Stefan Reiter [Thu, 25 Jun 2020 11:35:40 +0000 (13:35 +0200)]
JSONSchema: use validator in print_property_string too
Suggested-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Stefan Reiter [Thu, 25 Jun 2020 11:35:39 +0000 (13:35 +0200)]
JSONSchema: add format validator support and cleanup check_format
Adds a third, optional parameter to register_format that allows specifying
a function that will be called after parsing and can validate the parsed
data. A validator should die on failed validation, and can also change the
parsed object by returning a modified version of it.
This is useful so one can register a format with its hash, thus allowing
documentation to be generated automatically, while still enforcing certain
validation rules.
The validator only needs to be called in parse_property_string, since
check_format always calls parse_property_string if there is a
possibility of a validator existing at all. parse_property_string should
then be called with named formats for best effect, as only then can
validators be used.
Clean up 'check_format' as well (which pretty much amounts to a rewrite).
No existing functionality is intentionally changed.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Thomas Lamprecht [Fri, 3 Jul 2020 12:17:04 +0000 (14:17 +0200)]
bump version to 6.1-4
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 26 Jun 2020 07:55:21 +0000 (09:55 +0200)]
follouwp: improve comment detection and refactor slightly
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Oguz Bektas [Wed, 17 Jun 2020 13:32:29 +0000 (15:32 +0200)]
schema: register 'timezone' format and add verification method
/usr/share/zoneinfo/zone.tab has the valid list of time zones.
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Stoiko Ivanov [Fri, 12 Jun 2020 09:14:38 +0000 (11:14 +0200)]
fix #2796: debian/postinst: check for existing /etc/aliases
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Mira Limbeck [Wed, 10 Jun 2020 14:03:38 +0000 (16:03 +0200)]
fix #2374: bridge-ports is assumed to be defined
bridge-ports is an optional parameter but was assumed to be defined in
the code. This resulted in 'use of uninitialized value' warnings.
By reordering of the $ports definition before the replace, we get rid of
the 'use of uninitialized value' when no bridge-port is specified.
In the second case we set it to an empty string when it is undefined.
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
Thomas Lamprecht [Mon, 8 Jun 2020 15:37:13 +0000 (17:37 +0200)]
bump version to 6.1-3
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Sun, 7 Jun 2020 11:39:47 +0000 (13:39 +0200)]
Inotify: write_network_interfaces : always autostart bond slaves interfaces
Currently, bond slaves are mostly working without autostart,
because bond slaves scripts from ifupdown1 && also ifupdown2
have some kind of hacks to start the slaves.
But if users want to do some tuning on the ifaces, they are not applied.
Also, with ifupdown2 + ovs, this kind of hack is not implemented (yet), so the
slaves of the bond are still down.
Debian/Ubuntu official docs always set "auto ethX" for bond slaves,
it's really more clean like this.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Mike Beattie [Fri, 29 May 2020 10:58:52 +0000 (22:58 +1200)]
Add cpu core count to /nodes/{id}/status API result
This is useful for when collecting data for Guest OS licensing (Microsoft)
where physical core count matters, not socket or thread count.
The "cpus" value counts threads when Hyperthreading is enabled.
Signed-off-by: Mike Beattie <mike@ethernal.org>
Alexandre Derumier [Mon, 25 May 2020 11:05:08 +0000 (13:05 +0200)]
network: vlan-aware bridge: fix pvid when trunks is defined
Currently, when a trunks is defined, the vlan tag is not used
for pvid with vlan-aware bridge. (It's ok with ovs switch)
example:
net0: e1000=BA:90:68:B8:CF:F5,bridge=vmbr1,tag=2,trunks=2-11
before
------
tap100i0 2-11
after
-----
tap100i0 2 PVID Egress Untagged
3-11
No regression for other configurations:
net0: e1000=BA:90:68:B8:CF:F5,bridge=vmbr1
before
------
tap100i0 1 PVID Egress Untagged
2-4094
after
-----
tap100i0 1 PVID Egress Untagged
2-4094
net0: e1000=BA:90:68:B8:CF:F5,bridge=vmbr1,tag=2
before
------
tap100i0 2 PVID Egress Untagged
after
-----
tap100i0 2 PVID Egress Untagged
net0: e1000=BA:90:68:B8:CF:F5,bridge=vmbr1,trunks=2-11
before
------
tap100i0 1 PVID Egress Untagged
2-11
after
-----
tap100i0 1 PVID Egress Untagged
2-11
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Fri, 17 Apr 2020 05:47:05 +0000 (07:47 +0200)]
read_bridge_mtu: public method instead private
Thomas Lamprecht [Sat, 9 May 2020 19:01:10 +0000 (21:01 +0200)]
bump version to 6.1-2
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 9 May 2020 18:53:28 +0000 (20:53 +0200)]
network: bridge add IF: do not add all VLANs if $trunks are passed
fixes commit
89ea13ef6b1555f92309da5c298e16579163eaf4 and
restores old behavior, the "if !$trunks" post-if was a bit suble, it
did not guard the die, but the system command previously - the die
was || (ORd) to the command, bad code style to begin with..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 6 May 2020 10:14:10 +0000 (12:14 +0200)]
bump version to 6.1-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fabian Grünbichler [Wed, 6 May 2020 10:03:20 +0000 (12:03 +0200)]
network: fix adding vlan tags to bridge
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Stoiko Ivanov [Tue, 5 May 2020 15:01:07 +0000 (17:01 +0200)]
ProcFSTools: fix read_meminfo without KSM
on kernel configs where KSM is not enabled (e.g. an openstack instance at
OVH) the file /sys/kernel/mm/ksm/pages_sharing does not exist.
In that case there is no memory shared so assuming 0 is reasonable.
While this is not the case with our shipped kernel, and thus will probably
not happen on a PVE installation, PMG can run quite happily with a different
kernel (the reporter had this on an openstack instance at OVH).
a quick grep through our codebase showed only the API2::Nodes::Nodeinfo::status
call as user of the memshared property.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Fabian Ebner [Tue, 28 Apr 2020 08:18:26 +0000 (10:18 +0200)]
print_text_table: handle undefined values in comparision
by introducing a safe_compare helper. Fixes warnings, e.g.
pvesh get /nodes/<NODE>/network
would print "use of uninitialized"-warnings if there are inactive
network interfaces, because for those, 'active' is undef.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
Tested-by: Oguz Bektas <o.bektas@proxmox.com>
Stefan Reiter [Mon, 4 May 2020 12:02:47 +0000 (14:02 +0200)]
fix #2696: avoid 'undefined value' warning in 'pvesh help unknown'
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:04:10 +0000 (10:04 +0200)]
bump version to 6.0-20
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Thomas Lamprecht [Sat, 2 May 2020 16:42:35 +0000 (18:42 +0200)]
JSONSchema: allow to import parse_property_string
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fabian Grünbichler [Mon, 20 Apr 2020 08:03:08 +0000 (10:03 +0200)]
build: remove ACME modules
from Makefile as well
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Wolfgang Link [Thu, 16 Apr 2020 05:18:20 +0000 (07:18 +0200)]
Move the code to proxmox-acme and add a dependency on it.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Thomas Lamprecht [Wed, 29 Apr 2020 12:51:59 +0000 (14:51 +0200)]
section config: use croak so that the error is from the callers POV
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Thu, 9 Apr 2020 14:10:41 +0000 (16:10 +0200)]
JSONSchema: extend pve-configid regex by '-'
we use this format for all 'delete' options but we have some options
that have a '-' in the name (e.g. 'sync-defaults-options') that cannot
be deleted if it is not included
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Fabian Grünbichler [Wed, 8 Apr 2020 12:02:50 +0000 (14:02 +0200)]
network: replace system() with run_command()
easier to read and extend, and safer as well.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Fabian Grünbichler [Wed, 8 Apr 2020 12:02:48 +0000 (14:02 +0200)]
network: remove unused debug code
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Thomas Lamprecht [Tue, 7 Apr 2020 16:12:54 +0000 (18:12 +0200)]
inotify: trailing whitespaces: comment and drop now superfluous chomp
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Sun, 5 Apr 2020 08:33:00 +0000 (10:33 +0200)]
Inotify: read_interfaces : remove trailing whitespaces
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Thomas Lamprecht [Sat, 4 Apr 2020 17:55:27 +0000 (19:55 +0200)]
bump version to 6.0-19
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 2 Apr 2020 15:30:55 +0000 (17:30 +0200)]
idmap followup: avoid false-negatives through falsy values in collision check
By using "exists" when checking if a hash entry is set, else things
like "0" could get accepted by mistake.
Also cleanup the code a little, like dropping the "PVE::JSONSchema::"
prefix, this is now in that module after all.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fabian Grünbichler [Mon, 30 Mar 2020 11:41:28 +0000 (13:41 +0200)]
JSONSchema: add idmap parser and storagepair format
generalized from the start to support extension to bridges or other
entities as well.
this gets us incremental support for the CLI, e.g.:
--targetstorage foo:bar --targetstorage bar:baz --targetstorage foo
creates a mapping of
foo=>bar
bar=>baz
with a default of foo
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Wolfgang Bumiller [Wed, 1 Apr 2020 10:20:59 +0000 (12:20 +0200)]
cpuset: also split write methods
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Wed, 1 Apr 2020 10:20:58 +0000 (12:20 +0200)]
cpuset: allow empty cpusets
This is explicitly allowed in the documentation and happens
easily with cgroupv2 as there it is used to inherit from the
closest ancestor.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 10:08:35 +0000 (12:08 +0200)]
Register acme-plugin-format
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Link [Tue, 31 Mar 2020 10:08:34 +0000 (12:08 +0200)]
Reuse id parse code.
The storage_id is the same as the plugin_id.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:35 +0000 (16:30 +0200)]
cpuset: cgroupv2 support
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:34 +0000 (16:30 +0200)]
cpuset: further factorization
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:33 +0000 (16:30 +0200)]
cpuset: replace 'kind' with an 'effective' boolean
All of our users of this function currently either pass
'effective_cpus' or nothing (undef), and in cgroupv2 the
effective-cpuset file uses a different naming scheme.
Since this is only a distinction between "intended" and
"effective", use this as a boolean instead, for easier
future cgroupv2 support.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:32 +0000 (16:30 +0200)]
cpuset: cleanup/refactor
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Thomas Lamprecht [Sat, 21 Mar 2020 15:49:51 +0000 (16:49 +0100)]
bump version to 6.0-18
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Fri, 13 Mar 2020 12:18:43 +0000 (13:18 +0100)]
ldap: add optional classes to query_users
and filter by it
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Fri, 13 Mar 2020 12:18:42 +0000 (13:18 +0100)]
ldap: optionally save group name by attribute
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 11:25:03 +0000 (12:25 +0100)]
bump version to 6.0-17
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Fri, 13 Mar 2020 10:48:11 +0000 (11:48 +0100)]
t.list-interfaces.pl: add cidr address test
also reuse wanted values
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 10:36:31 +0000 (11:36 +0100)]
inotify/interfaces: fallback to cidr for address on write
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 10:14:55 +0000 (11:14 +0100)]
inotify/interfaces: ensure cidr, address and netmask are set correctly
This should bring back compatibillity in the read site and one for
all clears that cidr is cidr, netmask is mask and address is address
(outgoing).
We're still very flexible on what can be written out.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 10:07:17 +0000 (11:07 +0100)]
test: list ifaces: fix indentation of expected structure
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 10:04:46 +0000 (11:04 +0100)]
INotify: sort and spli module usage
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 13 Mar 2020 10:01:01 +0000 (11:01 +0100)]
runtest: clone config before passing to write to avoid side effects
write changes some parts of the config, if this is a reference to the
config used for checking parsing it may lead to unexpected failures
due to those side effects..
For me it was "cidr" and "cidr6" getting deleted, and thus upcomming
tests for a compat change failing without any apparent reason.. :/
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 12 Mar 2020 15:15:21 +0000 (16:15 +0100)]
bump version to 6.0-16
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Thu, 12 Mar 2020 14:21:55 +0000 (15:21 +0100)]
inotify: fix compatibillity with address + netmask separate passed
fixes commit
78c6656c9aba1d57786f916717c2622a3059fb6 which dropped
writing out the netmask but missed to add compat code for the case
where the caller did not suplly a address in CIDR format already.
Check if an address ends with /\d+, if not see if a netmask is
available and add that similar how it gets handled on read.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-By: Stoiko Ivanov <s.ivanov@proxmox.com>
Tested-By: Stoiko Ivanov <s.ivanov@proxmox.com>
Thomas Lamprecht [Thu, 12 Mar 2020 14:21:15 +0000 (15:21 +0100)]
inotify: indentation fix
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 16:02:16 +0000 (17:02 +0100)]
bump version to 6.0-15
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 16:29:37 +0000 (17:29 +0100)]
LDAP: fix missing newline in error message
seems like LDAP->new doesn't adds it, so we get the ". at
/path/to/module.pm line xy" ugly error
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 15:59:44 +0000 (16:59 +0100)]
d/control: break pmg-api (<< 6.1-7)
as we now register the ldap-simple-attr' format, and double
registrations result in exceptions.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Fri, 6 Mar 2020 10:05:36 +0000 (11:05 +0100)]
add ldap-simple-attr from pmg
we also need it in pve
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 11:24:07 +0000 (12:24 +0100)]
RESTHandler getopt_usage: schema properties can be undef
While seldom some of our API endpoints do not define it, e.g., the
world readable /access/ticket call.
As all of the stack can cope with that just fine make getopt_usage
also follow that behavior and don't assume that properties has to be
defined.
This fixes a complaint about undefined value use in the following
calls:
pvesh usage /access/ticket
pmgsh help /access
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 10:28:21 +0000 (11:28 +0100)]
inotify: read interfaces: avoid uninitialized value access
check if 'ovs_type' is defined first
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 9 Mar 2020 06:32:06 +0000 (07:32 +0100)]
Revert "Network: tap_create|plug : sdn : use bridge_vlan"
With revert "network: followup: move graceful require SDN out from
subs" squashed.
This reverts commit
c02d6d1c96a97cbdfb47d0ff28bca833bce2f91a.
This reverts commit
35f2791ffa3f855c8f24a10f1f09f1262e3d9fab.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 7 Mar 2020 16:51:19 +0000 (17:51 +0100)]
bump version to 6.0-14
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 7 Mar 2020 17:09:15 +0000 (18:09 +0100)]
network: followup: move graceful require SDN out from subs
As "require" is evaluated on module load only once, we either have
it or not, so move it to the top to avoid code duplication
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Mon, 10 Feb 2020 16:26:47 +0000 (17:26 +0100)]
Network: tap_create|plug : sdn : use bridge_vlan
find correct bridge/vlan from vnet config
Thomas Lamprecht [Sat, 7 Mar 2020 17:01:13 +0000 (18:01 +0100)]
d/control: record break of older ifupdown2
If ifupdown2 is installed we really want to have it synced with this
version, also with OVS (ifupdown2 handles that break) - this is part
of the version barrier.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Tue, 18 Feb 2020 05:33:46 +0000 (06:33 +0100)]
INotify : fix OVSBond && OvsintPort order + tests
OVSBond was missing
OvsintPort under ethx interfaces
Alexandre Derumier [Tue, 18 Feb 2020 05:33:47 +0000 (06:33 +0100)]
INotify: fix unknown for unknown ovs_type
if user defined manually ovs_type OVSTunnel or OVSPatchPort,
the type is empty.
set type=unknown first to avoid this kind of mistake
Alexandre Derumier [Fri, 21 Feb 2020 09:28:12 +0000 (10:28 +0100)]
INotify: detect ifupdown2 from executable not path
Seem than addons.conf file is not removed on "apt remove ifupdown2",
so /usr/share/ifupdown2 is not removed too.
Alexandre Derumier [Fri, 21 Feb 2020 09:28:11 +0000 (10:28 +0100)]
INotify: use auto for ovs interfaces with ifupdown2
Need the ifupdown2 openvswitch addon !
Thomas Lamprecht [Wed, 4 Mar 2020 14:44:18 +0000 (15:44 +0100)]
bump version to 6.0-13
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Dominik Csapak [Thu, 20 Feb 2020 15:20:00 +0000 (16:20 +0100)]
add LDAP Wrapper code
This will be used for PMG and PVE LDAP Authentication & Sync.
The code is largely copied/inspired by the already existing LDAP code in
PVEs AccessControl and PMGs LDAPCache
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Dominik Csapak [Tue, 3 Mar 2020 09:47:30 +0000 (10:47 +0100)]
fix #2618: increase maximum port for spice to 61999
and expose the range in its own sub to reuse it in http-server
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Thomas Lamprecht [Wed, 4 Mar 2020 14:11:35 +0000 (15:11 +0100)]
followup cleanup and fix missing semicolon
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Thu, 20 Feb 2020 11:55:19 +0000 (12:55 +0100)]
remove extra space after address && gateway options
only 1 space like all others options
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Thu, 20 Feb 2020 11:55:18 +0000 (12:55 +0100)]
INotify: use cidr for address on config change
netmask/broadcast options are deprecated since buster
https://manpages.debian.org/buster/ifupdown/interfaces.5.en.html
This still read both "old address/netmask" or "address cidr" format,
but always convert it to cidr address format
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Thomas Lamprecht [Fri, 21 Feb 2020 12:49:18 +0000 (13:49 +0100)]
get_ip_from_hostname: check all address we get from getaddrinfo_all for non-local IP
This was limited without reason to checking only the first IP we get
returned from getaddrinfo_all, but we can have multiple IPs for a
hostname, and possible one of them is local but another not, so check
all and only die if no non-local address at all got found.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Christian Ebner [Thu, 20 Feb 2020 15:33:07 +0000 (16:33 +0100)]
zsh-completion: Add missing flag to compadd
This fixes an issue with zsh completion where certain words were not added to the
list of matches, but incorrectly interpreted as flags or options.
By passing the "--" flag, compadd is notified that all following arguments should
be considered for completion and not interpreted as flags or options for compadd.
Details can be found in the compadd documentation:
http://zsh.sourceforge.net/Doc/Release/Completion-Widgets.html#Completion-Builtin-Commands
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
Alexandre Derumier [Fri, 7 Feb 2020 11:40:28 +0000 (12:40 +0100)]
INotify : check_bridge : fix bridge-ports with vlan tagged interface
Currently with strip vlan tag, that's wrong because
mtu && others check are done the main interface.
Alexandre Derumier [Fri, 7 Feb 2020 11:40:27 +0000 (12:40 +0100)]
INotify: check bridge ip: add missing check if method is not defined
Alexandre Derumier [Fri, 7 Feb 2020 11:40:26 +0000 (12:40 +0100)]
INotify: fix mtu check && add test
reverse the parent-child. (bridge-port is the parent)
Thomas Lamprecht [Fri, 31 Jan 2020 09:33:14 +0000 (10:33 +0100)]
bump version to 6.0-12
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 31 Jan 2020 09:24:24 +0000 (10:24 +0100)]
systemd: add un-/escape_unit helpers
moved from pve-storage, we need to reuse it in another module there,
as it's a general method lets just move it here already.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Fri, 31 Jan 2020 09:22:21 +0000 (10:22 +0100)]
procfs: add check_kernel_release
adapted from Wolfgan's patch[0] for a pve-container feature check, as
this is a general check let's move it here.
[0]: https://pve.proxmox.com/pipermail/pve-devel/2020-January/041477.html
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Tue, 28 Jan 2020 10:33:07 +0000 (11:33 +0100)]
bump version to 6.0-11
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Fabian Grünbichler [Tue, 21 Jan 2020 12:53:56 +0000 (13:53 +0100)]
API schema: add 'allowtoken' property
to mark which API methods should be available to clients authenticated using an API token.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Alexandre Derumier [Sat, 25 Jan 2020 09:27:04 +0000 (10:27 +0100)]
tests: unknown interfaces order: rename vlan interfaces to unknown
vlan(X) interfaces are not unknown anymore
use generic name instead
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Sat, 25 Jan 2020 09:27:03 +0000 (10:27 +0100)]
INotify: improve vlan interface parsing
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Moayad [Mon, 20 Jan 2020 14:26:43 +0000 (15:26 +0100)]
Add build dependency libtest-mockmodule-perl
Signed-off-by: Moayad Almalat <m.almalat@proxmox.com>
Thomas Lamprecht [Wed, 15 Jan 2020 13:28:51 +0000 (14:28 +0100)]
ACME: comment fixup some POST to GET-as-POST
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Wolfgang Link [Wed, 15 Jan 2020 12:07:44 +0000 (13:07 +0100)]
ACME: Change authorization call
As Let's Encrypt will no more allow GET calls[0], we have to change
to GET-as-POST[1] requests.
[0]: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380/4
[1]: https://tools.ietf.org/html/rfc8555#section-6.3
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
[ Thomas: Add ACME tag and reference GET-as-POST[1] ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 13 Jan 2020 16:52:07 +0000 (17:52 +0100)]
bump version to 6.0-10
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Mon, 13 Jan 2020 16:25:10 +0000 (17:25 +0100)]
certs: generate_csr: allow to set CN explicit
Else, when used with ACME, the SAN is always sorted so we always get
the Subject Alternative Name sorting alphabetically first, which
doesn't necessarily has to be the "primary" domain. While this is
rather cosmetically (all SANs are equal) it could still result it
flapping CN when SANs and thus possibly the order changes, e.g., in
our CDN mirror pool. It also doesn't costs anything to allow control
over this, so why not..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 11 Jan 2020 15:15:02 +0000 (16:15 +0100)]
followup code cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Sat, 11 Jan 2020 15:12:33 +0000 (16:12 +0100)]
followup trailing whitespace fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Alexandre Derumier [Thu, 9 Jan 2020 13:11:03 +0000 (14:11 +0100)]
INotify: network : add ovs_mtu option
This is also rewriting any "mtu" option on a ovs interface
to "ovs_mtu"
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Thu, 9 Jan 2020 13:11:02 +0000 (14:11 +0100)]
INotify: add bond-primary option
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Thu, 9 Jan 2020 13:11:01 +0000 (14:11 +0100)]
INotify: allow vlan tagged bridge interface on non-vlanaware bridge
Seem that it's working too with non-vlanaware bridge
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Thu, 9 Jan 2020 13:11:00 +0000 (14:11 +0100)]
Inotify: forbid ip address on bridged interface.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Alexandre Derumier [Tue, 7 Jan 2020 00:59:17 +0000 (01:59 +0100)]
INotify: remove allow-hotplug from /etc/network/interfaces
for user installing proxmox on top of debian,
debian install by default the first nic with allow-hotplug.
This is conflicting with "auto ...", but worst with ovs "allow-ovs ...".
User have reported race with ovs, where ovs vmbr was up before the nic.
https://forum.proxmox.com/threads/no-network-on-server-unless-i-ifdown-ifup-vmbr0.62733/
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Thomas Lamprecht [Wed, 8 Jan 2020 09:32:12 +0000 (10:32 +0100)]
REST Handler: check for value defindness when untainting
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Thomas Lamprecht [Wed, 8 Jan 2020 09:31:39 +0000 (10:31 +0100)]
sort module usage + some newlines for readabilty
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
projects / pve-common.git / log