6.10.0 | Unraid Docs (2024)

Version 6.10.0 2022-05-07

Summary of Changes and New Features

UPC and My Servers Plugin

The most visible new feature is located in the upper right corner of thewebGUI header. We call this the User Profile Component, or UPC. TheUPC allows a user to better manage their registration keys and installthe optional My Servers plugin.

My Servers is what we call our set ofcloud-based services and features that integrate with your Unraidserver(s). After installing the My Servers plugin, you will beprompted to sign-in to your server with an existing Unraid.net accountor create a new Unraid.net account. Once installed here are some of thefeatures of My Servers:

Real-time Status - with the plugin installed each server tile onthe My Servers Dashboard will display real-time status such aswhether the server is online or offline, storage utilization, andother information.
Local Access link - this is a direct link to the server webGUI onyour LAN.
Remote Access link - if enabled, a link is displayed on the MyServers Dashboard to bring up a server webGUI remotely and over theInternet.
Automatic Flash Backup - every registered server is provided with aprivate git repo initially populated with the contents of your USBflash boot device (except for certain files which contain privateinformation such as passwords). Thereafter, configuration changesare automatically committed. A link is provided to download acustom zip file that can be fed as input to the USB Flash Creatortool to move your configuration to a new USB flash device.
Notification of critical security-related updates. In the event aserious security vulnerability has been discovered and patched, wewill send out a notification to all email addresses associated withregistered servers.
Posting privilege in a new set of My Servers forum boards.

Signed-in servers maintain a websocket connection to a cloud-based LimeTechnology proxy server for the purpose of relaying real-time status.Refer to the My Servers Privacy section for moreinformation.

Security Changes

It is now mandatory to define a root password and changing theroot user password will log out all webGUI browser sessions.

We also created a division in the Users page to distinguish root fromother user names. The root UserEdit page includes a text box forpasting SSH authorized keys.

For new configurations, the flash share default export setting is No.

For new configurations, SMBv1 is disabled by default.

For new configurations, telnet and ssh are disabled by default.

For all new user shares, the default export setting is No.

We removed certain strings fromDiagnosticssuch as passwords found in the 'go' file.

Moving to Let's Encrypt wildcard SSL certificates

Starting with this release, we no longer issue new single-host SSLcertificates (which we're calling legacy certificates). Instead, allnew Unraid.net SSL certificates are wildcard certificates (stillprovided by Let's Encrypt).

Virtualization

Both libvirt and qemu have been updated. In addition, qemu has beencompiled with OpenGL support, and ARM emulation (experimental).

Windows 11 Support

To support Windows 11 which requires TPM and Secure boot, we have addedTPM emulation; and, added a "Windows 11" VM template whichautomatically selects TPM-aware OVMF bios. Also, here areinstructionsfor upgrading a Windows 10 VM to Windows 11. Special thanks to @ich777who researched and determined what changes and components were necessaryto provide this functionality.

Docker

Docker labels

Docker labels are added to allow people using Docker compose to makeuse of icons and GUI access
Look at a Docker 'run' command output to see exactly what labelsare used

Docker custom networks

A new setting for custom networks is available. Originally customnetworks are created using the macvlan mode, and this mode is keptwhen upgrading to version 6.10
The new ipvlan mode is introduced to battle the crashes some peopleexperience when using macvlan mode. If that is your case, change toipvlan mode and test. Changing of mode does not requirereconfiguring anything on the Docker level, internally everything isbeing taken care of.

Docker bridge network (docker0)

docker0 now supports IPv6. This is implemented by assigning docker0a private IPv6 subnet (fd17::/64), similar to what is done for IPv4and using network translation to communicate with the outside world
Containers connected to the bridge network now have both IPv4 andIPv6 connectivity (of course the system must have IPv6 configured inthe network configuration)
In addition, several enhancements are made in the IPv6implementation to better deal with the use (or non-use) of IPv6

WireGuard

The WireGuard plugin has been integrated into webGUI, that is, no needfor the plugin. If you had the plugin installed previously, it will beuninstalled and moved to the "Plugins/Plugin File Install Errors"page. No action is needed unless you want to press the Delete button toremove it from that page. Your WireGuard tunnels and settings will bepreserved. See this post to get started withWireGuard.

Resident network guru @bonienl has added the capability to bind aWireGuard virtual network interface to a docker container. One use ofthis feature is to configure a WireGuard-enabled VPN which may then beexclusively used by that container, while your main server makes use ofthe normal LAN network interface. Please refer to this post foradditionaldetails.

Linux Kernel

Upgraded to Linux 5.15.x LTS kernel which includes so-called Sequoiaand Dirty Pipe vulnerability mitigations.

In-tree GPU drivers are now loaded by default if correspondinghardware is detected:

amdgpu
ast
i915
radeon

These drivers are required mostly for motherboard on-board graphics usedin GUI boot mode. Loading of a driver can be prohibited by creatingthe appropriate file named after the driver:

echo"blacklisti915">/boot/config/modprobe.d/i915.conf

Alternately, the device can be isolated from Linux entirely via theSystem Devices page. Note that in Unraid OS 6.9 releases the in-treeGPU drivers are blacklisted by default and to enable loading a driveryou need to create an empty "conf" file. After upgrading to Unraid OS6.10 you may delete those files, or leave them as-is. This change wasmade to greatly improve the Desktop GUI experience for new users.

Other kernel changes:

Added support for Intel GVT-g, which lets you split your Intel i915iGPU into multiple virtual GPUs and pass them through to multipleVMs, using @ich777's Intel-GVT-g plugin.
Added support for gnif/vendor-reset. This simplifies @ich777'sAMD Vendor Reset plugin which permits users to get their AMD videocards to reset properly.
Added so-called "add-relaxable-rmrr-5_8_and_up.patch" modified forour kernel:https://github.com/kiler129/relax-intel-rmrr/blob/master/patches/add-relaxable-rmrr-5_8_and_up.patchThanks to @ich777 for pointing this out.
Enabled additional ACPI kernel options
Enabled TPM kernel modules (not utilized yet) - note this is forUnraid host utilizing physical TPM, not emulated TPM support forvirtual machines.
Support Realtek RTL8152/RTL8153 Based USB Ethernet Adapters
Enabled NFSv4 support.

Base Packages

Virtually the entire base package set has been updated.

For SMB: Samba version 4.15 SMB3 multi-channel is no longer marked"experimental", however, is disabled by default. This may beenabled on the Settings/SMB Settings page. Some users have reportedissues with SMB3 multi-channel in conjunction with certain network bondconfigurations.

Per request, we added the mcelog package. With the inclusion of thispackage, if you have an AMD processor you may see this error message inthe system log:

mcelog:ERROR:AMDProcessorfamily23:mcelogdoesnotsupportthisprocessor.Pleaseusetheedac_mce_amdmoduleinstead.

We're not sure what to make of this. It appears mcelog is beingdeprecated in favor of rasdaemon. This is something we need to researchfurther.

Other Improvements

Other improvements which are maybe not so obvious to spot from therelease notes and some of these improvements are internal and not reallyvisible:

Event-driven model to obtain server information and update thewebGUI in real-time

The advantage of this model is its scalability. Multiple browserscan be opened simultaneously to the webGUI without much impact
In addition, stale browser sessions won't create any CSRF errorsanymore
People who keep their browser open 24/7 will find the webGUI staysresponsive at all times
Consistent state information is maintained across all browserinstances open to a particular server

Plugins page

The plugins page now loads information in two steps. First, the listof plugins is created and next the more time-consuming plugin statusfield is retrieved in the background. The result is a faster loadingplugins page, especially when you have a lot of plugins installed

Dashboard graphs

The dashboard has now two graphs available. The CPU graph isdisplayed by default, while the NETWORK graph is a new option underInterface (see the 'General Info' selection)
The CPU graph may be hidden as well in case it is not desired
Both graphs have a configurable timeline, which is by default 30seconds and can be changed independently for each graph to see alonger or shorter history.
Graphs are updated in real-time and are useful to observe thebehavior of the server under different circ*mstances

Scheduler Improvements

You can now split a parity check into smaller pieces and let it runover multiple days or weeks. For example, a check can be performedin a time frame of 01:00am to 06:00am for several days in a rowuntil it is completed. This way a long parity check won't interferewith the normal daily activities, like watching a movie.
Added ability to schedule pool 'balance' and 'scrub' operationsand calculate whether a full balance is recommended.

The built-in Firefox browser available in GUI-mode boot is builtas an AppImage and located in the bzfirmware compressed file systemimage. This saves approximately 60MB of RAM.

Simplified installation of the Community Apps plugin. The webGUIautomatically includes the Apps menu item, and if CA is not alreadyinstalled, the page offers an Install button. No need to hunt for theplugin link.

We increased the font size in Terminal and fixed the issue withmacOS Monterey. Terminal font size is configurable via theSettings/Display Settings page.

Mover will create '.partial' file and then rename it uponcompletion.

System start-up will check bz file sha256sums at boot time to verifyno corruption.

For cookies managed by webGUI, changed sameSite cookie attributefrom 'strict' to 'lax'. This change was made to solve an issue withthe Terminal window not opening in Safari.

Added ServerChan and Pushplus notification agents, thanks to@ludoux

Template Repositories were removed, see this post for info on theirreplacements

Other Bug Fixes

We switched to a better-maintained version of the WSD servercomponent called wsdd2 in an effort to eliminate instances where thewsd daemon would start consuming 100% of a CPU core.
Fixed issue where you couldn't create a docker image on a sharename that contains a space.
Fixed issue where 'mover' would not move to a pool name thatcontains a space.
Fixed issue in User Sharefile system where permissions were not being honored.
Fixed jumbo frames not working.
sysctl: handle net.netfilter.nf_conntrack_count max exceeded(increase setting to 131072) - hattip to Community Member @DieFalse
Fixed bug found by @thohell where md_sync_limit was not beinghonored to limit stripe_head cache usage when other I/O is active.The effect of this fix is to drastically slow down parity operationsif other I/O is happening (such as streaming a video). Throttlingof parity sync operations can be adjusted by changing the'Settings/Disk Settings/Tunable (md_sync_limit)' value.
Fixed btrfs pool device replace corner cases. Important note: if you'unassign' a device from a btrfs multiple-device pool, and thatdevice is still physically present, upon array Start we willerase the LUKS header on the device if present, and deletethe partition structure, thereby effectively erasing all the datacontained on the device. This is necessary in order to convincebtrfs to no longer use the device and to free it for assignment toanother pool.
Fixed a bug where replacing a device in a multiple-device btrfs poolwould still tag the old device as missing.
Fixed an issue where hot-plugging a device in a server withspun-down SAS drive(s) could cause the SAS drive(s) to appearunassigned.
Fixed an issue where the server would disappear from Windows Networkafter docker and/or VM startup.
Fixed md/unraid driver regression which would confuse XFS, making itthink an online shrink had occurred.
Fixed: Prevent Unraid from hanging when the array is stopped, whileVMs are in paused or suspended state.
Numerous other small bug fixes and improvements.

Change Log vs. Unraid OS 6.9.2

Base distro

aaa_base: version 15.0
aaa_glibc-solibs: version 2.33
aaa_libraries: version 15.0
acl: version 2.3.1
acpid: version 2.0.33
apcupsd: version 3.14.14
at: version 3.2.3
attr: version 2.5.1
avahi: version 0.8
bash: version 5.1.016
beep: version 1.3
bin: version 11.1
bind: version 9.16.27
bluez-firmware: version 1.2
bridge-utils: version 1.7.1
brotli: version 1.0.9
btrfs-progs: version 5.16
bzip2: version 1.0.8
ca-certificates: version 20220403
celt051: version 0.5.1.3
cifs-utils: version 6.14
coreutils: version 9.0
cpio: version 2.13
cpufrequtils: version 008
cracklib: version 2.9.7
cryptsetup: version 2.4.3
curl: version 7.83.1 (CVE-2022-22576 CVE-2022-27774 CVE-2022-27775CVE-2022-27776 CVE-2022-27778 CVE-2022-27779 CVE-2022-27780CVE-2022-27781 CVE-2022-27782 CVE-2022-30115)
cyrus-sasl: version 2.1.27
db48: version 4.8.30
dbus: version 1.12.20
dcron: version 4.5
devs: version 2.3.1
dhcpcd: version 9.4.1
diffutils: version 3.8
dmidecode: version 3.3
dnsmasq: version 2.86
docker: version 20.10.14 (CVE-2022-24769)
dosfstools: version 4.2
e2fsprogs: version 1.46.5
ebtables: version 2.0.11
eject: version 2.1.5
elogind: version 246.10
elvis: version 2.2_0
etc: version 15.0
ethtool: version 5.16
eudev: version 3.2.11
file: version 5.41
findutils: version 4.8.0
flex: version 2.6.4
floppy: version 5.5
fuse3: version 3.10.5
gawk: version 5.1.1
gdbm: version 1.22
genpower: version 1.0.5
getty-ps: version 2.1.0b
git: version 2.35.3 (CVE-2022-24765)
glib2: version 2.70.3
glibc: version 2.33
glibc-zoneinfo: version 2022a
gmp: version 6.2.1
gnutls: version 3.7.2
gptfdisk: version 1.0.8
grep: version 3.7
gzip: version 1.12 (CVE-2022-1271)
hdparm: version 9.63
hostname: version 3.23
htop: version 3.1.2
icu4c: version 69.1
inetd: version 1.79s
infozip: version 6.0
inih: version 53
inotify-tools: version 3.20.11.0
iproute2: version 5.16.0
iptables: version 1.8.7
iputils: version 20211215
irqbalance: version 1.7.0
jansson: version 2.14
jemalloc: version 5.2.1
jq: version 1.6
json-c: version 0.15_20200726
json-glib: version 1.6.6
kbd: version 1.15.3
keyutils: version 1.6.3
kmod: version 29
krb5: version 1.19.2
lbzip2: version 2.5
less: version 590
libaio: version 0.3.112
libarchive: version 3.6.1
libcap-ng: version 0.8.2
libcgroup: version 0.41
libdaemon: version 0.14
libdrm: version 2.4.109
libedit: version 20210910_3.1
libepoxy: version 1.5.9
libestr: version 0.1.9
libevent: version 2.1.12
libfastjson: version 0.99.9
libffi: version 3.3
libgcrypt: version 1.9.4
libgpg-error: version 1.44
libgudev: version 237
libidn: version 1.38
libjpeg-turbo: version 2.1.2
liblogging: version 1.0.6
libmnl: version 1.0.4
libnetfilter_conntrack: version 1.0.8
libnfnetlink: version 1.0.1
libnftnl: version 1.2.1
libnl3: version 3.5.0
libpcap: version 1.10.1
libpciaccess: version 0.16
libpng: version 1.6.37
libpsl: version 0.21.1
libseccomp: version 2.5.1
libssh: version 0.9.6
libssh2: version 1.10.0
libtasn1: version 4.18.0
libtirpc: version 1.3.2
libtpms: version 0.9.0
libunistring: version 0.9.10
libunwind: version 1.6.2
libusb: version 1.0.24
libusb-compat: version 0.1.7
libuv: version 1.41.0
libvirt: version 8.2.0
libvirt-php: version 0.5.6a
libwebp: version 1.2.2
libwebsockets: version 4.2.0
libx86: version 1.1
libxml2: version 2.9.14 (CVE-2022-29824)
libxslt: version 1.1.35
libzip: version 1.8.0
lm_sensors: version 3.6.0
lmdb: version 0.9.29
logrotate: version 3.18.1
lshw: version B.02.19.2
lsof: version 4.94.0
lsscsi: version 0.32
lvm2: version 2.03.13
lz4: version 1.9.3
lzip: version 1.22
lzo: version 2.10
mc: version 4.8.27
mcelog: version 180
miniupnpc: version 2.1
mpfr: version 4.1.0
nano: version 6.0
ncompress: version 5.0
ncurses: version 6.3
net-tools: version 20181103_0eebece
nettle: version 3.7.3
network-scripts: version 15.0
nfs-utils: version 2.5.4
nghttp2: version 1.46.0
nginx: version 1.21.6
nss-mdns: version 0.14.1
ntfs-3g: version 2021.8.22
ntp: version 4.2.8p15
numactl: version 2.0.13
oniguruma: version 6.9.7.1
openssh: version 8.8p1
openssl: version 1.1.1o (CVE-2022-1292)
openssl-solibs: version 1.1.1o (CVE-2022-1292)
p11-kit: version 0.24.1
pam: version 1.5.2
patch: version 2.7.6
pciutils: version 3.7.0
pcre: version 8.45
pcre2: version 10.39
php: version 7.4.29 (CVE-2021-21708)
pixman: version 0.40.0
pkgtools: version 15.0
procps-ng: version 3.3.17
pv: version 1.6.6
qemu: version 6.2.0
qrencode: version 4.1.1
reiserfsprogs: version 3.6.27
rpcbind: version 1.2.5
rsync: version 3.2.3
rsyslog: version 8.2102.0
samba: version 4.15.7 (CVE-2021-44141 CVE-2021-44142 CVE-2022-0336CVE-2021-44141 CVE-2021-441412 CVE-2022-0336)
sdparm: version 1.12
sed: version 4.8
sg3_utils: version 1.47
shadow: version 4.8.1
smartmontools: version 7.3
spice: version 0.15.0
sqlite: version 3.37.2
ssmtp: version 2.64
sudo: version 1.9.9
swtpm: version 0.7.3 (CVE-2022-23645)
sysfsutils: version 2.1.0
sysvinit: version 2.99
sysvinit-scripts: version 15.0
talloc: version 2.3.2
tar: version 1.34
tcp_wrappers: version 7.6
tdb: version 1.4.6
telnet: version 0.17
tevent: version 0.11.0
traceroute: version 2.1.0
tree: version 1.8.0
ttyd: version 20211023
usbredir: version 0.8.0
usbutils: version 014
utempter: version 1.2.0
util-linux: version 2.37.4
vbetool: version 1.2.2
vsftpd: version 3.0.5
wayland: version 1.20.0
wget: version 1.21.2
which: version 2.21
wireguard-tools: version 1.0.20210914
wsdd2: version 20111022
xfsprogs: version 5.13.0
xxHash: version 0.8.1
xz: version 5.2.5 (CVE-2022-1271)
yajl: version 2.1.0
zlib: version 1.2.12
zstd: version 1.5.2

Included with GUI-mode

adwaita-icon-theme: version 40.1.1
at-spi2-atk: version 2.38.0
at-spi2-core: version 2.42.0
atk: version 2.36.0
cairo: version 1.16.0
dbus-glib: version 0.112
freetype: version 2.11.1
fribidi: version 1.0.11
gd: version 2.3.3
gdk-pixbuf2: version 2.42.6
graphite2: version 1.3.14
gtk+3: version 3.24.31
harfbuzz: version 3.2.0
hicolor-icon-theme: version 0.17
libtiff: version 4.3.0
libxkbcommon: version 1.3.1
pango: version 1.48.11
shared-mime-info: version 2.1
startup-notification: version 0.12
appres: version 1.0.5
dejavu-fonts-ttf: version 2.37
editres: version 1.0.7
encodings: version 1.0.5
fontconfig: version 2.13.92
freeglut: version 3.2.1
glew: version 2.2.0
glu: version 9.0.2
libICE: version 1.0.10
libSM: version 1.2.3
libX11: version 1.7.3.1
libXau: version 1.0.9
libXaw: version 1.0.14
libXcomposite: version 0.4.5
libXcursor: version 1.2.0
libXdamage: version 1.1.5
libXdmcp: version 1.1.3
libXevie: version 1.0.3
libXext: version 1.3.4
libXfixes: version 6.0.0
libXfont: version 1.5.2
libXfont2: version 2.0.5
libXfontcache: version 1.0.5
libXft: version 2.3.4
libXi: version 1.8
libXinerama: version 1.1.4
libXmu: version 1.1.3
libXpm: version 3.5.13
libXrandr: version 1.5.2
libXrender: version 0.9.10
libXres: version 1.2.1
libXt: version 1.2.1
libXtst: version 1.2.3
libXxf86dga: version 1.1.5
libXxf86misc: version 1.0.4
libXxf86vm: version 1.1.4
libdmx: version 1.1.4
libevdev: version 1.12.0
libfontenc: version 1.1.4
libglvnd: version 1.3.3
libpthread-stubs: version 0.4
libxcb: version 1.14
libxkbfile: version 1.1.0
libxshmfence: version 1.3
listres: version 1.0.4
mkfontscale: version 1.2.1
mtdev: version 1.1.6
sessreg: version 1.1.2
setxkbmap: version 1.3.2
transset: version 1.0.2
xauth: version 1.1.1
xcb-util: version 0.4.0
xdpyinfo: version 1.3.2
xdriinfo: version 1.0.6
xev: version 1.2.4
xf86-input-evdev: version 2.10.6
xf86-input-keyboard: version 1.9.0
xf86-input-mouse: version 1.9.3
xf86-input-synaptics: version 1.9.1
xf86-video-ast: version 1.1.5
xf86-video-mga: version 2.0.0
xf86-video-vesa: version 2.5.0
xhost: version 1.0.8
xinit: version 1.4.1
xkbcomp: version 1.4.5
xkbevd: version 1.1.4
xkbutils: version 1.0.4
xkeyboard-config: version 2.34
xkill: version 1.0.5
xload: version 1.1.3
xlsatoms: version 1.1.3
xlsclients: version 1.1.4
xmessage: version 1.0.5
xmodmap: version 1.0.10
xorg-server: version 1.20.14
xprop: version 1.2.5
xrandr: version 1.5.1
xrdb: version 1.2.1
xrefresh: version 1.0.6
xset: version 1.2.4
xsetroot: version 1.1.2
xsm: version 1.0.4
xtrans: version 1.4.0
xwd: version 1.0.8
xwininfo: version 1.1.5
xwud: version 1.0.5
imlib2: version 1.7.1
fluxbox: version 1.3.7
slim: version 1.3.6
vte3: version 0.50.2
sakura: version 3.5.0
xclock: version 1.0.9
xterm: version 370
hwloc: version 2.2.0

Linux kernel

version: 5.15.40-Unraid (CVE-2021-33909 CVE-2021-33910CVE-2022-0847)
patch: "drm/i915/gen11: Moving WAs to icl_gt_workarounds_init()"
patch: "add-relaxable-rmrr-5_8_and_up.patch" modified for thiskernel
added features:
- several ACPI-related CONFIG settings
- CONFIG_TCG_TPM and associated TPM chip drivers
- CONFIG_NFS_V4: NFS client support for NFS version 4
- CONFIG_NFSD_V4: NFS server support for NFS version 4
- CONFIG_USB_RTL8152: Realtek RTL8152/RTL8153 Based USB EthernetAdapters
- CONFIG_USB_NET_AQC111: Aquantia AQtion USB to 5/2.5GbEControllers support
- CONFIG_USB4: Unified support for USB4 and Thunderbolt
- CONFIG_USB4_NET: Networking over USB4 and Thunderbolt cables
- CONFIG_DRM_I915_GVT: Enable Intel GVT-g graphics virtualizationhost support
- CONFIG_DRM_I915_GVT_KVMGT: Enable KVM/VFIO support for IntelGVT-g
- CONFIG_VFIO_MDEV: Mediated device driver framework
- CONFIG_VFIO_MDEV_DEVICE: VFIO driver for Mediated devices
- CONFIG_FTRACE: Tracers
- CONFIG_FUNCTION_TRACER: Kernel Function Tracer
- CONFIG_KPROBES: Kprobes
- CONFIG_DEBUG_KERNEL: Kernel debugging
- CONFIG_KALLSYMS_ALL: Include all symbols in kallsyms
- CONFIG_ISCSI_TCP: iSCSI Initiator over TCP/IP (per CommunityMember @ich777)
- CONFIG_GIGABYTE_WMI: Gigabyte WMI temperature driver
BPF kernel options (user request):
- CONFIG_BPF_SYSCALL: Enable bpf() system call
- CONFIG_BPF_JIT: Enable BPF Just In Time compiler
- CONFIG_BPF_JIT_ALWAYS_ON: Permanently enable BPF JIT and removeBPF interpreter
- CONFIG_NET_CLS_BPF: BPF-based classifier
- CONFIG_NET_CLS_ACT: Actions
- CONFIG_NET_ACT_BPF: BPF based action
- CONFIG_IKHEADERS: Enable kernel headers through/sys/kernel/kheaders.tar.xz
- CONFIG_NET_SCH_SFQ: Stochastic Fairness Queueing (SFQ)
- CONFIG_NET_ACT_POLICE: Traffic Policing
- CONFIG_NET_ACT_GACT: Generic actions
- CONFIG_GACT_PROB: Probability support
- CONFIG_NET_SCH_INGRESS: Ingress/classifier-action Qdisc
- CONFIG_CGROUP_BPF: Support for eBPF programs attached to cgroups
md/unriad: version 2.9.22
- fix: md_sync_limit was being ignored

Management

better IPv6 support
diagnostics: add bz*.sha256 values
diagnostics: Improved anonymization
diagnostics: Anonymize mover
diagnostics: better package listings in folders.txt
diagnostics: do not anonymize 169.254.x.x addresses
emhttp new defaults:
- root password required
- newly created shares not exported by default
- predefined 'flash' share not exported by default
- ssh, telnet: disabled by default
- NetBIOS disabled by default
- WSD enabled by default (and using newer 'wsdd2' package)
- Enhanced macOS interoperability enabled by default
- for 'domains' and 'system' shares, change 'EnableCopy-on-write' default setting from 'No' to 'Auto'
- change poll_attributes tunable default value from 30 min to 30sec.
emhttpd: add 'rootshare' reserved name
emhttpd: fix regression: user shares should be enabled by default
emhttpd: minimize information transmitted by UpdateDNS function
emhttpd: use shfs ioctl to invalidate shfs cached share info whenshare cfg changes
emhttpd: fix incorrect handling of unassigned device read/writecounters
emhttpd: fix sometimes wrong device name assigned to hotpluggedunassigned devices
emhttpd: fix btrfs-replace case
emhttpd: fix btrfs pool device replace still showing 'missing'
emhttpd: delete all PHP sessions when root password is changed (logseveryone out)
emhttpd: correct device status handling for single-slot pools
emhttpd: collapse multiple underscores within nvme /dev/disk/by-idsymlinks to single underscore
firefox: version 91.0.r20210823123856 (AppImage)
mover: fix bug not moving shares with embedded spaces
mover: append '.partial' suffix to filename when move in-progress
rc.docker: fix startup network race condition
rc.libvirt: Prevent Unraid from hanging when the array is stopped,while VMs are in paused or suspended state
rc.libvirt: test the existence of a VM before adding it to the NAMESlist
rc.mcelog: mcelog added to base distro
rc.nginx: change fastcgi_read_timeout from 120s to 640s
rc.nginx: remove ttyd side-loading
rc.nginx: support Lets Encrypt wildcard certs
rc.nginx: support custom wildcard self-signed certs
rc.nginx: self-signed cert subject OU change from "unRAID" to"Unraid"
rc.nginx: ignore case in processing Subject field for customcertificates
rc.nginx: remove default server block returning 404 for https ifUSE_SSL==no and no CA-signed cert
rc.samba: disable SMB Multi Channel by default; add control toSettings/SMB Settings page
rc.S: check bz file sha256 during initial boot
shfs: fix bug where permissions being ignored('default_permissions' was missing in mount command)
sysctl: handle net.netfilter.nf_conntrack_count max exceeded(increase setting to 131072)
ttyd: fix garbled text in local Firefox Terminal windows
upgradepkg: do not upgrade if existing package is newer
wsdd2: listen only on active interface by default (br0, bond0, oreth0)
webgui: Integrate header UPC
webgui: Add Apps link to install CA
webgui: Add internal container reference
webgui: Add new setting "Terminal font size"
webgui: Add notification agent for Pushplus
webgui: Add notification agent for ServerChan
webgui: Add 'root' folder protection to filetree
webgui: Add tracking after system shutdown
webgui: Add vmxnet3 and e1000 into available NICs for VMs
webgui: Added "User 'root'" reference on Management Access page
webgui: Added notify when plugin fails to install
webgui: Added: Cumulative parity check. This allows a parity checkto be divided over multiple time windows.
webgui: Adjusted row highlighting on main and shares page to bettersuit people with color impairment
webgui: Allow CA to get all docker info without having to downloadicons if not present
webgui: Allow all notification agents to send links
webgui: Allow ruleset for local rules in rsyslog.conf
webgui: Allow simultaneous log and console windows for containers
webgui: Always show "WebUI" for user specified URLs
webgui: BTRFS balance and scrub scheduler
webgui: BTRFS balance: fix recommendation message when volume isempty
webgui: Better array sync when multiple sessions are opened
webgui: Better translation of docker container variables
webgui: CSS minor corrections
webgui: Change Dashboard Parity status to be invalid and notemulated.
webgui: Change page switching to better suit Safari on mobiledevices
webgui: Change parity sync notification from error to notice level
webgui: Changed header selection for better support of Android
webgui: Check for flash offline / quick check on if it is corrupted
webgui: Cleanup styles folder
webgui: Compress too long share names in dropdown menus
webgui: ContextMenu: added option "button": defaults to "left"(current behavior), other options are "right" and "both"
webgui: Convert notify polling to Nchan
webgui: Create favicon.ico
webgui: Create syslog entry when user logs out
webgui: Dashboard: add CPU and NETWORK chart
webgui: Dashboard: fix bar color when disk thresholds are disabled
webgui: Dashboard: separate cpu details and graph view
webgui: Delete DockerRepositories.page see this post for info ontheirreplacements
webgui: Device_list replace .png icon with font icon
webgui: Diagnostics fix plugin deprecated max version error
webgui: Diagnostics: Add share summary
webgui: Diagnostics: Include current plugin versions
webgui: Diagnostics: Remove lines from go containing passwords etc
webgui: Diagnostics: Revamp anonymization
webgui: Diagnostics: add DHCP log
webgui: Diagnostics: add check for DNS Rebinding Protection
webgui: Diagnostics: add url details
webgui: Diagnostics: privatize routable IPs
webgui: DisplaySettings: add "showBannerGradient"
webgui: Do not highlight false positive ERST error
webgui: Docker page loading improvements
webgui: Docker settings: suppress browser presets
webgui: Docker utilization warning only when image file
webgui: Docker: Add Network / Privacy Category
webgui: Docker: Add crypto as a category
webgui: Docker: Do not update installed user templates
webgui: Docker: Fix incorrect caching when deleting / recreatingimage
webgui: Docker: Handle edge case involving browser back button whenwithin CA in certain unlikely circ*mstances
webgui: Docker: Ignore icon references to default question mark
webgui: Docker: Only save templates as v2
webgui: Docker: Silence PHP errors when editing a template ifcorruption exists
webgui: Docker: Support CA tag
webgui: Docker: Support ReadMe in context menus
webgui: Docker: add description to all custom networks
webgui: Docker: add route for remote WireGuard access:
- "Host access to custom networks" must be enabled to allowaccess
- Containers with network 'br0' can be remotely accessed byWireGuard without the need to configure static routes on thehome router (gateway)
webgui: Docker: add time unit in settings
webgui: Docker: add WireGuard description in network selection
webgui: Docker: compress too long author names
webgui: Docker: fix GUI may hang when multiple screens are opened
webgui: Docker: fix overlapping container ID display
webgui: Docker: fix spinner will not disappear after attempting touninstall a non-existent container
webgui: Docker: fixed filetree sometimes not visible
webgui: Docker: fixed header display causes gap
webgui: Docker: fixed list display in fixed view mode
webgui: Docker: fixed template removal when no containers exist
webgui: Docker: make popup window fit in browser window
webgui: Docker: optimized contextmenu
webgui: Docker: process bash ANSI colors in web log display
webgui: Docker: remove close button in popup window
webgui: Docker: translation optimization
webgui: Docker: update window uses color of selected theme
webgui: Edit/Add Container: Fix browser console error
webgui: Enable/Disable SMART extended test depending on spin downdelay setting
webgui: Error checking etc on ports for syslog server
webgui: Escape double quotes in text input submit
webgui: Expand file type icon selection
webgui: Expand ipaddr() with protocol: protocol defaults to ipv4 incase of ipv4 + ipv6
webgui: Fix CPU model sometimes not present
webgui: Fix PHP error when calculating balance level
webgui: Fix corruption check after a New Config is issued
webgui: Fix missing csrf-token in Notify
webgui: Fix monitor false positives
webgui: Fix network bonding display
webgui: Fix pools display on Main page when empty pool exists
webgui: Fix regression error for themes auzre & gray
webgui: Fix side bar of themes azure/gray in Firefox
webgui: Fix: Improved DNS Rebinding checks
webgui: Fixed PHP errors for share and disk calculations
webgui: Fixed balance/scrub schedule not saved when device name has"-" in it
webgui: Fixed comments field only for selected disks
webgui: Fixed parity duration + speed when paused/resumed
webgui: Fixed smart temperature settings sometimes not possible
webgui: Fixed: VM 9p add share issue
webgui: Fixed: buttons not working in device info when no device ispresent
webgui: Fixed: missing samesite attribute in cookies
webgui: Fixed: parity history sometimes wrongly processed
webgui: Fixed: race condition when array is stopped and deviceassignments are changed
webgui: Fixed: specific disk settings for pool devices only
webgui: Fixed: speed calculation of parity check
webgui: Fixed: spinner stays visible after docker command
webgui: Fixes and enhancements in Browse function
webgui: Font files update:
Adjust css settings
- Cleanup font files, use only woff format
- Restore clear-sans font
Update bitstream font
- bitstream --> source code pro
- clear-sans --> source sans pro
webgui: Force creation of root password
webgui: Highlight selected row when hovering over array or shares
webgui: Improved background process detection and handling
webgui: Improved format of stale and error plugin pages
webgui: Include links in email and Discord agent notifications
webgui: Let setting "showBannerGradient" default to "yes"
webgui: Limit popup window width on ultrawide monitors
webgui: Log docker icon download failures
webgui: Lower update frequency of monitor function to better suitmobile devices
webgui: Main page - lower table update frequency for betterresponsiveness of links
webgui: Make WireGuard trademark visible on "full" page
webgui: Make links in help text standout (red)
webgui: Management: fix ports in use check
webgui: Miscellaneous updates and fixes
webgui: Move Start button below encryption field
webgui: NFS: fix copying of hostList after READ operation
webgui: Nchan: Use multiplexed channels and add error reporting
webgui: Only allow png files to be uploaded as user image
webgui: Open terminal window with dynamic size
webgui: Parity check: allow spinup/spindown when operation is paused
webgui: Parity check: re-introduce Done button when finished
webgui: Parity operation enhancements:
- Add disk clear action
- Add parity operation action to history view
- Added "size" column to parity history
- CSS adjustment in SMART attributes
- Correct calculations for data-rebuild smaller than parity
- Separate Parity-Sync and Data-Rebuild as individual actions
- Show additional buttons in Array Stopped state
- Textual enhancements
- Use Nchan updates for copying/clearing progress
webgui: Parity: shown duration time excluding idle time
webgui: Plugin manager: fix branch select gets unnecessary disabled
webgui: Plugins page loading improvements
webgui: Proactive script security hardening
webgui: Relax SMART detection logic
webgui: Relax update frequency a bit
webgui: Remove Nchan error detection (Rely on the automaticreconnect of Nchan to re-establish connections when communication isslow)
webgui: Remove deprecated font extensions: eot, svg, ttf
webgui: Replace polling scripts with event driven Nchan interface
webgui: Revert back to default capitalization of device names
webgui: Revised filedrop.js
webgui: Right-clicking or long-clicking a menu item should open theselected menu
webgui: SSH authorized keys UI
webgui: Set Main page update frequency to 1s for better support ofmobile devices
webgui: Shares: fix wrong size computation
webgui: Show IP on VM Manager VM Page
webgui: Show management access and shares access groups for users
webgui: Show warning when javascript is disabled
webgui: Sign-in required to provision/renew Unraid LE SSLcertificate
webgui: Silence PHP error on syslinux page if flash drive is missing
webgui: Support future T2FA
webgui: Support multi-language in filetree display
webgui: Suppress IPv6 anycast addresses in routing table
webgui: Suppress non-relevant IPv6 routes in routing table
webgui: System devices additions
webgui: System info: fix translation
webgui: Translation support (Unraid.net)
webgui: Translations: fix creation of empty sessions
webgui: Update Credits.page
webgui: Update DashStats.page
webgui: Update FileTree.php
webgui: Update GUI with latest helptext
webgui: Update Outlook/Hotmail smtp settings
webgui: Update alert text
webgui: Update css files to use woff and woff2 formats only
webgui: UpdateDNS to prefer IPv4 first and then IPv6
webgui: Updated bitstream font to support more languages
webgui: Updated help text for Display settings and Docker
webgui: Use background checking for flash corruption
webgui: Use https for internet connectivity check
webgui: Use tabbed view for device information page
webgui: Use ttyd for logging windows
webgui: VM Manager: add virtio-win-0.1.208.iso download link
webgui: VM Manager: added Windows 11 template and OVMF TPM
webgui: VM editor style update
webgui: VM: fix missing path selection (for GPU firmware file)
webgui: VMs: automatically update virtio-win iso list
webgui: VMs: optimized contextmenu
webgui: Validate WebGUI ports before applying
webgui: Validate destination of VirtIO ISO downloads
webgui: When viewing source, identify which .page file isresponsible
webgui: WireGuard integrated
webgui: WireGuard updates:
- Add tunnel routing for docker containers
- Automatically make the WG tunnel available to containers (customnetwork)
- Make import config file of VPN providers more robust.
- VPN tunneled access for docker
- VPN tunneled access for system
webgui: WireGuard: Add warning when tunnel deletion fails
webgui: WireGuard: Introduce new network modes:
webgui: WireGuard: add logic to recreate networks after reboot
webgui: WireGuard: fixed proper handling of ipv4 + ipv6 tunnels
webgui: WireGuard: preset peer DNS server with "Remote tunneledaccess"
webgui: WireGuard: use kill switch when tunnel inactive
webgui: WireGuard: user nginx settings and unraid.net api
webgui: WireGuard: warn when directly connected with public IP
webgui: WireGuard: fix import function to accept all keys
webgui: WireGuard: make management interface selectable:
webgui: WireGuard: make management interface selectable:
- Defaults to eth0 - future expansion
webgui: WireGuard: strip ListenPort from file input:
- ListenPort must be unique, let WG generate a random local portinstead
webgui: css scrollbar enhancements
webgui: diagnostics: fix: anonymize myunraid.net urls
webgui: dockerMan Security: Remove HTML tags from Config elements
webgui: dockerMan: remove HTML from descriptions
webgui: fix: password lockouts not being cleared properly
webgui: fix: remove reauthentication msg from email notifications
webgui: improve: Highlight selected row when hovering over array orshares
webgui: jQuery: version 3.6.0
webgui: present CA-signed certificate subject as a link
webgui: privatize host in diagnostics
webgui: refactor UpdateDNS.php: anonymize verbose output by default,other improvements
webgui: remove 'My Servers' skeleton page
webgui: require sign in to provision cert
webgui: support simultaneous LAN SSL with self-signed cert andDNS-based SSL with Lets Encrypt cert
webgui: various Multi-language corrections

"WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.

6.10.0 | Unraid Docs (2024)

Version 6.10.0 2022-05-07​

UPC and My Servers Plugin​

Security Changes​

Moving to Let's Encrypt wildcard SSL certificates​

Virtualization​

Windows 11 Support​

Docker​

Docker labels​

Docker custom networks​

Docker bridge network (docker0)​

WireGuard​

Linux Kernel​

Base Packages​

Other Improvements​

Other Bug Fixes​

Change Log vs. Unraid OS 6.9.2​

Base distro​

Included with GUI-mode​

Linux kernel​

Management​

References