pve-common.git
4 days agoAdd build dependency libtest-mockmodule-perl master
Moayad [Mon, 20 Jan 2020 14:26:43 +0000 (15:26 +0100)]
Add build dependency libtest-mockmodule-perl

Signed-off-by: Moayad Almalat <m.almalat@proxmox.com>
9 days agoACME: comment fixup some POST to GET-as-POST
Thomas Lamprecht [Wed, 15 Jan 2020 13:28:51 +0000 (14:28 +0100)]
ACME: comment fixup some POST to GET-as-POST

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 days agoACME: Change authorization call
Wolfgang Link [Wed, 15 Jan 2020 12:07:44 +0000 (13:07 +0100)]
ACME: Change authorization call

As Let's Encrypt will no more allow GET calls[0], we have to change
to GET-as-POST[1] requests.

[0]: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380/4
[1]: https://tools.ietf.org/html/rfc8555#section-6.3

Signed-off-by: Wolfgang Link <w.link@proxmox.com>
[ Thomas: Add ACME tag and reference GET-as-POST[1] ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
11 days agobump version to 6.0-10
Thomas Lamprecht [Mon, 13 Jan 2020 16:52:07 +0000 (17:52 +0100)]
bump version to 6.0-10

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
11 days agocerts: generate_csr: allow to set CN explicit
Thomas Lamprecht [Mon, 13 Jan 2020 16:25:10 +0000 (17:25 +0100)]
certs: generate_csr: allow to set CN explicit

Else, when used with ACME, the SAN is always sorted so we always get
the Subject Alternative Name sorting alphabetically first, which
doesn't necessarily has to be the "primary" domain. While this is
rather cosmetically (all SANs are equal) it could still result it
flapping CN when SANs and thus possibly the order changes, e.g., in
our CDN mirror pool. It also doesn't costs anything to allow control
over this, so why not..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
13 days agofollowup code cleanup
Thomas Lamprecht [Sat, 11 Jan 2020 15:15:02 +0000 (16:15 +0100)]
followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
13 days agofollowup trailing whitespace fixes
Thomas Lamprecht [Sat, 11 Jan 2020 15:12:33 +0000 (16:12 +0100)]
followup trailing whitespace fixes

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
13 days agoINotify: network : add ovs_mtu option
Alexandre Derumier [Thu, 9 Jan 2020 13:11:03 +0000 (14:11 +0100)]
INotify: network : add ovs_mtu option

This is also rewriting any "mtu" option on a ovs interface
to "ovs_mtu"

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
13 days agoINotify: add bond-primary option
Alexandre Derumier [Thu, 9 Jan 2020 13:11:02 +0000 (14:11 +0100)]
INotify: add bond-primary option

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
13 days agoINotify: allow vlan tagged bridge interface on non-vlanaware bridge
Alexandre Derumier [Thu, 9 Jan 2020 13:11:01 +0000 (14:11 +0100)]
INotify: allow vlan tagged bridge interface on non-vlanaware bridge

Seem that it's working too with non-vlanaware bridge

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
13 days agoInotify: forbid ip address on bridged interface.
Alexandre Derumier [Thu, 9 Jan 2020 13:11:00 +0000 (14:11 +0100)]
Inotify: forbid ip address on bridged interface.

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 weeks agoINotify: remove allow-hotplug from /etc/network/interfaces
Alexandre Derumier [Tue, 7 Jan 2020 00:59:17 +0000 (01:59 +0100)]
INotify: remove allow-hotplug from /etc/network/interfaces

for user installing proxmox on top of debian,
debian install by default the first nic with allow-hotplug.

This is conflicting with "auto ...", but worst with ovs "allow-ovs ...".

User have reported race with ovs, where ovs vmbr was up before the nic.
https://forum.proxmox.com/threads/no-network-on-server-unless-i-ifdown-ifup-vmbr0.62733/

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 weeks agoREST Handler: check for value defindness when untainting
Thomas Lamprecht [Wed, 8 Jan 2020 09:32:12 +0000 (10:32 +0100)]
REST Handler: check for value defindness when untainting

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agosort module usage + some newlines for readabilty
Thomas Lamprecht [Wed, 8 Jan 2020 09:31:39 +0000 (10:31 +0100)]
sort module usage + some newlines for readabilty

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 weeks agogrammar fix: s/does not exists/does not exist/g
Thomas Lamprecht [Fri, 13 Dec 2019 11:05:54 +0000 (12:05 +0100)]
grammar fix: s/does not exists/does not exist/g

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 weeks agoREADME.dev: drop apt-transport-https
Thomas Lamprecht [Wed, 4 Dec 2019 09:19:12 +0000 (10:19 +0100)]
README.dev: drop apt-transport-https

since apt 1.5 this is not required anymore

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agobump version to 6.0-9
Thomas Lamprecht [Sat, 23 Nov 2019 15:15:14 +0000 (16:15 +0100)]
bump version to 6.0-9

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoProcFSTools: add kernel_version
Thomas Lamprecht [Sat, 23 Nov 2019 11:15:59 +0000 (12:15 +0100)]
ProcFSTools: add kernel_version

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agotests: allow to make tests in parallel
Thomas Lamprecht [Sat, 23 Nov 2019 11:14:19 +0000 (12:14 +0100)]
tests: allow to make tests in parallel

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agobe a bit more specific about not using this big list
Thomas Lamprecht [Sat, 23 Nov 2019 09:30:22 +0000 (10:30 +0100)]
be a bit more specific about not using this big list

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoremove corosync-dev from build deps
Thomas Lamprecht [Sat, 23 Nov 2019 09:20:26 +0000 (10:20 +0100)]
remove corosync-dev from build deps

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoCLIHandler: record missing JSONSchema usage
Thomas Lamprecht [Fri, 22 Nov 2019 18:30:17 +0000 (19:30 +0100)]
CLIHandler: record missing JSONSchema usage

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agobump version to 6.0-8
Thomas Lamprecht [Wed, 20 Nov 2019 17:43:15 +0000 (18:43 +0100)]
bump version to 6.0-8

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoSysFSTools: do not assume pci domain 0000
Dominik Csapak [Tue, 12 Nov 2019 13:23:02 +0000 (14:23 +0100)]
SysFSTools: do not assume pci domain 0000

but prepend '0000' to ids where no domain is given, to keep the ability
to use the shorthand syntax (e.g. 00:01.0 instead of 0000:00:01.0)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2 months agoavoid cyclic reference in closure
Wolfgang Bumiller [Tue, 19 Nov 2019 08:49:07 +0000 (09:49 +0100)]
avoid cyclic reference in closure

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agosection config: remove Data::Dumper usage
Thomas Lamprecht [Mon, 18 Nov 2019 14:39:02 +0000 (15:39 +0100)]
section config: remove Data::Dumper usage

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agofollowup: avoid very long line through comment moval
Thomas Lamprecht [Tue, 12 Nov 2019 13:16:01 +0000 (14:16 +0100)]
followup: avoid very long line through comment moval

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agofix Tools::df for big storage usage values
Dominik Csapak [Tue, 12 Nov 2019 12:56:20 +0000 (13:56 +0100)]
fix Tools::df for big storage usage values

if the size/avail of a mount is bigger than a certain amount,
json_encode writes the number in scientific format, which was not
matched by our \d+ regex.

This then resulted in 'undef' values for the result hash and
subsequently led to errors and warnings.

Extend the regex to also match scientific formatted numbers,
perl can then use them as is, no need for any conversion.

https://forum.proxmox.com/threads/bug-in-pve-tools-df-when-adding-petabyte-scale-storage.60090/#post-277050

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoTools: add new mount api wrappers
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:14 +0000 (11:06 +0100)]
Tools: add new mount api wrappers

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agoadd missing 1; at the end of Syscall.pm
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:13 +0000 (11:06 +0100)]
add missing 1; at the end of Syscall.pm

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agoPVE::Syscall: add new mount api constants
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:12 +0000 (11:06 +0100)]
PVE::Syscall: add new mount api constants

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agotools: add AT_FDCWD and extend exports
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:11 +0000 (11:06 +0100)]
tools: add AT_FDCWD and extend exports

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agoProcFSTools: include ppid in read_proc_pid_stat
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:10 +0000 (11:06 +0100)]
ProcFSTools: include ppid in read_proc_pid_stat

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agobump version to 6.0-7
Thomas Lamprecht [Fri, 8 Nov 2019 11:48:36 +0000 (12:48 +0100)]
bump version to 6.0-7

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agocert: add fingerprint helper
Fabian Grünbichler [Wed, 6 Nov 2019 12:36:02 +0000 (13:36 +0100)]
cert: add fingerprint helper

for usage in pve-cluster's certificate cache.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2 months agonetwork: cleanup get_local_ip_from_cidr
Thomas Lamprecht [Fri, 8 Nov 2019 11:47:16 +0000 (12:47 +0100)]
network: cleanup get_local_ip_from_cidr

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoJSONSchema: add pve-tag format
Dominik Csapak [Thu, 3 Oct 2019 11:50:07 +0000 (13:50 +0200)]
JSONSchema: add pve-tag format

this will be used for vm/ct tag-lists, so that (config) management systems
or similar add additional information that does not reside in the
description

putting it here, since we want to eventually have it also for
nodes,storages,etc.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2 months agobump version to 6.0-6
Thomas Lamprecht [Tue, 29 Oct 2019 07:07:34 +0000 (08:07 +0100)]
bump version to 6.0-6

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agod/control: record breaks of pve-container (<< 3.0-9)
Thomas Lamprecht [Tue, 29 Oct 2019 06:28:52 +0000 (07:28 +0100)]
d/control: record breaks of pve-container (<< 3.0-9)

As we drop the arch translation part used by pve-container packages
in version 3.0-8 or older we need to break them, to avoid broken
newly created containers.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agofollowup: drop get_host_arch prototype
Thomas Lamprecht [Tue, 29 Oct 2019 06:15:40 +0000 (07:15 +0100)]
followup: drop get_host_arch prototype

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agotools: get_host_arch: return raw uname machine entry
Stefan Reiter [Mon, 28 Oct 2019 11:59:13 +0000 (12:59 +0100)]
tools: get_host_arch: return raw uname machine entry

The current version had only one user in LXC, so move the LXC-specific
code there to reuse this in QemuServer.

Also cache, since the host's architecture can't change during runtime.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2 months agoOTP: support v2 secret format
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:42 +0000 (12:20 +0100)]
OTP: support v2 secret format

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agoJSONSchema: add TFA-secret format; support longer secrets
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:40 +0000 (12:20 +0100)]
JSONSchema: add TFA-secret format; support longer secrets

The old format used 16 base32 chars or 40 hex digits. Since they have
a common subset it's hard to distinguish them without the our
previous length constraints, so prefix a 'v2-' of the format to
support arbitrary lengths properly.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agobump version to 6.0-5
Thomas Lamprecht [Fri, 20 Sep 2019 07:46:51 +0000 (09:46 +0200)]
bump version to 6.0-5

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoetc_network_interfaces : handle autostart for ovs
Alexandre Derumier [Fri, 20 Sep 2019 14:29:53 +0000 (16:29 +0200)]
etc_network_interfaces : handle autostart for ovs

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
4 months agonetwork: followup code cleanup
Thomas Lamprecht [Fri, 20 Sep 2019 07:42:05 +0000 (09:42 +0200)]
network: followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agonetwork_interfaces: use allow-ovs for OVSBridge
Alexandre Derumier [Fri, 20 Sep 2019 06:45:05 +0000 (08:45 +0200)]
network_interfaces: use allow-ovs for OVSBridge

new openvswitch-switch service use "ifup --allow-ovs",
and this race with "auto ..." used by networking service

bug reported here:
https://forum.proxmox.com/threads/so-is-openvswitch-bonding-just-broken-on-pve-6-whats-going-on.58020/

This is also fixing ovs with ifupdown2

Openvswitch github have a note about this:
https://github.com/openvswitch/ovs/commit/e0dfd67b456c8ea36cc2e2f23039a300dbbedfed#diff-555e6da95251766b76e83867900bd8fe

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
4 months agotree wide trailing whitespace cleanup
Thomas Lamprecht [Mon, 9 Sep 2019 14:42:03 +0000 (16:42 +0200)]
tree wide trailing whitespace cleanup

generated with:
 # find . -name '*.pm' -exec sed -i 's/\s\+$//' {} \;

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoetc_network_interfaces : add uplink-id option
Alexandre Derumier [Wed, 4 Sep 2019 07:47:51 +0000 (09:47 +0200)]
etc_network_interfaces : add uplink-id option

uplink-id is an integer

it's used to abstract the interface name (could be different on
differents hosts)
and map it to a transportzone.

uplink-id is only allowed on physical interfaces (bond,eth,vlan)
as it's used for traffic to external

example:

auto eth0
iface eth0 inet manual
        uplink-id 1

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
4 months agoadd postinst hook to fix /etc/aliases whitespace error
Thomas Lamprecht [Tue, 3 Sep 2019 11:06:18 +0000 (13:06 +0200)]
add postinst hook to fix /etc/aliases whitespace error

This was wrongly shipped by our ISO since quite a bit (AFAICT, at
least 4.x), so fix it up in a versioned postinst snippet.

Do so by usind sed with the following pattern:
 # sed -E -i -e 's/^www:(\w)/www: \1/' /etc/aliases
proposed by Musee Ullah[0]. It even catches a bit more than exactly
our misstep, may help if one copied this line, or added some other
addresses to this specific aliases entry.

Do this here, in pve-common, as it makes it sligthly simpler to roll
the change out to both, PVE and PMG.

[0]: https://pve.proxmox.com/pipermail/pve-user/2019-September/170998.html

Reported-by: Uwe Sauter <uwe.sauter.de@gmail.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoSectionConfig: Cleanup to make style consistent
Fabian Ebner [Wed, 28 Aug 2019 09:22:39 +0000 (11:22 +0200)]
SectionConfig: Cleanup to make style consistent

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
4 months agoFix 2339: Handle multiple blank lines correctly in SectionConfig
Fabian Ebner [Wed, 28 Aug 2019 09:22:38 +0000 (11:22 +0200)]
Fix 2339: Handle multiple blank lines correctly in SectionConfig

It turns out that the line number counting was also broken (even on
files without multiple blanks), since the body of the while inside
the nextline subroutine would not be executed for a blank.
I guess the subroutine was intended to skip comments and blanks, but
since we use blanks to recognize the end of a section, I changed it
to only skip comments.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
4 months agocli: prettify tables even more
Wolfgang Bumiller [Wed, 21 Aug 2019 12:33:46 +0000 (14:33 +0200)]
cli: prettify tables even more

Separate the header with a double line.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
5 months agobump version to 6.0-4
Thomas Lamprecht [Sat, 17 Aug 2019 09:31:53 +0000 (11:31 +0200)]
bump version to 6.0-4

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agotools: add fchownat syscall
Fabian Grünbichler [Wed, 24 Jul 2019 11:37:14 +0000 (13:37 +0200)]
tools: add fchownat syscall

and constant AT_EMPTY_PATH for chowning a directory/file opened via
openat(2), for example when walking/creating a directory tree without
following symlinks.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
5 months agoCLIHandler: consider valid prefixes for completion
Stoiko Ivanov [Tue, 30 Jul 2019 12:42:12 +0000 (14:42 +0200)]
CLIHandler: consider valid prefixes for completion

With the change introduced in 57c0d0c69c687f2dff876aa81369622d0ae0a841
completion of partial commands stopped working (e.g. typing qm res<TAB><TAB>
yields nothing instead of 'reset resize resume rescan')

By returning undef as 'ref' 'print_bash_completion' has no reference of the
available (sub) commands anymore.

By checking if the current argument is a valid prefix of a possible command,
and conditionally not setting the 'ref' hash to undef, the functionality is
restored.

Additionally a small whitespace glitch was fixed.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
5 months agoCLIHandler: remove spurious abort()
Stoiko Ivanov [Tue, 30 Jul 2019 12:42:11 +0000 (14:42 +0200)]
CLIHandler: remove spurious abort()

The abort currently cannot be reached, instead the error with the same
message (unknown command '$cmdstr') in handle_cmd is raised.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
5 months agofix #2303: detect IPs of p2p interfaces
Stefan Reiter [Mon, 29 Jul 2019 09:27:16 +0000 (11:27 +0200)]
fix #2303: detect IPs of p2p interfaces

"ip address show" prints:

    inet ADDR peer PEERADDR/32 scope global DEVICE

for pointtopoint interfaces. We're not interested in the netmask itself,
just make the Regex match.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
6 months agobuildsys: use dpkg-dev makefile helpers for pkg info
Thomas Lamprecht [Tue, 23 Jul 2019 07:32:29 +0000 (09:32 +0200)]
buildsys: use dpkg-dev makefile helpers for pkg info

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agobump version to 6.0-3
Thomas Lamprecht [Tue, 23 Jul 2019 07:15:34 +0000 (09:15 +0200)]
bump version to 6.0-3

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoarray_intersect: allow passing list of references for convenience
Thomas Lamprecht [Tue, 23 Jul 2019 07:12:51 +0000 (09:12 +0200)]
array_intersect: allow passing list of references for convenience

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoarray_intersect: followup: early exit if first empty intersection found
Thomas Lamprecht [Tue, 23 Jul 2019 07:04:00 +0000 (09:04 +0200)]
array_intersect: followup: early exit if first empty intersection found

no point in trying more

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agofollowup: code comments and small "cleanups"
Thomas Lamprecht [Tue, 23 Jul 2019 07:03:23 +0000 (09:03 +0200)]
followup: code comments and small "cleanups"

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agofollouwp: maker array_unique private for now
Thomas Lamprecht [Tue, 23 Jul 2019 06:50:11 +0000 (08:50 +0200)]
follouwp: maker array_unique private for now

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoAdd array_intersect and array_unique functions
Stefan Reiter [Wed, 17 Jul 2019 13:03:44 +0000 (15:03 +0200)]
Add array_intersect and array_unique functions

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
6 months agoInclude CPU flags in read_cpuinfo
Stefan Reiter [Wed, 17 Jul 2019 13:03:43 +0000 (15:03 +0200)]
Include CPU flags in read_cpuinfo

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
6 months agocert: add public key type & size to JSON schema
Alwin Antreich [Mon, 22 Jul 2019 15:11:38 +0000 (17:11 +0200)]
cert: add public key type & size to JSON schema

Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
6 months agocert: add public key type and size to info
Fabian Grünbichler [Mon, 22 Jul 2019 15:11:36 +0000 (17:11 +0200)]
cert: add public key type and size to info

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Co-Authored-By: Alwin Antreich <a.antreich@proxmox.com>
6 months agosection config: trailing whitespace cleanup
Thomas Lamprecht [Fri, 5 Jul 2019 14:32:57 +0000 (16:32 +0200)]
section config: trailing whitespace cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agobump version to 6.0-2
Thomas Lamprecht [Mon, 24 Jun 2019 15:16:57 +0000 (17:16 +0200)]
bump version to 6.0-2

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agouse hmac_sha256 when assembling csrf token
Oguz Bektas [Wed, 19 Jun 2019 07:39:32 +0000 (09:39 +0200)]
use hmac_sha256 when assembling csrf token

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
7 months agofollowup: fix quoting and comment
Thomas Lamprecht [Wed, 19 Jun 2019 10:29:29 +0000 (12:29 +0200)]
followup: fix quoting and comment

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agoadd fallback/new csrf token recognition
Oguz Bektas [Wed, 19 Jun 2019 07:39:31 +0000 (09:39 +0200)]
add fallback/new csrf token recognition

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
7 months agosystemd: add wait_for_unit_removed
Wolfgang Bumiller [Wed, 19 Jun 2019 07:21:23 +0000 (09:21 +0200)]
systemd: add wait_for_unit_removed

And split out the common code into a systemd_call() sub.

This connects to the systemd bus and waits for a UnitRemoved
event to occur for the specified unit, with an optional
timeout.

We'll use this in qemu-server to wait for a VM's scope to
disappear completely before trying to start a VM's scope
anew.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
7 months agobump version to 6.0-1
Thomas Lamprecht [Fri, 14 Jun 2019 18:30:47 +0000 (20:30 +0200)]
bump version to 6.0-1

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agoinotify: network/interfaces: fix 'Use of uninitialized value' for netmask
Thomas Lamprecht [Wed, 12 Jun 2019 10:01:08 +0000 (12:01 +0200)]
inotify: network/interfaces: fix 'Use of uninitialized value' for netmask

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agoprint defaulttxt as sprintf parameter
Dominik Csapak [Thu, 6 Jun 2019 09:03:56 +0000 (11:03 +0200)]
print defaulttxt as sprintf parameter

instead of having it verbatim in the format string.
This enables us to have '%' in the defaulttext without getting errors

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
7 months agofixup for the last version bump
Wolfgang Bumiller [Wed, 5 Jun 2019 07:11:10 +0000 (09:11 +0200)]
fixup for the last version bump

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
8 months agobump version to 6.0-0+2
Thomas Lamprecht [Thu, 23 May 2019 11:01:15 +0000 (13:01 +0200)]
bump version to 6.0-0+2

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoassemble_spice_ticket: ensure variable in interpolated string are correct
Thomas Lamprecht [Thu, 23 May 2019 10:52:18 +0000 (12:52 +0200)]
assemble_spice_ticket: ensure variable in interpolated string are correct

In older perl the following two where the same:

"$foo::$bar" == "${foo}::${bar}"

But in perl 5, version 28 it's not anymore,

"$foo::$bar" would be equivalent to "${foo::}${bar}", the double
colons are now not used as variable name boundary, so mark that
explicitly in the affected case and surrounding ones preventively

This fixes authentication with spice* related stuff again.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agobuildsys: change upload dist to buster
Thomas Lamprecht [Tue, 21 May 2019 12:10:03 +0000 (14:10 +0200)]
buildsys: change upload dist to buster

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agobump version for buster
Thomas Lamprecht [Tue, 21 May 2019 12:09:26 +0000 (14:09 +0200)]
bump version for buster

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agod/control: fix priority-extra-is-replaced-by-priority-optional
Thomas Lamprecht [Thu, 16 May 2019 15:12:51 +0000 (17:12 +0200)]
d/control: fix priority-extra-is-replaced-by-priority-optional

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agobump version to 5.0-52
Thomas Lamprecht [Wed, 15 May 2019 12:16:17 +0000 (14:16 +0200)]
bump version to 5.0-52

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoJSONSchema: sort keys when dumping config for stabillity
Thomas Lamprecht [Wed, 17 Apr 2019 06:56:23 +0000 (06:56 +0000)]
JSONSchema: sort keys when dumping config for stabillity

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agofollowup: use defined to check if a hash element can be accessed
Thomas Lamprecht [Wed, 15 May 2019 08:20:01 +0000 (10:20 +0200)]
followup: use defined to check if a hash element can be accessed

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoprevent autovivification of sectionconfig options
Dominik Csapak [Wed, 15 May 2019 08:03:50 +0000 (10:03 +0200)]
prevent autovivification of sectionconfig options

If, somehow, someone passes a config to check_config with keys set
that are not in the options for that type, this fixed check
lead to autovivification, meaning that any future calls to the same
worker had an additional option for that type which is not optional

this lead to a wrongfully deleting of entries when updating an entry of
a different type, since all entries of the original types suddenly
did not satisfy their required options and would not get parsed
by read_file anymore (thus missing when a successful write_file was done)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
8 months agoprint api res: always allow result to be undef if optional
Thomas Lamprecht [Mon, 13 May 2019 06:52:19 +0000 (06:52 +0000)]
print api res: always allow result to be undef if optional

If the return schema says that it's optionally returns something then
we want to allow returning nothing, i.e., undef

Co-developed-by: Dominic Jäger <d.jaeger@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agofollowup code cleanup
Thomas Lamprecht [Wed, 8 May 2019 15:36:14 +0000 (15:36 +0000)]
followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoINotify: map address/netmask to cidr while parsing interfaces
Dominik Csapak [Fri, 3 May 2019 07:28:51 +0000 (09:28 +0200)]
INotify: map address/netmask to cidr while parsing interfaces

this allows us to always show the 'address' the 'netmask' and the 'cidr'
both for ipv4 and ipv6

there is a small api change involved in one scenario:
if one manually changed the address to cidr format like
    '10.0.0.4/24'

we now get from the api the parsed values
    addr => 10.0.0.4
    netmask => 24
    cidr => 10.0.0.4/24

instead of
    addr => 10.0.0.4/24
    netmask =>

but i think that circumventing our api when writing the file, but still
relying on the api for reading is not a valid use case, i would argue
that we can change this, especially since we have a new field that
contains that information again (cidr)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
8 months agoJSONSchema: add get_netmask_bits and missing netmask
Dominik Csapak [Fri, 3 May 2019 07:28:50 +0000 (09:28 +0200)]
JSONSchema: add get_netmask_bits and missing netmask

so one can use the mapping from outside the module

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
9 months agobump version to 5.0-51
Thomas Lamprecht [Thu, 18 Apr 2019 11:08:32 +0000 (11:08 +0000)]
bump version to 5.0-51

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agoTools: add setresuid syscall
Stoiko Ivanov [Wed, 17 Apr 2019 08:51:36 +0000 (10:51 +0200)]
Tools: add setresuid syscall

See `man 2 setresuid`. The code was tested with small UIDs (109) and
one which does not fit into 16 bit (100000000), since I wasn't too
sure about the workings of setresuid vs. setresuid32 (see NOTES of
the manpage) - it worked with both.

Linux on amd64 has only a single setresuid, as it the 64 bit arch
came after the setresuid32 syscall, and thus it started with the
later one as single common one

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agofixup comments about RESTEnv access types
Thomas Lamprecht [Wed, 17 Apr 2019 09:06:32 +0000 (09:06 +0000)]
fixup comments about RESTEnv access types

were pretty outdated

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agobump version to 5.0-50
Thomas Lamprecht [Wed, 3 Apr 2019 11:54:39 +0000 (13:54 +0200)]
bump version to 5.0-50

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agoadd request host to RESTEnvironment
Wolfgang Bumiller [Tue, 2 Apr 2019 10:22:01 +0000 (12:22 +0200)]
add request host to RESTEnvironment

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
9 months agoadd u2f challenge accessors to RESTEnvironment
Wolfgang Bumiller [Tue, 2 Apr 2019 10:22:00 +0000 (12:22 +0200)]
add u2f challenge accessors to RESTEnvironment

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
9 months agoJSONSchema: fix units of bwlimit
Stoiko Ivanov [Mon, 1 Apr 2019 09:30:57 +0000 (11:30 +0200)]
JSONSchema: fix units of bwlimit

the description of bwlimit wrote MiB/s, the use in restore operation is KiB/s

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
10 months agobump version to 5.0-49
Thomas Lamprecht [Thu, 21 Mar 2019 11:56:58 +0000 (12:56 +0100)]
bump version to 5.0-49

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
10 months agoJSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies
Thomas Lamprecht [Thu, 21 Mar 2019 11:48:54 +0000 (12:48 +0100)]
JSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies

move it from qemu-server as it was also used in pve-container and
pve-manager (pvesr), while guest-commons AbstractConfig could be a
fit too, just move it here as all depending on this already use
JSONSchema and it just fits here...

Break respective qemu-server version

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>