Currently, as an unprivileged user with role PVEVMUser the GUI breaks
with an error after navigating to a VM's hardware tab. The reason is
that the frontend checks the GUI capabilities via accessing
`caps.mapping.hwrng`, but `caps.mapping` does not actually have a
property called `hwrng`.
The reason this does not trigger for more privileged users is that all
expressions involving `caps.mapping.hwrng` are short-circuited if the
user has privilege `VM.Config.HWType`, so `caps.mapping.hwrng` is
never evaluated.
Fixes: a47a8afb ("ui: let non-root users configure VirtIO RNG devices")
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
Reviewed-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Tested-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Tested-by: Stefan Hanreich <s.hanreich@proxmox.com>
Link: https://lore.proxmox.com/20250408163856.116576-1-f.weber@proxmox.com
[TL: typos in commit message]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
VirtIO-fs using writeback cache seems very broken at the moment. If a
guest accesses a file (even just using 'touch'), that the host is
currently writing, the guest can permanently end up with a truncated
version of that file. Even subsequent operations like moving the file,
will not result in the correct file being visible, but just rename the
truncated one.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
This looked very crammed and unpolished, with labels spanning multiple
lines, not following our standard title casing for labels, having text
in parenthesis on labels, having something like 'dirid' as empty text,
which gives the users exactly zero useful info, most of these should
have been noted in early review already.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The confirmation dialogs of the following actions are affected by this
change:
* Remove
* Clone
* Migrate
* Snapshot
* Snapshot restore
* Backup VM/CT from config view
* Restore VM/CT from config view
A combination of VM/CT id and name is added to each confirmation dialog.
The order of id and name depends on the sort field selected in the tree
settings. If "Name" is selected, the confirmation dialogs will show "VM
name (VMID)". In any other case, "VMID (VM name)" will be used.
The VM/CT name is considered optional in all handled cases. If it is
undefined, only the VMID will be displayed in the dialog window. No
exceptions are thrown in case of an undefined guest name because it
only extends the information displayed to the user and is not essential
for performing any of the actions above.
Signed-off-by: Michael Köppl <m.koeppl@proxmox.com>
This panel uses a view model for changing between mapping and raw for
disabling fields. Since the view model bindings take effect after
setVMConfig is called, the default value for 'isMapped' of true
overwrote the mode chosen from the config.
To fix that, set the value in the view model there too.
Additionally, check the 'mapped' radiobutton by default instead of
'raw', so that it is the same as the view model.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Link: https://lore.proxmox.com/20250407095029.2950635-1-d.csapak@proxmox.com
Also clarify the function comment with the original intention for why
this was added in the frontend (the backend cannot know which is
which), see commit fc3a88ad ("ui: qemu wizard: use better boot order
for second cd drive").
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Link: https://lore.proxmox.com/20250130094956.11374-1-f.ebner@proxmox.com
Expand input panel with AMD SEV-SNP selection, and relevant optional
parameters similar to existing options for AMD SEV(-ES).
Further, upon selecting AMD SEV-SNP, issue a warning that EFI disks
are not included when using SEV-SNP.
Signed-off-by: Philipp Giersfeld <philipp.giersfeld@canarybit.eu>
Tested-by: Markus Frank <m.frank@proxmox.com>
Reviewed-by: Markus Frank <m.frank@proxmox.com>
Allow non-root users with the VM.Config.HWType privilege to configure
/dev/urandom & /dev/random as an entropy source for a VirtIO RNG device.
Users with the Mapping.Use privilege on the /mapping/hwrng ACL path may
also configure /dev/hwrng as an entropy source.
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
When the network-get-interfaces API endpoint returns an error, the GUI
currently only displays "No network information" instead of the actual
error message. The reason is that `Ext.String.format` is applied to
`text` to fill in the error message, but the format string `text` does
not contain any tokens. Commit e7f07a2e ("show guest-agent provided ip
address in qemu summary"), which introduced the feature, added a
format string in a variable `msg`, but unintentionally did not use it.
The unused variable `msg` was then removed in 55ee6ba1 ("ui: eslint:
No unused or duplicate variables").
Fix error reporting by re-introducing and actually using the format
string. Also, htmlEncode the error message returned by the backend.
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
So we show the value as they get sent by the backend, and not get
interpolated as html.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Reported-by: Jens Krabbenhöft <jens@krabbenhoeft.net>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Enables us to use the new forward direction as an option when creating
or editing firewall rules. By introducing firewall_type we can switch
between the available directions depending on which ruleset is being
edited.
Signed-off-by: Stefan Hanreich <s.hanreich@proxmox.com>
Tested-by: Hannes Dürr <h.duerr@proxmox.com>
By adding a new input panel with an AMD SEV technology selection combo
box and checkboxes for the optional parameters in an advanced section,
the user can configure the amd_sev option via the WebUI's Options tab.
Signed-off-by: Markus Frank <m.frank@proxmox.com>
Reviewed-by: Shannon Sterz <s.sterz@proxmox.com>
[ TL: fleeced in a nit from Shannon and went further with some
personal ones, like using the field label as subject and avoiding
the exact onlineHelp until pve-docs is bumped ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Disables the "Regenerate image" button in the VM CloudInit tab for
users, which lack the necessary permission "VM.Config.CloudInit" for the
CloudInit update API endpoint.
This is a cosmetic change as the CloudInit update API endpoint would
fail because of insufficient permissions anyway.
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
Changes the behavior of the "Regenerate Image" button in the VM's
CloudInit tab from using the more expensive VM update API endpoint to
using the CloudInit update API endpoint.
Originally-by: Alexandre Derumier <alexandre.derumier@groupe-cyllene.com>
Signed-off-by: Daniel Kral <d.kral@proxmox.com>
The backend and this component accept both, a specific PCI id or a
named mapping since commit 8b33297c6 ("api/ui: improve mdev listing
for pci mappings"), so clarify that by updating the config property
from `pciid` to `pciIdOrMapping`, including the setter method.
Only the setter was used once by our single caller, so update that
there to use the new name.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Currently, when we have a PCI resource mapping, we manually check only
the available models for the first PCI entry. This often works, but not
always, since one could have completely different devices in one
mapping, or with the new NVIDIA sysfs api we don't get the generally
available models.
To improve this, extend the parameter for the PCI ID to accept both,
PCI IDs or named mappings, and for the latter mappings, iterate over
all local PCI devices in it and extract the mdev types.
Rename also the parameter to better reflect what it accepts. While the
this is changing a API parameter, it's not a breaking change in this
specific case because the parameter is derived from the URL path, and
any attempt to include the parameter with a name manually is not
possible and will result in an error:
duplicate parameter (already defined in URI) with conflicting values!
Since we cannot reach the API handler without giving the parameter
already via the URL, there is no way to give it via name.
Accepting named mappings directly in this API endpoint also vastly
simplifies the UI code, since we now only have to give the mapping to
the selector instead of an (arbitrarily selected) PCI id from that
mapping.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
[ TL: also split pciid into pci-id for readability and reword message
slightly ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Previously, the "Add -> TPM State" menu item in the GUI was disabled
if the user did not have Sys.Console privileges. This deviated from
the permission check in the backend, which does not require
Sys.Console but (among others) VM.Config.Disk.
Fix this inconsistency by checking for VM.Config.Disk in the frontend
instead of Sys.Console.
Reported in enterprise support.
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
The backend uses a 10 minute timeout for disk hot-unplug, so avoid
using the synchronous call which only has a 30 second timeout.
Commit 3b2e557f ("close #584: ui qemu: changed remove unused disk to
asynchron call") introduced the necessary functionality when removing
unused disks.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Avoids spawning a progress window for tasks that do complete more
quickly than the background delay.
Currently, the remove task is only asynchronous (i.e. using POST) when
it's for an unused disk, but this might change in the future (e.g. for
hot-unplug).
When adding a disk, a background delay of 5 seconds is already used.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
This is definitively a source of confusion otherwise.
Reported-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Added a proxmoxKVComboBox for selecting a vIOMMU implementation for a VM.
If i440fx is selected, another ComboBox will be enabled/visible that does not
have the Intel option, as Intel-vIOMMU is not compatible with i440fx.
Uses the new machine property-string from the qemu-server's "config: define
machine schema as property-string" commit and the viommu option added in the
qemu-server's "fix #3784: config: Parameter for guest vIOMMU + test-cases"
commit.
Signed-off-by: Markus Frank <m.frank@proxmox.com>
For SPICE and VNC, a different message is displayed.
The backend code for the clipboard option can be found in the
'config: enable vnc clipboard parameter in vga_fmt'-commit in qemu-server.
Signed-off-by: Markus Frank <m.frank@proxmox.com>
Implement a new "guest stop" confirmation message box which first
checks if there is an active shutdown task for the same guest that is
visible to the logged-in user. If there is at least one, the dialog
displays an additional default-on checkbox for overruling active
shutdown tasks. If the user confirms and the checkbox is checked, the
UI sends a guest stop API request with the `overrule-shutdown`
parameter set to 1. If there are no active shutdown tasks, or the
checkbox is unchecked, the UI sends a guest stop API request without
`overrule-shutdown`.
To avoid an additional API request for querying active shutdown tasks,
check the UI's current view of cluster tasks instead, which is fetched
from the `pve-cluster-tasks` store.
As the UI might hold an outdated task list, there are some
opportunities for races, e.g., the UI may miss a new shutdown task or
consider a shutdown task active even though it has already terminated.
These races either result in a surviving shutdown task that the user
still needs to abort manually, or a superfluous `override-shutdown=1`
parameter that does not actually abort any tasks. Since "stop
overrules shutdown" is merely a convenience feature, both outcomes
seem bearable.
The confirmation message box is now always marked as dangerous (with a
warning sign icon), whereas previously it was only marked dangerous if
the stop issued from the guest panel, but not when issued from the
resource tree command menu.
Signed-off-by: Friedrich Weber <f.weber@proxmox.com>
Reviewed-by: Dominik Csapak <d.csapak@proxmox.com>
[ TL: squash in some slightly opinionated code/style clean-ups ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This makes it possible to select any of the IP addresses listed in the
full view window to copy & paste it.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
[ TL: reworked subject ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
while a user can attach anything, we change the defaults for, e.g.,
scsi controller or network to virtio if this is ticked, so try to hint
that a bit better
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
in the case we add a second cd drive (for windows), we don't want the
backend logic to only include the first one, since we cannot know
which is bootable and which is (probably) the virtio iso.
so instead, emulate the backend logic for the wizard but include both cd
drives in that case, otherwise let the backend decide like before
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Having a second CD-drive is useful for adding the virtio-win driver
ISO for new installs, and thus we change the default disk type to scsi
and network type to VirtIO.
Add special logic to the OSTypeInputPanel when 'insideWizard' is true
to add an additional checkbox + iso selector
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
and make it into a proper field.
it's intended to be used like a single field, otherwise exactly as before
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Extend the current firewall log view to add date time based filtering.
The user can switch between live view, which shows logs from the
unrotated log file, or to filter mode, where date time based filtering,
including rotated logs can be performed.
Enable the feature by setting the property and the submit format
for since and until timestamps expected by the api.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
in the general tab in the advanced section.
For that to work, we introduce a new option for the TagEditContainer
named 'editOnly', which controls now the cancel/finish buttons,
automatically enter edit mode and disable enter/escape keypresses.
We also prevent now the loading of tags while in edit mode, so the tags
don't change while editing (this can be jarring and unexpected).
Then we wrap that all in a FieldSet that implements the Field mixin, so
we can easily use that in the wizard. There we set a maxHeight so that
the field can grow so that it still fits in the wizard.
To properly align the input with the '+' button, we have to add a custom
css class there. (In the hbox we could set the alignment, but this is
not possible in the 'column' layout)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
