pve-common.git
26 hours agocpuset: cgroupv2 support master
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:35 +0000 (16:30 +0200)]
cpuset: cgroupv2 support

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
26 hours agocpuset: further factorization
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:34 +0000 (16:30 +0200)]
cpuset: further factorization

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
26 hours agocpuset: replace 'kind' with an 'effective' boolean
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:33 +0000 (16:30 +0200)]
cpuset: replace 'kind' with an 'effective' boolean

All of our users of this function currently either pass
'effective_cpus' or nothing (undef), and in cgroupv2 the
effective-cpuset file uses a different naming scheme.

Since this is only a distinction between "intended" and
"effective", use this as a boolean instead, for easier
future cgroupv2 support.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
26 hours agocpuset: cleanup/refactor
Wolfgang Bumiller [Mon, 30 Mar 2020 14:30:32 +0000 (16:30 +0200)]
cpuset: cleanup/refactor

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
10 days agobump version to 6.0-18
Thomas Lamprecht [Sat, 21 Mar 2020 15:49:51 +0000 (16:49 +0100)]
bump version to 6.0-18

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
12 days agoldap: add optional classes to query_users
Dominik Csapak [Fri, 13 Mar 2020 12:18:43 +0000 (13:18 +0100)]
ldap: add optional classes to query_users

and filter by it

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
12 days agoldap: optionally save group name by attribute
Dominik Csapak [Fri, 13 Mar 2020 12:18:42 +0000 (13:18 +0100)]
ldap: optionally save group name by attribute

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2 weeks agobump version to 6.0-17
Thomas Lamprecht [Fri, 13 Mar 2020 11:25:03 +0000 (12:25 +0100)]
bump version to 6.0-17

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agot.list-interfaces.pl: add cidr address test
Alexandre Derumier [Fri, 13 Mar 2020 10:48:11 +0000 (11:48 +0100)]
t.list-interfaces.pl: add cidr address test

also reuse wanted values

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoinotify/interfaces: fallback to cidr for address on write
Thomas Lamprecht [Fri, 13 Mar 2020 10:36:31 +0000 (11:36 +0100)]
inotify/interfaces: fallback to cidr for address on write

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoinotify/interfaces: ensure cidr, address and netmask are set correctly
Thomas Lamprecht [Fri, 13 Mar 2020 10:14:55 +0000 (11:14 +0100)]
inotify/interfaces: ensure cidr, address and netmask are set correctly

This should bring back compatibillity in the read site and one for
all clears that cidr is cidr, netmask is mask and address is address
(outgoing).

We're still very flexible on what can be written out.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agotest: list ifaces: fix indentation of expected structure
Thomas Lamprecht [Fri, 13 Mar 2020 10:07:17 +0000 (11:07 +0100)]
test: list ifaces: fix indentation of expected structure

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoINotify: sort and spli module usage
Thomas Lamprecht [Fri, 13 Mar 2020 10:04:46 +0000 (11:04 +0100)]
INotify: sort and spli module usage

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoruntest: clone config before passing to write to avoid side effects
Thomas Lamprecht [Fri, 13 Mar 2020 10:01:01 +0000 (11:01 +0100)]
runtest: clone config before passing to write to avoid side effects

write changes some parts of the config, if this is a reference to the
config used for checking parsing it may lead to unexpected failures
due to those side effects..

For me it was "cidr" and "cidr6" getting deleted, and thus upcomming
tests for a compat change failing without any apparent reason.. :/

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agobump version to 6.0-16
Thomas Lamprecht [Thu, 12 Mar 2020 15:15:21 +0000 (16:15 +0100)]
bump version to 6.0-16

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 weeks agoinotify: fix compatibillity with address + netmask separate passed
Thomas Lamprecht [Thu, 12 Mar 2020 14:21:55 +0000 (15:21 +0100)]
inotify: fix compatibillity with address + netmask separate passed

fixes commit 78c6656c9aba1d57786f916717c2622a3059fb6 which dropped
writing out the netmask but missed to add compat code for the case
where the caller did not suplly a address in CIDR format already.

Check if an address ends with /\d+, if not see if a netmask is
available and add that similar how it gets handled on read.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-By: Stoiko Ivanov <s.ivanov@proxmox.com>
Tested-By: Stoiko Ivanov <s.ivanov@proxmox.com>
2 weeks agoinotify: indentation fix
Thomas Lamprecht [Thu, 12 Mar 2020 14:21:15 +0000 (15:21 +0100)]
inotify: indentation fix

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agobump version to 6.0-15
Thomas Lamprecht [Mon, 9 Mar 2020 16:02:16 +0000 (17:02 +0100)]
bump version to 6.0-15

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoLDAP: fix missing newline in error message
Thomas Lamprecht [Mon, 9 Mar 2020 16:29:37 +0000 (17:29 +0100)]
LDAP: fix missing newline in error message

seems like LDAP->new doesn't adds it, so we get the ". at
/path/to/module.pm line xy" ugly error

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agod/control: break pmg-api (<< 6.1-7)
Thomas Lamprecht [Mon, 9 Mar 2020 15:59:44 +0000 (16:59 +0100)]
d/control: break pmg-api (<< 6.1-7)

as we now register the ldap-simple-attr' format, and double
registrations result in exceptions.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoadd ldap-simple-attr from pmg
Dominik Csapak [Fri, 6 Mar 2020 10:05:36 +0000 (11:05 +0100)]
add ldap-simple-attr from pmg

we also need it in pve

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
3 weeks agoRESTHandler getopt_usage: schema properties can be undef
Thomas Lamprecht [Mon, 9 Mar 2020 11:24:07 +0000 (12:24 +0100)]
RESTHandler getopt_usage: schema properties can be undef

While seldom some of our API endpoints do not define it, e.g., the
world readable /access/ticket call.

As all of the stack can cope with that just fine make getopt_usage
also follow that behavior and don't assume that properties has to be
defined.

This fixes a complaint about undefined value use in the following
calls:
 pvesh usage /access/ticket
 pmgsh help /access

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoinotify: read interfaces: avoid uninitialized value access
Thomas Lamprecht [Mon, 9 Mar 2020 10:28:21 +0000 (11:28 +0100)]
inotify: read interfaces: avoid uninitialized value access

check if 'ovs_type' is defined first

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoRevert "Network: tap_create|plug : sdn : use bridge_vlan"
Thomas Lamprecht [Mon, 9 Mar 2020 06:32:06 +0000 (07:32 +0100)]
Revert "Network: tap_create|plug : sdn : use bridge_vlan"

With revert "network: followup: move graceful require SDN out from
subs" squashed.

This reverts commit c02d6d1c96a97cbdfb47d0ff28bca833bce2f91a.
This reverts commit 35f2791ffa3f855c8f24a10f1f09f1262e3d9fab.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agobump version to 6.0-14
Thomas Lamprecht [Sat, 7 Mar 2020 16:51:19 +0000 (17:51 +0100)]
bump version to 6.0-14

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agonetwork: followup: move graceful require SDN out from subs
Thomas Lamprecht [Sat, 7 Mar 2020 17:09:15 +0000 (18:09 +0100)]
network: followup: move graceful require SDN out from subs

As "require" is evaluated on module load only once,  we either have
it or not, so move it to the top to avoid code duplication

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoNetwork: tap_create|plug : sdn : use bridge_vlan
Alexandre Derumier [Mon, 10 Feb 2020 16:26:47 +0000 (17:26 +0100)]
Network: tap_create|plug : sdn : use bridge_vlan

find correct bridge/vlan from vnet config

3 weeks agod/control: record break of older ifupdown2
Thomas Lamprecht [Sat, 7 Mar 2020 17:01:13 +0000 (18:01 +0100)]
d/control: record break of older ifupdown2

If ifupdown2 is installed we really want to have it synced with this
version, also with OVS (ifupdown2 handles that break) - this is part
of the version barrier.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoINotify : fix OVSBond && OvsintPort order + tests
Alexandre Derumier [Tue, 18 Feb 2020 05:33:46 +0000 (06:33 +0100)]
INotify : fix OVSBond && OvsintPort order + tests

OVSBond was missing
OvsintPort under ethx interfaces

3 weeks agoINotify: fix unknown for unknown ovs_type
Alexandre Derumier [Tue, 18 Feb 2020 05:33:47 +0000 (06:33 +0100)]
INotify: fix unknown for unknown ovs_type

if user defined manually ovs_type OVSTunnel or OVSPatchPort,
the type is empty.

set type=unknown first to avoid this kind of mistake

3 weeks agoINotify: detect ifupdown2 from executable not path
Alexandre Derumier [Fri, 21 Feb 2020 09:28:12 +0000 (10:28 +0100)]
INotify: detect ifupdown2 from executable not path

Seem than addons.conf file is not removed on "apt remove ifupdown2",
so /usr/share/ifupdown2 is not removed too.

3 weeks agoINotify: use auto for ovs interfaces with ifupdown2
Alexandre Derumier [Fri, 21 Feb 2020 09:28:11 +0000 (10:28 +0100)]
INotify: use auto for ovs interfaces with ifupdown2

Need the ifupdown2 openvswitch addon !

3 weeks agobump version to 6.0-13
Thomas Lamprecht [Wed, 4 Mar 2020 14:44:18 +0000 (15:44 +0100)]
bump version to 6.0-13

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoadd LDAP Wrapper code
Dominik Csapak [Thu, 20 Feb 2020 15:20:00 +0000 (16:20 +0100)]
add LDAP Wrapper code

This will be used for PMG and PVE LDAP Authentication & Sync.
The code is largely copied/inspired by the already existing LDAP code in
PVEs AccessControl and PMGs LDAPCache

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
3 weeks agofix #2618: increase maximum port for spice to 61999
Dominik Csapak [Tue, 3 Mar 2020 09:47:30 +0000 (10:47 +0100)]
fix #2618: increase maximum port for spice to 61999

and expose the range in its own sub to reuse it in http-server

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
3 weeks agofollowup cleanup and fix missing semicolon
Thomas Lamprecht [Wed, 4 Mar 2020 14:11:35 +0000 (15:11 +0100)]
followup cleanup and fix missing semicolon

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 weeks agoremove extra space after address && gateway options
Alexandre Derumier [Thu, 20 Feb 2020 11:55:19 +0000 (12:55 +0100)]
remove extra space after address && gateway options

only 1 space like all others options

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
3 weeks agoINotify: use cidr for address on config change
Alexandre Derumier [Thu, 20 Feb 2020 11:55:18 +0000 (12:55 +0100)]
INotify: use cidr for address on config change

netmask/broadcast options are deprecated since buster
https://manpages.debian.org/buster/ifupdown/interfaces.5.en.html

This still read both "old address/netmask" or "address cidr" format,
but always convert it to cidr address format

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
5 weeks agoget_ip_from_hostname: check all address we get from getaddrinfo_all for non-local IP
Thomas Lamprecht [Fri, 21 Feb 2020 12:49:18 +0000 (13:49 +0100)]
get_ip_from_hostname: check all address we get from getaddrinfo_all for non-local IP

This was limited without reason to checking only the first IP we get
returned from getaddrinfo_all, but we can have multiple IPs for a
hostname, and possible one of them is local but another not, so check
all and only die if no non-local address at all got found.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 weeks agozsh-completion: Add missing flag to compadd
Christian Ebner [Thu, 20 Feb 2020 15:33:07 +0000 (16:33 +0100)]
zsh-completion: Add missing flag to compadd

This fixes an issue with zsh completion where certain words were not added to the
list of matches, but incorrectly interpreted as flags or options.

By passing the "--" flag, compadd is notified that all following arguments should
be considered for completion and not interpreted as flags or options for compadd.

Details can be found in the compadd documentation:
http://zsh.sourceforge.net/Doc/Release/Completion-Widgets.html#Completion-Builtin-Commands

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
7 weeks agoINotify : check_bridge : fix bridge-ports with vlan tagged interface
Alexandre Derumier [Fri, 7 Feb 2020 11:40:28 +0000 (12:40 +0100)]
INotify : check_bridge : fix bridge-ports with vlan tagged interface

Currently with strip vlan tag, that's wrong because
mtu && others check are done the main interface.

7 weeks agoINotify: check bridge ip: add missing check if method is not defined
Alexandre Derumier [Fri, 7 Feb 2020 11:40:27 +0000 (12:40 +0100)]
INotify: check bridge ip: add missing check if method is not defined

7 weeks agoINotify: fix mtu check && add test
Alexandre Derumier [Fri, 7 Feb 2020 11:40:26 +0000 (12:40 +0100)]
INotify: fix mtu check && add test

reverse the parent-child. (bridge-port is the parent)

2 months agobump version to 6.0-12
Thomas Lamprecht [Fri, 31 Jan 2020 09:33:14 +0000 (10:33 +0100)]
bump version to 6.0-12

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agosystemd: add un-/escape_unit helpers
Thomas Lamprecht [Fri, 31 Jan 2020 09:24:24 +0000 (10:24 +0100)]
systemd: add un-/escape_unit helpers

moved from pve-storage, we need to reuse it in another module there,
as it's a general method lets just move it here already.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoprocfs: add check_kernel_release
Thomas Lamprecht [Fri, 31 Jan 2020 09:22:21 +0000 (10:22 +0100)]
procfs: add check_kernel_release

adapted from Wolfgan's patch[0] for a pve-container feature check, as
this is a general check let's move it here.

[0]: https://pve.proxmox.com/pipermail/pve-devel/2020-January/041477.html

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agobump version to 6.0-11
Thomas Lamprecht [Tue, 28 Jan 2020 10:33:07 +0000 (11:33 +0100)]
bump version to 6.0-11

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoAPI schema: add 'allowtoken' property
Fabian Grünbichler [Tue, 21 Jan 2020 12:53:56 +0000 (13:53 +0100)]
API schema: add 'allowtoken' property

to mark which API methods should be available to clients authenticated using an API token.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2 months agotests: unknown interfaces order: rename vlan interfaces to unknown
Alexandre Derumier [Sat, 25 Jan 2020 09:27:04 +0000 (10:27 +0100)]
tests: unknown interfaces order: rename vlan interfaces to unknown

vlan(X) interfaces are not unknown anymore
use generic name instead

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoINotify: improve vlan interface parsing
Alexandre Derumier [Sat, 25 Jan 2020 09:27:03 +0000 (10:27 +0100)]
INotify: improve vlan interface parsing

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoAdd build dependency libtest-mockmodule-perl
Moayad [Mon, 20 Jan 2020 14:26:43 +0000 (15:26 +0100)]
Add build dependency libtest-mockmodule-perl

Signed-off-by: Moayad Almalat <m.almalat@proxmox.com>
2 months agoACME: comment fixup some POST to GET-as-POST
Thomas Lamprecht [Wed, 15 Jan 2020 13:28:51 +0000 (14:28 +0100)]
ACME: comment fixup some POST to GET-as-POST

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoACME: Change authorization call
Wolfgang Link [Wed, 15 Jan 2020 12:07:44 +0000 (13:07 +0100)]
ACME: Change authorization call

As Let's Encrypt will no more allow GET calls[0], we have to change
to GET-as-POST[1] requests.

[0]: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380/4
[1]: https://tools.ietf.org/html/rfc8555#section-6.3

Signed-off-by: Wolfgang Link <w.link@proxmox.com>
[ Thomas: Add ACME tag and reference GET-as-POST[1] ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agobump version to 6.0-10
Thomas Lamprecht [Mon, 13 Jan 2020 16:52:07 +0000 (17:52 +0100)]
bump version to 6.0-10

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agocerts: generate_csr: allow to set CN explicit
Thomas Lamprecht [Mon, 13 Jan 2020 16:25:10 +0000 (17:25 +0100)]
certs: generate_csr: allow to set CN explicit

Else, when used with ACME, the SAN is always sorted so we always get
the Subject Alternative Name sorting alphabetically first, which
doesn't necessarily has to be the "primary" domain. While this is
rather cosmetically (all SANs are equal) it could still result it
flapping CN when SANs and thus possibly the order changes, e.g., in
our CDN mirror pool. It also doesn't costs anything to allow control
over this, so why not..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agofollowup code cleanup
Thomas Lamprecht [Sat, 11 Jan 2020 15:15:02 +0000 (16:15 +0100)]
followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agofollowup trailing whitespace fixes
Thomas Lamprecht [Sat, 11 Jan 2020 15:12:33 +0000 (16:12 +0100)]
followup trailing whitespace fixes

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agoINotify: network : add ovs_mtu option
Alexandre Derumier [Thu, 9 Jan 2020 13:11:03 +0000 (14:11 +0100)]
INotify: network : add ovs_mtu option

This is also rewriting any "mtu" option on a ovs interface
to "ovs_mtu"

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoINotify: add bond-primary option
Alexandre Derumier [Thu, 9 Jan 2020 13:11:02 +0000 (14:11 +0100)]
INotify: add bond-primary option

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoINotify: allow vlan tagged bridge interface on non-vlanaware bridge
Alexandre Derumier [Thu, 9 Jan 2020 13:11:01 +0000 (14:11 +0100)]
INotify: allow vlan tagged bridge interface on non-vlanaware bridge

Seem that it's working too with non-vlanaware bridge

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoInotify: forbid ip address on bridged interface.
Alexandre Derumier [Thu, 9 Jan 2020 13:11:00 +0000 (14:11 +0100)]
Inotify: forbid ip address on bridged interface.

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoINotify: remove allow-hotplug from /etc/network/interfaces
Alexandre Derumier [Tue, 7 Jan 2020 00:59:17 +0000 (01:59 +0100)]
INotify: remove allow-hotplug from /etc/network/interfaces

for user installing proxmox on top of debian,
debian install by default the first nic with allow-hotplug.

This is conflicting with "auto ...", but worst with ovs "allow-ovs ...".

User have reported race with ovs, where ovs vmbr was up before the nic.
https://forum.proxmox.com/threads/no-network-on-server-unless-i-ifdown-ifup-vmbr0.62733/

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2 months agoREST Handler: check for value defindness when untainting
Thomas Lamprecht [Wed, 8 Jan 2020 09:32:12 +0000 (10:32 +0100)]
REST Handler: check for value defindness when untainting

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2 months agosort module usage + some newlines for readabilty
Thomas Lamprecht [Wed, 8 Jan 2020 09:31:39 +0000 (10:31 +0100)]
sort module usage + some newlines for readabilty

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agogrammar fix: s/does not exists/does not exist/g
Thomas Lamprecht [Fri, 13 Dec 2019 11:05:54 +0000 (12:05 +0100)]
grammar fix: s/does not exists/does not exist/g

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
3 months agoREADME.dev: drop apt-transport-https
Thomas Lamprecht [Wed, 4 Dec 2019 09:19:12 +0000 (10:19 +0100)]
README.dev: drop apt-transport-https

since apt 1.5 this is not required anymore

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agobump version to 6.0-9
Thomas Lamprecht [Sat, 23 Nov 2019 15:15:14 +0000 (16:15 +0100)]
bump version to 6.0-9

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoProcFSTools: add kernel_version
Thomas Lamprecht [Sat, 23 Nov 2019 11:15:59 +0000 (12:15 +0100)]
ProcFSTools: add kernel_version

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agotests: allow to make tests in parallel
Thomas Lamprecht [Sat, 23 Nov 2019 11:14:19 +0000 (12:14 +0100)]
tests: allow to make tests in parallel

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agobe a bit more specific about not using this big list
Thomas Lamprecht [Sat, 23 Nov 2019 09:30:22 +0000 (10:30 +0100)]
be a bit more specific about not using this big list

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoremove corosync-dev from build deps
Thomas Lamprecht [Sat, 23 Nov 2019 09:20:26 +0000 (10:20 +0100)]
remove corosync-dev from build deps

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoCLIHandler: record missing JSONSchema usage
Thomas Lamprecht [Fri, 22 Nov 2019 18:30:17 +0000 (19:30 +0100)]
CLIHandler: record missing JSONSchema usage

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agobump version to 6.0-8
Thomas Lamprecht [Wed, 20 Nov 2019 17:43:15 +0000 (18:43 +0100)]
bump version to 6.0-8

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoSysFSTools: do not assume pci domain 0000
Dominik Csapak [Tue, 12 Nov 2019 13:23:02 +0000 (14:23 +0100)]
SysFSTools: do not assume pci domain 0000

but prepend '0000' to ids where no domain is given, to keep the ability
to use the shorthand syntax (e.g. 00:01.0 instead of 0000:00:01.0)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
4 months agoavoid cyclic reference in closure
Wolfgang Bumiller [Tue, 19 Nov 2019 08:49:07 +0000 (09:49 +0100)]
avoid cyclic reference in closure

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agosection config: remove Data::Dumper usage
Thomas Lamprecht [Mon, 18 Nov 2019 14:39:02 +0000 (15:39 +0100)]
section config: remove Data::Dumper usage

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agofollowup: avoid very long line through comment moval
Thomas Lamprecht [Tue, 12 Nov 2019 13:16:01 +0000 (14:16 +0100)]
followup: avoid very long line through comment moval

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agofix Tools::df for big storage usage values
Dominik Csapak [Tue, 12 Nov 2019 12:56:20 +0000 (13:56 +0100)]
fix Tools::df for big storage usage values

if the size/avail of a mount is bigger than a certain amount,
json_encode writes the number in scientific format, which was not
matched by our \d+ regex.

This then resulted in 'undef' values for the result hash and
subsequently led to errors and warnings.

Extend the regex to also match scientific formatted numbers,
perl can then use them as is, no need for any conversion.

https://forum.proxmox.com/threads/bug-in-pve-tools-df-when-adding-petabyte-scale-storage.60090/#post-277050

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agoTools: add new mount api wrappers
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:14 +0000 (11:06 +0100)]
Tools: add new mount api wrappers

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agoadd missing 1; at the end of Syscall.pm
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:13 +0000 (11:06 +0100)]
add missing 1; at the end of Syscall.pm

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agoPVE::Syscall: add new mount api constants
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:12 +0000 (11:06 +0100)]
PVE::Syscall: add new mount api constants

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agotools: add AT_FDCWD and extend exports
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:11 +0000 (11:06 +0100)]
tools: add AT_FDCWD and extend exports

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agoProcFSTools: include ppid in read_proc_pid_stat
Wolfgang Bumiller [Fri, 8 Nov 2019 10:06:10 +0000 (11:06 +0100)]
ProcFSTools: include ppid in read_proc_pid_stat

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
4 months agobump version to 6.0-7
Thomas Lamprecht [Fri, 8 Nov 2019 11:48:36 +0000 (12:48 +0100)]
bump version to 6.0-7

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
4 months agocert: add fingerprint helper
Fabian Grünbichler [Wed, 6 Nov 2019 12:36:02 +0000 (13:36 +0100)]
cert: add fingerprint helper

for usage in pve-cluster's certificate cache.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
4 months agonetwork: cleanup get_local_ip_from_cidr
Thomas Lamprecht [Fri, 8 Nov 2019 11:47:16 +0000 (12:47 +0100)]
network: cleanup get_local_ip_from_cidr

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agoJSONSchema: add pve-tag format
Dominik Csapak [Thu, 3 Oct 2019 11:50:07 +0000 (13:50 +0200)]
JSONSchema: add pve-tag format

this will be used for vm/ct tag-lists, so that (config) management systems
or similar add additional information that does not reside in the
description

putting it here, since we want to eventually have it also for
nodes,storages,etc.

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
5 months agobump version to 6.0-6
Thomas Lamprecht [Tue, 29 Oct 2019 07:07:34 +0000 (08:07 +0100)]
bump version to 6.0-6

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agod/control: record breaks of pve-container (<< 3.0-9)
Thomas Lamprecht [Tue, 29 Oct 2019 06:28:52 +0000 (07:28 +0100)]
d/control: record breaks of pve-container (<< 3.0-9)

As we drop the arch translation part used by pve-container packages
in version 3.0-8 or older we need to break them, to avoid broken
newly created containers.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agofollowup: drop get_host_arch prototype
Thomas Lamprecht [Tue, 29 Oct 2019 06:15:40 +0000 (07:15 +0100)]
followup: drop get_host_arch prototype

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
5 months agotools: get_host_arch: return raw uname machine entry
Stefan Reiter [Mon, 28 Oct 2019 11:59:13 +0000 (12:59 +0100)]
tools: get_host_arch: return raw uname machine entry

The current version had only one user in LXC, so move the LXC-specific
code there to reuse this in QemuServer.

Also cache, since the host's architecture can't change during runtime.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
5 months agoOTP: support v2 secret format
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:42 +0000 (12:20 +0100)]
OTP: support v2 secret format

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
5 months agoJSONSchema: add TFA-secret format; support longer secrets
Wolfgang Bumiller [Mon, 28 Oct 2019 11:20:40 +0000 (12:20 +0100)]
JSONSchema: add TFA-secret format; support longer secrets

The old format used 16 base32 chars or 40 hex digits. Since they have
a common subset it's hard to distinguish them without the our
previous length constraints, so prefix a 'v2-' of the format to
support arbitrary lengths properly.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agobump version to 6.0-5
Thomas Lamprecht [Fri, 20 Sep 2019 07:46:51 +0000 (09:46 +0200)]
bump version to 6.0-5

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoetc_network_interfaces : handle autostart for ovs
Alexandre Derumier [Fri, 20 Sep 2019 14:29:53 +0000 (16:29 +0200)]
etc_network_interfaces : handle autostart for ovs

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
6 months agonetwork: followup code cleanup
Thomas Lamprecht [Fri, 20 Sep 2019 07:42:05 +0000 (09:42 +0200)]
network: followup code cleanup

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agonetwork_interfaces: use allow-ovs for OVSBridge
Alexandre Derumier [Fri, 20 Sep 2019 06:45:05 +0000 (08:45 +0200)]
network_interfaces: use allow-ovs for OVSBridge

new openvswitch-switch service use "ifup --allow-ovs",
and this race with "auto ..." used by networking service

bug reported here:
https://forum.proxmox.com/threads/so-is-openvswitch-bonding-just-broken-on-pve-6-whats-going-on.58020/

This is also fixing ovs with ifupdown2

Openvswitch github have a note about this:
https://github.com/openvswitch/ovs/commit/e0dfd67b456c8ea36cc2e2f23039a300dbbedfed#diff-555e6da95251766b76e83867900bd8fe

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
6 months agotree wide trailing whitespace cleanup
Thomas Lamprecht [Mon, 9 Sep 2019 14:42:03 +0000 (16:42 +0200)]
tree wide trailing whitespace cleanup

generated with:
 # find . -name '*.pm' -exec sed -i 's/\s\+$//' {} \;

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
6 months agoetc_network_interfaces : add uplink-id option
Alexandre Derumier [Wed, 4 Sep 2019 07:47:51 +0000 (09:47 +0200)]
etc_network_interfaces : add uplink-id option

uplink-id is an integer

it's used to abstract the interface name (could be different on
differents hosts)
and map it to a transportzone.

uplink-id is only allowed on physical interfaces (bond,eth,vlan)
as it's used for traffic to external

example:

auto eth0
iface eth0 inet manual
        uplink-id 1

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
6 months agoadd postinst hook to fix /etc/aliases whitespace error
Thomas Lamprecht [Tue, 3 Sep 2019 11:06:18 +0000 (13:06 +0200)]
add postinst hook to fix /etc/aliases whitespace error

This was wrongly shipped by our ISO since quite a bit (AFAICT, at
least 4.x), so fix it up in a versioned postinst snippet.

Do so by usind sed with the following pattern:
 # sed -E -i -e 's/^www:(\w)/www: \1/' /etc/aliases
proposed by Musee Ullah[0]. It even catches a bit more than exactly
our misstep, may help if one copied this line, or added some other
addresses to this specific aliases entry.

Do this here, in pve-common, as it makes it sligthly simpler to roll
the change out to both, PVE and PMG.

[0]: https://pve.proxmox.com/pipermail/pve-user/2019-September/170998.html

Reported-by: Uwe Sauter <uwe.sauter.de@gmail.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>