commit c86cfb8bbd dropped allow-hotplug
from the primary interfaces file completely on write, but that breaks
setups that come from plain Debian.
Instead, as stop-gap measurement, transform "allow-hotplug" to auto
in the PVE controlled config.
That avoids conflict and improves installing PVE on top of plain
Debian, as the interface still comes up after the first reboot.
But it is not ideal auto is not the same as hotplug, so we need to
also track that difference in the future, but that needs some
adaptions in the API too (change autostart from boolean to
string+enum or so=
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 0dc7fd7b50)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
> Note that "allow-auto" and "auto" are synonyms.
-- man 5 interfaces
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 0dcace5a6e)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
no semantic change intended
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 75a2a1c658)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit b296c4dd81)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
As that would be weird, the use explicitly did not configure it,
which is OK, and we'd then warn due to *our* fallback to `0`.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 576dadb137)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 43997e844e)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
and ignore values with a warning that are outside of the kernels
expected range.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit abf1f9cf19)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
it's an invalid combination that causes the network reload/setup to
fail. unfortunately, this is not caught by ifupdown2 itself, but only
rejected by the kernel with ERANGE over netlink.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
(cherry picked from commit e960f7948f)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit 13c771819a)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
is_ip_in_cidr('fd80:1::10', '127.0.0.1/24') would result in
Use of uninitialized value in numeric eq (==)
as overlaps() returns undef in such a case.
Note that there are (albeit few) existing callers that don't specify $version.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
(cherry picked from commit b0e3bcc186)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
i.e. is_ip_in_cidr('127.0.0.1', '127.0.0.1/32', 4) should return 1;
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
(cherry picked from commit 123c310474)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
With the merger the shop got moved from shop.maurer-it to
shop.proxmox.com, while we transparently redirect we also want to
stop doing that in a few years, so use new domain.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
(cherry picked from commit ed94660616)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The changes to the listening behavior introduced with PVE 6.4 break
backwardscompatibility w.r.t. listening address and logging, which
should not be changed without explictly notifying the user.
This patch re-adds the family parameter, which is still used by
pmgproxy and based on its existence creates the socket as before.
compared to the IO::Socket::IP->new call used before
390fc10dc4, the only change is the
renaming of 'LocalAddr' to 'LocalHost' (which are synonymous in
IO::Socket::IP [0])
It can simply be reverted with the release of pmg-api 7.0 (where
we'll record the change in the release-notes and upgrade-page)
[0] https://perldoc.perl.org/IO::Socket::IP
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
with the recent change in pve-manager pveproxy (and spiceproxy)
try binding to '::' per default. This fails for hosts having disabled
ipv6 via kernel commandline.
Our desired behavior of binding on '::' and only falling back to
'0.0.0.0' in case this is not supported is not directly possible with
IO::Socket::IP->new (or rather by Socket::GetAddrInfo, which at least
on my system always returns the v4 wildcard-address first).
the code now binds to:
* the provided $host if not undef
* '::' if $host is not set
* '0.0.0.0' if $host is not set and binding on '::' yields undef,
which means that it failed to create a socket which normally means
that IPv6 is disabled
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The Domain parameter for IO::Socket::IP is not used/needed.
It is needed to create a IP Socket when calling IO::Socket->new,
but here we call IO::Socket::IP-new directly (see [0]).
[0] https://perldoc.perl.org/IO::Socket::IP
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Previously, the returned value would be only the last element or undef in case
of an empty list. There's only a handful of callers of check_format() that look
at the return value and AFAICT none of the exisitng ones is for a -list format.
But best to avoid any future surprises.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
They can be used like loopback, but not limited to only 1 interface.
It's needed for bgp with multipath/ecmp to have a unique src ip
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
It has not shown any real value in the last decade+ it was enabled,
and it can actually add quite some performance overhead. E.g., if an
API endpoint returns a few 100k of relatively simple entries we can
easily require several seconds, even tens of seconds, to run the
return validation - making it easier to run into timeouts along the
transmit path to the client.
The CLI handler has it still enabled, normally there's no timeout
there as no HTTP transmit path is involved, and d.csapak had a slight
preference for that in an off-list discussion.
The actual implementations in PMG or PVE could enable it too if
running under debug mode.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
as is already supported by the UI (and PBS).
A nice bonus is that warn() can be used by both workers and non-workers. For
workers, the output is redirected/duplicated as set up by {fork,tee}_worker(),
and non-erroring workers that issued a warning will end in a WARNINGS state.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
*_prepare creates a fifo for streaming data back to clients directly,
filefile_restore_extract blocks and should be called from a background
worker - while it is running outcoming data can be read from the FIFO.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
More helpful for a user to know what they're missing.
Suggested-by: Dominic Jäger <d.jaeger@proxmox.com>
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
When the 'Domain' configuration of IO::Socket::IP is set to PF_INET6,
it will prefer IPv6, but since we don't set 'V6Only' it will also
listen on IPv4 interfaces[0].
Drop the now obsoleted '$family' parameter.
[0]: https://perldoc.perl.org/IO::Socket::IP#REPLACING-IO::Socket-DEFAULT-BEHAVIOUR
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Currently this happened if (and only if) at least one
positional parameter was passed.
We run into this with
`pmgconfig cert delete <type> [<restart>]`
vs
`pvenode cert delete [<restart>]`
where in the PVE case the `restart` option was simply
omitted, whereas for PMG due to the existence of `<type>`
the `restart` option was explicitly passedset in the $opts
hash but ended up being `undef`.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
CLIFormatter passes in an options hash as a second paramter, which so
far was ignored. Now that we treat it as a precision parameter, check if
it is a hash and extract the option from it before using it.
Otherwise perl puts HASH(0x...) into the format and sprintf chokes.
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
this should not be a real problem yet, but the perl keys hash pseudo
random order was an issue way to often to bet on that..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to avoid erroring out when "multiple" addresses are configured on live
migration, when in fact it's the same IP multiple times.
Seems like the same problem for a caller in pve-cluster was fixed by checking
the uniqueness afterwards, see commit 266041169beb36c8892ca54265e2d91335307ffb
in pve-cluster. But there doesn't seem to be any caller relying on the current
behavior, and no additional information other than the addresses are returned,
so fix it here.
Reported here:
https://forum.proxmox.com/threads/live-migration-of-vms-via-full-mesh-network-could-not-get-ip-multiple-addresses-configured-on-local-node-for-network.84585/
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
This commit mirrors e3c4007bc94956962c03da8c6853415d2fdf057c in
pve-cluster. The fix there got lost with a refactoring for reusing the
code here in pve-common in c92b771669e68a8b49906b8a0a68b533750567b0
Tested by repeadetly reading https://$pve-node:8006/nodes on a
virtual testcluster.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Shellquote is needed for '~', and while it doesn't help with '-',
there should be no problem, because options are separated from mailto
since commit 216a3f4f13.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
Reviewed-By: Dominik Csapak <d.csapak@proxmox.com>
