as we now register the ldap-simple-attr' format, and double
registrations result in exceptions.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
While seldom some of our API endpoints do not define it, e.g., the
world readable /access/ticket call.
As all of the stack can cope with that just fine make getopt_usage
also follow that behavior and don't assume that properties has to be
defined.
This fixes a complaint about undefined value use in the following
calls:
pvesh usage /access/ticket
pmgsh help /access
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
With revert "network: followup: move graceful require SDN out from
subs" squashed.
This reverts commit c02d6d1c96.
This reverts commit 35f2791ffa.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
As "require" is evaluated on module load only once, we either have
it or not, so move it to the top to avoid code duplication
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
If ifupdown2 is installed we really want to have it synced with this
version, also with OVS (ifupdown2 handles that break) - this is part
of the version barrier.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This will be used for PMG and PVE LDAP Authentication & Sync.
The code is largely copied/inspired by the already existing LDAP code in
PVEs AccessControl and PMGs LDAPCache
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
netmask/broadcast options are deprecated since buster
https://manpages.debian.org/buster/ifupdown/interfaces.5.en.html
This still read both "old address/netmask" or "address cidr" format,
but always convert it to cidr address format
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
This was limited without reason to checking only the first IP we get
returned from getaddrinfo_all, but we can have multiple IPs for a
hostname, and possible one of them is local but another not, so check
all and only die if no non-local address at all got found.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This fixes an issue with zsh completion where certain words were not added to the
list of matches, but incorrectly interpreted as flags or options.
By passing the "--" flag, compadd is notified that all following arguments should
be considered for completion and not interpreted as flags or options for compadd.
Details can be found in the compadd documentation:
http://zsh.sourceforge.net/Doc/Release/Completion-Widgets.html#Completion-Builtin-Commands
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
moved from pve-storage, we need to reuse it in another module there,
as it's a general method lets just move it here already.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to mark which API methods should be available to clients authenticated using an API token.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Else, when used with ACME, the SAN is always sorted so we always get
the Subject Alternative Name sorting alphabetically first, which
doesn't necessarily has to be the "primary" domain. While this is
rather cosmetically (all SANs are equal) it could still result it
flapping CN when SANs and thus possibly the order changes, e.g., in
our CDN mirror pool. It also doesn't costs anything to allow control
over this, so why not..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
for user installing proxmox on top of debian,
debian install by default the first nic with allow-hotplug.
This is conflicting with "auto ...", but worst with ovs "allow-ovs ...".
User have reported race with ovs, where ovs vmbr was up before the nic.
https://forum.proxmox.com/threads/no-network-on-server-unless-i-ifdown-ifup-vmbr0.62733/
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
