pve-common.git
18 hours agofollowup: avoid very long line through comment moval master
Thomas Lamprecht [Tue, 12 Nov 2019 13:16:01 +0000 (14:16 +0100)]
followup: avoid very long line through comment moval

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
18 hours agofix Tools::df for big storage usage values
Dominik Csapak [Tue, 12 Nov 2019 12:56:20 +0000 (13:56 +0100)]
fix Tools::df for big storage usage values

if the size/avail of a mount is bigger than a certain amount,
json_encode writes the number in scientific format, which was not
matched by our \d+ regex.

This then resulted in 'undef' values for the result hash and
subsequently led to errors and warnings.

Extend the regex to also match scientific formatted numbers,
perl can then use them as is, no need for any conversion.

https://forum.proxmox.com/threads/bug-in-pve-tools-df-when-adding-petabyte-scale-storage.60090/#post-277050

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
39 hours agoTools: add new mount api wrappers
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:14 +0000 (11:06 +0100)]
Tools: add new mount api wrappers

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
39 hours agoadd missing 1; at the end of Syscall.pm
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:13 +0000 (11:06 +0100)]
add missing 1; at the end of Syscall.pm

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
39 hours agoPVE::Syscall: add new mount api constants
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:12 +0000 (11:06 +0100)]
PVE::Syscall: add new mount api constants

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
39 hours agotools: add AT_FDCWD and extend exports
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:11 +0000 (11:06 +0100)]
tools: add AT_FDCWD and extend exports

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
39 hours agoProcFSTools: include ppid in read_proc_pid_stat
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:10 +0000 (11:06 +0100)]
ProcFSTools: include ppid in read_proc_pid_stat

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 days agobump version to 6.0-7
Thomas Lamprecht [Fri, 8 Nov 2019 11:48:36 +0000 (12:48 +0100)]
bump version to 6.0-7

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 days agocert: add fingerprint helper
Fabian Grünbichler [Wed, 6 Nov 2019 12:36:02 +0000 (13:36 +0100)]
cert: add fingerprint helper

for usage in pve-cluster's certificate cache.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
4 days agonetwork: cleanup get_local_ip_from_cidr
Thomas Lamprecht [Fri, 8 Nov 2019 11:47:16 +0000 (12:47 +0100)]
network: cleanup get_local_ip_from_cidr

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoJSONSchema: add pve-tag format
Dominik Csapak [Thu, 3 Oct 2019 11:50:07 +0000 (13:50 +0200)]
JSONSchema: add pve-tag format

this will be used for vm/ct tag-lists, so that (config) management systems
or similar add additional information that does not reside in the
description

putting it here, since we want to eventually have it also for
nodes,storages,etc.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2 weeks agobump version to 6.0-6
Thomas Lamprecht [Tue, 29 Oct 2019 07:07:34 +0000 (08:07 +0100)]
bump version to 6.0-6

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agod/control: record breaks of pve-container (<< 3.0-9)
Thomas Lamprecht [Tue, 29 Oct 2019 06:28:52 +0000 (07:28 +0100)]
d/control: record breaks of pve-container (<< 3.0-9)

As we drop the arch translation part used by pve-container packages
in version 3.0-8 or older we need to break them, to avoid broken
newly created containers.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agofollowup: drop get_host_arch prototype
Thomas Lamprecht [Tue, 29 Oct 2019 06:15:40 +0000 (07:15 +0100)]
followup: drop get_host_arch prototype

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agotools: get_host_arch: return raw uname machine entry
Stefan Reiter [Mon, 28 Oct 2019 11:59:13 +0000 (12:59 +0100)]
tools: get_host_arch: return raw uname machine entry

The current version had only one user in LXC, so move the LXC-specific
code there to reuse this in QemuServer.

Also cache, since the host's architecture can't change during runtime.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2 weeks agoOTP: support v2 secret format
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:42 +0000 (12:20 +0100)]
OTP: support v2 secret format

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 weeks agoJSONSchema: add TFA-secret format; support longer secrets
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:40 +0000 (12:20 +0100)]
JSONSchema: add TFA-secret format; support longer secrets

The old format used 16 base32 chars or 40 hex digits. Since they have
a common subset it's hard to distinguish them without the our
previous length constraints, so prefix a 'v2-' of the format to
support arbitrary lengths properly.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 weeks agobump version to 6.0-5
Thomas Lamprecht [Fri, 20 Sep 2019 07:46:51 +0000 (09:46 +0200)]
bump version to 6.0-5

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 weeks agoetc_network_interfaces : handle autostart for ovs
Alexandre Derumier [Fri, 20 Sep 2019 14:29:53 +0000 (16:29 +0200)]
etc_network_interfaces : handle autostart for ovs

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
7 weeks agonetwork: followup code cleanup
Thomas Lamprecht [Fri, 20 Sep 2019 07:42:05 +0000 (09:42 +0200)]
network: followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 weeks agonetwork_interfaces: use allow-ovs for OVSBridge
Alexandre Derumier [Fri, 20 Sep 2019 06:45:05 +0000 (08:45 +0200)]
network_interfaces: use allow-ovs for OVSBridge

new openvswitch-switch service use "ifup --allow-ovs",
and this race with "auto ..." used by networking service

bug reported here:
https://forum.proxmox.com/threads/so-is-openvswitch-bonding-just-broken-on-pve-6-whats-going-on.58020/

This is also fixing ovs with ifupdown2

Openvswitch github have a note about this:
https://github.com/openvswitch/ovs/commit/e0dfd67b456c8ea36cc2e2f23039a300dbbedfed#diff-555e6da95251766b76e83867900bd8fe

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agotree wide trailing whitespace cleanup
Thomas Lamprecht [Mon, 9 Sep 2019 14:42:03 +0000 (16:42 +0200)]
tree wide trailing whitespace cleanup

generated with:
 # find . -name '*.pm' -exec sed -i 's/\s\+$//' {} \;

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoetc_network_interfaces : add uplink-id option
Alexandre Derumier [Wed, 4 Sep 2019 07:47:51 +0000 (09:47 +0200)]
etc_network_interfaces : add uplink-id option

uplink-id is an integer

it's used to abstract the interface name (could be different on
differents hosts)
and map it to a transportzone.

uplink-id is only allowed on physical interfaces (bond,eth,vlan)
as it's used for traffic to external

example:

auto eth0
iface eth0 inet manual
        uplink-id 1

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoadd postinst hook to fix /etc/aliases whitespace error
Thomas Lamprecht [Tue, 3 Sep 2019 11:06:18 +0000 (13:06 +0200)]
add postinst hook to fix /etc/aliases whitespace error

This was wrongly shipped by our ISO since quite a bit (AFAICT, at
least 4.x), so fix it up in a versioned postinst snippet.

Do so by usind sed with the following pattern:
 # sed -E -i -e 's/^www:(\w)/www: \1/' /etc/aliases
proposed by Musee Ullah[0]. It even catches a bit more than exactly
our misstep, may help if one copied this line, or added some other
addresses to this specific aliases entry.

Do this here, in pve-common, as it makes it sligthly simpler to roll
the change out to both, PVE and PMG.

[0]: https://pve.proxmox.com/pipermail/pve-user/2019-September/170998.html

Reported-by: Uwe Sauter <uwe.sauter.de@gmail.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoSectionConfig: Cleanup to make style consistent
Fabian Ebner [Wed, 28 Aug 2019 09:22:39 +0000 (11:22 +0200)]
SectionConfig: Cleanup to make style consistent

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
2 months agoFix 2339: Handle multiple blank lines correctly in SectionConfig
Fabian Ebner [Wed, 28 Aug 2019 09:22:38 +0000 (11:22 +0200)]
Fix 2339: Handle multiple blank lines correctly in SectionConfig

It turns out that the line number counting was also broken (even on
files without multiple blanks), since the body of the while inside
the nextline subroutine would not be executed for a blank.
I guess the subroutine was intended to skip comments and blanks, but
since we use blanks to recognize the end of a section, I changed it
to only skip comments.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
2 months agocli: prettify tables even more
Wolfgang Bumiller [Wed, 21 Aug 2019 12:33:46 +0000 (14:33 +0200)]
cli: prettify tables even more

Separate the header with a double line.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2 months agobump version to 6.0-4
Thomas Lamprecht [Sat, 17 Aug 2019 09:31:53 +0000 (11:31 +0200)]
bump version to 6.0-4

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agotools: add fchownat syscall
Fabian Grünbichler [Wed, 24 Jul 2019 11:37:14 +0000 (13:37 +0200)]
tools: add fchownat syscall

and constant AT_EMPTY_PATH for chowning a directory/file opened via
openat(2), for example when walking/creating a directory tree without
following symlinks.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2 months agoCLIHandler: consider valid prefixes for completion
Stoiko Ivanov [Tue, 30 Jul 2019 12:42:12 +0000 (14:42 +0200)]
CLIHandler: consider valid prefixes for completion

With the change introduced in 57c0d0c69c687f2dff876aa81369622d0ae0a841
completion of partial commands stopped working (e.g. typing qm res<TAB><TAB>
yields nothing instead of 'reset resize resume rescan')

By returning undef as 'ref' 'print_bash_completion' has no reference of the
available (sub) commands anymore.

By checking if the current argument is a valid prefix of a possible command,
and conditionally not setting the 'ref' hash to undef, the functionality is
restored.

Additionally a small whitespace glitch was fixed.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2 months agoCLIHandler: remove spurious abort()
Stoiko Ivanov [Tue, 30 Jul 2019 12:42:11 +0000 (14:42 +0200)]
CLIHandler: remove spurious abort()

The abort currently cannot be reached, instead the error with the same
message (unknown command '$cmdstr') in handle_cmd is raised.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
3 months agofix #2303: detect IPs of p2p interfaces
Stefan Reiter [Mon, 29 Jul 2019 09:27:16 +0000 (11:27 +0200)]
fix #2303: detect IPs of p2p interfaces

"ip address show" prints:

    inet ADDR peer PEERADDR/32 scope global DEVICE

for pointtopoint interfaces. We're not interested in the netmask itself,
just make the Regex match.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
3 months agobuildsys: use dpkg-dev makefile helpers for pkg info
Thomas Lamprecht [Tue, 23 Jul 2019 07:32:29 +0000 (09:32 +0200)]
buildsys: use dpkg-dev makefile helpers for pkg info

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agobump version to 6.0-3
Thomas Lamprecht [Tue, 23 Jul 2019 07:15:34 +0000 (09:15 +0200)]
bump version to 6.0-3

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agoarray_intersect: allow passing list of references for convenience
Thomas Lamprecht [Tue, 23 Jul 2019 07:12:51 +0000 (09:12 +0200)]
array_intersect: allow passing list of references for convenience

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agoarray_intersect: followup: early exit if first empty intersection found
Thomas Lamprecht [Tue, 23 Jul 2019 07:04:00 +0000 (09:04 +0200)]
array_intersect: followup: early exit if first empty intersection found

no point in trying more

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agofollowup: code comments and small "cleanups"
Thomas Lamprecht [Tue, 23 Jul 2019 07:03:23 +0000 (09:03 +0200)]
followup: code comments and small "cleanups"

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agofollouwp: maker array_unique private for now
Thomas Lamprecht [Tue, 23 Jul 2019 06:50:11 +0000 (08:50 +0200)]
follouwp: maker array_unique private for now

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agoAdd array_intersect and array_unique functions
Stefan Reiter [Wed, 17 Jul 2019 13:03:44 +0000 (15:03 +0200)]
Add array_intersect and array_unique functions

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
3 months agoInclude CPU flags in read_cpuinfo
Stefan Reiter [Wed, 17 Jul 2019 13:03:43 +0000 (15:03 +0200)]
Include CPU flags in read_cpuinfo

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
3 months agocert: add public key type & size to JSON schema
Alwin Antreich [Mon, 22 Jul 2019 15:11:38 +0000 (17:11 +0200)]
cert: add public key type & size to JSON schema

Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
3 months agocert: add public key type and size to info
Fabian Grünbichler [Mon, 22 Jul 2019 15:11:36 +0000 (17:11 +0200)]
cert: add public key type and size to info

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Co-Authored-By: Alwin Antreich <a.antreich@proxmox.com>
4 months agosection config: trailing whitespace cleanup
Thomas Lamprecht [Fri, 5 Jul 2019 14:32:57 +0000 (16:32 +0200)]
section config: trailing whitespace cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agobump version to 6.0-2
Thomas Lamprecht [Mon, 24 Jun 2019 15:16:57 +0000 (17:16 +0200)]
bump version to 6.0-2

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agouse hmac_sha256 when assembling csrf token
Oguz Bektas [Wed, 19 Jun 2019 07:39:32 +0000 (09:39 +0200)]
use hmac_sha256 when assembling csrf token

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
4 months agofollowup: fix quoting and comment
Thomas Lamprecht [Wed, 19 Jun 2019 10:29:29 +0000 (12:29 +0200)]
followup: fix quoting and comment

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoadd fallback/new csrf token recognition
Oguz Bektas [Wed, 19 Jun 2019 07:39:31 +0000 (09:39 +0200)]
add fallback/new csrf token recognition

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
4 months agosystemd: add wait_for_unit_removed
Wolfgang Bumiller [Wed, 19 Jun 2019 07:21:23 +0000 (09:21 +0200)]
systemd: add wait_for_unit_removed

And split out the common code into a systemd_call() sub.

This connects to the systemd bus and waits for a UnitRemoved
event to occur for the specified unit, with an optional
timeout.

We'll use this in qemu-server to wait for a VM's scope to
disappear completely before trying to start a VM's scope
anew.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agobump version to 6.0-1
Thomas Lamprecht [Fri, 14 Jun 2019 18:30:47 +0000 (20:30 +0200)]
bump version to 6.0-1

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoinotify: network/interfaces: fix 'Use of uninitialized value' for netmask
Thomas Lamprecht [Wed, 12 Jun 2019 10:01:08 +0000 (12:01 +0200)]
inotify: network/interfaces: fix 'Use of uninitialized value' for netmask

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoprint defaulttxt as sprintf parameter
Dominik Csapak [Thu, 6 Jun 2019 09:03:56 +0000 (11:03 +0200)]
print defaulttxt as sprintf parameter

instead of having it verbatim in the format string.
This enables us to have '%' in the defaulttext without getting errors

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
5 months agofixup for the last version bump
Wolfgang Bumiller [Wed, 5 Jun 2019 07:11:10 +0000 (09:11 +0200)]
fixup for the last version bump

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
5 months agobump version to 6.0-0+2
Thomas Lamprecht [Thu, 23 May 2019 11:01:15 +0000 (13:01 +0200)]
bump version to 6.0-0+2

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoassemble_spice_ticket: ensure variable in interpolated string are correct
Thomas Lamprecht [Thu, 23 May 2019 10:52:18 +0000 (12:52 +0200)]
assemble_spice_ticket: ensure variable in interpolated string are correct

In older perl the following two where the same:

"$foo::$bar" == "${foo}::${bar}"

But in perl 5, version 28 it's not anymore,

"$foo::$bar" would be equivalent to "${foo::}${bar}", the double
colons are now not used as variable name boundary, so mark that
explicitly in the affected case and surrounding ones preventively

This fixes authentication with spice* related stuff again.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agobuildsys: change upload dist to buster
Thomas Lamprecht [Tue, 21 May 2019 12:10:03 +0000 (14:10 +0200)]
buildsys: change upload dist to buster

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agobump version for buster
Thomas Lamprecht [Tue, 21 May 2019 12:09:26 +0000 (14:09 +0200)]
bump version for buster

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agod/control: fix priority-extra-is-replaced-by-priority-optional
Thomas Lamprecht [Thu, 16 May 2019 15:12:51 +0000 (17:12 +0200)]
d/control: fix priority-extra-is-replaced-by-priority-optional

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agobump version to 5.0-52
Thomas Lamprecht [Wed, 15 May 2019 12:16:17 +0000 (14:16 +0200)]
bump version to 5.0-52

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoJSONSchema: sort keys when dumping config for stabillity
Thomas Lamprecht [Wed, 17 Apr 2019 06:56:23 +0000 (06:56 +0000)]
JSONSchema: sort keys when dumping config for stabillity

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agofollowup: use defined to check if a hash element can be accessed
Thomas Lamprecht [Wed, 15 May 2019 08:20:01 +0000 (10:20 +0200)]
followup: use defined to check if a hash element can be accessed

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoprevent autovivification of sectionconfig options
Dominik Csapak [Wed, 15 May 2019 08:03:50 +0000 (10:03 +0200)]
prevent autovivification of sectionconfig options

If, somehow, someone passes a config to check_config with keys set
that are not in the options for that type, this fixed check
lead to autovivification, meaning that any future calls to the same
worker had an additional option for that type which is not optional

this lead to a wrongfully deleting of entries when updating an entry of
a different type, since all entries of the original types suddenly
did not satisfy their required options and would not get parsed
by read_file anymore (thus missing when a successful write_file was done)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
6 months agoprint api res: always allow result to be undef if optional
Thomas Lamprecht [Mon, 13 May 2019 06:52:19 +0000 (06:52 +0000)]
print api res: always allow result to be undef if optional

If the return schema says that it's optionally returns something then
we want to allow returning nothing, i.e., undef

Co-developed-by: Dominic Jäger <d.jaeger@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agofollowup code cleanup
Thomas Lamprecht [Wed, 8 May 2019 15:36:14 +0000 (15:36 +0000)]
followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoINotify: map address/netmask to cidr while parsing interfaces
Dominik Csapak [Fri, 3 May 2019 07:28:51 +0000 (09:28 +0200)]
INotify: map address/netmask to cidr while parsing interfaces

this allows us to always show the 'address' the 'netmask' and the 'cidr'
both for ipv4 and ipv6

there is a small api change involved in one scenario:
if one manually changed the address to cidr format like
    '10.0.0.4/24'

we now get from the api the parsed values
    addr => 10.0.0.4
    netmask => 24
    cidr => 10.0.0.4/24

instead of
    addr => 10.0.0.4/24
    netmask =>

but i think that circumventing our api when writing the file, but still
relying on the api for reading is not a valid use case, i would argue
that we can change this, especially since we have a new field that
contains that information again (cidr)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
6 months agoJSONSchema: add get_netmask_bits and missing netmask
Dominik Csapak [Fri, 3 May 2019 07:28:50 +0000 (09:28 +0200)]
JSONSchema: add get_netmask_bits and missing netmask

so one can use the mapping from outside the module

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
6 months agobump version to 5.0-51
Thomas Lamprecht [Thu, 18 Apr 2019 11:08:32 +0000 (11:08 +0000)]
bump version to 5.0-51

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoTools: add setresuid syscall
Stoiko Ivanov [Wed, 17 Apr 2019 08:51:36 +0000 (10:51 +0200)]
Tools: add setresuid syscall

See `man 2 setresuid`. The code was tested with small UIDs (109) and
one which does not fit into 16 bit (100000000), since I wasn't too
sure about the workings of setresuid vs. setresuid32 (see NOTES of
the manpage) - it worked with both.

Linux on amd64 has only a single setresuid, as it the 64 bit arch
came after the setresuid32 syscall, and thus it started with the
later one as single common one

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agofixup comments about RESTEnv access types
Thomas Lamprecht [Wed, 17 Apr 2019 09:06:32 +0000 (09:06 +0000)]
fixup comments about RESTEnv access types

were pretty outdated

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agobump version to 5.0-50
Thomas Lamprecht [Wed, 3 Apr 2019 11:54:39 +0000 (13:54 +0200)]
bump version to 5.0-50

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agoadd request host to RESTEnvironment
Wolfgang Bumiller [Tue, 2 Apr 2019 10:22:01 +0000 (12:22 +0200)]
add request host to RESTEnvironment

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
7 months agoadd u2f challenge accessors to RESTEnvironment
Wolfgang Bumiller [Tue, 2 Apr 2019 10:22:00 +0000 (12:22 +0200)]
add u2f challenge accessors to RESTEnvironment

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
7 months agoJSONSchema: fix units of bwlimit
Stoiko Ivanov [Mon, 1 Apr 2019 09:30:57 +0000 (11:30 +0200)]
JSONSchema: fix units of bwlimit

the description of bwlimit wrote MiB/s, the use in restore operation is KiB/s

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
7 months agobump version to 5.0-49
Thomas Lamprecht [Thu, 21 Mar 2019 11:56:58 +0000 (12:56 +0100)]
bump version to 5.0-49

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
7 months agoJSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies
Thomas Lamprecht [Thu, 21 Mar 2019 11:48:54 +0000 (12:48 +0100)]
JSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies

move it from qemu-server as it was also used in pve-container and
pve-manager (pvesr), while guest-commons AbstractConfig could be a
fit too, just move it here as all depending on this already use
JSONSchema and it just fits here...

Break respective qemu-server version

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agobump version to 5.0-48
Thomas Lamprecht [Thu, 14 Mar 2019 08:52:22 +0000 (09:52 +0100)]
bump version to 5.0-48

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agofollowup: add verbose_description to new mac-addr standard option
Thomas Lamprecht [Thu, 14 Mar 2019 08:49:54 +0000 (09:49 +0100)]
followup: add verbose_description to new mac-addr standard option

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoJSONSchema: Adapt MAC address format to unicast
Stoiko Ivanov [Tue, 12 Mar 2019 15:07:41 +0000 (16:07 +0100)]
JSONSchema: Adapt MAC address format to unicast

MAC-addresses having the LSB of the first octet set, are considered
multicast-addresses (see [0,1]).

the 'mac-addr' format got changed to only permit unicast addresses, which should
work for its current use-case (WOL for nodes).
additionally a default option was registered via register_standard_option to be
used in both PVE::LXC::Config and PVE::QemuServer.

[0] https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html
[1] https://en.wikipedia.org/wiki/MAC_address

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
8 months agofix #2111: regex match for email addresses
Oguz Bektas [Thu, 28 Feb 2019 14:00:04 +0000 (15:00 +0100)]
fix #2111: regex match for email addresses

now allows:
* addresses without tld (f.e. user@localhost per bug)
* remove limits for number of subdomains
* allow +, -, ~ in local part
* disallow double dots (.. .a. etc) and dots in the end (abc.@mail.com)

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Dominik Csapak <d.csapak@proxmox.com>
8 months agobump version to 5.0-47
Thomas Lamprecht [Wed, 20 Feb 2019 11:24:19 +0000 (12:24 +0100)]
bump version to 5.0-47

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
8 months agoFix 1891: Add zsh command completion generator
Christian Ebner [Wed, 20 Feb 2019 10:59:14 +0000 (11:59 +0100)]
Fix 1891: Add zsh command completion generator

This adds the function needed to generate the zsh autocompletion scripts.
Using the bash completion code path, this generates the list of possible
completions and adds them to the zsh completion by compadd.
For the autocompletion scripts to be loaded automatically, the following two
lines have to be placed in the .zshrc:

autoload -U compinit
compinit

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
8 months agopartially fix #2023: Switch to https for yubico.com API
Rhonda D'Vine [Mon, 18 Feb 2019 10:59:17 +0000 (11:59 +0100)]
partially fix #2023: Switch to https for yubico.com API

Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agobump version to 5.0-46
Wolfgang Bumiller [Mon, 11 Feb 2019 09:55:27 +0000 (10:55 +0100)]
bump version to 5.0-46

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
9 months agod/control: add missing dependencies
Fabian Grünbichler [Fri, 8 Feb 2019 20:57:07 +0000 (21:57 +0100)]
d/control: add missing dependencies

used by the ACME standalone challenge.

these were previously already depended on by pve-manager, where they were
recently removed - exposing the fact they are in fact required by
libpve-common-perl.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
9 months agobump version to 5.0-45
Thomas Lamprecht [Mon, 4 Feb 2019 10:46:08 +0000 (11:46 +0100)]
bump version to 5.0-45

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agotools: add dev_t_major/minor
Wolfgang Bumiller [Mon, 4 Feb 2019 09:42:03 +0000 (10:42 +0100)]
tools: add dev_t_major/minor

Extract major/minor from `dev_t` values as found in stat()
calls, with support for the full 32 bit values.

The device value returned by stat() is 32 bits long and encoded as
high 12 bit of the minor value as in the 12 MSBs, 12 bit major value,
then the low 8 bit of the minor value in the low byte.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
9 months agoTools: add fsync sycall
Thomas Lamprecht [Wed, 30 Jan 2019 16:17:14 +0000 (17:17 +0100)]
Tools: add fsync sycall

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agobump version to 5.0-44
Thomas Lamprecht [Tue, 22 Jan 2019 10:56:40 +0000 (11:56 +0100)]
bump version to 5.0-44

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
9 months agoJSONSchema: Add format for MAC address verification
Christian Ebner [Tue, 22 Jan 2019 10:01:39 +0000 (11:01 +0100)]
JSONSchema: Add format for MAC address verification

Adds a format to verify MAC addresses to JSONSchema.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
10 months agofix defaults for standard_output_options
Oguz Bektas [Fri, 4 Jan 2019 11:39:19 +0000 (12:39 +0100)]
fix defaults for standard_output_options

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
10 months agoadd builddeps in readme for qemu
Oguz Bektas [Mon, 7 Jan 2019 10:43:55 +0000 (11:43 +0100)]
add builddeps in readme for qemu

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
10 months agoFixup testcases for the previous commit
Wolfgang Bumiller [Thu, 3 Jan 2019 08:05:46 +0000 (09:05 +0100)]
Fixup testcases for the previous commit

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
10 months agoINotify: fix wording in networkdoc
Tim Marx [Tue, 4 Dec 2018 09:56:19 +0000 (10:56 +0100)]
INotify: fix wording in networkdoc

Signed-off-by: Tim Marx <t.marx@proxmox.com>
11 months agoupdate builddeps in readme
Oguz Bektas [Thu, 29 Nov 2018 08:40:35 +0000 (09:40 +0100)]
update builddeps in readme

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
11 months agoSysFSTools: add return format comments
Dominik Csapak [Fri, 23 Nov 2018 13:50:11 +0000 (14:50 +0100)]
SysFSTools: add return format comments

for lspci and get_mdev_types

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
11 months agobump version to 5.0-43
Thomas Lamprecht [Thu, 22 Nov 2018 10:19:23 +0000 (11:19 +0100)]
bump version to 5.0-43

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
11 months agobreak qemu-server << 5.0-42
Thomas Lamprecht [Thu, 22 Nov 2018 10:18:25 +0000 (11:18 +0100)]
break qemu-server << 5.0-42

changed the lspci return format

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
11 months agoSysFSTools.pm: improve and extend lspci
Dominik Csapak [Tue, 20 Nov 2018 16:13:38 +0000 (17:13 +0100)]
SysFSTools.pm: improve and extend lspci

this implements following improvements and optimizations for lspci

* removes the unecessary split between id and function
  since everywhere we need that information, we stitch them together
  anyway. to preserve ordering, simply order by id with string
  comparison 'cmp' (this is important for the shorthand syntax '00:01' in
  the config)
* returns now a list directly, instead of an hash with lists
* returns now always the vendor/device id and class[1]
* filter is now either a string (matches the id partially), or a
  sub, which filters the device out if it returns a falsy value
* adds a verbose flag to include more information about the device,
  such as device/vendor name, iommu-group, mdev support, etc.
  this will be used for the pci scan api call for the gui

1: https://pci-ids.ucw.cz/read/PD/

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
11 months agoSysFSTools.pm: add mediated devices subs
Dominik Csapak [Tue, 20 Nov 2018 16:13:37 +0000 (17:13 +0100)]
SysFSTools.pm: add mediated devices subs

adds helpers for listing/creating/removing mediated devices

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
11 months agoNetwork : veth pair : fix mtu
Alexandre Derumier [Wed, 21 Nov 2018 16:34:29 +0000 (17:34 +0100)]
Network : veth pair : fix mtu

The ip link set command which create the veth pair is not setting mtu on both peers

example:
vm 106 is on a bridge with mtu 9000

222: tap160i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast master fwbr160i1 state UNKNOWN group default qlen 1000
223: fwbr160i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
224: fwpr160p1@fwln160i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default qlen 1000
225: fwln160i1@fwpr160p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000

fwpr160p1@fwln160i1 is correctly created with mtu 9000
but
fwln160i1@fwpr160p1 is created with mtu 1500.
(and then vmbr106i1 is lowered to 1500 too).

This is doing network problem, as tap160i1 is mtu9000.

After this patch:

222: tap160i1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 9000 qdisc pfifo_fast master fwbr160i1 state UNKNOWN group default qlen 1000
223: fwbr160i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default qlen 1000
224: fwpr160p1@fwln160i1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default qlen 1000
225: fwln160i1@fwpr160p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default qlen 1000

11 months agoTools.pm: do not ignore "0" in split_list
Dominik Csapak [Tue, 20 Nov 2018 11:45:15 +0000 (12:45 +0100)]
Tools.pm: do not ignore "0" in split_list

giving split_list the string "0" would actually return
an empty list instead of a list with the element "0"

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>