On 6/17/19 12:02 PM, Alexandre DERUMIER wrote:
>>> FYI: if this really needs to be an observed file one also needs to add
>>> it to the respective hash in data/src/status.c (memdb_change_array)
>
> didn't known that. As almost all datacenter config files where in observed
> file,
> I simply put
On 6/17/19 11:26 AM, Alexandre Derumier wrote:
> add missing jsonschema for api, and rename $network to $sdn everywhere
>
> Alexandre Derumier (3):
> add pve-network-id jsonschema
> api: add missing additional properties=0 on network reload/revert
> rename $network to $sdn everywhere
>
>
Signed-off-by: Stefan Reiter
---
Based on recent conversation in pve-user list.
pvecm.adoc | 33 +++--
1 file changed, 31 insertions(+), 2 deletions(-)
diff --git a/pvecm.adoc b/pvecm.adoc
index 61453f7..773c2dd 100644
--- a/pvecm.adoc
+++ b/pvecm.adoc
@@ -149,7
On 6/17/19 2:15 PM, Oguz Bektas wrote:
> now generates & verifies with hmac_sha1. also left the old digest format
> for backwards compatibility during verification, to be removed at some
> later time.
>
> Signed-off-by: Oguz Bektas
> ---
> src/PVE/Ticket.pm | 7 +--
> 1 file changed, 5
Polished phrasing
Signed-off-by: Aaron Lauterer
---
certificate-management.adoc | 88 +
1 file changed, 50 insertions(+), 38 deletions(-)
diff --git a/certificate-management.adoc b/certificate-management.adoc
index 81660b2..d128c30 100644
---
Polished phrasing, tried to make some explanations easier to comprehend,
changed the styling of interfaces in the `Naming Conventions` section
Signed-off-by: Aaron Lauterer
---
pve-network.adoc | 302 ---
1 file changed, 153 insertions(+), 149
Polished the phrasing
Signed-off-by: Aaron Lauterer
---
pve-external-metric-server.adoc | 39 ++---
1 file changed, 21 insertions(+), 18 deletions(-)
diff --git a/pve-external-metric-server.adoc b/pve-external-metric-server.adoc
index c9e1107..1d6efeb 100644
---
Polished phrasing, aligned CLI commands style
Signed-off-by: Aaron Lauterer
---
local-lvm.adoc | 126 -
1 file changed, 72 insertions(+), 54 deletions(-)
diff --git a/local-lvm.adoc b/local-lvm.adoc
index 2489b9d..b153862 100644
---
Polished phrasing.
Signed-off-by: Aaron Lauterer
---
sysadmin.adoc | 49 +++--
1 file changed, 23 insertions(+), 26 deletions(-)
diff --git a/sysadmin.adoc b/sysadmin.adoc
index 21537f1..ef184ae 100644
--- a/sysadmin.adoc
+++ b/sysadmin.adoc
@@ -5,31
Polished Phrasing, aligned CLI command styling and line width
Signed-off-by: Aaron Lauterer
---
pve-package-repos.adoc | 118 +
1 file changed, 60 insertions(+), 58 deletions(-)
diff --git a/pve-package-repos.adoc b/pve-package-repos.adoc
index
Polished phrasing, restuctured `advantages` list and removed double
entries, extended RAID level descriptions, aligned CLI commands style
Signed-off-by: Aaron Lauterer
---
local-zfs.adoc | 295 -
1 file changed, 170 insertions(+), 125 deletions(-)
All files regarding the Host System Administration chapter.
Aaron Lauterer (10):
Rewrite Sysadmin
Rewrite Package Repositories
Rewrite System Software Updates
Rewrite Network
Rewrite Timesync
Rewrite External Metric Server
Rewrite Disk Health Monitoring
Rewrite LVM - admin section
Polished phrasing
Signed-off-by: Aaron Lauterer
---
pve-disk-health-monitoring.adoc | 34 +
1 file changed, 18 insertions(+), 16 deletions(-)
diff --git a/pve-disk-health-monitoring.adoc b/pve-disk-health-monitoring.adoc
index 8ea9d5f..5b03c1c 100644
---
Polished phrasing
Signed-off-by: Aaron Lauterer
---
system-timesync.adoc | 28 ++--
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/system-timesync.adoc b/system-timesync.adoc
index c64455c..b3ffe5b 100644
--- a/system-timesync.adoc
+++
Polished phrasing and aligned CLI command styling
Signed-off-by: Aaron Lauterer
---
system-software-updates.adoc | 28 +++-
1 file changed, 15 insertions(+), 13 deletions(-)
diff --git a/system-software-updates.adoc b/system-software-updates.adoc
index 04c17f3..50f8c8e
Polished phrasing, added mentions of the EULA and summary page in the
installer, unified style of cli commands.
Signed-off-by: Aaron Lauterer
---
pve-installation.adoc | 251 ++
1 file changed, 129 insertions(+), 122 deletions(-)
diff --git
Polished phrasing and restructured the requirements list a little bit
Signed-off-by: Aaron Lauterer
---
pve-system-requirements.adoc | 68
1 file changed, 37 insertions(+), 31 deletions(-)
diff --git a/pve-system-requirements.adoc
Polished the phrasing, aligned different names for a USB flash drive,
renamed OS X to macOS, changed primary recommendation for Windows to
Rufus, removed mention of os forensics.
Rufus now supports `dd` mode and is a much smaller download than
etcher.
Signed-off-by: Aaron Lauterer
---
And here are the other files that I missed to add[0].
[0]: https://pve.proxmox.com/pipermail/pve-devel/2019-June/037582.html
Aaron Lauterer (3):
Rewrite Installation
Rewrite System Requirements
Rewrite Install from USB flash drive
pve-installation.adoc| 251
Polished the phrasing and restructured some parts to improve readability
and comprehension.
Signed-off-by: Aaron Lauterer
---
pve-intro.adoc | 229 +++--
1 file changed, 108 insertions(+), 121 deletions(-)
diff --git a/pve-intro.adoc b/pve-intro.adoc
Polished phrasing
Signed-off-by: Aaron Lauterer
---
howto-improve-pve-docs.adoc | 29 ++---
1 file changed, 14 insertions(+), 15 deletions(-)
diff --git a/howto-improve-pve-docs.adoc b/howto-improve-pve-docs.adoc
index c0d277e..41a465c 100644
---
This is V2 of my previous attempts[0],[1] to improve the documentation.
Proposed fixes found by @Dominic Jäger were considered and should be
fixed with this.
[0]: https://pve.proxmox.com/pipermail/pve-devel/2019-June/037484.html
[1]:
Polished phrasing
Signed-off-by: Aaron Lauterer
---
getting-help.adoc | 33 -
1 file changed, 16 insertions(+), 17 deletions(-)
diff --git a/getting-help.adoc b/getting-help.adoc
index 850d7a3..fef6f96 100644
--- a/getting-help.adoc
+++ b/getting-help.adoc
@@
Polished phrasing
Signed-off-by: Aaron Lauterer
---
translation.adoc | 33 ++---
1 file changed, 18 insertions(+), 15 deletions(-)
diff --git a/translation.adoc b/translation.adoc
index ff99296..42d2f26 100644
--- a/translation.adoc
+++ b/translation.adoc
@@ -6,24
Signed-off-by: Oguz Bektas
---
PVE/AccessControl.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 5de060d..499f0be 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -212,7 +212,7 @@ my $csrf_prevention_secret;
now generates & verifies with hmac_sha1. also left the old digest format
for backwards compatibility during verification, to be removed at some
later time.
Signed-off-by: Oguz Bektas
---
src/PVE/Ticket.pm | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git
we use sha1 while generating our csrf token, switched to hmac sha256 as
suggested in owasp csrf cheatsheet[0].
[0]:
https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.md#token-based-mitigation
pve-access-control:
Oguz Bektas (1):
On 6/14/19 2:35 PM, Tim Marx wrote:
> This patch depends on:
> qemu-server: e1f0fbf4448b374eb9a19502aee565adb5be7ec0
>
> This patch refactors the migrate ui to incoperate the viewmodel approach
> which should help if we need to add functionality in future iterations.
> Additionally it is now
On 6/14/19 2:35 PM, Tim Marx wrote:
> Signed-off-by: Tim Marx
> ---
> changes since v1:
> * removed storage scan
> * sqashed commits
> * changed hash access
> * changed array creation
>
applied, thanks!
___
pve-devel mailing list
hi,
do not apply, i'll look into other algorithms to decide what's best
On Mon, Jun 17, 2019 at 11:53:52AM +0200, Oguz Bektas wrote:
> we use sha1 for generating our csrf token. switch to hmac sha1 for protection
> against length extension attacks and reduce possible collisions.
>
> Oguz Bektas
On 6/17/19 12:18 PM, Stefan Reiter wrote:
> I just tested with '-e', it does not return true for a broken symlink.
> It does however return true for directories, which I'm not sure should be
> deleteable via the API? I think '-f' and '-l' are the better solution here.
unlink does nothing on
Thanks for applying, will include a changelog next time.
> On June 17, 2019 at 11:55 AM Thomas Lamprecht wrote:
>
>
> On 6/17/19 11:05 AM, Stefan Reiter wrote:
> > Symlinks with a non-existing target fail Perls '-f' test and were thus
> > not deleteable via the API (failing with '$path does
>>FYI: if this really needs to be an observed file one also needs to add
>>it to the respective hash in data/src/status.c (memdb_change_array)
didn't known that. As almost all datacenter config files where in observed file,
I simply put also sdn.cfg too.
I'm not sure if we need it here ? (Don't
On 6/17/19 11:05 AM, Stefan Reiter wrote:
> Broken symlinks (and other files without a size) will now show up as 0
> byte instead of causing a format validation error in the API.
>
> Signed-off-by: Stefan Reiter
> ---
applied, please try to include a (short) change log between this and
the
On 6/17/19 11:05 AM, Stefan Reiter wrote:
> Symlinks with a non-existing target fail Perls '-f' test and were thus
> not deleteable via the API (failing with '$path does not exist').
>
> Signed-off-by: Stefan Reiter
> ---
>
> Deleting intact symlinks deletes the symlink but leaves the file it
>
now generates & verifies with hmac_sha1. also left the old digest format
for backwards compatibility during verification, to be removed at some
later time.
Signed-off-by: Oguz Bektas
---
src/PVE/Ticket.pm | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git
we use sha1 for generating our csrf token. switch to hmac sha1 for protection
against length extension attacks and reduce possible collisions.
Oguz Bektas (1):
pve-access-control:
use hmac_sha1 instead of sha1 for csrf token
PVE/AccessControl.pm | 2 +-
1 file changed, 1 insertion(+), 1
Signed-off-by: Oguz Bektas
---
PVE/AccessControl.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 5de060d..59a586e 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -212,7 +212,7 @@ my $csrf_prevention_secret;
On 6/17/19 11:26 AM, Alexandre Derumier wrote:
> Signed-off-by: Alexandre Derumier
> ---
> data/PVE/Cluster.pm | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
> index 18bd235..b53dcd7 100644
> --- a/data/PVE/Cluster.pm
> +++
Signed-off-by: Alexandre Derumier
---
PVE/API2/Network/SDN.pm | 6 ++
1 file changed, 6 insertions(+)
diff --git a/PVE/API2/Network/SDN.pm b/PVE/API2/Network/SDN.pm
index 2efc620..79aff4a 100644
--- a/PVE/API2/Network/SDN.pm
+++ b/PVE/API2/Network/SDN.pm
@@ -163,6 +163,9 @@
Signed-off-by: Alexandre Derumier
---
PVE/API2/Network/SDN.pm | 120
PVE/Network/SDN.pm | 26 ++---
PVE/Network/SDN/Plugin.pm | 36 +++
PVE/Network/SDN/VlanPlugin.pm | 30 +++---
Signed-off-by: Alexandre Derumier
---
PVE/API2/Cluster.pm | 7 +++
debian/control | 1 +
2 files changed, 8 insertions(+)
diff --git a/PVE/API2/Cluster.pm b/PVE/API2/Cluster.pm
index 8af5f3f0..c826aecf 100644
--- a/PVE/API2/Cluster.pm
+++ b/PVE/API2/Cluster.pm
@@ -23,6 +23,7 @@ use
Signed-off-by: Alexandre Derumier
---
data/PVE/Cluster.pm | 2 ++
1 file changed, 2 insertions(+)
diff --git a/data/PVE/Cluster.pm b/data/PVE/Cluster.pm
index 18bd235..b53dcd7 100644
--- a/data/PVE/Cluster.pm
+++ b/data/PVE/Cluster.pm
@@ -95,6 +95,8 @@ my $observed = {
'ha/fence.cfg' => 1,
Signed-off-by: Alexandre Derumier
---
PVE/Network/SDN/Plugin.pm | 16
1 file changed, 16 insertions(+)
diff --git a/PVE/Network/SDN/Plugin.pm b/PVE/Network/SDN/Plugin.pm
index 3f6d808..3dca387 100644
--- a/PVE/Network/SDN/Plugin.pm
+++ b/PVE/Network/SDN/Plugin.pm
@@ -18,6
add missing jsonschema for api, and rename $network to $sdn everywhere
Alexandre Derumier (3):
add pve-network-id jsonschema
api: add missing additional properties=0 on network reload/revert
rename $network to $sdn everywhere
PVE/API2/Network/SDN.pm | 126
Broken symlinks (and other files without a size) will now show up as 0
byte instead of causing a format validation error in the API.
Signed-off-by: Stefan Reiter
---
PVE/Storage.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/PVE/Storage.pm b/PVE/Storage.pm
index
Symlinks with a non-existing target fail Perls '-f' test and were thus
not deleteable via the API (failing with '$path does not exist').
Signed-off-by: Stefan Reiter
---
Deleting intact symlinks deletes the symlink but leaves the file it
points to intact. This behaviour has not changed with
On 6/14/19 3:37 PM, Alwin Antreich wrote:
> This patch adds zstd for backup/restore. It also factors out the common
> parts on the decompression tools. Sadly tar 1.31 (includes zstd) was not
> available at the time of writing this patch.
>
This does much more than I'm confortable with for such a
On 6/14/19 3:37 PM, Alwin Antreich wrote:
> This patch adds support to restore archives that have been compressed
> with a compressor not natively supported by tar. This had to be added
> for zstd support.
yeah, tha's nice, but that's "what" not how/why...
I.e., no words about that the zstd
On 6/14/19 3:37 PM, Alwin Antreich wrote:
> For less and cleaner code, use a hash for de-compressor commands instead
> of the 'long' if-elsif statement.
>
squash that with 1/3, or better try to pull the decompressor_ method
out in a separate patch, with this already applied, and not mixed in
On 6/14/19 3:37 PM, Alwin Antreich wrote:
> Recognize the .zst file extention for the zstd de-compression
>
this patch seems reasonable, not yet tested though
> Signed-off-by: Alwin Antreich
> ---
> PVE/QemuServer.pm | 8
> 1 file changed, 8 insertions(+)
>
> diff --git
On 6/14/19 3:37 PM, Alwin Antreich wrote:
> This patch removes the code duplication from extract_vzdump_config_vma,
> as it has been factored out for wider use.
>
> With the introduction of the zstd decompression, most parts of this code
> has been used also for the CT backup extraction and was
52 matches
Mail list logo