• Unraid OS version 6.10.0-rc3 available


    limetech

    6.10.0 Summary of Changes and New Features

     

    As always, prior to updating, create a backup of your USB flash device:  "Main/Flash/Flash Device Settings" - click "Flash Backup".

     

    [rc3] Plugin Authors:  We patched the upgradepkg script to prevent it from replacing an installed package with an earlier version of the same package, i.e., no downgrading.  If a plugin really needs to replace a package with a downgraded version it can include the '--reinstall' option.

     

    Also be sure to check out the Dynamix File Manager plugin available now through Community Apps!

     

    UPC and My Servers Plugin

    The most visible new feature is located in the upper right corner of the webGUI header.  We call this the User Profile Component, or UPC.  The UPC allows a user to associate their server(s) and license key(s) with their Unraid Community forum account, also known as an Unraid.net account.

     

    Starting with this release, it will be necessary for a new user to either sign-in with existing forum credentials or sign-up, creating a new account via the UPC in order to download a Trial key.  All key purchases and upgrades are also handled exclusively via the UPC.

     

    Signing-in provides these benefits:

    1. My Servers Dashboard - when logged into the forum a new My Servers menu item appears. Clicking this brings up a Dashboard which displays a set of tiles representing servers associated with this account.  Each tile includes a link to bring up the servers webGUI on your LAN.  Install the My Servers plugin to provide real-time status and other advanced features (see below).
    2. Notification of critical security-related updates.  In the event a serious security vulnerability has been discovered and patched, we will send out a notification to all email addresses associated with registered servers.
    3. Posting privilege in a new set of My Servers forum boards.
    4. No more reliance on email and having to copy/paste key file URLs in order to install a license key - keys are delivered and installed automatically to your server.

     

    Once a license key has been provisioned, it is not necessary to remain signed-in, though there is no particular reason to sign-out.

     

    My Servers Plugin

    My Servers is what we call our set of cloud-based or cloud-enabled services and features that integrate with your Unraid server(s).  Once installed here are some of the features of My Servers:

    • Real-time Status - with the plugin installed each server tile on the My Servers Dashboard will display real-time status such as whether the server is online or offline, storage utilization and other information. 
    • Remote Access link - if enabled, a link is displayed on the My Servers Dashboard to bring up a server webGUI remotely and over the Internet.
    • Automatic Flash Backup - every registered server is provided with a private git repo initially populated with the contents of your USB flash boot device (except for certain files which contain private information such as passwords).  Thereafter, configuration changes are automatically committed.  A link is provided to download a custom zip file that can be fed as input to the USB Flash Creator tool to move your configuration to a new USB flash device.

     

    My Servers is an optional add-on, installed through Community Apps or via direct plugin URL.  Detailed instructions can be found here.

     

    If you have installed the My Servers plugin, signed-in servers will maintain a websocket connection to a cloud-based Lime Technology proxy server for the purpose of relaying real-time status.

     

    Security Changes

    • It is now mandatory to define a root password.  We also created a division in the Users page to distinguish root from other user names.  The root UserEdit page includes a text box for pasting SSH authorized keys.
    • For new configurations, the flash share default export setting is No.
    • For all new user shares, the default export setting is No.
    • For new configurations, SMBv1 is disabled by default.
    • For new configurations, telnet, ssh, and ftp are disabled by default.
    • We removed certain strings from Diagnostics such as passwords found in the 'go' file.

     

    Virtualization

    Both libvirt and qemu have been updated.  In addition, qemu has been compiled with OpenGL support, and [rc2] ARM emulation (experimental).

     

    [rc2] To support Windows 11 which requires TPM and Secure boot, we have added TPM emulation; and, added a "Windows 11" VM template which automatically selects TPM-aware OVMF bios.  Also, here are instructions for upgrading a Windows 10 VM to Windows 11.  Special thanks to @ich777 who researched and determined what changes and components were necessary to provide this functionality.

     

    The built-in Firefox browser available in GUI-mode boot is built as an AppImage and located in the bzfirmware compressed file system image.  This saves approximately 60MB of RAM.

     

    The Wireguard plugin has been integrated into webGUI, that is, no need for the plugin.  If you had the plugin installed previously, it will be uninstalled and moved to the "Plugins/Plugin File Install Errors" page. No action is needed unless you want to press the Delete button to remove it from that page. Your WireGuard tunnels and settings will be preserved.

     

    Simplified installation of the Community Apps plugin.  The webGUI automatically includes the Apps menu item, and if CA is not already installed, the page offers an Install button.  No need to hunt for the plugin link.

     

    [rc3] Moving to Let's Encrypt wildcard SSL certificates. 

    Starting with this release, we no longer issue new single-host SSL certificates (which we're calling legacy certificates).  Instead, all new Unraid.net SSL certificates are wildcard certificates (still provided by Let's Encrypt).  In order to provision a new wildcard certificate, or upgrade a legacy certificate, you must be signed-in to Unraid.net.  You do not need to be signed-in however, to have either type of certificate automatically renewed when it is within 30 days of expiration.

     

    The URL used to access your server making use of a wildcard certificate has this form:

    • https://[lan-ip].[hash].myunraid.net

    where,

    • [lan-ip] is your severs LAN IP address with dots changed to dashes
    • [hash] is a 40-character hex string (160 bits) unique to this server (and different from similar [hash] in legacy certificates)

    example:

     

    We added a new DDNS server which listens at "myunraid.net".  This server extracts [lan-ip] from the domain name and returns the IP address where the dashes are changed back into dots.  There are several benefits to this approach for both our users and for us:

    • Eliminates DNS propagation delays when you first provision a certificate or when a server LAN IP address (or WAN IP address) changes.  Since the domain name includes the IP address, any IP address change also changes the domain name, hence will not be contained in any intermediate DNS cache.  We also changed the TTL from 1 hour to 7 days further reducing overhead and alleviating issues where someone's internet goes down for brief periods.
    • Improves privacy because your remote access WAN IP address can't be determined by simply prepending "www" to your local access URL.
    • Moves DNS functionality off the 'unraid.net' domain and isolates it on 'myunraid.net' domain.

     

    In previous releases code that provisions (allocates and downloads) an Unraid.net SSL certificate would first test if DNS Rebinding Protection was enforced on the user's LAN; and, if so, would not provision the certificate.  Since there are other uses for a LE certificate we changed the code so that provision would always proceed.  Next, we changed the logic behind the Auto selection of "Use SSL/TLS" setting on the Management Access page.  Now it is only possible to select Auto if both a LE certificate has been provisioned and DNS Rebinding Protection is not enforced.  This is a subtle change but permits certain My Servers features such as Remote Access.

     

    Upon upgrading, you will need to modify any server bookmarks with new the URL; however, if you server is signed-in to Unraid.net then the My Servers dashboard maintains the correct Local Access URL for each of your servers.

     

    More information including use cases may be found in Documentation here.

     

    Linux Kernel

    Upgrade to [rc3] Linux 5.15.27 kernel which includes so-called Sequoia and Dirty Pipe vulnerability mitigations.

     

    In-tree GPU drivers are now loaded by default if corresponding hardware is detected:

    • amdgpu
    • ast
    • i915
    • radeon

     

    These drivers are required mostly for motherboard on-board graphics used in GUI boot mode.  Loading of a driver can be prohibited by creating the appropriate file named after the driver:

    echo "blacklist i915" > /boot/config/modprobe.d/i915.conf

    Alternately, the device can be isolated from Linux entirely via the System Devices page.  Note that in Unraid OS 6.9 releases the in-tree GPU drivers are blacklisted by default and to enabling loading a driver you need to create an empty "conf" file.  After upgrading to Unraid OS 6.10 you may delete those files, or leave them as-is.  This change was made to greatly improve the Desktop GUI experience for new users.

     

    Added support for Intel GVT-g, which lets you split your Intel i915 iGPU into multiple virtual GPUs and pass them through to multiple VMs, using @ich777's Intel-GVT-g plugin.

     

    Added support for gnif/vendor-reset.  This simplifies @ich777's AMD Vendor Reset plugin which permits users to get their AMD video cards to reset properly.

     

    [rc2] Added so-called "add-relaxable-rmrr-5_8_and_up.patch" modified for our kernel
      https://github.com/kiler129/relax-intel-rmrr/blob/master/patches/add-relaxable-rmrr-5_8_and_up.patch

    Thanks to @ich777 for pointing this out.

     

    [rc2] Enabled additional ACPI kernel options
    [rc2] Updated out-of-tree drivers

    [rc2] Enabled TPM kernel modules (not utilized yet) - note this is for Unraid host utilizing physical TPM, not emulated TPM support for virtual machnes.

     

    Base Packages

    Virtually the entire base package set has been updated.

     

    [rc2] For SMB: Samba version 4.15 SMB3 multi-channel is no longer marked "experimental" and is enabled by default.

     

    [rc2] Per request we added the mcelog package.  With inclusion of this package, if you have an AMD processor you may see this error message in the system log:

    mcelog: ERROR: AMD Processor family 23: mcelog does not support this processor. Please use the edac_mce_amd module instead.

    We're not sure what to make of this.  It appears mcelog is being deprecated in favor of rasdaemon.  This is something we need to research further.

     

    Other improvements available in 6.10, which are maybe not so obvious to spot from the release notes and some of these improvements are internal and not really visible:

     

    Event driven model to obtain server information and update the webGUI in real-time

    • The advantage of this model is its scalability. Multiple browsers can be opened simultaneously to the webGUI without much impact
    • In addition stale browser sessions won't create any CSRF errors anymore
    • People who keep their browser open 24/7 will find the webGUI stays responsive at all times
    • [rc3] Consistent state information is maintained across all browser instances open to a particular server

     

    Docker labels

    • Docker labels are added to allow people using Docker compose to make use of icons and GUI access
    • Look at a Docker 'run' command output to see exactly what labels are used

     

    Docker custom networks

    • A new setting for custom networks is available. Originally custom networks are created using the macvlan mode, and this mode is kept when upgrading to version 6.10
    • The new ipvlan mode is introduced to battle the crashes some people experience when using macvlan mode. If that is your case, change to ipvlan mode and test. Changing of mode does not require to reconfigure anything on Docker level, internally everything is being taken care off.

     

    Docker bridge network (docker0)

    • docker0 now supports IPv6. This is implemented by assigning docker0 a private IPv6 subnet (fd17::/64), similar to what is done for IPv4 and use network translation to communicate with the outside world
    • Containers connected to the bridge network now have both IPv4 and IPv6 connectivity (of course the system must have IPv6 configured in the network configuration)
    • In addition several enhancements are made in the IPv6 implementation to better deal with the use (or no-use) of IPv6

     

    Plugins page

    • The plugins page now loads information in two steps. First the list of plugins is created and next the more time consuming plugin status field is retrieved in the background. The result is a faster loading plugins page, especially when you have a lot of plugins installed

     

    Dashboard graphs

    • The dashboard has now two graphs available. The CPU graph is displayed by default, while the NETWORK graph is a new option under Interface (see the 'General Info' selection)
    • The CPU graph may be hidden as well in case it is not desired
    • Both graphs have a configurable time-line, which is by default 30 seconds and can be changed independently for each graph to see a longer or shorter history.
    • Graphs are updated in real-time and are useful to observe the behavior of the server under different circumstances

     

    Scheduler Improvements

    • [rc3] You can now split a parity check into smaller pieces and let it run over multiple days or weeks.  For example a check can be performed in a time frame of 01:00am to 06:00am for several days in a row until it is completed.  This way a long parity check won’t interfere with the normal day activities, like watching a movie.
    • [rc3] Added ability to schedule pool 'balance' and 'scrub' operations and calculate whether a full balance is recommended.

     

    Other Changes

    • We switched to a better-maintained version of the WSD server component called wsdd2 in an effort to eliminate instances where the wsd daemon would start consuming 100% of a CPU core.  [rc2] Automatically restrict wsdd to listen only at the primary network interface (br0, bond0, or eth0, depending on config).
    • Fixed issue where you couldn't create a docker image on a share name that contains a space.
    • Fixed issue where 'mover' would not move to a pool name that contains a space.
    • Fixed issue in User Share file system where permissions were not being honored.
    • We increased the font size in Terminal and [rc2] fixed issue with macOS Monterey.
    • [rc2] Fixed jumbo frames not working.
    • [rc2] sysctl: handle net.netfilter.nf_conntrack_count max exceeded (increase setting to 131072) - hattip to Community Member @DieFalse

    • [rc2] Mover will create '.partial' file and then rename upon completion.

    • [rc2] Check bz file sha256sums at boot time.

    • [rc3] Fixed bug found by @thohell where md_sync_limit was not being honored to limit stripe_head cache usage when other I/O is active.  The effect of this fix is to drastically slow down parity operations if other I/O is happening (such as streaming a video).  Throttling of parity sync operations can be adjusted by changing the 'Settings/Disk Settings/Tunable (md_sync_limit)' value.

    • [rc3] Fixed btrfs pool device replace corner cases.  Important note: if you 'unassign' a device from a btrfs multiple-device pool, and that device is still physically present, upon array Start we will erase the LUKS header on the device if present, and delete the partition structure, thereby effectively erasing all the data contained on the device.  This is necessary in order to convince btrfs to no longer use the device and to free it for assignment to another pool.

    • [rc3] For cookies managed by webGUI, changed sameSite cookie attribute from 'strict' to 'lax'.  This change was made to solve an issue with Terminal window not opening in Safari.

     

    Credits

    Special thanks to all our beta testers and especially:

    @bonienl for his continued refinement and updating of the Dynamix webGUI.

    @Squid for continued refinement of Community Apps and associated feed.

    @dlandon for continued refinement of Unassigned Devices plugin and patience as we change things under the hood.

    @ich777 for assistance and passing on knowledge of Linux kernel config changes to support third party drivers and other kernel-related functionality via plugins.

    @SimonF for refinements to System Devices page and other webGUI improvements.  We intend to merge your mover progress changes during this RC series.

    @thohell for an extra set of eyes looking at md/unraid driver and for work-in-progress of adding changes to support multiple Unraid arrays.

     


     

    Version 6.10.0-rc3 2022-03-09 (vs. 6.10.0-rc2)

     

    Base distro:

    • bash: version 5.1.016
    • bind: version 9.16.24
    • btrfs-progs: version 5.15.1
    • ca-certificates: version 20211216
    • cryptsetup: version 2.4.3
    • curl: version 7.81.0
    • e2fsprogs: version 1.46.5
    • ethtool: version 5.15
    • freetype: version 2.11.1
    • gawk: version 5.1.1
    • git: version 2.34.1
    • glib2: version 2.70.2
    • gtk+3: version 3.24.31
    • harfbuzz: version 3.2.0
    • haveged: version 1.9.16
    • htop: version 3.1.2
    • intel-microcode: version 20220207
    • iproute2: version 5.15.0
    • iputils: version 20211215
    • kernel-firmware: version 20220228_ee0667a
    • libX11: version 1.7.3.1
    • libdrm: version 2.4.109
    • libevdev: version 1.12.0
    • libgpg-error: version 1.43
    • libjpeg-turbo: version 2.1.2
    • libnftnl: version 1.2.1
    • libtasn1: version 4.18.0
    • libvirt: version 7.10.0
    • mcelog: version 180
    • nano: version 6.0
    • nginx: version 1.21.5 with nchan: version 1.2.15
    • oniguruma: version 6.9.7.1
    • openssl: version 1.1.1m
    • openssl-solibs: version 1.1.1m
    • pcre2: version 10.39
    • php: version 7.4.28 (CVE-2021-21708)
    • qemu: version 6.2.0
    • samba: version 4.15.5 (CVE-2021-44141 CVE-2021-44142 CVE-2022-0336)
    • sg3_utils: version 1.47
    • sqlite: version 3.37.2
    • wayland: version 1.20.0
    • wsdd2: version 20111022
    • xauth: version 1.1.1
    • xfsprogs: version 5.13.0 build 2
    • xorg-server: version 1.20.14
    • xterm: version 370
    • xxHash: version 0.8.1
    • zstd: version 1.5.1

     

    Linux kernel:

    • version 5.15.27 (CVE-2022-0847)
    • CONFIG_ISCSI_TCP: iSCSI Initiator over TCP/IP (per Community Member @ich777)
    • oot: md/unraid: version 2.9.21
    • fix: md_sync_limit was being ignored

     

    Management:

    • diagnostics: add bz*.sha256 values
    • diagnostics: Improved anonymization
    • diagnostics: Anonymize mover
    • diagnostics: better package listings in folders.txt
    • diagnostics: do not anonymize 169.254.x.x addresses
    • emhttpd: use shfs ioctl to invalidate shfs cached share info when share cfg changes
    • emhttpd: fix incorrect handling of unassigned device read/write counters
    • emhttpd: fix sometimes wrong device name assigned to hotplugged unassigned devices
    • emhttpd: fix btrfs-replace case
    • rc.nginx: change fastcgi_read_timeout from 120s to 640s
    • rc.nginx: remove ttyd side-loading
    • rc.nginx: support LE wildcard certs
    • rc.nginx: self-signed cert subject OU change from "unRAID" to "Unraid"
    • upgradepkg: do not upgrade if existing package is newer
    • webgui: Docker: fix overlapping container ID display
    • webgui: Docker: fixed template removal when no containers exist
    • webgui: Do not highlight false positive ERST error
    • webgui: VMs: automatically update virtio-win iso list
    • webgui: Allow CA to get all docker info without having to download icons if not present
    • webgui: Docker: fixed filetree sometimes not visible
    • webgui: Docker: add time unit in settings
    • webgui: Plugin manager: fix branch select gets unnecessary disabled
    • webgui: require sign in to provision cert
    • webgui: refactor UpdateDNS.php: anonymize verbose output by default, other improvements
    • webgui: Use ttyd for logging windows
    • webgui: Add new setting "Terminal font size"
    • webgui: Fix missing csrf-token in Notify
    • webgui: VM: fix missing path selection (for GPU firmware file)
    • webgui: Docker: Support ReadMe in context menus
    • webgui: Relax SMART detection logic
    • webgui: Fix CPU model sometimes not present
    • webgui: Dashboard: fix bar color when disk thresholds are disabled
    • webgui: Update GUI with latest helptext
    • webgui: Update FileTree.php
    • webgui: Updated bitstream font to support more languages
    • webgui: Fixed parity duration + speed when paused/resumed
    • webgui: Added: Cumulative parity check. This allows a parity check to be divided over multiple time windows.
    • webgui: ContextMenu: added option "button": defaults to "left" (current behavior), other options are "right" and "both"
    • webgui: Docker: optimized contextmenu
    • webgui: VMs: optimized contextmenu
    • webgui: Fixed comments field only for selected disks
    • webgui: Open terminal window with dynamic size
    • webgui: Docker: remove close button in popup windiow
    • webgui: Docker: update window uses color of selected theme
    • webgui: Fixed: speed calculation of parity check
    • webgui: Fixes and enhancements in Browse function
    • webgui: remove(upc): usage of sendCrashInfo
    • webgui: Move Start button below encryption field
    • webgui: Limit popup window width on ultrawide monitors
    • webgui: NFS: fix copying of hostList after READ operation
    • webgui: Expand ipaddr() with protocol: protocol defaults to ipv4 in case of ipv4 + ipv6
    • webgui: Nchan: Use multiplexed channels and add error reporting
    • webgui: Docker: Do not update installed user templates
    • webgui: Docker: fix GUI may hang when multiple screens are opened
    • webgui: Docker: fix spinner will not disappear after attempting to uninstall a non-existent container
    • webgui: Updated help text for Display settings and Docker
    • webgui: Docker utilization warning only when image file
    • webgui: Validate destination of VirtIO ISO downloads
    • webgui: Use tabbed view for device information page
    • webgui: System info: fix translation
    • webgui: CSS minor corrections
    • webgui: Fixed: VM 9p add share issue
    • webgui: Parity check: re-introduce Done button when finished
    • webgui: css scrollbar enhancements
    • webgui: Always show "WebUI" for user specified URLs
    • webgui: Docker: Handle edge case involving browser back button when within CA in certain unlikely circumstances
    • webgui: Parity operation enhancements:
      - Separate Parity-Sync and Data-Rebuild as individual actions
      - Add parity operation action to history view
      - Correct calculations for data-rebuild smaller than parity
      - Add disk clear action
      - Use Nchan updates for copying/clearing progress
      - CSS adjustment in SMART attributes
      - Show additional buttons in Array Stopped state
      - Textual enhancements
      - Added "size" column to parity history
    • webgui: Dashboard: separate cpu details and graph view
    • webgui: Better array sync when multiple sessions are opened
    • webgui: Enable/Disable SMART extended test depending on spin down delay setting
    • webgui: Fixed: spinner stays visible after docker command
    • webgui: Fixed: buttons not working in device info when no device is present
    • webgui: Fixed: race condition when array is stopped and device assignments are changed
    • webgui: VM editor style update
    • webgui: Fixed: parity history sometimes wrongly processed
    • webgui: BTRFS balance and scrub scheduler
    • webgui: Change Dashboard Parity status to be invalid and not emulated.
    • webgui: Improved background process detection and handling
    • webgui: jQuery: version 3.6.0
    • webgui: DisplaySettings: add "showBannerGradient"

     

    • Like 17
    • Thanks 3
    • Upvote 1



    User Feedback

    Recommended Comments



    On 3/14/2022 at 6:24 PM, ljm42 said:

     

    Interesting. Did you find this documented anywhere or just figure it out?

     

    I did try a lot of things in RC2 to no avail and then RC3 was out some days ago and i wanted to try it in case that my problem was fixed.

    After upgrading i did have the same error, VMs and accessing shares from VMs, gui, dockers and such works fine but accessing shares from the network was very problematic so re-read the release notes and noticed that samba multichannel was enabled by default from RC2 onwards and i did 1+1. I searched how to disable it and voilà. I have LACP, i have no need for SMB multichannel.

     

    I hope that devs put no a disclaimer or remove the "enabled by default". Maybe put an option and a notification in case you try to enable LAGG with smb multichannel enabled

    • Like 1
    Link to comment

    Hi,

     

    I upgraded to 6.10.0-rc3 to resolve an intermittent Unraid OS crash issue that most probably caused the mcvlan in my Docker setting.

    I have a quad nic and currently only the eth0 used which bonded to eth1 in a active-backup mode.

     

    My problem that I can't create a VLAN on eth0 which would be both shows as an option on my docker container and route traffic as well.

     

    After the Upgrade the following steps were done to create a new VLAN: 

    1. changed mcvlan to ipvlan in Docker settings
    2. Enabled VLANs under network settings and created one like belowimage.thumb.png.3beac9038d8ac26b151a12eb0dbb5dbd.png
    3. This time the routing table shows the new VLAN and it's routesimage.thumb.png.3ac02f3d4dec801656cd7ae99e8f1885.png
    4. Back in Docker settings I selected the new VLANimage.thumb.png.ad855412f1eced7675761d991f8ecacb.png
    5. Tried to select the new network for some of my docker containers, but It's not listed thereimage.png.3ec20bc6e923815839d2bf20580cb67c.png

     

    I also treid to not set IPv4 assignemnt

    image.png.f915ba317df63fcb4fcb7b9f9f29ea7f.png

    This time there is no routes, which kinda make sense

    image.thumb.png.c9dee48a142d052c8890d39d37ee3cf0.png

    Although this time the Custom br0.10 is listed for my container

    image.png.0f6e90b03b2eeb0648d8d0d29241f521.png

     

    image.png.843b646b5a9194aafd2c46ffb6a4fee8.png

     

    Sadly Ping from the console only returns for the Gateway of the new VLAN,

    image.png.bb6a536da37c3f57a84276cea0954572.png

    but not from the container (it do work if I use the br0 with my main subnet)

    image.png.c72a5089044fe26bfba14fed766d2249.png

     

    Any help would be really appreciated.

     

    Regards,

    monghuz

     

    pandora-nas-diagnostics-20220317-1139.zip

    Edited by monghuz
    Added a diagnostic file
    Link to comment

    Remove the IP and gateway assignment of vlan 10 under network settings, put "none" as network protocol.

     

    Under Docker settings define the network and gateway as desired for interface br0.10.

     

    Link to comment
    On 3/14/2022 at 6:41 PM, Gingko_2001 said:

    Is there a way to from safe mode to go back to  RC2 ? or 6.9.2 ?

    Just can't boot into the normal server mode, some plugin not working. 

    when boot almost done, see the picture, seems like loading plugin, then stop like 40%, then shut down it self. 

     

    I want to go back to RC2 or 6.9.2 😭, my old usb backups just not working, same things, read the plugin then shutdown. 

     

    please help!!!!

     

     

     

    managed to revert back to RC2,   but can't boot into normal server Mode, only safe mode.

     

    Every time boot up, about 3 seconds,  it shuts down by it self.

     

     

    please help!!! and tell me what is wrong with my configurations,   attached my diagnostics file.

     

     

    Screenshot from 2022-03-17 06-39-09.png

    gingkotower-diagnostics-20220317-0626.zip

    Link to comment
    7 minutes ago, Gingko_2001 said:

     

    managed to revert back to RC2,   but can't boot into normal server Mode, only safe mode.

     

    Every time boot up, about 3 seconds,  it shuts down by it self.

     

     

    please help!!! and tell me what is wrong with my configurations,   attached my diagnostics file.

     

     

    Screenshot from 2022-03-17 06-39-09.png

    gingkotower-diagnostics-20220317-0626.zip

     

    The screenshots shows that the normal shutdown script has been triggered.   This will either be something you are running that calls the script or something obscure that makes Unraid think you have made a short press on the power switch.

     

    If it boots OK into Safe Mode then it will almost certainly be one of your plugins.

     

    Link to comment

    I've upgraded but I cannot boot. 

     

    Upon trying to boot I am receiving the following error:

    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33) (this shows up a lot)
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    /usr/bin/sha256sum: /boot/bzmodules: Input/output error
    bzmodules checksum error - press ENTER key to reboot

     

    I was ok on RC2, but I rolled back to 6.9.2 and it boots just fine. Anyone have any idea how to remedy this?

    Link to comment
    On 3/15/2022 at 7:59 PM, wgstarks said:

    Had to revert to 6.9.2. Samba on RC3 is just too unstable even with the changes above. Failed transfers, failed connections to shares, shares that won't stay connected. I need a stable server. Hopewfully these issues will get resolved prior to 6.10 release.🤞

     

    Are you using a bonded network connection? @exico has an 802.3ad network bond and they were having similar issues. They found that disabling multi-channel SMB solved it:

    https://forums.unraid.net/bug-reports/prereleases/unraid-os-version-6100-rc3-available-r1760/page/6/?tab=comments#comment-17664 
    If this helps for you please upload your diagnostics so we can confirm the network settings.

     

    Link to comment
    8 hours ago, Omri said:

    Hi 

    Any clue what causing the "DNS Propagation is PENDING" problem?

     

     

    Sorry for the delay, we now have a way to test for DNS Rebinding protection specifically for the myunraid.net domain. This will be included in rc4 so we can provide better messaging.

     

    To confirm your issue is DNS Rebinding protection, please open a web terminal and run these two commands:

    nslookup rebindtest.unraid.net
    nslookup rebindtest.myunraid.net

     

    If DNS Rebinding protection is NOT an issue you should see something like this, where both addresses resolve to 192.168.42.42

    root@Tower:~# nslookup rebindtest.unraid.net
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    Non-authoritative answer:
    Name:   rebindtest.unraid.net
    Address: 192.168.42.42
    
    root@Tower:~# nslookup rebindtest.myunraid.net
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    Non-authoritative answer:
    Name:   rebindtest.myunraid.net
    Address: 192.168.42.42
    Name:   rebindtest.myunraid.net
    Address: fd42::

     

    Please post your results.

     

    Link to comment

    After upgrade to 6.10.0.rc3 (from rc2) i get error message on my qemu arguments to set rotational rate to 1 on my virtual drives (make the mac osx think they are ssd's)

     

    These 3 entries for my 3 devices in my vm templates now give errors. When removed vm boots as normal . Did the syntax change ??

     

     

        <qemu:arg value='-set'/>

        <qemu:arg value='device.sata0-0-3.rotation_rate=1'/>

        <qemu:arg value='-set'/>

        <qemu:arg value='device.sata0-0-4.rotation_rate=1'/>

        <qemu:arg value='-set'/>

        <qemu:arg value='device.sata0-0-5.rotation_rate=1'/>

     

    image.png.33ffa216a70398d0fd52841433ca826d.png

     

     

    edit : rolled back to rc2 and all good again. Mainly because i also had a huuuuuge system lockup just now for the first time in more then a year (and within not even 1 hour on rc3) when rebooting this mac osx vm with amd gpu (maybe the amd reset bug plugin changed behavior also with rc3 , but not risking it . Safely back at stable rc2 ;-)

     

     

     

    Edited by glennv
    Link to comment
    1 hour ago, wtfcr0w said:

    I've upgraded but I cannot boot. 

     

    Upon trying to boot I am receiving the following error:

    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33)
    FAT-fs (sda1): error, invalid access to FAT (entry 0x0995cb33) (this shows up a lot)
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    sda1: rw=0, want 51466008072, limit=60618752
    attempt to access beyond end of device
    /usr/bin/sha256sum: /boot/bzmodules: Input/output error
    bzmodules checksum error - press ENTER key to reboot

     

    I was ok on RC2, but I rolled back to 6.9.2 and it boots just fine. Anyone have any idea how to remedy this?

     

    Your flash drive is having issues. I'd recommend putting the drive in a Windows computer and checking for errors, let it fix whatever it finds. Might as well grab a backup of it while it is there.  I'd also get a replacement drive on order in case this one does fail.

    Link to comment
    36 minutes ago, ljm42 said:

     

    Are you using a bonded network connection? @exico has an 802.3ad network bond and they were having similar issues. They found that disabling multi-channel SMB solved it:

    https://forums.unraid.net/bug-reports/prereleases/unraid-os-version-6100-rc3-available-r1760/page/6/?tab=comments#comment-17664 
    If this helps for you please upload your diagnostics so we can confirm the network settings.

     

    No. I have eth0 for server management, share access, dockers, etc. and a VLAN on the same nic (Mellanox Connect-X 10GB) that is used for a custom docker network (Cameras & Frigate). Eth1 and eth2 are unused.

     

    Edit: Also br0 for VM

    Edited by wgstarks
    Link to comment
    2 minutes ago, wgstarks said:

    No. I have eth0 for server management, share access, dockers, etc. and a VLAN on the same nic (Mellanox Connect-X 10GB) that is used for a custom docker network (Cameras & Frigate). Eth1 and eth2 are unused.

     

    OK. If you have time to try rc3 again (or maybe wait for rc4) would you please see if disabling SMB Multichannel helps your situation at all? The link in the previous post shows how.

     

    Link to comment
    1 minute ago, ljm42 said:

     

    OK. If you have time to try rc3 again (or maybe wait for rc4) would you please see if disabling SMB Multichannel helps your situation at all? The link in the previous post shows how.

     

    I should get a chance this weekend. Really want to get this figured out but need to have plenty of time to monitor since everything seems to work great for the first 24 hours or so and then goes right in the toilet.

    • Like 1
    Link to comment
    11 hours ago, MammothJerk said:

    I am also unable to connect to the webgui via firefox, had this problem since rc1.

    AaGBiHc.gif

    using edge works fine.

     

    Thanks for the video, that makes it super clear.

     

    Firefox definitely works for me, so this isn't a general problem. Would you please try it in a private window? That will eliminate caching issues and it tends to bypass most extensions. I'm guessing there is a privacy setting or an extension that is causing issues.

     

    Firefox may give some clues as to what it is doing. While on the signin page, right click and choose Inspect, then switch to the Console tab. Click the gear on the right side and choose "Persist Logs". Then try signing in and see if there are any errors.

     

    Link to comment
    1 hour ago, ljm42 said:

     

    Sorry for the delay, we now have a way to test for DNS Rebinding protection specifically for the myunraid.net domain. This will be included in rc4 so we can provide better messaging.

     

    To confirm your issue is DNS Rebinding protection, please open a web terminal and run these two commands:

    nslookup rebindtest.unraid.net
    nslookup rebindtest.myunraid.net

     

    If DNS Rebinding protection is NOT an issue you should see something like this, where both addresses resolve to 192.168.42.42

    root@Tower:~# nslookup rebindtest.unraid.net
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    Non-authoritative answer:
    Name:   rebindtest.unraid.net
    Address: 192.168.42.42
    
    root@Tower:~# nslookup rebindtest.myunraid.net
    Server:         8.8.8.8
    Address:        8.8.8.8#53
    
    Non-authoritative answer:
    Name:   rebindtest.myunraid.net
    Address: 192.168.42.42
    Name:   rebindtest.myunraid.net
    Address: fd42::

     

    Please post your results.

     

    Here are my results

    really appreciate your help

     

     

     

     

    Screen Shot 2022-03-17 at 19.38.13.png

    Edited by Omri
    Link to comment
    43 minutes ago, Omri said:

    Here are my results

    really appreciate your help

     

    Screen Shot 2022-03-17 at 19.38.13.png

     

    OK so dns rebinding is not an issue here. 

     

    Please DM me a non-redacted screenshot of your Settings -> Management Access page so I can see the error message. Also please right-click on the line that says "Certificate Subject" and paste that into the DM as well.  Thanks!

     

    Link to comment

    Ok, so I think I spoke too soon about Time Machine working. I haven't gotten a successful backup since yesterday morning. I tried "server multi channel support = no" with no improvement. Also, since macOS insists the server has server-side search enabled even though "spotlight = no", I tried "rpc_server:mdssvc = disabled" which disables spotlight support entirely. macOS is no longer thinking server search is enabled, but that hasn't helped Time Machine.

     

    "rpc_server:mdssvc = disabled" is probably a better solution to Spotlight breaking than setting the indexer to gnome tracker, since we don't have gnome tracker anyway, for whatever that's worth. (Actually setting up a search index would be awesome, but I can't be bothered.)

    Link to comment
    5 hours ago, ljm42 said:

    To confirm your issue is DNS Rebinding protection, please open a web terminal and run these two commands:

    nslookup rebindtest.unraid.net
    nslookup rebindtest.myunraid.net

     

    Please post your results.

     

     

    I, too, am seeing the perpetual DNS Propagation is PENDING notice under Management Access.

     

    This is the output from those commands:

    root@titan:~# nslookup rebindtest.unraid.net
    Server:         192.168.0.1
    Address:        192.168.0.1#53
    
    Non-authoritative answer:
    Name:   rebindtest.unraid.net
    Address: 192.168.42.42
    
    root@titan:~# nslookup rebindtest.myunraid.net
    Server:         192.168.0.1
    Address:        192.168.0.1#53
    
    Non-authoritative answer:
    Name:   rebindtest.myunraid.net
    Address: 192.168.42.42
    Name:   rebindtest.myunraid.net
    Address: fd42::
    

     

    I am also seeing these entries every day in the syslog. Not sure if related.

    Mar 11 16:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry
    Mar 12 16:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry
    Mar 13 17:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry
    Mar 14 17:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry
    Mar 15 17:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry
    Mar 16 17:44:37 titan root: Error: Cannot renew cert until within 30 days of expiry

     

     

    Link to comment
    4 hours ago, SLNetworks said:

    Link me?

    Click "Prereleases" at the bottom of this screen in the navigation bar, then click on the rc2 thread.

    Link to comment
    12 hours ago, itimpi said:

     

    The screenshots shows that the normal shutdown script has been triggered.   This will either be something you are running that calls the script or something obscure that makes Unraid think you have made a short press on the power switch.

     

    If it boots OK into Safe Mode then it will almost certainly be one of your plugins.

     

     

    Thanks for your help,  with your comments, I tried delete the plugins one by one  from my USB, 

     

    Finally I reached the point I can boot into the RC2 normal server mode. 

     

    Thanks !!!! 👍

    Link to comment
    13 hours ago, ljm42 said:

     

    Thanks for the video, that makes it super clear.

     

    Firefox definitely works for me, so this isn't a general problem. Would you please try it in a private window? That will eliminate caching issues and it tends to bypass most extensions. I'm guessing there is a privacy setting or an extension that is causing issues.

     

    Firefox may give some clues as to what it is doing. While on the signin page, right click and choose Inspect, then switch to the Console tab. Click the gear on the right side and choose "Persist Logs". Then try signing in and see if there are any errors.

     

    in a private window i am able to get past the login screen but im sometimes stuck with the "Nchan communication error" screen.

    sh5o88E.png

    Weird thing is i sometimes get this error on /Main, /Dashboard, and /Docker. if i navigate to somewhere else like /Settings through the address bar i do not get this error.

     

    heres the console output on the default firefox window when trying to login as in my first post, not really sure what to do with this information.

    the first line is when im clicking the login field either username or password.

    Spoiler

    iJRKqQy.png

     

    Link to comment



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.


    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.