unRAID OS version 6.4.1 Stable Release Available


limetech

Recommended Posts

To upgrade:

  • If you are running any earlier 6.4 release, including -rc releases, click 'Check for Updates' on the Tools/Update OS page.
  • If you are running a previous stable release, clicking 'Check for Updates' on the Plugins page.

 

This is a point-release, containing mainly bug fixes and minor improvements.

 

In addition, this release contains additional security updates related to the recent Meltdown and Spectre vulnerabilities.  For this reason, all users are encouraged to update.  We expect additional updates in the near future as additional mitigations become available.

 

Refer also to @ljm42 awesome 6.4 Update Notes

 

Following are the Release Notes:

Version 6.4.1 2018-02-02

Summary:

  • The Linux kernel includes the "retpoline" patch set and we have recompiled using GCC 7.3. This addresses 'Spectre Variant 2'.

  • Added kernel patch to address GPU passthrough issue on AMD Threadripper.

  • Following guidance from Intel we have reverted Intel microde to the 2017-11-17 release.

  • Refinements to SSL/TLS handling:

    • When not using SSL/TLS (https), we no longer auto-redirect PORTSSL (443) to PORT (80).
    • Added "Local TLD" configuration variable to specify your local top-level domain (default is "local").
  • User @bonienl added the possibility to remove or preserve user defined networks within Docker. This is for advanced users only (also explained in the Help text):

    1. webGUI allows any interface without IP address to be used for Docker. This gives the user more possibilities.
    2. Auto-generated interfaces may be included or excluded. This can help with potential conflicts.
  • Fixed bug related to improper handling of replacing device in btrfs cache pool, when the device being replaced is still installed in the server. Note: there is no webGUI monitoring of btrfs replace operation in this release but you can monitor progress in the Log window.

  • Fixed bug where the server TLD is not formed correctly in the self-signed SSL cert. After installing this release delete the self-signed cert config/ssl/certs/<server-name>_unraid_bundle.pem and then reboot to let unRAID OS regenerate a new one.

  • Disable "mover logging" by default for new installs. We recommend setting
    Settings/Scheduler/Mover Settings/Mover Logging to Disabled.

  • We are phasing in a series of VM Manager improvements.

Base distro:

  • aaa_elflibs: version 14.2-x86_64-34
  • ca-certificates: version 20170717
  • curl: version 7.58.0 (CVE-2018-1000007, CVE-2018-1000005)
  • intel-microcode: version 20171117
  • kernel-firmware: version 20180118
  • mozilla-firefox: version 58.0.1 (CVE-2018-5091, CVE-2018-5092, CVE-2018-5093, CVE-2018-5094, CVE-2018-5095, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5100, CVE-2018-5101, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5105, CVE-2018-5106, CVE-2018-5107, CVE-2018-5108, CVE-2018-5109, CVE-2018-5110, CVE-2018-5111, CVE-2018-5112, CVE-2018-5113, CVE-2018-5114, CVE-2018-5115, CVE-2018-5116, CVE-2018-5117, CVE-2018-5118, CVE-2018-5119, CVE-2018-5121, CVE-2018-5122, CVE-2018-5090, CVE-2018-5189)
  • ttyd: version 1.4.0

Linux kernel:

  • version 4.14.16, compiled with GCC-7.3 (CVE-2017-5715)
  • added patch for AMD Threadripper pci bridge reset
  • added config options:
    • CONFIG_USB_EHCI_ROOT_HUB_TT: Root Hub Transaction Translators
    • CONFIG_USB_EHCI_TT_NEWSCHED: Improved Transaction Translator scheduling

Management:

  • bug fix: server TLD not formed correctly in self-signed SSL cert.
  • bug fix: primary IP address not correct in login greeting when there are two or more ethX but not using a bond or bridge.
  • bug fix: navigating to localhost with Firefox in desktop gui mode when no dns servers are configured
  • bug fix: rsyslogd: warning: ~ action is deprecated
  • bug fix: exclude user plugins from cron in safemode
  • update smartmontools drivedb and hwdata/{pci.ids,usb.ids,oui.txt,manuf.txt}
  • docker: rebuild networks upon restart
  • emhttp: add "Local TLD" configuration setting
  • emhttp: bug fix: array Start hang if empty MEDIADIR
  • emhttp: bug fix: handle btrfs cache pool replace device case
  • mover: disable logging by default
  • nginx: when SSL not in use, do not listen on https PORT
  • rsyslogd: suppress nginx message 'user "logout" was not found in "/etc/nginx/htpasswd"'
  • rsyslogd: suppress UpdateDNS message 'Error: Nothing to do'
  • shfs: less verbose logging
  • webgui: Add installed plugins & version to diagnostics
  • webgui: List users alphabetically
  • webgui: New Docker option to remove or preserve user defined networks
  • webgui: Show History button when parity operation in progress
  • webgui: Correct system information for systems with >= 1TB of RAM memory
  • webgui: Included SMART attribute 199
  • webgui: UpdateOS should fetch unRAIDServer.plg from LimeTech download site instead of from github
  • webgui: Switch to font-awesome for delete template on add Container
  • webgui: Updated jquery tablesorter to v2.29.4
  • webgui: docker: improve escaping arguments to docker create/run
  • webgui: Add in Support & Project Links to Docker Context Menus
  • webgui: Add warning about running New Perms against appdata share
  • webgui: Disable array STOP button when BTRFS operation is running
  • webgui: Round size in parity operation progress indicators
  • webgui: Give warning when non-recommended HTTP or HTTPS ports are chosen
  • webgui: Enhancements for docker custom networks
  • webgui: Docker settings enhancements
  • webgui: vm manager: shrink width separating cpu core checkboxes to prevent clipping on linux desktops (gtk3)
  • webgui: vm manager: remove Log column
  • webgui: vm manager: Only show VM Templates when Adding a VM
  • webgui: vm manager: improve table vertical alignment with page header
  • webgui: vm manager: re-style vm list and sublist elements
  • Like 1
Link to comment
2 minutes ago, trurl said:

So people can post logs without revealing filenames. Also to keep logs from taking so much space on server.

 

Exactly right.  Logging has been on all this time in order to provide info in cases of crashes/bugs related to shfs.  Of course this can still happen, and we an direct users to turn logging back on when trying to reproduce, but for general "posting your diags" it's not necessary.

Link to comment
3 hours ago, limetech said:
  • webgui: Add in Support & Project Links to Docker Context Menus

Because the Support and Project Links for each installed docker application on the context menus within the Dashboard and Docker pages are a new feature going forward, your already installed / previously installed applications may not show both (or any of) those new menu items.

 

THIS IS COMPLETELY OPTIONAL AND IS NOT REQUIRED, NOR WILL NOT DOING THESE STEPS IMPEDE THE OPERATION OF YOUR SERVER AT ALL

 

If you would like to add those menu items to your existing installed apps, then 

  1. Go To The Apps Tab.  This step just insures that the data step 2 uses is completely up to date.  If you haven't gone to the apps tab at least once before step 2, it will error out and tell you that you first must go to the apps tab
  2. Go to Plugins, Install Plugin and paste the following URL into the section:   
    https://raw.githubusercontent.com/Squidly271/misc-stuff/master/fix_template.plg

     

 

You should get a whack of messages as it updates your existing applications with the new menu information.  Note that you're not actually installing a plugin or anything.  I'm just using the plugin system as a simple way to run a script.

 

It is only necessary to ever run this script ONCE.  Going forward, any new installations of applications via the apps tab will populate the appropriate section for the new menu items to work properly (on pretty much any version of CA)  

 

* If you have already run this script on 6.4.1-rc2, then it is NOT necessary to re-run it on 6.4.1 stable.

Edited by Squid
  • Like 2
  • Upvote 1
Link to comment
1 hour ago, Squid said:

Because the Support and Project Links for each installed docker application on the context menus within the Dashboard and Docker pages are a new feature going forward, your already installed / previously installed applications may not show those new menu items.

 

THIS IS COMPLETELY OPTIONAL AND IS NOT REQUIRED, NOR WILL NOT DOING THESE STEPS IMPEDE THE OPERATION OF YOUR SERVER AT ALL

 

If you would like to add those menu items to your existing installed apps, then 

  1. Go To The Apps Tab.  This step just insures that the data step 2 does is completely up to date.  If you haven't gone to the apps tab at least once before step 2, it will error out and tell you that you first must go to the apps tab
  2. Go to Plugins, Install Plugin and paste the following URL into the section:   https://raw.githubusercontent.com/Squidly271/misc-stuff/master/fix_template.plg

 

You should get a whack of messages as it updates your existing applications with the new menu information.  Note that you're not actually installing a plugin or anything.  I'm just using the plugin system as a simple way to run a script.

 

It is only necessary to ever run this script ONCE.  Going forward, any new installations of applications via the apps tab will populate the appropriate section for the new menu items to work properly (on pretty much any version of CA)  

 

* If you have already run this script on 6.4.1-rc2, then it is NOT necessary to re-run it on 6.4.1 stable.

 

Yeah this is a cool feature, prob should add to @ljm42 release notes..

Link to comment
2 hours ago, wgstarks said:

No “Check for Updates” button on the plugins tab and unRAID isn’t listed at all. Currently running 6.4.0.

 

In Settings>Notification Settings, I think you have to set "Plugin update notification:" to "Never check" in order to see the "Check for Updates" button; otherwise it just checks automatically every time the Plugins page is opened, slowing down page display.

 

At least, that is what I had to do.  The button did not appear until I set this to Never.  Strangely, this is not the case with Docker and OS update notifications.  The "Check for Updates" button still appears on both pages even if notifications are not set to "Never check."

 

image.png.22fce384ba65cd25d53328a3fa1058d9.png

Edited by Hoopster
Link to comment

Updated from 6.3.5 to 6.4.0 today, followed by an immediate update to 6.4.1.

No problems to report, everything works as before. (note: I had followed the guidance to temporarily uninstall certain plugins)

 

Really like the updated interface (both new and existing updated skins), being able to jump straight into terminal is a great touch!

Ran Squid's script, worked perfectly... good UI improvement there.

 

Should be able to push it a bit harder in a couple weeks when I finish building my new server on X399.

Link to comment

Just a suggestion with the web terminal, every time you use it the login action (using the current session) is shown on system log.

For some users seeing this without the context of knowing they had used terminal at the same time might be cause unnecessary panic with users.

Feb 3 13:43:19 tower login[18117]: ROOT LOGIN on '/dev/pts/1'

Something verbose in the log preceding indicating terminal was initiated might save some confusion.

Edited by tjb_altf4
Link to comment

 

8 hours ago, limetech said:

 

  • Refinements to SSL/TLS handling:

    • When not using SSL/TLS (https), we no longer auto-redirect PORTSSL (443) to PORT (80).
    • Added "Local TLD" configuration variable to specify your local top-level domain (default is "local").
  •  

  • Fixed bug where the server TLD is not formed correctly in the self-signed SSL cert. After installing this release delete the self-signed cert config/ssl/certs/<server-name>_unraid_bundle.pem and then reboot to let unRAID OS regenerate a new one.

  •  

I asked for help on this in the rc2 post as I couldn't get this to work.  I've tried deleting the cert which wasn't in the rc2 post instructions, but I still can't get it to work - help please.

 

I've entered my-domain.com in the field, deleted the file and rebooted but when I go to server.my-domain.com I get a privacy error.  however, server.local still works even though I changed the entry.

 

 

Link to comment
1 hour ago, DZMM said:

 

I asked for help on this in the rc2 post as I couldn't get this to work.  I've tried deleting the cert which wasn't in the rc2 post instructions, but I still can't get it to work - help please.

 

I've entered my-domain.com in the field, deleted the file and rebooted but when I go to server.my-domain.com I get a privacy error.  however, server.local still works even though I changed the entry.

 

 

I have the same issue with cloudflare Origin Certificates for this. created a new A name same as hostname for unraid and pointed to my unraid IP. Maybe this way is not possible?

Link to comment
2 minutes ago, sparklyballs said:

trying to update docker images using either advanced buttons or the blue update link per individual image results in an orphaned image and no container

 

this appears relevant in the log 

 

Feb 3 12:08:59 Unraid-Nas [6503]: The command failed. Error: sh: /usr/local/emhttp/usr/bin/docker: No such file or directory<br>

 

 

 

 

unraid-nas-syslog-20180203-1223.zip

 

Yep, can confirm.....

 

Feb 3 12:11:04 server ool www[29381]: /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/dockerupdate.php
Feb 3 12:12:55 server kernel: veth7538ed6: renamed from eth0
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server avahi-daemon[6662]: Interface vethc5bf3cc.IPv6 no longer relevant for mDNS.
Feb 3 12:12:55 server avahi-daemon[6662]: Leaving mDNS multicast group on interface vethc5bf3cc.IPv6 with address fe80::647e:f4ff:fedc:d3dc.
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server kernel: device vethc5bf3cc left promiscuous mode
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server avahi-daemon[6662]: Withdrawing address record for fe80::647e:f4ff:fedc:d3dc on vethc5bf3cc.
Feb 3 12:12:56 server [30349]: The command failed. Error: sh: /usr/local/emhttp/usr/bin/docker: No such file or directory<br>

 

Link to comment

Still getting warnings from Docker after upgrading to 6.4.1.

 

time="2018-02-03T03:00:01.676000982-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.4: invalid argument" 
time="2018-02-03T03:00:01.922410279-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.7: invalid argument" 
time="2018-02-03T03:00:02.178398941-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.6: invalid argument" 
time="2018-02-03T03:00:02.524254084-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.3: invalid argument" 
time="2018-02-03T03:00:06.034421504-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.5: invalid argument" 
time="2018-02-03T03:00:10.160863383-05:00" level=warning msg="Failed to delete conntrack state for 172.17.0.2: invalid argument" 

This problem started with 6.4.0. Was hoping it might have been fixed even though I haven't seen any mention of the cause.

 

brunnhilde-diagnostics-20180203-0726.zip

Link to comment
1 hour ago, CHBMB said:

 

Yep, can confirm.....

 


Feb 3 12:11:04 server ool www[29381]: /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/dockerupdate.php
Feb 3 12:12:55 server kernel: veth7538ed6: renamed from eth0
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server avahi-daemon[6662]: Interface vethc5bf3cc.IPv6 no longer relevant for mDNS.
Feb 3 12:12:55 server avahi-daemon[6662]: Leaving mDNS multicast group on interface vethc5bf3cc.IPv6 with address fe80::647e:f4ff:fedc:d3dc.
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server kernel: device vethc5bf3cc left promiscuous mode
Feb 3 12:12:55 server kernel: docker0: port 8(vethc5bf3cc) entered disabled state
Feb 3 12:12:55 server avahi-daemon[6662]: Withdrawing address record for fe80::647e:f4ff:fedc:d3dc on vethc5bf3cc.
Feb 3 12:12:56 server [30349]: The command failed. Error: sh: /usr/local/emhttp/usr/bin/docker: No such file or directory<br>

 

 

Same problem here. I don't know it is right solution, but after creating symling 'ln -s /usr /usr/local/emhttp/', docker update works ok.

 

Best regards,

Maciek

Link to comment
2 hours ago, sparklyballs said:

trying to update docker images using either advanced buttons or the blue update link per individual image results in an orphaned image and no container

 

this appears relevant in the log 

 

Feb 3 12:08:59 Unraid-Nas [6503]: The command failed. Error: sh: /usr/local/emhttp/usr/bin/docker: No such file or directory<br>

 

 

 

 

unraid-nas-syslog-20180203-1223.zip

 

2 hours ago, CHBMB said:

Yep, can confirm.....

 

Its an issue with Advanced Buttons.  (And when it's installed, advanced buttons also takes over functionality of the Blue update link)  Remove it and all will be good   @ljm42 Another one for you.

 

I'm going to mark preclear and Advanced buttons as being incompatible so as to try and limit the problems.  Usually I give the authors a bit more time before I do this, but the issue with Advanced Buttons is severe enough that FCP has to warn users about this.

Edited by Squid
  • Like 1
  • Upvote 1
Link to comment

"Fixed bug where the server TLD is not formed correctly in the self-signed SSL cert. After installing this release delete the self-signed cert config/ssl/certs/<server-name>_unraid_bundle.pem and then reboot to let unRAID OS regenerate a new one."

 

I've never used self signed certs as far as I know. Following the release notes I performed the instructions above. the file  <server-name>_unraid_bundle.pem did exist but after reboot nothing new was created. Only certificate_bundle.pem remains. Just want to be sure this is expected behavior. Thanks.

Link to comment

Removed preclear (could not start anyways, produced an error) and Advanced Buttons. 

 

Other than that, no issues going from 6.4.0 to 6.4.1. It looks like the memory usage is back down to a more reasonable level. Java and shsf used up a lot since 6.4.0 on my machine

Link to comment
  • limetech locked and unpinned this topic
Guest
This topic is now closed to further replies.