a few things were missing for it to work:
* on the cli, we have to get the option as an array if the type is an
array
* the untainting must be done recursively, otherwise, the regex matching
converts an array hash into the string 'ARRAY(0x123412341234)'
* JSONSchema::parse_config did not handle array formats specially, but
we want to allow to specify them multiple time
* the biggest point: in the RESTHandler, to be compatible with the
current gui behavior, we have to rewrite two parameter types:
- when the api defines a '-list' format for a string type, but we get
a list (because of the changes in http-server), we join the list
with a comma into a string
- when the api defines an 'array' type, but we get a scalar value,
wrap the value in an array (because for www-form-urlencoded, you
cannot send an array with a single value) add tests for this
behavior, some of which we want to deprecate and remove in the
future
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This makes the description consistent with the other places that
have bwlimit as a parameter as well.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
its use was dropped with qemu-server 7.2-7 which we already
have a 'Breaks' entry for, so no bump required there
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
It's not just a build-dependency. Noticed during an sbuild of
qemu-server that would fail with, because it couldn't locate the
AnyEvent module used in RESTEnvironment.pm.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Reduce wasting vertical space for both, the command description and
the property description, just print the respective text at the next
line, with no extra empty line in between.
For better visual command separation color would help more.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
According to rfc2986 the only valid version is 0. No newer rfc changed
that.
See section 4.1:
https://www.rfc-editor.org/rfc/rfc2986#section-4.1
Manually verifying the CSR with openssl results in the following error:
```
$ openssl req -in bad.csr -text -noout
Certificate Request:
Data:
Version: Unknown (2)
```
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
with a rough check and a slight amount of hope that nothing else in
the module dependent on turning that off for the whole module
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
to please perlcritic's highest severity level and as it makes just
sense to contain such things to the smallest possible scope.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
I assumed that the 'priv' and 'pub' RESTEnvironment types always
contained an AnyEvent eventloop, but this is actually not the case in
pvestatd and pvescheduler.
But it depended on the used model that AnyEvent used (and auto
detected) if this wrong assumption worked or not. With the
AnyEvent::Impl::Perl there weren't any problems and it seemingly
worked by accident, but when using AnyEvent::Impl::EV (which is
autodetected and used when libev-perl is installed) it interfered
with our SIG_CHLD handlers and only ever called them once. (Not clear
why this happens, maybe because AnyEvent is not setup correctly).
This patch uses $AnyEvent::MODEL as a detection instead since this is
`undef` until the first AnyEvent watcher is created, which should be
only the case where we really use AnyEvent, such as pveproxy and
pvedaemon.
Fixes: 6870afa ("RESTEnvironment: better SIGCHLD handling in AnyEvent event loop")
Link: https://lists.proxmox.com/pipermail/pve-devel/2023-March/056057.html
Suggested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
print_errs (which is also called internally by die_now) will only
'warn' the collected error stack if the log level is set to tracing.
otherwise, it will just return the error message(s) corresponding to
the error stack as string.
while they are not always the most user-friendly ones, they do
provide additional context that might help to find out what is
actually causing a particular failure. both helpers here actually
provide a meaninful user friendly context (via $msg) as final line.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
[ T: resolve merge conflict due to dropped warn helper ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This is a pattern that can be found often in Proxmox VE's API stack,
so implement it centrally here for re-use.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
when we're in an API server that uses AnyEvent, we must postpone
the worker_reaper, since it calls 'active_workers' which might already
be called and then we're inside the lock twice (flocks are per process
for us, see PVE::Tools::lock_file)
This resulted in an error like this:
close (rename) atomic file '/var/log/pve/tasks/active' failed: No such file or directory
We use the fact that only 'pub' and 'priv' RESTEnvironment types are an
api server with anyevent. For other types we call it like before.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
If one sets a param hard-coded to the same vallue in all but one case
it often is a nicer to negate it and but it at the end.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Otherwise the created vlan bridge has the default MTU, which is
unexpected when the original bridge has some other MTU configured.
We already do this for the firewall bridges, so we should do so too for
the vlan bridges.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
This patch introduces callback based filtering functionality for logfile dumps.
Further, the `dump_logfile` function is split into a reusable part for dumps
generated based on a filehandle. The state parameter can be used to keep the
state for multiple consecutive function invocations.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
It's possible to have a
/proc/sys/net/ipv6/ directory
but no
/proc/sys/net/ipv6/conf/$iface/disable_ipv6
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
