ping -- still applies.
On 30/01/2024 18:10, Friedrich Weber wrote:
> As reported in #4474 [0], a user may attempt to shutdown a VM/CT,
> realize that it is unresponsive, and decide to stop it instead. If the
> shutdown task has not timed out yet, the stop task will fail. The user
> needs to manual
--- Begin Message ---
>>## Known Issues
>>There is currently one major issue that we still need to solve:
>>REJECTing
>>packets from the guest firewalls is currently not possible for
>>incoming traffic
>>(it will instead be dropped).
That's remember me this old Hetzner bug (Hetzner flooding bad p
--- Begin Message ---
>>
>>## Known Issues
>>There is currently one major issue that we still need to solve:
>>REJECTing
>>packets from the guest firewalls is currently not possible for
>>incoming traffic
>>(it will instead be dropped).
That remember me this Hetzner bug
--- End Message ---
_
--- Begin Message ---
Hi Stefan,
I'll really take time to test it (I was super busy theses last month
with a datacenter migration), as I wait for nftables since a while.
Can't help too much with rust, but I really appriciate it, as I had
some servers with a lot of vms && rules, take more than 10s
On Tue, 2024-04-02 at 19:15 +0200, Stefan Hanreich wrote:
>
> ## Known Issues
> There is currently one major issue that we still need to solve: REJECTing
> packets from the guest firewalls is currently not possible for incoming
> traffic
> (it will instead be dropped).
>
> This is due to the fac
We create the rules from the firewall config by utilizing the
ToNftRules and ToNftObjects traits to convert the firewall config
structs to nftables objects/chains/rules.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-firewall/Cargo.toml | 3 +
proxmox-firewa
Add a thin wrapper around libnftables, which can be used to run
commands defined by the rust types.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-nftables/src/context.rs | 243
proxmox-nftables/src/error.rs | 43 ++
proxmox-
Some types from the firewall configuration map directly onto nftables
statements. For those we implement conversion traits so we can
conveniently convert between the configuration types and the
respective nftables types.
As with the expressions, those are guarded behind a feature so the
nftables c
Adds an enum containing most of the expressions defined in the
nftables-json schema [1].
[1]
https://manpages.debian.org/bookworm/libnftables1/libnftables-json.5.en.html#EXPRESSIONS
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-nftables/Cargo.toml| 2 +
Introduces new nftables configuration option that en/disables the new
nftables firewall.
pve-firewall reads this option and only generates iptables rules when
nftables is set to `0`. Conversely proxmox-firewall only generates
nftables rules when the option is set to `1`.
Signed-off-by: Stefan Han
We load the firewall configuration from the default paths, as well as
only the guest configurations that are local to the node itself. In
the future we could change this to use pmxcfs directly instead.
We also load information from nftables directly about dynamically
created chains (mostly chains
When the nftables firewall is enabled, we do not need to create
firewall bridges.
Signed-off-by: Stefan Hanreich
---
vm-network-scripts/pve-bridge | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/vm-network-scripts/pve-bridge b/vm-network-scripts/pve-bridge
index 8599
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/resources/ct_helper.json | 52 +
proxmox-ve-config/src/firewall/ct_helper.rs | 115
proxmox-ve-config/src/firewall/mod.rs | 1 +
3 files changed, 168 insertions(+)
creat
ToNftRules is basically a conversion trait for firewall config structs
to convert them into the respective nftables statements.
We are passing a list of rules to the method, which then modifies the
list of rules such that all relevant rules in the list have statements
appended that apply the confi
This is the skeleton for the firewall that contains all the base
chains required for the firewall.
The file applies atomically, which means that it flushes all objects
and recreates them - except for the cluster/host/guest chain. This
means that it can be run at any point in time, since it only up
Signed-off-by: Stefan Hanreich
---
www/manager6/grid/FirewallOptions.js | 1 +
1 file changed, 1 insertion(+)
diff --git a/www/manager6/grid/FirewallOptions.js
b/www/manager6/grid/FirewallOptions.js
index 0ac9979c4..2d21d45d8 100644
--- a/www/manager6/grid/FirewallOptions.js
+++ b/www/manager6/
ToNftObjects is basically a conversion trait that converts firewall
config structs into nftables objects. It returns a list of commands
that create the respective nftables objects.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-firewall/src/main.rs | 1 +
proxm
When the nftables firewall is enabled, we do not need to create
firewall bridges.
Signed-off-by: Stefan Hanreich
---
src/PVE/LXC.pm | 5 +
1 file changed, 5 insertions(+)
diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index 7883cfb..a5d389a 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/resources/macros.json | 896
proxmox-ve-config/src/firewall/fw_macros.rs | 69 ++
proxmox-ve-config/src/firewall/mod.rs | 1 +
3 files changed, 966 insertions(+)
create mode
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-firewall/src/main.rs | 34 ++
1 file changed, 34 insertions(+)
diff --git a/proxmox-firewall/src/main.rs b/proxmox-firewall/src/main.rs
index 53c1289..28aecdf 100644
--- a/proxmox-firewa
Some types from the firewall configuration map directly onto nftables
expressions. For those we implement conversion traits so we can
conveniently convert between the configuration types and the
respective nftables types.
Those are guarded behind a feature so the nftables crate can be used
standal
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
Cargo.toml | 1 +
proxmox-firewall/Cargo.toml | 17 +
proxmox-firewall/src/main.rs | 5 +
3 files changed, 23 insertions(+)
create mode 100644 proxmox-firewall/Cargo.toml
create mode 1
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/host.rs | 309 +
proxmox-ve-config/src/firewall/mod.rs | 1 +
2 files changed, 310 insertions(+)
create mode 100644 proxmox-ve-config/src/firewall/host.rs
diff --git a
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/guest.rs | 194
proxmox-ve-config/src/firewall/mod.rs | 1 +
2 files changed, 195 insertions(+)
create mode 100644 proxmox-ve-config/src/firewall/guest.rs
diff --git
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/cluster.rs | 342 ++
proxmox-ve-config/src/firewall/mod.rs | 1 +
2 files changed, 343 insertions(+)
create mode 100644 proxmox-ve-config/src/firewall/cluster.rs
diff -
Includes types for all kinds of IP values that can occur in the
firewall config. Additionally, FromStr implementations are available
for parsing from the config files.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/mod.rs | 1 +
...
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
Cargo.toml | 1 +
proxmox-nftables/Cargo.toml | 16
proxmox-nftables/src/lib.rs | 0
3 files changed, 17 insertions(+)
create mode 100644 proxmox-nftables/Cargo.toml
create mode 100644 prox
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/parse.rs | 44 +
proxmox-ve-config/src/firewall/types/alias.rs | 160 ++
proxmox-ve-config/src/firewall/types/mod.rs | 2 +
3 files changed, 206 insertions(+)
creat
Additionally we implement FromStr for all rule types and parts, which
can be used for parsing firewall config rules. Initial rule parsing
works by parsing the different options into a HashMap and only then
de-serializing a struct from the parsed options.
This intermediate step makes rule parsing a
Add rust types for most of the nftables commands as defined by
libnftables-json [1].
Different commands require different keys to be set for the same type
of object. E.g. deleting an object usually only requires a name +
name of the container (table/chain/rule). Creating an object usually
requires
Signed-off-by: Stefan Hanreich
---
Makefile| 93 +
debian/changelog| 5 ++
debian/control | 31 +++
debian/copyright| 16 ++
debian/proxmox-firewall.service | 16 ++
debian/pr
Adds an enum containing most of the statements defined in the
nftables-json schema [1].
[1]
https://manpages.debian.org/bookworm/libnftables1/libnftables-json.5.en.html#STATEMENTS
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-nftables/Cargo.toml | 1 +
p
Adds types for log and (log-)rate-limiting firewall config options as
well as FromStr implementations for parsing them from the config.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/Cargo.toml| 1 +
proxmox-ve-config/src/firewall/mod.rs
Adds types for all kinds of port-related values in the firewall config
as well as FromStr implementations for parsing them from the config.
Also adds a helper for parsing the named ports from `/etc/services`.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-confi
Currently this is parsing the config files via the filesystem. In the
future we could also get this information from pmxcfs directly via
IPC which should be more performant, particularly for a large number
of VMs.
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-c
Some parts of the firewall config map directly to nftables objects, so
we introduce conversion traits for convenient conversion into the
respective nftables objects / types.
They are guarded behind a feature, so the nftables crate can be used
standalone without depending on the proxmox-ve-config c
Several objects, statements and expressions in nftables-json require
null values, for instance:
{ "flush": { "ruleset": null }}
For this purpose we define our own Null type, which we can then easily
use for defining types that accept Null as value.
Several keys accept as value either a singu
Since the basic format of cluster, host and guest firewall
configurations is the same, we create a generic parser that can handle
the common config format. The main difference is in the available
options, which can be passed via a generic parameter.
Co-authored-by: Wolfgang Bumiller
Signed-off-by
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/types/ipset.rs | 345 ++
proxmox-ve-config/src/firewall/types/mod.rs | 2 +
2 files changed, 347 insertions(+)
create mode 100644 proxmox-ve-config/src/firewall/types/ipset.rs
Currently the helpers for obtaining the host network configuration
panic on error, which could be avoided by the use of
OnceLock::get_or_init, but this method is currently only available in
nightly versions.
Generally, if there is a problem with obtaining a hostname for the
current node then somet
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
proxmox-ve-config/src/firewall/types/group.rs | 36 +++
proxmox-ve-config/src/firewall/types/mod.rs | 2 ++
2 files changed, 38 insertions(+)
create mode 100644 proxmox-ve-config/src/firewall/types/group.rs
## Introduction
This RFC provides a drop-in replacement for the current pve-firewall package
that is based on Rust and nftables.
It consists of three crates:
* proxmox-ve-config
for parsing firewall and guest configuration files, as well as some helpers
to access host configuration (particular
Co-authored-by: Wolfgang Bumiller
Signed-off-by: Stefan Hanreich
---
.cargo/config| 5 +
.gitignore | 6 ++
Cargo.toml | 4
proxmox-ve-config/Cargo.toml | 19 +++
proxmox-ve-config/src/lib.rs | 0
5 files changed
sent v2 incorporating the changes and adding additional tests.
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
create_etc_interfaces_sdn_dir creates the /etc/pve/sdn directory.
This allows mocking in tests to prevent system fs access in tests
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/API2/Network/SDN/Zones.pm | 6 +-
1 file changed, 5 insertions(+), 1 d
Extract the dbus based interactions with dnsmasq so that it can be
mocked in tests.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 22 --
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/s
The datacenter_config() functions in SDN::Zones::Plugin is a simple
wrapper that reads datacenter.cfg via cfs.
This allows mocking datacenter.cfg in tests.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Zones/EvpnPlugin.pm | 3 ++-
src/PVE
systemctl_service() is a wrapper around PVE::Tools::run_command to allow
mocking the systemctl interactions in tests.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 18 --
1 file changed, 12 insertions(+), 6
Extracted to a function so it can be mocked in tests.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Dhcp/Dnsmasq.pm | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/PVE/Network/SDN/Dhcp/Dnsmasq.pm
b/src/PVE/Net
Add several tests for Vnets in test_vnets_blackbox. State setup as well
as testing results is done only via the API to test on the API
boundaries not not against the internal state. Internal state is mocked
to avoid requiring access to system files or pmxcfs.
Mocking is done by reading and writing
The did not work and were primarily testing against internal state.
Signed-off-by: Stefan Lendl
---
src/test/run_test_vnets.pl | 343 -
1 file changed, 343 deletions(-)
delete mode 100755 src/test/run_test_vnets.pl
diff --git a/src/test/run_test_vnets.pl b/s
read_local_frr_config reads /etc/frr/frr.conf.local.
This allows mocking local fs access in tests.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
dif
This add several tests for SDN VNets.
State setup as well as testing results is done only via the API to test on the
API boundaries and not against the internal state. Internal state and config
files are mocked to avoid requiring access to system files or pmxcfs.
The first 7 commits extract variou
read_etc_network_interfaces reads /etc/network/interfaces.
This allows mocking access to local fs.
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Controllers.pm | 16 +++-
1 file changed, 11 insertions(+), 5 deletions(-)
diff --
This commit rewrites the entire parser for ceph.conf, aligning its
behaviour as closely as possible with Ceph's parser grammar [0].
The most notable improvements are as follows:
1. The characters '#' and ';' now both mark comments, instead of
just the '#' character.
2. Any character, in
Signed-off-by: Max Carrara
---
Changes v2 --> v3:
* new
Changes v3 --> v4:
* none
Changes v4 --> v5:
* none
bin/Makefile | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/bin/Makefile b/bin/Makefile
index b221e4b1..180a91b5 100644
--- a/bin/Makefile
+++ b/bin/Mak
Due to Ceph dropping privileges when running the 'ceph-crash' daemon
[0], it is necessary to allow the daemon to authenticate with its
cluster in a safe manner.
In order to avoid exposing sensitive keyrings or somehow escalating
its privileges again, 'ceph-crash' is therefore provided with its own
in order to prevent configuration errors or the configuration being
misinterpreted.
Signed-off-by: Max Carrara
---
Changes v3 --> v4:
* new
Changes v4 --> v5:
* escape *all* comment literals (that are not escaped) instead of only
escaping them within values
src/PVE/CephConfig.pm | 3 ++
This commit adds the '/etc/pve/ceph' directory to our overall expected
Ceph configuration.
This directory is meant to store cluster-wide, non-private
configuration files used by Ceph applications and services that are
executed with lower privileges, such as 'ceph-crash.service'.
The existence of
instead of tab + space.
Signed-off-by: Max Carrara
---
Changes v2 --> v3:
* new
Changes v3 --> v4:
* rebased due to previous changes
Changes v4 --> v5: (originally patch 12)
* rebase onto changes of patch 01
* align by tab only instead of removing all leading whitespace
- as it turn
in order to group related sections together.
Additionally, sections that are associated with the client, for
example '[client.foo]', are written directly after the '[client]'
section.
Signed-off-by: Max Carrara
---
Changes v2 --> v3:
* new; originally patch 07 of series v2, now adapted to this
This adds support for writing arbitrary sections to 'ceph.conf' while
ensuring that already written sections are not duplicated.
Signed-off-by: Max Carrara
---
Changes v1 --> v2:
* Instead of just adding 'client.crash' as a separate section,
also allow writing arbitrary sections
Changes v2
Building on the previously declared cases, this test constructs a
config hash akin to the one the parser returns by invoking the
`ceph-conf` command.
The cases which `ceph-conf` cannot handle are marked with a special
key. If the key is provided, invocatinos to `ceph-conf` are expected
to fail. Fu
Fix #4759: Configure Permissions for ceph-crash.service - Version 5
===
Notable changes since v4
* The patches regarding Ceph Reef and Ceph Quincy have been applied in
v4 and are thus dropped from this
These tests attempt to cover most of Ceph's config parser's grammar,
including all of its syntax quirks [0].
Each case is tested against two testing subroutines:
1. The parser's output is compared with the expected output.
2. The writer's output is parsed again ant then compared with the
This commit changes the code style of subroutine `write_ceph_config`
to match our style guide [0] more.
Furthermore, the repeated calls to the inner subroutine are replaced
with a loop, while the regular expressions used by the inner `sub` are
now quoted with `qr` to prevent any accidental mis-quo
thanks for looking into this
On 2024-04-02 16:43, Christoph Heiss wrote:
Rebuild an (PVE) ISO to contain the new auto-installer with an
appropriate GRUB entry setting `proxauto` on the kernel commandline.
What I've tried:
- Using a few different values for `global` options
- Install on ext4,
Rebuild an (PVE) ISO to contain the new auto-installer with an
appropriate GRUB entry setting `proxauto` on the kernel commandline.
What I've tried:
- Using a few different values for `global` options
- Install on ext4, xfs, Btrfs RAID1 and ZFS RAID1
(with different values in multiple runs)
- U
--- Begin Message ---
Hi,
could it be possible to merge this patch ?
I have see another report about it on the forum:
https://forum.proxmox.com/threads/bugfix-for-evpn-sdn-multiple-exit-nodes.137784/post-649071
Message initial
De: Stefan Hanreich
Répondre à: Proxmox VE devel
Two typos ;) And some small nits
On Thu, Mar 28, 2024 at 02:50:13PM +0100, Aaron Lauterer wrote:
[..]
> diff --git a/proxmox-auto-installer/src/bin/proxmox-fetch-answer.rs
> b/proxmox-auto-installer/src/bin/proxmox-fetch-answer.rs
> new file mode 100644
> index 000..9e89a3c
> --- /dev/null
>
Thanks for the review.
I rebased the commits for v3
I re-enabled DNS. I do not recall why it failed on my last rebase
attempt.
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
previously extracted functions are now mocked in the zone tests
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/test/run_test_zones.pl | 31 +++
1 file changed, 31 insertions(+)
diff --git a/src/test/run_test_zones.pl b/src/test/
source package *.dsc
build log *.build
tarball *.tar.xz
Signed-off-by: Stefan Lendl
---
.gitignore | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.gitignore b/.gitignore
index 60332cc..4694865 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,8 @@
*.deb
+/*.build
/*.buildinfo
/*.cha
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Makefile
index c9dee4c..c4056b4 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -10,7 +10,7 @@ clean:
.PHONY: te
to allow mocking local fs access
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Controllers.pm | 16 +++-
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/src/PVE/Network/SDN/Controllers.pm
b/src/PVE/Network/SDN/Co
to allow mocking local fs access
Signed-off-by: Stefan Lendl
Reviewed-by: Max Carrara
Tested-by: Max Carrara
---
src/PVE/Network/SDN/Controllers/EvpnPlugin.pm | 10 --
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Network/SDN/Controllers/EvpnPlugin.pm
b/src/PVE
Extract and mock functions that otherwise access system files which is not
possible in a clean sbuild environment.
Namely /etc/network/interfaces as well as /etc/frr/frr.config.local
Added .gitignore for sbuild artifacts
Changes v2 -> v3:
* Changed commit messages according to commit guide lines
*
On 3/22/24 17:19, Fiona Ebner wrote:
Am 20.03.24 um 13:51 schrieb Dominik Csapak:
so that we can show a proper warning in the migrate dialog and check it
in the bulk migrate precondition check
the unavailable_storages and allowed_nodes should be the same as before
Signed-off-by: Dominik Csapak
On 3/22/24 14:37, Fiona Ebner wrote:
Am 18.03.24 um 12:18 schrieb Dominik Csapak:
They have to be marked as 'live-migration-capable' in the mapping
config, and the driver and qemu must support it.
For the gui checks, we now return a list of 'mapped-with-live-migration'
entries in the migration
On 3/22/24 14:37, Fiona Ebner wrote:
Am 18.03.24 um 12:18 schrieb Dominik Csapak:
such as the mapping name and if it's marked for live-migration (pci only)
Signed-off-by: Dominik Csapak
---
PVE/API2/Qemu.pm | 2 +-
PVE/QemuMigrate.pm | 5 +++--
PVE/QemuServer.pm | 10 ++
3 fi
On 3/22/24 14:38, Fiona Ebner wrote:
Am 18.03.24 um 12:18 schrieb Dominik Csapak:
this is useful to get to the config without having to parse it again
You could also adapt the call sites that need it to use
PVE::Mapping::PCI::config() and PVE::Mapping::PCI::get_node_mapping()
instead of PVE::
On 3/22/24 14:37, Fiona Ebner wrote:
Am 18.03.24 um 12:18 schrieb Dominik Csapak:
so that we can decide in qemu-server to allow live-migration.
the driver and qemu must be capable of that, and it's the
admins responsibility to know and configure that
Nit: "The" and "QEMU" should be capitalize
On Tue, Apr 02, 2024 at 09:27:57AM +0200, Fabian Grünbichler wrote:
>
> > Jona Draaijer via pve-devel hat am 01.04.2024
> > 22:00 CEST geschrieben:
> > Hi,
> >
> > As per the title, that endpoint has an additionalProperties value that is
> > not a bool, but rather an object definition. (It's de
> Jona Draaijer via pve-devel hat am 01.04.2024
> 22:00 CEST geschrieben:
> Hi,
>
> As per the title, that endpoint has an additionalProperties value that is
> not a bool, but rather an object definition. (It's defined in
> pve-access-control/src/PVE/API2/User.pm).
>
> As far as I can tell, a
84 matches
Mail list logo
