• Unraid OS version 6.10.0-rc1 available


    limetech

    6.10.0 Summary of New Features

     

    As always, prior to updating, create a backup of your USB flash device:  "Main/Flash/Flash Device Settings" - click "Flash Backup".

     

    UPC and My Servers Plugin

    The most visible new feature is located in the upper right of the webGUI header.  We call this the User Profile Component, or UPC.  The UPC allows a user to associate their server(s) and license key(s) with their Unraid Community forum account.

     

    Starting with this release, it will be necessary for a new user to either sign-in with existing forum credentials or sign-up, creating a new account via the UPC in order to download a Trial key.  All key purchases and upgrades are also handled exclusively via the UPC.

     

    Signing-in provides these benefits:

    1. No more reliance on email and having to copy/paste key file URLs in order to install a license key - keys are delivered and installed automatically to your server.
    2. Notification of critical security-related updates.  In the event a serious security vulnerability has been discovered and patched, we will send out a notification to all email addresses associated with registered servers.
    3. Ability to install the My Servers plugin (see below).
    4. Posting privilege in a new set of My Servers forum boards.

     

    Once a license key has been provisioned, it is not necessary to remain signed-in, though there is no particular reason to sign-out.  Exception: if you have installed the My Servers plugin, signed-in servers will maintain a websocket connection to a Lime Technology cloud server for the purpose of transmitting real-time status.

     

    My Servers Plugin

    My Servers is what we call our set of cloud-based or cloud-enabled services and features that integrate with your Unraid server(s).  Once installed here are some of the features of My Servers:

    • My Servers Dashboard - when logged into the forum a new My Servers menu item appears. Clicking this brings up a Dashboard which displays a set of tiles representing each signed-in server.  Here you can see real-time status such as whether the server is online or offline, storage utilization and other information.  In addition, links are created to bring up a server webGUI, either locally on the LAN or remotely over the Internet (if Remote Access has been enabled).
    • flash backup - every registered server is provided with a private git repo initially populated with the contents of your USB flash boot device (except for certain files which contain private information such as passwords).  Thereafter, configuration changes are automatically committed.  Through the My Servers webApp it's possible to download a custom zip file that can be fed as input to the USB Flash Creator tool to move your configuration to a new USB flash device.
    • License key download - Again, through the My Servers webApp you can download your license key directly.

     

    My Servers is an optional add-on, installed through Community Apps or via direct plugin URL.  Detailed instructions can be found here.

     

    Security Changes

    • It is now mandatory to define a root password.  We also created a division in the Users page to distinguish root from other user names.  The root UserEdit page includes a text box for pasting SSH authorized keys.
    • For new configurations, the flash share default export setting is No.
    • For all new user shares, the default export setting is No.
    • For new configurations, SMBv1 is disabled by default.
    • For new configurations, telnet, ssh, and ftp are disabled by default.
    • We removed certain strings from Diagnostics such as passwords found in the 'go' file.

     

    Virtualization

    Both libvirt and qemu have been updated.  In addition qemu has been compiled with OpenGL support.

     

    The built-in FireFox browser available in GUI-mode boot is built as an AppImage and located in the bzfirmware compressed file system image.  This saves approximately 60MB of RAM.

     

    The Wireguard plugin has been integrated into webGUI, that is, no need for the plugin.  If you had the plugin installed previously, it will be uninstalled and moved to the "Plugins/Plugin File Install Errors" page. No action is needed unless you want to press the Delete button to remove it from that page. Your WireGuard tunnels and settings will be preserved.

     

    Simplified installation of the Community Apps plugin.  The webGUI automatically includes the Apps menu item, and if CA is not already installed, the page offers an Install button.  No need to hunt for the plugin link.

     

    Let's Encrypt SSL provisioning change.  In previous releases code that provisions (allocates and downloads) a LE SSL certificate would first test if DNS Rebinding Protection was enforced on the user's LAN; and, if so, would not provision the certificate.  Since there are other uses for a LE certificate we changed the code so that provision would always proceed.  Next, we changed the logic behind the Auto selection of "Use SSL/TLS" setting on the Management Access page.  Now it is only possible to select Auto if both a LE certificate has been provisioned and DNS Rebinding Protection is not enforced.  This is a subtle change but permits certain My Servers features such as Remote Access.

     

    Linux Kernel

    Upgrade to Linux 5.13.8 kernel which includes so-called Sequoia vulnerability mitigation.

     

    In-tree GPU drivers are now loaded by default if corresponding hardware is detected:

    • amdgpu
    • ast
    • i915
    • radeon

     

    These drivers are required mostly for motherboard on-board graphics used in GUI boot mode.  Loading of a driver can be prohibited by creating the appropriate file named after the driver:

    echo "blacklist i915" > /boot/config/modprobe.d/i915.conf

    Alternately, the device can be isolated from Linux entirely via the System Devices page.  Note that in Unraid OS 6.9 releases the in-tree GPU drivers are blacklisted by default and to enabling loading a driver you need to create an empty "conf" file.  After upgrading to Unraid OS 6.10 you may delete those files, or leave them as-is.  This change was made to greatly improve the Desktop GUI experience for new users.

     

    Added support for Intel GVT-g, which lets you split your Intel i915 iGPU into multiple virtual GPUs and pass them through to multiple VMs, using @ich777's Intel-GVT-g plugin.

     

    Added support for gnif/vendor-reset.  This simplifies @ich777's AMD Vendor Reset plugin which permits users to get their AMD video cards to reset properly.

     

    Base Packages

    Virtually the entire base package set has been updated.

     

    Other improvements available in 6.10, which are maybe not so obvious to spot from the release notes and some of these improvements are internal and not really visible:

     

     

    Event driven model to obtain server information and update the webGUI in real-time

    • The advantage of this model is its scalability. Multiple browsers can be opened simultaneously to the webGUI without much impact
    • In addition stale browser sessions won't create any CSRF errors anymore
    • People who keep their browser open 24/7 will find the webGUI stays responsive at all times

     

    Docker labels

    • Docker labels are added to allow people using Docker compose to make use of icons and GUI access
    • Look at a Docker 'run' command output to see exactly what labels are used

     

    Docker custom networks

    • A new setting for custom networks is available. Originally custom networks are created using the macvlan mode, and this mode is kept when upgrading to version 6.10
    • The new ipvlan mode is introduced to battle the crashes some people experience when using macvlan mode. If that is your case, change to ipvlan mode and test. Changing of mode does not require to reconfigure anything on Docker level, internally everything is being taken care off.

     

    Docker bridge network (docker0)

    • docker0 now supports IPv6. This is implemented by assigning docker0 a private IPv6 subnet (fd17::/64), similar to what is done for IPv4 and use network translation to communicate with the outside world
    • Containers connected to the bridge network now have both IPv4 and IPv6 connectivity (of course the system must have IPv6 configured in the network configuration)
    • In addition several enhancements are made in the IPv6 implementation to better deal with the use (or no-use) of IPv6

     

    Plugins page

    • The plugins page now loads information in two steps. First the list of plugins is created and next the more time consuming plugin status field is retrieved in the background. The result is a faster loading plugins page, especially when you have a lot of plugins installed

     

    Dashboard graphs

    • The dashboard has now two graphs available. The CPU graph is displayed by default, while the NETWORK graph is a new option under Interface (see the 'General Info' selection)
    • The CPU graph may be hidden as well in case it is not desired
    • Both graphs have a configurable time-line, which is by default 30 seconds and can be changed independently for each graph to see a longer or shorter history.
    • Graphs are updated in real-time and are useful to observe the behavior of the server under different circumstances

     

    Other Changes

    • We switched to a better-maintained version of the WSD server component called wsdd2 in an effort to eliminate instances where the wsd daemon would start consuming 100% of a CPU core.
    • Fixed issue where you couldn't create a docker image on a share name that contains a space.
    • Fixed issue where 'mover' would not move to a pool name that contains a space.
    • Fixed issue in User Share file system where permissions were not being honored.
    • We increased the font size in Terminal.
    • Many other small bug fixes and improvements.

     

    Credits

    Special thanks to all our beta testers and especially:

    @bonienl for his continued refinement and updating of the Dynamix webGUI.

    @Squid for continued refinement of Community Apps and associated feed.

    @dlandon for continued refinement of Unassigned Devices plugin and patience as we change things under the hood.

    @ich777 for assistance and passing on knowledge of Linux kernel config changes to support third party drivers and other kernel-related functionality via plugins.

    @SimonF for refinements to System Devices page and other webGUI improvements.  We intend to merge your mover progress changes during this RC series.

     


     

    Version 6.10.0-rc1 2021-08-07

     

    Base distro:

    • aaa_base: version 15.0
    • aaa_glibc-solibs: version 2.33
    • aaa_libraries: version 15.0
    • acl: version 2.3.1
    • acpid: version 2.0.32
    • adwaita-icon-theme: version 40.1.1
    • apcupsd: version 3.14.14
    • appres: version 1.0.5
    • at: version 3.2.2
    • at-spi2-atk: version 2.38.0
    • at-spi2-core: version 2.40.3
    • atk: version 2.36.0
    • attr: version 2.5.1
    • avahi: version 0.8
    • bash: version 5.1.008
    • beep: version 1.3
    • bin: version 11.1
    • bind: version 9.16.19
    • bluez-firmware: version 1.2
    • bridge-utils: version 1.7.1
    • brotli: version 1.0.9
    • btrfs-progs: version 5.13.1
    • bzip2: version 1.0.8
    • ca-certificates: version 20210526
    • cairo: version 1.16.0
    • celt051: version 0.5.1.3
    • cifs-utils: version 6.13
    • coreutils: version 8.32
    • cpio: version 2.13
    • cpufrequtils: version 008
    • cracklib: version 2.9.7
    • cryptsetup: version 2.3.6
    • curl: version 7.78.0
    • cyrus-sasl: version 2.1.27
    • db48: version 4.8.30
    • dbus: version 1.12.20
    • dbus-glib: version 0.112
    • dcron: version 4.5
    • dejavu-fonts-ttf: version 2.37
    • devs: version 2.3.1
    • dhcpcd: version 8.1.9
    • diffutils: version 3.8
    • dmidecode: version 3.3
    • dnsmasq: version 2.85
    • docker: version 20.10.6
    • dosfstools: version 4.2
    • e2fsprogs: version 1.46.3
    • ebtables: version 2.0.11
    • editres: version 1.0.7
    • eject: version 2.1.5
    • elogind: version 246.10
    • elvis: version 2.2_0
    • encodings: version 1.0.5
    • etc: version 15.0
    • ethtool: version 5.13
    • eudev: version 3.2.10
    • file: version 5.40
    • findutils: version 4.8.0
    • flex: version 2.6.4
    • floppy: version 5.5
    • fluxbox: version 1.3.7
    • fontconfig: version 2.13.92
    • freeglut: version 3.2.1
    • freetype: version 2.11.0
    • fribidi: version 1.0.10
    • fuse3: version 3.10.4
    • gawk: version 5.1.0
    • gd: version 2.3.2
    • gdbm: version 1.20
    • gdk-pixbuf2: version 2.42.6
    • genpower: version 1.0.5
    • getty-ps: version 2.1.0b
    • git: version 2.32.0
    • glew: version 2.2.0
    • glib2: version 2.68.3
    • glibc: version 2.33
    • glibc-zoneinfo: version 2021a
    • glu: version 9.0.2
    • gmp: version 6.2.1
    • gnutls: version 3.6.16
    • gptfdisk: version 1.0.8
    • graphite2: version 1.3.14
    • grep: version 3.6
    • gtk+3: version 3.24.30
    • gzip: version 1.10
    • harfbuzz: version 2.8.2
    • haveged: version 1.9.14
    • hdparm: version 9.62
    • hicolor-icon-theme: version 0.17
    • hostname: version 3.23
    • htop: version 3.0.5
    • hwloc: version 2.2.0
    • icu4c: version 69.1
    • imlib2: version 1.7.1
    • inetd: version 1.79s
    • infozip: version 6.0
    • inih: version 53
    • inotify-tools: version 3.20.11.0
    • iproute2: version 5.13.0
    • iptables: version 1.8.7
    • iputils: version 20210722
    • irqbalance: version 1.7.0
    • jansson: version 2.13.1
    • jemalloc: version 5.2.1
    • jq: version 1.6
    • json-c: version 0.15_20200726
    • keyutils: version 1.6.3
    • kmod: version 29
    • krb5: version 1.19.2
    • lbzip2: version 2.5
    • less: version 590
    • libICE: version 1.0.10
    • libSM: version 1.2.3
    • libX11: version 1.7.2
    • libXau: version 1.0.9
    • libXaw: version 1.0.14
    • libXcomposite: version 0.4.5
    • libXcursor: version 1.2.0
    • libXdamage: version 1.1.5
    • libXdmcp: version 1.1.3
    • libXevie: version 1.0.3
    • libXext: version 1.3.4
    • libXfixes: version 6.0.0
    • libXfont: version 1.5.2
    • libXfont2: version 2.0.5
    • libXfontcache: version 1.0.5
    • libXft: version 2.3.4
    • libXi: version 1.7.10
    • libXinerama: version 1.1.4
    • libXmu: version 1.1.3
    • libXpm: version 3.5.13
    • libXrandr: version 1.5.2
    • libXrender: version 0.9.10
    • libXres: version 1.2.1
    • libXt: version 1.2.1
    • libXtst: version 1.2.3
    • libXxf86dga: version 1.1.5
    • libXxf86misc: version 1.0.4
    • libXxf86vm: version 1.1.4
    • libaio: version 0.3.112
    • libarchive: version 3.5.1
    • libcap-ng: version 0.8.2
    • libcgroup: version 0.41
    • libdaemon: version 0.14
    • libdmx: version 1.1.4
    • libdrm: version 2.4.107
    • libedit: version 20210714_3.1
    • libepoxy: version 1.5.8
    • libestr: version 0.1.9
    • libevdev: version 1.11.0
    • libevent: version 2.1.12
    • libfastjson: version 0.99.9
    • libffi: version 3.3
    • libfontenc: version 1.1.4
    • libgcrypt: version 1.9.3
    • libglvnd: version 1.3.3
    • libgpg-error: version 1.42
    • libgudev: version 236
    • libidn: version 1.38
    • libjpeg-turbo: version 2.1.0
    • liblogging: version 1.0.6
    • libmnl: version 1.0.4
    • libnetfilter_conntrack: version 1.0.8
    • libnfnetlink: version 1.0.1
    • libnftnl: version 1.2.0
    • libnl3: version 3.5.0
    • libpcap: version 1.10.1
    • libpciaccess: version 0.16
    • libpng: version 1.6.37
    • libpsl: version 0.21.1
    • libpthread-stubs: version 0.4
    • libseccomp: version 2.5.1
    • libssh: version 0.9.5
    • libssh2: version 1.9.0
    • libtasn1: version 4.17.0
    • libtiff: version 4.3.0
    • libtiff: version 4.3.0
    • libtirpc: version 1.3.2
    • libunistring: version 0.9.10
    • libunwind: version 1.5.0
    • libusb: version 1.0.24
    • libusb-compat: version 0.1.7
    • libuv: version 1.41.0
    • libvirt: version 7.3.0
    • libvirt-php: version 0.5.5
    • libwebp: version 1.2.0
    • libwebsockets: version 4.2.0
    • libx86: version 1.1
    • libxcb: version 1.14
    • libxkbcommon: version 1.3.0
    • libxkbfile: version 1.1.0
    • libxml2: version 2.9.12
    • libxshmfence: version 1.3
    • libxslt: version 1.1.34
    • libzip: version 1.8.0
    • listres: version 1.0.4
    • lm_sensors: version 3.6.0
    • lmdb: version 0.9.29
    • logrotate: version 3.18.1
    • lshw: version B.02.19.2
    • lsof: version 4.94.0
    • lsscsi: version 0.32
    • lvm2: version 2.03.12
    • lz4: version 1.9.3
    • lzip: version 1.22
    • lzo: version 2.10
    • mc: version 4.8.26
    • miniupnpc: version 2.1
    • mkfontscale: version 1.2.1
    • mpfr: version 4.1.0
    • mtdev: version 1.1.6
    • nano: version 5.8
    • ncompress: version 5.0
    • ncurses: version 6.2_20201219
    • net-tools: version 20181103_0eebece
    • nettle: version 3.7.3
    • network-scripts: version 15.0
    • nfs-utils: version 2.5.4
    • nghttp2: version 1.44.0
    • nginx: version 1.19.9
    • nss-mdns: version 0.14.1
    • ntfs-3g: version 2017.3.23
    • ntp: version 4.2.8p15
    • numactl: version 2.0.13
    • oniguruma: version 6.9.7
    • openssh: version 8.6p1
    • openssl: version 1.1.1k
    • openssl-solibs: version 1.1.1k
    • p11-kit: version 0.24.0
    • pam: version 1.5.1
    • pango: version 1.48.7
    • patch: version 2.7.6
    • pciutils: version 3.7.0
    • pcre: version 8.45
    • pcre2: version 10.37
    • php: version 7.4.18
    • pixman: version 0.40.0
    • pkgtools: version 15.0
    • procps-ng: version 3.3.17
    • pv: version 1.6.6
    • qemu: version 6.0.0
    • qrencode: version 4.1.1
    • reiserfsprogs: version 3.6.27
    • rpcbind: version 1.2.5
    • rsync: version 3.2.3
    • rsyslog: version 8.2102.0
    • sakura: version 3.5.0
    • samba: version 4.12.15
    • sdparm: version 1.12
    • sed: version 4.8
    • sessreg: version 1.1.2
    • setxkbmap: version 1.3.2
    • sg3_utils: version 1.46
    • shadow: version 4.8.1
    • shared-mime-info: version 2.1
    • slim: version 1.3.6
    • smartmontools: version 7.2
    • spice: version 0.15.0
    • sqlite: version 3.36.0
    • ssmtp: version 2.64
    • startup-notification: version 0.12
    • sudo: version 1.9.7p2
    • sysfsutils: version 2.1.0
    • sysvinit: version 2.99
    • sysvinit-scripts: version 15.0
    • talloc: version 2.3.2
    • tar: version 1.34
    • tcp_wrappers: version 7.6
    • tdb: version 1.4.5
    • telnet: version 0.17
    • tevent: version 0.11.0
    • traceroute: version 2.1.0
    • transset: version 1.0.2
    • tree: version 1.8.0
    • ttyd: version 20210507
    • usbredir: version 0.8.0
    • usbutils: version 013
    • utempter: version 1.2.0
    • util-linux: version 2.37.1
    • vbetool: version 1.2.2
    • vsftpd: version 3.0.5
    • vte3: version 0.50.2
    • wayland: version 1.19.0
    • wget: version 1.21.1
    • which: version 2.21
    • wireguard-tools: version 1.0.20210424
    • wsdd2: version 1.8.3.2
    • xauth: version 1.1
    • xcb-util: version 0.4.0
    • xclock: version 1.0.9
    • xdpyinfo: version 1.3.2
    • xdriinfo: version 1.0.6
    • xev: version 1.2.4
    • xf86-input-evdev: version 2.10.6
    • xf86-input-keyboard: version 1.9.0
    • xf86-input-mouse: version 1.9.3
    • xf86-input-synaptics: version 1.9.1
    • xf86-video-ast: version 1.1.5
    • xf86-video-mga: version 2.0.0
    • xf86-video-vesa: version 2.5.0
    • xfsprogs: version 5.12.0
    • xhost: version 1.0.8
    • xinit: version 1.4.1
    • xkbcomp: version 1.4.5
    • xkbevd: version 1.1.4
    • xkbutils: version 1.0.4
    • xkeyboard-config: version 2.33
    • xkill: version 1.0.5
    • xload: version 1.1.3
    • xlsatoms: version 1.1.3
    • xlsclients: version 1.1.4
    • xmessage: version 1.0.5
    • xmodmap: version 1.0.10
    • xorg-server: version 1.20.13
    • xprop: version 1.2.5
    • xrandr: version 1.5.1
    • xrdb: version 1.2.0
    • xrefresh: version 1.0.6
    • xset: version 1.2.4
    • xsetroot: version 1.1.2
    • xsm: version 1.0.4
    • xterm: version 368
    • xtrans: version 1.4.0
    • xwd: version 1.0.8
    • xwininfo: version 1.1.5
    • xwud: version 1.0.5
    • xxHash: version 0.8.0
    • xz: version 5.2.5
    • yajl: version 2.1.0
    • zlib: version 1.2.11
    • zstd: version 1.5.0

    Linux kernel:

    • version 5.13.8 (CVE-2021-33909 CVE-2021-33910)
    • CONFIG_USB4: Unified support for USB4 and Thunderbolt
    • CONFIG_USB4_NET: Networking over USB4 and Thunderbolt cables
    • CONFIG_DRM_I915_GVT: Enable Intel GVT-g graphics virtualization host support
    • CONFIG_DRM_I915_GVT_KVMGT: Enable KVM/VFIO support for Intel GVT-g
    • CONFIG_VFIO_MDEV: Mediated device driver framework
    • CONFIG_VFIO_MDEV_DEVICE: VFIO driver for Mediated devices
    • CONFIG_FTRACE: Tracers
    • CONFIG_FUNCTION_TRACER: Kernel Function Tracer
    • CONFIG_KPROBES: Kprobes
    • CONFIG_DEBUG_KERNEL: Kernel debugging
    • CONFIG_KALLSYMS_ALL: Include all symbols in kallsyms
    • CONFIG_X86_X32: removed
    • md_unraid: version 2.9.18

    Management:

    • emhttp new defaults:
      - root password required
      - newly created shares not exported by default
      - predefined 'flash' share not exported by default
      - ftp, ssh, telnet: disabled by default
      - NetBIOS disabled by default
      - WSD enabled (and using newer 'wsdd2' package)
      - Enhanced macOS interoperability enabled
    • mover: fix bug not moving shares with embedded spaces
    • shfs: fix bug where permissions being ingored ('default_permissions' was missing in mount command)
    • webgui: support simultanious LAN SSL with self-signed cert and DNS-based SSL with Lets Encrypt cert
    • webgui: Suppress non-relevant IPv6 routes in routing table
    • webgui: Fixed smart temperature settings sometimes not possible
    • webgui: Add internal container reference
    • webgui: Diagnostics: Remove lines from go containing passwords etc
    • webgui: Better translation of docker container variables
    • webgui: Fix monitor false positives
    • webgui: Allow ruleset for local rules in rsyslog.conf
    • webgui: Include links in email and Discord agent notifications
    • webgui: Allow all notification agents to send links
    • webgui: Validate WebGUI ports before applying
    • webgui: Add vmxnet3 and e1000 into available NICs for VMs
    • webgui: Error checking etc on ports for syslog server
    • webgui: Check for flash offline / quick check on if it is corrupted
    • webgui: Only allow png files to be uploaded as user image
    • webgui: Diagnostics: Revamp anonymization
    • webgui: Add WireGuard GUI
    • webgui: Update DashStats.page
    • webgui: Bug fix in DashStats
    • webgui: Fix corruption check after a New Config is issued
    • webgui: Update alert text
    • webgui: Translation support (Unraid.net)
    • webgui: WireGuard: preset peer DNS server with "Remote tunneled access"
    • webgui: Plugins page loading improvements
    • webgui: Docker page loading improvements
    • webgui: Make WireGuard trademark visible on "full" page
    • webgui: Replace polling scripts with event driven Nchan interface
    • webgui: Improved format of stale and error plugin pages
    • webgui: Docker: Add crypto as a category
    • webgui: Dashboard: add CPU and NETWORK chart
    • webgui: Docker: compress too long author names
    • webgui: Convert notify polling to Nchan
    • webgui: Docker: process bash ANSI colors in web log display
    • webgui: dockerMan: remove HTML from descriptions
    • webgui: SSH authorized keys UI
    • webgui: Device_list replace .png icon with font icon
    • webgui: Compress too long share names in dropdown menus
    • webgui: Show management access and shares access groups for users
    • webgui: Added "User 'root'" reference on Management Access page
    • webgui: Show warning when javascript is disabled
    • webgui: Force creation of root password
    • webgui: Edit/Add Container: Fix browser console error
    • webgui: WireGuard: warn when directly connected with public IP
    • webgui: Fix network bonding display
    • webgui: Add tracking after system shutdown
    • webgui: Added notify when plugin fails to install
    • webgui: Add Apps link to install CA
    • webgui: Diagnostics: Add share summary
    • webgui: Suppress IPv6 anycast addresses in routing table
    • webgui: Diagnostics: Add share summary
    • webgui: Diagnostics: Include current plugin versions
    • webgui: Diagnostics: add DHCP log
    • webgui: Diagnostics fix plugin deprecated max version error
    • webgui: Docker: Support CA tag
    • webgui: Delete DockerRepositories.page
    • webgui: dockerMan Security: Remove HTML tags from Config elements
    • webgui: When viewing source, identify which .page file is responsible
    • webgui: System devices additions
    • webgui: Create syslog entry when user logs out
    • webgui: privatize host in diagnostics
    • webgui: Create favicon.ico
    • webgui: Update Credits.page
    • Like 22



    User Feedback

    Recommended Comments



    Anyone else seem to have nfs issues when running 6.10.0-rc1?  I have tried to upgrade to 6.10.-rc1 three times now, and every time I do my Plex Server has issues playing any media from my unraid server.  its an NFS mount, and essentially upgrading to 6.10.0-rc1 when playing media my plex server load goes through the roof.  There are no load/memory issues on unraid server, but downgrading unraid server to 6.9.2 fixes the issue.

    Link to comment

    Hi after upgrade my usual wireguard connections get a handshake and it shows that data is transmitted but I cant access the www and my local hosts. Any idea?

    Link to comment
    On 8/21/2021 at 4:24 AM, ungeek67 said:

    Has anyone played with this yet? I can only get the the GUI access to work. Label sample below from my docker compose file.

        labels:
          net.unraid.docker.icon: https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/sonarr-icon.png
          #net.unraid.docker.managed: dockerman
          net.unraid.docker.webui: http://[IP]:[PORT:8989]/

    I got it to work with local files:

        labels:
          - "net.unraid.docker.icon=$DOCKERDIR/czkawka/czkawka-unraid.png"
          - "net.unraid.docker.webui=https://czkawka.$DOCKERHOSTNAME"

    image.png.20f744105fecdd4ed1782f354fbf932e.png

    Edited by hasown
    • Like 1
    Link to comment

    Agree, no risk like this is acceptable.  

    On 8/10/2021 at 2:32 AM, AngriestNerd said:

    I, for one, do not like the UPC requirement. I completely understand the convenience of it, and if you like that, then I think it should be available to you. But it is important to realize that it comes with a steep security tradeoff. Even if no additional server data is transferred during the linking of the forum account and the UPC service (and that is a big "if" that needs to be made clear), that still makes it FAR too easy for keys to be compromised.

    This isn't about bashing LimeTech, but the reality of things is that forum account credentials could be compromised at some point (Ubiquiti, among others, had far worse than that happen). I would much rather keys be HARD to change, especially with them associated with my critical servers. If this change is not more explicitly avoidable, I will not purchase any further keys. I LOVE Unraid and have recommended it to many people, but this change would be a deal breaker for me.

    All user data should be able to be controlled/restricted by the user. Also, I would love to see a setting to hide the login link on the header (but I'm sure there will be a plugin/app to do this if LimeTech doesn't).

    On 8/10/2021 at 4:12 AM, mgutt said:

    I'm not sure if I really like to bind my keys to this moderator account.

     

    PS I really wonder why Limetech binds their license sales to a forum software which had serious loading problems in the last months. And I really wonder why to Invision. Invision is the company which canceled all lifetime licenses with the release of version 4. And its still a slow, expensive and buggy forum software compared to eg Xenforo (Froala = best editor).

     

    • Like 2
    Link to comment

    After some advice on upgrading to 6.10 please. I'm still running 6.9.2 and had no issues, really stable. Is it worth taking a leap of faith on rc1 or should I continue to wait for 6.10 release/Rc2? Its been 2 months since rc1 and I'm not very good at the waiting game... Any big changes coming between rc1 and the next 6.10 release?

     

     

    Link to comment
    On 10/2/2021 at 3:23 AM, ab5g said:

    Possible issue - with 6.10-RC1 most of my community dockers have started complaining of no access to /tmp within the docker. I need to change the permission manually to 777 within the docker for it to start working e.g. maridb, owncloud, onlyoffice document server. Has anyone else also seen this ?

     

    Edit:

     

    I just reinstalled the flash drive again. Copied contents from the old /boot/config directory and I am seeing the same errors related to permission on the /tmp. Any ideas fellas ? 

    /tmp inside the docker is not mapped to the host then why are dockers complaining of issues accessing it?

     

    I also have this problem on unRAID 6.9.4. Out of the blue, containers start complaining about write access to `/tmp`. What is going on?

    Link to comment

    There is a lot going on in the release, and a lot of good!

    Some mixed sentiment on the UPC and My Server stuff. Firstly the My Server stuff is fine, an optional additional service people can use to remotely monitor one or more servers. Great stuff useful for those that need or want this. 

    The UPC stuff is a little more complex. I changed my key today, the old way, and it was super simple barely an inconvenience. I'll outline my concerns with this direction, take them as you will.

    • UPC is linking to a forum. It could be that the forum backend is the core authentication system / CRM or the like, but it seems an odd choice to me. 
    • If a server is authenticated via UPC an open web socket is maintained. Generally not a big deal, but it's another thing to be exploited and as others have pointed out didn't work out so well for other companies.
    • All information is useful to a hacker, no matter how little data may be captured if there is a breach it is exposing potentially vast configurations, IPs, and so on.
    • On the configuration backups, why a private repo? This seems odd to me, are these encrypted per server? Wouldn't just end to end encrypted file blobs be more secure, regardless of saying "it doesn't include files with sensitive info".
    • No company regardless of design or merit is immune to breaches, hacks, or acquisitions.
    • While it's clear now that if you have a valid key you do not need to authenticate with UPC (forum), this is pretty much how all non-cloud authentications go to die. I've seen, you've seen it... And I get it, from a business perspective, it's easier for you to manage centrally, oversee, and move towards the subscription model. Confidence that a path like this isn't in the future would ease many, especially in the area of data storage where moving is not always trivial. 
    • Are you GDPR compliant, or similar data protection schemes (kind of not specific to the release, just generally)
    • Are you ISO27001 and SOC certified such that we can be sure your development pipelines to your infrastructure won't be compromised with active connections to our servers?

     

     

    These are my concerns, the features and functions of Unraid in this release are great. Thanks for the work put into them

    • Like 3
    Link to comment
    8 hours ago, winklevos said:

    ...snip...

    The UPC stuff is a little more complex. I changed my key today, the old way, and it was super simple barely an inconvenience. I'll outline my concerns with this direction, take them as you will.

    • ...snip...

    These are my concerns, the features and functions of Unraid in this release are great. Thanks for the work put into them

    I wont annoy anyone by posting my objection to the UPC again, but in case it makes any difference to the company, for whom I have had great respect and good feelings for about 11 years, this will represent the end of my support.  I will not upgrade from my current state.  I have ZERO interest in having my servers connected to the internet except for one application on my backup server.  There is no need to take any risk whatsoever of allowing some mistake/mismanagement/malicious attack/ whatever at Lime technology and _especially_ over this "for information only" forum.  I am stunned that connecting registration on this forum directly to our server license and information was even floated except over a beers.   I really can't believe this is being considered.

     

    I suppose the modern way of things is subscriptions to gouge every last dime out of customers at a seemingly low price month by month but I am rejecting it from microsoft and will reject it here.  I am quite happy with my purchase, have recommended UNRAID uncounted times to others and several friends are now users but that is at an end.  I will remain at my current version of unraid that that's that.  It sounds like i need also to delete this forum account, unfortunately.

     

    I am certain noone gives a rat's but I thought I would clarify my position before signing off of the forum.  

     

    Why not just charge for version upgrades instead?  Is that because people might decide they dont need the current version and you'd like to charge them anyway?  At the price of the security of my servers?  I just dont understand.  I have happily paid for my licenses and was actually considering purchasing a third, but man this will get very expensive very quickly if i pay for it every month.

     

    what happens when i stop paying?  

    • Like 3
    Link to comment
    3 minutes ago, PeteAron said:

    what happens when i stop paying?

    Respectfully, where are you getting this from? Everything I've read says you can continue to manually upgrade your Unraid with your existing key by extracting the files from the installation and overwriting the bz archives on the flash drive. No need to have internet access on your server or link it to your forum account.

    Link to comment
    12 hours ago, winklevos said:

    On another note, only thing issue so far seems to be vfio binding, vms can't work
     

    chown: cannot access '/dev/vfio/15': No such file or directory
    Error: unable to adjust group ownership of /dev/vfio/15

     

    odin-diagnostics-20211028-2339.zip

    To further this, trying to boot in safemode throws Cannot find device "bond0" 

    After more testing, I did a completely fresh install of the new release, (no existing config). These same errors occurring. Sometimes unable to boot correctly with Cannot find device "bond0" 

    Edited by winklevos
    Link to comment

    Hi,

    just upgraded from 6.9.2 to 6.10.0 RC1 and my docker images do not display any update state. It only shows "not available". Web connection is working and pulling a new image is working either. Please give me a hint or notice about how to fix this issue.

    Br, Thomas

    Link to comment

    my vfio binding all fails upgrading from 6.9.2 and my GPU passthrough goes code 43 in my win10vm

     

    The logs show these differences between 6.9.2 and 6.10-rc1

     

    i tried setting the pxe oprom to legacy in the CSM like another user said early in this thread, but no luck.

    image.thumb.png.f8404529aca7b5fa3dfbf4f4fde94b53.png

    image.thumb.png.58cd058a5e4238f62be3057bc9825b8b.png

    image.thumb.png.77d85e07c809c1d069b29ee7cec5cd69.png

     

     

     

     

     

    vfio-log-6.9.2.txt vfio-log-6.10rc1v2.txt

     

    Edited by bigbangus
    privacy
    Link to comment
    On 10/28/2021 at 11:13 PM, PeteAron said:

    I wont annoy anyone by posting my objection to the UPC again, but in case it makes any difference to the company, for whom I have had great respect and good feelings for about 11 years, this will represent the end of my support.  I will not upgrade from my current state.  I have ZERO interest in having my servers connected to the internet except for one application on my backup server.  There is no need to take any risk whatsoever of allowing some mistake/mismanagement/malicious attack/ whatever at Lime technology and _especially_ over this "for information only" forum.  I am stunned that connecting registration on this forum directly to our server license and information was even floated except over a beers.   I really can't believe this is being considered.

     

    I suppose the modern way of things is subscriptions to gouge every last dime out of customers at a seemingly low price month by month but I am rejecting it from microsoft and will reject it here.  I am quite happy with my purchase, have recommended UNRAID uncounted times to others and several friends are now users but that is at an end.  I will remain at my current version of unraid that that's that.  It sounds like i need also to delete this forum account, unfortunately.

     

    I am certain noone gives a rat's but I thought I would clarify my position before signing off of the forum.  

     

    Why not just charge for version upgrades instead?  Is that because people might decide they dont need the current version and you'd like to charge them anyway?  At the price of the security of my servers?  I just dont understand.  I have happily paid for my licenses and was actually considering purchasing a third, but man this will get very expensive very quickly if i pay for it every month.

     

    what happens when i stop paying?  

    Seams everyone is ignoring the fact that your server will need to permanently phone home.... Guess next will be pushing ad's to the server web interface..... 

    Not ok with this..... 

     

    My server should be fully private.... 

    Link to comment
    17 minutes ago, thor2002ro said:

    Seams everyone is ignoring the fact that your server will need to permanently phone home..

    Totally optional, no need to enable this if you don't want the added functionality.

    18 minutes ago, thor2002ro said:

    My server should be fully private....

    It is if you want it to be. The core functions for sharing files have no reliance on an internet connection when using a paid license. It's only when you want to add third party applications that you need internet.

    Link to comment
    22 minutes ago, thor2002ro said:

    Seams everyone is ignoring the fact that your server will need to permanently phone home.

    Huh?

     

    As stated multiple times in multiple places by multiple people (including official Limetech representatives), only the trial ever phones home and that is simply to validate the time remaining on the trial.

     

    Paid licences do not phone home if you're not logged into the UPC.  ever

     

    The only reason you need to ever actually log into the UPC is to replace a licence key.  Zero reason to log into it if you're not taking advantage of the other features of MyServers.

     

    The entire OS is even designed around not having to have an internet connection running unless you're installing software on it.

     

    Link to comment



    Guest
    This is now closed for further comments

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.


    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.