• Unraid OS version 6.8.0-rc1 available


    limetech

    New in Unraid OS 6.8 release:

     

    The unRAIDServer.plg file (update OS) still downloads the new release zip file to RAM but then extracts directly to USB flash boot device.  You will probably notice a slight difference in speed of extract messages.  There is still a 'sync' command at the end, which causes each device to spin up serially as Linux kernel syncs each device (why does kernel do this serially? I have no idea).  I am tempted to remove this because a Reboot of course spins everything up in parallel, but I'm concerned about users out there who might just hit Reset button and USB flash write data is not fully written. 

     

    Forms based authentication
    If you have set a root password for your server, upon boot you'll now see a nice login form.  There still is only one user for Unraid so for username enter root.  This form should be compatible with all major password managers out there.  We always recommend using a strong password.  We have auto-logout set to 1 hour.

     

    Linux kernel 5.3

    • default scheduler now 'mq-deadline'
    • enabled Huge Page support, though no UI control yet
    • binfmt_misc support
    • added "Vega 10 Reset bug" patch
    • more device drivers

     

    Some out-of-tree (oot) drivers are currently omitted either because the source code doesn't compile or driver doesn't work with the 5.3 kernel:

    • Intel ixgbe [does not build] (using in-tree driver)
    • Highpoint r750 [does not work]
    • Highpoint rr3740a [does not build]

     

    This is always the risk with including vendor-supplied drivers.  Until the vendor fixes their code we must omit their driver.

     

    md/unraid driver
    Introduced "multi-stream" support:

    • Reads on devices which are not being written should run at full speed.  In addition, if you have set the md_write_method tunable to "reconstruct write", then while writing, if any read streams are detected, the write method is switched to "read/modifywrite".
    • Parity sync/check should run at full speed by default.
    • Parity sync/check can be throttled back in presence of other active streams.
    • The "stripe pool" resource is automatically shared evenly between all active streams.

     

    As a result got rid of some Tunables:

    • md_sync_window
    • md_sync_thresh

    and added some tunables:

    • md_queue_limit
    • md_sync_limit

     

    Please refer to Settings/Disk Settings help text for description of these settings.

     

    Remaining issue: some users have reported slower parity sync/check rates for very wide arrays (20+ devices) vs. 6.7 and earlier releases - we are still studying this problem.


    WireGuard support - available as a plugin via Community Apps.  Our WireGuard implementation and UI is still a work-in-process; for this reason we have made this available as a plugin, though the latest WireGuard module is included in our Linux kernel.  Full WireGuard implementation will be merged into Unraid OS itself in a future release.  I want to give special thanks to @bonienl who wrote the plugin with lots of guidance from @ljm42 - thank you!  I also should give a shout out to @NAS who got us rolling on this.  If you don't know about WireGuard it's something to look into!

     

    Guide here:


    WS-Discovery support - Finally you can get rid of SMBv1 and get reliable Windows network discovery.  This feature is configured on the Settings/SMB Settings page and enabled by default.

    • Also on same settings page is Enable NetBIOS setting.  This is enabled by default, however if you no longer have need for NetBIOS discovery you can turn it off.  When turned off, Samba is configured to accept only SMBv2 protocol and higher.
    • Added mDNS client support in Unraid OS.  This means, for example, from an Unraid OS terminal session to ping another Unraid OS server on your network you can use (e.g., 'tower'):
      ping tower.local
      instead of
      ping tower
      Note the latter will still work if you have NetBIOS enabled.

     

    User Share File System (shfs) changes:

    • Integrated FUSE-3 - This should increase performance of User Share File System somewhat.
    • Fixed bug with hard link support.  Previously a 'stat' on two directory entries referring to same file would return different i-node numbers, thus making it look like two independent files.  This has been fixed however there is a config setting on Settings/Global Share Settings called "Tunable (support hard links)".  The default is Yes, but with certain very old media and DVD players which access shares via NFS, you may need to set this to No.
    • Note: if you have custom config/extra.cfg file, get rid of it.


    Other improvements/bug fixes:

    • Format - during Format any running parity sync/check is automatically Paused and then resumed upon Format completion.
    • Encryption - an entered passphrase is not saved to any file.  Also included an API for Unassigned devices plugin to open encrypted volumes.
    • Fixed bug where multi-device btrfs pool was leaving metadata set to dup instead of raid1.
    • Several other small bug fixes and improvements.
    • Numerous base package updates.

     

    Finally - please note that AFP is now deprecated and we plan to remove in Unraid 6.9 release.

     

    Version 6.8.0-rc1 2019-10-11

    Base distro:

    • aaa_elflibs: version 15.0 build 11
    • acpid: version 2.0.32
    • at-spi2-atk: version 2.34.0
    • at-spi2-core: version 2.34.0
    • atk: version 2.34.1
    • bash: version 5.0.011
    • btrfs-progs: version 5.2.2
    • bzip2: version 1.0.8
    • ca-certificates: version 20190826
    • cifs-utils: version 6.9
    • cryptsetup: version 2.2.1
    • curl: version 7.66.0
    • dbus: version 1.12.16
    • dbus-glib: version 0.110
    • dhcpcd: version 8.0.6
    • docker: version 19.03.3
    • e2fsprogs: version 1.45.4
    • encodings: version 1.0.5
    • etc: version 15.0
    • ethtool: version 5.3
    • expat: version 2.2.9
    • file: version 5.37
    • findutils: version 4.7.0
    • freetype: version 2.10.1
    • fuse3: version 3.6.2
    • gdbm: version 1.18.1
    • gdk-pixbuf2: version 2.38.2
    • git: version 2.23.0
    • glib2: version 2.62.0
    • glibc-solibs: version 2.30
    • glibc-zoneinfo: version 2019c
    • glibc: version 2.30
    • glu: version 9.0.1
    • gnutls: version 3.6.10
    • gtk+3: version 3.24.10
    • harfbuzz: version 2.6.0
    • haveged: version 1.9.8
    • hostname: version 3.22
    • hwloc: version 1.11.13
    • icu4c: version 64.2
    • intel-microcode: version 20190918
    • iproute2: version 5.3.0
    • iptables: version 1.8.3
    • iputils: version 20190709
    • irqbalance: version 1.6.0
    • less: version 551
    • libICE: version 1.0.10
    • libX11: version 1.6.8
    • libXi: version 1.7.10
    • libXt: version 1.2.0
    • libarchive: version 3.4.0
    • libcap-ng: version 0.7.10
    • libcroco: version 0.6.13
    • libdrm: version 2.4.99
    • libedit: version 20190324_3.1
    • libevdev: version 1.7.0
    • libevent: version 2.1.11
    • libgcrypt: version 1.8.5
    • libgudev: version 233
    • libjpeg-turbo: version 2.0.3
    • libnftnl: version 1.1.4
    • libnl3: version 3.5.0
    • libpcap: version 1.9.1
    • libpciaccess: version 0.16
    • libpng: version 1.6.37
    • libpsl: version 0.21.0
    • librsvg: version 2.44.14
    • libseccomp: version 2.4.1
    • libssh2: version 1.9.0
    • libtasn1: version 4.14
    • libusb: version 1.0.23
    • libvirt-php: version 0.5.5
    • libvirt: version 5.7.0 (CVE-2019-10161, CVE-2019-10166, CVE-2019-10167, CVE-2019-10168)
    • libwebp: version 1.0.3
    • libzip: version 1.5.2
    • logrotate: version 3.15.1
    • lsof: version 4.93.2
    • lsscsi: version 0.30
    • lvm2: version 2.03.05
    • lz4: version 1.9.1
    • mkfontscale: version 1.2.1
    • mozilla-firefox: version 68.0.2 (CVE-2019-11751, CVE-2019-11746, CVE-2019-11744, CVE-2019-11742, CVE-2019-11736, CVE-2019-11753, CVE-2019-11752, CVE-2019-9812, CVE-2019-11741, CVE-2019-11743, CVE-2019-11748, CVE-2019-11749, CVE-2019-5849, CVE-2019-11750, CVE-2019-11737, CVE-2019-11738, CVE-2019-11747, CVE-2019-11734, CVE-2019-11735, CVE-2019-11740, CVE-2019-11754, CVE-2019-9811, CVE-2019-11711, CVE-2019-11712, CVE-2019-11713, CVE-2019-11714, CVE-2019-11729, CVE-2019-11715, CVE-2019-11716, CVE-2019-11717, CVE-2019-1 1718, CVE-2019-11719, CVE-2019-11720, CVE-2019-11721, CVE-2019-11730, CVE-2019-11723, CVE-2019-11724, CVE-2019-11725, CVE-2019-11727, CVE-2019-11728, CVE-2019-11710, CVE-2019-11709)
    • nano: version 4.5
    • ncurses: version 6.1_20190720
    • net-tools: version 20181103_0eebece
    • nettle: version 3.5.1
    • nghttp2: version 1.39.2
    • nginx: version 1.16.1 (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516)
    • nodejs: version 10.16.3
    • nss-mdns: version 0.14.1
    • ntp: version 4.2.8p13
    • openldap-client: version 2.4.48
    • openssh: version 8.0p1
    • openssl-solibs: version 1.1.1d
    • openssl: version 1.1.1d
    • p11-kit: version 0.23.18.1
    • pcre2: version 10.33
    • php: version 7.2.23 (CVE-2019-11042, CVE-2019-11041)
    • pixman: version 0.38.4
    • pkgtools: version 15.0
    • procps-ng: version 3.3.15
    • qemu: version 4.1.0 (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091)
    • qrencode: version 4.0.2
    • rpcbind: version 1.2.5
    • rsyslog: version 8.1908.0
    • samba: version 4.10.8 (CVE-2019-10197)
    • sdparm: version 1.10
    • sessreg: version 1.1.2
    • setxkbmap: version 1.3.2
    • sg3_utils: version 1.44
    • shadow: version 4.7
    • shared-mime-info: version 1.12
    • sqlite: version 3.29.0
    • sysvinit-scripts: version 2.1
    • sysvinit: version 2.96
    • talloc: version 2.3.0
    • tdb: version 1.4.2
    • tevent: version 0.10.1
    • ttyd: version 1.5.2
    • usbutils: version 012
    • util-linux: version 2.34
    • wget: version 1.20.3
    • wireguard: version 0.0.20190913
    • wsdd: version 20180618 build 2
    • xauth: version 1.1
    • xclock: version 1.0.9
    • xfsprogs: version 5.2.1
    • xkeyboard-config: version 2.27
    • xorg-server: version 1.20.5
    • xrandr: version 1.5.1
    • xterm: version 348
    • xwininfo: version 1.1.5
    • zstd: version 1.4.3

    Linux kernel:

    • version 5.3.6
    • default scheduler now mq-deadline
    • CONFIG_BINFMT_MISC: Kernel support for MISC binaries
    • CONFIG_DEBUG_FS: Debug Filesystem
    • CONFIG_HUGETLBFS: HugeTLB file system support
    • CONFIG_ICE: Intel(R) Ethernet Connection E800 Series Support
    • CONFIG_IGC: Intel(R) Ethernet Controller I225-LM/I225-V support
    • CONFIG_MLX5_CORE_IPOIB: Mellanox 5th generation network adapters (connectX series) IPoIB offloads support
    • CONFIG_SCSI_SMARTPQI: Microsemi PQI Driver
    • CONFIG_WIREGUARD: IP: WireGuard secure network tunnel
    • patch: fix_vega_reset (user request)
    • patch: increase BLK_MAX_REQUEST_COUNT from 16 to 32
    • oot: LimeTech md/unraid: version 2.9.10 (multi-stream support)
    • oot: Highpoint rsnvme: version v1.2.16_19_05_06
    • oot: Tehuti tn40xx: version 0.3.6.17.2
    • oot: omitted: Intel ixgbe [does not build] (using in-tree driver)
    • oot: omitted: Highpoint r750 [does not work]
    • oot: omitted: Highpoint rr3740a [does not build]

    Management:

    • fix btrfs bug where converting from single to multiple pool did not balance metadata to raid1, and converting from multiple to single did not balance metadata back to single.
    • auto-mount hugetlbfs to support kernel huge pages
    • emhttpd: do not write /root/keyfile if encryption passphrase provided via webGUI
    • fstab: mount USB flash boot device with root-only access
    • nginx.conf: configure all nginx worker threads to run as 'root'.
    • start/stop WireGuard upon server start/shutdown
    • support forms-based authentication
    • shfs: support FUSE3 API changes; hard links report same st_ino; hard link support configurable
    • support disabling NetBIOS, and set Samba 'min server procotol' and 'min client protocol' to SMB2 if disabled
    • support WS-Discovery method
    • support mDNS local name resolution via avahi
    • extract OS upgrade directly to USB flash
    • webgui: Revamp Banner Warning System
    • webgui: Fix custom case png not surviving reboot
    • webgui: Enhanced display of network settings
    • webgui: Open banner system to 3rd party apps
    • webgui: Modified notify script to allow overriding email recipients in notification settings
    • webgui: Allow Safari to use websockets
    • webgui: Select case correction + replace MD1510 for AVS-10/4
    • webgui: Font, Icon and image cleanup
    • webgui: Added AFP deprecated notice
    • webgui: Changed config folder of TELEGRAM
    • webgui: Add share access to user edit
    • webgui: Added cache and disk type to shares page
    • webgui: Aligned management page layout
    • webgui: Added conditional UPnP setting on Management page
    • webgui: Support wireguard plugin in download.php
    • webgui: Added UPnP to access script (to support WireGuard plugin)
    • webgui: Made notify script compatible with 6.8 new security scheme
    • webgui: Fixed misalignment of absent disk on Main page
    • webgui: Update ArrayDevices.page help text
    • webgui: show warning on login page when browser cookies are disabled
    • webgui: Fixed docker container update state
    • webgui: Added VM XML files to diagnostics
    • webgui: Telegram notification agent: enable group chat IDs, update helper description
    • webgui: Integrate CAs Plugin Helper
    • webgui: Switch download routine to be PHP Curl
    • webgui: Change PluginHelpers download to be PHP Curl
    • webgui: dockerMan - Deprecate TemplateURL
    • webgui: Fixed: footer always on foreground
    • webgui: Plugin Helpers: Follow redirects on downloads
    • webgui: dockerMan: Redownload Icon if URL changes
    • webgui: If a page is loaded via https, prevent it from loading resources via http (ie, block mixed content)
    • webgui: Ensure spinner always ontop
    • webgui: Allow outside click to close popups
    • webgui: Use complete HTML documents in popups
    • webgui: Standardize on lang="en"
    • webgui: Added 'F1' key to toggle help text
    • webgui: Main page: consolidate spin up/down action and device status into one
    • webgui: support changed tunables on Disk Settings page

    Edited by limetech

    • Like 6
    • Thanks 4



    User Feedback

    Recommended Comments



    i am seeing these errors in RC-1

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *259 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "127.0.0.1"

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *261 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "localhost"

     

     

    Link to comment
    5 minutes ago, Dazog said:

    i am seeing these errors in RC-1

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *259 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "127.0.0.1"

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *261 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "localhost"

     

     

    Have no idea what "/admin/api.php" could be referring to... got diagnostics?

    Link to comment
    1 minute ago, limetech said:

    Have no idea what "/admin/api.php" could be referring to... got diagnostics?

    Sent via PM.

    Link to comment

    First beer of the night cracked! Updated from 6.7.2 without issues. Clicking through the main pages, no issues seen. LOVE the new logon page, finally can store in lastpass easily. Main boot log is clean, and unraid log is clean. (System specs in sig)

     

    Cheers to the team, great job! 🍻

     

     

    EDIT: Confirmed, this is working great! "WS-Discovery support"

    Edited by cybrnook
    • Thanks 1
    Link to comment
    32 minutes ago, Dazog said:

    i am seeing these errors in RC-1

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *259 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "127.0.0.1"

    unRAID nginx: 2019/10/11 16:58:50 [error] 7418#7418: *261 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 127.0.0.1, server: , request: "GET /admin/api.php?version HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "localhost"

     

     

    You're running Netdata.  And it looks harmless

    • Thanks 1
    Link to comment

    Working good here so far. Thanks! 

    Checking for Docker updates never finish but could be something temporary. 

    Edit: It was temporary

    Edited by Niklas
    Link to comment
    12 minutes ago, Squid said:

    You're running Netdata.  And it looks harmless

    Ah ok, ty for quick reply.

    Link to comment
    50 minutes ago, tr0910 said:

    Looking forward to Wireguard comments.  Thanks @limetech @bonienl@ljm42 @NAS for a new VPN option.

    OK.  Here's mine.

     

    Had to actually read the threads, watch a video on how to set up OpenVPN so I could access my server.  (And it worked -> finally)

     

    With wireguard, I installed the plugin, forwarded a port, installed the app on my phone, snapped a QR code and I had access.  Whole process took around 3 minutes.  But, it's not perfect for all use cases.

     

    I highly suggest trying it out.  I'm sure that @ljm42 will wind up posting a "how-to" / introduction to it at some point.

    Edited by Squid
    • Like 1
    Link to comment
    1 hour ago, Niklas said:

    Checking for Docker updates never finish but could be something temporary. 

    They worked for me first try, and it found an update:

    image.thumb.png.db4bc444bde7e5e1fdb3b3770075ddba.png

    Link to comment
    19 minutes ago, Squid said:

    OK.  Here's mine.

     

    Had to actually read the threads, watch a video on how to set up OpenVPN so I could access my server.  (And it worked -> finally)

     

    With wireguard, I installed the plugin, installed the app on my phone, snapped a QR code and I had access.  Whole process took around 3 minutes.

     

    I highly suggest trying it out.  I'm sure that @ljm42 will wind up posting a "how-to" / introduction to it at some point.

    I didn't try this yet. But, the setup as it is already, offers the ability to setup an inbound tunnel from WAN into my unraid server? Sweet! My whole home is currently behind a VPN, with a few policy based devices routing out over WAN.

     

    If this let's me come back in over my tun into Unraid without having to create rules in my firewall, that's deserving of some beers to you guys. Let me know where to send them 🙂

     

     

    EDIT: Setting it up now 🙂

    Edited by cybrnook
    Link to comment

    re: WireGuard

     

    Beware the developers themselves describe this as a "work-in-progress":

    https://www.wireguard.com/#work-in-progress

     

    and the wg module has not yet been merged into Linux mainline kernel:

    https://kubemag.net/news/wireguard-going-to-be-merged-into-linux-kernel

     

    We do keep up with changes:

    https://git.kernel.org/pub/scm/linux/kernel/git/zx2c4/WireGuard.git/

     

    with sufficient warnings in place: We've been using it quite a long time now and this tech is really cool!

    • Like 1
    Link to comment

    Oh yeah! My buddy and I have been playing with wireguard for a few months now. We did the NordVPN beta, before that got repackaged. We are now using Mullvad, and works a treat.

     

    We have him running on OpenWRT for his home router, and the performance > load on the little ARM CPU in his router is just amazing. Muuuuuuch less overhead than OpenVPN, just a bizznitch to troubleshoot since nothings logged 🙂

    Edited by cybrnook
    Link to comment

    Ok, seems like we need to set up a Wireguard thread for 6.8 to siphon off the comments from here.  I'm sure @limetech wants this to only capture the issues with 6.8rc1

     

    Creating one now....

     

     

     

    Edited by tr0910
    • Thanks 1
    Link to comment

    Happy to see the enthusiasm for WireGuard :) I just posted a quickstart guide over here: 

     

    • Like 2
    Link to comment

    Why was this done?

    Quote

    fstab: mount USB flash boot device with root-only access

    It broke my access to the boot drive with the Krusader Docker. 

    Link to comment
    1 minute ago, Frank1940 said:

    Why was this done?

    Part of an effort to start locking down in preparation for multiple users and roles in upcoming releases.

    • Like 3
    Link to comment

    Upgraded two servers from 6.7.2, checked the logs, no issues to report. One server was bare metal, the other is a VM. The VM booted fine, everything passed thru as expected.

    Link to comment

    In this RC, I got several problem

     

    1. Extreme slow read performance, I try restore all modify tunable to default but can't fix. Single disk read speed ~50MB/s, or multiple disk access i.e 3 disks total ~150MB/s. ( all were large file from individual disk, no other task )

    speed.PNG.2606af5ff786418cc45dab42fdf1c415.PNG

     

    2. When open Web terminal and type "exit" at prompt, the terminal will reconnect again.

     

    3. Bowser issue, seems Chrome could normal access, MS Edge - can't correct display the gui, IE even just blank page.

     

    4. When shutdown in gui, the gui show system "power-off", in fact not, array still in mount state. This is because I hold a file and array couldn't unmount. After I release it, then system finally normal power-off. This is dangerous, user may hard power-off it because misunderstand array was normal unmount.

     

    sd.PNG.d195a5c9d43f6f4540e8e3e58d4bb214.PNG

    Edited by Benson
    Link to comment



    Guest
    This is now closed for further comments

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.


    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.