Resolved Issues in 6.10.4¶
A complete list of solved issues for 6.10.4 can be found in the project development portal.
The following new features have been backported to 6.10.4:
Add support of using defined timezone by oneacct utility with flag -t/–timezone.
Console logging for LXC Driver.
Add architecture and hypervisor scheduling requirements to public marketplaces public marketplaces
The following new features have been backported in the Sunstone Web UI to 6.10.4:
The following issues has been solved in 6.10.4:
Fix onevrouter instantiate command prompts for user input unnecessarily.
Fix user-input option for CLI to support values containing commas and equal signs.
Fix VM migration not executed on vCenter when src host ID is 0.
Fix VNet instance doesn’t update BRIDGE_TYPE, when VN_MAD is updated.
Fix oneacl rules not being cleaned-up after removing a group admin.
Fix the use of hardcoded DNS for linuxcontainers marketplace.
Fix Restic backup driver when the server is not deployed together with the frontend.
Fix resource names to not allow special characters ‘\t’, ‘\n’, ‘\v’, ‘\f’, ‘\r’.
The following issues have been solved in the Sunstone Web UI:
Fix ability to add and remove existing users to existing groups and change main group from an user. In order to add, remove or change main group from and user, please see Changes in Configuration Files section below.
Fix Sunstone has issues with Disk IDs when updating boot order.
Security Advisory: VLAN Trunking Exposure via VLAN_TAGGED_ID¶
A security issue has been identified when using OpenvSwitch with VLAN Trunking enabled. The VLAN_TAGGED_ID
attribute allows users to specify a range of VLANs accessible from their virtual NIC
. If not properly restricted, non-privileged users can exploit this attribute (e.g., by setting VLAN_TAGGED_ID = 1-4096
) to gain access to all VLANs available on the OpenvSwitch bridge, potentially exposing critical network segments. To mitigate this risk, it is strongly recommended to restrict this attribute by adding the following line to the oned.conf
configuration file:
VM_RESTRICTED_ATTR = "NIC/VLAN_TAGGED_ID"
Changes in Configuration Files¶
Since version 6.10.3 the following changes apply to OpenNebula services configuration files:
Warning
The following attributes are not included in the configuration files distributed with 6.10.4. If you wish to use these attributes, add them manually to the corresponding file.
FireEdge Service¶
Config file |
Description |
Action |
Values |
---|---|---|---|
group-tab.yaml |
New attribute: info-tabs.user.actions.add_users |
Sets the ‘Add user’ button in Groups page |
true, false |
group-tab.yaml |
New attribute: info-tabs.user.actions.remove_users |
Sets the ‘Remove user’ button in Groups page |
true, false |
user-tab.yaml |
New attribute: info-tabs.group.actions.add_to_group |
Sets the ‘Add to group’ button in Users page |
true, false |
user-tab.yaml |
New attribute: info-tabs.group.actions.remove_from_group |
Sets the ‘Remove from group’ button in Groups page |
true, false |
user-tab.yaml |
New attribute: info-tabs.group.actions.change_primary_group |
Sets the ‘Change primary group’ button in Groups page |
true, false |