Am 10.03.22 um 13:01 schrieb Fabian Ebner:
> Am 07.03.22 um 10:20 schrieb Oguz Bektas:
>> +if (!defined($user)) {
>> +warn 'Worker user was not specified, defaulting to "root@pam"!';
>
> Could mention that it's an internal error. And could use $self->warn().
Shouldn't use $self->warn(), b
Hi,
I would like to known if somebody is already working on nftables ?
Recently, I had scalibity problem with big hosts with a lof of vms
interfaces.
This was an host with 500vms with 3 interfaces by vms. (so 1500 tap
interfaces + 1500 fwbr + 1500 )
The problems:
- ebtables-restore-legacy is n
On 10.03.2022 15:31, Dominik Csapak wrote:
Sometimes, total can be zero (e.g. for swap when it's not used), which
leads to the usage being NaN. This led to the progressbar not being
updated for InfoWidgets, leaving a spurious '0%' as text.
Signed-off-by: Dominik Csapak
---
src/panel/StatusVie
On 3/11/22 10:13, Matthias Heiserer wrote:
On 10.03.2022 15:31, Dominik Csapak wrote:
Sometimes, total can be zero (e.g. for swap when it's not used), which
leads to the usage being NaN. This led to the progressbar not being
updated for InfoWidgets, leaving a spurious '0%' as text.
Signed-off-b
On Fri, Mar 11, 2022 at 08:42:29AM +, DERUMIER, Alexandre wrote:
> Hi,
> I would like to known if somebody is already working on nftables ?
Not actively in the pve code. I only have a few different variants of
possible nft rulesets around but there's always been something missing,
even with br
Signed-off-by: Oguz Bektas
---
pveum.adoc | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pveum.adoc b/pveum.adoc
index a5c8906..5ad111a 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -684,7 +684,8 @@ Roles
A role is simply a list of privileges. Proxmox VE comes with a number
previously limited to root@pam; we can allow SUs to use these options if
they have the privilege on the whole API path.
Signed-off-by: Oguz Bektas
---
PVE/API2/Backup.pm | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/PVE/API2/Backup.pm b/PVE/API2/Backup.pm
index
v1->v2:
* added some basic docs
changes in rest of the patches are in the separate mails.
big thanks to Fabian G. for the reviews and answering my questions
throughout the series :)
it's a complicated series so if i forgot something i'm sorry!
note: all the patches on the other repositories dep
we have a SU privilege now, but we still drop to a login prompt for such
users.
Signed-off-by: Oguz Bektas
---
PVE/API2/Nodes.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/API2/Nodes.pm b/PVE/API2/Nodes.pm
index 655493a3..0c3de231 100644
--- a/PVE/API2/Nodes.pm
+++ b
Signed-off-by: Oguz Bektas
---
v1->v2:
* also adapt change_password
* didn't remove the comments in TFA.pm since it was still confusing without them
src/PVE/API2/AccessControl.pm | 6 ++
src/PVE/API2/TFA.pm | 7 +--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git
Signed-off-by: Oguz Bektas
---
v1->v2:
no changes
src/PVE/AccessControl.pm | 9 ++---
src/PVE/RPCEnvironment.pm | 2 +-
2 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 1306576..1137756 100644
--- a/src/PVE/AccessContro
Signed-off-by: Oguz Bektas
---
PVE/API2/Qemu.pm | 59
1 file changed, 40 insertions(+), 19 deletions(-)
diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index 21fc82b..95cc46d 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1126,8 +1126,8
we now allow users with SU privilege to edit real device configurations
for VMs.
they still need the required privilege to edit the corresponding
configuration options (such as `VM.Config.HWType`), as well as the SU
privilege.
Signed-off-by: Oguz Bektas
---
v1->v2:
* add comments at the shortcut
Signed-off-by: Oguz Bektas
---
PVE/API2/VZDump.pm | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/PVE/API2/VZDump.pm b/PVE/API2/VZDump.pm
index 2c0df4c3..3b87ef38 100644
--- a/PVE/API2/VZDump.pm
+++ b/PVE/API2/VZDump.pm
@@ -27,7 +27,7 @@ __PACKAGE__->register_method ({
Signed-off-by: Oguz Bektas
---
v1->v2:
* added new after discussion with fabian about security implications of
allowing SU privilege to be granted by users with Permissions.Modify
src/PVE/API2/ACL.pm | 9 +
1 file changed, 9 insertions(+)
diff --git a/src/PVE/API2/ACL.pm b/src/PVE/API2/
so that SUs can perform some root-only actions over the GUI
also silence eslint's warning about the access notation for these lines
only.
Signed-off-by: Oguz Bektas
---
v1->v2:
* silence eslint warnings
* correct the conditional in Migrate.js
* remove the unneeded/wrong ones (see fabian's previo
Signed-off-by: Oguz Bektas
---
PVE/Storage.pm | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index b1d31bb..762933f 100755
--- a/PVE/Storage.pm
+++ b/PVE/Storage.pm
@@ -467,6 +467,11 @@ sub parse_volume_id {
sub check_volume_access {
this way we can allow regular users to act as superuser on specific
paths by giving them the (new) builtin 'SuperAdministrator' role or a
custom role with the 'SuperUser' privilege
Signed-off-by: Oguz Bektas
---
v1->v2:
* update the messages to reflect superuser instead of root@pam
src/PVE/API
Am 11.03.22 um 12:33 schrieb Matthias Heiserer:
> On 09.03.2022 13:39, Fabian Ebner wrote:
>> Am 04.03.22 um 12:52 schrieb Matthias Heiserer:
> 8< ->
>> It'd be great if you could also remove the now unused stuff from the
>> ContentView base class.
>>
>> Did you think about a way to re-use
With "noerr => 1" the function does not abort, when one of the
mountpoints is not fstrim compatible like zfs (has its own trim).
I do not think it is necessary to warn or error, because fstrim
tells when something is not trimmable and aborts.
Signed-off-by: Markus Frank
---
src/PVE/CLI/pct.pm |
Signed-off-by: Stoiko Ivanov
---
debian/zfsutils-linux.install | 3 +++
1 file changed, 3 insertions(+)
diff --git a/debian/zfsutils-linux.install b/debian/zfsutils-linux.install
index b7501b30..4e4554f8 100644
--- a/debian/zfsutils-linux.install
+++ b/debian/zfsutils-linux.install
@@ -9,6 +9,9
updates the submodule to the recently release zfs-2.1.3
* changeset does not look too exciting (kernel-compatibility fixes, testsuite,
FreeBSD)
* the addition of the systemd timer+service for regular scrubbing is something
user-visible (but already present in upstream and our debian packages f
Signed-off-by: Stoiko Ivanov
---
...META-and-DCH-consistency-in-autoconf.patch | 4 +-
debian/patches/0005-Enable-zed-emails.patch | 17 +-
...md-unit-for-importing-specific-pools.patch | 2 +-
.../0012-Fix-zvol_open-lock-inversion.patch | 212 --
debian/patches/series
On 3/10/22 11:49, Fabian Ebner wrote:
Am 07.03.22 um 11:07 schrieb Aaron Lauterer:
For the new HDReassign component, we follow the approach of HDMove to
have one componend for qemu and lxc.
To avoid button clutter, a new "Disk/Volume action" button is
introduced. It holds the Move, Reassign
On 11.03.22 13:55, Stoiko Ivanov wrote:
> updates the submodule to the recently release zfs-2.1.3
>
> * changeset does not look too exciting (kernel-compatibility fixes, testsuite,
> FreeBSD)
> * the addition of the systemd timer+service for regular scrubbing is something
> user-visible (but a
Since all our zfs installs use proxmox-boot-tool the compatibility is
not an issue anymore
Signed-off-by: Stoiko Ivanov
---
tested the zstd option by pushing the updated proxinstall to the current
7.1-2 ISO
proxinstall | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/proxin
this can be dropped in the next major version - so keeping it as
separate commit.
Signed-off-by: Stoiko Ivanov
---
proxmox-boot/zz-proxmox-boot | 6 ++
1 file changed, 6 insertions(+)
diff --git a/proxmox-boot/zz-proxmox-boot b/proxmox-boot/zz-proxmox-boot
index fa0ea4a..39e3bea 100755
---
else the directory lingers around on fresh systems.
follows 8d7ddbde84b3ebde29108b2080977b03853b2b69
Signed-off-by: Stoiko Ivanov
---
proxinstall | 1 +
1 file changed, 1 insertion(+)
diff --git a/proxinstall b/proxinstall
index a39d405..bddcc5d 100755
--- a/proxinstall
+++ b/proxinstall
@@ -19
The version of systemd boot in bullseye, tries writing an efivar which
is not writeable on certain (broken) UEFIs (HP thin clients).
The issue was not present in the version in buster (the variable
simply did not get written) and can be worked around by adding
--graceful to the `bootctl install` c
this commit adds the optional [--legacy|--uefi] arguments to `p-b-t
init` and `p-b-t reinit`. If provided the respective boot-loader is
installed (regardless of what is found on the esp, and of the
boot-mode)
This should make switching the boot-mode possible without the need
to boot into a live CD
to iterate over all configured ESPs and refresh the boot-loader
installations.
the init function was changed to not run refresh directly - to prevent
refresh from running once for each ESP
currently reinit does not imply refresh
Signed-off-by: Stoiko Ivanov
---
bin/grub-install-wrapper | 19 ++
v2->v3:
* rebased on master
* added Thomas' suggestion of not clobbering an existing
/etc/kernel/proxmox-boot-manual-kernels
* fixed a typo in promox-boot/functions (proxmox-boot-boot-manual-kernels)
* gave the installer another succesful try (with btrfs raid1)
original cover-letter for the v2:
grub by itself is only used for btrfs/ext4/xfs installs on legacy
systems
for zfs proxmox-boot-tool is used in legacy and uefi mode
Signed-off-by: Stoiko Ivanov
---
proxinstall | 80 ++---
1 file changed, 14 insertions(+), 66 deletions(-)
diff --g
ignore the current bootmode (uefi/legacy) when deciding which configs
to generate - make this decision based on the found boot loader
configs on the ESP.
Change systemd-boot to load the kernel+initrd from the ESPs root where
grub needs them. This prevents the double use of space for systems
having
was forgotten during the general renaming of pve-efiboot ->
proxmox-boot.
follows commit 8c0a22adfe15dc00cf2194647bb254201d8d187b
Signed-off-by: Stoiko Ivanov
---
debian/pve-kernel-helper.postinst | 4
proxmox-boot/functions| 2 +-
2 files changed, 5 insertions(+), 1 deletion(-
in addition to installing the boot loader for the current bootmode
(grub for legacy, systemd-boot for uefi) also install the bootloader
if its config is already present on the ESP.
Signed-off-by: Stoiko Ivanov
---
bin/proxmox-boot-tool | 26 --
1 file changed, 24 insertio
Signed-off-by: Stoiko Ivanov
---
bin/proxmox-boot-tool| 4 ++--
proxmox-boot/functions | 16
proxmox-boot/zz-proxmox-boot | 4 ++--
3 files changed, 20 insertions(+), 4 deletions(-)
diff --git a/bin/proxmox-boot-tool b/bin/proxmox-boot-tool
index 4ca3025..d91786e
37 matches
Mail list logo
