Fiona Ebner ea4c1ccb2c remote migration: fix online migration via API clients ... As reported in the community forum [0], when a remote migration request comes in via an API client, the -T flag for Perl is set, so an insecure dependency in a call like unlink() in forward_unix_socket() will fail with: > failed to write forwarding command - Insecure dependency in unlink while running with -T switch To fix it, untaint the problematic socket addresses coming from the remote side. Require that all sockets are below '/run/qemu-server/' and end with '.migrate' with the main socket being matched more strictly. This allows extensions in the future while still being quite strict. [0]: https://forum.proxmox.com/threads/123048/post-691958 Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>		2024-09-06 19:02:46 +02:00
debian	bump version to 8.2.4	2024-07-30 21:36:29 +02:00
PVE	remote migration: fix online migration via API clients	2024-09-06 19:02:46 +02:00
qemu-configs	move qemu-configs to own directory	2019-09-24 18:59:35 +02:00
qmeventd	qmeventd: also treat 'prelaunch' and 'suspended' states as active	2024-04-23 16:46:20 +02:00
test	move helper to check running QEMU version out of the 'Machine' module	2024-07-30 21:19:51 +02:00
vm-network-scripts	firewall: add handling for new nft firewall	2024-04-19 20:09:20 +02:00
.gitignore	gitignore: sort content	2023-11-17 15:54:24 +01:00
bootsplash.jpg	add seabios bootsplash and use it	2016-09-08 12:22:01 +02:00
bootsplash.xcf	add seabios bootsplash and use it	2016-09-08 12:22:01 +02:00
Makefile	buildsys: rework clean target, avoid doc-gen one	2023-05-19 15:06:46 +02:00
modules-load.conf	remove unnecessary init.d, postint, postrm and qmupdate scripts	2015-02-27 16:09:41 +01:00
qm	convert qmrestore into a PVE::CLI class	2015-10-05 13:10:24 +02:00
qmextract	remove legacy sparsecp	2017-08-23 10:03:37 +02:00
qmrestore	convert qmrestore into a PVE::CLI class	2015-10-05 13:10:24 +02:00