Commit Graph

573 Commits

Author SHA1 Message Date
Alexandre Derumier
4ac94c72a2 network_interfaces: use allow-ovs for OVSBridge
new openvswitch-switch service use "ifup --allow-ovs",
and this race with "auto ..." used by networking service

bug reported here:
https://forum.proxmox.com/threads/so-is-openvswitch-bonding-just-broken-on-pve-6-whats-going-on.58020/

This is also fixing ovs with ifupdown2

Openvswitch github have a note about this:
e0dfd67b45 (diff-555e6da95251766b76e83867900bd8fe)

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2019-09-20 09:06:47 +02:00
Thomas Lamprecht
9bbc4e174c tree wide trailing whitespace cleanup
generated with:
 # find . -name '*.pm' -exec sed -i 's/\s\+$//' {} \;

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-09-09 16:42:12 +02:00
Alexandre Derumier
d949babe56 etc_network_interfaces : add uplink-id option
uplink-id is an integer

it's used to abstract the interface name (could be different on
differents hosts)
and map it to a transportzone.

uplink-id is only allowed on physical interfaces (bond,eth,vlan)
as it's used for traffic to external

example:

auto eth0
iface eth0 inet manual
        uplink-id 1

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2019-09-09 16:41:12 +02:00
Fabian Ebner
9e594bd42e SectionConfig: Cleanup to make style consistent
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
2019-09-04 16:18:19 +02:00
Fabian Ebner
e1fbb779f7 Fix 2339: Handle multiple blank lines correctly in SectionConfig
It turns out that the line number counting was also broken (even on
files without multiple blanks), since the body of the while inside
the nextline subroutine would not be executed for a blank.
I guess the subroutine was intended to skip comments and blanks, but
since we use blanks to recognize the end of a section, I changed it
to only skip comments.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
2019-09-04 16:17:55 +02:00
Wolfgang Bumiller
9e3aaec494 cli: prettify tables even more
Separate the header with a double line.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-09-04 15:58:58 +02:00
Fabian Grünbichler
6cf6b40469 tools: add fchownat syscall
and constant AT_EMPTY_PATH for chowning a directory/file opened via
openat(2), for example when walking/creating a directory tree without
following symlinks.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2019-08-14 15:33:19 +02:00
Stoiko Ivanov
6bd0783c11 CLIHandler: consider valid prefixes for completion
With the change introduced in 57c0d0c69c
completion of partial commands stopped working (e.g. typing qm res<TAB><TAB>
yields nothing instead of 'reset resize resume rescan')

By returning undef as 'ref' 'print_bash_completion' has no reference of the
available (sub) commands anymore.

By checking if the current argument is a valid prefix of a possible command,
and conditionally not setting the 'ref' hash to undef, the functionality is
restored.

Additionally a small whitespace glitch was fixed.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-08-14 11:13:06 +02:00
Stoiko Ivanov
93e9f666ab CLIHandler: remove spurious abort()
The abort currently cannot be reached, instead the error with the same
message (unknown command '$cmdstr') in handle_cmd is raised.

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-08-14 11:13:06 +02:00
Stefan Reiter
5c1556cd27 fix #2303: detect IPs of p2p interfaces
"ip address show" prints:

    inet ADDR peer PEERADDR/32 scope global DEVICE

for pointtopoint interfaces. We're not interested in the netmask itself,
just make the Regex match.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-07-29 16:07:09 +02:00
Thomas Lamprecht
3982313e8d array_intersect: allow passing list of references for convenience
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-23 09:14:34 +02:00
Thomas Lamprecht
26a68cf6d8 array_intersect: followup: early exit if first empty intersection found
no point in trying more

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-23 09:04:22 +02:00
Thomas Lamprecht
3858602867 followup: code comments and small "cleanups"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-23 09:03:23 +02:00
Thomas Lamprecht
4c28a8bc69 follouwp: maker array_unique private for now
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-23 08:50:11 +02:00
Stefan Reiter
a59544e779 Add array_intersect and array_unique functions
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-07-23 08:46:49 +02:00
Stefan Reiter
568abb4bfb Include CPU flags in read_cpuinfo
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2019-07-23 08:46:49 +02:00
Alwin Antreich
96ab1135fe cert: add public key type & size to JSON schema
Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
2019-07-23 08:39:33 +02:00
Fabian Grünbichler
afa3f36910 cert: add public key type and size to info
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Co-Authored-By: Alwin Antreich <a.antreich@proxmox.com>
2019-07-23 08:39:33 +02:00
Thomas Lamprecht
cca9c8642d section config: trailing whitespace cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-05 16:32:57 +02:00
Oguz Bektas
db02e0e74a use hmac_sha256 when assembling csrf token
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2019-06-19 12:29:35 +02:00
Thomas Lamprecht
5fe1f60c5f followup: fix quoting and comment
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-19 12:29:35 +02:00
Oguz Bektas
62fc2ad81e add fallback/new csrf token recognition
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2019-06-19 12:02:36 +02:00
Wolfgang Bumiller
b8d15bfd69 systemd: add wait_for_unit_removed
And split out the common code into a systemd_call() sub.

This connects to the systemd bus and waits for a UnitRemoved
event to occur for the specified unit, with an optional
timeout.

We'll use this in qemu-server to wait for a VM's scope to
disappear completely before trying to start a VM's scope
anew.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-06-19 10:11:03 +02:00
Thomas Lamprecht
4515aaec1e inotify: network/interfaces: fix 'Use of uninitialized value' for netmask
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-12 12:01:08 +02:00
Dominik Csapak
cc6792c7af print defaulttxt as sprintf parameter
instead of having it verbatim in the format string.
This enables us to have '%' in the defaulttext without getting errors

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2019-06-06 11:29:19 +02:00
Thomas Lamprecht
ffbc3c08b8 assemble_spice_ticket: ensure variable in interpolated string are correct
In older perl the following two where the same:

"$foo::$bar" == "${foo}::${bar}"

But in perl 5, version 28 it's not anymore,

"$foo::$bar" would be equivalent to "${foo::}${bar}", the double
colons are now not used as variable name boundary, so mark that
explicitly in the affected case and surrounding ones preventively

This fixes authentication with spice* related stuff again.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-23 12:52:22 +02:00
Thomas Lamprecht
821d408dc4 JSONSchema: sort keys when dumping config for stabillity
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 14:11:53 +02:00
Thomas Lamprecht
95244fd7fa followup: use defined to check if a hash element can be accessed
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 10:20:01 +02:00
Dominik Csapak
d0ba18e17e prevent autovivification of sectionconfig options
If, somehow, someone passes a config to check_config with keys set
that are not in the options for that type, this fixed check
lead to autovivification, meaning that any future calls to the same
worker had an additional option for that type which is not optional

this lead to a wrongfully deleting of entries when updating an entry of
a different type, since all entries of the original types suddenly
did not satisfy their required options and would not get parsed
by read_file anymore (thus missing when a successful write_file was done)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2019-05-15 10:16:33 +02:00
Thomas Lamprecht
c0b8717c44 print api res: always allow result to be undef if optional
If the return schema says that it's optionally returns something then
we want to allow returning nothing, i.e., undef

Co-developed-by: Dominic Jäger <d.jaeger@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-13 06:52:28 +00:00
Thomas Lamprecht
b610385849 followup code cleanup
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-08 15:36:14 +00:00
Dominik Csapak
2896245e75 INotify: map address/netmask to cidr while parsing interfaces
this allows us to always show the 'address' the 'netmask' and the 'cidr'
both for ipv4 and ipv6

there is a small api change involved in one scenario:
if one manually changed the address to cidr format like
    '10.0.0.4/24'

we now get from the api the parsed values
    addr => 10.0.0.4
    netmask => 24
    cidr => 10.0.0.4/24

instead of
    addr => 10.0.0.4/24
    netmask =>

but i think that circumventing our api when writing the file, but still
relying on the api for reading is not a valid use case, i would argue
that we can change this, especially since we have a new field that
contains that information again (cidr)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2019-05-08 14:49:45 +00:00
Dominik Csapak
aad3582eab JSONSchema: add get_netmask_bits and missing netmask
so one can use the mapping from outside the module

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2019-05-08 14:49:45 +00:00
Stoiko Ivanov
0c078e6645 Tools: add setresuid syscall
See `man 2 setresuid`. The code was tested with small UIDs (109) and
one which does not fit into 16 bit (100000000), since I wasn't too
sure about the workings of setresuid vs. setresuid32 (see NOTES of
the manpage) - it worked with both.

Linux on amd64 has only a single setresuid, as it the 64 bit arch
came after the setresuid32 syscall, and thus it started with the
later one as single common one

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-17 10:00:24 +00:00
Thomas Lamprecht
096b5f5c06 fixup comments about RESTEnv access types
were pretty outdated

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-17 09:06:53 +00:00
Wolfgang Bumiller
c7a7aa4d93 add request host to RESTEnvironment
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-03 12:16:16 +02:00
Wolfgang Bumiller
61aca93afb add u2f challenge accessors to RESTEnvironment
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-04-03 12:16:16 +02:00
Stoiko Ivanov
34e75688f6 JSONSchema: fix units of bwlimit
the description of bwlimit wrote MiB/s, the use in restore operation is KiB/s

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-04-02 10:30:03 +02:00
Thomas Lamprecht
98d5b8cb72 JSONSchema: register 'pve-snapshot-name' here to avoid cyclic dependencies
move it from qemu-server as it was also used in pve-container and
pve-manager (pvesr), while guest-commons AbstractConfig could be a
fit too, just move it here as all depending on this already use
JSONSchema and it just fits here...

Break respective qemu-server version

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-21 12:51:16 +01:00
Thomas Lamprecht
4fdf30c439 followup: add verbose_description to new mac-addr standard option
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-14 09:49:54 +01:00
Stoiko Ivanov
a750d596c2 JSONSchema: Adapt MAC address format to unicast
MAC-addresses having the LSB of the first octet set, are considered
multicast-addresses (see [0,1]).

the 'mac-addr' format got changed to only permit unicast addresses, which should
work for its current use-case (WOL for nodes).
additionally a default option was registered via register_standard_option to be
used in both PVE::LXC::Config and PVE::QemuServer.

[0] https://lists.linuxcontainers.org/pipermail/lxc-users/2010-August/000783.html
[1] https://en.wikipedia.org/wiki/MAC_address

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-03-14 09:41:12 +01:00
Oguz Bektas
4cd6dc0a98 fix #2111: regex match for email addresses
now allows:
* addresses without tld (f.e. user@localhost per bug)
* remove limits for number of subdomains
* allow +, -, ~ in local part
* disallow double dots (.. .a. etc) and dots in the end (abc.@mail.com)

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Acked-by: Dominik Csapak <d.csapak@proxmox.com>
2019-03-01 10:36:50 +01:00
Christian Ebner
ad2cc59995 Fix 1891: Add zsh command completion generator
This adds the function needed to generate the zsh autocompletion scripts.
Using the bash completion code path, this generates the list of possible
completions and adds them to the zsh completion by compadd.
For the autocompletion scripts to be loaded automatically, the following two
lines have to be placed in the .zshrc:

autoload -U compinit
compinit

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
2019-02-20 12:11:42 +01:00
Rhonda D'Vine
3b3ae60e09 partially fix #2023: Switch to https for yubico.com API
Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-19 14:23:50 +01:00
Wolfgang Bumiller
243c4e5892 tools: add dev_t_major/minor
Extract major/minor from `dev_t` values as found in stat()
calls, with support for the full 32 bit values.

The device value returned by stat() is 32 bits long and encoded as
high 12 bit of the minor value as in the 12 MSBs, 12 bit major value,
then the low 8 bit of the minor value in the low byte.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 11:36:35 +01:00
Thomas Lamprecht
cee0e23ac0 Tools: add fsync sycall
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-31 11:42:17 +01:00
Christian Ebner
14324ea874 JSONSchema: Add format for MAC address verification
Adds a format to verify MAC addresses to JSONSchema.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
2019-01-22 11:11:43 +01:00
Oguz Bektas
3b44baed32 fix defaults for standard_output_options
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2019-01-09 17:20:10 +01:00
Tim Marx
b3e3b51ba0 INotify: fix wording in networkdoc
Signed-off-by: Tim Marx <t.marx@proxmox.com>
2019-01-03 09:03:46 +01:00
Dominik Csapak
639c3030a7 SysFSTools: add return format comments
for lspci and get_mdev_types

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2018-11-26 13:04:56 +01:00