also rearranged the regex groups to allow sk-ecdsa-sha2-...
note: FIDO keys are now parsable, the backend only supports it with
OpenSSH >= 8.2. This may be achieved with upgrading to PVE 7 or
using a back port.
so that they are documented and get displayed by pvesh/pvenode
all those fields must exists (since they come from the upid)
aside from the exitstatus, so marking that as optional
forum user reported that they are missing:
https://forum.proxmox.com/threads/ergebnis-eines-tasks-per-api-abfragen.92267/
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The check isn't specific enough, it also catches deb-src entries and
would give a false impression of security in certain circumstances, or
lead to false negatives in case you have a deb-src entry for
buster/updates even though you have bullseye-security in just the next
line -- something that isn't that uncommon for developers.
Signed-off-by: Rhonda D'Vine <rhonda@deb.at>
Reviewed-by: Fabian Ebner <f.ebner@proxmox.com>
If the same local storage is configured twice with content type
separation, migration in PVE 6 would lead to the volumes being
duplicated. As that would happen for every migration, such an issue
would likely be noticed already, and in PVE 7 such configuration is
not problematic for migration anymore. Also, misconfigured
unreferenced volumes are not an issue with respect to the upgrade
itself, just drop the check.
It's not necessary to scan storages with either 'images' or 'rootdir'
anymore, as only the log_info() remains.
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Shared storages are not scanned for migration either, so they cannot
be problematic in this context. This could lead to false positives
where it actually is completely unproblematic:
https://forum.proxmox.com/threads/proxmox-ve-7-0-released.92007/post-401165
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
we filtered out devices which belong into the 'Generic System Peripheral'
category, but this can contain actual useful pci devices
users want to pass through, so simply do not filter it by default.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
we incorrectly used 'total' as 100% of the to recovered objects here,
but that containst the total number of *bytes*.
rename 'toRecover' to better reflect that the unit is 'objects' and
use that as total
reported by a user:
https://forum.proxmox.com/threads/bug-ceph-recovery-bar-not-showing-percentage.91782/
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
It needs to be a 'proxmoxButton' to get activated when selecting a HA
ressource. This was lost during the last code cleanup, commit d11524c.
Signed-off-by: Aaron Lauterer <a.lauterer@proxmox.com>
we don't have a mandatory Ceph major version upgrade this time around,
so this check does not make sense. instead, we want noout until the full
cluster is upgraded. let's use the simple approach and just flip the
switch to "turn off noout if all of Ceph is a single version" in the PVE
7.x branch.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
these were mostly relevant for the Luminous -> Nautilus upgrade, and we
don't need to list all the default passing states that our tooling sets
up anyway.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
the old one is not available post-upgrade, let's use a single codepath
for this.
the new API only allows querying user-settable flags, but the only flags
we check besides 'noout' are not relevant for an upgrade of PVE 6.x to
7.x (PVE 6.x only supports Nautilus+ which requires these flags to be
set in order to work) so we can just drop those outdated checks instead
of extending/refactoring the API.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Helpers copied from pve-container to avoid versioned bumps.
Early returns when no containers are running, or the containers don't
use systemd, as well as returning after finding the first affected
container to minimize impact and resource usage.
Checking running containers first since following /proc/<pid>/root is
cheaper than mounting all volumes for a container
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Non-production repositories will always pull in their newer software,
so even if enterprise+subscription is OK we should mark it with
priority if, e.g., pvetest is enabled.
There was also a bug regarding the all OK state
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
the 14px over 13px is not much, but as that is the font-size intended
for font-awesome it makes it all look nicer together
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
use a flex box with centered columns instead, that needs adding a div
per row, but that's IMO actually making it more clear what a row is
anyway.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Firefox doesn't correctly break to the next line if the line-height
is set as is (with certain fonts, including the default on debian it
seems). Simply remove it, as it isn't necessary.
Suggested-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
The nvme-cli package is recommended by (our) Ceph packages, but here
--no-install-recommends is used to avoid pulling in too much.
The issue with not installing nvme-cli is that a "security
information" mail notification is triggered by sudo each time Ceph
tries to get the device health metrics. While there is a sudoers
rule for /usr/sbin/nvme, Ceph uses 'sudo nvme ...', so it does not
apply when the package is not installed.
This didn't seem to happen with sudo in buster.
It's about 1 MiB of additional packages (nvme-cli + uuid-runtime).
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
