February 1, 20188 yr Expecting to release this to stable by end of week. Version 6.4.1-rc2 2018-01-31 Summary: Fixed bug where the server TLD is not formed correctly in the self-signed SSL cert. After installing this release delete the self-signed cert config/ssl/certs/<server-name>_unraid_bundle.pem and then reboot to let unRAID OS regenerate a new one. Disable "mover logging" by default for new installs. We recommend setting Settings/Scheduler/Mover Settings/Mover Logging to Disabled. User bonienl added additional enhancements to better support custom networks: webGUI allows any interface without IP address to be used for Docker. This gives the user more possibilities. Auto-generated interfaces may be included or excluded. This can help with potential conflicts. We are phasing in a series of VM Manager improvements. Base distro: mozilla-firefox: version 58.0.1 (CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5105, CVE-2018-5106, CVE-2018-5107, CVE-2018-5108, CVE-2018-5109, CVE-2018-5110, CVE-2018-5111, CVE-2018-5112, CVE-2018-5113, CVE-2018-5114, CVE-2018-5115, CVE-2018-5116, CVE-2018-5117, CVE-2018-5118, CVE-2018-5119, CVE-2018-5121, CVE-2018-5122, CVE-2018-5090, CVE-2018-5189) Linux kernel: version 4.14.16 added config options: CONFIG_USB_EHCI_ROOT_HUB_TT: Root Hub Transaction Translators CONFIG_USB_EHCI_TT_NEWSCHED: Improved Transaction Translator scheduling Management: bug fix: server TLD not formed correctly in self-signed SSL cert. bug fix: primary IP address not correct in login greeting when there are two or more ethX but not using a bond or bridge. disable mover logging by default webgui: vm manager: Only show VM Templates when Adding a VM webgui: vm manager: improve table vertical alignment with page header webgui: vm manager: re-style vm list and sublist elements webgui: docker: improve escaping arguments to docker create/run webgui: Add in Support & Project Links to Docker Context Menus webgui: Add warning about running New Perms against appdata share webgui: Disable array STOP button when BTRFS operation is running webgui: Round size in parity operation progress indicators webgui: Give warning when non-recommended HTTP or HTTPS ports are chosen webgui: Enhancements for docker custom networks webgui: Docker settings enhancements Version 6.4.1-rc1 2018-01-26 Summary: Linux kernel 4.14.15 includes further changes to the "retpoline" patch set introduced in 4.14.14 and we have recompiled using GCC 7.3. This addresses 'Spectre Variant 2'. Added kernel patch to address GPU passthrough issue on AMD Threadripper. Following guidance from Intel we have reverted Intel microde to the 2017-11-17 release. Refinements to SSL/TLS handling: When not using SSL/TLS (https), we no longer auto-redirect PORTSSL (443) to PORT (80). Added "Local TLD" configuration variable to specify your local top-level domain (default is "local"). User bonienl added the possibility to remove or preserve user defined networks within Docker. This is for advanced users only. Also explained in the Help text. Fixed bug related to improper handling of replacing device in btrfs cache pool, when the device being replaced is still installed in the server. Note: there is no webGUI monitoring of btrfs replace operation in this release but you can monitor progress in the Log window. Base distro: aaa_elflibs: version 14.2-x86_64-34 ca-certificates: version 20170717 curl: version 7.58.0 (CVE-2018-1000007, CVE-2018-1000005) intel-microcode: version 20171117 kernel-firmware: version 20180118 ttyd: version 1.4.0 Linux kernel: version 4.14.15 (CVE-2017-5715) added patch for AMD Threadripper pci bridge reset Management: exclude user plugins from cron in safemode update smartmontools drivedb and hwdata/{pci.ids,usb.ids,oui.txt,manuf.txt} docker: rebuild networks upon restart emhttp: add "Local TLD" configuration setting emhttp: bug fix: array Start hang if empty MEDIADIR emhttp: bug fix: handle btrfs cache pool replace device case nginx: when SSL not in use, do not listen on https PORT rsyslogd: suppress nginx message 'user "logout" was not found in "/etc/nginx/htpasswd"' rsyslogd: suppress UpdateDNS message 'Error: Nothing to do' shfs: less verbose logging webgui: Add installed plugins & version to diagnostics webgui: List users alphabetically webgui: New Docker option to remove or preserve user defined networks webgui: Show History button when parity operation in progress webgui: Correct system information for systems with >= 1TB of RAM memory webgui: Included SMART attribute 199 webgui: vm manager: shrink width separating cpu core checkboxes to prevent clipping on linux desktops (gtk3) webgui: vm manager: remove Log column webgui: UpdateOS should fetch unRAIDServer.plg from LimeTech download site instead of from github webgui: Switch to font-awesome for delete template on add Container webgui: Updated jquery tablesorter to v2.29.4
February 1, 20188 yr On the SSL Cert Settings tab there is a new setting for "Local TLD". Looks like mine is set to "local" by default, but what effect does that have when I am using an unraid.net cert? It seems like that setting should only be available when I'm using a self-signed or personal cert? Or maybe I'm misunderstanding something Edited February 1, 20188 yr by ljm42
February 1, 20188 yr 2 hours ago, limetech said: webgui: Add in Support & Project Links to Docker Context Menus For anyone who is wondering about why this may or may not show up in the context menus on the dashboard or docker tabs, the support option should appear on any application added via the apps tab post 6.4.0-rc1. I don't believe that any app installed during 6.3will have the appropriate field already populated in the template. The Project dopdown will not appear on already installed apps. I'm currently on the road at the moment, but tomorrow night I will post up a script which will update everyone's user template to populate the support and project fields with the appropriate values. This will be a one time operation, (completely optional) as any application installed via the apps tab from this release going forward will have these fields already filled out for the vast majority of apps. Edited February 1, 20188 yr by Squid
February 1, 20188 yr Author 55 minutes ago, ljm42 said: On the SSL Cert Settings tab there is a new setting for "Local TLD". Looks like mine is set to "local" by default, but what effect does that have when I am using an unraid.net cert? It seems like that setting should only be available when I'm using a self-signed or personal cert? Or maybe I'm misunderstanding something It's also used in http->https redirect in local networks which support mDNS/DNS-SD. As in: http://<server-name>.local redirecting to https://<server-name>.local (if self-signed cert) or https://<hash>.unraid.net (if LE cert) Or if someone changes "local" to "mydomain" it would redirect: http://<server-name>.mydomain to https://<server-name>.mydomain
February 1, 20188 yr OK, this is a great feature for people who don't want to use LE. But it sounds like it has no effect when the unraid.net LE certs are being used. I think it would help if the help text said something along those lines, or if it was hidden altogether when unraid.net was being used.
February 1, 20188 yr Author 8 minutes ago, ljm42 said: OK, this is a great feature for people who don't want to use LE. But it sounds like it has no effect when the unraid.net LE certs are being used. I think it would help if the help text said something along those lines, or if it was hidden altogether when unraid.net was being used. If you're on a Mac or win10, try typing this in your browser address bar: "<server-name>.local/" eg (if name is tower): tower.local/ It should redirect to your https://<hash>.unraid.net URL
February 1, 20188 yr Author 12 minutes ago, ljm42 said: OK, this is a great feature for people who don't want to use LE. But it sounds like it has no effect when the unraid.net LE certs are being used. I think it would help if the help text said something along those lines, or if it was hidden altogether when unraid.net was being used. Re-reading, maybe you mean there is no point in making that field programmable if LE cert for unraid.net is being used? If so, I think it's still useful if you have your own local DNS server and you also want to use LE cert with unraid.net, for exactly the same reason: to redirect http://server-name.mydomain -> https://<hash>.unraid.net
February 1, 20188 yr 6 minutes ago, limetech said: Re-reading, maybe you mean there is no point in making that field programmable if LE cert for unraid.net is being used? If so, I think it's still useful if you have your own local DNS server and you also want to use LE cert with unraid.net, for exactly the same reason: to redirect http://server-name.mydomain -> https://<hash>.unraid.net aha! OK I understand now. That is actually pretty cool
February 1, 20188 yr @limetech , can you comment on this? https://lime-technology.com/forums/topic/68750-unraid-os-version-641-rc1-available/?tab=comments#comment-627421 I'm trying to stay on top of what needs to be added to the "update notes" thread when 6.4.1 goes GA
February 1, 20188 yr Author 20 minutes ago, ljm42 said: @limetech , can you comment on this? https://lime-technology.com/forums/topic/68750-unraid-os-version-641-rc1-available/?tab=comments#comment-627421 I'm trying to stay on top of what needs to be added to the "update notes" thread when 6.4.1 goes GA AFAIK no specific Ryzen "fixes" have been made, either in published microcode updates or bios. And, right you need the full path to zenstates. I just edited the 6.4.0 Announce post.
February 1, 20188 yr 8 hours ago, limetech said: webgui: Disable array STOP button when BTRFS operation is running Theoretical question. What happens during a duress shutdown if BTRFS is doing it's housekeeping? Does BTRFS react appropriately to being forced to quit? I understand the logic behind subtly prompting the user that stopping the array could leave a balance in an undesired state, I'm just wanting to know what happens during a power outage shutdown. Maybe set a flag similar to the unclean shutdown parity check during BTRFS operations, and prompt for cleanup actions for BTRFS volumes on next boot?
February 1, 20188 yr 10 minutes ago, jonathanm said: What happens during a duress shutdown if BTRFS is doing it's housekeeping? Note that btrfs doesn't run a balance on its own, i.e., these operations are not part of housekeeping, but if you do need to shutdown it will try to do a clean shutdown and if the operation is not finished yet and you reach the set shutdown timeout it will force a shutdown. As for cleaning up after reboot, if the operation running was a balance, it will usually re-start/continue at next array start without needing any user intervention, if it was doing a disk replacement I'm not sure, never tested.
February 1, 20188 yr 28 minutes ago, johnnie.black said: if it was doing a disk replacement I'm not sure, never tested. Well just tried forcing a shutdown during a cache disk replacement and it also continued on reboot without problems, so maybe interrupting these aren't as risky as I thought, though a hard reset might produce different results.
February 1, 20188 yr 1 hour ago, johnnie.black said: Well just tried forcing a shutdown during a cache disk replacement and it also continued on reboot without problems, so maybe interrupting these aren't as risky as I thought, You are telling me, the protection we added with the STOP button isn't really needed?
February 1, 20188 yr 3 minutes ago, bonienl said: You are telling me, the protection we added with the STOP button isn't really needed? I think it's still needed and a very good addition, just that btrfs appears do deal better than I though in case of a forced shutdown by unRAID, doesn't mean it will always be OK, and it might be more prone to issues if there's an actual reset button press, and that was what I feared most an impatient user might do if stopping the array failed with the "trying to unmount" error looping.
February 2, 20188 yr 22 hours ago, limetech said: webgui: Add in Support & Project Links to Docker Context Menus Because the Support and Project Links for each installed docker application on the context menus within the Dashboard and Docker pages are a new feature going forward, your already installed / previously installed applications may not show those new menu items. THIS IS COMPLETELY OPTIONAL AND IS NOT REQUIRED, NOR WILL NOT DOING THESE STEPS IMPEDE THE OPERATION OF YOUR SERVER AT ALL If you would like to add those menu items to your existing installed apps, then Go To The Apps Tab. This step just insures that the data step 2 does is completely up to date. If you haven't gone to the apps tab at least once before step 2, it will error out and tell you that you first must go to the apps tab Go to Plugins, Install Plugin and paste the following URL into the section: https://raw.githubusercontent.com/Squidly271/misc-stuff/master/fix_template.plg You should get a whack of messages as it updates your existing applications with the new menu information. Note that you're not actually installing a plugin or anything. I'm just using the plugin system as a simple way to run a script. It is only necessary to ever run this script ONCE. Going forward, any new installations of applications via the apps tab will populate the appropriate section for the new menu items to work properly (on pretty much any version of CA) Edited February 2, 20188 yr by Squid
February 2, 20188 yr 16 minutes ago, Squid said: If you would like to add those menu items to your existing installed apps, then Just wanted to say this worked great, and I really like having direct access to the Support and Project Pages right from the Docker screen.
February 2, 20188 yr DNS newbie here - I tried changing my TLD to my-domain.com and my server is called Highlander, but when I go to highlander.my-domain.com I'm getting privacy errors saying the domain uses HSTS. Am I supposed to do something more than hit Apply e.g. on my pfsense VM? Thanks
February 2, 20188 yr upgrade, everything appears fine. new log message I've not seen before: Feb 2 14:04:12 husky rsyslogd: warning: ~ action is deprecated, consider using the 'stop' statement instead [v8.29.0 try http://www.rsyslog.com/e/2307 ]
February 2, 20188 yr Author 29 minutes ago, zoggy said: upgrade, everything appears fine. new log message I've not seen before: Feb 2 14:04:12 husky rsyslogd: warning: ~ action is deprecated, consider using the 'stop' statement instead [v8.29.0 try http://www.rsyslog.com/e/2307 ] Yeah that's fixed in next release.
February 2, 20188 yr 19 hours ago, Squid said: Because the Support and Project Links for each installed docker application on the context menus within the Dashboard and Docker pages are a new feature going forward, your already installed / previously installed applications may not show those new menu items. THIS IS COMPLETELY OPTIONAL AND IS NOT REQUIRED, NOR WILL NOT DOING THESE STEPS IMPEDE THE OPERATION OF YOUR SERVER AT ALL If you would like to add those menu items to your existing installed apps, then Go To The Apps Tab. This step just insures that the data step 2 does is completely up to date. If you haven't gone to the apps tab at least once before step 2, it will error out and tell you that you first must go to the apps tab Go to Plugins, Install Plugin and paste the following URL into the section: https://raw.githubusercontent.com/Squidly271/misc-stuff/master/fix_template.plg You should get a whack of messages as it updates your existing applications with the new menu information. Note that you're not actually installing a plugin or anything. I'm just using the plugin system as a simple way to run a script. It is only necessary to ever run this script ONCE. Going forward, any new installations of applications via the apps tab will populate the appropriate section for the new menu items to work properly (on pretty much any version of CA) Got to admit, as much as you're a pain in the ass, that's pretty nifty.
February 3, 20188 yr Author Locking this since 6.4.1 stable has been published. Thank you to all who participated in the pre-release!
Archived
This topic is now archived and is closed to further replies.