LICENSE MIT
Two recent changes to the AFS/Kerberos landscape have been causing
problems for aklog and related modules. First, the support for multiple
local realms for the cell has broken the pts auto-registration code
when the realm used for the token acquisition does not match the
realm belonging to the selected vldb server. Second, Kerberos referrals
prevents detection of the realm of the vldb server.
This commit adds a new method of searching for the afs service principal.
The first attempt is for afs/<cell>@<CLIENT-REALM>. If found, the
<CLIENT-REALM> is used as the realm of the cell.
The patch adds error handling for KRB5_ERR_HOST_REALM_UNKNOWN which is
returned when krb5_get_host_realm() can't determine the realm.
Duplicate queries are also avoided and copy_realm_of_ticket() is
properly employed.
LICENSE MIT
1. return CM_ERROR_NOSUCHFILE when attempting to remove a symlink or
mount point that does not exist
2. When adding a new symlink or mountpoint, be sure to increment the
number of local mount points
3. When re-initializing the fake root.cell the unique value is always
one, not two. Use cm_FidCmp() to compare fids. The use of the
value two prevented the invalidation of existing values because all
of the directory entries are created with the unique set to one.
LICENSE IPL10
FIXES 17509
because of when fds are NULL'd in file_table this should work except when one process has the same file open for read and for write in different FDs; otherwise, the last write fd to close collects the error.
LICENSE MIT
make krb5_context global. wrap all calls to exit() in a new function,
akexit(), which performs cleanup of the krb5_ccache and the krb5_context.
LICENSE MIT
Windows Error Reports indicate that sometimes the krb5_cc_default()
call must be failing because krb5_cc_principal is being called with
a NULL ccache value. Perform error checking and cleanup that was
not previously implemented.
LICENSE MIT
Adds HKLM\\Software\\OpenAFS\\Client DisableIoctlSMCheck
For use in setting tokens when afsd_service.exe is started without
use of the NT Service Manager. Permits profiling authenticated
operations.
LICENSE MIT
Add CM_CONFIGDEFAULT_CELLS (1024) to cm_config.h and a "Cells" registry
value that can be used to alter the limit at runtime.
No longer tie the number of cells to the number of stat cache objects.
1024 should be more than sufficient.
LICENSE MIT
Protect against invalid data being passed into ParseAcl and
corrupting the stack. This affects both fs.exe and the explorer
shell extension.
Windows Error Reporting in recent weeks has begun to report several
instances of stack corruption in the explorer shell extension from
Denmark and Germany.
LICENSE BSD
this will dump the current dafs vlru state on kill -XCPU (just as we dump other fileserver state)
that state is
VLRU is a garbage collection facility which automatically offlines
volumes in the background. The purpose of this facility is to
proactively offline infrequently used volumes to improve shutdown and
salvage times. The process of offlining a volume from the "attached"
state to the "pre-attached" state is called soft detachment.
VLRU works in a manner similar to a generational garbage collector.
There are five queues on which volumes can reside: new, intermediate,
old, held, and candidate:
held:
queue for volumes which are administratively barred from VLRU activity
candidate:
queue for volumes which have not been accessed recently, and are thus
candidates for soft detachment
new, intermediate, old:
generational queues for active volumes; state transitions controlled by
inactivity timers.
State transition timeouts are as follows:
candidate->new activity present
new->candidate (1*vlruthresh) minutes since last transition; no activity
new->mid (2*vlruthresh) minutes since last transition; activity
present
mid->old (4*vlruthresh) minutes since last transition; activity
present
old->mid (2*vlruthresh) minutes since last transition; no activity
mid->new (1*vlruthresh) minutes since last transition; no activity
LICENSE IPL10
The pts program has a command 'source' to read commands from
a file. In the interactive "shell" mode, this command works,
reading and executing commands until the end of the file and
then returning to the command shell.
This command is valid for use as a command line option, but
does not work. It requires a valid filename as an argument,
but does not process the file, instead just dropping the user
into the interactive mode.
When given as a command line option, pts source SHOULD read
the file, execute the commands and then exit, according to
the documentation. It does not currently do this and should
be fixed.
LICENSE IPL10
keep accurate tabs on whether a volume is "in use" so we don't end up with volume state that's nonsensical.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
LICENSE IPL10
keep accurate tabs on whether a volume is "in use" so we don't end up with volum
e state that's nonsensical.
====================
LICENSE IPL10
keep accurate tabs on whether a volume is "in use" so we don't end up with volum
e state that's nonsensical.
LICENSE MIT
The cm_scache structure has included a reference to the associated cm_volume_t,
volp. By doing so the reference count on the cm_volume_t objects never hits
zero unless all of the cm_scache_t objects in that volume have been reused.
This prevents cm_volume object recycling.
This commit removes the hard reference and instead adds a function
cm_GetVolumeByFID which obtains a reference to the cm_volume that matches
the cm_scache fid value as needed.
A new "Volumes" registry value is added to permit explicit specification
of the number of volume objects to be allocated.
LICENSE IPL10
Update the fileserver documentation for demand-attach and add documentation
of other missing options and notes where some options are only applicable
with particular builds.
LICENSE IPL10
Introduce a new set of macros that can be used to permit either mutex
based protection or Interlocked operation protection increments,
decrements, or additions.
rx_MutexIncrement(object, mutex)
rx_MutexAdd(object, addend, mutex)
rx_MutexDecrement(object, mutex)
rx_MutexAdd1Increment2(object1, addend, object2, mutex)
rx_MutexAdd1Decrement2(object1, addend, object2, mutex)
For Windows these are implemented with the Interlocked operations
for other platforms the existing mutex is relied upon.
Only a subset of the rx_stats parameters have been transitioned at the
current time.
LICENSE IPL10
adapted from marc dionne's patch, but works more directly like the darwin port,
further, i'm guessing iget_locked will go away evewntually. maybe this is
too conservative?
