add a default virtual zone called 'localnetwork' in the ressource tree,
and handle permissions like a true sdn zone
(no conflict with true sdn zone is possible, as they have 8 characters max)
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
This is weird and buggy and breaches the unpriv./priv. separation of
our api daemons, so root-only for now and possibly removal soon.
note that this had several limitations already anyway, like running
in sync context and thus failing after 30s.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
One must not call gettext on the already formatted string, as we
cannot translate it for any possible value, rather the format string
it self needs to be gettext'd, then the translator can position the
variable template placeholders however it's correct for their
language without having to care about any value this could be called
with.
Fixes: d057929f ("ui: user view: fix calling order of gettext")
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The pool number is shown in a few places, having it easily accessible
can help to understand which pool a warning/error refers to.
For example, the PG ID consists of '{pool nr}.{pg nr}' and is shown in
every warning concerning that PG.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
Rather than failing with an error claiming that the job doesn't exist.
The disabled status will be visible in the result of the call.
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Adds a default-on checkbox to the QEMU Guest Agent feature selector
controlling the 'fs-freeze-on-backup' option. If unchecked, an
additional warning is displayed that backups can potentially corrupt
with this setting off.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
the cloudinit options except for ipconfig are all modifiable with just
"VM.Config.Cloudinit".
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
nested conditionals stretching over multiple lines are always a bit hard to
untangle, so let's make it explicit:
1. is the interface a bridge
2. if it is, are we looking for one?
3. is it something else that we are looking for?
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Like it did here before 9f65a584 ("api: backup: update: check
permissions of delete params too") and like it does in the create
case.
This should not have a practical effect, it's mostly for consistency
and to avoid anybody reading anything into the different orders of
checks between update and create.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
In particular this ensures that the user is allowed to remove data on
the storage, because configuring low retention results in removed
older backups. Of course setting the storage itself also needs to
require the same privilege then.
This is a breaking API change, but it seems sensible to require
permissions on the affected storage too.
Jobs with a dumpdir setting can be configured by root only.
Suggested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
factor out the relevant privilege checks in a variable and reuse that,
also add the check in the run_editor (or wrap it with a check) so that
the edit windows don't open with a double click without those privileges
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Use enableFn to enable/disable the toolbar buttons according to the
existing privileges.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ D: adapted commit subject and added commit message ]
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The current VM.Console cap is wrong.
Only log panel needs VM.Console, the other ones only need VM.Audit.
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
[ D: rewrite commit message a bit ]
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Commit e97c2601 ("change to debian font-awesome") removed the usage of
the in-tree font-awesome files, replacing them with the Debian package.
Thus clear out these leftovers out, as they are completely usused.
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
GnuPG chokes on it otherwise...
Fixes: 00ea2e4b ("aplinfo: use sequioa for key ring generation")
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
a typical CRUD panel for adding/editing/removing realm sync jobs
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
otherwise, we cannot correctly match types that contain a hyphen,
since the id itself can also contain those.
creating a regex where the first part is the concrete allowed
types followed by a hyphen + id can also match those.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This reverts 7420d7ff ("zstd: add --rsyncable flag")
That flag causes severe slow downs on fast disks, and we still have
other rsyncable compressors available.
It was originally added based on wrong documentation that made the
performance impact look a lot smaller than it actually is.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
To provide similar output on the CLI as is possible in the GUI/API
regaring OSD details.
By default (output-format=text) a more concise output is shown. Using
json or yaml as output format will print all the available data.
The 'verbose' flag causes json-pretty output to be used.
The functionality is split between the actual function and the output
formatter as not all options/parameters are available in each.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
by removing the references and change the one place where we used one
of the references.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
makes it possible to optionally set the 'subdir' parameter when
adding a new CIFS storage.
Signed-off-by: Leo Nunner <l.nunner@proxmox.com>
[ T: reword/flow commit message slightly ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
