without
following symlinks.
CLIHandler: consider valid prefixes for completion
With the change introduced in 57c0d0c69c687f2dff876aa81369622d0ae0a841
completion of partial commands stopped working (e.g. typing qm res<TAB><TAB>
yields nothing instead of 'reset resize resume rescan')
By returning undef as 'ref' 'print_bash_completion' has no reference of the
available (sub) commands anymore.
By checking if the current argument is a valid prefix of a possible command,
and conditionally not setting the 'ref' hash to undef, the functionality is
restored.
Thomas Lamprecht [Thu, 23 May 2019 10:52:18 +0000 (12:52 +0200)]
assemble_spice_ticket: ensure variable in interpolated string are correct
In older perl the following two where the same:
"$foo::$bar" == "${foo}::${bar}"
But in perl 5, version 28 it's not anymore,
"$foo::$bar" would be equivalent to "${foo::}${bar}", the double
colons are now not used as variable name boundary, so mark that
explicitly in the affected case and surrounding ones preventively
This fixes authentication with spice* related stuff again.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Wed, 15 May 2019 08:03:50 +0000 (10:03 +0200)]
prevent autovivification of sectionconfig options
If, somehow, someone passes a config to check_config with keys set
that are not in the options for that type, this fixed check
lead to autovivification, meaning that any future calls to the same
worker had an additional option for that type which is not optional
this lead to a wrongfully deleting of entries when updating an entry of
a different type, since all entries of the original types suddenly
did not satisfy their required options and would not get parsed
by read_file anymore (thus missing when a successful write_file was done)
Dominik Csapak [Fri, 3 May 2019 07:28:51 +0000 (09:28 +0200)]
INotify: map address/netmask to cidr while parsing interfaces
this allows us to always show the 'address' the 'netmask' and the 'cidr'
both for ipv4 and ipv6
there is a small api change involved in one scenario:
if one manually changed the address to cidr format like
'10.0.0.4/24'
we now get from the api the parsed values
addr => 10.0.0.4
netmask => 24
cidr => 10.0.0.4/24
instead of
addr => 10.0.0.4/24
netmask =>
but i think that circumventing our api when writing the file, but still
relying on the api for reading is not a valid use case, i would argue
that we can change this, especially since we have a new field that
contains that information again (cidr)
See `man 2 setresuid`. The code was tested with small UIDs (109) and
one which does not fit into 16 bit (100000000), since I wasn't too
sure about the workings of setresuid vs. setresuid32 (see NOTES of
the manpage) - it worked with both.
Linux on amd64 has only a single setresuid, as it the 64 bit arch
came after the setresuid32 syscall, and thus it started with the
later one as single common one
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 21 Mar 2019 11:48:54 +0000 (12:48 +0100)]
JSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies
move it from qemu-server as it was also used in pve-container and
pve-manager (pvesr), while guest-commons AbstractConfig could be a
fit too, just move it here as all depending on this already use
JSONSchema and it just fits here...
Break respective qemu-server version
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Stoiko Ivanov [Tue, 12 Mar 2019 15:07:41 +0000 (16:07 +0100)]
JSONSchema: Adapt MAC address format to unicast
MAC-addresses having the LSB of the first octet set, are considered
multicast-addresses (see [0,1]).
the 'mac-addr' format got changed to only permit unicast addresses, which should
work for its current use-case (WOL for nodes).
additionally a default option was registered via register_standard_option to be
used in both PVE::LXC::Config and PVE::QemuServer.
Oguz Bektas [Thu, 28 Feb 2019 14:00:04 +0000 (15:00 +0100)]
fix #2111: regex match for email addresses
now allows:
* addresses without tld (f.e. user@localhost per bug)
* remove limits for number of subdomains
* allow +, -, ~ in local part
* disallow double dots (.. .a. etc) and dots in the end (abc.@mail.com)
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com> Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> Acked-by: Dominik Csapak <d.csapak@proxmox.com>
Christian Ebner [Wed, 20 Feb 2019 10:59:14 +0000 (11:59 +0100)]
Fix 1891: Add zsh command completion generator
This adds the function needed to generate the zsh autocompletion scripts.
Using the bash completion code path, this generates the list of possible
completions and adds them to the zsh completion by compadd.
For the autocompletion scripts to be loaded automatically, the following two
lines have to be placed in the .zshrc:
autoload -U compinit
compinit
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>