Roadmap: Difference between revisions
|  (Proxmox Backup Server 2.2 release) | Tlamprecht (talk | contribs)  No edit summary | ||
| (26 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
| <div class="toclimit-3">__TOC__</div> | |||
| = Roadmap = | = Roadmap = | ||
| * Proxmox VE host backup | * Proxmox VE host backup | ||
| *  | * Backup clients for other operating systems | ||
| *  | * Encrypt data optionally on server-side, on datastore sync and/or incoming backups. | ||
| *  | * Improved quality of service control like per-user bandwidth limits or maximum number of active task workers. | ||
| * Importer for existing vzdump archives into Proxmox Backup Server | * Integration into Proxmox Datacenter Manager. | ||
| * LDAP/AD Authentication | * Completed tasks that have been featured previously on the roadmap: | ||
| *  | ** Push-based sync mode (done with 3.3) | ||
| * . | ** Backup to one (physical) datastore from multiple Proxmox VE clusters, avoiding backup naming conflicts (done) | ||
| ** GUI restore improvements (including VMs) (done) | |||
| ** Set manual protection (immutable) flag for backups (done) | |||
| ** Transforming the single prune configuration of a datastore to allowing multiple jobs, with namespace support (done) | |||
| ** Support S3/Object as datastore storage backend.</s> (done) | |||
| ** Importer for existing vzdump archives into Proxmox Backup Server (done, see [[Import VMA Backups into Proxmox Backup Server]]) | |||
| ** LDAP/AD Authentication (done) | |||
| ** Improve and extend notifications by allowing one to add more endpoints besides email, each with separate filters</s> (done with 3.2) | |||
| = Release History = | = Release History = | ||
| See also [https://forum.proxmox.com/forums/announcements.7/ Announcement forum] | See also [https://forum.proxmox.com/forums/announcements.7/ Announcement forum] | ||
| == Proxmox Backup Server 4.0 == | |||
| '''Released 06. August 2025''' | |||
| * Based on Debian Trixie (13) | |||
| * Latest 6.14.8-2 Kernel as new stable default | |||
| * ZFS 2.3.3 | |||
| === Highlights === | |||
| * New major release based on the great Debian Trixie. | |||
| * Seamless upgrade from Proxmox Backup Server 3.4, see [[Upgrade from 3 to 4]]. | |||
| * S3-compatible object stores as backup storage backend (technology preview). | |||
| *: Proxmox Backup Server can now connect to object stores that provide an S3-compatible API. | |||
| *: A new datastore type persists backup metadata and chunks to an S3-compatible object store. | |||
| *: To reduce the number of requests to the object store, a local cache temporarily stores metadata and chunks. | |||
| * ZFS now supports adding new devices to existing RAIDZ pools with minimal downtime. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Fix an issue where the datastore creation tasks would not be formatted properly in the task list. | |||
| * Improvements to the custom consent window: | |||
| ** Avoid showing the consent text twice for OIDC logins. | |||
| ** Restrict the text length of the consent banner to 64 KiB. | |||
| ** Fix an issue where the consent window size would exceed the viewport size ([https://bugzilla.proxmox.com/show_bug.cgi?id=6312 issue 6312]). | |||
| * Use HttpOnly cookies as an additional layer of protection against cookie stealing attacks. | |||
| * Small improvements to the services view in the host's system panel. | |||
| * Fix an issue where the node services panel would incorrectly show postfix as disabled. | |||
| * Improved handling of translations: | |||
| ** Add support for plural forms and ngettext usage. | |||
| ** Translations can now contain comments that are extracted from the source code and provide useful context for translators. | |||
| * Updated translations, among others: | |||
| ** Czech (new!) | |||
| ** Arabic | |||
| ** Bulgarian | |||
| ** French | |||
| ** German | |||
| ** Italian | |||
| ** Japanese | |||
| ** Korean | |||
| ** Polish | |||
| ** Russian | |||
| ** Simplified Chinese | |||
| ** Spanish | |||
| ** Swedish | |||
| ** Traditional Chinese | |||
| ** Ukrainian | |||
| ==== General backend improvements ==== | |||
| * S3-compatible object stores as backup storage backend (technology preview). | |||
| *: Proxmox Backup Server can now connect to object stores that provide an S3-compatible API. | |||
| *: A new datastore type persists backup metadata and chunks to an S3-compatible object store. | |||
| *: One such datastore cannot be shared between multiple Proxmox Backup Server instances. | |||
| *: Datastore contents can be reused for a new Proxmox Backup Server instance if the original instance has gone offline permanently. | |||
| * Allow to automatically run sync jobs whenever a relevant removable datastore is mounted. | |||
| *: Sync jobs that reference a local removable datastore can only be run while the removable datastore is mounted. | |||
| *: Setting the new <code>run-on-mount</code> flag on a sync job causes it to run automatically when the removable datastore is mounted. | |||
| * Fix an issue where forgetting a group, or the last snapshot of a group, would fail if a group note is present ([https://bugzilla.proxmox.com/show_bug.cgi?id=6358 issue 6358]). | |||
| * Fix an issue where forgetting a group, or the last snapshot of a group, would fail if the owner file was already deleted. | |||
| * Improvements to the garbage collection: | |||
| ** Allow bypassing the chunk cache used during the marking phase by setting a cache capacity of 0. | |||
| ** Track chunk cache statistics in the garbage collection task log. | |||
| ** Fix logging in case of index files created or deleted while the garbage collection job is running. | |||
| ** Fix a rare race condition in the chunk marking phase. | |||
| * Improvements to notifications: | |||
| ** Warn if <code>mailto-user</code> refers to a user without an email address when sending a notification. | |||
| ** Fix an issue with the SMTP endpoint options where the "Authenticate" check box would be inadvertently checked in some browsers ([https://bugzilla.proxmox.com/show_bug.cgi?id=5588 issue 5588]). | |||
| ** Fix an issue where the SMTP endpoint did not properly quote the sender's display name ([https://bugzilla.proxmox.com/show_bug.cgi?id=6188 issue 6188]). | |||
| ** Default to the notification mode <code>notification-system</code> for new datastore/tape jobs. | |||
| **: This was already the default in the GUI, and it is now also the default for jobs created via API and CLI. | |||
| **: Existing jobs without an explicit setting are automatically converted to the explicit setting. | |||
| ** Move notification settings for tape backup jobs to a separate tab. | |||
| ** Improve the GUI for notification settings. | |||
| * Fix an issue where a sync job would acquire an exclusive lock on a source snapshot, causing concurrent backups to fail. | |||
| * Avoid a superfluous stat syscall when checking the protected state of a snapshot. | |||
| * Provide more details in backup task logs to ease troubleshooting. | |||
| ==== Client improvements ==== | |||
| * Ensure that CLI tools print a newline after their usage string if an argument is missing. | |||
| * Fix an issue where restoring a file-based backup would fail if the backup contained a hardlink. | |||
| ==== Tape backup ==== | |||
| * Improve compatibility with tape drivers/libraries that are configured to forbid applications to change tape encryption settings. | |||
| * Wait for calibration of LTO-9 tapes to improve compatibility with tapes that are automatically formatted when they are first used. | |||
| * Increase the timeout for moving a medium in a changer from 5 to 45 minutes | |||
| *: This improves compatibility with some tape libraries where such operations can a take a long time. | |||
| ==== Installation ISO ==== | |||
| * Install the microcode package matching the current platform. | |||
| *: This ensures that new Proxmox Backup Server installations get available fixes for CPU security issues and other CPU bugs. | |||
| *: This also means that installations now have the <code>non-free-firmware</code> repository enabled. | |||
| *: To get microcode updates that were released after the ISO was built, hosts have to be updated regularly. Microcode updates need a reboot to go into effect. | |||
| * Ignore network interfaces without a valid MAC address instead of aborting the installation. | |||
| * Check that the configured LVM swapsize is not greater than half the disk size ([https://bugzilla.proxmox.com/show_bug.cgi?id=5887 issue 5887]). | |||
| * Handle the case where the DHCP lease includes the search domain in the Host Name option. | |||
| * Improve error reporting for disk and RAID checks. | |||
| * Improvements to the text-based installer and <code>proxmox-auto-install-assistant</code>: | |||
| ** Improve error reporting when encountering an invalid CIDR. | |||
| ** Add plausibility checks for subnet masks and IPv4 address | |||
| * Improvements to the automated installation: | |||
| ** Handle the case where the answer file provides an empty search domain. | |||
| ** Check the number of disks for RAID configurations already when parsing the answer file to catch invalid configurations earlier. | |||
| ** Warn if the answer file contains deprecated <code>snake_case</code> keys. | |||
| ** Check for duplicate disks in the answer file. | |||
| * Improve the visibility of CLI errors by printing an additional newline. | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * Provide a tool for pinning network interface names. | |||
| *: Network interface names may change due to multiple factors, including changes to the hardware setup, software updates, and firmware updates. | |||
| *: Examples are systemd, kernel and driver updates during major or minor version updates, and BIOS updates. | |||
| *: Changes of network interface names can require manually adjusting network and firewall configurations. | |||
| *: <code>proxmox-network-interface-pinning</code> is a tool for assigning permanent "pinned" names to network interfaces. | |||
| *: These pinned names are tied to the interface's MAC address. | |||
| * Support alternative names for network interfaces. | |||
| *: Alternative names can be used to give multiple additional names to a network interface. | |||
| *: While network interface names are restricted to 15 user-visible bytes, alternative names can be up to 128 bytes long. | |||
| *: It is now possible to use alternative names in <code>/etc/network/interfaces</code> instead of (primary) network interface names. | |||
| *: Transparent support for alternative names can decrease the maintenance overhead in case the primary network interface name changes due to an update. | |||
| *: The network configuration GUI also shows alternative names of network interfaces. | |||
| * New ZFS version 2.3.3: | |||
| ** Support for adding new devices to existing RAIDZ pools without downtime. | |||
| ** See [https://github.com/openzfs/zfs/releases upstream changelog] for details. | |||
| * Secure Boot: Exclude the NTFS module from the monolithic Grub EFI binary ([https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/post-782751 PSA-2025-00012-1]). | |||
| * Add a <code>pbs-network-config-commit</code> systemd service to apply pending network changes on boot. | |||
| * ACME: Improve compatibility with ACME servers whose directory endpoint does not provide certain fields. | |||
| <div id="4.0-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| ==== The test repository is now named pbs-test ==== | |||
| For consistency with existing repositories the <code>pbstest</code> repository is now spelled <code>pbs-test</code>. | |||
| ==== Potential changes in network interface names ==== | |||
| Proxmox Backup Server 4 can now transparently handle many network interface name changes. | |||
| These changes may occur when upgrading from Proxmox Backup Server 3.x to 4.0 due to new naming scheme policies or the added support for new NIC features. For example, this may happen when upgrading from Kernel 6.8 to Kernel 6.14. | |||
| If the previous primary name remains available as an alternative name, manual intervention may not be necessary since Proxmox Backup Server 4.0 allows the use of alternative names in network configurations. | |||
| However, in some cases, the previous primary name might not be available as an alternative name after the upgrade. In such cases, manual reconfiguration after the upgrade is currently still necessary. | |||
| Prior to upgrading, you can install the <code>proxmox-network-interface-pinning</code> package and use the CLI tool with the same name to pin network interfaces to custom names. | |||
| ==== Passkeys as Second Factor (TFA) ==== | |||
| Proxmox Backup Server supports WebAuthn as a second-factor authentication method. Although passkeys are related to WebAuthn, there are some differences that may cause issues when using them after upgrading to Proxmox Backup Server 4.0. | |||
| A fix is currently being rolled out through the proxmox-backup-server 4.0.11-3 version. | |||
| When using two-factor authentication (TFA), you should always ensure that you have another second-factor type set up as a backup, such as recovery codes or time-based one-time password (TOTP). | |||
| ==== Change in sync job filter order ==== | |||
| For sync jobs the filtering of encrypted only or verified only snapshots is now performed before applying the transfer last cutoff. This makes the behavior more intuitive. | |||
| ==== systemd logs "System is tainted: unmerged-bin" after boot ==== | |||
| It is recommended to ignore this message. See the [https://www.debian.org/releases/trixie/release-notes/issues.en.html#systemd-message-system-is-tainted-unmerged-bin Debian Trixie release notes] for more details. | |||
| ==== OpenID users get logged out instantly ==== | |||
| In Proxmox Backup Server version 4 up until and including 4.0.11 there was a bug in the authentication logic for accounts that used OpenID to log in. This would lead to users being immediately logged out again after the initial login. A fix has been implemented in <code>proxmox-backup-server</code> version <code>4.0.12-1</code>. Please update to at least that version if you are using OpenID and run into this problem. | |||
| == Proxmox Backup Server 4.0 BETA == | |||
| '''Released 24. July 2025''' | |||
| {{Note|This is a test version that is not yet intended for production use. The release notes will be continuously updated during the beta phase.}} | |||
| * Based on Debian Trixie (13) | |||
| * Latest 6.14.8-1 Kernel as new stable default | |||
| * ZFS 2.3.3 | |||
| === Highlights === | |||
| * New major release based on the great Debian Trixie. | |||
| * Seamless upgrade from Proxmox Backup Server 3.4, see [[Upgrade from 3 to 4]]. | |||
| * S3-compatible object stores as backup storage backend (technology preview). | |||
| *: Proxmox Backup Server can now connect to object stores that provide an S3-compatible API. | |||
| *: A new datastore type persists backup metadata and chunks to an S3-compatible object store. | |||
| *: To reduce the number of requests to the object store, a local cache temporarily stores metadata and chunks. | |||
| * ZFS now supports adding new devices to existing RAIDZ pools without downtime. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Fix an issue where the datastore creation tasks would not be formatted properly in the task list. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=8eb1cd4a9531a6b3407972fbbcc3d51d23713a85 --> | |||
| * Improvements to the custom consent window: | |||
| ** Avoid showing the consent text twice for OIDC logins. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=ead4ec5d7ed9ab96553305a9b6dd8cac436ee28e --> | |||
| ** Restrict the text length of the consent banner to 64 KiB. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=427c687e35d964d881a6de6a38c841d0ac7f3043 --> | |||
| ** Fix an issue where the consent window size would exceed the viewport size ([https://bugzilla.proxmox.com/show_bug.cgi?id=6312 issue 6312]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=5b329a62352a14544b313fd5762d782efa480231 --> | |||
| * Use HttpOnly cookies as an additional layer of protection against cookie stealing attacks. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=dd490f30d19e92aa4b337747687558ba7a043484 --> | |||
| * Small improvements to the services view in the host's system panel. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=d93e4611bac1b439be79f44e4979ebd292724625 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=927aa2d2d4f3ec92d4920a00528ccfd131b7ee20 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=342aac23bc0a714ad851b669e7cac095bbeb2613 --> | |||
| * Fix an issue where the node services panel would incorrectly show postfix as disabled. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=04c60156761f2326eb5abea8339e93f39785a351 --> | |||
| * Updated translations, among others: | |||
| ** Czech (new!) | |||
| ** Arabic | |||
| ** Bulgarian | |||
| ** French | |||
| ** German | |||
| ** Italian | |||
| ** Japanese | |||
| ** Korean | |||
| ** Russian | |||
| ** Spanish | |||
| ** Swedish | |||
| ** Traditional Chinese | |||
| ** Ukrainian | |||
| ==== General backend improvements ==== | |||
| * S3-compatible object stores as backup storage backend (technology preview). | |||
| *: Proxmox Backup Server can now connect to object stores that provide an S3-compatible API. | |||
| *: A new datastore type persists backup metadata and chunks to an S3-compatible object store. | |||
| *: One such datastore cannot be shared between multiple Proxmox Backup Server instances. | |||
| *: Datastore contents can be reused for a new Proxmox Backup Server instance if the original instance has gone offline permanently. | |||
| * Allow to automatically run sync jobs whenever a relevant removable datastore is mounted. | |||
| *: Sync jobs that reference a local removable datastore can only be run while the removable datastore is mounted. | |||
| *: Setting the new <code>run-on-mount</code> flag on a sync job causes it to run automatically when the removable datastore is mounted. | |||
| * Fix an issue where forgetting a group, or the last snapshot of a group, would fail if a group note is present ([https://bugzilla.proxmox.com/show_bug.cgi?id=6358 issue 6358]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=a93775e37e85a3877fb3ebab1abcc471d1b32d6f --> | |||
| * Fix an issue where forgetting a group, or the last snapshot of a group, would fail if the owner file was already deleted. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=433fc1b73b45f01d9c53a1f293ce659723472ea5 --> | |||
| * Improvements to the garbage collection: | |||
| ** Allow bypassing the chunk cache used during the marking phase by setting a cache capacity of 0. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=5285a859dc713bad83145b82c3f62bb9f5caf84b --> | |||
| ** Track chunk cache statistics in the garbage collection task log. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=ae3994e003c668e3639a26c59519d824ee28a712 --> | |||
| ** Fix logging in case of index files created or deleted while the garbage collection job is running. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=5fc281cd892efeb87bea5fa544e2ff9a5816337d --> | |||
| ** Fix a rare race condition in the chunk marking phase. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=07a21616c28a09efb6039e79163b9c4ac8610565 --> | |||
| * Improvements to notifications: | |||
| ** Warn if <code>mailto-user</code> refers to a user without an email address when sending a notification. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=ab08733f74eab0b5dd7dd4d95f01c8aa607c5077 --> | |||
| ** Fix an issue with the SMTP endpoint options where the "Authenticate" check box would be inadvertently checked in some browsers ([https://bugzilla.proxmox.com/show_bug.cgi?id=5588 issue 5588]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=ca138ff8d0dc8687ddfe9e4e448342e1fe1fb8a0 --> | |||
| ** Fix an issue where the SMTP endpoint did not properly quote the sender's display name ([https://bugzilla.proxmox.com/show_bug.cgi?id=6188 issue 6188]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=7262fae25c7cd25df9443158e3542ad58e7c0ebe --> | |||
| ** Default to the notification mode <code>notification-system</code> for new datastore/tape jobs. | |||
| **: This was already the default in the GUI, and it is now also the default for jobs created via API and CLI. | |||
| **: Existing jobs without an explicit setting are automatically converted to the explicit setting. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=243e6a57841839e4f00c15e3997bb7a1cf7d86d3 --> | |||
| ** Move notification settings for tape backup jobs to a separate tab. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=025afdb9fee735fd23e93b6889298c44dd8e3909 --> | |||
| ** Improve the GUI for notification settings. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=b289d294c879376853586221b984290928f0f0f1 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=82963b7d4b93992dce3c92ae8ae937301a773515 --> | |||
| * Fix an issue where a sync job would acquire an exclusive lock on a source snapshot, causing concurrent backups to fail. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=af5ff86a2603f7a539d3575b86cb08d96e185285 --> | |||
| * Avoid a superfluous stat syscall when checking the protected state of a snapshot. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=2745f731e2fa6bdf03f09f7421f677ea6d78c404 --> | |||
| * Provide more details in backup task logs to ease troubleshooting. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=4a022e1a3fe0846738e03e59114a3a7fc4a6665e --> | |||
| ==== Client improvements ==== | |||
| * Ensure that CLI tools print a newline after their usage string if an argument is missing. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=08c28ddeaf75be9be7853168607a9d65a8288d2a --> | |||
| * Fix an issue where restoring a file-based backup would fail if the backup contained a hardlink. | |||
|     <!-- beta https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=7a5f194f00967efeac2c0a2dedd81d5c749838cc --> | |||
| ==== Tape backup ==== | |||
| * Improve compatibility with tape drivers/libraries that are configured to forbid applications to change tape encryption settings. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=096505eaf7b16aedb5ee75ae874275c95e7b8d0e --> | |||
| ==== Installation ISO ==== | |||
| * Install the microcode package matching the current platform. | |||
| *: This ensures that new Proxmox Backup Server installations get available fixes for CPU security issues and other CPU bugs. | |||
| *: This also means that installations now have the <code>non-free-firmware</code> repository enabled. | |||
| *: To get microcode updates that were released after the ISO was built, hosts have to be updated regularly. Microcode updates need a reboot to go into effect. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=3c2ba284420c57f7e7fdd2d48835de44cb604cd2 --> | |||
| * Ignore network interfaces without a valid MAC address instead of aborting the installation. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=aff57231b3bf18d778deb9ff596aeb1b79048ecf --> | |||
| * Check that the configured LVM swapsize is not greater than half the disk size ([https://bugzilla.proxmox.com/show_bug.cgi?id=5887 issue 5887]). | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=7b21339ac27b080db8453eac3ed671e2f45df09a --> | |||
| * Handle the case where the DHCP lease includes the search domain in the Host Name option. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=a9c0a445ab7cc7848e5e6271365cdd69abd9eb03 --> | |||
| * Improve error reporting for disk and RAID checks. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=ceed3293619c1793fb5c3a79ad137e24b51c2238 --> | |||
| * Improvements to the text-based installer and <code>proxmox-auto-install-assistant</code>: | |||
| ** Improve error reporting when encountering an invalid CIDR. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=4215c27adb4e75789b44ddfbcd6152bbde31dba6 --> | |||
| ** Add plausibility checks for subnet masks and IPv4 address | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=e06e64c020dc4d0adcb7ceefbe658e2554da567a --> | |||
| * Improvements to the automated installation: | |||
| ** Handle the case where the answer file provides an empty search domain. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=3d81300ca62246989bc18991c85a67d1234b1a97 --> | |||
| ** Check the number of disks for RAID configurations already when parsing the answer file to catch invalid configurations earlier. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=aa761eb884eb667ffc9d30266797f87b1325a385 --> | |||
| ** Warn if the answer file contains deprecated <code>snake_case</code> keys. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=38691b6c04987a35bf285ef486c87b0cc561932b --> | |||
| ** Check for duplicate disks in the answer file. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=782b397a050562cc67bcea72e69799836b62ea45 --> | |||
| * Improve the visibility of CLI errors by printing an additional newline. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=747dc647b170cc9eda5c40504daf74fd661ac20a --> | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * Support alternative names for network interfaces. | |||
| *: Alternative names can be used to give multiple additional names to a network interface. | |||
| *: While network interface names are restricted to 15 user-visible bytes, alternative names can be up to 128 bytes long. | |||
| *: It is now possible to use alternative names in <code>/etc/network/interfaces</code> instead of (primary) network interface names. | |||
| *: Transparent support for alternative names can decrease the maintenance overhead in case the primary network interface name changes due to an update. | |||
|     <!-- https://git.proxmox.com/?p=ifupdown2.git;a=commit;h=d8e620a81429b4a55c854676cd28354320c08b75 --> | |||
| * New ZFS version 2.3.3: | |||
| ** Support for adding new devices to existing RAIDZ pools without downtime. | |||
| ** See [https://github.com/openzfs/zfs/releases upstream changelog] for details. | |||
| * ACME: Improve compatibility with ACME servers whose directory endpoint does not provide certain fields. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=41771089dbcae4738bdc5b38244cb4df4b9649cf --> | |||
| <div id="4.0-beta-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| ==== The test repository is now named pbs-test ==== | |||
| For consistency with existing repositories the <code>pbstest</code> repository is now spelled <code>pbs-test</code>. | |||
| ==== Potential changes in network interface names ==== | |||
| Proxmox Backup Server 4 can now transparently handle many network interface name changes. | |||
| These changes may occur when upgrading from Proxmox Backup Server 3.x to 4.0 due to new naming scheme policies or the added support for new NIC features. For example, this may happen when upgrading from Kernel 6.8 to Kernel 6.14. | |||
| If the previous primary name remains available as an alternative name, manual intervention may not be necessary since Proxmox Backup Server 4.0 allows the use of alternative names in network configurations. | |||
| However, in some cases, the previous primary name might not be available as an alternative name after the upgrade. In such cases, manual reconfiguration after the upgrade is currently still necessary. | |||
| == Proxmox Backup Server 3.4 == | |||
| '''Released 10. April 2025''' | |||
| * Based on Debian Bookworm (12.10) | |||
| * Latest 6.8.12-9 Kernel as new stable default | |||
| * Newer 6.14 Kernel as opt-in | |||
| * ZFS: 2.2.7 (with compatibility patches for Kernel 6.14) | |||
| === Highlights === | |||
| * Performance improvements for garbage collection. | |||
| *: Garbage collection frees up storage space by removing unused chunks from the datastore. | |||
| *: For this, it has to mark all chunks that are currently in use by backup snapshots. | |||
| *: The marking phase now uses a cache to avoid redundant marking operations. | |||
| *: This increases memory consumption but can significantly decrease the runtime of garbage collection. | |||
| * More fine-grained control over backup snapshot selection for sync jobs. | |||
| *: Sync jobs are useful for pushing or pulling backup snapshots to or from remote Proxmox Backup Server instances. | |||
| *: Group filters already allow selecting which backup groups should be synchronized. | |||
| *: In addition, it is now possible to only synchronize backup snapshots that are encrypted, or only backup snapshots that are verified. | |||
| * Static build of the Proxmox Backup command-line client. | |||
| *: Proxmox Backup Server is tightly integrated with Proxmox VE, but its command-line client can also be used outside Proxmox VE. | |||
| *: Packages for the command-line client are already provided for hosts running Debian or Debian derivatives. | |||
| *: A new statically linked binary increases the compatibility with Linux hosts running other distributions. | |||
| *: This makes it easier to use Proxmox Backup Server to create file-level backups of arbitrary Linux hosts. | |||
| * Latest Linux 6.14 kernel available as opt-in kernel. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Allow configuring a default realm which will be pre-selected in the login dialog ([https://bugzilla.proxmox.com/show_bug.cgi?id=5379 issue 5379]). | |||
| * The prune simulator now allows specifying schedules with both range and step size ([https://bugzilla.proxmox.com/show_bug.cgi?id=6069 issue 6069]). | |||
| * Ensure that the prune simulator shows kept backups in the list of backups. | |||
| * Fix an issue where the GUI would not fully load after navigating to the "Prune & GC Jobs" tab in rare cases. | |||
| * Deleting the comment of an API token is now possible. | |||
| * Various smaller improvements to the GUI. | |||
| * Fix some occurrences where translatable strings were split, which made potentially useful context unavailable for translators. | |||
| ==== General backend improvements ==== | |||
| * Performance improvements for garbage collection ([https://bugzilla.proxmox.com/show_bug.cgi?id=5331 issue 5331]). | |||
| *: Garbage collection frees up storage space by removing unused chunks from the datastore. | |||
| *: For this, its first phase updates the atime (access time) of all chunk files that are currently in use by backup snapshots. | |||
| *: The marking phase now uses an improved chunk iteration logic and a cache to avoid redundant atime updates. | |||
| *: This increases memory consumption but can significantly decrease the runtime of garbage collection. | |||
| *: The cache capacity can be configured in the datastore's tuning options. | |||
| * More fine-grained control over backup snapshot selection for sync jobs. | |||
| *: Sync jobs are useful for pushing or pulling backup snapshots to or from remote Proxmox Backup Server instances. | |||
| *: Group filters already allow selecting which backup groups should be synchronized. | |||
| *: In addition, it is now possible to only synchronize backup snapshots that are encrypted, or only backup snapshots that are verified ([https://bugzilla.proxmox.com/show_bug.cgi?id=6072 issue 6072]). | |||
| *: The sync job's <code>transfer-last</code> setting has precedence over the <code>verified-only</code> and <code>encrypted-only</code> filtering. | |||
| * Add a safeguard against filesystems that do not honor atime updates ([https://bugzilla.proxmox.com/show_bug.cgi?id=5982 issue 5982]). | |||
| *: The first phase of garbage collection marks used chunk files by explicitly updating their atime. | |||
| *: If the filesystem backing the chunk store does not honor such atime updates, phase two may delete chunks that are still in use, leading to data loss. | |||
| *: Hence, datastore creation and garbage collection now perform an atime update on a test chunk, and report an error if the atime update is not honored. | |||
| *: The check is enabled by default and can be disabled in the datastore's tuning options. | |||
| * Allow to customize the atime cutoff for garbage collection in the datastore's tuning options. | |||
| *: The atime cutoff defaults to 24 hours and 5 minutes, as a safeguard for filesystems that do not always immediately update the atime. | |||
| *: However, on filesystems that do immediately update the atime, this can cause unused chunks to be kept for longer than necessary. | |||
| *: Hence, allow advanced users to configure a custom atime cutoff in the datastore's tuning options. | |||
| * Allow to generate a new token secret for an API token via the API and GUI ([https://bugzilla.proxmox.com/show_bug.cgi?id=3887 issue 3887]). | |||
| * Revert a check for known but missing chunks when creating a new backup snapshot (reverts fix for [https://bugzilla.proxmox.com/show_bug.cgi?id=5710 issue 5710]). | |||
| *: This check was introduced in Proxmox Backup Server 3.3 to enable clients to re-send chunks that disappeared. | |||
| *: However, the check turned out to not scale well for large setups, as reported by the community. | |||
| *: Hence, revert the check and aim for an opt-in or opt-out approach in the future. | |||
| * Ensure proper unmount if the creation of a removable datastore fails. | |||
| * Remove a backup group if its last backup snapshot is removed ([https://bugzilla.proxmox.com/show_bug.cgi?id=3336 issue 3336]). | |||
| *: Previously, the empty backup group persisted with the previous owner still set. | |||
| *: This caused issues when trying to add new snapshots with a different owner to the group. | |||
| * Decouple the locking of backup groups, snapshots, and manifests from the underlying filesystem of the datastore ([https://bugzilla.proxmox.com/show_bug.cgi?id=3935 issue 3935]). | |||
| *: Lock files are now created on the tmpfs under <code>/run</code> instead of the datastore's backing filesystem. | |||
| *: This can also alleviate issues concerning locking on datastores backed by network filesystems. | |||
| * Ensure that permissions of an API token are deleted when the API token is deleted ([https://bugzilla.proxmox.com/show_bug.cgi?id=4382 issue 4382]). | |||
| * Ensure that chunk files are inserted with the correct owner if the process is running as root. | |||
| * Fix an issue where prune jobs would not write a task log in some cases, causing the tasks to be displayed with status "Unknown". | |||
| * When listing datastores, parse the configuration and check the mount status after the authorization check. | |||
| *: This can lead to performance improvements on large setups. | |||
| * Improve the error reporting by including more details (for example the <code>errno</code>) in the description. | |||
| * Ensure that "Wipe Disk" also wipes the GPT header backup at the end of the disk ([https://bugzilla.proxmox.com/show_bug.cgi?id=5946 issue 5946]). | |||
| * Ensure that the task status is reported even if logging is disabled using the <code>PBS_LOG</code> environment variable. | |||
| * Fix an issue where <code>proxmox-backup-manager</code> would write log output twice. | |||
| * Fix an issue where a worker task that failed during start would not be cleaned up. | |||
| * Fix a race condition that could cause an incorrect update of the number of current tasks. | |||
| * Increase the locking timeout for the task index file to alleviate issues due to lock contention. | |||
| * Fix an issue where verify jobs would be too eagerly aborted if the manifest update fails. | |||
| * Fix an issue where file descriptors would not be properly closed on daemon reload. | |||
| * Fix an issue where the version of a remote Proxmox Backup Server instance was checked incorrectly. | |||
| ==== Client improvements ==== | |||
| * Static build of the Proxmox Backup command-line client ([https://bugzilla.proxmox.com/show_bug.cgi?id=4788 issue 4788]). | |||
| *: Proxmox Backup Server is tightly integrated with Proxmox VE, but its command-line client can also be used outside Proxmox VE. | |||
| *: Packages for the command-line client are already provided for hosts running Debian or Debian derivatives. | |||
| *: A new statically linked binary increases compatibility with Linux hosts running other distributions. | |||
| *: This makes it easier to interact with Proxmox Backup Server on arbitrary Linux hosts, for example to create or manage file-level host backups. | |||
| * Allow to read passwords from credentials passed down by systemd. | |||
| *: Examples are the API token secret for the Proxmox Backup Server, or the password needed to unlock the encryption key. | |||
| * Improvements to the <code>vma-to-pbs</code> tool, which allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server: | |||
| ** Optionally read the repository or passwords from environment variables, similarly to <code>proxmox-backup-client</code>. | |||
| ** Add support for the <code>--version</code> command-line option. | |||
| ** Avoid leaving behind zstd, lzop or zcat processes as zombies ([https://bugzilla.proxmox.com/show_bug.cgi?id=5994 issue 5994]). | |||
| ** Clarify the error message in case the VMA file ends unexpectedly. | |||
| * Mention restrictions for archive names in the documentation and manpage ([https://bugzilla.proxmox.com/show_bug.cgi?id=6185 issue 6185]). | |||
| * Improvements to the change detection modes for file-based backups introduced in Proxmox Backup Server 3.3: | |||
| ** Fix an issue where the file size was not considered for metadata comparison, which could cause subsequent restores to fail. | |||
| * Fix a race condition that could prevent proper error propagation during a container backup to Proxmox Backup Server. | |||
| * File restore from image-based backups: Switch to <code>blockdev</code> options when preparing drives for the file restore VM. | |||
| *: In addition, fix a short-lived regression when using namespaces or encryption due to this change. | |||
| ==== Tape backup ==== | |||
| * Allow to increase the number of worker threads for reading chunks during tape backup. | |||
| *: On certain setups, this can significantly increase the throughput of tape backups. | |||
| * Add a section on disaster recovery from tape to the documentation ([https://bugzilla.proxmox.com/show_bug.cgi?id=4408 issue 4408]). | |||
| ==== Installation ISO ==== | |||
| * Raise the minimum root password length from 5 to 8 characters for all installers. | |||
| *: This change is done in accordance with current [https://pages.nist.gov/800-63-4/sp800-63b.html#passwordver NIST recommendations]. | |||
| * Print more user-visible information about the reasons why the automated installation failed. | |||
| * Allow RAID levels to be set case-insensitively in the answer file for the automated installer. | |||
| * Prevent the automated installer from printing progress messages while there has been no progress. | |||
| * Correctly acknowledge the user's preference whether to reboot on error during automated installation ([https://bugzilla.proxmox.com/show_bug.cgi?id=5984 issue 5984]). | |||
| * Allow binary executables (in addition to shell scripts) to be used as the first-boot executable for the automated installer. | |||
| * Allow properties in the answer file of the automated installer to be either in <code>snake_case</code> or <code>kebab-case</code>. | |||
| *: The <code>kebab-case</code> variant is preferred to be more consistent with other Proxmox configuration file formats. | |||
| *: The <code>snake_case</code> variant will be gradually deprecated and removed in future major version releases. | |||
| * Validate the locale and first-boot-hook settings while preparing the automated installer ISO, instead of failing the installation due to wrong settings. | |||
| * Prevent printing non-critical kernel logging messages, which drew over the TUI installer's interface. | |||
| * Keep the network configuration detected via DHCP in the GUI installer, even when not clicking the <code>Next</code> button first ([https://bugzilla.proxmox.com/show_bug.cgi?id=2502 issue 2502]). | |||
| * Add an option to retrieve the fully qualified domain name (FQDN) from the DHCP server with the automated installer ([https://bugzilla.proxmox.com/show_bug.cgi?id=5811 issue 5811]). | |||
| * Improve the error handling if no DHCP server is configured on the network or no DHCP lease is received. | |||
| *: The GUI installer will pre-select the first found interface if the network was not configured with DHCP. | |||
| *: The installer will fall back to more sensible values for the interface address, gateway address, and DNS server if the network was not configured with DHCP. | |||
| * Add an option to power off the machine after the successful installation with the automated installer ([https://bugzilla.proxmox.com/show_bug.cgi?id=5880 issue 5880]). | |||
| * Improve the ZFS ARC maximum size settings for systems with a limited amount of memory. | |||
| *: On these systems, the ZFS ARC maximum size is clamped in such a way, that there is always at least 1 GiB of memory left to the system. | |||
| * Make Btrfs installations use the <code>proxmox-boot-tool</code> to manage the EFI system partitions ([https://bugzilla.proxmox.com/show_bug.cgi?id=5433 issue 5433]). | |||
| * Make GRUB install the bootloader to the disk directly to ensure that a system is still bootable even though the EFI variables were corrupted. | |||
| * Fix a bug in the GUI installer's hard disk options, which causes ext4 and xfs to show the wrong options after switching back from Btrfs's advanced options tab. | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * Several vulnerabilities in GRUB that could be used to bypass SecureBoot were discovered and fixed ([https://forum.proxmox.com/threads/proxmox-backup-server-security-advisories.149332/post-753680 PSA-2025-00005-1]) | |||
| *: The [https://pve.proxmox.com/wiki/Secure_Boot_Setup#Setting_a_Stricter_Revocation_Policy Documentation for SecureBoot] now includes instructions to prevent using vulnerable components for booting via a revocation policy. | |||
| * Improvements to the notification system: | |||
| ** Allow overriding templates used for notifications sent as plain text as well as HTML ([https://bugzilla.proxmox.com/show_bug.cgi?id=6143 issue 6143]). | |||
| ** Streamline notification templates in preparation for user-overridable templates. | |||
| ** Clarify the descriptions for notification matcher modes ([https://bugzilla.proxmox.com/show_bug.cgi?id=6088 issue 6088]). | |||
| ** Fix an error that occurred when creating or updating a notification target. | |||
| ** HTTP requests to webhook and gotify targets now set the <code>Content-Length</code> header. | |||
| * Lift the requirement that InfluxDB organization and bucket names need to at least three characters long | |||
| *: The new minimum length is one character. | |||
| * Improve the accuracy of the "Used Memory" metric by relying on the <code>MemAvailable</code> statistic reported by the kernel. | |||
| *: Previously, the metric incorrectly ignored some reclaimable memory allocations and thus overestimated the amount of used memory. | |||
| * Backport a kernel patch that avoids a performance penalty on Raptor Lake CPUs with recent microcode ([https://bugzilla.proxmox.com/show_bug.cgi?id=6065 issue 6065]). | |||
| * Backport a kernel patch that fixes Open vSwitch network crashes that would occur with a low probability when exiting ovs-tcpdump. | |||
| <div id="3.4-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| None | |||
| == Proxmox Backup Server 3.3 == | |||
| '''Released 28. November 2024''' | |||
| * Based on Debian Bookworm (12.8) | |||
| * Latest 6.8.12-4 Kernel as new stable default | |||
| * Newer 6.11 Kernel as opt-in | |||
| * ZFS 2.2.6 (with compatibility patches for Kernel 6.11) | |||
| === Highlights === | |||
| * Push direction for sync jobs. | |||
| *: Sync jobs can already pull backup snapshots from remote Proxmox Backup Server instances. | |||
| *: The new push direction allows copying backup snapshots from the local instance to remote instances. | |||
| *: This can be useful in setups where the remote instance cannot initiate connections to the local instance. | |||
| * Support for removable datastores. | |||
| *: Datastores can now be created on removable media for offline storage. | |||
| *: After unmounting the removable datastore, the medium can be removed. | |||
| *: The datastore can be used on multiple Proxmox Backup Server instances. | |||
| * Webhook target for the notification system. | |||
| *: The new webhook notification target allows notification events to trigger HTTP requests. | |||
| *: Request headers and body can be customized and can contain notification metadata. | |||
| *: This allows users to push notifications to any target that supports webhooks. | |||
| * New change detection modes for speeding up file-based backups. | |||
| *: Metadata and data of backup snapshots are now stored in two separate archives. | |||
| *: Optionally, files that have not changed since the previous backup snapshot can be identified using the previous backup snapshot's metadata archive. | |||
| *: Processing of unchanged files is avoided when possible, which can lead to significant reduction in backup runtime. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Allow to set a consent banner that users must acknowledge before logging in ([https://bugzilla.proxmox.com/show_bug.cgi?id=5463 issue 5463]). | |||
| *: This can be required for compliance reasons. | |||
| *: The banner supports Markdown and can be set in Configuration → Other → General → Consent Text. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=dea876fd5ed8d4b2ff6a95176f35dcb74ba0d1da --> | |||
| * Columns in the "Prune & GC Jobs" view are now sortable ([https://bugzilla.proxmox.com/show_bug.cgi?id=5422 issue 5422]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=038576285983564261eeb53637bf0a6991b21c93 --> | |||
| * Fix a short-lived regression where updating <code>proxmox-backup-server</code> without updating <code>proxmox-widget-toolkit</code> made the GUI inaccessible ([https://bugzilla.proxmox.com/show_bug.cgi?id=5503 issue 5503]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=843211b050e038924b1ccfd9edad620b1fe0dbac --> | |||
| * Fix an issue where the "Change owner" dialog would not accept usernames shorter than 8 characters ([https://bugzilla.proxmox.com/show_bug.cgi?id=5861 issue 5861]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=27811f3f8f3f45f246c95b4b3747c869ff64ffdb --> | |||
| * Disallow creating a datastore on <code>/</code> via the GUI, as this is most likely unintended. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=f2ea424cc1d322321eaf2f429b4aea57841e889a --> | |||
| * Fix an issue where clicking on an external link to the GUI would display a login screen, even if the current session was still valid. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=9e69d726e0e9fa7d09be6e616d2c6b6268030af5 --> | |||
| * Show only installed services in the node's system panel by default, but optionally allow showing all services ([https://bugzilla.proxmox.com/show_bug.cgi?id=5611 issue 5611]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=a351d3d36d972eaabb75eb5c5f04e3484cf7402d --> | |||
| * Right-align numbers in the S.M.A.R.T. values table ([https://bugzilla.proxmox.com/show_bug.cgi?id=5831 issue 5831]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=8f2c09235c64a5d11c68327856282d185e5d1d17 --> | |||
| * Fix an issue where the installed Proxmox Backup Server version was incorrectly rendered with a hyphen instead of a dot. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=c7cf3b424a72c233dadc65cf375eaf95b4f55273 --> | |||
| * Improved translations, among others: | |||
| ** Bulgarian (NEW!) | |||
| ** Arabic | |||
| ** French | |||
| ** German | |||
| ** Italian | |||
| ** Japanese | |||
| ** Russian | |||
| ** Spanish | |||
| ** Traditional Chinese | |||
| ==== General backend improvements ==== | |||
| * Push direction for sync jobs ([https://bugzilla.proxmox.com/show_bug.cgi?id=3044 issue 3044]). | |||
| *: Sync jobs can already pull backup snapshots from remote Proxmox Backup Server instances. | |||
| *: The new push direction allows copying backup snapshots from the local instance to remote instances. | |||
| *: This can be useful in setups where the remote instance cannot initiate connections to the local instance. | |||
| *: The new privileges <code>Remote.DatastoreBackup</code>, <code>Remote.DatastoreModify</code> and <code>Remote.DatastorePrune</code> can be used on the source side to restrict permissions to push snapshots to a remote instance. | |||
| *: Users can push snapshots directly via the CLI. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=33737196b133fbb7572bcbf8dcf6ba0b2b00a8bf --> | |||
| * Pull sync jobs can now optionally resync corrupt chunks ([https://bugzilla.proxmox.com/show_bug.cgi?id=3786 issue 3786]). | |||
| *: When syncing a backup group from a remote, the sync job checks whether the last local snapshot has previously failed verification. | |||
| *: If this is the case, the sync job overwrites the local snapshot with the remote snapshot. | |||
| *: As the additional lookups impact sync job performance, the feature is disabled by default and can be enabled in the sync job options. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=590187ff53e9f8bcf3313849f9e029f0b86826ed --> | |||
| * Support for removable datastores. | |||
| *: Datastores can now be created on removable media for offline storage. | |||
| *: After unmounting the removable datastore in the GUI, the medium can be removed. | |||
| *: The datastore can be used on multiple Proxmox Backup Server instances. | |||
| *: Multiple datastores per device are also supported. | |||
| *: If the device only contains a single datastore, connecting the device will automatically mount the datastore. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=51148a0b1e5fa84b9f3e4a1a5e76abae3dd27b40 --> | |||
| * Check for known but missing chunks when creating a new backup snapshot ([https://bugzilla.proxmox.com/show_bug.cgi?id=5710 issue 5710]). | |||
| *: Known chunks are chunks that are contained in the previous snapshot of the backup group. | |||
| *: When creating a new backup snapshot, the list of known chunks is sent to the client, so the client can skip uploading known chunks. | |||
| *: However, if a known chunk disappeared, but the previous snapshot has not been re-verified yet, the new backup snapshot will be corrupt. | |||
| *: To make the user aware of this condition, check the previously known chunks for existence when finishing the new backup snapshot. | |||
| *: If a missing chunk is detected, the backup fails and the verify state of the previous backup snapshot is set to failed. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=da11d22610108efa33ce9c61e0f849565c150d03 --> | |||
| * Fix a regression where an early HTTP connection close could result in high CPU usage and denial-of-service ([https://bugzilla.proxmox.com/show_bug.cgi?id=5868 issue 5868]). | |||
| *: Early connection closes are used by some monitoring solutions performing health checks. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=dc9531d3023e8975789fc36ab17f8aa9c2907ac5 --> | |||
| * Allow reusing already-existing datastores, but disallow creating datastores in non-empty directories ([https://bugzilla.proxmox.com/show_bug.cgi?id=5439 issue 5439]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=6e101ff75777ed1330df3cc296abe9131140c54d --> | |||
| * Fix a regression that prevented legacy notifications for successful sync jobs. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1d0bcd2359119a4a600e0256418c588f3ea4f873 --> | |||
| * Fix an issue where a delayed TLS Client Hello would cause the API server to respond with a plain HTTP 400 "Bad Request" response ([https://bugzilla.proxmox.com/show_bug.cgi?id=5105 issue 5105]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=f6bacbb58f028747041cee3d7ef4b6eb3c3e75b3 --> | |||
| * Abort garbage collection if a nested datastore is encountered, as garbage collection cannot be done safely on nested datastores. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1b4426feec53f04ac65be4109bccb8286c6972c1 --> | |||
| * Update choices of cryptographic primitives: | |||
| ** CSRF tokens now use a standard HMAC construction. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=cf71dc242836148f4ea936fcb95136e9eb0eb774 --> | |||
| ** Migrate to yescrypt for hashing passwords. Old hashes will be upgraded to the new scheme once a user logs in. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=f82bb2fc2b54de64f07b10252f0aa7cf36149720 --> | |||
| ** Migrate to Ed25519 for authentication tickets. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=09d31a1a8bb706c7dc03c9e335880f406f0f3d32 --> | |||
| ** Use constant-time comparison for additional hardening against timing side-channels. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=8609fb58efe1ee1e435c5114840be0da446b2382 --> | |||
| * Fix an issue where a sync job would not honor the <code>transfer-last</code> option and include more snapshots than intended. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1e36930e0b1a9baf58c504bca74cc9fd0ffcbd90 --> | |||
| * Fix an issue where <code>proxmox-backup-manager network reload</code> would exit before the network configuration got applied. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=2801fbf03c2466264de2adcde60bcb0786290f86 --> | |||
| * Fix an issue where updating a datastore via the CLI would exit before the operation was finished and leave behind a lockfile ([https://bugzilla.proxmox.com/show_bug.cgi?id=5801 issue 5801]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=cc6fc6a540728c6677b4d1c4bc65103c0f1f6f15 --> | |||
| * External metric server: Remove overly strict restrictions on InfluxDB organization and bucket names, and URL-encode them in HTTP requests. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=3e69aba2d8ccf3e4bfc645642ca93e8ab3655934 --> | |||
| * Several minor performance improvements for backend operations. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=0e9aa78bf4979720eec58352ac7afa6b0b4a8db2 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=c1689192d9e431a063ee89ca1c18b723bbdc970d --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=b3d9b6d5f157b4bbb75f760e9b48d583b57bd656 --> | |||
| * The API server now includes zlib headers if the Deflate response content coding is requested. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=a50d2c715e47ea3cfcb98daa0e84e605cbd4abc7 --> | |||
| * Improve compression throughput when creating chunks. | |||
| *: This can lead to performance improvements if all involved storages are so fast that compression becomes a bottleneck. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=aae596ee1813fa3ca272ea5f3125714bb6866500 --> | |||
| * Fix an issue where the Gotify notification target would not accept a TLS certificate with an IP address as Subject Alternative Name ([https://bugzilla.proxmox.com/show_bug.cgi?id=5808 issue 5808]). ' | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=e8e5c11c6ae8fcb08ac5319432deecc36ca2e707 --> | |||
| * Adjust display format for timespans so that parsing them again produces the expected value. | |||
| *: Previously, <code>m</code> was used for months and <code>min</code> for minutes. | |||
| *: Now, <code>M</code> is used for months and <code>m</code> for minutes. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=191299605f82dcfe5382b48ed93bdc7f0183f5b4 --> | |||
| * The <code>PUT /access/users/{userid}</code> API endpoint now ignores the <code>password</code> parameter, as it was not usable for changing the password. | |||
| *: The <code>PUT /access/password</code> endpoint should be used instead. | |||
| * Improvements to logging and error reporting: | |||
| ** Errors from task logs are now also logged to the system log, increasing their visibility. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=3b2ade778f0c2d33c580ec7708b849b76790ddbe --> | |||
| ** Improve error message in the case where <code>proxy.key</code> and <code>proxy.pem</code> have the wrong permissions. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=d8fa495a50339a00de3fddc0839b8ea6b4bf96a0 --> | |||
| ** Include more context in some error messages. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=8240e5022f3bf4a14a73d05e4f4dbb1e02857020 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=00c88a42a2eb67a87a2ed00862b0762476527eb5 --> | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=847ca5d14dddd3dde26c61ae618bd557aa2340e1 --> | |||
| ==== Client improvements ==== | |||
| * New change detection modes <code>data</code> and <code>metadata</code> for file-based backups ([https://bugzilla.proxmox.com/show_bug.cgi?id=3174 issue 3174]), such as container backups from Proxmox VE. | |||
| *: In both new modes, the metadata and data of file-based backup snapshots are stored separately. | |||
| *: This removes the necessity for a dedicated catalog file, but still allows for efficient metadata lookups. | |||
| *: In <code>metadata</code> mode, files that have not changed since the previous backup snapshot are identified using the metadata archive of the previous backup snapshot. | |||
| *: Processing of unchanged files is avoided when possible, which can lead to significant reduction in backup runtime. | |||
| *: The recently released Proxmox VE 8.3 allows adjusting the change detection mode in the Advanced Options of backup jobs. | |||
| * Improvements to the <code>vma-to-pbs</code> tool, which allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server: | |||
| ** Support bulk import of a dump directory containing VMA files. | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=207b83fe4c52d5a3d56f719793212f797ec8e5ae --> | |||
| ** Improve readability of logs and show upload progress as a percentage. | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=da19af157a6c630598e1910f8d9904187df6c534 --> | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=51567bbfc2fb7130cbc4da2ce8862258f7dec727 --> | |||
| ** Allow the user to specify a notes file and a log file to associate with the backup snapshot. | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=737aed9eec0dec5baea2760e0a3f99ab4a1ad46d --> | |||
| ** Improvements to CLI argument handling. | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=1e75997eaad4a1c271969ea80148d4c2e00d02c5 --> | |||
|     <!-- https://git.proxmox.com/?p=vma-to-pbs.git;a=commit;h=cafa0d97417886d9a2de543c5528124d6707f1e1 --> | |||
| * The client now optionally takes a set of <code>pattern</code> parameters to restore only a subset of entries in a file-level backup ([https://bugzilla.proxmox.com/show_bug.cgi?id=2996 issue 2996]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1bb680017b42640739c63aa6a7d51478aab764db --> | |||
| * Ignore stale files during file-based backup creation and warn the user accordingly, instead of failing the backup ([https://bugzilla.proxmox.com/show_bug.cgi?id=5853 issue 5853]). | |||
| *: Stale files may, for example, occur in combination with network file systems if files are removed while the backup is still in process. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=e3f2756cbbd816a45773a568e68b9d15321f5fb2 --> | |||
| * Add a CLI command to forget (delete) a whole backup group with all contained snapshots. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=734c4601a5fa5a357416be06eb9595d2d12baf23 --> | |||
| * Improve performance of image-based backups by using an input buffer better aligned to the chunk size. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=deb237a28883bba0584766129b01997ccd63c4fe --> | |||
| * Fix an issue where the <code>rate</code> and <code>burst</code> parameters were ignored ([https://bugzilla.proxmox.com/show_bug.cgi?id=5622 issue 5622]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=ff485aa3200d9eb52330728038c8e71bda741706 --> | |||
| * Warn when restoring a file-based backup snapshot containing files with invalid ACLs, instead of failing the restore operation completely. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=cbf7bbefb73d43a4265758cbc7f9f5fc81c13771 --> | |||
| * Periodically log the current backup progress ([https://bugzilla.proxmox.com/show_bug.cgi?id=5560 issue 5560]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1d746a2c02495e768aad4ec94e95d844780365b7 --> | |||
| * Prefer to store temporary files in the XDG Cache directory (<code>~/.cache</code> by default) instead of <code>/tmp</code> ([https://bugzilla.proxmox.com/show_bug.cgi?id=3699 issue 3699]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=fcccc3dfa5b39f0d2d15c9aebf88fd7e7f6ac600 --> | |||
| * Avoid unnecessary allocation in the AES benchmark, making the results more aligned with the actual hardware capabilities. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=eb44bdb842224e53874a9f90988d06cf28af05f0 --> | |||
| * Fix an issue where a file-based backup created by a non-root user could not be restored by that user if the <code>--exclude</code> flag was used ([https://bugzilla.proxmox.com/show_bug.cgi?id=5304 issue 5304]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=de00745354a4f000bc946869b6fa3a51af4196d6 --> | |||
| * Fix a short-lived regression that caused the <code>map</code> command to error out ([https://bugzilla.proxmox.com/show_bug.cgi?id=5571 issue 5571]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=a08698d32ae0967a20aa5b0c00a5a85f1a32b71b --> | |||
| * Fix an issue where an incorrect <code>mount</code> command would occasionally give no error output. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=a981ddbc77f9f6a0c2070d052c168ab2bd055741 --> | |||
| * Failure to re-authenticate to the Proxmox Backup Server is not treated as a fatal error anymore, as the failure may be due to a transient network instability. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=c3e67701048574de14d81e595d44067d91400e5d --> | |||
| * Fix an issue where the number of active operations on a datastore would be tracked incorrectly if the chunks directory is unavailable. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=0020601d525bf004f940dd03bb2c7b85f398d8e1 --> | |||
| * Improvements to file restore from image-based backups: | |||
| ** Mount NTFS file systems with the UTF-8 charset. This fixes an issue where files with non-ASCII names would not be visible during file restore ([https://bugzilla.proxmox.com/show_bug.cgi?id=5465 issue 5465]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=31edde560afa7759709d377119ea228943bef863 --> | |||
| ** Log errors when a file cannot be accessed to facilitate troubleshooting. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=7bc7601f65ff62588fbdbb55abf4ded4def98c8e --> | |||
| ** Take truncated serial numbers into account when searching for disks. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=5901050e7a021fcfa5947c4c5193d31696b017ec --> | |||
| ==== Tape backup ==== | |||
| * Lift the root-only requirement for some tape operations ([https://bugzilla.proxmox.com/show_bug.cgi?id=5233 issue 5233]): | |||
| ** Allow non-root users with the <code>Tape.Modify</code> privilege to update the tape status. | |||
| ** Allow non-root users with the <code>Tape.Write</code> privilege to destroy tapes. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=2febc83cc01d201bac124b80ceac47d8e38119d7 --> | |||
| * Implement a workaround for changers that advertise but omit certain fields in the <code>ELEMENT STATUS</code> page response. | |||
| *: Without the workaround, the tapes would not be recognized. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=e97132bb64a203535c28214c1cec4c1e49cf9009 --> | |||
| * Disable Programmable Early Warning Zone (PEWZ) when loading a tape, as Proxmox Backup Server does not use PEWZ. | |||
| *: This avoids an error in case a different application previously set up PEWZ. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=b7a6c5da065865bc3d08234d3c46715dc350f44f --> | |||
| * Write informational Media Auxiliary Memory (MAM) attributes on tapes. | |||
| *: This includes the Proxmox Backup Server product name, version, label text and current media pool. | |||
| *: These on-tape information can help users to identify tapes when querying them with tools other than Proxmox Backup Server. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=6d4b380c3dbe5eacce94cc53e9c60f962f300bd0 --> | |||
| * Improve tape-backup throughput by avoiding unnecessary syncs after having written 128 GiB. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=c343c3f7f6aea23bb439a6500166673c4b1e6f2c --> | |||
| * Collect "Bytes Used" statistic for tape inventories and display it in the GUI. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=4b21a0074473a801d363d6766c1410fa71697e07 --> | |||
| * Improved handling of tape activity: | |||
| ** Avoid potentially blocking queries when the tape is busy, for example while the library is initializing LTO-9 tapes. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=4ebb08a5f09a3c577a320918a1400aa93f37ad68 --> | |||
| ** Query current tape activity and show it in the GUI. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=1d6b1e0258527b3dcecc114287690b2a2398738a --> | |||
| ==== Access control ==== | |||
| * Increase the minimum length requirement for new passwords to 8 characters. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=fb5b6f3eab15a0cfd0203bc676a63dbb2a41a869 --> | |||
| * Two-factor authentication with WebAuthn: Serialize <code>OriginUrl</code> according to [https://www.rfc-editor.org/rfc/rfc6454 RFC6454]. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=5079ff6a3cb21abf3e1ba28e9ef08d790ab7931d --> | |||
| * Fix an issue that prevented non-root users from configuring the network, despite having the necessary permissions. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=92c0b1866b353952110f944e5b10d619735e88bb --> | |||
| * Lock the <code>shadow.json</code> file used for the PBS authentication realm for updating, to prevent race-conditions. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=94d6a65dd6ccf6683175bdd92e6d8985703fba95 --> | |||
| ==== Installation ISO ==== | |||
| * Add a post-installation notification mechanism for automated installations ([https://bugzilla.proxmox.com/show_bug.cgi?id=5536 issue 5536]). | |||
| *: This mechanism can be configured with the new <code>post-installation-webhook</code> section in the answer file. | |||
| * Add support for running a custom script on first boot after automated installation ([https://bugzilla.proxmox.com/show_bug.cgi?id=5579 issue 5579]). | |||
| *: The script can be provided in the ISO or fetched from a URL. | |||
| * Allow users to set hashed passwords (instead of plaintext passwords) in the <code>proxmox-auto-installer</code> answer file. | |||
| * Allow users to customize the label of the partition from which the automated installer fetches the answer file. | |||
| *: This adds the <code>--partition-label</code> option to the <code>proxmox-auto-install-assistant prepare-iso</code> command. | |||
| *: Previously, the partition label was hardcoded to <code>PROXMOX-AIS</code>. | |||
| * Add ZFS maximum arc size option field in the advanced disk options during installation. | |||
| *: By default, 50% of the installed system memory is used as the maximum arc size, which is ZFS's default value. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=8772ebc35a7f43b97f5433c4d328ea784eaf902c --> | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=a42a9db20976fbc0abb35d53416cee926b6efafe --> | |||
| * Add ability to detect and rename an existing ZFS pool named <code>rpool</code> during the installation. | |||
| * Improve the email address validation to include a broader set of email address formats. | |||
| *: This implements the email validation check specified in the [https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address HTML specification]. | |||
| * The text-based installer now fails if no supported NIC was found, similar to graphical installer. | |||
| * Improve UI consistency by adding the missing background layer for the initial setup error screen in the text-based installer. | |||
| * Improve usability for small screens by adding a tabbed view for the advanced options at the disk selection step in the text-based installer. | |||
| *: This change only affects screens with a screen width of less than or equal to 80 columns. | |||
| * Fix an issue with ISOs generated with the <code>proxmox-auto-install-assistant</code> which caused the user to end up in the GRUB shell when booting from a block device (e.g. an USB flash drive) in UEFI mode. | |||
| * Fix a bug which caused some kernel parameters related to the automated installer to be removed incorrectly. | |||
| * Fix a bug which caused the installer to not detect Secure Boot in some cases. | |||
| * Ask the user for patience while making the system bootable if multiple disks are configured, as this may take longer than expected. | |||
| * Preserve the <code>nomodeset</code> kernel command-line parameter. | |||
| *: A missing <code>nomodeset</code> parameter has caused display rendering issues when booting the finished Proxmox VE installation on some systems ([https://bugzilla.proxmox.com/show_bug.cgi?id=4230#c38 see this comment for more information]). | |||
| * Ship the recent version 7.20 of memtestx86+, adding support for current CPU Generations (Intel's Arrow Lake and Ryzen 9000 series) as well as preliminary NUMA support. | |||
| * Import the extensive documentation for the installer from Proxmox VE | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=eb126116cafa3c2c86a60770b80548c2c4a6db81 ff --> | |||
| * Improve user-visible error and log messages in the installer. | |||
| * Improve documentation for the <code>proxmox-auto-install-assistant</code>. | |||
| * Improve error reporting by printing the full error message when the installation fails in <code>proxmox-auto-installer</code>. | |||
| * Improve error reporting by printing the full error message when mounting and unmounting the installation file system fails in <code>proxmox-chroot</code>. | |||
| * Improve debugging and testing by enumerating the installation environment anew (e.g. when running the command <code>dump-env</code>). | |||
| * Improve logging of installation progress. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=5dfce4a314007be5256251ed42a3a3b83cbb1acb --> | |||
| * Send the correct content-type charset <code>utf-8</code> when fetching answer files from a HTTP server during automated installation. | |||
| * Switch the text-based installer rendering backend from termion to crossterm. | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * The notification system now supports generic webhook targets. | |||
| *: The webhook target allows notification events to trigger arbitrary HTTP POST/PUT/GET requests. | |||
| *: Users can customize HTTP request headers and body using templates. | |||
| *: In case the HTTP request should include secret values, these values can be stored in a protected configuration file that is only readable by root. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=0ad5712ac7072b7230182780d9aa2b100ccddd34 --> | |||
| * Fix an issue where <code>pbs2to3</code> did not recognize kernels newer than 6.5 ([https://bugzilla.proxmox.com/show_bug.cgi?id=5600 issue 5600]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=974b4527e2fdd7ff819408ecd771fb267218aeb2 --> | |||
| * Add man page for the <code>node.cfg</code> configuration file under <code>proxmox-backup.node.cfg.5</code>. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=3c9fe358cc57e1308bc16a31d44a5e8a9ceff48e --> | |||
| * ACME: Use the correct <code>base64url</code> decoder instead of <code>base64</code> for EAB (external account bindings). | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=f298ed6aec30122f42c6b78e0e7f8a8808032a04 --> | |||
| * Add a new <code>/status/metrics</code> API endpoint for retrieving status data of various subsystems. | |||
| *: This allows to implement pull-style metric collection systems. | |||
|     <!-- https://git.proxmox.com/?p=pve-manager.git;a=commit;h=073b53ae716416c6536a7bc790cb7a0685c995ff --> | |||
| * Fix a regression that prevented update notifications from being sent. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=f629a56c4760eb2b7107618c07d69956dbe1e9f3 --> | |||
| * Fix an issue where ACME account registration on the command line would wait for a custom directory URI without indicating this to the user. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=a55c6efbf729d78299705e119dd7731812b56b9c --> | |||
| * Avoid an error on systems where <code>/etc/apt/sources.list</code> does not exist ([https://bugzilla.proxmox.com/show_bug.cgi?id=5513 issue 5513]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=2c2497e5be23032dcee78648dddf91ac361c7134 --> | |||
| * Return the partition UUID in the REST API call for listing disks, for easier identification. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=936ec6b69eaacbbec6bf90ffd250a76310344cf3 --> | |||
| * Improvements to Secure Boot management. | |||
| *: With the need to update the [https://www.gnu.org/software/grub/manual/grub/html_node/Secure-Boot-Advanced-Targeting.html revocation database] embedded in the shim boot loader, some edge-cases were discovered and improved in the <code>proxmox-secure-boot</code> metapackage. | |||
| *: Ship an apt pinning snippet to ensure that Proxmox provided packages are installed, even if Debian temporary ships a higher version. | |||
| *: Relax the dependency on the <code>grub2</code> version to also allow the previous one, mostly to prevent accidental removal of the meta-package in edge-cases. | |||
| * Improvements to Proxmox Offline Mirror. | |||
| *: Support repositories, that provide a complete GPG keyring instead of a certificate (e.g. Mellanox OFED repository). | |||
| *: Remove empty directories being left behind after syncing a mirror with removed snapshots to a medium. The large number of empty directories could lead to excessive runtimes on medium sync. | |||
| *: Fix a typo in the documentation of the command arguments. | |||
| * Fix a RCE vulnerability in the shim bootloader used for Secure Boot support. | |||
| *: See [https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/post-678937 PSA-2024-00007-1] for details. | |||
| * Update the provided <code>r8125-dkms</code> package, needed some of the commonly seen Realtek 2.5G NICs, to version 9.013.02-1. | |||
| * Improvements to <code>ifupdown2</code>: | |||
| *: Skip calling files left behind by <code>dpkg</code> (e.g. <code>.dpkg-old</code>, <code>.dpkg-new</code>) in the pre- and post-up directories, as this can cause outages when switching from <code>ifupdown</code> ([https://bugzilla.proxmox.com/show_bug.cgi?id=5197 issue 5197]). | |||
| ==== Notable bugfixes and general improvements ==== | |||
| * Since the release of Proxmox Backup Server 3.2, the Proxmox team has begun [https://forum.proxmox.com/forums/security-advisories.26/ tracking explicit security issues publicly in our forum]. | |||
| *: Following the posts there is highly recommended. | |||
| <div id="3.3-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| None | |||
| == Proxmox Backup Server 3.2 == | |||
| '''Released 25. April 2024''' | |||
| * Based on Debian Bookworm (12.5) | |||
| * Latest 6.8 Kernel as new stable default | |||
| * ZFS 2.2.3 | |||
| === Highlights === | |||
| * New flexible notification system. | |||
| *: Send notifications not only via the local Postfix MTA, but also via authenticated SMTP or to [https://gotify.net/ Gotify] instances. | |||
| *: Flexible notification routing with matcher-based rules to decide which targets receive notifications about which events. | |||
| * Support for automated and unattended installation of Proxmox Backup Server. | |||
| *: Proxmox Backup Server now ships a tool that prepares a Proxmox Backup Server ISO for automated installation. | |||
| *: The prepared ISO retrieves all required settings for automated installation from an answer file. | |||
| *: The answer file can be provided directly in the ISO, on an additional disk such as a USB flash drive, or over the network. | |||
| * Ability to exclude particular backup groups from sync and tape backup jobs. | |||
| *: Group filters already supported including particular backup groups, and now additionally support excluding particular backup groups. | |||
| *: This allows more flexibility when defining which backup groups should be synchronized from a remote Proxmox Backup Server or written to tapes. | |||
| * Overview of prune and garbage collection jobs of all datastores. | |||
| *: A new tab in the datastore summary panel shows defined prune and garbage collection jobs of all datastores. | |||
| *: This allows to quickly assess whether all datastores are correctly set up to regularly run important maintenance tasks. | |||
| * Support for Active Directory authentication realms. | |||
| *: The new Active Directory realm type synchronizes users and groups from a remote Active Directory server. | |||
| *: This makes it easier to integrate with existing Enterprise infrastructure. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Allow managing VLAN network interfaces in the GUI. | |||
| * A new "Prune & GC Jobs" tab in the datastore summary panel shows an overview of prune and garbage collection jobs of all datastores ([https://bugzilla.proxmox.com/show_bug.cgi?id=3217 issue 3217]). | |||
| * The garbage collection job status view now displays the amount of removed, as well as, pending data. | |||
| * Allow usernames shorter than 4 characters, as they are already allowed by the backend ([https://bugzilla.proxmox.com/show_bug.cgi?id=4819 issue 4819]). | |||
| * The datastore summary now handles missing usage information gracefully and avoids logging errors to the console. | |||
| * Fix an issue where the node summary page would not display the version of a running foreign kernel ([https://bugzilla.proxmox.com/show_bug.cgi?id=5117 issue 5117]). | |||
| * Fix an issue where individual entries of the DNS configuration for the system (searchdomain and DNS Servers) could not be deleted via the GUI. | |||
| * Fix an issue where creating a new InfluxDB metric server entry would fail if one already exists. | |||
| * The context menu of backup snapshots and groups now allows to copy the snapshot or group name to the clipboard ([https://bugzilla.proxmox.com/show_bug.cgi?id=5188 issue 5188]). | |||
| * Disallow setting an empty schedule for a prune job. | |||
| * Various fixes to the sync job overview. | |||
| * Fix issues where some edit windows would send API parameters that were not accepted by the backend. | |||
| * Fix an issue where the settings window would fail to reset the layout. | |||
| * Fix an issue where the GUI used an incorrect language code for Korean, and provide a clean transition for users who still have a cookie with the incorrect language code set. | |||
| * Fix xterm.js not loading in certain OS+Browser constellations, for example iOS ([https://bugzilla.proxmox.com/show_bug.cgi?id=5063 issue 5063]). | |||
| * Fix an issue where the date picker would choose the wrong date after changing to a different month. | |||
| * Clarify the confirmation prompt for removing a certificate without a name. | |||
| * Fix an issue where edit windows would not be correctly masked while loading. | |||
| * Display the end-of-life message as a notice up until three weeks before the end-of-life date, and display it as a warning from that point on. | |||
| * Move the "Reset" button for edit windows to an icon-only button in the title bar ([https://bugzilla.proxmox.com/show_bug.cgi?id=5277 issue 5277]). | |||
| *: This reduces the risk of misclicking and accidentally resetting form data. | |||
| * The TFA input field now sets an autocompletion hint for improved compatibility with password managers ([https://bugzilla.proxmox.com/show_bug.cgi?id=5251 issue 5251]). | |||
| * Improved translations, among others: | |||
| ** French | |||
| ** German | |||
| ** Italian | |||
| ** Japanese | |||
| ** Korean | |||
| ** Simplified Chinese | |||
| ** Spanish | |||
| ** Traditional Chinese | |||
| ** Ukrainian | |||
| ==== General backend improvements ==== | |||
| * Add a command to <code>proxmox-backup-manager</code> to list the garbage collection job status for all datastores ([https://bugzilla.proxmox.com/show_bug.cgi?id=4723 issue 4723]). | |||
| *: A similar command already exists for prune and verify jobs. | |||
| * Avoid a race condition when logging in with TFA. | |||
| * Improve efficiency of the routine that checks whether a block device is a partition. | |||
| * Check transitions from/to maintenance modes more strictly for validity. | |||
| *: For instance, leaving maintenance mode "delete" should not be allowed, as the datastore may be in an undefined state. | |||
| * Group filters for sync jobs and tape backup jobs can now exclude particular backup groups ([https://bugzilla.proxmox.com/show_bug.cgi?id=4315 issue 4315]). | |||
| *: This allows more flexibility when defining which backup groups should be synchronized or written to tapes. | |||
| *: All include filters are processed first, and exclude filters are processed afterwards. | |||
| * Improve error reporting when reading the backup group owner fails. | |||
| * When uploading a custom certificate, the private key is now optional and defaults to the existing key, similarly to the behavior of Proxmox VE. | |||
| * The backend now sends a <code>Connection: upgrade</code> header when upgrading to HTTP/2 ([https://bugzilla.proxmox.com/show_bug.cgi?id=5217 issue 5217]). | |||
| *: This further improves compatibility with reverse proxies that strictly adhere to RFC 7230, after a fix for [https://bugzilla.proxmox.com/show_bug.cgi?id=4779 issue 4779] shipped with Proxmox Backup Server 3.1 did not fully resolve the issue. | |||
| * Add summaries to sync job task logs: | |||
| ** Print the number and total size of synchronized chunks, as well as the average transfer rate ([https://bugzilla.proxmox.com/show_bug.cgi?id=5285 issue 5285]). | |||
| ** Print the number of snapshots and groups that are removed because "remove vanished" is enabled. | |||
| * Avoid keeping a reference to datastore files when enabling the <code>offline</code> maintenance mode. | |||
| * When creating a datastore, allow reusing an existing directory if it is empty and not a mountpoint. | |||
| * Add an option to prune a group asynchronously in a worker task. | |||
| * Fix an issue where the total size of a storage would be calculated incorrectly in some edge cases. | |||
| * Datastores can now be configured with a <code>notification-mode</code> for a smooth migration to the new notification system. | |||
| *: The notification mode determines how notifications for prune, garbage collection, verification and remote/local sync jobs will be sent. | |||
| *: The <code>legacy-sendmail</code> mode replicates the previous behavior of sending an email via the local Postfix MTA to a configured user's email address. This is the default for any existing datastores. | |||
| *: The <code>notification-system</code> mode sends notifications exclusively using the new notification system. This is the default for new datastores created via the web UI. | |||
| ==== Client improvements ==== | |||
| * The new <code>vma-to-pbs</code> tool allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server. | |||
| *: For backup targets other than Proxmox Backup Server, Proxmox VE creates VM backups in VMA format. | |||
| *: With the new tool, these <code>.vma</code> files can be imported into Proxmox Backup Server, where they are made available as regular backup snapshots. | |||
| *: For more information, see [[Import VMA Backups into Proxmox Backup Server]]. | |||
| * Add the <code>delete-groups</code> flag to the namespace deletion command, as it was previously missing. | |||
| * Backup creation can now optionally ignore metadata of files for which reading xattrs fails with an <code>E2BIG</code> ([https://bugzilla.proxmox.com/show_bug.cgi?id=4975 issue 4975]). | |||
| *: Some filesystems, for example ZFS, support xattrs larger than 64 KB. However, such large xattrs are not supported by the Linux kernel, and reading them fails with error <code>E2BIG</code>. | |||
| *: Backup creation can now optionally ignore <code>E2BIG</code> errors. | |||
| *: This will still back up files with overly large xattrs, but skip their metadata. | |||
| * Fix an issue where the connection to a Proxmox Backup Server presenting a certificate signed by a CA not trusted by the client's host would fail, even if a fingerprint is provided ([https://bugzilla.proxmox.com/show_bug.cgi?id=5248 issue 5248]). | |||
| * Switch to modern <code>ntfs3g</code> driver for the live-restore image, since it supports more features found in the filesystems of current Windows guests ([https://bugzilla.proxmox.com/show_bug.cgi?id=5259 issue 5259]). | |||
| ==== Tape backup ==== | |||
| * Add a button to the GUI that removes media from the inventory without destroying the data. | |||
| * Remove the hard limit on the number of tapes in a media set ([https://bugzilla.proxmox.com/show_bug.cgi?id=5229 issue 5229]). | |||
| *: The limit was not properly enforced and, if exceeded, blocked access to most functions via API, CLI and GUI. | |||
| *: Instead of a partially enforced hard limit, log a task warning if the media set has more than 20 media. | |||
| * Work around an issue with some changers that send incomplete responses when querying the element status. | |||
| * Add an option that, when enabled, instructs the changer to eject a tape before unloading it ([https://bugzilla.proxmox.com/show_bug.cgi?id=4904 issue 4904]). | |||
| *: This is required by some tape libraries that do not follow the standards correctly. | |||
| *: The new option is named <code>eject-before-unload</code> and can be set manually via API or CLI. | |||
| * Increase the tape transfer timeout from 30 seconds to 3 minutes, since most changers take about a minute to complete a slot change. | |||
| * Fix an issue where the encryption key of the tape-drive was unloaded too eagerly. | |||
| *: Before <code>proxmox-backup-server</code> version <code>3.1.4-1</code> the additional tape-specific encryption was disabled. | |||
| *: We recommend using the native software-defined client-side encryption for the best security. | |||
| * Improve handling of duplicate media label texts: | |||
| ** Operations that identify the tape by its label text now throw an error if duplicate label texts are detected. | |||
| ** In addition to the label text, tape operations can now optionally identify a tape by its (unique) UUID. | |||
| ** Writing a label text now throws an error if the label already exists in the inventory. | |||
| ** The tape inventory GUI now uses the UUID to identify tapes instead of the label text, as it is not necessarily unique. | |||
| * Improve error output when reading the element status fails. | |||
| * Improve formatting of LTO9 (or higher) tapes: | |||
| ** Avoid full re-initialization when doing a fast erase, as it can take up to two hours. | |||
| ** When doing a slow erase, increase the timeout to two hours and warn that the operation can take a long time. | |||
| * Improvements to the [https://pbs.proxmox.com/docs/lto-barcode/index.html LTO barcode generator]: | |||
| ** Add LTO-9 tape type and make it the new default. | |||
| ** Add WORM tape types. | |||
| ** Only enable the "Add" button if fields are valid. | |||
| * The API now forbids creating a drive config with the same name as an existing changer, and vice-versa, to prevent confusing situations. | |||
| * Tape backups and restore can now be configured with a <code>notification-mode</code> for a smooth migration to the new notification system. | |||
| *: The <code>legacy-sendmail</code> mode replicates the previous behavior of sending an email via the local Postfix MTA to a configured user's email address | |||
| *: The <code>notification-system</code> mode sends notifications exclusively using the new notification system. | |||
| ==== Access control ==== | |||
| * Add support for Active Directory authentication realms. | |||
| *: This new realm type retrieves users and groups from an external Active Directory Server. | |||
| *: Active Directory realms are already supported by Proxmox VE, and are now supported by Proxmox Backup Server as well. | |||
| * Fix an issue where the OpenID Connect realm would wrongly reject valid ACR values ([https://bugzilla.proxmox.com/show_bug.cgi?id=5190 issue 5190]). | |||
| * Require non-root users to enter their current password on password change. | |||
| *: This is to hedge against a scenario where an attacker has local or even physical access to a computer where a user is logged in. | |||
| ==== Installation ISO ==== | |||
| * Support for automated and unattended installation of Proxmox Backup Server. | |||
| *: Introduce the <code>proxmox-auto-install-assistant</code> tool that prepares an ISO for automated installation. | |||
| *: The automated installation ISO reads all required settings from an answer file in TOML format. | |||
| *: One option to provide the answer file is to directly add it to the ISO. Alternatively, the installer can retrieve it from a specifically-labeled partition or via HTTPS from a specific URL. | |||
| *: If the answer file is retrieved via HTTPS, URL and fingerprint can be directly added to the ISO, or obtained via DHCP or DNS. | |||
| *: See the [https://pve.proxmox.com/wiki/Automated_Installation wiki page on Automated Installation] for more details. | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * New flexible notification system. | |||
| *: Allows sending notifications to different targets. The local Postfix MTA, previously the sole notification option, is now one of several target types available. | |||
| *: Two new target types include: <code>smtp</code> allowing direct notification emails via authenticated SMTP, and <code>gotify</code>, which sends notifications to a [https://gotify.net/ Gotify] instance. | |||
| *: Flexible notification routing is possible through matcher-based rules that determine which targets receive notifications for specific events. | |||
| *: Match rules can select events based on their severity, time of occurrence, or event-specific metadata fields (such as the event type, datatore, job-id, media-pool). | |||
| *: Multiple rules can be combined to implement more complex routing scenarios. | |||
| * Add the <code>gdisk</code> package to the dependencies, as <code>sgdisk</code> is needed to initialize disks. | |||
| * Remove whitespace when adding a subscription key, to avoid failing subscription checks due to superfluous whitespace. | |||
| * Support for adding custom ACME enabled CA's with optional authentication through '''E'''xternal '''A'''ccount '''B'''inding (EAB), on the commandline ([https://bugzilla.proxmox.com/show_bug.cgi?id=4497 issue 4497]). | |||
| * Improved system report to provide a better status overview: | |||
| ** Add configured prune jobs. | |||
| * Improvements to Proxmox Offline Mirror: | |||
| ** Improve UX in <code>promxox-offline-mirror-helper</code>, when having multiple subscription keys available at the chosen mountpoint. | |||
| ** Add dark mode to the documentation. | |||
| ** Fix a wrong configuration setting for allowing weak RSA cryptographic parameters. | |||
| ** Improve path handling with command line arguments. | |||
| ** Support repositories that do not provide a <code>Priority</code> field ([https://bugzilla.proxmox.com/show_bug.cgi?id=5249 issue 5249]). | |||
| <div id="3.2-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| ==== Kernel 6.8 ==== | |||
| The Proxmox Backup Server 3.2 releases will install and use the 6.8 Linux kernel by default, a major kernel change can have a few, hardware specific, side effects. | |||
| You can avoid installing the 6.8 kernel by pinning the <code>proxmox-default-kernel</code> package version before the upgrade. The last version to depend on kernel 6.5 is <code>1.0.1</code>. | |||
| To pin the package to that version, create a file in <code>/etc/apt/preferences.d/proxmox-default-kernel</code> with the following content. This will keep <code>proxmox-default-kernel</code> on the old version until that file is deleted, and a new upgrade is initiated: | |||
|  Package: proxmox-default-kernel | |||
|  Pin: version 1.0.1 | |||
|  Pin-Priority: 1000 | |||
| ==== Kernel: Change in Network Interface Names ==== | |||
| Upgrading kernels always carries the risk of network interface names changing, which can lead to invalid network configurations after a reboot. | |||
| In this case, you must either update the network configuration to reflect the name changes, or pin the network interface to its name beforehand. | |||
| See [https://pve.proxmox.com/pve-docs/pve-admin-guide.html#network_override_device_names the reference documentation] on how to pin the interface names based on MAC Addresses. | |||
| Currently, the following models are known to be affected at higher rates: | |||
| * Models using <code>i40e</code>. Their names can get an additional port suffix like <code>p0</code> added. | |||
| == Proxmox Backup Server 3.1 == | |||
| '''Released 30. November 2023''' | |||
| * Based on Debian Bookworm (12.2) | |||
| * Latest 6.5 Kernel as stable default | |||
| * ZFS 2.2.0 with all important patches from the upcoming 2.2.2 release. | |||
| === Highlights === | |||
| * Secure Boot support. | |||
| *: Proxmox Backup Server now includes a signed shim bootloader trusted by most hardware's UEFI implementations. All necessary components of the boot chain are available in variants signed by Proxmox. | |||
| * Local sync jobs for efficiently copying backup snapshots between local datastores. | |||
| *: This is particularly useful for complex setups involving tiered datastores, for example, where a smaller, faster datastore is used for incoming backups, and a slower one for long-term archival. | |||
| * Automatically upgrade HTTP connections to HTTPS. | |||
| * Seamless upgrade from Proxmox Backup Server 2.4, see [[Upgrade from 2 to 3]], which includes the addition of a <code>pbs2to3</code> helper tool in the old stable release. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Improvements to the node summary panel: | |||
| ** The summary now indicates whether the node was booted in legacy (BIOS) mode, EFI mode, or EFI mode with Secure Boot enabled. | |||
| ** The currently running kernel is now reported more compactly by indicating only the version and the build date. | |||
| * A new button in the datastore can now conveniently display connection information for connecting to that particular datastore from Proxmox Virtual Environment, another Proxmox Backup Server instance, or the backup client. | |||
| * If no comment is set for a backup group, the web GUI now displays the note of the last snapshot instead ([https://bugzilla.proxmox.com/show_bug.cgi?id=4260 issue 4260]). | |||
| * Support wiping disks in the Storage/Disks menu, providing parity with the functionality in Proxmox VE ([https://bugzilla.proxmox.com/show_bug.cgi?id=3690 issue 3690]). | |||
| * Allow removing systemd mount units of unused mounted directories via GUI and CLI. | |||
| *: This enables users to unmount the directory of a removed datastore, so that they can wipe and reuse the disk. | |||
| * Right-clicking on a backup group or snapshot now opens a context menu for easier access to relevant actions. | |||
| * Automatically redirect HTTP requests to HTTPS for convenience. | |||
| *: This avoids "Connection reset" browser errors that can be confusing, especially after setting up Proxmox Backup Server the first time. | |||
| * The ZFS creation window does not show a reset button anymore, as this button does not make sense for creation windows. | |||
| * Update external links to proxmox.com that changed during the website redesign. | |||
| * Improved translations, among others: | |||
| ** Croatian (NEW!) | |||
| ** Georgian (NEW!) | |||
| ** Arabic | |||
| ** Catalan | |||
| ** German | |||
| ** Italian | |||
| ** Polish | |||
| ** Simplified Chinese | |||
| ** Spanish | |||
| ** Traditional Chinese | |||
| ** Ukrainian | |||
| ** Several remaining occurrences of the <code>GiB</code> unit in the GUI can now be translated ([https://bugzilla.proxmox.com/show_bug.cgi?id=4551 issue 4551]). | |||
| ==== General backend improvements ==== | |||
| * Support for local sync jobs that pull contents of a local datastore to another local datastore. | |||
| *: Previously, sync jobs could only pull datastores from remote Proxmox Backup Server instances over the network. | |||
| *: Now, sync jobs can alternatively pull contents from a local datastore. | |||
| * Creating a datastore with prune options now creates a corresponding prune job ([https://bugzilla.proxmox.com/show_bug.cgi?id=4374 issue 4374]). | |||
| *: Previously, the prune options given on datastore creation were ignored. | |||
| * The backup task log now contains the IP address of the client initiating the backup, in order to simplify troubleshooting ([https://bugzilla.proxmox.com/show_bug.cgi?id=3777 issue 3777]). | |||
| * Fix an issue where garbage collection would fail with an error if a snapshot is deleted while the job is running. This situation is now handled gracefully without an error ([https://bugzilla.proxmox.com/show_bug.cgi?id=4823 issue 4823]). | |||
| * Fix an issue where scheduled garbage collection would not run if the task log of the previous garbage collection was missing, for example due to a host crash or power loss ([https://bugzilla.proxmox.com/show_bug.cgi?id=4895 issue 4895]). | |||
| * With the Proxmox repositories having support for fetching them directly the changelogs for new package versions shown in the UI are now all gathered with <code>apt changelog</code>. | |||
| * Improve checks when setting up an offline subscription key. | |||
| * Mails sent by Proxmox Backup Server now contain an <code>Auto-Submitted</code> header to avoid triggering automated replies ([https://bugzilla.proxmox.com/show_bug.cgi?id=4162 issue 4162]). | |||
| * Improve clarity of API parameter verification errors by showing a list of errors if there is more than one error. | |||
| * Improve the <code>proxmox-backup-debug</code> tool output by including the chunk size and compression state of chunks. | |||
| ==== Client improvements ==== | |||
| * Send HTTP <code>Connection</code> header when upgrading to HTTP 2, as mandated by the HTTP Semantics RFC 9910 ([https://bugzilla.proxmox.com/show_bug.cgi?id=4779 issue 4779]). | |||
| *: This improves compatibility with reverse proxies that strictly adhere to the RFC. | |||
| * If a task started via the CLI fails, the CLI tool now also exits with a non-zero exit code indicating failure ([https://bugzilla.proxmox.com/show_bug.cgi?id=4343 issue 4343]). | |||
| *: This simplifies using the CLI tools in scripts. | |||
| *: In case the task succeeds with warnings, the tool exits with exit code zero indicating success. | |||
| * When making an API call via the client that is not expected to return any data, avoid printing an error "api returned no data". | |||
| * Avoid potentially confusing output when successfully forgetting (deleting) a backup snapshot via the CLI ([https://bugzilla.proxmox.com/show_bug.cgi?id=4971 issue 4971]). | |||
| * Allow to configure whether restore should overwrite existing symlinks or hard links ([https://bugzilla.proxmox.com/show_bug.cgi?id=4761 issue 4761]). | |||
| * Fix an issue where the backup client would still try to access files even though they were excluded from the backup. If this access failed due to insufficient permissions, the backup would be aborted ([https://bugzilla.proxmox.com/show_bug.cgi?id=4380 issue 4380]). | |||
| * Add an option to ignore errors that occur during the extraction of device nodes. | |||
| * Improvements to logging: | |||
| ** Log a warning during backup if the previous manifest contains no index for the requested archive, and clarify the wording of log messages in that case. Previously, an error was logged even though the backup succeeded ([https://bugzilla.proxmox.com/show_bug.cgi?id=4591 issue 4591]). | |||
| ** Improve readability of log messages during encrypted backup. | |||
| * Fix rare alignment issue during pxar archive extraction that occasionally caused files with many irregular zero-blocks to be larger after extracted. | |||
| * File Restore: the minimal Linux VM image used by <code>proxmox-file-restore</code> was updated to use kernel 6.5 and ZFS 2.2. | |||
| ==== Tape backup ==== | |||
| * Improve LTO 9 tape support by recognizing LTO 9 tape density codes. | |||
| * Improve compatibility with tape libraries that do not support the DVCID bit for querying vendor/model of connected drives (e.g. Qualstar). | |||
| *: Previously, querying the tape library status without DVCID support would fail with an error. | |||
| *: Now, this case is handled more gracefully by ignoring missing DVCID support and making the missing vendor/model information optional. | |||
| * The web GUI now marks media sets as incomplete if the expected number of tapes does not match the actual number of tapes. | |||
| * Improvements to tape restore via GUI: | |||
| ** Fix an issue where selecting a target namespace for one datastore would cause datastores without a target namespace to be skipped. | |||
| ** Fix an issue where tape restore would skip everything if source and target datastores are named differently ([https://bugzilla.proxmox.com/show_bug.cgi?id=4977 issue 4977]). | |||
| ==== Access control ==== | |||
| * Improvements to Two-Factor Authentication (TFA): | |||
| ** Unlocking a user now also resets the TFA failure count. | |||
| ** Parsing of the TOTP algorithm is now case-insensitive to improve compatibility with manually edited TFA configurations. | |||
| * The LDAP connection check now searches only the base of the base DN instead of the whole subtree. | |||
| *: This fixes an issue where the connection check fails due to size limitations imposed by the LDAP server. | |||
| ==== Installation ISO ==== | |||
| * The ISO is able to run on Secure Boot enabled machines. | |||
| * The text-based UI got significant improvement based on the feedback received from the first release in Proxmox VE 8.0 and Proxmox Backup Server 3.0. | |||
| * The current link-state of each network interface is now displayed in the network configuration view, helping in identifying the correct NIC for the management interface ([https://bugzilla.proxmox.com/show_bug.cgi?id=4869 issue 4869]). | |||
| * If provided by the DHCP server, the hostname field is already filled out with the information from the lease. | |||
| * The correct meta-package of <code>grub</code> is now installed based on the boot mode (<code>grub-pc</code> or <code>grub-efi-amd64</code>). This ensures that the bootloader on disk gets updated when there is an upgrade for the <code>grub</code> package. | |||
| * The text-based UI is now also available over a serial console, for headless systems with a serial port. | |||
| * <code>/var/lib/vz</code> backing the <code>local</code> storage is now created as separate dataset for installations on ZFS ([https://bugzilla.proxmox.com/show_bug.cgi?id=1410 issue 1410]). | |||
| * The root dataset on ZFS installations now uses <code>acltype=posixacl</code> in line with [https://openzfs.github.io/openzfs-docs/Getting%20Started/Debian/Debian%20Bookworm%20Root%20on%20ZFS.html upstream's recommendation]. | |||
| * Kernel parameters passed on the command line during install are now also set in the target system ([https://bugzilla.proxmox.com/show_bug.cgi?id=4747 issue 4747]). | |||
| * Fix the warning that is shown in case the address family (IPv4, IPv6) of the host IP and DNS server do not match. | |||
| * The text-based UI now sets the correct disk-size for the selected disk, instead of limiting the installation to the size of the first disk in the list ([https://bugzilla.proxmox.com/show_bug.cgi?id=4856 issue 4856]). | |||
| * For better UX, the text-based UI now also displays a count-down before automatically rebooting. | |||
| * The screensaver in the graphical installer is now disabled. | |||
| * The graphical installer now displays the units used for disk-based options. | |||
| * The kernel command line parameter <code>vga788</code> is now set for both the graphical debug and all text-based UI installation options. This improves compatibility of the installer with certain hardware combinations. | |||
| * The installer now installs <code>zstd</code>, to enable its use for <code>initramfs</code> compression. | |||
| ==== Improved management of Proxmox Backup Server machines ==== | |||
| * Secure Boot support. | |||
| *: Proxmox Backup Server now ships a shim bootloader signed by a CA trusted by most hardware's UEFI implementation. In addition, it ships variants of the GRUB bootloader, MOK utilities and kernel images signed by Proxmox and trusted by the shim bootloader. | |||
| *: New installation will support Secure Boot out of the box if it is enabled. | |||
| *: Existing installations can be adapted to Secure Boot by installing optional packages, and possibly reformatting and re-initializing the ESP(s), without the need for a complete reinstallation. See the [https://pbs.proxmox.com/docs/sysadmin.html#switching-an-existing-installation-to-secure-boot reference documentation]. | |||
| *: How to use custom secure boot keys has been documented in the [https://pve.proxmox.com/wiki/Secure_Boot_Setup Secure Boot Setup] wiki. For using DKMS modules with secure boot, see the [https://pbs.proxmox.com/docs/sysadmin.html#using-dkms-third-party-modules-with-secure-boot reference documentation]. | |||
| * The kernel shipped by Proxmox is shared for all products. This is now reflected in the renaming from <code>pve-kernel</code> and <code>pve-headers</code> to <code>proxmox-kernel</code> and <code>proxmox-headers</code> respectively in all relevant packages. | |||
| * The new <code>proxmox-default-kernel</code> and <code>proxmox-default-headers</code> meta-packages will depend on the currently recommended kernel-series. | |||
| * Many edge-cases encountered during the upgrade from Proxmox Backup Server 2 to 3 by our user-base are now detected and warned about in the improved <code>pbs2to3</code> checks: | |||
| ** Fix an issue where <code>pbs2to3</code> would incorrectly detect the boot mode as legacy boot even if EFI mode was used. | |||
| ** Warn if [https://github.com/dell/dkms DKMS] modules are detected, as many of them do not upgrade smoothly to the newer kernel versions in PBS 3. | |||
| ** Warn if the PBS 3 system does not have the correct meta-package of <code>grub</code> installed ensures to actually upgrade the installed bootloader to the newest version. | |||
| * Improve system report formatting and level of detail simplify troubleshooting for enterprise support via the Customer Portal. | |||
| <div id="3.1-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| ==== Kernel ==== | |||
| * Some users with Intel Wi-Fi cards, like the AX201 model, reported that initialization of the card failed with Linux kernel 6.5. | |||
| *: This is still being investigated. You should avoid booting into the new kernel if you have no physical access to your server and an Intel Wi-Fi device is used as its only connection. See the [https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysboot_kernel_pin documentation] for how to pin a kernel version. | |||
| * Some SAS2008 controllers need a workaround to get detected since kernel 6.2, see the [https://forum.proxmox.com/threads/no-sas2008-after-upgrade.129499/page-4#post-607858 forum thread] for details. | |||
| == Proxmox Backup Server 3.0 == | |||
| '''Released 28. June 2023''' | |||
| * Based on Debian Bookworm (12.0) | |||
| * Latest 6.2 Kernel as stable default | |||
| * ZFS 2.1.12 | |||
| === Highlights === | |||
| * New major release based on the great Debian Bookworm. | |||
| * Seamless upgrade from Proxmox Backup Server 2.4, see [[Upgrade from 2 to 3]] | |||
| * Increase the flexibility of sync-jobs with the new <code>transfer-last</code> option. | |||
| * Add new text-based UI mode for the installation ISO, written in Rust using the [https://github.com/gyscos/cursive Cursive] TUI (Text User Interface) library. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Improved Dark color theme: | |||
| *: The Dark color theme, introduced in Proxmox Backup Server 2.4, received a lot of positive feedback from our community, which resulted in further improvements. | |||
| * Tape backup and restore tasks are now included in the task summary. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=0763ac140cbcc593aa9bedbc915c97a8e04aa8b8 --> | |||
| * When labeling a tape in a changer, the default value cannot be overridden in the GUI anymore: | |||
| *: Proxmox Backup Server relies on the label being identical to the barcode, so it is not advisable to change the label. If having a different label is required, then it is still possible to override this via the CLI. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=73d471e90f32be5a90d3eae9cf3615ceca6370e4 --> | |||
| * Fixed an issue where the GUI would not immediately refresh the subscription information after uploading a subscription key. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=214e187d4f42290f643e92cdfd0314ebe7265ba2 --> | |||
| * Improved translations, among others: | |||
| ** Ukrainian (NEW) | |||
|     <!-- https://git.proxmox.com/?p=proxmox-i18n.git;a=commit;h=e0dd5e6989adcd4a5d796453707371ac82a1b4a3 --> | |||
| ** Japanese | |||
|     <!-- https://git.proxmox.com/?p=proxmox-i18n.git;a=commit;h=326feddf629345018f165216decaff2b5fb3bad2 --> | |||
| ** Simplified Chinese  | |||
|     <!--  https://git.proxmox.com/?p=proxmox-i18n.git;a=commit;h=e5fb5ffc3fb71ea0e4aa9323b4dbfef3d2dbf998 --> | |||
| ** Traditional Chinese | |||
|     <!--  https://git.proxmox.com/?p=proxmox-i18n.git;a=commit;h=f133ff0de42bf852f5cfc32b20458f37790b82ef --> | |||
| ** The size units (Bytes, KB, MiB,...) are now passed through the translation framework as well, allowing localized variants (e.g., for French). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-widget-toolkit.git;a=commit;h=01e64778ad112504d1de155c442571f54da46a45 --> | |||
| ** The language selection is now localized and displayed in the currently selected language | |||
|     <!-- https://git.proxmox.com/?p=proxmox-i18n.git;a=commit;h=adf33b65568046ba74869d6f980bc1fb00ebf845 --> | |||
| ==== General backend improvements ==== | |||
| * Chunk store now handles specific edge cases during insertion more gracefully. | |||
| * Updated the kernel of the image that <code>proxmox-backup-restore-image</code> uses to 6.2.16 and ZFS 2.1.12. | |||
| *: This can be particularly useful when trying to restore from guests that used newer features of a filesystem that are only supported by newer kernel versions, for example with Btrfs or ZFS volumes. | |||
| * In HTTP error responses, mention the requested path instead of the filesystem path, to avoid triggering automated security scanners. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=b687edc1a00aa1f7eafd45b484707cfbc4d28b2d --> | |||
| * When authenticating via PAM, pass the <code>PAM_RHOST</code> item. With this, it is possible to manually configure PAM such that certain users (for example root@pam) can only log in from certain hosts. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=a228a229186bbfaef56346c2dbd904c5768bced0 --> | |||
| ==== Client improvements ==== | |||
| * Increase the flexibility of sync-jobs with the new <code>transfer-last</code> option: | |||
| *: Specifying this parameter will only transfer the newest <code>n</code> backups, instead of all backups. | |||
| * Improved log output for sync jobs: In order to improve readability, the log now contains one opening line for every backup group. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=71db16151dc4338fc7c48e239136dd928a117a60 --> | |||
| * <code>proxmox-backup-manager user tfa</code> now supports <code>list</code> and <code>delete</code> commands (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4734 #4734]). | |||
| *: These can be used to list all currently configured TFA tokens as well as delete them. | |||
| * <code>proxmox-file-restore</code> now honors the environment variable <code>PBS_QEMU_DEBUG</code>. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=39531dfc8088857123a27795b43eca83634aa1b1 --> | |||
| * Fix an issue where running the <code>status</code> command would fail with a traceback (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4638 #4638]). | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=dae0b67f1fab55782bf77ca6c68c45f5df1bf1b2 --> | |||
| * Improved error handling when zipping a directory fails, by exiting early if a fatal error occurs. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=af46b655d44571409670771edc3f7580e66541ed --> | |||
| ==== Tape backup ==== | |||
| * Improved reading attributes from tapes that use medium auxiliary memory (MAM). | |||
| * Show a list of required tapes when restoring a single snapshot, like it has been the case for full restores already. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=2ebe7bb54a43858ba10cd7c6fd00a45cc2935b20 --> | |||
| * Added a fallback mode for tapes only supporting the 6 byte variant of the <code>MODE SENSE</code> or <code>SELECT</code> commands. This improves compatibility with some tape drives and libraries, for example the StarWind VTL. | |||
| * When restoring backups, instead of aborting when a tape is missing in the changer, the task now waits for the correct tape to be inserted (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4719 #4719]). | |||
| * Fixed an issue with media-sets that have multiple datastores, where trying to restore a single datastore via the GUI would inadvertently restore all datastores. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=df881ed0fc89a0c008bfb6281896fc8c20da7005 --> | |||
| ==== Access control ==== | |||
| * Add TFA/TOTP lockout to protect against an attacker who has obtained the user password and attempts to guess the second factor: | |||
| *: If TFA fails too many times in a row, this user account is locked out of TFA for an hour. If TOTP fails too many times in a row, TOTP is disabled for the user account. Using a recovery key will unlock a user account. | |||
| * The configuration for LDAP realms is now actively tested by attempting to connect before adding such a realm to the configuration. | |||
| * Surround user filter expressions with parentheses if they are not already present, similarly to Proxmox VE. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=378e2380b72f41727c4c69afcc23cb6f37ed1cc1 --> | |||
| * Remove support for unauthenticated LDAP binds (where no password is given), which are not supported in Proxmox VE either. | |||
|     <!-- https://git.proxmox.com/?p=proxmox.git;a=commit;h=599a6a49da43d771bcae37a06efead58250f94ec --> | |||
| ==== Installation ISO ==== | |||
| * Add new text-based UI mode for the installation ISO, written in Rust using the [https://github.com/gyscos/cursive Cursive] TUI (Text User Interface) library: | |||
| *: You can use the new TUI mode to work around issues with launching the GTK based graphical installer, sometimes observed on both very new and rather old hardware. | |||
| *: The new text mode executes the same code for the actual installation as the existing graphical mode. | |||
| * The version of BusyBox shipped with the ISO was updated to version 1.36.1. | |||
| * Detection of unreasonable system time. | |||
| : If the system time is older than the time the installer was created, the system notifies the user with a warning. | |||
|     <!-- https://git.proxmox.com/?p=pve-installer.git;a=commit;h=d0817324af4f25119ae5284720088198dd7985e3 --> | |||
| * <code>ethtool</code> is now shipped with the ISO and installed on all systems. | |||
| * <code>systemd-boot</code> is provided by its own package instead of <code>systemd</code> in Debian Bookworm and is installed with the new ISO. | |||
| ==== Notable bug fixes ==== | |||
| * Fixed an issue where certain prune job tasks did not show up in the task summary. | |||
|     <!-- https://git.proxmox.com/?p=proxmox-backup.git;a=commit;h=21ff6e593bbf90ed08d10b80419c263549d37819 --> | |||
| * Fixed an issue where garbage collection would incorrectly show warnings when namespaces were used by a datastore (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4357 #4357]). | |||
| * Fixed a bug that prevented entering netmasks for networks with CIDR prefix length smaller than /8 in the network interface configuration (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4722 #4722]). | |||
| * Restoring files from a ZFS snapshot directory now works with <code>proxmox-file-restore</code> (issue [https://bugzilla.proxmox.com/show_bug.cgi?id=4477 #4477]). | |||
| <div id="3.0-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| * User accounts will now be locked after too many attempts to authenticate with a second factor. This is intended to protect against an attacker who has obtained the user password and attempts to guess the second factor. Unlocking requires either a successful login with a recovery key or a manual unlock by an administrator. | |||
| * Systems booting via UEFI from a ZFS on root setup should install the <code>systemd-boot</code> package after the upgrade. | |||
| *: The <code>systemd-boot</code> was split out from the <code>systemd</code> package for Debian Bookworm based releases. It won't get installed automatically upon upgrade from Proxmox VE 7.4 as it can cause trouble on systems not booting from UEFI with ZFS on root setup by the Proxmox VE installer. | |||
| *: Systems which have ZFS on root and boot in UEFI mode will need to manually install it if they need to initialize a new ESP (see the output of <code>proxmox-boot-tool status</code> and the  [https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysboot_determine_bootloader_used relevant documentation]). | |||
| *: Note that the system remains bootable even without the package installed (the boot-loader that was copied to the ESPs during intialization remains untouched), so you can also install it after the upgrade was finished. | |||
| *: It is not recommended installing <code>systemd-boot</code> on systems which don't need it, as it would replace <code>grub</code> as bootloader in its <code>postinst</code> script. | |||
| == Proxmox Backup Server 2.4 == | |||
| '''Released 29. March 2023''' | |||
| * Based on Debian Bullseye (11.6) | |||
| * Latest 5.15.102 Kernel as stable default | |||
| * Newer 6.2.6 kernel as opt-in | |||
| * ZFS 2.1.9 | |||
| === Highlights === | |||
| * Proxmox Backup Server now provides a dark theme for the web interface & the documentation. | |||
| * Add LDAP as a new user authentication realm. | |||
| * Add initial support for WORM (write once, read many) tapes. | |||
| === Changelog Overview === | |||
| ==== Enhancements in the web interface (GUI) ==== | |||
| * Add a fully-integrated "Proxmox Dark" theme variant of the long-time Crisp light theme. | |||
| : By default, the <code>prefers-color-scheme</code> media query from the Browser/OS will be used to decide the default color scheme. | |||
| : Users can override the theme via a newly added <code>Color Theme</code> menu in the user menu. | |||
| * Task logs can now be downloaded directly as text files for further inspection. | |||
| * The <code>Add User</code> dialog has now a <code>realm</code> field, making it possible to add users to an LDAP or OpenID Connect realm manually. | |||
| * Improve the UI for verification jobs, showing the <code>namespace</code> and <code>max-depth</code> columns and allowing one to edit those fields in the edit job window ([https://bugzilla.proxmox.com/show_bug.cgi?id=4448 #4448]). | |||
| : While the API supported limiting a verification job to a specific namespace or depth since 2.2, such settings weren't editable nor visible in the web interface. | |||
| * The 'Services' panel of the 'Administration' section now marks optional services that are not installed as <code>not installed</code> instead of marking them as <code>dead</code>.  | |||
| * In order to make it more obvious how to disable scheduled Garbage Collection (GC), the 'GC Schedule' window now shows an <code>X</code> button that resets the schedule to <code>none</code>. | |||
| * For prune jobs, rename 'Store' to 'Datastore' for consistency reasons. | |||
| * Fixed the default value for pruning mail notification settings in the datastore options. | |||
| * Fixed rendering the 'Enabled' column for the 'Metric Server' view. | |||
| * Improved translations, among others: | |||
| ** Arabic | |||
| ** French | |||
| ** German | |||
| ** Italian | |||
| ** Japanese | |||
| ** Russian | |||
| ** Slovenian | |||
| ** Simplified Chinese | |||
| ** Traditional Chinese | |||
| ==== General Backend Improvements ==== | |||
| * Add LDAP realm authentication and user synchronization | |||
| : This allows user authentication against an external LDAP server. In order to be able to log in, users in LDAP realms must be added manually. Alternatively, users can be synced automatically from the LDAP server. | |||
| ==== Client Improvements ==== | |||
| * Suppress harmless but confusing "storing login ticket failed" errors when backing up to Proxmox Backup Server. | |||
| * The <code>proxmox-backup-manager</code> CLI tool can now be used to trigger an existing prune, verification, or sync job manually. | |||
| * The output of the <code>proxmox-backup-debug diff archive</code> command was improved. | |||
| : The command now shows file attributes, highlights changes and has colored output. | |||
| * Provide higher runtime control for logging in the <code>pxar</code> CLI tool ([https://bugzilla.proxmox.com/show_bug.cgi?id=4578 #4578]). | |||
| : Users can now decide themselves which messages, log sources or log levels are interesting for a particular use case through the PBS_LOG environment variable. | |||
| * Various improvements for error handling and reported messages to improve user experience. | |||
| ==== Tape backup ==== | |||
| * Add initial support for WORM (write once, read many) tapes | |||
| * Skip unassigned tapes when updating the inventory | |||
| : Tapes that are assigned to a pool but not yet in a media set belong to the special all-zero media set. Since there will never be a catalog on these tapes, trying to restore a catalog will always fail, so leave them out. | |||
| ==== Installation ISO ==== | |||
| * the version of BusyBox shipped with the ISO was updated to version 1.36.0. | |||
| * The EFI System Partition (ESP) defaults to 1 GiB of size if the root disk partition (<code>hdsize</code>) is bigger than 100 GB. | |||
| * UTC can now be selected as timezone during installation. | |||
| ==== Documentation ==== | |||
| * Expand the documentation for maintenance, focusing specifically on Garbage Collection (GC). | |||
| * Link screenshots in the documentation to their image files. | |||
| * Implement dark mode that honors the prefers-color-scheme media query automatically. | |||
| * Add dark mode support to the API viewer widget. | |||
| ==== Notable bug fixes ==== | |||
| * Don't interrupt tasks when pressing <kbd>Ctrl</kbd> + <kbd>C</kbd> when viewing task logs via <code>proxmox-backup-manager task log</code> or <code>proxmox-backup-client task log</code> ([https://bugzilla.proxmox.com/show_bug.cgi?id=4483 #4483]). | |||
| * <code>proxmox-backup-client</code> now prints task logs to stdout instead of stderr ([https://bugzilla.proxmox.com/show_bug.cgi?id=4387 #4387]). | |||
| * Removal of all associated prune jobs and ACL entries when their data store is deleted  ([https://bugzilla.proxmox.com/show_bug.cgi?id=4256 #4256]). | |||
| * Fixed a bug where snapshots were not listed in a tape media set ([https://bugzilla.proxmox.com/show_bug.cgi?id=4466 #4466]). | |||
| * Warn if a login ticket could not be stored (e.g. due to $XDG_RUNTIME_DIR not being set, which can happen if invoked via sudo) ([https://bugzilla.proxmox.com/show_bug.cgi?id=4346 #4346]). | |||
| * Reduce lock contention of the verify-after-complete feature with periodic syncs ([https://bugzilla.proxmox.com/show_bug.cgi?id=4523 #4523]). | |||
| <div id="2.4-known-issues"></div> | |||
| === Known Issues & Breaking Changes === | |||
| None. | |||
| == Proxmox Backup Server 2.3 == | |||
| '''Released 29. November 2022''' | |||
| * Based on Debian Bullseye (11.5) | |||
| * Latest 5.15 Kernel as stable default (5.15.74) | |||
| * Newer 5.19 Kernel as opt-in | |||
| * ZFS 2.1.6 | |||
| '''Changelog Overview''' | |||
| * Enhancements in the Web Interface (GUI): | |||
| ** Datastore permissions: Allow editing the ACL path and query the available namespaces and add them as ACL path to the pre-defined selections for convenience | |||
| ** Datastore content: Only mask the inner view of the content tree on error, to allow a user to trigger a manual reload using the reload button in the top bar | |||
| ** Improve navigating the whole Proxmox Backup Server web UI when a user only has limited permissions on a specific (sub-)namespace | |||
| ** Show block device partition tree on the web UI | |||
| ** Improve the prune-simulator, among other things allow setting a custom simulation "now" date/time | |||
| ** Improved certificate view - for example for certificates with many SANs | |||
| ** Improved translations, among others: | |||
| *** Arabic | |||
| *** Dutch | |||
| *** German | |||
| *** Italian | |||
| *** Polish | |||
| *** Traditional Chinese | |||
| *** Turkish | |||
| * Add Namespace Aware Prune Jobs | |||
| ** Expand the single-schedule per datastore to a flexible, namespace aware prune job system | |||
| ** Allow fine-grained control over when and how deep a specific namespace get pruned | |||
| ** In addition to above, the manual prune action also became more powerful w.r.t. namespace and prune-depth selection | |||
| ** Implement email notifications for prune jobs | |||
| ** Rework the task log outputs for prune job workers | |||
| * Native Support for Sending Periodic Metrics to InfluxDB | |||
| ** Support for HTTP(S) and UDP endpoints | |||
| ** Optionally TLS certificate validation can be disabled for HTTPS endpoints | |||
| ** Metric data is aligned as good as possible to the stats sent from a Proxmox VE node. | |||
| ** Metrics include: | |||
| *** CPU load averages, IOwait | |||
| *** Memory used/total, Swap used/total | |||
| *** NIC traffic statistics | |||
| *** Filesystem usage for datastores | |||
| *** Blockdevice IOPS and bytes read/written for datastores | |||
| * Support Proxmox Offline Mirroring & Subscription Handling | |||
| ** Proxmox Offline Mirror: The tool supports subscriptions and repository mirrors for air-gapped systems. Newly added [https://pom.proxmox.com proxmox-offline-mirror] utility can now be used to keep Proxmox Backup Server hosts, without access to the public internet up-to-date and running with a valid subscription. | |||
| * Tape Backup Improvements | |||
| ** Improve behavior for vanishing snapshots, only log the event but do not fail the tasks | |||
| ** Make total/throughput reporting use human-readable units on tape restore | |||
| ** Include used tapes in job notification e-mails | |||
| ** Optionally try to restore missing catalogs during inventory | |||
| *: In a disaster recovery case, in addition to re-inventorizing the labels and media-sets, trying to recover the catalogs from the tape, so that one knows what's actually on them, helps in getting an overview. | |||
| * General Client Improvements | |||
| ** Proxmox-backup-client: Added <code>ignore-acls</code>, <code>ignore-xattrs</code>, <code>ignore-ownership</code>, <code>ignore-permissions</code> and <code>overwrite</code> parameters to the restore command: If any of the <code>ignore</code> parameters is set the corresponding metadata is not restored - e.g. there is no <code>chown</code> call if <code>ignore-ownership</code> is set. The <code>overwrite</code> parameter causes the restore to overwrite a file if it is already present instead of failing. | |||
| ** File-restore: Add 'format' and 'zstd' parameters to 'extract' CLI command. | |||
| ** Add the <code>diff</code> sub-command to <code>proxmox-backup-debug</code>, allowing one to compare pxar archives for two arbitrary snapshots,  outputting a list of added/modified/deleted files. | |||
| ** Support http proxies through the <code>ALL_PROXY</code> environment variable for proxmox-backup-client. Note that using a general tunnel for all traffic, for example <code>wireguard</code> to shield traffic is preferred. | |||
| ** Fix an issue with the <code>mount</code> subcommand, where reading large files could yield corrupt data. | |||
| * General Backend Improvements | |||
| ** New mail-forwarding binary <code>proxmox-mail-forward</code>: It unifies the configuration for sending the system-generated mails to the email address configured for <code>root@pam</code>, with Proxmox VE. | |||
| ** Implement <code>sync-level</code> option for datastores, allowing one to configure how backup data is synced to disk to match their respective setup and needs. | |||
| ** Improve error handling when removing status files and locks from jobs that were never executed | |||
| ** Datastore list and datastore status: Avoid opening datastore and possibly iterating over namespace (for lesser privileged users), but rather use the in-memory ACL tree directly to check if there's access to any namespace below. | |||
| ** More robust handling of refreshing datastore states periodically and on config change - previously a lock was dropped, causing inconsistencies between long-running backup jobs and garbage collection tasks  <!-- 0bd9c87010e25634ea6a91c65c2ff8088372340d --> | |||
| ** Datastore: Swap dirtying the internal datastore cache every 60s by just using the available config digest to detect any changes accurately when they actually happen, reducing periodic IO. | |||
| ** Restore-daemon: Make file listing "streaming" for better interactivity on initial response | |||
| ** API daemon: startup scheduling tasks faster by improving aligning the trigger-time to the minute boundary | |||
| ** SMART: Add <code>raw field</code>, for compatibility with the Proxmox VE API - it contains the same data as <code>value</code>, which for now is kept for backwards compatibility | |||
| ** SMART: Don't treat certain non-zero exit codes of smartctl as error (if bit 2 of the exit-code is set the returned data is still parseable) - aligns with the implementation in Proxmox VE  | |||
| ** Improve file-system compatibility for various edge cases: For example take the reservation for <code>root</code> for EXT4 into consideration | |||
| ** ACME/Let's Encrypt: Send emails on certificate renewal failure | |||
| ** Optimize filtered snapshot listing | |||
| ** Move some blocking parts off to their own (reused) thread to reduce the chance of sometimes blocking the <code>tokio</code> reactor thread handling things like new incoming connections | |||
| ** Periodically trigger unparking a <code>tokio</code> thread to ensure all newly incoming requests are handled in a timely manner | |||
| ** The proxmox-backup-manager <code>pull</code> subcommand now handles a missing namespace parameter by pulling to the root namespace | |||
| <div id="2.3-known-issues"></div> | |||
| '''Known Issues & Notable Changes''' | |||
| * The upgrade will check if the owner of the lock file <code>/etc/proxmox-backup/.datastore.lck</code> is <code>backup</code>, and if it is not, it will try to correct the owner. | |||
| : If the automatic owner correction fails, the update process issues a warning and suggests how to try again manually. | |||
| : Note that this should only affect some older 1.x installations that had no need for locks outside the privileged API daemon and might have created the file with <code>root</code> as owner. | |||
| == Proxmox Backup Server 2.2 == | == Proxmox Backup Server 2.2 == | ||
| Line 39: | Line 1,508: | ||
| ** Add support for syncing a source namespace into any target namespace. | ** Add support for syncing a source namespace into any target namespace. | ||
| *: With the <code>max-depth</code> setting, you can control how deep the recursion on finding groups to sync should go. | *: With the <code>max-depth</code> setting, you can control how deep the recursion on finding groups to sync should go. | ||
| ** Add support for namespaces in current Proxmox VE 7.2, the following versions form the baseline: | |||
| *: pve-manager >= 7.2-4, libpve-storage-perl >= 7.2-4, pve-container >= 4.2-1, qemu-server >= 7.2-3, pve-qemu-kvm >= 6.2.0-7 | |||
| * Maintenance Mode and Active Operations Tracking: | * Maintenance Mode and Active Operations Tracking: | ||
| Line 62: | Line 1,533: | ||
| *: While inode-sorting benefits read performance on block devices with higher latency (for example, spinning disks), it also requires extra work to get the metadata needed for sorting, so it's a trade-off. For setups that have either very slow or very fast metadata IO, the benefits may turn into a net cost. | *: While inode-sorting benefits read performance on block devices with higher latency (for example, spinning disks), it also requires extra work to get the metadata needed for sorting, so it's a trade-off. For setups that have either very slow or very fast metadata IO, the benefits may turn into a net cost. | ||
| ** Add dry-run option for the <code>proxmox-backup-client</code> backup CLI command. | ** Add dry-run option for the <code>proxmox-backup-client</code> backup CLI command. | ||
| ** Verify: Allow  | ** Verify: Allow one to enforce verification when manually verifying a datastore or namespace through the web interface | ||
| ** Improve reload behavior of the proxmox-backup-proxy API daemon | ** Improve reload behavior of the proxmox-backup-proxy API daemon | ||
| *: Close acceptor for new incoming connections immediately on shutdown to avoid connection resets during the wait for running tasks to finish. | *: Close acceptor for new incoming connections immediately on shutdown to avoid connection resets during the wait for running tasks to finish. | ||
Latest revision as of 08:38, 15 September 2025
Roadmap
- Proxmox VE host backup
- Backup clients for other operating systems
- Encrypt data optionally on server-side, on datastore sync and/or incoming backups.
- Improved quality of service control like per-user bandwidth limits or maximum number of active task workers.
- Integration into Proxmox Datacenter Manager.
- Completed tasks that have been featured previously on the roadmap:
- Push-based sync mode (done with 3.3)
- Backup to one (physical) datastore from multiple Proxmox VE clusters, avoiding backup naming conflicts (done)
- GUI restore improvements (including VMs) (done)
- Set manual protection (immutable) flag for backups (done)
- Transforming the single prune configuration of a datastore to allowing multiple jobs, with namespace support (done)
- Support S3/Object as datastore storage backend. (done)
- Importer for existing vzdump archives into Proxmox Backup Server (done, see Import VMA Backups into Proxmox Backup Server)
- LDAP/AD Authentication (done)
- Improve and extend notifications by allowing one to add more endpoints besides email, each with separate filters (done with 3.2)
 
Release History
See also Announcement forum
Proxmox Backup Server 4.0
Released 06. August 2025
- Based on Debian Trixie (13)
- Latest 6.14.8-2 Kernel as new stable default
- ZFS 2.3.3
Highlights
- New major release based on the great Debian Trixie.
- Seamless upgrade from Proxmox Backup Server 3.4, see Upgrade from 3 to 4.
- S3-compatible object stores as backup storage backend (technology preview).
- Proxmox Backup Server can now connect to object stores that provide an S3-compatible API.
- A new datastore type persists backup metadata and chunks to an S3-compatible object store.
- To reduce the number of requests to the object store, a local cache temporarily stores metadata and chunks.
 
- ZFS now supports adding new devices to existing RAIDZ pools with minimal downtime.
Changelog Overview
Enhancements in the web interface (GUI)
- Fix an issue where the datastore creation tasks would not be formatted properly in the task list.
- Improvements to the custom consent window:
- Avoid showing the consent text twice for OIDC logins.
- Restrict the text length of the consent banner to 64 KiB.
- Fix an issue where the consent window size would exceed the viewport size (issue 6312).
 
- Use HttpOnly cookies as an additional layer of protection against cookie stealing attacks.
- Small improvements to the services view in the host's system panel.
- Fix an issue where the node services panel would incorrectly show postfix as disabled.
- Improved handling of translations:
- Add support for plural forms and ngettext usage.
- Translations can now contain comments that are extracted from the source code and provide useful context for translators.
 
- Updated translations, among others:
- Czech (new!)
- Arabic
- Bulgarian
- French
- German
- Italian
- Japanese
- Korean
- Polish
- Russian
- Simplified Chinese
- Spanish
- Swedish
- Traditional Chinese
- Ukrainian
 
General backend improvements
- S3-compatible object stores as backup storage backend (technology preview).
- Proxmox Backup Server can now connect to object stores that provide an S3-compatible API.
- A new datastore type persists backup metadata and chunks to an S3-compatible object store.
- One such datastore cannot be shared between multiple Proxmox Backup Server instances.
- Datastore contents can be reused for a new Proxmox Backup Server instance if the original instance has gone offline permanently.
 
- Allow to automatically run sync jobs whenever a relevant removable datastore is mounted.
- Sync jobs that reference a local removable datastore can only be run while the removable datastore is mounted.
- Setting the new run-on-mountflag on a sync job causes it to run automatically when the removable datastore is mounted.
 
- Fix an issue where forgetting a group, or the last snapshot of a group, would fail if a group note is present (issue 6358).
- Fix an issue where forgetting a group, or the last snapshot of a group, would fail if the owner file was already deleted.
- Improvements to the garbage collection:
- Allow bypassing the chunk cache used during the marking phase by setting a cache capacity of 0.
- Track chunk cache statistics in the garbage collection task log.
- Fix logging in case of index files created or deleted while the garbage collection job is running.
- Fix a rare race condition in the chunk marking phase.
 
- Improvements to notifications:
- Warn if mailto-userrefers to a user without an email address when sending a notification.
- Fix an issue with the SMTP endpoint options where the "Authenticate" check box would be inadvertently checked in some browsers (issue 5588).
- Fix an issue where the SMTP endpoint did not properly quote the sender's display name (issue 6188).
- Default to the notification mode notification-systemfor new datastore/tape jobs.- This was already the default in the GUI, and it is now also the default for jobs created via API and CLI.
- Existing jobs without an explicit setting are automatically converted to the explicit setting.
 
- Move notification settings for tape backup jobs to a separate tab.
- Improve the GUI for notification settings.
 
- Warn if 
- Fix an issue where a sync job would acquire an exclusive lock on a source snapshot, causing concurrent backups to fail.
- Avoid a superfluous stat syscall when checking the protected state of a snapshot.
- Provide more details in backup task logs to ease troubleshooting.
Client improvements
- Ensure that CLI tools print a newline after their usage string if an argument is missing.
- Fix an issue where restoring a file-based backup would fail if the backup contained a hardlink.
Tape backup
- Improve compatibility with tape drivers/libraries that are configured to forbid applications to change tape encryption settings.
- Wait for calibration of LTO-9 tapes to improve compatibility with tapes that are automatically formatted when they are first used.
- Increase the timeout for moving a medium in a changer from 5 to 45 minutes
- This improves compatibility with some tape libraries where such operations can a take a long time.
 
Installation ISO
- Install the microcode package matching the current platform.
- This ensures that new Proxmox Backup Server installations get available fixes for CPU security issues and other CPU bugs.
- This also means that installations now have the non-free-firmwarerepository enabled.
- To get microcode updates that were released after the ISO was built, hosts have to be updated regularly. Microcode updates need a reboot to go into effect.
 
- Ignore network interfaces without a valid MAC address instead of aborting the installation.
- Check that the configured LVM swapsize is not greater than half the disk size (issue 5887).
- Handle the case where the DHCP lease includes the search domain in the Host Name option.
- Improve error reporting for disk and RAID checks.
- Improvements to the text-based installer and proxmox-auto-install-assistant:- Improve error reporting when encountering an invalid CIDR.
- Add plausibility checks for subnet masks and IPv4 address
 
- Improvements to the automated installation:
- Handle the case where the answer file provides an empty search domain.
- Check the number of disks for RAID configurations already when parsing the answer file to catch invalid configurations earlier.
- Warn if the answer file contains deprecated snake_casekeys.
- Check for duplicate disks in the answer file.
 
- Improve the visibility of CLI errors by printing an additional newline.
Improved management of Proxmox Backup Server machines
- Provide a tool for pinning network interface names.
- Network interface names may change due to multiple factors, including changes to the hardware setup, software updates, and firmware updates.
- Examples are systemd, kernel and driver updates during major or minor version updates, and BIOS updates.
- Changes of network interface names can require manually adjusting network and firewall configurations.
- proxmox-network-interface-pinningis a tool for assigning permanent "pinned" names to network interfaces.
- These pinned names are tied to the interface's MAC address.
 
- Support alternative names for network interfaces.
- Alternative names can be used to give multiple additional names to a network interface.
- While network interface names are restricted to 15 user-visible bytes, alternative names can be up to 128 bytes long.
- It is now possible to use alternative names in /etc/network/interfacesinstead of (primary) network interface names.
- Transparent support for alternative names can decrease the maintenance overhead in case the primary network interface name changes due to an update.
- The network configuration GUI also shows alternative names of network interfaces.
 
- New ZFS version 2.3.3:
- Support for adding new devices to existing RAIDZ pools without downtime.
- See upstream changelog for details.
 
- Secure Boot: Exclude the NTFS module from the monolithic Grub EFI binary (PSA-2025-00012-1).
- Add a pbs-network-config-commitsystemd service to apply pending network changes on boot.
- ACME: Improve compatibility with ACME servers whose directory endpoint does not provide certain fields.
Known Issues & Breaking Changes
The test repository is now named pbs-test
For consistency with existing repositories the pbstest repository is now spelled pbs-test.
Potential changes in network interface names
Proxmox Backup Server 4 can now transparently handle many network interface name changes.
These changes may occur when upgrading from Proxmox Backup Server 3.x to 4.0 due to new naming scheme policies or the added support for new NIC features. For example, this may happen when upgrading from Kernel 6.8 to Kernel 6.14. If the previous primary name remains available as an alternative name, manual intervention may not be necessary since Proxmox Backup Server 4.0 allows the use of alternative names in network configurations.
However, in some cases, the previous primary name might not be available as an alternative name after the upgrade. In such cases, manual reconfiguration after the upgrade is currently still necessary.
Prior to upgrading, you can install the proxmox-network-interface-pinning package and use the CLI tool with the same name to pin network interfaces to custom names.
Passkeys as Second Factor (TFA)
Proxmox Backup Server supports WebAuthn as a second-factor authentication method. Although passkeys are related to WebAuthn, there are some differences that may cause issues when using them after upgrading to Proxmox Backup Server 4.0. A fix is currently being rolled out through the proxmox-backup-server 4.0.11-3 version.
When using two-factor authentication (TFA), you should always ensure that you have another second-factor type set up as a backup, such as recovery codes or time-based one-time password (TOTP).
Change in sync job filter order
For sync jobs the filtering of encrypted only or verified only snapshots is now performed before applying the transfer last cutoff. This makes the behavior more intuitive.
systemd logs "System is tainted: unmerged-bin" after boot
It is recommended to ignore this message. See the Debian Trixie release notes for more details.
OpenID users get logged out instantly
In Proxmox Backup Server version 4 up until and including 4.0.11 there was a bug in the authentication logic for accounts that used OpenID to log in. This would lead to users being immediately logged out again after the initial login. A fix has been implemented in proxmox-backup-server version 4.0.12-1. Please update to at least that version if you are using OpenID and run into this problem.
Proxmox Backup Server 4.0 BETA
Released 24. July 2025
| Note: This is a test version that is not yet intended for production use. The release notes will be continuously updated during the beta phase. | 
- Based on Debian Trixie (13)
- Latest 6.14.8-1 Kernel as new stable default
- ZFS 2.3.3
Highlights
- New major release based on the great Debian Trixie.
- Seamless upgrade from Proxmox Backup Server 3.4, see Upgrade from 3 to 4.
- S3-compatible object stores as backup storage backend (technology preview).
- Proxmox Backup Server can now connect to object stores that provide an S3-compatible API.
- A new datastore type persists backup metadata and chunks to an S3-compatible object store.
- To reduce the number of requests to the object store, a local cache temporarily stores metadata and chunks.
 
- ZFS now supports adding new devices to existing RAIDZ pools without downtime.
Changelog Overview
Enhancements in the web interface (GUI)
- Fix an issue where the datastore creation tasks would not be formatted properly in the task list.
- Improvements to the custom consent window:
- Avoid showing the consent text twice for OIDC logins.
- Restrict the text length of the consent banner to 64 KiB.
- Fix an issue where the consent window size would exceed the viewport size (issue 6312).
 
- Use HttpOnly cookies as an additional layer of protection against cookie stealing attacks.
- Small improvements to the services view in the host's system panel.
- Fix an issue where the node services panel would incorrectly show postfix as disabled.
- Updated translations, among others:
- Czech (new!)
- Arabic
- Bulgarian
- French
- German
- Italian
- Japanese
- Korean
- Russian
- Spanish
- Swedish
- Traditional Chinese
- Ukrainian
 
General backend improvements
- S3-compatible object stores as backup storage backend (technology preview).
- Proxmox Backup Server can now connect to object stores that provide an S3-compatible API.
- A new datastore type persists backup metadata and chunks to an S3-compatible object store.
- One such datastore cannot be shared between multiple Proxmox Backup Server instances.
- Datastore contents can be reused for a new Proxmox Backup Server instance if the original instance has gone offline permanently.
 
- Allow to automatically run sync jobs whenever a relevant removable datastore is mounted.
- Sync jobs that reference a local removable datastore can only be run while the removable datastore is mounted.
- Setting the new run-on-mountflag on a sync job causes it to run automatically when the removable datastore is mounted.
 
- Fix an issue where forgetting a group, or the last snapshot of a group, would fail if a group note is present (issue 6358).
- Fix an issue where forgetting a group, or the last snapshot of a group, would fail if the owner file was already deleted.
- Improvements to the garbage collection:
- Allow bypassing the chunk cache used during the marking phase by setting a cache capacity of 0.
- Track chunk cache statistics in the garbage collection task log.
- Fix logging in case of index files created or deleted while the garbage collection job is running.
- Fix a rare race condition in the chunk marking phase.
 
- Improvements to notifications:
- Warn if mailto-userrefers to a user without an email address when sending a notification.
- Fix an issue with the SMTP endpoint options where the "Authenticate" check box would be inadvertently checked in some browsers (issue 5588).
- Fix an issue where the SMTP endpoint did not properly quote the sender's display name (issue 6188).
- Default to the notification mode notification-systemfor new datastore/tape jobs.- This was already the default in the GUI, and it is now also the default for jobs created via API and CLI.
- Existing jobs without an explicit setting are automatically converted to the explicit setting.
 
- Move notification settings for tape backup jobs to a separate tab.
- Improve the GUI for notification settings.
 
- Warn if 
- Fix an issue where a sync job would acquire an exclusive lock on a source snapshot, causing concurrent backups to fail.
- Avoid a superfluous stat syscall when checking the protected state of a snapshot.
- Provide more details in backup task logs to ease troubleshooting.
Client improvements
- Ensure that CLI tools print a newline after their usage string if an argument is missing.
- Fix an issue where restoring a file-based backup would fail if the backup contained a hardlink.
Tape backup
- Improve compatibility with tape drivers/libraries that are configured to forbid applications to change tape encryption settings.
Installation ISO
- Install the microcode package matching the current platform.
- This ensures that new Proxmox Backup Server installations get available fixes for CPU security issues and other CPU bugs.
- This also means that installations now have the non-free-firmwarerepository enabled.
- To get microcode updates that were released after the ISO was built, hosts have to be updated regularly. Microcode updates need a reboot to go into effect.
 
- Ignore network interfaces without a valid MAC address instead of aborting the installation.
- Check that the configured LVM swapsize is not greater than half the disk size (issue 5887).
- Handle the case where the DHCP lease includes the search domain in the Host Name option.
- Improve error reporting for disk and RAID checks.
- Improvements to the text-based installer and proxmox-auto-install-assistant:- Improve error reporting when encountering an invalid CIDR.
- Add plausibility checks for subnet masks and IPv4 address
 
- Improvements to the automated installation:
- Handle the case where the answer file provides an empty search domain.
- Check the number of disks for RAID configurations already when parsing the answer file to catch invalid configurations earlier.
- Warn if the answer file contains deprecated snake_casekeys.
- Check for duplicate disks in the answer file.
 
- Improve the visibility of CLI errors by printing an additional newline.
Improved management of Proxmox Backup Server machines
- Support alternative names for network interfaces.
- Alternative names can be used to give multiple additional names to a network interface.
- While network interface names are restricted to 15 user-visible bytes, alternative names can be up to 128 bytes long.
- It is now possible to use alternative names in /etc/network/interfacesinstead of (primary) network interface names.
- Transparent support for alternative names can decrease the maintenance overhead in case the primary network interface name changes due to an update.
 
- New ZFS version 2.3.3:
- Support for adding new devices to existing RAIDZ pools without downtime.
- See upstream changelog for details.
 
- ACME: Improve compatibility with ACME servers whose directory endpoint does not provide certain fields.
Known Issues & Breaking Changes
The test repository is now named pbs-test
For consistency with existing repositories the pbstest repository is now spelled pbs-test.
Potential changes in network interface names
Proxmox Backup Server 4 can now transparently handle many network interface name changes.
These changes may occur when upgrading from Proxmox Backup Server 3.x to 4.0 due to new naming scheme policies or the added support for new NIC features. For example, this may happen when upgrading from Kernel 6.8 to Kernel 6.14. If the previous primary name remains available as an alternative name, manual intervention may not be necessary since Proxmox Backup Server 4.0 allows the use of alternative names in network configurations.
However, in some cases, the previous primary name might not be available as an alternative name after the upgrade. In such cases, manual reconfiguration after the upgrade is currently still necessary.
Proxmox Backup Server 3.4
Released 10. April 2025
- Based on Debian Bookworm (12.10)
- Latest 6.8.12-9 Kernel as new stable default
- Newer 6.14 Kernel as opt-in
- ZFS: 2.2.7 (with compatibility patches for Kernel 6.14)
Highlights
- Performance improvements for garbage collection.
- Garbage collection frees up storage space by removing unused chunks from the datastore.
- For this, it has to mark all chunks that are currently in use by backup snapshots.
- The marking phase now uses a cache to avoid redundant marking operations.
- This increases memory consumption but can significantly decrease the runtime of garbage collection.
 
- More fine-grained control over backup snapshot selection for sync jobs.
- Sync jobs are useful for pushing or pulling backup snapshots to or from remote Proxmox Backup Server instances.
- Group filters already allow selecting which backup groups should be synchronized.
- In addition, it is now possible to only synchronize backup snapshots that are encrypted, or only backup snapshots that are verified.
 
- Static build of the Proxmox Backup command-line client.
- Proxmox Backup Server is tightly integrated with Proxmox VE, but its command-line client can also be used outside Proxmox VE.
- Packages for the command-line client are already provided for hosts running Debian or Debian derivatives.
- A new statically linked binary increases the compatibility with Linux hosts running other distributions.
- This makes it easier to use Proxmox Backup Server to create file-level backups of arbitrary Linux hosts.
 
- Latest Linux 6.14 kernel available as opt-in kernel.
Changelog Overview
Enhancements in the web interface (GUI)
- Allow configuring a default realm which will be pre-selected in the login dialog (issue 5379).
- The prune simulator now allows specifying schedules with both range and step size (issue 6069).
- Ensure that the prune simulator shows kept backups in the list of backups.
- Fix an issue where the GUI would not fully load after navigating to the "Prune & GC Jobs" tab in rare cases.
- Deleting the comment of an API token is now possible.
- Various smaller improvements to the GUI.
- Fix some occurrences where translatable strings were split, which made potentially useful context unavailable for translators.
General backend improvements
- Performance improvements for garbage collection (issue 5331).
- Garbage collection frees up storage space by removing unused chunks from the datastore.
- For this, its first phase updates the atime (access time) of all chunk files that are currently in use by backup snapshots.
- The marking phase now uses an improved chunk iteration logic and a cache to avoid redundant atime updates.
- This increases memory consumption but can significantly decrease the runtime of garbage collection.
- The cache capacity can be configured in the datastore's tuning options.
 
- More fine-grained control over backup snapshot selection for sync jobs.
- Sync jobs are useful for pushing or pulling backup snapshots to or from remote Proxmox Backup Server instances.
- Group filters already allow selecting which backup groups should be synchronized.
- In addition, it is now possible to only synchronize backup snapshots that are encrypted, or only backup snapshots that are verified (issue 6072).
- The sync job's transfer-lastsetting has precedence over theverified-onlyandencrypted-onlyfiltering.
 
- Add a safeguard against filesystems that do not honor atime updates (issue 5982).
- The first phase of garbage collection marks used chunk files by explicitly updating their atime.
- If the filesystem backing the chunk store does not honor such atime updates, phase two may delete chunks that are still in use, leading to data loss.
- Hence, datastore creation and garbage collection now perform an atime update on a test chunk, and report an error if the atime update is not honored.
- The check is enabled by default and can be disabled in the datastore's tuning options.
 
- Allow to customize the atime cutoff for garbage collection in the datastore's tuning options.
- The atime cutoff defaults to 24 hours and 5 minutes, as a safeguard for filesystems that do not always immediately update the atime.
- However, on filesystems that do immediately update the atime, this can cause unused chunks to be kept for longer than necessary.
- Hence, allow advanced users to configure a custom atime cutoff in the datastore's tuning options.
 
- Allow to generate a new token secret for an API token via the API and GUI (issue 3887).
- Revert a check for known but missing chunks when creating a new backup snapshot (reverts fix for issue 5710).
- This check was introduced in Proxmox Backup Server 3.3 to enable clients to re-send chunks that disappeared.
- However, the check turned out to not scale well for large setups, as reported by the community.
- Hence, revert the check and aim for an opt-in or opt-out approach in the future.
 
- Ensure proper unmount if the creation of a removable datastore fails.
- Remove a backup group if its last backup snapshot is removed (issue 3336).
- Previously, the empty backup group persisted with the previous owner still set.
- This caused issues when trying to add new snapshots with a different owner to the group.
 
- Decouple the locking of backup groups, snapshots, and manifests from the underlying filesystem of the datastore (issue 3935).
- Lock files are now created on the tmpfs under /runinstead of the datastore's backing filesystem.
- This can also alleviate issues concerning locking on datastores backed by network filesystems.
 
- Lock files are now created on the tmpfs under 
- Ensure that permissions of an API token are deleted when the API token is deleted (issue 4382).
- Ensure that chunk files are inserted with the correct owner if the process is running as root.
- Fix an issue where prune jobs would not write a task log in some cases, causing the tasks to be displayed with status "Unknown".
- When listing datastores, parse the configuration and check the mount status after the authorization check.
- This can lead to performance improvements on large setups.
 
- Improve the error reporting by including more details (for example the errno) in the description.
- Ensure that "Wipe Disk" also wipes the GPT header backup at the end of the disk (issue 5946).
- Ensure that the task status is reported even if logging is disabled using the PBS_LOGenvironment variable.
- Fix an issue where proxmox-backup-managerwould write log output twice.
- Fix an issue where a worker task that failed during start would not be cleaned up.
- Fix a race condition that could cause an incorrect update of the number of current tasks.
- Increase the locking timeout for the task index file to alleviate issues due to lock contention.
- Fix an issue where verify jobs would be too eagerly aborted if the manifest update fails.
- Fix an issue where file descriptors would not be properly closed on daemon reload.
- Fix an issue where the version of a remote Proxmox Backup Server instance was checked incorrectly.
Client improvements
- Static build of the Proxmox Backup command-line client (issue 4788).
- Proxmox Backup Server is tightly integrated with Proxmox VE, but its command-line client can also be used outside Proxmox VE.
- Packages for the command-line client are already provided for hosts running Debian or Debian derivatives.
- A new statically linked binary increases compatibility with Linux hosts running other distributions.
- This makes it easier to interact with Proxmox Backup Server on arbitrary Linux hosts, for example to create or manage file-level host backups.
 
- Allow to read passwords from credentials passed down by systemd.
- Examples are the API token secret for the Proxmox Backup Server, or the password needed to unlock the encryption key.
 
- Improvements to the vma-to-pbstool, which allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server:- Optionally read the repository or passwords from environment variables, similarly to proxmox-backup-client.
- Add support for the --versioncommand-line option.
- Avoid leaving behind zstd, lzop or zcat processes as zombies (issue 5994).
- Clarify the error message in case the VMA file ends unexpectedly.
 
- Optionally read the repository or passwords from environment variables, similarly to 
- Mention restrictions for archive names in the documentation and manpage (issue 6185).
- Improvements to the change detection modes for file-based backups introduced in Proxmox Backup Server 3.3:
- Fix an issue where the file size was not considered for metadata comparison, which could cause subsequent restores to fail.
 
- Fix a race condition that could prevent proper error propagation during a container backup to Proxmox Backup Server.
- File restore from image-based backups: Switch to blockdevoptions when preparing drives for the file restore VM.- In addition, fix a short-lived regression when using namespaces or encryption due to this change.
 
Tape backup
- Allow to increase the number of worker threads for reading chunks during tape backup.
- On certain setups, this can significantly increase the throughput of tape backups.
 
- Add a section on disaster recovery from tape to the documentation (issue 4408).
Installation ISO
- Raise the minimum root password length from 5 to 8 characters for all installers.
- This change is done in accordance with current NIST recommendations.
 
- Print more user-visible information about the reasons why the automated installation failed.
- Allow RAID levels to be set case-insensitively in the answer file for the automated installer.
- Prevent the automated installer from printing progress messages while there has been no progress.
- Correctly acknowledge the user's preference whether to reboot on error during automated installation (issue 5984).
- Allow binary executables (in addition to shell scripts) to be used as the first-boot executable for the automated installer.
- Allow properties in the answer file of the automated installer to be either in snake_caseorkebab-case.- The kebab-casevariant is preferred to be more consistent with other Proxmox configuration file formats.
- The snake_casevariant will be gradually deprecated and removed in future major version releases.
 
- The 
- Validate the locale and first-boot-hook settings while preparing the automated installer ISO, instead of failing the installation due to wrong settings.
- Prevent printing non-critical kernel logging messages, which drew over the TUI installer's interface.
- Keep the network configuration detected via DHCP in the GUI installer, even when not clicking the Nextbutton first (issue 2502).
- Add an option to retrieve the fully qualified domain name (FQDN) from the DHCP server with the automated installer (issue 5811).
- Improve the error handling if no DHCP server is configured on the network or no DHCP lease is received.
- The GUI installer will pre-select the first found interface if the network was not configured with DHCP.
- The installer will fall back to more sensible values for the interface address, gateway address, and DNS server if the network was not configured with DHCP.
 
- Add an option to power off the machine after the successful installation with the automated installer (issue 5880).
- Improve the ZFS ARC maximum size settings for systems with a limited amount of memory.
- On these systems, the ZFS ARC maximum size is clamped in such a way, that there is always at least 1 GiB of memory left to the system.
 
- Make Btrfs installations use the proxmox-boot-toolto manage the EFI system partitions (issue 5433).
- Make GRUB install the bootloader to the disk directly to ensure that a system is still bootable even though the EFI variables were corrupted.
- Fix a bug in the GUI installer's hard disk options, which causes ext4 and xfs to show the wrong options after switching back from Btrfs's advanced options tab.
Improved management of Proxmox Backup Server machines
- Several vulnerabilities in GRUB that could be used to bypass SecureBoot were discovered and fixed (PSA-2025-00005-1)
- The Documentation for SecureBoot now includes instructions to prevent using vulnerable components for booting via a revocation policy.
 
- Improvements to the notification system:
- Allow overriding templates used for notifications sent as plain text as well as HTML (issue 6143).
- Streamline notification templates in preparation for user-overridable templates.
- Clarify the descriptions for notification matcher modes (issue 6088).
- Fix an error that occurred when creating or updating a notification target.
- HTTP requests to webhook and gotify targets now set the Content-Lengthheader.
 
- Lift the requirement that InfluxDB organization and bucket names need to at least three characters long
- The new minimum length is one character.
 
- Improve the accuracy of the "Used Memory" metric by relying on the MemAvailablestatistic reported by the kernel.- Previously, the metric incorrectly ignored some reclaimable memory allocations and thus overestimated the amount of used memory.
 
- Backport a kernel patch that avoids a performance penalty on Raptor Lake CPUs with recent microcode (issue 6065).
- Backport a kernel patch that fixes Open vSwitch network crashes that would occur with a low probability when exiting ovs-tcpdump.
Known Issues & Breaking Changes
None
Proxmox Backup Server 3.3
Released 28. November 2024
- Based on Debian Bookworm (12.8)
- Latest 6.8.12-4 Kernel as new stable default
- Newer 6.11 Kernel as opt-in
- ZFS 2.2.6 (with compatibility patches for Kernel 6.11)
Highlights
- Push direction for sync jobs.
- Sync jobs can already pull backup snapshots from remote Proxmox Backup Server instances.
- The new push direction allows copying backup snapshots from the local instance to remote instances.
- This can be useful in setups where the remote instance cannot initiate connections to the local instance.
 
- Support for removable datastores.
- Datastores can now be created on removable media for offline storage.
- After unmounting the removable datastore, the medium can be removed.
- The datastore can be used on multiple Proxmox Backup Server instances.
 
- Webhook target for the notification system.
- The new webhook notification target allows notification events to trigger HTTP requests.
- Request headers and body can be customized and can contain notification metadata.
- This allows users to push notifications to any target that supports webhooks.
 
- New change detection modes for speeding up file-based backups.
- Metadata and data of backup snapshots are now stored in two separate archives.
- Optionally, files that have not changed since the previous backup snapshot can be identified using the previous backup snapshot's metadata archive.
- Processing of unchanged files is avoided when possible, which can lead to significant reduction in backup runtime.
 
Changelog Overview
Enhancements in the web interface (GUI)
- Allow to set a consent banner that users must acknowledge before logging in (issue 5463).
- This can be required for compliance reasons.
- The banner supports Markdown and can be set in Configuration → Other → General → Consent Text.
 
- Columns in the "Prune & GC Jobs" view are now sortable (issue 5422).
- Fix a short-lived regression where updating proxmox-backup-serverwithout updatingproxmox-widget-toolkitmade the GUI inaccessible (issue 5503).
- Fix an issue where the "Change owner" dialog would not accept usernames shorter than 8 characters (issue 5861).
- Disallow creating a datastore on /via the GUI, as this is most likely unintended.
- Fix an issue where clicking on an external link to the GUI would display a login screen, even if the current session was still valid.
- Show only installed services in the node's system panel by default, but optionally allow showing all services (issue 5611).
- Right-align numbers in the S.M.A.R.T. values table (issue 5831).
- Fix an issue where the installed Proxmox Backup Server version was incorrectly rendered with a hyphen instead of a dot.
- Improved translations, among others:
- Bulgarian (NEW!)
- Arabic
- French
- German
- Italian
- Japanese
- Russian
- Spanish
- Traditional Chinese
 
General backend improvements
- Push direction for sync jobs (issue 3044).
- Sync jobs can already pull backup snapshots from remote Proxmox Backup Server instances.
- The new push direction allows copying backup snapshots from the local instance to remote instances.
- This can be useful in setups where the remote instance cannot initiate connections to the local instance.
- The new privileges Remote.DatastoreBackup,Remote.DatastoreModifyandRemote.DatastorePrunecan be used on the source side to restrict permissions to push snapshots to a remote instance.
- Users can push snapshots directly via the CLI.
 
- Pull sync jobs can now optionally resync corrupt chunks (issue 3786).
- When syncing a backup group from a remote, the sync job checks whether the last local snapshot has previously failed verification.
- If this is the case, the sync job overwrites the local snapshot with the remote snapshot.
- As the additional lookups impact sync job performance, the feature is disabled by default and can be enabled in the sync job options.
 
- Support for removable datastores.
- Datastores can now be created on removable media for offline storage.
- After unmounting the removable datastore in the GUI, the medium can be removed.
- The datastore can be used on multiple Proxmox Backup Server instances.
- Multiple datastores per device are also supported.
- If the device only contains a single datastore, connecting the device will automatically mount the datastore.
 
- Check for known but missing chunks when creating a new backup snapshot (issue 5710).
- Known chunks are chunks that are contained in the previous snapshot of the backup group.
- When creating a new backup snapshot, the list of known chunks is sent to the client, so the client can skip uploading known chunks.
- However, if a known chunk disappeared, but the previous snapshot has not been re-verified yet, the new backup snapshot will be corrupt.
- To make the user aware of this condition, check the previously known chunks for existence when finishing the new backup snapshot.
- If a missing chunk is detected, the backup fails and the verify state of the previous backup snapshot is set to failed.
 
- Fix a regression where an early HTTP connection close could result in high CPU usage and denial-of-service (issue 5868).
- Early connection closes are used by some monitoring solutions performing health checks.
 
- Allow reusing already-existing datastores, but disallow creating datastores in non-empty directories (issue 5439).
- Fix a regression that prevented legacy notifications for successful sync jobs.
- Fix an issue where a delayed TLS Client Hello would cause the API server to respond with a plain HTTP 400 "Bad Request" response (issue 5105).
- Abort garbage collection if a nested datastore is encountered, as garbage collection cannot be done safely on nested datastores.
- Update choices of cryptographic primitives:
- CSRF tokens now use a standard HMAC construction.
- Migrate to yescrypt for hashing passwords. Old hashes will be upgraded to the new scheme once a user logs in.
- Migrate to Ed25519 for authentication tickets.
- Use constant-time comparison for additional hardening against timing side-channels.
 
- Fix an issue where a sync job would not honor the transfer-lastoption and include more snapshots than intended.
- Fix an issue where proxmox-backup-manager network reloadwould exit before the network configuration got applied.
- Fix an issue where updating a datastore via the CLI would exit before the operation was finished and leave behind a lockfile (issue 5801).
- External metric server: Remove overly strict restrictions on InfluxDB organization and bucket names, and URL-encode them in HTTP requests.
- Several minor performance improvements for backend operations.
- The API server now includes zlib headers if the Deflate response content coding is requested.
- Improve compression throughput when creating chunks.
- This can lead to performance improvements if all involved storages are so fast that compression becomes a bottleneck.
 
- Fix an issue where the Gotify notification target would not accept a TLS certificate with an IP address as Subject Alternative Name (issue 5808). '
- Adjust display format for timespans so that parsing them again produces the expected value.
- Previously, mwas used for months andminfor minutes.
- Now, Mis used for months andmfor minutes.
 
- Previously, 
- The PUT /access/users/{userid}API endpoint now ignores thepasswordparameter, as it was not usable for changing the password.- The PUT /access/passwordendpoint should be used instead.
 
- The 
- Improvements to logging and error reporting:
- Errors from task logs are now also logged to the system log, increasing their visibility.
- Improve error message in the case where proxy.keyandproxy.pemhave the wrong permissions.
- Include more context in some error messages.
 
Client improvements
- New change detection modes dataandmetadatafor file-based backups (issue 3174), such as container backups from Proxmox VE.- In both new modes, the metadata and data of file-based backup snapshots are stored separately.
- This removes the necessity for a dedicated catalog file, but still allows for efficient metadata lookups.
- In metadatamode, files that have not changed since the previous backup snapshot are identified using the metadata archive of the previous backup snapshot.
- Processing of unchanged files is avoided when possible, which can lead to significant reduction in backup runtime.
- The recently released Proxmox VE 8.3 allows adjusting the change detection mode in the Advanced Options of backup jobs.
 
- Improvements to the vma-to-pbstool, which allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server:- Support bulk import of a dump directory containing VMA files.
- Improve readability of logs and show upload progress as a percentage.
- Allow the user to specify a notes file and a log file to associate with the backup snapshot.
- Improvements to CLI argument handling.
 
- The client now optionally takes a set of patternparameters to restore only a subset of entries in a file-level backup (issue 2996).
- Ignore stale files during file-based backup creation and warn the user accordingly, instead of failing the backup (issue 5853).
- Stale files may, for example, occur in combination with network file systems if files are removed while the backup is still in process.
 
- Add a CLI command to forget (delete) a whole backup group with all contained snapshots.
- Improve performance of image-based backups by using an input buffer better aligned to the chunk size.
- Fix an issue where the rateandburstparameters were ignored (issue 5622).
- Warn when restoring a file-based backup snapshot containing files with invalid ACLs, instead of failing the restore operation completely.
- Periodically log the current backup progress (issue 5560).
- Prefer to store temporary files in the XDG Cache directory (~/.cacheby default) instead of/tmp(issue 3699).
- Avoid unnecessary allocation in the AES benchmark, making the results more aligned with the actual hardware capabilities.
- Fix an issue where a file-based backup created by a non-root user could not be restored by that user if the --excludeflag was used (issue 5304).
- Fix a short-lived regression that caused the mapcommand to error out (issue 5571).
- Fix an issue where an incorrect mountcommand would occasionally give no error output.
- Failure to re-authenticate to the Proxmox Backup Server is not treated as a fatal error anymore, as the failure may be due to a transient network instability.
- Fix an issue where the number of active operations on a datastore would be tracked incorrectly if the chunks directory is unavailable.
- Improvements to file restore from image-based backups:
- Mount NTFS file systems with the UTF-8 charset. This fixes an issue where files with non-ASCII names would not be visible during file restore (issue 5465).
- Log errors when a file cannot be accessed to facilitate troubleshooting.
- Take truncated serial numbers into account when searching for disks.
 
Tape backup
- Lift the root-only requirement for some tape operations (issue 5233):
- Allow non-root users with the Tape.Modifyprivilege to update the tape status.
- Allow non-root users with the Tape.Writeprivilege to destroy tapes.
 
- Allow non-root users with the 
- Implement a workaround for changers that advertise but omit certain fields in the ELEMENT STATUSpage response.- Without the workaround, the tapes would not be recognized.
 
- Disable Programmable Early Warning Zone (PEWZ) when loading a tape, as Proxmox Backup Server does not use PEWZ.
- This avoids an error in case a different application previously set up PEWZ.
 
- Write informational Media Auxiliary Memory (MAM) attributes on tapes.
- This includes the Proxmox Backup Server product name, version, label text and current media pool.
- These on-tape information can help users to identify tapes when querying them with tools other than Proxmox Backup Server.
 
- Improve tape-backup throughput by avoiding unnecessary syncs after having written 128 GiB.
- Collect "Bytes Used" statistic for tape inventories and display it in the GUI.
- Improved handling of tape activity:
- Avoid potentially blocking queries when the tape is busy, for example while the library is initializing LTO-9 tapes.
- Query current tape activity and show it in the GUI.
 
Access control
- Increase the minimum length requirement for new passwords to 8 characters.
- Two-factor authentication with WebAuthn: Serialize OriginUrlaccording to RFC6454.
- Fix an issue that prevented non-root users from configuring the network, despite having the necessary permissions.
- Lock the shadow.jsonfile used for the PBS authentication realm for updating, to prevent race-conditions.
Installation ISO
- Add a post-installation notification mechanism for automated installations (issue 5536).
- This mechanism can be configured with the new post-installation-webhooksection in the answer file.
 
- This mechanism can be configured with the new 
- Add support for running a custom script on first boot after automated installation (issue 5579).
- The script can be provided in the ISO or fetched from a URL.
 
- Allow users to set hashed passwords (instead of plaintext passwords) in the proxmox-auto-installeranswer file.
- Allow users to customize the label of the partition from which the automated installer fetches the answer file.
- This adds the --partition-labeloption to theproxmox-auto-install-assistant prepare-isocommand.
- Previously, the partition label was hardcoded to PROXMOX-AIS.
 
- This adds the 
- Add ZFS maximum arc size option field in the advanced disk options during installation.
- By default, 50% of the installed system memory is used as the maximum arc size, which is ZFS's default value.
 
- Add ability to detect and rename an existing ZFS pool named rpoolduring the installation.
- Improve the email address validation to include a broader set of email address formats.
- This implements the email validation check specified in the HTML specification.
 
- The text-based installer now fails if no supported NIC was found, similar to graphical installer.
- Improve UI consistency by adding the missing background layer for the initial setup error screen in the text-based installer.
- Improve usability for small screens by adding a tabbed view for the advanced options at the disk selection step in the text-based installer.
- This change only affects screens with a screen width of less than or equal to 80 columns.
 
- Fix an issue with ISOs generated with the proxmox-auto-install-assistantwhich caused the user to end up in the GRUB shell when booting from a block device (e.g. an USB flash drive) in UEFI mode.
- Fix a bug which caused some kernel parameters related to the automated installer to be removed incorrectly.
- Fix a bug which caused the installer to not detect Secure Boot in some cases.
- Ask the user for patience while making the system bootable if multiple disks are configured, as this may take longer than expected.
- Preserve the nomodesetkernel command-line parameter.- A missing nomodesetparameter has caused display rendering issues when booting the finished Proxmox VE installation on some systems (see this comment for more information).
 
- A missing 
- Ship the recent version 7.20 of memtestx86+, adding support for current CPU Generations (Intel's Arrow Lake and Ryzen 9000 series) as well as preliminary NUMA support.
- Import the extensive documentation for the installer from Proxmox VE
- Improve user-visible error and log messages in the installer.
- Improve documentation for the proxmox-auto-install-assistant.
- Improve error reporting by printing the full error message when the installation fails in proxmox-auto-installer.
- Improve error reporting by printing the full error message when mounting and unmounting the installation file system fails in proxmox-chroot.
- Improve debugging and testing by enumerating the installation environment anew (e.g. when running the command dump-env).
- Improve logging of installation progress.
- Send the correct content-type charset utf-8when fetching answer files from a HTTP server during automated installation.
- Switch the text-based installer rendering backend from termion to crossterm.
Improved management of Proxmox Backup Server machines
- The notification system now supports generic webhook targets.
- The webhook target allows notification events to trigger arbitrary HTTP POST/PUT/GET requests.
- Users can customize HTTP request headers and body using templates.
- In case the HTTP request should include secret values, these values can be stored in a protected configuration file that is only readable by root.
 
- Fix an issue where pbs2to3did not recognize kernels newer than 6.5 (issue 5600).
- Add man page for the node.cfgconfiguration file underproxmox-backup.node.cfg.5.
- ACME: Use the correct base64urldecoder instead ofbase64for EAB (external account bindings).
- Add a new /status/metricsAPI endpoint for retrieving status data of various subsystems.- This allows to implement pull-style metric collection systems.
 
- Fix a regression that prevented update notifications from being sent.
- Fix an issue where ACME account registration on the command line would wait for a custom directory URI without indicating this to the user.
- Avoid an error on systems where /etc/apt/sources.listdoes not exist (issue 5513).
- Return the partition UUID in the REST API call for listing disks, for easier identification.
- Improvements to Secure Boot management.
- With the need to update the revocation database embedded in the shim boot loader, some edge-cases were discovered and improved in the proxmox-secure-bootmetapackage.
- Ship an apt pinning snippet to ensure that Proxmox provided packages are installed, even if Debian temporary ships a higher version.
- Relax the dependency on the grub2version to also allow the previous one, mostly to prevent accidental removal of the meta-package in edge-cases.
 
- With the need to update the revocation database embedded in the shim boot loader, some edge-cases were discovered and improved in the 
- Improvements to Proxmox Offline Mirror.
- Support repositories, that provide a complete GPG keyring instead of a certificate (e.g. Mellanox OFED repository).
- Remove empty directories being left behind after syncing a mirror with removed snapshots to a medium. The large number of empty directories could lead to excessive runtimes on medium sync.
- Fix a typo in the documentation of the command arguments.
 
- Fix a RCE vulnerability in the shim bootloader used for Secure Boot support.
- See PSA-2024-00007-1 for details.
 
- Update the provided r8125-dkmspackage, needed some of the commonly seen Realtek 2.5G NICs, to version 9.013.02-1.
- Improvements to ifupdown2:- Skip calling files left behind by dpkg(e.g..dpkg-old,.dpkg-new) in the pre- and post-up directories, as this can cause outages when switching fromifupdown(issue 5197).
 
- Skip calling files left behind by 
Notable bugfixes and general improvements
- Since the release of Proxmox Backup Server 3.2, the Proxmox team has begun tracking explicit security issues publicly in our forum.
- Following the posts there is highly recommended.
 
Known Issues & Breaking Changes
None
Proxmox Backup Server 3.2
Released 25. April 2024
- Based on Debian Bookworm (12.5)
- Latest 6.8 Kernel as new stable default
- ZFS 2.2.3
Highlights
- New flexible notification system.
- Send notifications not only via the local Postfix MTA, but also via authenticated SMTP or to Gotify instances.
- Flexible notification routing with matcher-based rules to decide which targets receive notifications about which events.
 
- Support for automated and unattended installation of Proxmox Backup Server.
- Proxmox Backup Server now ships a tool that prepares a Proxmox Backup Server ISO for automated installation.
- The prepared ISO retrieves all required settings for automated installation from an answer file.
- The answer file can be provided directly in the ISO, on an additional disk such as a USB flash drive, or over the network.
 
- Ability to exclude particular backup groups from sync and tape backup jobs.
- Group filters already supported including particular backup groups, and now additionally support excluding particular backup groups.
- This allows more flexibility when defining which backup groups should be synchronized from a remote Proxmox Backup Server or written to tapes.
 
- Overview of prune and garbage collection jobs of all datastores.
- A new tab in the datastore summary panel shows defined prune and garbage collection jobs of all datastores.
- This allows to quickly assess whether all datastores are correctly set up to regularly run important maintenance tasks.
 
- Support for Active Directory authentication realms.
- The new Active Directory realm type synchronizes users and groups from a remote Active Directory server.
- This makes it easier to integrate with existing Enterprise infrastructure.
 
Changelog Overview
Enhancements in the web interface (GUI)
- Allow managing VLAN network interfaces in the GUI.
- A new "Prune & GC Jobs" tab in the datastore summary panel shows an overview of prune and garbage collection jobs of all datastores (issue 3217).
- The garbage collection job status view now displays the amount of removed, as well as, pending data.
- Allow usernames shorter than 4 characters, as they are already allowed by the backend (issue 4819).
- The datastore summary now handles missing usage information gracefully and avoids logging errors to the console.
- Fix an issue where the node summary page would not display the version of a running foreign kernel (issue 5117).
- Fix an issue where individual entries of the DNS configuration for the system (searchdomain and DNS Servers) could not be deleted via the GUI.
- Fix an issue where creating a new InfluxDB metric server entry would fail if one already exists.
- The context menu of backup snapshots and groups now allows to copy the snapshot or group name to the clipboard (issue 5188).
- Disallow setting an empty schedule for a prune job.
- Various fixes to the sync job overview.
- Fix issues where some edit windows would send API parameters that were not accepted by the backend.
- Fix an issue where the settings window would fail to reset the layout.
- Fix an issue where the GUI used an incorrect language code for Korean, and provide a clean transition for users who still have a cookie with the incorrect language code set.
- Fix xterm.js not loading in certain OS+Browser constellations, for example iOS (issue 5063).
- Fix an issue where the date picker would choose the wrong date after changing to a different month.
- Clarify the confirmation prompt for removing a certificate without a name.
- Fix an issue where edit windows would not be correctly masked while loading.
- Display the end-of-life message as a notice up until three weeks before the end-of-life date, and display it as a warning from that point on.
- Move the "Reset" button for edit windows to an icon-only button in the title bar (issue 5277).
- This reduces the risk of misclicking and accidentally resetting form data.
 
- The TFA input field now sets an autocompletion hint for improved compatibility with password managers (issue 5251).
- Improved translations, among others:
- French
- German
- Italian
- Japanese
- Korean
- Simplified Chinese
- Spanish
- Traditional Chinese
- Ukrainian
 
General backend improvements
- Add a command to proxmox-backup-managerto list the garbage collection job status for all datastores (issue 4723).- A similar command already exists for prune and verify jobs.
 
- Avoid a race condition when logging in with TFA.
- Improve efficiency of the routine that checks whether a block device is a partition.
- Check transitions from/to maintenance modes more strictly for validity.
- For instance, leaving maintenance mode "delete" should not be allowed, as the datastore may be in an undefined state.
 
- Group filters for sync jobs and tape backup jobs can now exclude particular backup groups (issue 4315).
- This allows more flexibility when defining which backup groups should be synchronized or written to tapes.
- All include filters are processed first, and exclude filters are processed afterwards.
 
- Improve error reporting when reading the backup group owner fails.
- When uploading a custom certificate, the private key is now optional and defaults to the existing key, similarly to the behavior of Proxmox VE.
- The backend now sends a Connection: upgradeheader when upgrading to HTTP/2 (issue 5217).- This further improves compatibility with reverse proxies that strictly adhere to RFC 7230, after a fix for issue 4779 shipped with Proxmox Backup Server 3.1 did not fully resolve the issue.
 
- Add summaries to sync job task logs:
- Print the number and total size of synchronized chunks, as well as the average transfer rate (issue 5285).
- Print the number of snapshots and groups that are removed because "remove vanished" is enabled.
 
- Avoid keeping a reference to datastore files when enabling the offlinemaintenance mode.
- When creating a datastore, allow reusing an existing directory if it is empty and not a mountpoint.
- Add an option to prune a group asynchronously in a worker task.
- Fix an issue where the total size of a storage would be calculated incorrectly in some edge cases.
- Datastores can now be configured with a notification-modefor a smooth migration to the new notification system.- The notification mode determines how notifications for prune, garbage collection, verification and remote/local sync jobs will be sent.
- The legacy-sendmailmode replicates the previous behavior of sending an email via the local Postfix MTA to a configured user's email address. This is the default for any existing datastores.
- The notification-systemmode sends notifications exclusively using the new notification system. This is the default for new datastores created via the web UI.
 
Client improvements
- The new vma-to-pbstool allows importing Proxmox Virtual Machine Archives (VMA) into Proxmox Backup Server.- For backup targets other than Proxmox Backup Server, Proxmox VE creates VM backups in VMA format.
- With the new tool, these .vmafiles can be imported into Proxmox Backup Server, where they are made available as regular backup snapshots.
- For more information, see Import VMA Backups into Proxmox Backup Server.
 
- Add the delete-groupsflag to the namespace deletion command, as it was previously missing.
- Backup creation can now optionally ignore metadata of files for which reading xattrs fails with an E2BIG(issue 4975).- Some filesystems, for example ZFS, support xattrs larger than 64 KB. However, such large xattrs are not supported by the Linux kernel, and reading them fails with error E2BIG.
- Backup creation can now optionally ignore E2BIGerrors.
- This will still back up files with overly large xattrs, but skip their metadata.
 
- Some filesystems, for example ZFS, support xattrs larger than 64 KB. However, such large xattrs are not supported by the Linux kernel, and reading them fails with error 
- Fix an issue where the connection to a Proxmox Backup Server presenting a certificate signed by a CA not trusted by the client's host would fail, even if a fingerprint is provided (issue 5248).
- Switch to modern ntfs3gdriver for the live-restore image, since it supports more features found in the filesystems of current Windows guests (issue 5259).
Tape backup
- Add a button to the GUI that removes media from the inventory without destroying the data.
- Remove the hard limit on the number of tapes in a media set (issue 5229).
- The limit was not properly enforced and, if exceeded, blocked access to most functions via API, CLI and GUI.
- Instead of a partially enforced hard limit, log a task warning if the media set has more than 20 media.
 
- Work around an issue with some changers that send incomplete responses when querying the element status.
- Add an option that, when enabled, instructs the changer to eject a tape before unloading it (issue 4904).
- This is required by some tape libraries that do not follow the standards correctly.
- The new option is named eject-before-unloadand can be set manually via API or CLI.
 
- Increase the tape transfer timeout from 30 seconds to 3 minutes, since most changers take about a minute to complete a slot change.
- Fix an issue where the encryption key of the tape-drive was unloaded too eagerly.
- Before proxmox-backup-serverversion3.1.4-1the additional tape-specific encryption was disabled.
- We recommend using the native software-defined client-side encryption for the best security.
 
- Before 
- Improve handling of duplicate media label texts:
- Operations that identify the tape by its label text now throw an error if duplicate label texts are detected.
- In addition to the label text, tape operations can now optionally identify a tape by its (unique) UUID.
- Writing a label text now throws an error if the label already exists in the inventory.
- The tape inventory GUI now uses the UUID to identify tapes instead of the label text, as it is not necessarily unique.
 
- Improve error output when reading the element status fails.
- Improve formatting of LTO9 (or higher) tapes:
- Avoid full re-initialization when doing a fast erase, as it can take up to two hours.
- When doing a slow erase, increase the timeout to two hours and warn that the operation can take a long time.
 
- Improvements to the LTO barcode generator:
- Add LTO-9 tape type and make it the new default.
- Add WORM tape types.
- Only enable the "Add" button if fields are valid.
 
- The API now forbids creating a drive config with the same name as an existing changer, and vice-versa, to prevent confusing situations.
- Tape backups and restore can now be configured with a notification-modefor a smooth migration to the new notification system.- The legacy-sendmailmode replicates the previous behavior of sending an email via the local Postfix MTA to a configured user's email address
- The notification-systemmode sends notifications exclusively using the new notification system.
 
- The 
Access control
- Add support for Active Directory authentication realms.
- This new realm type retrieves users and groups from an external Active Directory Server.
- Active Directory realms are already supported by Proxmox VE, and are now supported by Proxmox Backup Server as well.
 
- Fix an issue where the OpenID Connect realm would wrongly reject valid ACR values (issue 5190).
- Require non-root users to enter their current password on password change.
- This is to hedge against a scenario where an attacker has local or even physical access to a computer where a user is logged in.
 
Installation ISO
- Support for automated and unattended installation of Proxmox Backup Server.
- Introduce the proxmox-auto-install-assistanttool that prepares an ISO for automated installation.
- The automated installation ISO reads all required settings from an answer file in TOML format.
- One option to provide the answer file is to directly add it to the ISO. Alternatively, the installer can retrieve it from a specifically-labeled partition or via HTTPS from a specific URL.
- If the answer file is retrieved via HTTPS, URL and fingerprint can be directly added to the ISO, or obtained via DHCP or DNS.
- See the wiki page on Automated Installation for more details.
 
- Introduce the 
Improved management of Proxmox Backup Server machines
- New flexible notification system.
- Allows sending notifications to different targets. The local Postfix MTA, previously the sole notification option, is now one of several target types available.
- Two new target types include: smtpallowing direct notification emails via authenticated SMTP, andgotify, which sends notifications to a Gotify instance.
- Flexible notification routing is possible through matcher-based rules that determine which targets receive notifications for specific events.
- Match rules can select events based on their severity, time of occurrence, or event-specific metadata fields (such as the event type, datatore, job-id, media-pool).
- Multiple rules can be combined to implement more complex routing scenarios.
 
- Add the gdiskpackage to the dependencies, assgdiskis needed to initialize disks.
- Remove whitespace when adding a subscription key, to avoid failing subscription checks due to superfluous whitespace.
- Support for adding custom ACME enabled CA's with optional authentication through External Account Binding (EAB), on the commandline (issue 4497).
- Improved system report to provide a better status overview:
- Add configured prune jobs.
 
- Improvements to Proxmox Offline Mirror:
- Improve UX in promxox-offline-mirror-helper, when having multiple subscription keys available at the chosen mountpoint.
- Add dark mode to the documentation.
- Fix a wrong configuration setting for allowing weak RSA cryptographic parameters.
- Improve path handling with command line arguments.
- Support repositories that do not provide a Priorityfield (issue 5249).
 
- Improve UX in 
Known Issues & Breaking Changes
Kernel 6.8
The Proxmox Backup Server 3.2 releases will install and use the 6.8 Linux kernel by default, a major kernel change can have a few, hardware specific, side effects.
You can avoid installing the 6.8 kernel by pinning the proxmox-default-kernel package version before the upgrade. The last version to depend on kernel 6.5 is 1.0.1.
To pin the package to that version, create a file in /etc/apt/preferences.d/proxmox-default-kernel with the following content. This will keep proxmox-default-kernel on the old version until that file is deleted, and a new upgrade is initiated:
Package: proxmox-default-kernel Pin: version 1.0.1 Pin-Priority: 1000
Kernel: Change in Network Interface Names
Upgrading kernels always carries the risk of network interface names changing, which can lead to invalid network configurations after a reboot. In this case, you must either update the network configuration to reflect the name changes, or pin the network interface to its name beforehand.
See the reference documentation on how to pin the interface names based on MAC Addresses.
Currently, the following models are known to be affected at higher rates:
- Models using i40e. Their names can get an additional port suffix likep0added.
Proxmox Backup Server 3.1
Released 30. November 2023
- Based on Debian Bookworm (12.2)
- Latest 6.5 Kernel as stable default
- ZFS 2.2.0 with all important patches from the upcoming 2.2.2 release.
Highlights
- Secure Boot support.
- Proxmox Backup Server now includes a signed shim bootloader trusted by most hardware's UEFI implementations. All necessary components of the boot chain are available in variants signed by Proxmox.
 
- Local sync jobs for efficiently copying backup snapshots between local datastores.
- This is particularly useful for complex setups involving tiered datastores, for example, where a smaller, faster datastore is used for incoming backups, and a slower one for long-term archival.
 
- Automatically upgrade HTTP connections to HTTPS.
- Seamless upgrade from Proxmox Backup Server 2.4, see Upgrade from 2 to 3, which includes the addition of a pbs2to3helper tool in the old stable release.
Changelog Overview
Enhancements in the web interface (GUI)
- Improvements to the node summary panel:
- The summary now indicates whether the node was booted in legacy (BIOS) mode, EFI mode, or EFI mode with Secure Boot enabled.
- The currently running kernel is now reported more compactly by indicating only the version and the build date.
 
- A new button in the datastore can now conveniently display connection information for connecting to that particular datastore from Proxmox Virtual Environment, another Proxmox Backup Server instance, or the backup client.
- If no comment is set for a backup group, the web GUI now displays the note of the last snapshot instead (issue 4260).
- Support wiping disks in the Storage/Disks menu, providing parity with the functionality in Proxmox VE (issue 3690).
- Allow removing systemd mount units of unused mounted directories via GUI and CLI.
- This enables users to unmount the directory of a removed datastore, so that they can wipe and reuse the disk.
 
- Right-clicking on a backup group or snapshot now opens a context menu for easier access to relevant actions.
- Automatically redirect HTTP requests to HTTPS for convenience.
- This avoids "Connection reset" browser errors that can be confusing, especially after setting up Proxmox Backup Server the first time.
 
- The ZFS creation window does not show a reset button anymore, as this button does not make sense for creation windows.
- Update external links to proxmox.com that changed during the website redesign.
- Improved translations, among others:
- Croatian (NEW!)
- Georgian (NEW!)
- Arabic
- Catalan
- German
- Italian
- Polish
- Simplified Chinese
- Spanish
- Traditional Chinese
- Ukrainian
- Several remaining occurrences of the GiBunit in the GUI can now be translated (issue 4551).
 
General backend improvements
- Support for local sync jobs that pull contents of a local datastore to another local datastore.
- Previously, sync jobs could only pull datastores from remote Proxmox Backup Server instances over the network.
- Now, sync jobs can alternatively pull contents from a local datastore.
 
- Creating a datastore with prune options now creates a corresponding prune job (issue 4374).
- Previously, the prune options given on datastore creation were ignored.
 
- The backup task log now contains the IP address of the client initiating the backup, in order to simplify troubleshooting (issue 3777).
- Fix an issue where garbage collection would fail with an error if a snapshot is deleted while the job is running. This situation is now handled gracefully without an error (issue 4823).
- Fix an issue where scheduled garbage collection would not run if the task log of the previous garbage collection was missing, for example due to a host crash or power loss (issue 4895).
- With the Proxmox repositories having support for fetching them directly the changelogs for new package versions shown in the UI are now all gathered with apt changelog.
- Improve checks when setting up an offline subscription key.
- Mails sent by Proxmox Backup Server now contain an Auto-Submittedheader to avoid triggering automated replies (issue 4162).
- Improve clarity of API parameter verification errors by showing a list of errors if there is more than one error.
- Improve the proxmox-backup-debugtool output by including the chunk size and compression state of chunks.
Client improvements
- Send HTTP Connectionheader when upgrading to HTTP 2, as mandated by the HTTP Semantics RFC 9910 (issue 4779).- This improves compatibility with reverse proxies that strictly adhere to the RFC.
 
- If a task started via the CLI fails, the CLI tool now also exits with a non-zero exit code indicating failure (issue 4343).
- This simplifies using the CLI tools in scripts.
- In case the task succeeds with warnings, the tool exits with exit code zero indicating success.
 
- When making an API call via the client that is not expected to return any data, avoid printing an error "api returned no data".
- Avoid potentially confusing output when successfully forgetting (deleting) a backup snapshot via the CLI (issue 4971).
- Allow to configure whether restore should overwrite existing symlinks or hard links (issue 4761).
- Fix an issue where the backup client would still try to access files even though they were excluded from the backup. If this access failed due to insufficient permissions, the backup would be aborted (issue 4380).
- Add an option to ignore errors that occur during the extraction of device nodes.
- Improvements to logging:
- Log a warning during backup if the previous manifest contains no index for the requested archive, and clarify the wording of log messages in that case. Previously, an error was logged even though the backup succeeded (issue 4591).
- Improve readability of log messages during encrypted backup.
 
- Fix rare alignment issue during pxar archive extraction that occasionally caused files with many irregular zero-blocks to be larger after extracted.
- File Restore: the minimal Linux VM image used by proxmox-file-restorewas updated to use kernel 6.5 and ZFS 2.2.
Tape backup
- Improve LTO 9 tape support by recognizing LTO 9 tape density codes.
- Improve compatibility with tape libraries that do not support the DVCID bit for querying vendor/model of connected drives (e.g. Qualstar).
- Previously, querying the tape library status without DVCID support would fail with an error.
- Now, this case is handled more gracefully by ignoring missing DVCID support and making the missing vendor/model information optional.
 
- The web GUI now marks media sets as incomplete if the expected number of tapes does not match the actual number of tapes.
- Improvements to tape restore via GUI:
- Fix an issue where selecting a target namespace for one datastore would cause datastores without a target namespace to be skipped.
- Fix an issue where tape restore would skip everything if source and target datastores are named differently (issue 4977).
 
Access control
- Improvements to Two-Factor Authentication (TFA):
- Unlocking a user now also resets the TFA failure count.
- Parsing of the TOTP algorithm is now case-insensitive to improve compatibility with manually edited TFA configurations.
 
- The LDAP connection check now searches only the base of the base DN instead of the whole subtree.
- This fixes an issue where the connection check fails due to size limitations imposed by the LDAP server.
 
Installation ISO
- The ISO is able to run on Secure Boot enabled machines.
- The text-based UI got significant improvement based on the feedback received from the first release in Proxmox VE 8.0 and Proxmox Backup Server 3.0.
- The current link-state of each network interface is now displayed in the network configuration view, helping in identifying the correct NIC for the management interface (issue 4869).
- If provided by the DHCP server, the hostname field is already filled out with the information from the lease.
- The correct meta-package of grubis now installed based on the boot mode (grub-pcorgrub-efi-amd64). This ensures that the bootloader on disk gets updated when there is an upgrade for thegrubpackage.
- The text-based UI is now also available over a serial console, for headless systems with a serial port.
- /var/lib/vzbacking the- localstorage is now created as separate dataset for installations on ZFS (issue 1410).
- The root dataset on ZFS installations now uses acltype=posixaclin line with upstream's recommendation.
- Kernel parameters passed on the command line during install are now also set in the target system (issue 4747).
- Fix the warning that is shown in case the address family (IPv4, IPv6) of the host IP and DNS server do not match.
- The text-based UI now sets the correct disk-size for the selected disk, instead of limiting the installation to the size of the first disk in the list (issue 4856).
- For better UX, the text-based UI now also displays a count-down before automatically rebooting.
- The screensaver in the graphical installer is now disabled.
- The graphical installer now displays the units used for disk-based options.
- The kernel command line parameter vga788is now set for both the graphical debug and all text-based UI installation options. This improves compatibility of the installer with certain hardware combinations.
- The installer now installs zstd, to enable its use forinitramfscompression.
Improved management of Proxmox Backup Server machines
- Secure Boot support.
- Proxmox Backup Server now ships a shim bootloader signed by a CA trusted by most hardware's UEFI implementation. In addition, it ships variants of the GRUB bootloader, MOK utilities and kernel images signed by Proxmox and trusted by the shim bootloader.
- New installation will support Secure Boot out of the box if it is enabled.
- Existing installations can be adapted to Secure Boot by installing optional packages, and possibly reformatting and re-initializing the ESP(s), without the need for a complete reinstallation. See the reference documentation.
- How to use custom secure boot keys has been documented in the Secure Boot Setup wiki. For using DKMS modules with secure boot, see the reference documentation.
 
- The kernel shipped by Proxmox is shared for all products. This is now reflected in the renaming from pve-kernelandpve-headerstoproxmox-kernelandproxmox-headersrespectively in all relevant packages.
- The new proxmox-default-kernelandproxmox-default-headersmeta-packages will depend on the currently recommended kernel-series.
- Many edge-cases encountered during the upgrade from Proxmox Backup Server 2 to 3 by our user-base are now detected and warned about in the improved pbs2to3checks:- Fix an issue where pbs2to3would incorrectly detect the boot mode as legacy boot even if EFI mode was used.
- Warn if DKMS modules are detected, as many of them do not upgrade smoothly to the newer kernel versions in PBS 3.
- Warn if the PBS 3 system does not have the correct meta-package of grubinstalled ensures to actually upgrade the installed bootloader to the newest version.
 
- Fix an issue where 
- Improve system report formatting and level of detail simplify troubleshooting for enterprise support via the Customer Portal.
Known Issues & Breaking Changes
Kernel
- Some users with Intel Wi-Fi cards, like the AX201 model, reported that initialization of the card failed with Linux kernel 6.5.
- This is still being investigated. You should avoid booting into the new kernel if you have no physical access to your server and an Intel Wi-Fi device is used as its only connection. See the documentation for how to pin a kernel version.
 
- Some SAS2008 controllers need a workaround to get detected since kernel 6.2, see the forum thread for details.
Proxmox Backup Server 3.0
Released 28. June 2023
- Based on Debian Bookworm (12.0)
- Latest 6.2 Kernel as stable default
- ZFS 2.1.12
Highlights
- New major release based on the great Debian Bookworm.
- Seamless upgrade from Proxmox Backup Server 2.4, see Upgrade from 2 to 3
- Increase the flexibility of sync-jobs with the new transfer-lastoption.
- Add new text-based UI mode for the installation ISO, written in Rust using the Cursive TUI (Text User Interface) library.
Changelog Overview
Enhancements in the web interface (GUI)
- Improved Dark color theme:
- The Dark color theme, introduced in Proxmox Backup Server 2.4, received a lot of positive feedback from our community, which resulted in further improvements.
 
- Tape backup and restore tasks are now included in the task summary.
- When labeling a tape in a changer, the default value cannot be overridden in the GUI anymore:
- Proxmox Backup Server relies on the label being identical to the barcode, so it is not advisable to change the label. If having a different label is required, then it is still possible to override this via the CLI.
 
- Fixed an issue where the GUI would not immediately refresh the subscription information after uploading a subscription key.
- Improved translations, among others:
- Ukrainian (NEW)
- Japanese
- Simplified Chinese
- Traditional Chinese
- The size units (Bytes, KB, MiB,...) are now passed through the translation framework as well, allowing localized variants (e.g., for French).
- The language selection is now localized and displayed in the currently selected language
 
General backend improvements
- Chunk store now handles specific edge cases during insertion more gracefully.
- Updated the kernel of the image that proxmox-backup-restore-imageuses to 6.2.16 and ZFS 2.1.12.- This can be particularly useful when trying to restore from guests that used newer features of a filesystem that are only supported by newer kernel versions, for example with Btrfs or ZFS volumes.
 
- In HTTP error responses, mention the requested path instead of the filesystem path, to avoid triggering automated security scanners.
- When authenticating via PAM, pass the PAM_RHOSTitem. With this, it is possible to manually configure PAM such that certain users (for example root@pam) can only log in from certain hosts.
Client improvements
- Increase the flexibility of sync-jobs with the new transfer-lastoption:- Specifying this parameter will only transfer the newest nbackups, instead of all backups.
 
- Specifying this parameter will only transfer the newest 
- Improved log output for sync jobs: In order to improve readability, the log now contains one opening line for every backup group.
- proxmox-backup-manager user tfanow supports- listand- deletecommands (issue #4734).- These can be used to list all currently configured TFA tokens as well as delete them.
 
- proxmox-file-restorenow honors the environment variable- PBS_QEMU_DEBUG.
- Fix an issue where running the statuscommand would fail with a traceback (issue #4638).
- Improved error handling when zipping a directory fails, by exiting early if a fatal error occurs.
Tape backup
- Improved reading attributes from tapes that use medium auxiliary memory (MAM).
- Show a list of required tapes when restoring a single snapshot, like it has been the case for full restores already.
- Added a fallback mode for tapes only supporting the 6 byte variant of the MODE SENSEorSELECTcommands. This improves compatibility with some tape drives and libraries, for example the StarWind VTL.
- When restoring backups, instead of aborting when a tape is missing in the changer, the task now waits for the correct tape to be inserted (issue #4719).
- Fixed an issue with media-sets that have multiple datastores, where trying to restore a single datastore via the GUI would inadvertently restore all datastores.
Access control
- Add TFA/TOTP lockout to protect against an attacker who has obtained the user password and attempts to guess the second factor:
- If TFA fails too many times in a row, this user account is locked out of TFA for an hour. If TOTP fails too many times in a row, TOTP is disabled for the user account. Using a recovery key will unlock a user account.
 
- The configuration for LDAP realms is now actively tested by attempting to connect before adding such a realm to the configuration.
- Surround user filter expressions with parentheses if they are not already present, similarly to Proxmox VE.
- Remove support for unauthenticated LDAP binds (where no password is given), which are not supported in Proxmox VE either.
Installation ISO
- Add new text-based UI mode for the installation ISO, written in Rust using the Cursive TUI (Text User Interface) library:
- You can use the new TUI mode to work around issues with launching the GTK based graphical installer, sometimes observed on both very new and rather old hardware.
- The new text mode executes the same code for the actual installation as the existing graphical mode.
 
- The version of BusyBox shipped with the ISO was updated to version 1.36.1.
- Detection of unreasonable system time.
- If the system time is older than the time the installer was created, the system notifies the user with a warning.
- ethtoolis now shipped with the ISO and installed on all systems.
- systemd-bootis provided by its own package instead of- systemdin Debian Bookworm and is installed with the new ISO.
Notable bug fixes
- Fixed an issue where certain prune job tasks did not show up in the task summary.
- Fixed an issue where garbage collection would incorrectly show warnings when namespaces were used by a datastore (issue #4357).
- Fixed a bug that prevented entering netmasks for networks with CIDR prefix length smaller than /8 in the network interface configuration (issue #4722).
- Restoring files from a ZFS snapshot directory now works with proxmox-file-restore(issue #4477).
Known Issues & Breaking Changes
- User accounts will now be locked after too many attempts to authenticate with a second factor. This is intended to protect against an attacker who has obtained the user password and attempts to guess the second factor. Unlocking requires either a successful login with a recovery key or a manual unlock by an administrator.
- Systems booting via UEFI from a ZFS on root setup should install the systemd-bootpackage after the upgrade.- The systemd-bootwas split out from thesystemdpackage for Debian Bookworm based releases. It won't get installed automatically upon upgrade from Proxmox VE 7.4 as it can cause trouble on systems not booting from UEFI with ZFS on root setup by the Proxmox VE installer.
- Systems which have ZFS on root and boot in UEFI mode will need to manually install it if they need to initialize a new ESP (see the output of proxmox-boot-tool statusand the relevant documentation).
- Note that the system remains bootable even without the package installed (the boot-loader that was copied to the ESPs during intialization remains untouched), so you can also install it after the upgrade was finished.
- It is not recommended installing systemd-booton systems which don't need it, as it would replacegrubas bootloader in itspostinstscript.
 
- The 
Proxmox Backup Server 2.4
Released 29. March 2023
- Based on Debian Bullseye (11.6)
- Latest 5.15.102 Kernel as stable default
- Newer 6.2.6 kernel as opt-in
- ZFS 2.1.9
Highlights
- Proxmox Backup Server now provides a dark theme for the web interface & the documentation.
- Add LDAP as a new user authentication realm.
- Add initial support for WORM (write once, read many) tapes.
Changelog Overview
Enhancements in the web interface (GUI)
- Add a fully-integrated "Proxmox Dark" theme variant of the long-time Crisp light theme.
- By default, the prefers-color-schememedia query from the Browser/OS will be used to decide the default color scheme.
- Users can override the theme via a newly added Color Thememenu in the user menu.
- Task logs can now be downloaded directly as text files for further inspection.
- The Add Userdialog has now arealmfield, making it possible to add users to an LDAP or OpenID Connect realm manually.
- Improve the UI for verification jobs, showing the namespaceandmax-depthcolumns and allowing one to edit those fields in the edit job window (#4448).
- While the API supported limiting a verification job to a specific namespace or depth since 2.2, such settings weren't editable nor visible in the web interface.
- The 'Services' panel of the 'Administration' section now marks optional services that are not installed as not installedinstead of marking them asdead.
- In order to make it more obvious how to disable scheduled Garbage Collection (GC), the 'GC Schedule' window now shows an Xbutton that resets the schedule tonone.
- For prune jobs, rename 'Store' to 'Datastore' for consistency reasons.
- Fixed the default value for pruning mail notification settings in the datastore options.
- Fixed rendering the 'Enabled' column for the 'Metric Server' view.
- Improved translations, among others:
- Arabic
- French
- German
- Italian
- Japanese
- Russian
- Slovenian
- Simplified Chinese
- Traditional Chinese
 
General Backend Improvements
- Add LDAP realm authentication and user synchronization
- This allows user authentication against an external LDAP server. In order to be able to log in, users in LDAP realms must be added manually. Alternatively, users can be synced automatically from the LDAP server.
Client Improvements
- Suppress harmless but confusing "storing login ticket failed" errors when backing up to Proxmox Backup Server.
- The proxmox-backup-managerCLI tool can now be used to trigger an existing prune, verification, or sync job manually.
- The output of the proxmox-backup-debug diff archivecommand was improved.
- The command now shows file attributes, highlights changes and has colored output.
- Provide higher runtime control for logging in the pxarCLI tool (#4578).
- Users can now decide themselves which messages, log sources or log levels are interesting for a particular use case through the PBS_LOG environment variable.
- Various improvements for error handling and reported messages to improve user experience.
Tape backup
- Add initial support for WORM (write once, read many) tapes
- Skip unassigned tapes when updating the inventory
- Tapes that are assigned to a pool but not yet in a media set belong to the special all-zero media set. Since there will never be a catalog on these tapes, trying to restore a catalog will always fail, so leave them out.
Installation ISO
- the version of BusyBox shipped with the ISO was updated to version 1.36.0.
- The EFI System Partition (ESP) defaults to 1 GiB of size if the root disk partition (hdsize) is bigger than 100 GB.
- UTC can now be selected as timezone during installation.
Documentation
- Expand the documentation for maintenance, focusing specifically on Garbage Collection (GC).
- Link screenshots in the documentation to their image files.
- Implement dark mode that honors the prefers-color-scheme media query automatically.
- Add dark mode support to the API viewer widget.
Notable bug fixes
- Don't interrupt tasks when pressing Ctrl + C when viewing task logs via proxmox-backup-manager task logorproxmox-backup-client task log(#4483).
- proxmox-backup-clientnow prints task logs to stdout instead of stderr (#4387).
- Removal of all associated prune jobs and ACL entries when their data store is deleted (#4256).
- Fixed a bug where snapshots were not listed in a tape media set (#4466).
- Warn if a login ticket could not be stored (e.g. due to $XDG_RUNTIME_DIR not being set, which can happen if invoked via sudo) (#4346).
- Reduce lock contention of the verify-after-complete feature with periodic syncs (#4523).
Known Issues & Breaking Changes
None.
Proxmox Backup Server 2.3
Released 29. November 2022
- Based on Debian Bullseye (11.5)
- Latest 5.15 Kernel as stable default (5.15.74)
- Newer 5.19 Kernel as opt-in
- ZFS 2.1.6
Changelog Overview
- Enhancements in the Web Interface (GUI):
- Datastore permissions: Allow editing the ACL path and query the available namespaces and add them as ACL path to the pre-defined selections for convenience
- Datastore content: Only mask the inner view of the content tree on error, to allow a user to trigger a manual reload using the reload button in the top bar
- Improve navigating the whole Proxmox Backup Server web UI when a user only has limited permissions on a specific (sub-)namespace
- Show block device partition tree on the web UI
- Improve the prune-simulator, among other things allow setting a custom simulation "now" date/time
- Improved certificate view - for example for certificates with many SANs
- Improved translations, among others:
- Arabic
- Dutch
- German
- Italian
- Polish
- Traditional Chinese
- Turkish
 
 
- Add Namespace Aware Prune Jobs
- Expand the single-schedule per datastore to a flexible, namespace aware prune job system
- Allow fine-grained control over when and how deep a specific namespace get pruned
- In addition to above, the manual prune action also became more powerful w.r.t. namespace and prune-depth selection
- Implement email notifications for prune jobs
- Rework the task log outputs for prune job workers
 
- Native Support for Sending Periodic Metrics to InfluxDB
- Support for HTTP(S) and UDP endpoints
- Optionally TLS certificate validation can be disabled for HTTPS endpoints
- Metric data is aligned as good as possible to the stats sent from a Proxmox VE node.
- Metrics include:
- CPU load averages, IOwait
- Memory used/total, Swap used/total
- NIC traffic statistics
- Filesystem usage for datastores
- Blockdevice IOPS and bytes read/written for datastores
 
 
- Support Proxmox Offline Mirroring & Subscription Handling
- Proxmox Offline Mirror: The tool supports subscriptions and repository mirrors for air-gapped systems. Newly added proxmox-offline-mirror utility can now be used to keep Proxmox Backup Server hosts, without access to the public internet up-to-date and running with a valid subscription.
 
- Tape Backup Improvements
- Improve behavior for vanishing snapshots, only log the event but do not fail the tasks
- Make total/throughput reporting use human-readable units on tape restore
- Include used tapes in job notification e-mails
- Optionally try to restore missing catalogs during inventory
 - In a disaster recovery case, in addition to re-inventorizing the labels and media-sets, trying to recover the catalogs from the tape, so that one knows what's actually on them, helps in getting an overview.
 
- General Client Improvements
- Proxmox-backup-client: Added ignore-acls,ignore-xattrs,ignore-ownership,ignore-permissionsandoverwriteparameters to the restore command: If any of theignoreparameters is set the corresponding metadata is not restored - e.g. there is nochowncall ifignore-ownershipis set. Theoverwriteparameter causes the restore to overwrite a file if it is already present instead of failing.
- File-restore: Add 'format' and 'zstd' parameters to 'extract' CLI command.
- Add the diffsub-command toproxmox-backup-debug, allowing one to compare pxar archives for two arbitrary snapshots, outputting a list of added/modified/deleted files.
- Support http proxies through the ALL_PROXYenvironment variable for proxmox-backup-client. Note that using a general tunnel for all traffic, for examplewireguardto shield traffic is preferred.
- Fix an issue with the mountsubcommand, where reading large files could yield corrupt data.
 
- Proxmox-backup-client: Added 
- General Backend Improvements
- New mail-forwarding binary proxmox-mail-forward: It unifies the configuration for sending the system-generated mails to the email address configured forroot@pam, with Proxmox VE.
- Implement sync-leveloption for datastores, allowing one to configure how backup data is synced to disk to match their respective setup and needs.
- Improve error handling when removing status files and locks from jobs that were never executed
- Datastore list and datastore status: Avoid opening datastore and possibly iterating over namespace (for lesser privileged users), but rather use the in-memory ACL tree directly to check if there's access to any namespace below.
- More robust handling of refreshing datastore states periodically and on config change - previously a lock was dropped, causing inconsistencies between long-running backup jobs and garbage collection tasks
- Datastore: Swap dirtying the internal datastore cache every 60s by just using the available config digest to detect any changes accurately when they actually happen, reducing periodic IO.
- Restore-daemon: Make file listing "streaming" for better interactivity on initial response
- API daemon: startup scheduling tasks faster by improving aligning the trigger-time to the minute boundary
- SMART: Add raw field, for compatibility with the Proxmox VE API - it contains the same data asvalue, which for now is kept for backwards compatibility
- SMART: Don't treat certain non-zero exit codes of smartctl as error (if bit 2 of the exit-code is set the returned data is still parseable) - aligns with the implementation in Proxmox VE
- Improve file-system compatibility for various edge cases: For example take the reservation for rootfor EXT4 into consideration
- ACME/Let's Encrypt: Send emails on certificate renewal failure
- Optimize filtered snapshot listing
- Move some blocking parts off to their own (reused) thread to reduce the chance of sometimes blocking the tokioreactor thread handling things like new incoming connections
- Periodically trigger unparking a tokiothread to ensure all newly incoming requests are handled in a timely manner
- The proxmox-backup-manager pullsubcommand now handles a missing namespace parameter by pulling to the root namespace
 
- New mail-forwarding binary 
Known Issues & Notable Changes
- The upgrade will check if the owner of the lock file /etc/proxmox-backup/.datastore.lckisbackup, and if it is not, it will try to correct the owner.
- If the automatic owner correction fails, the update process issues a warning and suggests how to try again manually.
- Note that this should only affect some older 1.x installations that had no need for locks outside the privileged API daemon and might have created the file with rootas owner.
Proxmox Backup Server 2.2
Released 18. May 2022
- Based on Debian Bullseye (11.3)
- Kernel 5.15
- ZFS 2.1.4
Changelog Overview
- Enhancements in the web interface (GUI):
- Add "Group Filter" tab to the "Add" and "Edit" windows of sync and tape-backup jobs
- Allow configuration of the default language used in the web interface
- Add Markdown aware panel for recording structured notes, and support multi-line comments in the node configuration file.
- Hide RRD chart for IO delay, if no `io_ticks` are returned
- Improved translations, among others:
- Arabic
- French
- German
- Japan
- Polish
- Turkish
 
 
- Datastore Backup Namespaces:
- Implement backup namespaces for datastores.
 - Namespaces allow for the reuse of a single chunk store deduplication domain for multiple sources, while avoiding naming conflicts and enabling more fine-grained access control.
 - Add support for syncing a source namespace into any target namespace.
 - With the max-depthsetting, you can control how deep the recursion on finding groups to sync should go.
 - Add support for namespaces in current Proxmox VE 7.2, the following versions form the baseline:
 - pve-manager >= 7.2-4, libpve-storage-perl >= 7.2-4, pve-container >= 4.2-1, qemu-server >= 7.2-3, pve-qemu-kvm >= 6.2.0-7
 
- Maintenance Mode and Active Operations Tracking:
- Implement read-only and offline maintenance modes for a datastore.
 - Track whether each datastore access is a write or read operation, so that Proxmox Backup Server can gracefully enter the respective mode, by allowing conflicting operations that started before the maintenance mode to finish.
- Once enabled, depending on the mode, new reads and/or writes to the datastore are blocked, allowing an administrator to safely execute maintenance tasks, for example, on the underlying storage.
 
- General backend improvements:
- Improve memory footprint
- Improve interaction with the glibc system allocator to dramatically decrease peak and overall RSS memory usage
 - The glibc allocator has a misguided heuristic to detect transient allocations, which will only start to use mmapin allocation sizes above 32 MiB.
- This means that relatively large allocations end up on the heap, where cleanup and returning memory to the OS is harder to do and easier to be blocked by small, long-living allocations at the top (end) of the heap.
- By reducing the threshold for switching from the cached heap to the kernel provided mmap to 128 KiB, we can lower peak RSS usage by a factor of 10, or even 20 in some scenarios.
- See the git commit for more details.
 - Optimize LRU caches
 
- Add streaming interfaces for some API endpoints, such as the task-log list or snapshot list.
- This can remove the need to collect large lists into intermediate memory buffers.
 
- Transform all access to group or snapshot lists to efficient, lazy iterators.
- Improve IO access pattern for some scenarios, like TFA with high user and login count.
- Disable SSL/TLS renegotiation in the API daemon.
- For zpools created via the API, set the `relatime=on` flag by default.
- Allow for the disabling of inode-sorting for chunk iteration.
 - While inode-sorting benefits read performance on block devices with higher latency (for example, spinning disks), it also requires extra work to get the metadata needed for sorting, so it's a trade-off. For setups that have either very slow or very fast metadata IO, the benefits may turn into a net cost.
 - Add dry-run option for the proxmox-backup-clientbackup CLI command.
- Verify: Allow one to enforce verification when manually verifying a datastore or namespace through the web interface
- Improve reload behavior of the proxmox-backup-proxy API daemon
 - Close acceptor for new incoming connections immediately on shutdown to avoid connection resets during the wait for running tasks to finish.
 
- Improve memory footprint
- Improvements on file restore
- Add support for zstd-compressed tar archive download, in addition to the existing zip download option.
 - The tar archive supports more file types (for example, hard links and device nodes), and zstd allows for fast, efficient, and effective compression.
 - Add language encoding flag (EFS) to files when creating a zip archive, if an entry is valid UTF-8.
 - This improves the handling of non-ASCII code point extraction under Windows.
 - Allow up to 25s for the file-restore VM to have scanned all possible filesystems in a backup.
- Improve IO access in the file-restore-for-block-backup VM's internal driver, and start disk initialization in parallel to staring the API listening task.
 - On average the restore-tool should be waiting more compared to the previous 12s "worst" case wait time.
 - Avoid automatically pre-mounting ZFS pools.
 - The upfront time-cost can be too large to pay initially, for example, if there are many subvolumes present. Thus, only mount on demand.
 
Proxmox Backup Server 2.1
Released 23. November 2021
- Based on Debian Bullseye (11.1)
- Kernel 5.13
- ZFS 2.1
Changelog Overview
- Enhancements in the web interface (GUI):
- Add traffic control management panel in the web interface.
- Load and usage graphs now have much higher resolution.
- Display the next media label for a tape backup job.
- Improved translations, among others:
- Arabic
- Basque
- Brazilian Portuguese
- French
- German
- Simplified Chinese
- Traditional Chinese
- Turkish
 
 
- Enhancements in Backup Management
- Support flexible traffic-control bandwidth limits:
 - Implement a token bucket filter (TBF) for limiting incoming (for example, backup) and outgoing (for example, restore) traffic from a set of networks.
- Limits can be configured such that they get applied only during specific time-frames.
 - Support for protected backups, which will not be pruned and cannot be removed manually, without first removing the protected flag.
- Support group-filterfor sync jobs and tape-backup jobs:
 - For such a job, you can specify if you want to process only a specific type (ct,vm,host), a specific group or a regex that matches the group-ID.
- Multiple such filters can be applied per job. They act cumulatively.
 
- Enhance existing OpenID Connect (OIDC) support:
- Add support for configuring an arbitrary username claim.
- Allow setting the requested scopes for user information requests. The default remains the same (profileandemail).
- The prompt behavior is now unset (previously hard-coded to login) and can be configured to the OIDC specification defined variants or an arbitrary extension.
- You can now configure Authentication Context Class Reference (ACR) values to be requested on any authentication request.
 
- Improved Round Robin Database implementation
- Uses a journal to avoid data loss;
- Uses much higher resolution:
- per-day: 1 min (previously 30 min)
- per-month: 30 min (previously 12 hours)
- per-year: 6 h (previously 1 week)
- per-decade: 1 week (previously none)
 
- Stores data for last 10 years;
 
- Backend
- New debugging tool proxmox-backup-debug
- Improved support for various tape drives and changers
 
- New debugging tool 
Proxmox Backup Server 2.0
Released 13. July 2021
- Based on Debian Bullseye (11)
- Kernel 5.11
- ZFS 2.0
Changelog Overview
- Tape Backup:
- Matured from technology preview to the first stable release
- Improve restore flexibility, allowing you to select multiple snapshots for one restore job
- Read chunks sorted by inode on backup, to leverage improved read speed on slow spinning disks with increased sequential access
 
- Backend:
- Support for Single-Sign-On (SSO) with the new OpenID Connect access realm type
- You can integrate external authorization servers, either using existing public services or your own identity and access management solution, for example, Keycloak or LemonLDAP::NG.
 
- ACME/Let's Encrypt integration with stand-alone and DNS Plugins, for easy deployment of trusted certificates
- Improved caching for proxmox-backup-client map
- Single file-restore support for VMs that use ZFS or LVM internally
- Support setting an HTTP proxy for package updates and subscription check requests
 
- Support for Single-Sign-On (SSO) with the new OpenID Connect access realm type
- Enhancements in the web interface (GUI):
- Make dashboard status panel more detailed, showing, among other things, uptime, Kernel version, CPU info and a high level repository status overview.
- New Repository management panel in the Administrationtab shows an in-depth status and a list of all configured repositories.- Basic repository management, for example, activating or deactivating a repository, is also supported.
 
- ACME/Let's Encrypt GUI integration
- Support setting comments on a backup group
- Updated ExtJS JavaScript framework to latest GPL release 7.0
- Improved translations, including:
- Arabic
- French
- German
- Japanese
- Polish
- Turkish
 
 
- Installer:
- Rework the installer environment to use switch_rootinstead ofchroot, when transitioning from initrd to the actual installer.- This improves module and firmware loading, and slightly reduces memory usage during installation.
 
- Automatically detect HiDPI screens, and increase console font and GUI scaling accordingly. This improves UX for workstations with Proxmox VE (for example, for passthrough).
- Improve ISO detection:
- Support ISOs backed by devices using USB Attached SCSI (UAS), which modern USB3 flash drives often do.
- Linearly increase the delay of subsequent scans for a device with an ISO image, bringing the total check time from 20s to 45s. This allows for the detection of very slow devices, while continuing faster in general.
 
- Use zstdcompression for the initrd image and the squashfs images.
- Update to busybox 1.33.1 as the core-utils provider.
 
- Rework the installer environment to use 
Known Issues
- Network: Due to the updated systemd version, and for most upgrades, the newer kernel version (5.4 to 5.11), some network interfaces might change upon reboot:
- Some may change their name. For example, due to newly supported functions, a change from enp33s0f0toenp33s0f0np0could occur.- We observed such changes with high-speed Mellanox models.
 
- Bridge MAC address selection has changed in Debian Bullseye - it is now generated based on the interface name and the machine-id (5)of the system.- Note that by default, Proxmox Backup Server does not uses a Linux Bridge for networking, so most setups are unaffected.
 
 
- Some may change their name. For example, due to newly supported functions, a change from 
Upgrade from 1.1
Proxmox Backup Server 1.1
Released 15. April 2021
- Based on Debian Buster (10.9)
- Kernel 5.4.106
- ZFS 2.0
- Tape Backup (Technology Preview)
- Tape technology has stood the test of time, when it comes to highly reliable, economic and flexible long-term storage of large amounts of data. Key advantages being:
- the inherent offline nature of the stored data - mitigating crypto-locker attacks;
- the portability of the tapes - making them ideal for off-site archiving;
- the existence of WORM (write once read many) tapes - a key requirement for compliance with data integrity regulations in certain environments;
- the low cost per storage unit;
 
- Tape backup jobs back up datastores to a media pool, and multiple datastores can be backed up to the same media pool. Choose to write all snapshots of a datastore or only the latest snapshot per group to the media set.
- Tape restore jobs restore the content of a media set to one or more datastores - this enables operators to restore multiple datastores from a media set, even if the system does not have the free disk space required in a single datastore (potentially multiple 100 TB).
- Flexible retention policies (e.g., always recycle tapes, never recycle tapes, recycle tapes after a particular calendar event).
- New user space tape driver written in Rust.
- Support for tape encryption using the hardware encryption feature of the LTO tape drive.
- Support for tape autoloaders - by rewriting the mtxtool in Rust (nowpmtx), most autoloaders supported by other tape-backup solutions available on Linux will work with Proxmox Backup Server.
- For stand-alone tape drives without an attached changer, users are notified via e-mail about necessary (load/unload) operations.
- The configuration of all necessary components, jobs, and schedules can be carried out comfortably via the web interface.
- The Proxmox LTO Barcode Label Generator, a small web-app, can be used to generate and print barcode labels for the tapes on standard adhesive label sheets. These help to identify the tapes in an autoloader.
 
- Tape technology has stood the test of time, when it comes to highly reliable, economic and flexible long-term storage of large amounts of data. Key advantages being:
- Two-factor authentication (TFA) for the web interface
- The web interface can now be configured to use TFA with one or more of the following implementations:
- Time-base One-Time Password (TOTP), for clients like FreeOTP, Google Authenticator, etc.
- WebAuthn, a general standard for authentication. This is implemented by various security devices, like hardware keys or by the trusted platform modules (TPM) of a computer or smartphone.
- Recovery keys for single use (as backup, should you lose your authenticators).
 
- The activation and configuration of TFA can be done by the users themselves or by an administrator.
- TFA is complemented by the existing, token-based authentication for granting automated access to Proxmox Backup Server resources, for example, when configuring a Proxmox Backup Server storage in a Proxmox VE setup.
 
- The web interface can now be configured to use TFA with one or more of the following implementations:
- HTTP compression via Content-Encoding
- Responses from the Proxmox Backup Server API can get quite large, but in general can be compressed well. By adding support for deflate Content-Encoding, bandwidth is saved and response times are improved, especially over bandwidth constricted links.
 
- Compression of file-level ZIP archive downloads
- Downloading a directory from a file-level backup will now produce a compressed ZIP archive, reducing bandwidth and local space required.
 
- Notable enhancements and bug fixes
- Improved handling of POSIX ACL entries on files.
- Improved hand-over to new process when upgrading the Proxmox Backup Server packages.
- Use the local filesystem to handle synchronization, in order to avoid issues with locking on remote filesystems (CIFS/NFS).
- Changed HTTP timeouts to work more robustly, even over high latency and low bandwidth links, which are not uncommon for remote backup sites.
- Better error-handling during garbage-collection, coping with the case when there's no space left on a datastore filesystem.
- Improved UX when using a GPG master key.
- Verification: Sort chunks by their inode to speed-up access on a storage with slow random-IO, for example, spinning disks.
 
Proxmox Backup Server 1.0
Released 11. November 2020
- Based on Debian Buster (10.6)
- Kernel 5.4 LTS
- ZFS 0.8.4
- Backup & Restore (core functionality):
- Deduplication
 Periodic backups produce large amounts of duplicate data. The deduplication layer avoids redundancy and minimizes the used storage space. Deduplication is performed per datastore.
- Incremental backups
 Changes between backups are typically small. Reading and sending only the delta reduces the storage and network impact of backups.
- Data Integrity
 The built in SHA-256 checksum algorithm ensures the accuracy and consistency of your backups.
- Compression 
 The ultra-fast Zstandard compression is able to compress several gigabytes of data per second.
- Encryption 
 Backups can be encrypted on the client-side using AES-256 in Galois/Counter mode. This authenticated encryption mode provides very high performance on modern hardware.
- Verification 
 Backups on disk can be verified with the stored SHA-256 checksums to protect against corruption and bitrot. This can be scheduled periodically including regular re-verification.
- Remote Sync
 It is possible to efficiently synchronize data from remote sites. Only deltas containing new data are transferred. Optimized and tested for high-latency links.
- Performance
 The whole software stack is written in Rust, to provide high speed and memory efficiency.
- Open Source
 Proxmox Backup Server is free and open-source software. The source code is licensed under GNU AGPL, v3.
- And of course - Backups can be restored comfortably!
 
- Deduplication
- Proxmox VE Integration
- Support for incremental, deduplicated backups of qemu virtual machines (supporting QEMU dirty bitmaps) and containers.
- Simply configurable as a Storage Backend on Proxmox VE
- Granular restore:
- Mapping for QEMU virtual disks to loop back block devices
- File-level restore of container backups
 
- Current backup state is preserved across migrations inside Proxmox VE
 
- Enterprise support
 With the release of version 1.0, support subscriptions for Proxmox Backup Server are available, providing access to the stable Enterprise Repository (recommended for production use) and to technical support from the Proxmox team.
- Web interface
 Manage Proxmox backups with the integrated, web-based user interface.- Start operations from within the views in which they are relevant
- Widgets in the GUI provide useful popups when you hoover over (e.g., individual states in the task summary, on the dashboard)
- Improved and mature user experience in the GUI - many features known from other Proxmox products were ported to the new Rust code-base to provide the same level of comfort during daily work:
- Online reference documentation for the current version, available in the GUI via the Help button
- System console via xterm.js
- System updates and changelogs
- Display of the system's journal
 
 
- Scheduling
- Management and scheduling of maintenance tasks provides all the settings necessary to just configure it once and not have to think about it
- Scheduling based on the flexible systemd-time specification
 
- E-mail notifications for scheduled background tasks (verification, pruning, garbage collection, sync jobs).
- Vastly improved user interface
- Sensible encryption-key handling
- Proxmox Backup Server encryption keys are stored as simple json files, and can be easily stored off-site for disaster recover purposes
- They can also be exported as QR-codes for printing on paper and storing off-line
 
- Flexible Access Control:
- Support for fine-grained ACLs for separate users on different objects (datastores, remotes, system configuration)
- Token based authentication with reduced privileges:
 A user can create tokens with a subset of their privileges, instead of having to store their password on a client
 
Proxmox Backup Server Beta (2nd ISO release)
Released 5. October 2020
- Beta Release
- Update to recent package versions with many fixes and feature additions
- Based on Debian 10.6 Buster
- Updated kernel (5.4) and include latest security fixes
Proxmox Backup Server Beta
Released 10. July 2020
- First public beta release
- Based on Debian Buster (10.4)
- Kernel 5.4 LTS with ZFS 0.8.4