Recent content by BelCloud

Hello! Could we get an official opinion on this?

Does this have any effect on VMs/zvols? Or only on containers/host filesystem?

Thank you!

Yes, but 7 is still supported.

Hello https://vuldb.com/?id.237695 Does proxmox use the rocker device in any way or are we safe from this? Or can this bug be exploited even if we do not add such a rocker device ? I couldn't find much information about it, but it seems to be high-severity. Thank you

Thank you very much! Do you know if there are any other planned changes to this function, as parameters? As it's a breaking change from 7 to 8 and the new implementation will create a lot of issues in existing libraries. It might be better to deprecate the command parameter and create a new...

In theory, it's a single array called command, that's how it's normally done when sending a POST with urlencode data. The exact JSON counterpart of the above request is {"command":["\/bin\/bash","\/tmp\/myscript"]} , but sending it as JSON will require modifying all existing Proxmox libraries...

Thank you for the reply! With curl, it should be something like this: curl -sSk -H 'Authorization: PVEAPIToken=TOKEN' -X POST --data command[]="/bin/bash" --data command[]="/tmp/myscript" https://HOST:8006/api2/json/nodes/NODE/qemu/100/agent/exec But it returns the same error as with my...

Hello I have noticed that in Proxmox 8, the <command> parameter for the API call POST /api2/json/nodes/{node}/qemu/{vmid}/agent/exec has been changed from <string> to <array> in the format: [string, ...] Does anyone have a working example with the new format? I have tried to send it as...

Thank you very much!

Hello Does anyone know if proxmox is vulnerable to CVE-2023-0330 and if there are any patches? It seems to be affecting the lsi53c895a scsi controller on qemu 7.2.0. Would simply switching to virtio-scsi be enough to mitigate this? https://cve.report/CVE-2023-0330

Very good idea, thank you!

Thank you very much for the reply! It's a mistake I did as I added a node to the cluster which had only lvm-thin storages, and when I added the zfs storage in the cluster for the specific node, I left it on the default rpool. Not sure If I should transfer the VMs from it and reinstall or leave...

Hello Are there any risks or possible issues if we use directly the rpool zfs pool for the VMs, instead of the rpool/DATA as it is by default? Thank you

Thank you very much! Doesn't "potentially execute arbitrary code within the context of the QEMU process" mean they could execute code on the host, as the qemu process runs as root?