From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 4C881917F4 for ; Thu, 15 Feb 2024 14:09:39 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 2D28413BCE for ; Thu, 15 Feb 2024 14:09:39 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Thu, 15 Feb 2024 14:09:38 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 00F1A483AA for ; Thu, 15 Feb 2024 14:09:38 +0100 (CET) Message-ID: Date: Thu, 15 Feb 2024 14:09:36 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Beta Content-Language: en-GB, de-AT To: Proxmox VE development discussion , Max Carrara References: <20240126154440.657816-1-m.carrara@proxmox.com> <20240126154440.657816-2-m.carrara@proxmox.com> From: Thomas Lamprecht Autocrypt: addr=t.lamprecht@proxmox.com; keydata= xsFNBFsLjcYBEACsaQP6uTtw/xHTUCKF4VD4/Wfg7gGn47+OfCKJQAD+Oyb3HSBkjclopC5J uXsB1vVOfqVYE6PO8FlD2L5nxgT3SWkc6Ka634G/yGDU3ZC3C/7NcDVKhSBI5E0ww4Qj8s9w OQRloemb5LOBkJNEUshkWRTHHOmk6QqFB/qBPW2COpAx6oyxVUvBCgm/1S0dAZ9gfkvpqFSD 90B5j3bL6i9FIv3YGUCgz6Ue3f7u+HsEAew6TMtlt90XV3vT4M2IOuECG/pXwTy7NtmHaBQ7 UJBcwSOpDEweNob50+9B4KbnVn1ydx+K6UnEcGDvUWBkREccvuExvupYYYQ5dIhRFf3fkS4+ wMlyAFh8PQUgauod+vqs45FJaSgTqIALSBsEHKEs6IoTXtnnpbhu3p6XBin4hunwoBFiyYt6 YHLAM1yLfCyX510DFzX/Ze2hLqatqzY5Wa7NIXqYYelz7tXiuCLHP84+sV6JtEkeSUCuOiUY virj6nT/nJK8m0BzdR6FgGtNxp7RVXFRz/+mwijJVLpFsyG1i0Hmv2zTn3h2nyGK/I6yhFNt dX69y5hbo6LAsRjLUvZeHXpTU4TrpN/WiCjJblbj5um5eEr4yhcwhVmG102puTtuCECsDucZ jpKpUqzXlpLbzG/dp9dXFH3MivvfuaHrg3MtjXY1i+/Oxyp5iwARAQABzTNUaG9tYXMgTGFt cHJlY2h0IChBdXRoLTQpIDx0LmxhbXByZWNodEBwcm94bW94LmNvbT7CwY4EEwEIADgWIQQO R4qbEl/pah9K6VrTZCM6gDZWBgUCWwuNxgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAK CRDTZCM6gDZWBm/jD/4+6JB2s67eaqoP6x9VGaXNGJPCscwzLuxDTCG90G9FYu29VcXtubH/ bPwsyBbNUQpqTm/s4XboU2qpS5ykCuTjqavrcP33tdkYfGcItj2xMipJ1i3TWvpikQVsX42R G64wovLs/dvpTYphRZkg5DwhgTmy3mRkmofFCTa+//MOcNOORltemp984tWjpR3bUJETNWpF sKGZHa3N4kCNxb7A+VMsJZ/1gN3jbQbQG7GkJtnHlWkw9rKCYqBtWrnrHa4UAvSa9M/XCIAB FThFGqZI1ojdVlv5gd6b/nWxfOPrLlSxbUo5FZ1i/ycj7/24nznW1V4ykG9iUld4uYUY86bB UGSjew1KYp9FmvKiwEoB+zxNnuEQfS7/Bj1X9nxizgweiHIyFsRqgogTvLh403QMSGNSoArk tqkorf1U+VhEncIn4H3KksJF0njZKfilrieOO7Vuot1xKr9QnYrZzJ7m7ZxJ/JfKGaRHXkE1 feMmrvZD1AtdUATZkoeQtTOpMu4r6IQRfSdwm/CkppZXfDe50DJxAMDWwfK2rr2bVkNg/yZI tKLBS0YgRTIynkvv0h8d9dIjiicw3RMeYXyqOnSWVva2r+tl+JBaenr8YTQw0zARrhC0mttu cIZGnVEvQuDwib57QLqMjQaC1gazKHvhA15H5MNxUhwm229UmdH3KM7BTQRbC43GARAAyTkR D6KRJ9Xa2fVMh+6f186q0M3ni+5tsaVhUiykxjsPgkuWXWW9MbLpYXkzX6h/RIEKlo2BGA95 QwG5+Ya2Bo3g7FGJHAkXY6loq7DgMp5/TVQ8phsSv3WxPTJLCBq6vNBamp5hda4cfXFUymsy HsJy4dtgkrPQ/bnsdFDCRUuhJHopnAzKHN8APXpKU6xV5e3GE4LwFsDhNHfH/m9+2yO/trcD txSFpyftbK2gaMERHgA8SKkzRhiwRTt9w5idOfpJVkYRsgvuSGZ0pcD4kLCOIFrer5xXudk6 NgJc36XkFRMnwqrL/bB4k6Pi2u5leyqcXSLyBgeHsZJxg6Lcr2LZ35+8RQGPOw9C0ItmRjtY ZpGKPlSxjxA1WHT2YlF9CEt3nx7c4C3thHHtqBra6BGPyW8rvtq4zRqZRLPmZ0kt/kiMPhTM 8wZAlObbATVrUMcZ/uNjRv2vU9O5aTAD9E5r1B0dlqKgxyoImUWB0JgpILADaT3VybDd3C8X s6Jt8MytUP+1cEWt9VKo4vY4Jh5vwrJUDLJvzpN+TsYCZPNVj18+jf9uGRaoK6W++DdMAr5l gQiwsNgf9372dbMI7pt2gnT5/YdG+ZHnIIlXC6OUonA1Ro/Itg90Q7iQySnKKkqqnWVc+qO9 GJbzcGykxD6EQtCSlurt3/5IXTA7t6sAEQEAAcLBdgQYAQgAIBYhBA5HipsSX+lqH0rpWtNk IzqANlYGBQJbC43GAhsMAAoJENNkIzqANlYGD1sP/ikKgHgcspEKqDED9gQrTBvipH85si0j /Jwu/tBtnYjLgKLh2cjv1JkgYYjb3DyZa1pLsIv6rGnPX9bH9IN03nqirC/Q1Y1lnbNTynPk IflgvsJjoTNZjgu1wUdQlBgL/JhUp1sIYID11jZphgzfDgp/E6ve/8xE2HMAnf4zAfJaKgD0 F+fL1DlcdYUditAiYEuN40Ns/abKs8I1MYx7Yglu3RzJfBzV4t86DAR+OvuF9v188WrFwXCS RSf4DmJ8tntyNej+DVGUnmKHupLQJO7uqCKB/1HLlMKc5G3GLoGqJliHjUHUAXNzinlpE2Vj C78pxpwxRNg2ilE3AhPoAXrY5qED5PLE9sLnmQ9AzRcMMJUXjTNEDxEYbF55SdGBHHOAcZtA kEQKub86e+GHA+Z8oXQSGeSGOkqHi7zfgW1UexddTvaRwE6AyZ6FxTApm8wq8NT2cryWPWTF BDSGB3ujWHMM8ERRYJPcBSjTvt0GcEqnd+OSGgxTkGOdufn51oz82zfpVo1t+J/FNz6MRMcg 8nEC+uKvgzH1nujxJ5pRCBOquFZaGn/p71Yr0oVitkttLKblFsqwa+10Lt6HBxm+2+VLp4Ja 0WZNncZciz3V3cuArpan/ZhhyiWYV5FD0pOXPCJIx7WS9PTtxiv0AOS4ScWEUmBxyhFeOpYa DrEx In-Reply-To: <20240126154440.657816-2-m.carrara@proxmox.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.182 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LOTSOFHASH 0.25 Emails with lots of hash-like gibberish SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [module.py, ceph.com] Subject: Re: [pve-devel] [PATCH v2 quincy-stable-8 ceph 1/2] patches: include patches regarding RocksDB and dashboard from master X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Feb 2024 13:09:39 -0000 Am 26/01/2024 um 16:44 schrieb Max Carrara: > This commit essentially contains all changes from the following > commits (most recent last): > * f35168f6713d5f3fa1aaa8c572d754b61c458d91 > * 86a553d66e69176940959530d4fedcbcbbab54d9 > * ab5c03b44d78c4e4b233ff5a310888592dbb9bb4 > > The series file and the patches' prefixed numbers have been updated > correspondingly. > > A very minor adaptation has been made to the patch added by commit > f35168f6713d5f3fa1aaa8c572d754b61c458d91 in order to get it to apply > correctly. > > Signed-off-by: Max Carrara > --- > Changes v1 --> v2: > * None > > delete mode 100644 patches/0021-debian-rules-fix-buildtype.patch this deletion is not mentioned in the commit message though. While it actually is fine, as it was a extra patch for the rocksdb build that is already fixed with rocksb-inherit-parent-cmake-cxx-flags.patch one, it's still odd to just delete it here without any mentioning.. > diff --git a/patches/0021-debian-rules-fix-buildtype.patch b/patches/0021-debian-rules-fix-buildtype.patch > deleted file mode 100644 > index 8b6ef6b56..000000000 > --- a/patches/0021-debian-rules-fix-buildtype.patch > +++ /dev/null > @@ -1,22 +0,0 @@ > -From 1f4b106d49fc916994d97e273599f75caa904c3b Mon Sep 17 00:00:00 2001 > -From: Mark Nelson > -Date: Thu, 14 Dec 2023 05:19:46 +0000 > -Subject: [PATCH] debian/rules: Fix build_type for massive performance gain > - > -Signed-off-by: Mark Nelson > ---- > - debian/rules | 1 + > - 1 file changed, 1 insertion(+) > - > -diff --git a/debian/rules b/debian/rules > -index ed7f4a255ed4b..b28abb7d62788 100755 > ---- a/debian/rules > -+++ b/debian/rules > -@@ -29,6 +29,7 @@ extraopts += -DWITH_PYTHON3=3 > - extraopts += -DWITH_CEPHFS_JAVA=ON > - extraopts += -DWITH_CEPHFS_SHELL=ON > - extraopts += -DWITH_SYSTEMD=ON -DCEPH_SYSTEMD_ENV_DIR=/etc/default > -+extraopts += -DCMAKE_BUILD_TYPE=RelWithDebInfo > - extraopts += -DWITH_GRAFANA=ON > - ifeq ($(DEB_HOST_ARCH), amd64) > - extraopts += -DWITH_RBD_RWL=ON > diff --git a/patches/0022-mgr-dashboard-remove-ability-to-create-and-check-TLS.patch b/patches/0022-mgr-dashboard-remove-ability-to-create-and-check-TLS.patch > new file mode 100644 > index 000000000..59c5263da > --- /dev/null > +++ b/patches/0022-mgr-dashboard-remove-ability-to-create-and-check-TLS.patch > @@ -0,0 +1,101 @@ > +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 > +From: Max Carrara > +Date: Thu, 4 Jan 2024 17:37:50 +0100 > +Subject: [PATCH] mgr/dashboard: remove ability to create and check TLS > + key/cert pairs > + > +In order to avoid running into PyO3-related issues [0] with PyOpenSSL, > +the ability to create self-signed certs is disabled - the command > +`ceph dashboard create-self-signed-cert` is made to always return an > +error. > + > +The command's error message contains the manual steps the user may > +follow in order to set the certificate themselves, as well as a link > +to the Ceph Dashboard documentation regarding TLS support. [1] > + > +Furthermore, the check on start-up, that verifies that the configured > +key/cert pair actually match, is also removed. This means that users > +need to ensure themselves that the correct pair is supplied - > +otherwise their browser will complain. > + > +These changes allow the dashboard to launch with TLS enabled again. > + > +[0]: https://tracker.ceph.com/issues/63529 > +[1]: https://docs.ceph.com/en/reef/mgr/dashboard/#ssl-tls-support > + > +Signed-off-by: Max Carrara > +--- > + src/pybind/mgr/dashboard/module.py | 41 ++++++++++++++++++++---------- > + 1 file changed, 27 insertions(+), 14 deletions(-) > + > diff --git a/patches/0022-rocksb-inherit-parent-cmake-cxx-flags.patch b/patches/0023-rocksb-inherit-parent-cmake-cxx-flags.patch > similarity index 100% > rename from patches/0022-rocksb-inherit-parent-cmake-cxx-flags.patch > rename to patches/0023-rocksb-inherit-parent-cmake-cxx-flags.patch > diff --git a/patches/series b/patches/series > index 73f66396c..ee897a78a 100644 > --- a/patches/series > +++ b/patches/series > @@ -13,5 +13,6 @@ > 0016-d-rules-fix-no-restart-on-upgrade.patch > 0017-python3.10-pep-620.patch > 0020-fix-4759-run-ceph-crash-daemon-with-www-data-group-f.patch > -0021-debian-rules-fix-buildtype.patch