- 13 Feb, 2024 3 commits
-
-
Andrew Walker authored
-
Andrew Walker authored
-
sonicaj authored
* Disable learning of bridge interface members This commit fixes an issue where on certain hardware, the bridge interface takes some time to set up, causing a delay in network setup and disrupting other services when they attempt to use the network. To address this issue after syncing with Caleb we decided that we will disable learning of all bridge members allowing the bridge to become active without unnecessary delay * Refactor bridge learning method name * Add a db field for bridge interface to configure learning * Make changes to reflect enable learning flag in the actual bridge interface configuration
-
- 12 Feb, 2024 5 commits
-
-
sonicaj authored
This commit fixes an issue where checking file's existence we were running it whereas it required middlewared to be actually running - now this becomes a problem in our unit tests pipeline as middleware is not running in the docker container we create and these changes are not really required either for us torun the unit tests etc.
-
bmeagherix authored
- On boot do not start with cluster_mode enabled on target extents. - When the STANDBY node boots, it will initiate a job that resettles the DLM (on both nodes) and then steps thru the extents (20 at a time), configuring cluster_mode - Define the fileio/blockio based extents in /etc/scst.conf for BOTH nodes, albeit with active 0 parameter set on the STANDBY node. - On failover on the ACTIVE node, become_active iscsitarget rather than restart it. This avoids running scstadmin, instead will make precise changes to the scst /sys interface. We only do the bare minimum that we need (makes extents active, and replace the HA target based LUNs with real extent based ones). - On failover on the STANDBY node, start iscsitarget but with minimal config. This will be corrected by the iscsi.alua.standby_after_start job. - For inter-node HA targets tweak the recovery_tmo parameter to 10 seconds. Otherwise we can expect stalls on a newly elected ACTIVE node, before it logs out the HA targets it needed when it was STANDBY. - When adding a target-extent mapping, configure the ACTIVE node first, then the STANDBY node. The STANDBY node will initiate the bring up of cluster_mode. - When removing a target-extent mapping call removed_target_extent on the STANDBY node to more cleanly tear down associated DLM config.
-
Andrew Walker authored
local and ds groups are written via group ID, but are returned as full group entries.
-
Andrew Walker authored
We need to allow webui access if at least one of user roles grant webui access.
-
Caleb St. John authored
-
- 10 Feb, 2024 1 commit
-
-
M. Rehan authored
-
- 09 Feb, 2024 1 commit
-
-
themylogin authored
-
- 08 Feb, 2024 2 commits
-
-
Caleb St. John authored
* fix import order * add sha512_crypt to utils.crypto.py * use sha512_crypt in account.py * add check_unixhash to utils/crypto.py * use check_unixhash in authenticate.py * unnecessary overload of twofactor_id variable * add python3-cryptit as dependency
-
themylogin authored
* `middlewared.utils.functools` -> `middlewared.utils.functools_` * Get rid of `Popen` in `wireguard.py` * Get rid of `Popen` in `init_shutdown_script.py` * Create a global `+io_thread_pool_executor` * Get rid of `Popen` in `bootenv.py` * `test_02_create_be_duplicate_name` * Get rid of `Popen` in `kerberos.py` (not tested) * Get rid of `Popen` in `smb.py` * Get rid of `Popen` in `smb_/passdb.py` (not tested) * Get rid of `Popen` in `system/lifecycle.py` * Make `run` use thread pool * Explain `Too many open files` error
-
- 06 Feb, 2024 6 commits
-
-
M. Rehan authored
-
sonicaj authored
* Add a util to see if containerd socket is working * Use newer util to determine if containerd socket is active * Fix circular dep * Add a comment outlining socket check behaviour
-
sonicaj authored
-
mgrimesix authored
Enhance NFS CI testing around NFS share validation.
-
themylogin authored
-
Stavros Kois authored
-
- 05 Feb, 2024 2 commits
-
-
Andrew Walker authored
This was an oversight when we added roles to privileges framework. Allowlists are readonly for builtin privileges. In keeping with same design, we should also prevent changing roles.
-
Caleb St. John authored
-
- 02 Feb, 2024 3 commits
-
-
sonicaj authored
-
themylogin authored
* Authenticate calls in `core.bulk` and pass `app` * Audit calls made with `core.bulk`
-
themylogin authored
* Expose more events to read-only admins * Update docs
-
- 01 Feb, 2024 11 commits
-
-
Andrew Walker authored
-
Andrew Walker authored
This commit refactors the portion of the directoryservices plugin that interacts with secrets.tdb to use our general-purpose TDB plugin and adds tests coverage for functionality.
-
Andrew Walker authored
Add allocation_size key to filesystem.stat and filesystem.listdir output. This commit also expands documentation for filesystem.stat output.
-
Caleb St. John authored
-
themylogin authored
-
Andrew Walker authored
This commit adds read and write roles for endpoints related to directory services LDAP, Active Directory, and Kerberos. Since the functionality is all inter-connected, we use single set of roles for all of these plugins.
-
Andrew Walker authored
This commit adds a basic description of some features that were added after the developer documentation was initially written.
-
themylogin authored
-
themylogin authored
-
Andrew Walker authored
This mirrors validation that already takes place when attempting to move the system dataset while AD is enabled.
-
Andrew Walker authored
If role prefix is defined, allow corresponding READ role to subscribe to events by default.
-
- 31 Jan, 2024 6 commits
-
-
sonicaj authored
-
themylogin authored
-
Andrew Walker authored
This commit fixes a KeyError that may be raised when dataset update payload does not contain the acltype or aclmode keys.
-
mgrimesix authored
-
M. Rehan authored
* Fix pagination parameters * Add integration test
-
bugclerk authored
* Change graphite hostname attribute (cherry picked from commit 9ec22a881896b82e5015e0b4e91d4b95fac47fd4) * Add merge migration --------- Co-authored-by:
M. Rehan <mrehanlm93@gmail.com>
-