On June 2, 2023 2:12 pm, DERUMIER, Alexandre wrote:
> Le vendredi 02 juin 2023 à 13:43 +0200, Fabian Grünbichler a écrit :
>> a few more places that come to my mind that might warrant further
>> thinking or discussion:
>> - restoring a backup
> doesn't it also use create_vm ?
yes, but the potentia
On Wed, May 24, 2023 at 03:56:25PM +0200, Lukas Wagner wrote:
> Logging behaviour can be overridden by the {PMG,PVE}_LOG environment
> variable.
>
> This commit also disables styled output and timestamps in log messages,
> since we usually log to the journal anyway. The log output is configured
>
On Fri, May 12, 2023 at 02:23:51PM +0200, Dominik Csapak wrote:
> we want to move the 'exclude-path' to an array format (from 'string-alist')
> prepare the code that it can be either a string or a list
>
> Signed-off-by: Dominik Csapak
> ---
> PVE/VZDump.pm | 21 +
> 1 file c
Am 05/06/2023 um 01:37 schrieb Alexandre Derumier:
> test first if user have access to the full zone (any bridge/vlan)
> if a tag is defined, test if user have a specific access to the vlan (or
> propagate from full bridge acl)
> if no tag, test if user have access to full bridge. (if trunks are d
by limiting the phys-bits to 46 instead of 47. On Ubuntu 18.04 with
kernel 4.15, using 47 leads to a strange issue where initialization of
VirtIO devices would fail.
Reported in the community forum:
https://forum.proxmox.com/threads/127410/
Signed-off-by: Fiona Ebner
---
...latformInitLib-limit
Am 03/06/2023 um 05:41 schrieb ribbon:
> little Japanese translation update for 3.0.0
>
> --- ja.po 2023-06-03 11:10:29.097009127 +0900
> +++ jan.po2023-06-03 11:10:08.708856465 +0900
applied, thanks!
Would be great if you could submit those via git directly:
https://pve.proxmox.com/wiki
On 6/5/23 09:36, Wolfgang Bumiller wrote:
On Fri, May 12, 2023 at 02:23:51PM +0200, Dominik Csapak wrote:
we want to move the 'exclude-path' to an array format (from 'string-alist')
prepare the code that it can be either a string or a list
Signed-off-by: Dominik Csapak
---
PVE/VZDump.pm | 21
On Mon, Jun 05, 2023 at 09:54:49AM +0200, Dominik Csapak wrote:
> On 6/5/23 09:36, Wolfgang Bumiller wrote:
> > On Fri, May 12, 2023 at 02:23:51PM +0200, Dominik Csapak wrote:
> > > we want to move the 'exclude-path' to an array format (from
> > > 'string-alist')
> > > prepare the code that it can
applied and added a followup commenting the `split_args` on the array
case
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
little Japanese translation update
--
--- ja.po 2023-06-03 11:10:29.097009127 +0900
+++ jan.po 2023-06-03 11:10:08.708856465 +0900
@@ -2104,9 +2104,8 @@
msgstr "データDevs"
#: pve-manager/www/manager6/ceph/FS.js:159
-#, fuzzy
On Fri, May 12, 2023 at 02:23:48PM +0200, Dominik Csapak wrote:
> only three small things were missing for it to work:
> * on the cli, we have to get the option as an array if the type is an array
> * the untainting must be done recursively, otherwise, the regex matching
> converts an array hash
On Fri, May 12, 2023 at 02:23:50PM +0200, Dominik Csapak wrote:
> this should not be needed anymore since we can now use a simple array
> in the api instead
>
> Signed-off-by: Dominik Csapak
Acked-by: Wolfgang Bumiller
___
pve-devel mailing list
pve
On Fri, May 12, 2023 at 02:23:54PM +0200, Dominik Csapak wrote:
> to get rid of the '-alist' format
>
> Signed-off-by: Dominik Csapak
Acked-by: Wolfgang Bumiller
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bi
On Fri, May 12, 2023 at 02:23:55PM +0200, Dominik Csapak wrote:
> we don't want to use the '-alist' formats anymore in favor of real arrays
>
> Signed-off-by: Dominik Csapak
Acked-by: Wolfgang Bumiller
___
pve-devel mailing list
pve-devel@lists.prox
On Fri, May 12, 2023 at 02:23:52PM +0200, Dominik Csapak wrote:
> instead of always trying to encode them as x-www-form-urlencoded
>
> Signed-off-by: Dominik Csapak
Acked-by: Wolfgang Bumiller
for both patches
___
pve-devel mailing list
pve-devel@l
Am 25/05/2023 um 12:17 schrieb Dominik Csapak:
> resource/pci.cfg and
> resource/usb.cfg
>
> to PVE/Cluster.pm
> and status.c
>
> Signed-off-by: Dominik Csapak
> ---
> src/PVE/Cluster.pm | 2 ++
> src/pmxcfs/status.c | 2 ++
> 2 files changed, 4 insertions(+)
>
>
applied, with finalizing our
applied with a small followup:
>
> +sub config_aware_base_mkdir {
> +my ($class, $scfg, $path) = @_;
> +
> +# FIXME the mkdir parameter is deprecated and create-base-path should be
> used
> +my $mkpath = 0;
> +if (!defined($scfg->{'create-base-path'}) && !defined($scfg->{mkdir})
On June 5, 2023 1:37 am, Alexandre Derumier wrote:
> test first if user have access to the full zone (any bridge/vlan)
> if a tag is defined, test if user have a specific access to the vlan (or
> propagate from full bridge acl)
> if no tag, test if user have access to full bridge. (if trunks are d
On June 5, 2023 1:37 am, Alexandre Derumier wrote:
> check if user have access to 1 vlan of the bridge
> or the bridge itself
>
> Signed-off-by: Alexandre Derumier
> ---
> src/PVE/RPCEnvironment.pm | 17 +
> 1 file changed, 17 insertions(+)
>
> diff --git a/src/PVE/RPCEnvironmen
On June 5, 2023 1:37 am, Alexandre Derumier wrote:
> add vnet/localbridge permissions management
>
> Hi,
> as we has discuted some weeks ago,
> this patche serie introduce management of acl for vnets && local bridges
>
> I have reuse current sdn permissions path, to have common paths
>
> /sdn/vn
Am 15/05/2023 um 05:56 schrieb Marlin Sööse:
> This just fixes a spelling mistake.
>
Thanks for reporting this and appreciating that you sent a patch already, but
the POT files are auto-generated and come directly from the source.
So, here one would need to fix that, and those are indicated as c
On 6/2/23 11:50, Fiona Ebner wrote:
Am 02.06.23 um 11:45 schrieb Fiona Ebner:
Am 01.06.23 um 15:53 schrieb Aaron Lauterer:
When scanning all configured storages for disk images belonging to the
VM, the migration could easily fail if a storage is not available, but
enabled. That storage might
Could've been done for the test repository already, but now that there
is a split between no-subscription and enterprise it becomes even more
relevant.
Reported-by: Thomas Lamprecht
Signed-off-by: Fiona Ebner
---
src/node/APTRepositories.js | 48 ++---
1 file cha
there are currently three possibilities to modify ACLs without the
'Permissions.Modify' privilege in PVE::RPCEnvironment::check_perm_modify:
if ($path =~ m|^/storage/.+$|) {
push @$testperms, 'Datastore.Allocate';
} elsif ($path =~ m|^/vms/.+$|) {
push @$testperms, 'VM.Allo
to reduce the chances of accidentally handing out privilege modification
privileges. the old default setup of having Permissions.Modify in PVESysAdmin
and PVEAdmin weakened the distinction between those roles and Administrator.
Signed-off-by: Fabian Grünbichler
---
Notes:
this is obviously a
--- Begin Message ---
Hi,
I'm sorry I could only test for Ryzen 1700, 2600X and 5950X - our 3700X
is offline, pending some upgrades. I hope it will be back again in some
days.
Tested installation of Debian 11.1.0 ISO with GUI installer upto first
boot to GUI login to installed system:
El
I blindly assumed that cargo would re-create the TMPDIR before each
test run, but that doesn't seem to be the case and the test_digest
test now fails the second time when running 'cargo test' twice.
So partially revert 9b7c533 ("apt: tests: create temporary test
directories in CARGO_TARGET_TMPDIR"
when upgrading is possible rather than throwing an error by reaching
the else branch.
Signed-off-by: Fiona Ebner
---
src/node/APTRepositories.js | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/node/APTRepositories.js b/src/node/APTRepositories.js
index 1fb627c..cb
There's a confusing issue when the suites are already updated,
because the UI will not detect any Proxmox VE repository anymore then.
This is fixed by the proxmox-apt patch intended for the stable branch.
The UI patches make sure the ignore-pre-upgrade-warning is actually
ignored and add a check
Currently, all this does is silence warnings when the suite after the
current one is configured as well as enabling the check for mixed
repositiories.
Since there is no API call as mentioned in the comment yet, just set
it manually.
Signed-off-by: Fiona Ebner
---
Intended only for the stable br
Usually, differing suites already produce warnings/errors, but before
a major upgrade the current and the next suite are both valid. Mixing
them is an issue though.
Signed-off-by: Fiona Ebner
---
src/node/APTRepositories.js | 35 +--
1 file changed, 33 insertions(
This will avoid breaking older UI when extending the backend.
Signed-off-by: Fiona Ebner
---
src/node/APTRepositories.js | 2 --
1 file changed, 2 deletions(-)
diff --git a/src/node/APTRepositories.js b/src/node/APTRepositories.js
index cb08bb6..ed58e5b 100644
--- a/src/node/APTRepositories.js
This avoids that no standard Proxmox repository can be detected during
upgrade anymore. There is a 'ignore-pre-upgrade-warning' about the
suite already, that the frontend can display when upgrading is not
allowed yet.
Signed-off-by: Fiona Ebner
---
It's not ideal, for the time between when the u
to be used again to detect mixed repositories before upgrade.
Needed to convert into an actual function for the 'this' usage.
Signed-off-by: Fiona Ebner
---
src/node/APTRepositories.js | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/src/node/APTRepositories
Am 05/06/2023 um 17:43 schrieb Fiona Ebner:
> This will avoid breaking older UI when extending the backend.
>
> Signed-off-by: Fiona Ebner
> ---
> src/node/APTRepositories.js | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/src/node/APTRepositories.js b/src/node/APTRepositories.js
> in
Am 02/06/2023 um 18:04 schrieb Aaron Lauterer:
> The commit hash of the Ceph version might be different between major
> releases. For example:
> ceph version 17.2.6 (810db68029296377607028a6c6da1ec06f5a2b27) quincy (stable)
> ceph version 17.2.6 (995dec2cdae920da21db2d455e55efbc339bde24) quincy (st
> >
> > +my $check_bridge_access = sub {
> > + my ($rpcenv, $authuser, $param) = @_;
> > +
> > + return 1 if $authuser eq 'root@pam';
> > +
> > + foreach my $opt (keys %{$param}) {
> > + next if $opt !~ m/^net\d+$/;
> > + my $net = PVE::QemuServer::parse_net($param->{$opt});
>
> same as above - if we treat "volume on storage" and "nic in vnet" as
> being equivalent, then cloning would also need to check whether I am
> allowed to add new nics to a vnet via cloning (like we do for
> volumes,
> even without a storage override set!). $check_storage_access_clone is
> the c
Le lundi 05 juin 2023 à 12:13 +0200, Fabian Grünbichler a écrit :
> On June 5, 2023 1:37 am, Alexandre Derumier wrote:
> > add vnet/localbridge permissions management
> >
> > Hi,
> > as we has discuted some weeks ago,
> > this patche serie introduce management of acl for vnets && local
> > bridges
Am 05.06.23 um 19:06 schrieb Thomas Lamprecht:
> Am 05/06/2023 um 17:43 schrieb Fiona Ebner:
>> This will avoid breaking older UI when extending the backend.
>>
>> Signed-off-by: Fiona Ebner
>> ---
>> src/node/APTRepositories.js | 2 --
>> 1 file changed, 2 deletions(-)
>>
>> diff --git a/src/nod
Am 05.04.23 um 09:43 schrieb Fiona Ebner:
> Am 16.11.22 um 15:04 schrieb Fiona Ebner:
>> Currently, suffenciently privileged users may edit a backup job, but
>> cannot run the very same job manually (via the vzdump API call). The
>> first patch addresses this by removing the root-only restriction f
Am 03.04.23 um 14:09 schrieb Fiona Ebner:
> Fiona Ebner (4):
> cfg2cmd: use actual backend names instead of removed tty and paraport
> aliases
> cfg2cmd: replace deprecated no-acpi option with acpi=off machine flag
> cfg2cmd: replace deprecated no-hpet option with hpet=off machine flag
>
Am 28.02.23 um 11:54 schrieb Fiona Ebner:
> by introducing a get_derived_property() method for the configuration
> plugins. The derived properties are calculated by the plugins and will
> stay the same regardless of changes to the configuration structure.
> For example, this will allow turning Qemu
Le mardi 06 juin 2023 à 05:32 +, DERUMIER, Alexandre a écrit :
> > to have at least the local bridge ACL path (for the zone, or for
> > the
> > zone and the bridges?) in the regular ACL selectors in 7.x as well,
> > if
> > we pull in something in pve-manager, than IMHO it should be that,
> > no
44 matches
Mail list logo
