Re: [pve-devel] [PATCH pve-container 1/1] Adding new mount point type named 'zfs' to let configure a ZFS dataset as mount point for LXC container

--- Begin Message --- Hello, > most tools have ways to exclude certain paths ;) Yeah - and every time when this "need to be excluded datasets" list/names changed we need to update exclude options for this tools as well. It seems that just make this datasets not visible to host is simpler,

[pve-devel] [PATCH pve-storage/pve-manager 1/3 v2] recursively go through subdirs to find files

This patch allows `get_subdir_files` to recursively call itself, so that subdirectories of set depth can be searched. We allow searching for isos, vztmpl and snippets but not backups. As a security measure, when parsing a given path, parent directories (`/../`) are forbidden. The feature is

[pve-devel] [PATCH pve-storage/pve-manager 3/3 v2] update test for recursive subdir search

Tests now also test if traversing subdirectories works. That means checking if: - parent directories in paths are caught - checking that nested files are found - checking that files below the maximum depth set are not found Signed-off-by: Noel Ullreich --- test/filesystem_path_test.pm | 18

[pve-devel] [PATCH pve-storage/pve-manager 0/3 v2] fix #623: show isos/vztmpl/snippets in subdirs

This patch fixes #623, allowing isos/vztmpl/snippets in subdirectories. This feature is opt-in and can be set from the API, web interface or with `pvesm`. I addressed the security concerns raised by Fabian, now parent directories in the path (i.e. `/my/path/../somewhere/`) are forbidded. I have

[pve-devel] [PATCH pve-storage/pve-manager 1/1 v2] add field to set subdir-depth in web interface

When adding or editing a storage device in Datacenter->Storage in the web interface, the subdirectory depth can be set in the advanced menu. Signed-off-by: Noel Ullreich --- www/manager6/storage/Base.js | 11 +++ 1 file changed, 11 insertions(+) diff --git

[pve-devel] [PATCH pve-storage/pve-manager 2/3 v2] add `subdir-depth` option to filesystems

Add the `subdir-depth` to the filesystems that can hold isos/vztmpl/snippets. Signed-off-by: Noel Ullreich --- PVE/Storage/CIFSPlugin.pm | 1 + PVE/Storage/CephFSPlugin.pm| 1 + PVE/Storage/DirPlugin.pm | 1 + PVE/Storage/GlusterfsPlugin.pm | 1 + PVE/Storage/NFSPlugin.pm |

Re: [pve-devel] [PATCH-SERIES v2 qemu] update to QEMU 8.0

Am 15.05.23 um 15:51 schrieb Fiona Ebner: > I should also mention that I ran into a migration issue today where a > guest crashed (inside the VM, QEMU itself seemed fine), because of I/O. > Might be related to PBS backup, local disks and/or snapshots. Will need > to debug and see if I can

Re: [pve-devel] [PATCH widget-toolkit] tfa: improve UX for recovery keys and when none are left

comments inline for a few things i noticed right away (this was no in-depth review...) On 5/16/23 13:22, Wolfgang Bumiller wrote: If we get an empty challenge, tell the user to contact an administrator as it means no 2nd factors and no recovery keys are available. Currently if only 1 key was

[pve-devel] [PATCH widget-toolkit] tfa: improve UX for recovery keys and when none are left

If we get an empty challenge, tell the user to contact an administrator as it means no 2nd factors and no recovery keys are available. Currently if only 1 key was available and it had a high ID, we'd show something like: "Recovery keys available: 9, Warning, less than 4 keys available." Let's

[pve-devel] [PATCH V2 pve-qemu] add patch: add memory allocator detection and use malloc_trim for glibc only

Detect if a different allocator than glibc malloc is linked with LD_PRELOAD, and call malloc_trim() only for glibc malloc This patch is mostly copy/paste from haproxy https://github.com/haproxy/haproxy/blob/master/src/pool.c Signed-off-by: Alexandre Derumier ---

[pve-devel] [PATCH pve-manager 1/1] ui: qemu : add tuning option

with memory allocator property Signed-off-by: Alexandre Derumier --- www/manager6/Makefile | 1 + www/manager6/Utils.js | 13 + www/manager6/form/TuningSelector.js | 41 + www/manager6/qemu/Options.js| 14 ++ 4

[pve-devel] [PATCH-SERIES v2 qemu, qemu-server, manager 0/1] add tcmalloc support

This patches series add support for tcmalloc allocator with a new optionnal tuning option in qemu-server. tcmalloc improve librbd performance by 30% in latency and iops. some performance bench results: malloc: 60k iops 4k randread tcmalloc : 90k iops 4k randread a qemu patch is provided, to

[pve-devel] [PATCH qemu-server 1/1] qemu options: add tuning allocator

Add a new tuning option with allocator property. Available values: - Default is 'system', aka glibc malloc - tcmalloc (improve performance ceph librbd) Signed-off-by: Alexandre Derumier --- PVE/QemuServer.pm | 35 +++ 1 file changed, 35 insertions(+) diff --git

[pve-devel] applied-series: [PATCH firewall 1/2] icmp: factor out check for relevant protocols

Am 16/05/2023 um 11:09 schrieb Fabian Grünbichler: > this were not entirely consistent and sometimes the checks were repeated. > > Signed-off-by: Fabian Grünbichler > --- > src/PVE/Firewall.pm | 17 - > 1 file changed, 12 insertions(+), 5 deletions(-) > > applied series,

[pve-devel] [PATCH firewall 1/2] icmp: factor out check for relevant protocols

this were not entirely consistent and sometimes the checks were repeated. Signed-off-by: Fabian Grünbichler --- src/PVE/Firewall.pm | 17 - 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm index a16c035..5fa264a 100644 ---

[pve-devel] [PATCH firewall 2/2] fix #4730: add safeguards to prevent ICMP type misuse

without this additional conditions, it's possible to break the firewall by setting an ICMP-type value as dport for non-ICMP protocols, e.g. 'any' for 'tcp'. by rejecting the invalid rule/parameter, the rest of the ruleset is still applied properly, and the error messages are a lot more