Jump to content

repomanz

Members
  • Content Count

    41
  • Joined

  • Last visited

Community Reputation

4 Neutral

About repomanz

  • Rank
    Advanced Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. MineOS / forge / mod question. generator-options={"profile"\:"rarecities"} Does anyone know how to work around the \ being inserted in this server.properties upon start up? This is messing up a mod from properly running. Obviously the : needs to be escaped but in doing so mod doesn't load the profile. Seen this before?
  2. Hi Unraid Dev, Saw this in one of my feeds today and wanted to bring to your attention. https://nakedsecurity.sophos.com/2019/05/31/unpatched-docker-bug-allows-read-write-access-to-host-os/ https://seclists.org/oss-sec/2019/q2/131 repo
  3. I can see both sides of this discussion and what risk is appropriate for unraid's primary audience. Personally I like the idea of encrypted usb within this process, just to keep the file systems all encrypted. As a side note; I'd like my unraid to boot needing both the usb boot device but also a yubikey. What about a docker container escape writing to the usb drive? My understanding is once the array is booted up, the file systems can be read/write which includes the boot usb device.
  4. little late replying to my own thread here but agree with melmurp. unraid, and it's community, leverage a lot of docker containers and just making an assumption that those dev owners who author containers for use of unraid have taken steps is a bit risky. I know emails, password resets including api tokens has occurred. I may jump over to the community plugin support page to see if they are mitigating this at all. Would make me feel better about it at least.
  5. https://news.ycombinator.com/item?id=19763413. May be worth a bulletin to users given the significant use of containers within unraid.
  6. Hey guys - unsure if Alpine / Unraid is impacted but passing along just in case. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736 https://seclists.org/oss-sec/2019/q1/119 repo
  7. silly question as I'm trying to get this functioning. Is setting up the openvpn as server with google 2fa required on logins supported on the android openvpn app? If so; I must be missing this setting somewhere.
  8. appears some back-end service has fixed this issue auto-magically. crisis averted.
  9. Hi folks - i misconfigured the CA backup plugin and pointed it /mnt/cache/backups/unraid folder instead of the proper /mnt/user/backups. It filled up my cache drive and hung so i went in and deleted the file (85gb) via console. However after doing so, I am not showing the cache drive recovering that space. Is there a service that will auto-correct this or do i need to do something manually here? Side note; how can i safely force the backups share to point to my disk volumes, including moving all currently files on cache to the new directory?
  10. I don't run any privileged docker containers but would that change if the container was actually ran as privileged? What's interesting is that team is aware of other exploit techniques they chose not to make public.
  11. Hey guys - wanted you to be aware of this one. Hot off the press today. https://www.cyberark.com/threat-research-blog/how-i-hacked-play-with-docker-and-remotely-ran-code-on-the-host/ repo
  12. Wanted to close this thread out / show my configuration in case someone runs across it switch configuration, - port 5 connected to eth4 on unraid nic - port 1 connected to pfsense eth4 NIC configuration on Unraid OS docker configuration within Unraid OS pfsense vlan interface
  13. Hi Bonienl - with your help I believe we have success. I now have - internal docker containers running on the trusted lan - external docker containers running on eth4 / vlan 5 Confirmed routing on router also working lan to vlan, vlan to lan and vlan to inet. Really appreciate you walking me through this.
  14. Hi Bonienl - thanks for responding! What about this? - remove eth4 vlan settings within unraid - bridge eth4 nic - assign port on managed switch eth4 is connected to to vlan 5 - create vlan 5 interface on router Would I be able to put dockers on the bridged eth4 NIC as it's operating within the vlan 5 network?
  15. Hi folks - I'm new to vlans / managed switches and learning unraid so bare with me. Is there a version of this guide that deals with vlans with using multiple network cards? I have a 4 port intel nic so currently unraid sees eth0 - eth4. Here is what I'm wanting to do (or something similar) 1) leverage eth4 physical network 2) create a vlan off the eth4 interface 3) put external facing dockers on the vlan I've tried various combinations of things on the router, managed switch and unraid. So far the best i have gotten is eth4 was successful in getting a dhcp IP address defined for the vlan. However doing so I can no longer reach unraid. Admittedly; I'm likely doing some things wrong here either within unraid or my managed switch. Any coaching or guides would be helpful so i can accomplish my goal here. Thanks in advance!