mirror of
https://git.openafs.org/openafs.git
synced 2025-01-18 06:50:12 +00:00
1d5b255ff6
Import change descriptions for 1.6.20.1, 1.6.20.2, 1.6.21. Change-Id: Ib4f06c7046eb6e1bb0a1ccfb9f6c45191154fe0e Reviewed-on: https://gerrit.openafs.org/12659 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
4395 lines
141 KiB
Plaintext
4395 lines
141 KiB
Plaintext
User-Visible OpenAFS Changes
|
|
|
|
OpenAFS 1.8 (in progress)
|
|
|
|
All Platforms
|
|
|
|
* Substantial code quality improvements, largely spotted by Coverity and
|
|
clang's static analysis.
|
|
- Add new library for platform independent functions (opr).
|
|
- Remove arbitrary path name length limits.
|
|
- Convert to Heimdal's roken library for reliability.
|
|
- Avoid garbage in allocated buffers (calloc).
|
|
- Modernize signal handling in pthreaded server processes (softsig).
|
|
- Improve code comments and additional Doxygen style comments.
|
|
- Reduce compiler warnings, dead code, unused variables, and
|
|
undefined behavior.
|
|
- Fix bugs found by static code analyzer (clang-analyzer).
|
|
- Improved unit test coverage.
|
|
- Make VLDB flag definitions consistent.
|
|
- Improve use of run-time assertions and add static assertions.
|
|
- Add compiler attributes to assist static analyzers.
|
|
- Clean up include headers in the entire tree.
|
|
- Improve command-line handling library (libcmd).
|
|
- Replace hash functions with Jenkin's hash function for faster
|
|
and more evenly distributed lookups.
|
|
- Provide a red-black tree data structure to enable algorithmic speedups.
|
|
- Convert backup and salvage servers to the common logging API (libutil).
|
|
- Improve volume id data type consistency (VolumeId).
|
|
- Import APIs for kerberos-style profile configuration support.
|
|
- Add new APIs to support UserList identities.
|
|
- Add new APIs to support tabular output from command-line utilities.
|
|
|
|
* Improved support for non-DES encryption types:
|
|
- Convert to Heimdal's hcrypto library to support RFC 3961.
|
|
- Add extended key file format replacing rxkad.keytab, and
|
|
new key management APIs.
|
|
- Add support for extended key types to asetkey.
|
|
- Add akeyconvert to assist in upgrading to OpenAFS 1.8.x by converting an
|
|
existing rxkad.keytab file to an extended key file.
|
|
- Do not install the kaserver and related utilities by default to
|
|
discourage the use of these DES-dependent components.
|
|
- Remove obsolete klogin and klogin.krb programs.
|
|
- Add new token APIs to support new rx security classes.
|
|
|
|
* Migrate from LWP to POSIX threads (pthreads):
|
|
- Convert the ptserver and vlserver from LWP to pthreads.
|
|
- Remove LWP version of the file server binary.
|
|
- Convert afsd, aklog, asetkey, klog.krb5, pts, udebug, and vos, from LWP
|
|
to pthreads.
|
|
|
|
* Improvements to Rx:
|
|
- Restructure the Rx API to privatize the implementation.
|
|
- Convert rx events to a red-black tree data structure to improve
|
|
performance.
|
|
- Convert from mutexes to atomic operations for counters to reduce lock
|
|
contention.
|
|
- Provide per-opcode Rx statistics.
|
|
- Add an rx_opaque data type to support non-DES encryption types
|
|
and general code cleanup.
|
|
|
|
* Libraries (both internal and installed) are built using libtool, including
|
|
libuafs. The resulting shared libraries for libafsrpc and libafsauthent
|
|
should be more usable than previously.
|
|
|
|
* Improvements to the build system:
|
|
- Convert to libtool to build shared libraries.
|
|
- Clean up and improve the build system.
|
|
- Support out of tree builds.
|
|
- Add a makefile target to generate Doxygen source code documentation.
|
|
- Link the Java API for OpenAFS with libuafs.a and remove the
|
|
libjuafs.a library.
|
|
- Always build the rxperf tool.
|
|
|
|
* Improvements to documentation:
|
|
- Document the new KeyFileExt file.
|
|
- Reorganized the README files.
|
|
- Improvements and fixes to documentation generation.
|
|
- Add experimental epub and mobi support
|
|
- Remove obsolete LWP information from the file server documentation.
|
|
- Update and reorganize the Quick Start Guide.
|
|
- Update the Admin Guide.
|
|
- Remove AIX, HP-UX, and IRIX information from the Quick Start Guide.
|
|
- Document the vldb and prdb (ubik) file formats.
|
|
- Corrections and clarifications to man pages.
|
|
|
|
* Improvements for troublshooting, debugging, and testing:
|
|
- Log more details on volume-server-to-fileserver communication errors
|
|
when possible.
|
|
- Set thread names in pthreaded servers on platforms which support
|
|
thread names.
|
|
- Add dynroot lock tracking to cmdebug
|
|
- Fix tracking of an fstrace call site in the cache manager background
|
|
process.
|
|
- Add the afsload tool to simulate multiple cache managers for file server
|
|
load testing.
|
|
- Add run-time checks for refcount imbalances in the cache manager.
|
|
|
|
* Developer tool improvements:
|
|
- Improvements and fixes for rxgen (used to generate Rx RPC bindings).
|
|
- Add tool for man page verification of command options.
|
|
- Add tool to find Unix cache manager lock identification numbers.
|
|
- Add an option for pretty build output.
|
|
|
|
* Add a new protection error code (PRNAMETOOLONG) instead of silently
|
|
truncating names which exceed the maximum name length (PR_MAXNAMELEN).
|
|
|
|
* Add an implementation limit (50000) on the number of names/ids which can
|
|
be transmitted by unauthenticated clients to the ptserver, avoiding
|
|
excessive resource consumption from unauthenticated requests.
|
|
|
|
* Add the -config option to vos, pts, and aklog to specify the path to the
|
|
cell configuration files.
|
|
|
|
* Add more details in vos release -verbose output.
|
|
|
|
* Add the cacheout -encrypt option to encrypt communication between the
|
|
cacheout client and the fileserver.
|
|
|
|
* Add the command line options to the afsio program to enable encryption of
|
|
traffic between afsio and the fileserver (-clear, -crypt).
|
|
|
|
* Add the vos release -force-reclone option to force recloning the volume to
|
|
be released without forcing a full volume dump being transmitted to all
|
|
remote sites.
|
|
|
|
* Fix vos to avoid writing loopback addresses into the VLDB in
|
|
certain cases.
|
|
|
|
* Print bos and pts error messages to standard error instead of
|
|
standard out.
|
|
|
|
* Improve formatting of the -help output of all commands.
|
|
|
|
* Change -n to -dryrun in all backup subcommands.
|
|
|
|
* Change the backup deletedump -port command line option to -portoffset.
|
|
|
|
* Add user and build host in the version string returned by
|
|
rxdebug -version.
|
|
|
|
All Server Platforms
|
|
|
|
* Ubik servers using pthreads are now available and are used by default
|
|
|
|
* Remove periodic background fsync by the fileserver (ihandle fsync thread).
|
|
|
|
* Fix potential file handle leak in the file server ihandle caching layer.
|
|
|
|
* Disable the so-called "hot threads" feature in the file server. The hot
|
|
threads feature was intended as an optimization for dispatching incoming
|
|
calls to the current listener thread, but has been reported to incur a
|
|
performance penalty on modern multi-core systems.
|
|
|
|
* Do not permit creation of users with id of ANONYMOUSID.
|
|
|
|
* Add the ptserver -restrict_anonymous option to inhibit exposure of user
|
|
names from the ptserver.
|
|
|
|
* Do not truncate server log files by default when server processes
|
|
are started. The -transarc-logs option provides backward compatibility
|
|
with IBM AFS log handling on server startup. Log messages may be lost
|
|
in back-to- back restarts when a server is running in this mode.
|
|
|
|
* Reopen server logs on SIGUSR1. This may be used by third-party log
|
|
rotation tools, such as logrotate, to reopen the log file handles after
|
|
log files have been renamed.
|
|
|
|
* Fix various bugs when logging with -mrafslogs enabled.
|
|
|
|
* Dynamically reload the kerberos realm to AFS cell mapping (krb.conf) and
|
|
exclusions for mapping kerberos principals to AFS identities (krb.excl)
|
|
configuration when the CellServDB cell configuration file is touched.
|
|
Previously, a restart of the file server was required after updating the
|
|
kerberos mapping configuration files.
|
|
|
|
* Add a command line option (-restricted_query) to the vlserver and
|
|
volserver to restrict information queries about volumes to a specific
|
|
group of users.
|
|
|
|
* Add a command line option to the server programs to specify an alternate
|
|
fully qualified log file name (-logfile).
|
|
|
|
* Add a command line option (-config) to the server programs to specify
|
|
an alternate path to the server configuration.
|
|
|
|
* Add a command line option to the ptserver and vlserver to specify an
|
|
alternate path to the database data files.
|
|
|
|
* Add a command line option to the volume server to enable encryption of
|
|
volume-server-to-volume-server-traffic (-s2scrypt).
|
|
|
|
* Increase the maximum number of LWP threads allowed for the ptserver and
|
|
vlserver from 16 to 64 (-lwp).
|
|
|
|
* Remove an unused file server command line option (-k).
|
|
|
|
* Fix an incorrect assertion in Demand Attach File Server which could cause
|
|
the file server process to abort in certain rare conditions.
|
|
|
|
* Deprecate the -bitmap-later configure option for non-Demand-Attach File
|
|
Servers (DAFS).
|
|
|
|
* Add -vhashsize support to non-Demand-Attach File Servers (DAFS).
|
|
|
|
* Add support for subnet ranges in the NetInfo and NetRestrict
|
|
configuration files.
|
|
|
|
* Add the GetXStats RPC to the audit log.
|
|
|
|
* Fix directory creation by bosserver when built for non-Transarc paths.
|
|
|
|
* Fix incomplete list of server addresses retreived by vos listaddr when the
|
|
vldb contains unreferenced multi-homed server entries.
|
|
|
|
* Remove obsolete bos blockscanner and unblockscanner commands that
|
|
were only needed for the removed MR-AFS functionality.
|
|
|
|
* Remove obsolete bos salvage options that were only used by the
|
|
removed MR-AFS functionality..
|
|
|
|
* Remove calls to the deprecated sbrk() function.
|
|
|
|
* Add an experimental feature to database servers to support ubik reads
|
|
while write transactions are in progress, enabled at build time with the
|
|
--enable-ubik-read-while-write configure option. This feature is not
|
|
considered ready for production usage at this time.
|
|
|
|
All Client Platforms
|
|
|
|
* Add support for relative ACL changes with fs setacl. If a single plus (+)
|
|
or minus (-) character is appended to the rights' letters argument, the
|
|
new rights are computed relatively to the existing ones.
|
|
|
|
* Remove afsd -settime and afsd -nosettime support.
|
|
|
|
* Add the afsd -inumcalc option to specify the method used to calculate
|
|
inode numbers presented by AFS.
|
|
|
|
* Return EIO on internal errors instead of the misleading ENOENT.
|
|
|
|
* Log ICMP errors received, if any, for unreachable servers.
|
|
|
|
* Improve performance of clients with multiple PAGs for different cells.
|
|
|
|
* Fix race condition between changing and using user tokens among cache
|
|
manager threads.
|
|
|
|
* Fix fs sysname for users with UID 2748 and 2750 when not running
|
|
in -rmtsys mode.
|
|
|
|
* Add Perl bindings for the user-space cache manager library (libuafs).
|
|
|
|
* Fixes to the bypasscache feature.
|
|
|
|
* Remove the obsolete Netscape plugin.
|
|
|
|
Linux
|
|
|
|
* Remove Linux 2.2 and 2.4 support.
|
|
|
|
* Changes to avoid EIO errors with multiple processes doing intensive mmap
|
|
writing. (Drop PageReclaim AOP_WRITEPAGE_ACTIVATE.)
|
|
|
|
* Prevent fakestat data inconsistencies in certain cases (131855).
|
|
|
|
* Fix dentry leak which can cause a crash on shutdown.
|
|
|
|
* Improve error reporting when encountering corrupt directories.
|
|
|
|
* Improve rx error handling in the Linux cache manager.
|
|
|
|
* Rename kpasswd to kapasswd when packaging RPMs to avoid colliding with
|
|
Kerberos kpasswd.
|
|
|
|
* Do not use the obsolete --enable-largefile-fileservers configure option
|
|
when packaging RPMs.
|
|
|
|
* Use the RemainAfterExit systemd feature to avoid premature exit
|
|
when -afsdb is not given, for RPM packages.
|
|
|
|
* Remove Debian packaging files from the OpenAFS source tree. Debian
|
|
packaging files are currently maintained in the downstream Debian
|
|
infrastructure.
|
|
|
|
* Add the sparc_linux26 sysname.
|
|
|
|
Solaris
|
|
|
|
* Remove support for all Solaris and SunOS platforms prior to Solaris 8.
|
|
|
|
* Build 64-bit binaries for Solaris x86 by default.
|
|
|
|
MacOS
|
|
|
|
* Stop processing upcalls once rx shutdown starts.
|
|
|
|
* Enable atomics for the darwin kernel.
|
|
|
|
* Add a syscall to enable/disable bulkstat at run-time, which is
|
|
disabled by default.
|
|
|
|
FreeBSD
|
|
|
|
* Use the native kernel module build system instead of an ad hoc
|
|
replacement build system.
|
|
|
|
* Remove FreeBSD packaging files from the OpenAFS source tree. FreeBSD
|
|
packaging files are currently maintained in the downstream FreeBSD Ports
|
|
Collection.
|
|
|
|
* Stay up to date with new FreeBSD releases (through 10.3).
|
|
|
|
NetBSD
|
|
|
|
* Stay up to date with new NetBSD releases (through 7.x)
|
|
|
|
* Update to use cprng(9) as the randomness source on NetBSD 6.99/7.x.
|
|
|
|
* Build system updates for NetBDS 6.99.x
|
|
|
|
OpenBSD
|
|
|
|
* Stay up to date with new OpenBSD releases (through 4.7)
|
|
|
|
AIX
|
|
|
|
* Updates for AIX support.
|
|
|
|
* Fix build system for AIX exports.
|
|
|
|
* Add the uidpag and localuid runtime options to the aklog LAM plugin.
|
|
(These runtime options override the use of UID-based PAGs, which were
|
|
introduced to appease the CDE screensaver.)
|
|
|
|
OpenAFS 1.6.21
|
|
|
|
All platforms
|
|
|
|
* Avoid a possible 100ms transmit delay in the RX protocol when a peer's
|
|
receive window transitions from closed to open (12627)
|
|
|
|
* Documentation improvements (12476 12477 12559[RT #133339])
|
|
|
|
All server platforms
|
|
|
|
* When bosserver is started with an unknown option, print an error message
|
|
and exit with a non-zero value rather than failing silently (12631)
|
|
|
|
All DB server platforms
|
|
|
|
* Hold the DB lock while checking for an aborted write transaction (12516)
|
|
|
|
All file server platforms
|
|
|
|
* On demand attach fileservers, don't save or restore a client's host
|
|
state if CPS ("Current Protection Subdomain") recalculation for it is
|
|
in progress, to avoid fileserver thread exhaustion (12568)
|
|
|
|
* On demand attach fileservers, avoid flooding the log with error messages,
|
|
which could happen when the fileserver was restarted while a volume was
|
|
offline (12569)
|
|
|
|
* Update a volume's "Last Update" time when its content is modified by
|
|
the salvager, to make the change visible in the output of "vos examine"
|
|
and to backup services (12633)
|
|
|
|
All client platforms
|
|
|
|
* Corrected the DCentries bucket counts for very large and zero length
|
|
files in the output of "fs getcacheparms -excessive" (12604 12605)
|
|
|
|
* Fixed a bug that prevented users with GID 2748 and 2750 from executing
|
|
the "fs sysname" command on clients running afsd with -rmtsys (12607)
|
|
|
|
* Provide a new -inumcalc switch for afsd to allow enabling the alternative
|
|
MD5 method of inode number calculation, which was previously only
|
|
possible on Linux and through the sysctl interface (12608 12632)
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.12 and distribution kernels with backports
|
|
from it (12624 12626)
|
|
|
|
* Re-added the improved algorithm for freeing unused vcaches to reduce
|
|
memory consumption first introduced with the 1.6.18 release, together
|
|
with a fix for the issue leading to its removal in 1.6.18.2 (12448..12451)
|
|
|
|
macOS clients
|
|
|
|
* Fixed a crash while stopping the client on macOS 10.12 "Sierra" (12602)
|
|
|
|
|
|
OpenAFS 1.6.20.2
|
|
|
|
All platforms
|
|
|
|
* Build fixes required by recent compilers or platforms (12514 12521 12534
|
|
12536 12538)
|
|
|
|
* Allow the bos server to start successfully in the presence of those, by
|
|
accepting a now checked return value indicating that the client ThisCell
|
|
and CellServDB already exist (12522)
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernels 4.10 and - most likely - 4.11 and
|
|
distribution kernels with backports from them (12530 12588..12590 12598)
|
|
|
|
* Support for distribution kernels with partial backports from 4.9 (12535)
|
|
(RT #134158)
|
|
|
|
* In Red Hat packaging, moved the klog.krb5 manual page into the krb5
|
|
subpackage (12511)
|
|
|
|
* In Red Hat packaging, prevent systemd from double-starting the client
|
|
(12587)
|
|
|
|
* Allow aklog to function on current S390/S390x (12499)
|
|
|
|
Solaris clients
|
|
|
|
* Make process authentication groups work on Solaris 11, now using a single
|
|
group ID (12524..12527)
|
|
|
|
* Fix a BAD TRAP panic on Solaris 11 clients built with Studio 12.5 (12567)
|
|
|
|
macOS clients
|
|
|
|
* Fixed the preference pane for OS X 10.11 and later (12512)
|
|
|
|
OpenAFS 1.6.20.1
|
|
|
|
All platforms
|
|
|
|
* Build fixes required by recent compilers (12482..12484)
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.9 and distribution kernels with
|
|
backports from it (12478..12480)
|
|
|
|
* In Red Hat packaging, make systemd deal correctly with the client
|
|
when no userland processes remain after starting it (12481)
|
|
(RT #133482)
|
|
|
|
macOS
|
|
|
|
* Support for release 10.12 "Sierra" (12431 12432)
|
|
|
|
* Avoid a crash in the Mounts tab of the OpenAFS preference pane (12447)
|
|
|
|
OpenAFS 1.6.20 (Security Release)
|
|
|
|
All platforms
|
|
|
|
* Fix for OPENAFS-SA-2016-003: file and directory names leak due to
|
|
reuse of directory objects without zeroing the contents
|
|
(12461 12462 12463 12464 12465)
|
|
|
|
OpenAFS 1.6.19
|
|
|
|
All platforms
|
|
|
|
* Documentation improvements (12304)
|
|
* Fixes for test failures (12396 12415)
|
|
|
|
All DB server platforms
|
|
|
|
* Avoid potentially writing to an out of date volume location or protection
|
|
database, or losing a database write, which could happen in rare cases
|
|
under special conditions during database leader election
|
|
(12339 12389)
|
|
|
|
Solaris clients
|
|
|
|
* Allow the fsinfo::: DTrace provider to work with AFS files (12371)
|
|
|
|
Linux clients
|
|
|
|
* Don't commit more data to a file than was actually copied during writes,
|
|
which could happen on architectures with a page size > 4 KiB (12413)
|
|
* Fixed build on PPC64 with GCC 6.1 (12388) (RT #133407)
|
|
* Fixed build on x86_64 with recent GCC (12365 12366)
|
|
|
|
|
|
OpenAFS 1.6.18.3
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.7 and distribution kernels with
|
|
backports from it (12348)
|
|
|
|
Solaris clients
|
|
|
|
* Fixed memory mapped I/O on files >= 4 GiB (12349 12350)
|
|
|
|
Note that there is a suspicion that this might break the client
|
|
on very old Solaris releases (2.6). If it does, the breakage should
|
|
occur at build time.
|
|
|
|
OS X
|
|
|
|
* Added tooling to build a package for OS X 10.10 "Yosemite" and
|
|
10.11 "El Capitan" (12335 12351)
|
|
|
|
|
|
OpenAFS 1.6.18.2
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.6 and distribution kernels with
|
|
backports from it (12332)
|
|
|
|
* Switch back to the pre-1.6.18 algorithm for freeing unused vcaches.
|
|
While the new algorithm is still believed to be correct, it turned
|
|
out that at least on some kernels, including 4.5 and 4.6, the dentry
|
|
for the current working directory may be erroneously invalidated.
|
|
This could lead to errors like "Unable to read current working directory"
|
|
when a directory wasn't accessed for a few minutes. (12323)
|
|
|
|
* Use a secure URL to retrieve the CellServDB in the script to create
|
|
the Red Hat source package (12330)
|
|
|
|
FreeBSD
|
|
|
|
* Added sysname IDs for 10.2 and 10.3 to fix the build on those platforms
|
|
(12322)
|
|
|
|
|
|
OpenAFS 1.6.18.1
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.5 and distribution kernels with
|
|
backports from it (12300..12302)
|
|
|
|
|
|
OpenAFS 1.6.18
|
|
|
|
All platforms
|
|
|
|
* Documentation improvements (12224 11675 11613 12197)
|
|
|
|
* Improved diagnostics and error messages (12129 12207 12185 12211 12113
|
|
12215 12216)
|
|
|
|
* Check that CellServDB entries are valid IPv4 addresses, to avoid
|
|
occasional hangs or potentially other erratic behaviour due to invalid
|
|
entries (12210) (RT #131794)
|
|
|
|
All client platforms
|
|
|
|
* Gracefully handle cases where a client shutdown sequence is initiated
|
|
while the client is already shutting down, rather than cause a panic
|
|
(12179)
|
|
|
|
* Fixed several bugs that could cause erratic behaviour when the write
|
|
offset into a file was more than 2 GiB beyond the file's current end
|
|
on the server (12213 12214)
|
|
|
|
All server platforms
|
|
|
|
* Avoid a possible volserver crash during volume dump or restore due
|
|
to invalid ACL entries (12127)
|
|
|
|
* Allow recovering from a DAFS fileserver operation which allocates a
|
|
new vnode but fails to update the vnode index, rather than crashing the
|
|
server (12209)
|
|
|
|
* Fixed a longstanding bug which could damage the volume location database
|
|
when "vos changeaddr" was run with "-oldaddr" and "-newaddr" and the
|
|
old address was present in a multi-homed entry (12089)
|
|
|
|
FreeBSD
|
|
|
|
* Added support for releases 10.2 and 10.3 (12232)
|
|
|
|
Linux clients
|
|
|
|
* Support for mainline kernel 4.4 and distribution kernels with
|
|
backports from it, alas at a performance penalty (12226 12227 12228)
|
|
(RT #132677 #132819)
|
|
|
|
* Avoid using excessive amounts of kernel memory for dynamically
|
|
allocated vcaches, by improving the algorithm to free unused ones
|
|
(12256 12257)
|
|
|
|
* In Red Hat packaging, make the init script use "ip" if available, with
|
|
"ifconfig" as a fallback (12193)
|
|
|
|
OS X
|
|
|
|
* Basic support for release 10.11 "El Capitan" (12212)
|
|
|
|
IRIX clients
|
|
|
|
* Fixed kernel module builds with optimization (12198) (RT #131261)
|
|
|
|
|
|
OpenAFS 1.6.17 (Security Release)
|
|
|
|
All server platforms
|
|
|
|
* Fix for OPENAFS-SA-2016-001: foreign users can create groups as
|
|
if they were an administrator (RT #132822) (CVE-2016-2860)
|
|
|
|
All client platforms
|
|
|
|
* Fix for OPENAFS-SA-2016-002: information leakage from sending
|
|
uninitialized memory over the network. Multiple call sites
|
|
were vulnerable, with potential for leaking both kernel and
|
|
userland stack data (RT #132847)
|
|
|
|
* Update to the GCO CellServDB update from 01 January 2016 (12188)
|
|
|
|
Linux clients
|
|
|
|
* Fix a crash when the root volume is not found and dynroot is not
|
|
in use, a regression introduced in 1.6.14.1 (12166)
|
|
|
|
* Avoid introducing a dependency on the kernel-devel package corresponding
|
|
to the currently running system while building the srpm (12195)
|
|
|
|
* Create systemd unit files with mode 0644 instead of 0755
|
|
(12196) (RT #132662)
|
|
|
|
OpenAFS 1.6.16
|
|
|
|
All platforms
|
|
|
|
* Documentation improvements (11932 12096 12100 12112 12120)
|
|
|
|
* Improved diagnostics and error messages (11586 11587)
|
|
|
|
* Distribute the contributor code of conduct with the stable release (12056)
|
|
|
|
All server platforms
|
|
|
|
* Create PID files in the right location when bosserver is started with
|
|
the "-pidfiles" argument and transarc paths are not being used (12086)
|
|
|
|
* Several fixes regarding volume dump creation and restore (11433 11553
|
|
11825 11826 12082)
|
|
|
|
* Avoid a reported bosserver crash, and potentially others, by replacing
|
|
fixed size buffers with dynamically allocated ones in some user handling
|
|
functions (11436) (RT #130719)
|
|
|
|
* Obey the "-toname" parameter in "vos clone" operations (11434)
|
|
|
|
* Avoid writing a loopback address into the server CellServDB - search
|
|
for a non-loopback one, and fail if none is found (12083 12105)
|
|
|
|
* Rebuild the vldb free list with "vldb_check -fix" (12084)
|
|
|
|
* Fixed and improved the "check_sysid" utility (12090)
|
|
|
|
* Fixed and improved the "prdb_check" utility (12101..04)
|
|
|
|
All client platforms
|
|
|
|
* Avoid a potential denial of service issue, by fixing a bug in pioctl
|
|
logic that allowed a local user to overrun a kernel buffer with a single
|
|
NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312)
|
|
|
|
* Refuse to change multi-homed server entries with "vos changeaddr",
|
|
unless "-force" is given, to avoid corruption of those entries (12087)
|
|
|
|
* Provide a new vos subcommand "remaddrs" for removing server entries, to
|
|
replace the slightly confusing "vos changeaddr -remove" (12092 12094)
|
|
|
|
* Make "fs flushall" actually invalidate all cached data (11894)
|
|
|
|
* Prevent spurious call aborts due to erroneous idle timeouts (11594)
|
|
|
|
* Provide a "--disable-gtx" configure switch to avoid building and
|
|
installing libgtx and its header files as well as the depending
|
|
"scout" and "afsmonitor" applications (12095)
|
|
|
|
* Fixed building the gtx applications against newer ncurses (12125)
|
|
|
|
* Allow pioctls to work in environments where the syscall emulation
|
|
pseudo file is created in a read-only pseudo filesystem, like in
|
|
containers under recent versions of docker (12124)
|
|
|
|
Linux clients
|
|
|
|
* In Red Hat packaging, avoid following a symbolic link when writing
|
|
the client CellServDB, which could overwrite the server CellServDB,
|
|
by removing an existing symlink before writing the file (12081)
|
|
|
|
* In Red Hat packaging, avoid a conflict of openafs-debuginfo with
|
|
krb5-debuginfo by excluding our kpasswd executable from debuginfo
|
|
processing (12128) (RT #131771)
|
|
|
|
OpenAFS 1.6.15 (Security Release)
|
|
|
|
All client and server platforms
|
|
|
|
* Fix for OPENAFS-SA-2015-007 "Tattletale"
|
|
|
|
When constructing an Rx acknowledgment (ACK) packet, Andrew-derived
|
|
Rx implementations do not initialize three octets of data that are
|
|
padding in the C language structure and were inadvertently included
|
|
in the wire protocol (CVE-2015-7762). Additionally, OpenAFS Rx in
|
|
versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0
|
|
through 1.7.32 include a variable-length padding at the end of the
|
|
ACK packet, in an attempt to detect the path MTU, but only four octets
|
|
of the additional padding are initialized (CVE-2015-7763).
|
|
|
|
OpenAFS 1.6.14.1
|
|
|
|
Linux clients
|
|
|
|
* Support kernels up to 4.2
|
|
|
|
Due to changes to internal data structures with this kernel release,
|
|
the OpenAFS client can no longer reset the link count during path
|
|
lookups. Since volume root directories must behave like symlinks
|
|
instead of normal directories in order to satisfy Linux kernel
|
|
invariants, looking up paths containing more than 40 mount points
|
|
will fail with ELOOP on such kernels.
|
|
|
|
OpenAFS 1.6.14
|
|
|
|
All server platforms
|
|
|
|
* Prior to the OpenAFS security release 1.6.13, the Volume Location
|
|
Server (vlserver) RPC VL_ListAttributesN2() supported wildcard volume
|
|
name lookups via regular expression (regex) pattern matching. This
|
|
support was completely disabled in 1.6.13 because it was judged to be
|
|
a security risk due to buffer overruns in the implementation, as well
|
|
as the possibility of denial of service attacks where certain regular
|
|
expressions could cause excessive CPU usage in some regex
|
|
implementations.
|
|
|
|
Unfortunately, after 1.6.13 was released, it was discovered that
|
|
the native OpenAFS 'backup' system uses the VL_ListAttributesN2()
|
|
regex support to evaluate configured volume sets. If you use the
|
|
OpenAFS 'backup' system (or another backup system which relies on it,
|
|
such as Tivoli Storage Manager (TSM, aka Tivoli ADSM)), and are using
|
|
volume sets which require regular expressions for the volume name,
|
|
then those volume sets cannot be resolved by OpenAFS 1.6.13. The next
|
|
paragraph provides details on how to identify any affected volume sets.
|
|
|
|
OpenAFS backup volume sets may be described by fileserver, partition
|
|
name, and volume name. The fileserver and partition specifications
|
|
never require regular expression support. The volume name specification
|
|
always requires regular expression support except for when specifying
|
|
_all_ volumes via two special cases: the universal wildcard ".*", or "".
|
|
For example, volume name "proj" or "*.backup" or "homevol.*" all
|
|
require regex support - even if the specification contains no wildcard
|
|
characters and/or exactly matches an existing volume name.
|
|
|
|
As a result of this issue, OpenAFS 1.6.14 replaces the 1.6.13 changes
|
|
to VL_ListAttributesN2. 1.6.14 prevents the buffer overruns and
|
|
reenables the regex support, but restricts it to OpenAFS super-users
|
|
and -localauth only. This is sufficient to restore the OpenAFS 'backup'
|
|
system's ability to work correctly with any previously supported volume
|
|
set. The OpenAFS 'backup' commands are already documented to require
|
|
super-user authorization, so this restriction is moot for the backup
|
|
system.
|
|
|
|
There are no other direct consumers of the VL_ListAttributesN2() regex
|
|
support in the OpenAFS tree. However, the VL_ListAttributesN2 RPC is
|
|
publicly accessible and might be used by third party tools directly or
|
|
indirectly via OpenAFS's libadmin. Any such tools that issue
|
|
VL_ListAttributesN2 RPCs must now be executed using super-user or
|
|
-localauth tokens.
|
|
|
|
None of the other security fixes in OpenAFS 1.6.13 are known to have
|
|
any issues, and are still included unchanged in OpenAFS 1.6.14.
|
|
|
|
If there are any questions concerning the possible impact of OpenAFS
|
|
1.6.13 or 1.6.14 at your site, please contact your OpenAFS support
|
|
provider or the openafs-info@openafs.org mailing list for further
|
|
assistance.
|
|
|
|
OpenAFS 1.6.13
|
|
|
|
All server platforms
|
|
|
|
* Fix for CVE-2015-3282: vos leaks stack data onto the wire in the
|
|
clear when creating vldb entries
|
|
|
|
* Workaround for CVE-2015-3283: bos commands can be spoofed, including
|
|
some which alter server state
|
|
|
|
* Disabled searching the VLDB by volume name regular expression to avoid
|
|
possible buffer overruns in the volume location server
|
|
|
|
All client platforms
|
|
|
|
* Fix for CVE-2015-3284: pioctls leak kernel memory
|
|
|
|
* Fix for CVE-2015-3285: kernel pioctl support for OSD command passing
|
|
can trigger a panic
|
|
|
|
Solaris clients
|
|
|
|
* Fix for CVE-2015-3286: Solaris grouplist modifications for PAGs can
|
|
panic or overwrite memory
|
|
|
|
OpenAFS 1.6.12
|
|
|
|
All server platforms
|
|
|
|
* Avoid database corruption if a database server is shut down and then
|
|
brought up again quickly with an altered database (11773 11774)
|
|
(RT #131997)
|
|
|
|
All client platforms
|
|
|
|
* Fixed a potential buffer overflow in aklog (11808)
|
|
|
|
* Avoid a bogus warning regarding the checkserver daemon, which could be
|
|
logged during startup when the cache initialization was very fast (11680)
|
|
|
|
* Added documentation of the inaccuracy of the 'partition' field in
|
|
'fs listquota' output for partitions larger than 2 TiB (11626)
|
|
|
|
Linux clients
|
|
|
|
* Support kernels up to 4.1 (11872 11873)
|
|
|
|
* Avoid spurious EIO errors when writing large chunks of data to
|
|
mmapped files (11877)
|
|
|
|
OS X
|
|
|
|
* Build fixes required at least on OS X 10.10 Yosemite with the latest
|
|
XCode (11859 11876 11842..11845 11863 11878 11879)
|
|
|
|
OpenAFS 1.6.11.1
|
|
|
|
Linux clients
|
|
|
|
* Support kernels up to 4.0 (11760 11761)
|
|
|
|
FreeBSD clients
|
|
|
|
* Fixed kernel module build on systems with an updated clang which no
|
|
longer accepts the -mno-align-long-strings as a no-op (11809)
|
|
|
|
OpenAFS 1.6.11
|
|
|
|
All platforms
|
|
|
|
* Allow aklog to succeed creating native K5 tokens even when mapping
|
|
the K5 principal to a K4 one fails (11538)
|
|
|
|
* Build fixes (11435 11636)
|
|
|
|
All client platforms
|
|
|
|
* Avoid a potential kernel panic due to connection reference overcounts
|
|
(11645) (RT #131885)
|
|
|
|
* Avoid potential corruption of files written using memory mapped I/O
|
|
when the file is larger than the cache (11656) (RT #131976)
|
|
|
|
Linux clients
|
|
|
|
* Support kernels at least up to 3.19 (11549 11550 11569 11570 11595
|
|
11658..11662 11694 11752)
|
|
|
|
Note: By default this excludes kernels 3.17 to 3.17.2, which will leak
|
|
an inode reference when an error occurs in d_splice_alias(). The
|
|
module will build and work, but leak kernel memory, leading to
|
|
performance degradation and eventually system failure due to
|
|
memory exhaustion. Since it's impossible to detect this condition
|
|
automatically, the switch --enable-linux-d_splice_alias-extra-iput
|
|
must be passed to configure when building the module for those
|
|
kernels. The same would be necessary for any kernel with backports
|
|
of commit 908790fa3b779d37365e6b28e3aa0f6e833020c3 or commit
|
|
95ad5c291313b66a98a44dc92b57e0b37c1dd589 but not the fix in commit
|
|
51486b900ee92856b977eacfc5bfbe6565028070 in the linux-stable repo
|
|
(git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git) or
|
|
the corresponding changes on other branches.
|
|
|
|
* Fixed a regression introduced in OpenAFS release 1.6.10 which could
|
|
make the spurious "getcwd: cannot access parent directories" problem
|
|
return (11558 11568) (RT #131780)
|
|
|
|
* Avoid leaking memory when scanning a corrupt directory (11707)
|
|
|
|
OS X clients
|
|
|
|
* Support OS X 10.10 "Yosemite" (11571 11572 11611) (RT #131946)
|
|
|
|
Solaris clients
|
|
|
|
* Avoid reading random data rather than correct cache content when using
|
|
ZFS as the cache file system on Solaris >= 11, and fix potential similar
|
|
problems on other platforms (11713 11714)
|
|
|
|
FreeBSD
|
|
|
|
* Build fix for releases >= 11.0 (11610)
|
|
|
|
OpenBSD
|
|
|
|
* Support release 5.4 (11700)
|
|
|
|
|
|
OpenAFS 1.6.10
|
|
|
|
All platforms
|
|
|
|
* Don't hide the "version" subcommand in help output (11214)
|
|
|
|
* Documentation improvements (11126 11216 11222 11223 11225 11226)
|
|
|
|
* Improved diagnostics and error messages (11154 11246 11247 11249 11181
|
|
11182 11183)
|
|
|
|
* Build system improvements (11158 11221 11224 11225 11227..11241 11282
|
|
11342 11350 11353 11242 11367 11392)
|
|
|
|
* Avoid potentially erratic behaviour under certain error conditions by
|
|
either avoiding or at least not ignoring them, in various places (11008
|
|
11010..11065 11112 11148 11196 11530)
|
|
|
|
FreeBSD
|
|
|
|
* Support releases 9.3 and 10.1 (11368 11369 11402 11403 11404)
|
|
|
|
* Makes a disk cache more likely to work on FreeBSD, though such
|
|
configurations remain not very tested (11448)
|
|
|
|
All server platforms
|
|
|
|
* Added volscan(8) (11252..11280 11387 11388)
|
|
|
|
* Fixed a bug causing subgroups not to function correctly if their
|
|
ptdb entry had more than one continuation entry (11352)
|
|
|
|
* Logging improvements (10946 11153)
|
|
|
|
* Allow log rotation via copy and truncate (11193)
|
|
|
|
* Avoid a server crash during startup only observed on a single platform
|
|
and when using a 3rd party library under certain circumstances, which is
|
|
a collateral effect of the security improvements introduced in OpenAFS
|
|
release 1.6.5 (11075) (RT #131852)
|
|
|
|
All client platforms
|
|
|
|
* Raised the free space reported for /afs to the maximum possible value of
|
|
just under 2 TiB - the old value was 9 GiB on most platforms (10984)
|
|
|
|
* Reduced the amount of stack space used (11162 11163 11203 11164..11167
|
|
11338 11339 11364..11366 11381)
|
|
|
|
* Sped up a periodic client task which could be problematically slow
|
|
on systems with a large number of PAGs and files in use (11307)
|
|
|
|
* Fixed failure of the up command with large ACLs (11111)
|
|
|
|
* Avoid a potential crash of aklog (11218)
|
|
|
|
* Avoid potential crashes of scout and xstat_fs_test (11155)
|
|
|
|
Linux clients
|
|
|
|
* Support kernels up to 3.16 (11308 11309)
|
|
|
|
* Fixed a regression introduced in OpenAFS release 1.6.6 that made
|
|
checking for existing write locks incorrectly fail on readonly volumes
|
|
(11361)
|
|
|
|
* Fixed a regression introduced in OpenAFS release 1.6.8 that could
|
|
cause VFS cache inconsistencies when a previously-accessed directory
|
|
entry was removed and recreated with the same name but pointing to a
|
|
different file on another client (11358)
|
|
|
|
* Use the right path to depmod in Red Hat packaging to avoid dependency
|
|
calculation incorrectly failing unless a link /sbin -> /usr/sbin is
|
|
present on the system performing it (11171) (RT #131860)
|
|
|
|
* Do not ignore kernel module build errors (11205)
|
|
|
|
OpenAFS 1.6.9
|
|
|
|
All server platforms
|
|
|
|
* Fix for OPENAFS-SA-2014-002
|
|
|
|
OpenAFS 1.6.8
|
|
|
|
All platforms
|
|
|
|
* Documentation improvements (10751 10875 10931 10897 10883 10954 10955)
|
|
|
|
* Improved diagnostics and error messages (10756 10814 10949)
|
|
|
|
* Fixed a bug in RX that could make errors during packet reception go
|
|
unnoticed. (10733)
|
|
|
|
* Fixed a bug that made "vos size -dump" display the wrong size for
|
|
large volumes. (10933) (RT #131819)
|
|
|
|
All server platforms
|
|
|
|
* Change the default fileserver sync behavior from "delayed" to "onclose".
|
|
This means that explicit syncing only happens when a volume is detached.
|
|
(10809)
|
|
|
|
* Added the -offline-timeout and -offline-shutdown-timeout options to the
|
|
fileserver, to implement interrupting clients accessing volumes we are
|
|
trying to take offline. (6266 10799)
|
|
|
|
All client platforms
|
|
|
|
* When a client is shut down, it will give up its callbacks. The Windows
|
|
client has been doing this since 2007. Note that older fileservers
|
|
(1.3.50 to 1.4.5 and 1.5.0 to 1.5.27) had a bug in the implementation of
|
|
the relevant RPC that could cause crashes or other undefined behavior
|
|
when this happens. (6272 8840 10855)
|
|
|
|
* Restored the pre-1.6 behavior of "vos e" being an alias for "vos examine".
|
|
(10886)
|
|
|
|
* Avoid flooding logs with warnings about byte-range locks, by throttling
|
|
them per file. Also, make the messages more useful by including the
|
|
FID. (10836..10839)
|
|
|
|
* Avoid a possible panic during shutdown while tracing. (10932)
|
|
|
|
Linux clients
|
|
|
|
* Fixed a bug that could cause the "getcwd: cannot access parent
|
|
directories" problem (10804 10984)
|
|
|
|
* Avoid a delay when accessing uncached data in AFS in a confined
|
|
context under SELinux. (10598)
|
|
|
|
* Red Hat packaging improvements (10600 10767 10807)
|
|
|
|
OpenAFS 1.6.7
|
|
|
|
All server platforms
|
|
|
|
* Fix for OPENAFS-SA-2014-001
|
|
|
|
* Fix for a potential DOS attack against RX servers
|
|
|
|
OpenAFS 1.6.6
|
|
|
|
All platforms
|
|
|
|
* As of this release, OpenAFS no longer ships uncompressed source tarballs.
|
|
Tarballs are still shipped with both compression formats, gzip and bzip2.
|
|
(10131)
|
|
|
|
* Documentation improvements (10136 10314 10601)
|
|
|
|
* Improved diagnostics and error messages (9412 10085 10274)
|
|
|
|
* Avoid redefining "assert" in our public header files, which could
|
|
cause failures when building some applications using them. (10096)
|
|
|
|
* Fixes for parallel builds (10005 10309 10337)
|
|
|
|
* Added a -s switch to afscp (not installed by default) to help simulate
|
|
a slow client. (9416 9417)
|
|
|
|
* Added a -probe switch to vlclient test program (not installed by default)
|
|
to ping all vlservers in a cell in parallel. (9570)
|
|
|
|
All server platforms
|
|
* The fileserver now ignores any vice partitions with a NeverAttach flag
|
|
file present in the root directory. (RT #130561) (9470 9471)
|
|
|
|
* Restrict forcing CPS ("Current Protection Subdomain") recalculation in
|
|
the fileserver to administrators. Also fixed a bug that could cause this
|
|
operation to be incomplete. (9485 9487)
|
|
|
|
* Allow non-DAFS fileservers to attach unusable volumes, restoring pre-1.6
|
|
behaviour. (RT #131505) (9499)
|
|
|
|
* Restored the pre-1.6 behaviour when running vos examine for a volume
|
|
currently in a transaction, showing the volume as busy again rather than
|
|
offline. (9685 9915 9916)
|
|
|
|
* Reduced the minimum time a bos salvage takes from 5 seconds to 1. (9476)
|
|
|
|
* Fixed buserver to not segfault when started with the -servers option.
|
|
(RT #131706) (10166)
|
|
|
|
* Salvager fixes, addressing a wide variety of possible problems from
|
|
unnecessary salvaging to aborts (9282 9283 9457 9458 9459 9461 9462 9480
|
|
9481 10165 10167)
|
|
|
|
* Fixed a bug that could cause saved state information to be discarded
|
|
when restarting a large or busy fileserver, which negatively impacted
|
|
performance. (9683)
|
|
|
|
* Fixed a bug that could have caused undefined behaviour in the vlserver
|
|
in rare cases when a fileserver registered its addresses in the VLDB.
|
|
(9429)
|
|
|
|
* Added the -preserve-vol-stats switch to volserver, allowing it to keep
|
|
the access statistics across volume restore and reclone operations
|
|
instead of resetting them. (9477)
|
|
|
|
* Inserted an exponential delay between retries when bosserver attempts to
|
|
restart a server process. (9571 10199)
|
|
|
|
* Improved vldb_check (not installed by default) to cope with broken
|
|
vlentry names and volids, and provide more output to aid debugging.
|
|
(10268)
|
|
|
|
* Releasing a volume after adding a new RO site no longer touches any of
|
|
the existing RO sites, if the RW data hasn't changed since the last
|
|
release. (10174)
|
|
|
|
* Make the copyDate field for RO clones have the same meaning as for
|
|
remote RO volumes. Previously, the copyDate field for clones was updated
|
|
every time we released. (9451)
|
|
|
|
* Fixed potentially undefined behaviour in ptserver when too many pts
|
|
ids are allocated. (10124)
|
|
|
|
* Note that the server side NAT pings feature present in the prereleases
|
|
was removed before the final release, since no positive feedback
|
|
was provided during prerelease testing. (9420 10135)
|
|
|
|
Linux servers
|
|
|
|
* Start bosserver with -nofork in the systemd unit file, to allow systemd
|
|
to track its state (10093)
|
|
|
|
All client platforms
|
|
|
|
* No longer track file locks on read-only volumes. Write locks can't
|
|
succeed, read locks always will. Avoids log messages about this kind
|
|
of lock. (8910)
|
|
|
|
* Added the "fs flushall" subcommand, which makes the client discard all
|
|
cached data. This was previously available on Windows only. (9065 9388
|
|
9389 9390)
|
|
|
|
* Fixed a bug that could make the client incorrectly believe its cache
|
|
is up to date. This change could negatively impact AFS <-> DFS
|
|
translators, should those still be running anywhere. (8898)
|
|
|
|
* Several changes to avoid panicing in certain error conditions.
|
|
(9131 9287 10354 10355 10356 10357) (partially addressing RT #131747)
|
|
|
|
* Added the -rxmaxfrags switch to afsd, allowing to limit the number
|
|
of UDP fragments sent or received per RX packet. (9430)
|
|
|
|
* Build fixes for aklog on several platforms (RT #131716) (9917 10107 10275)
|
|
|
|
* Require that the AFS mountpoint specified in the cacheinfo file is
|
|
an absolute path. Relative paths result in a client that basically
|
|
works but is not fully functional. (10253)
|
|
|
|
* Fixed a bug that could cause one of the afsd threads to enter an infinite
|
|
loop (10431 .. 10436)
|
|
|
|
Linux clients
|
|
|
|
* Support Linux kernels up to 3.13 (10241)
|
|
|
|
* Fixed a bug that made readv/writev calls in AFS space fail with Linux
|
|
kernels where generic_file_aio_read exists but those operations have
|
|
not been switched to using aio_read/aio_write. This was a regression
|
|
introduced with release 1.6.3 and affected at least RHEL 5.9 kernels.
|
|
(10248)
|
|
|
|
* Fixed a similar bug making core dumps fail in AFS space, affecting
|
|
a much wider range of kernels including the most recent ones.
|
|
(RT #131729) (10254)
|
|
|
|
* Enhanced the keyring code to make PAGs work correctly on kernels with a
|
|
distribution specific change to the Linux keyring code. This affected at
|
|
least SLES 11 SP3 kernels. (10252)
|
|
|
|
* Fixed a bug that could make failures during PAG instantiation go
|
|
unnoticed. (10255)
|
|
|
|
* Fixed a bug that made compilation fail for Linux kernels without
|
|
keyring support. This affected at least the SLE 10 SDK and an
|
|
OEM version of SLES 11 SP1. (10325)
|
|
|
|
* Fixed build for kernels with user namespace support enabled. Likely
|
|
to be required for Ubuntu 14.04 and eventually other distributions.
|
|
(10456 10457 10458 10518 10472)
|
|
|
|
* Support RHEL 6.5 kernels, and possibly others with changes backported
|
|
from recent mainline kernels that touch getname/putname, by no longer
|
|
using those functions. Previously, the client could cause a kernel
|
|
panic when syscall auditing was enabled. (10578)
|
|
|
|
* Make tmpfs usable as the cache filesystem again. This had been broken
|
|
since kernel 3.1 (9950 10193)
|
|
|
|
* When starting the client fails, clean up the backing device information
|
|
created in sysfs, to avoid error messages during a subsequent start
|
|
and possible system instability later on (10454)
|
|
|
|
* Update Red Hat packaging to support Fedora >= 20, RHEL >= 7 and
|
|
ELrepo kernels (10597 10619 10622 10703 10704)
|
|
|
|
OS X Clients
|
|
|
|
* Support OS X 10.9 "Mavericks" (10519 10541 10542 10543 10548 10549)
|
|
|
|
AIX clients
|
|
|
|
* Fixed a bug that caused the 1.6 AIX client to never receive any RX
|
|
packets in the kernel. (RT #131725)
|
|
|
|
FUSE client
|
|
|
|
* Support Solaris 11 (9454 9455)
|
|
|
|
* Allow other users to access filesystems mounted by root. (9452)
|
|
|
|
FreeBSD
|
|
|
|
* Build tvolser and dvolser on this platform (10122)
|
|
* Several fixes to catch up with newer releases (10374 .. 10381)
|
|
|
|
NetBSD
|
|
|
|
* Build tsalvaged, tvolser and dvolser on this platform (10121)
|
|
* Fixed build on NetBSD 5 and newer. (10138)
|
|
|
|
OpenAFS 1.6.5
|
|
|
|
All platforms
|
|
|
|
* Fixes for OpenAFS-SA-2013-0003 and OpenAFS-SA-2013-0004
|
|
|
|
OpenAFS 1.6.4
|
|
|
|
All platforms
|
|
|
|
* Obey the jumbo/nojumbo settings for ubik servers (the DB servers)
|
|
too. In previous releases, those servers may have used jumbograms
|
|
even if they were not configured to do so. This change corrects
|
|
the actual behaviour, and will improve performance and reliability
|
|
for sites where jumbograms are problematic. It could cause a decrease
|
|
in performance for sites where jumbograms work, but those can turn
|
|
them back on manually.
|
|
|
|
* Dozens of fixes for common coding problems like use after free,
|
|
use of possibly uninitialised memory, reading or writing past the
|
|
end of arrays and potential NULL pointer derefences. Spotted by
|
|
code analysis tools or human inspection.
|
|
|
|
* Documentation improvements.
|
|
|
|
* Fixes and improvements to the diagnostic or log messages printed by
|
|
vos, the fileserver and others.
|
|
|
|
* Build fixes, making parallel builds more reliable with certain
|
|
configuration options and helping various platforms including
|
|
recent releases of IRIX, Solaris and several flavours of Linux.
|
|
|
|
* Avoid sending a small amount of data over the wire unencrypted
|
|
under certain conditions, and emit the correct error message in
|
|
this case.
|
|
|
|
All server platforms
|
|
|
|
* Avoid generating duplicate IDs for readonly and backup volumes,
|
|
which could happen under certain conditions.
|
|
|
|
* Allow the fileserver to return volume data like quota or free space,
|
|
which is available publicly elsewhere, without the additional access
|
|
check for read permissions on a volume's root directory the fileserver
|
|
performed before.
|
|
|
|
* The fileserver now emits a log message when it ran out of memory for
|
|
callbacks.
|
|
|
|
* Avoid several potential fileserver problems, including memory
|
|
corruption and segmentation faults, due to client bookkeeping.
|
|
|
|
* Avoid known cases of silent data corruption due to background syncs
|
|
on the fileserver, especially during Copy on Write.
|
|
|
|
* Make the fileserver sync behaviour runtime configurable. Up to 1.4.5,
|
|
we had synchronous syncs which were safe but really slow. Since 1.4.5,
|
|
we've had asynchronous syncs which are much faster but believed to
|
|
be the cause of rare data corruption issues, and while all known cases
|
|
of these happening are believed to be fixed in the 1.6.3 release, doubts
|
|
remain. This change allows choosing between those, and in addition allows
|
|
to turn syncs by the fileserver off altogether, thus relying on the vice
|
|
partition's backend filesystem and the operating system, or to just
|
|
execute them when a volume is detached. The default behaviour is
|
|
unchanged from releases since 1.4.5, but it's highly recommended to
|
|
consider the additional options this change provides. Future OpenAFS
|
|
releases will default to "-sync=none".
|
|
|
|
* For dbservers, avoid a situation where misinterpreting transient
|
|
network errors causes long-term issues with achieving ubik quorum.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Improvements to the detection of an aklog-specific krb5 configuration
|
|
file, for the purposes of turning on "weak crypto" for aklog.
|
|
|
|
* Fixed a regression introduced in release 1.6.2 which caused the
|
|
supposedly persistent disk cache to be discarded upon client start.
|
|
(RT #131655)
|
|
|
|
Linux clients
|
|
|
|
* Support Linux kernels up to 3.10
|
|
|
|
* Fixed two bugs making it impossible to unmount a disk cache filesystem
|
|
after it has been used by the client. (RT #131613)
|
|
|
|
* Fixed a bug that could cause an oops with kernels 3.6 and later
|
|
|
|
OpenBSD
|
|
|
|
* Improved support for OpenBSD 4.9 to 5.3
|
|
|
|
OpenAFS 1.6.3
|
|
|
|
This release number had to be skipped for technical reasons.
|
|
|
|
OpenAFS 1.6.2.1
|
|
|
|
Linux clients
|
|
|
|
* Support Linux kernels up to 3.8.
|
|
|
|
* Make the init script cope with the output of ifconfig on recent Fedora.
|
|
|
|
OpenAFS 1.6.2
|
|
|
|
All platforms
|
|
|
|
* Fix buffer overflows in fileserver and ptserver.
|
|
|
|
* Abort an rx connection when given an unknown service (Gerrit 7593).
|
|
|
|
* "idle dead" behavior improvements.
|
|
|
|
* Documentation updates.
|
|
|
|
All server platforms
|
|
|
|
* Fix rare file corruption during background sync (Gerrit 8796).
|
|
|
|
* Fix corrupting clients' metadata cache during certain errors (Gerrit
|
|
6957).
|
|
|
|
* Avoid saying a volume doesn't exist when accessed as the volume is
|
|
going offline (Gerrit 7488).
|
|
|
|
* Fix fileservers to properly report >2 TiB partitions.
|
|
|
|
* Fix stale volume info from vos examine on non-DAFS filservers.
|
|
|
|
* Fix possible volume corruption with vos convertROtoRW.
|
|
|
|
* Fix bosserver to preserve all command-line options over restart.
|
|
|
|
* Fix bosserver to properly kill hung processes during shutdown.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Fixes for memcache, especially on Solaris.
|
|
|
|
* Increase the size of the DNS resolver answer buffer to allow sites
|
|
with a long response list to use SRV and AFSDB records.
|
|
|
|
* Fix a crash when a server appears to run out of addresses (Gerrit
|
|
7487).
|
|
|
|
* Fix cache corruption when reading from a file another client is
|
|
simultaneously writing to (Gerrit 7994).
|
|
|
|
* Improve handling of disk cache disk errors.
|
|
|
|
Linux
|
|
|
|
* fix DKMS configuration for DKMS 2.2.
|
|
|
|
* Avoid generating inode number 0 with md5 inodes (Gerrit 7276).
|
|
|
|
* Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914).
|
|
|
|
* Make PAG-less access use the real UID of the calling process
|
|
instead of the effective UID, when determining what credentials to
|
|
use (Gerrit 7931).
|
|
|
|
* Fix possible abuse of fs mkmount.
|
|
Prior to 1.6.2, users could crash a client by nesting volume mounts.
|
|
|
|
* Fix fileserver memory corruption on RHEL 6
|
|
Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load.
|
|
|
|
* Fix client page cache corruption on Linux
|
|
When multiple clients read and write to a file, the reading client
|
|
may see first page (4096 bytes) of a file as nulls.
|
|
|
|
* Support Linux kernels up to 3.7.
|
|
|
|
* Support newer glibc versions.
|
|
|
|
* Improve client systemd unit file.
|
|
|
|
* Update Red Hat packaging.
|
|
|
|
OS X
|
|
|
|
* Fix crashes on shutdown.
|
|
|
|
* Prevent unloading the module before shutdown completes.
|
|
|
|
* Security improvement for the OpenAFS preference pane.
|
|
|
|
Solaris
|
|
|
|
* Support newer versions of the Sun Studio compiler software.
|
|
|
|
* Support compiling on newer versions of Solaris 11 and Solaris 10.
|
|
|
|
|
|
OpenAFS 1.6.0 (2011-08-15)
|
|
|
|
All platforms
|
|
|
|
* Substantial Rx updates to correct erroneous behavior.
|
|
|
|
* vos now properly deals with matching sites when servers are
|
|
multihomed.
|
|
|
|
* Don't stop Rx keepalives after an ackall is received, avoiding
|
|
spurious connection timeouts. (128848)
|
|
|
|
* Don't retry Rx calls on channels returning busy errors and improve
|
|
Rx busy call channel error handling. (128671)
|
|
|
|
* Properly enable Rx connection hard timeouts.
|
|
|
|
* Rx NAT pings are not enabled until peer has answered.
|
|
|
|
* Initialize rx_multi lock before use.
|
|
|
|
* Avoid spurious crashes when initializing in "backup" client.
|
|
|
|
* Revert UUID support in vos.
|
|
|
|
* pt_util fixed to properly create new databases.
|
|
|
|
* MTU discovery now properly shut down on call reset.
|
|
|
|
* Avoid leaking references to hosts during callback break multi-Rx
|
|
operations. (129376)
|
|
|
|
* xstat tools now cope with differing timeval structures between
|
|
endpoints.
|
|
|
|
* Numerous fixes to command argument parsing.
|
|
|
|
* Documentation updates.
|
|
|
|
All server platforms
|
|
|
|
* A file descriptor leak which could result in corrupted files in the
|
|
fileserver was fixed. An IMMEDIATE upgrade from previous 1.5 release
|
|
fileservers is recommended.
|
|
|
|
* Fix ptserver supergroups support on 64 bit platforms.
|
|
|
|
* Demand attach salvaging doesn't use freed volume pointers.
|
|
|
|
* Properly hold host lock during host enumeration in fileserver.
|
|
|
|
* Attempt to recovery more quickly from timed out volume release
|
|
transactions.
|
|
|
|
* Auditing now properly byte order swaps IP addresses when printing.
|
|
|
|
* vos split now has improved error handling.
|
|
|
|
* Many changes to again support Windows fileservers.
|
|
|
|
* During volume removal, data removal speed improved.
|
|
|
|
* Improve CPU utilization during volume attaching by DAFS.
|
|
|
|
* In salvager check-only mode, avoid potentially fixing a vnode.
|
|
|
|
* Fix support for large (greater than 2gb) volume special files.
|
|
|
|
* Salvager will not crash if multiple or bad volume link tables are
|
|
encountered.
|
|
|
|
* Avoid erroneous full dump by remembering which sites were out of
|
|
date at the start of the release.
|
|
|
|
* A deleted volume can now be recreated properly.
|
|
|
|
* Callbacks are again not broken during whole partition salvages.
|
|
|
|
* Positional vectored IO fixed for largefile (>2GB) capable systems.
|
|
|
|
* Fileserver per-client thread usage again properly enforced.
|
|
|
|
* Anonymous dropbox support improved and drawbacks documented.
|
|
|
|
* Demand attach: ensure vnodes are not reallocated while in use due to
|
|
volume bitmap errors.
|
|
|
|
* Properly support large volume numbers (larger than 2147483647).
|
|
|
|
* Allow salvager to be run manually again when DAFS is being
|
|
used. (129458)
|
|
|
|
* Avoid leaking references to hosts during callback break multi-Rx
|
|
operations. (129376)
|
|
|
|
* Demand attach: unlink fileserver state file on standalone salvage.
|
|
|
|
* Salvager tries harder to detect linktable issues.
|
|
|
|
* Demand attach: don't attach volumes with special status set.
|
|
|
|
* Avoid crashing on host table exhaustion. Instead, defer clients.
|
|
|
|
Microsoft Windows
|
|
|
|
* afs_config will not longer set the Tray Icon State in the registry
|
|
if the checkbox is not present in the dialog. (128591)
|
|
|
|
* AFS Explorer Shell Extension now works from folder backgrounds.
|
|
Overlays for mount points and symlinks are present in the dll, but
|
|
are not registered at present by the installers.
|
|
|
|
* Do not use RankServerInterval registry value as the value for
|
|
PerformanceTuningInterval.
|
|
|
|
* When the data version of a mountpoint or symlink changes, the target
|
|
string in the cm_scache_t object must be cleared.
|
|
|
|
* "fs checkservers" now includes vldb servers in the output and only
|
|
lists multi-homed servers once. A multi-homed server that has at
|
|
least one up interface is no longer considered to be down.
|
|
|
|
* When asynchronously storing dirty data buffers to the file server
|
|
ensure that (a) the cm_scache_t object and the cm_buf_t object are
|
|
for the same File ID so that locking and signalling work properly;
|
|
and (b) if the FID no longer exists on the file server, do not
|
|
panic, just discard the buffer.
|
|
|
|
* When processing VNOVOL, VMOVED and VOFFLINE errors perform server
|
|
comparisons by UUID or address and not simply by cm_server_t
|
|
pointer. Otherwise, server failover may not succeed.
|
|
|
|
* Do not preserve status information for cm_scache_t objects when the
|
|
issuing server is multi-homed.
|
|
|
|
* Giving up all callbacks when shutting down or suspending the machine
|
|
is now significantly faster due to the use of an rx_multi
|
|
implementation. (This functionality is still off by default and
|
|
must be activated by a registry value.)
|
|
|
|
* Race conditions were possible when updating the state of the
|
|
cm_volume_t flags and when moving the volumes within the least
|
|
recently used list.
|
|
|
|
* Ensure that the lanahelper library does not perform a NCBRESET of
|
|
each lan adapter when enumerating the current network bindings.
|
|
Correcting this permits OpenAFS to work on Windows 7 when the
|
|
network adapter settings change.
|
|
|
|
* Fix creation of mount points and symlinks as \\AFS\xxxx
|
|
|
|
* Icon tray state now conditionally set. (128591)
|
|
|
|
* Properly create new cell mount points in freelance mode.
|
|
|
|
* Avoid recursive offline volume checks.
|
|
|
|
* Fix caching of non-existent volumes. The test to trigger an
|
|
immediate CM_ERROR_NOSUCHVOLUME in cm_UpdateVolumeLocation() was
|
|
backwards.
|
|
|
|
* Prevent the background daemon from checking the status of
|
|
non-existent volumes. cm_CheckOfflineVolumes() should skip volume
|
|
groups with the CM_VOLUMEFLAG_NOEXIST flag set.
|
|
|
|
* The afskfw library should return an error immediately if the
|
|
krb5_32.dll library cannot be loaded. Affects afslogon.dll and
|
|
afscreds.exe.
|
|
|
|
* No longer depend on leashw32.dll in afskfw library.
|
|
|
|
* NPLogonNotify must provide the user password in all calls to
|
|
KFW_AFS_get_cred(). It cannot count on a credential cache being
|
|
preserved between calls. Permits tokens to be acquired for all
|
|
cells listed in the TheseCells registry value for a domain.
|
|
|
|
* Improve the trace logging from NPLogonNotify().
|
|
|
|
* Avoid a race when writing the cm_scache_t mountPointString
|
|
when acquiring mount point or symlink target data via
|
|
cm_GetData(). The race could result in bogus target
|
|
data being cached.
|
|
|
|
* Permit the use of des-cbc-md5 and des-cbc-md4 enctypes
|
|
as DES keys in asetkey.exe.
|
|
|
|
* aklog supports dotted Kerberos v5 principal names.
|
|
|
|
* afskfw library always attempts afs/cell@USER-REALM
|
|
|
|
* afskfw library must test return code from krb5_cc_start_seq_get() or
|
|
will trigger a null pointer exception when using Heimdal.
|
|
|
|
* Lock protected fields must be 32-bit in order to avoid memory
|
|
overwrite races.
|
|
|
|
* Add support for NTFS symlinks.
|
|
|
|
* Handle file search requests for virtual syscall ioctl file.
|
|
|
|
* Process SyncOps properly to enforce ordered operations.
|
|
|
|
* Avoid recursing during NewServer operations.
|
|
|
|
* Correct lock acquisition order during SMB locking.
|
|
|
|
* Add shutdown message to event log.
|
|
|
|
* Check offline volume status by policy rather than on each daemon
|
|
thread run.
|
|
|
|
* Return error on directory object not found instead of crashing.
|
|
|
|
* Improve error message output.
|
|
|
|
* afslogin.dll can start afsd_service if it's not starting or started.
|
|
|
|
* Optimize away release lock RPCs for deleted files.
|
|
|
|
* Background Daemon will not perform operations on deleted files.
|
|
|
|
* Resort recently used directories to the top of the LRU if the
|
|
directory is larger than the stat cache.
|
|
|
|
* Resort deleted objects to the bottom of the LRU.
|
|
|
|
* Use interlocked operations for state and queue fields to allow safe
|
|
bit set and clear on multiprocessor systems.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Servers now marked down when GetCapabilities returns error.
|
|
|
|
* In-use vcache count is now properly tracked.
|
|
|
|
* Check for /afs existance before starting, unless -nomount is
|
|
specified.
|
|
|
|
* Avoid a potential panic when using /afs/.:mount syntax.
|
|
|
|
* Avoid a panic in memcache mode due to missing CellItems file.
|
|
|
|
* FUSE client support fixed for non-/afs mounts.
|
|
|
|
* Avoid a potential deadlock (which times out) when we need to
|
|
allocate more callback returns and must flush some already in use.
|
|
|
|
* Deal with libcom_err conflicts with other packages using it
|
|
(e.g. krb5) (128640)
|
|
|
|
* Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV
|
|
record is not available.
|
|
|
|
* Avoid holding unneeded locks when probing server capabilties.
|
|
|
|
* Do not attempt page flushes for directories.
|
|
|
|
* Rx connection reference counting is enabled.
|
|
|
|
* An Rx connection reference count leak is fixed in bulkstat.
|
|
|
|
* Handle unparsable directory objects.
|
|
|
|
* Handle Kerberos cred cache errors in aklog.
|
|
|
|
AIX
|
|
|
|
* Fix PAG usage to track by PAG identifier, not group list.
|
|
|
|
FreeBSD
|
|
|
|
* Fix socket termination on shutdown.
|
|
|
|
* Support for 7.2, 7.3, 7.4 and 8.2 included.
|
|
|
|
* References to vcaches are no longer leaked during root or reclaim.
|
|
|
|
* Remove support for "Giant" lock as we no longer need to use it.
|
|
|
|
* Don't sleep with AFS GLOCK.
|
|
|
|
* Properly enable 64 bit long long support.
|
|
|
|
* Restore support for FreeBSD 7 (128612)
|
|
|
|
* Fix locking issues at shutdown and avoid panic at shutdown due to
|
|
vcache flushing.
|
|
|
|
* Support for virtual network stacks.
|
|
|
|
* New RC script, updated packaging.
|
|
|
|
IRIX
|
|
|
|
* Properly create new vnodes to avoid crashing in the client.
|
|
|
|
Linux
|
|
|
|
* Support through kernel 2.6.39. Treat Linux 3.0 as Linux 2.6 for
|
|
sysname purposes.
|
|
|
|
* Use rx_Readv in cache bypass to improve performance.
|
|
|
|
* Properly handle 0-length replies during cache bypass operations.
|
|
|
|
* Properly handle non-contiguous readpage cache bypass operations.
|
|
|
|
* Do proper locking when transitioning to or from cache bypass.
|
|
|
|
* Avoid extra runs of vcache freeing routine. (128756)
|
|
|
|
* Perform vcache eviction via a fast path before visiting vcaches
|
|
where sleep is needed.
|
|
|
|
* setpag() errors are now properly reported.
|
|
|
|
* Avoid attempting to free stat cache entries when we are below
|
|
user-specified number of entries in use.
|
|
|
|
* Properly track user-specified number of stat cache entries to use as
|
|
a desired usage target.
|
|
|
|
* Don't read pages beyond EOF in the cache. (128452)
|
|
|
|
* Various corrections and improvements to Red Hat packaging, including
|
|
modifying the init script to allow deferring for a new binary
|
|
restart and properly supporting RHEL6.
|
|
|
|
* Fix lockup in 2.6.38 due to erroneous kernel feature configure test.
|
|
|
|
* Improve RPM building tools.
|
|
|
|
* Attempt to properly handle SELinux in packaging.
|
|
|
|
* Init script properly returns status as exit code.
|
|
|
|
* RPM packaging fixes (executable libraries, no postinstall message)
|
|
|
|
* Kill i386 from RPM packaging.
|
|
|
|
MacOS
|
|
|
|
* MacOS 10.7 support.
|
|
|
|
* Properly handle setpag errors. PAGs are not supported.
|
|
|
|
* Check for unloaded kernel extensions when decoding AFS panics.
|
|
|
|
* Disable "get tokens at login" in prefs pane if AD authentication
|
|
plugin is configured.
|
|
|
|
* aklog AuthorizationPlugin now provided.
|
|
|
|
* Preferences Pane behavior fixed for 1.6 series (version detection is
|
|
used to select default behavior).
|
|
|
|
* A potential kernel panic during bulkstat operations is
|
|
fixed. (128511)
|
|
|
|
* 64-bit MacOS kernel performance is greatly improved. (128934)
|
|
|
|
* Properly shut down AFS, closing the Rx socket in the upcall handler
|
|
to avoid attempting to process data after we can no longer do so.
|
|
|
|
* Rework logic for bulk status operations to avoid a potential hang.
|
|
|
|
* Avoid panic when doing FSEvent synthesis.
|
|
|
|
* Fix bug when using non-dynroot.
|
|
|
|
* Update Kerberos support in PreferencesPane.
|
|
|
|
NetBSD
|
|
|
|
* Updates for platform support.
|
|
|
|
OpenBSD
|
|
|
|
* Bug fixes for issues introduced previously in 1.5 series.
|
|
|
|
* Support through OpenBSD 4.8.
|
|
|
|
Solaris
|
|
|
|
* Switch to ioctl() syscall replacement for Solaris 11 since syscall
|
|
65 is not safe.
|
|
|
|
* Fix support for Solaris pre-10.
|
|
|
|
* Corrected Solaris 11 startup script.
|
|
|
|
* vcache mappings freed on shutdown to avoid panic.
|
|
|
|
* Properly report errors for AFS system call callers.
|
|
|
|
* Don't leave dangling function references if kernel extension fails
|
|
to load.
|
|
|
|
* Try harder to avoid deadlocks on file-larger-than-cache operations.
|
|
|
|
* Avoid panic on shutdown when mount failed.
|
|
|
|
|
|
OpenAFS 1.5.78 (2010-11-04)
|
|
|
|
All platforms
|
|
|
|
* Revisions to Rx to fix performance issues.
|
|
|
|
* Make fs getfid behave consistently across all platforms. (128372)
|
|
|
|
* Properly check IDs handed to pts when creating users or groups so
|
|
useful error messages can be provided. (128343)
|
|
|
|
* Correct byte order handling of port in afsconf_LookupServer for SRV
|
|
records.
|
|
|
|
* Force a full dump when releasing to a site which was previously
|
|
marked "don't use", in case the previous clone was out of date.
|
|
|
|
All server platforms
|
|
|
|
* Demand salvage of attached volumes now correctly track attachment
|
|
state.
|
|
|
|
* Avoid a potential crash due to failure to hold a lock when attaching
|
|
a volume fails.
|
|
|
|
Microsoft Windows
|
|
|
|
* Track SMB connections by SID rather than username.
|
|
|
|
* Error write attempts to known-readonly volumes earlier.
|
|
|
|
* Validate directory buffers to avoid potential crashes.
|
|
|
|
* Handle VIO errors from bulkstatus.
|
|
|
|
* Make PMTU discovery configurable and register error handlers for it.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Use larger I/O sizes in memcache to improve performance.
|
|
|
|
* Avoid potential alignment issues doing I/O for pioctl calls.
|
|
|
|
FreeBSD
|
|
|
|
* Avoid panicing if the listener process is not findable.
|
|
|
|
* Avoid deadlock issues while performing lookups.
|
|
|
|
Linux
|
|
|
|
* Handle stale file handle errors for some cache partition types.
|
|
|
|
* Avoid blocking with xvcache lock when attempting to free in-use
|
|
vcaches.
|
|
|
|
* Build fixes for older kernels.
|
|
|
|
* Properly configure LWP to use ucontext() on platforms where it
|
|
should.
|
|
|
|
* Eliminate spurious errors from AFS system call returns. (126230)
|
|
|
|
MacOS
|
|
|
|
* Attempt to honor configured Kerberos defaults in Preferences Pane.
|
|
|
|
|
|
OpenAFS 1.5.77 (2010-09-08)
|
|
|
|
All platforms
|
|
|
|
* Rx path MTU detection will terminate detection in cases where the
|
|
minimum required packet size cannot be transferred.
|
|
|
|
* vos dryrun mode now shows effects for syncvldb single volume case.
|
|
|
|
* vos dryrun mode now shows "status after" for syncvldb and syncserv.
|
|
|
|
All server platforms
|
|
|
|
* RXAFS_GetStatistics64 now returns statistics properly.
|
|
|
|
Microsoft Windows
|
|
|
|
* Attempt to properly identify the local system SMB connection for
|
|
token tracking.
|
|
|
|
* Remap timeout and offline errors to proper NT RPC errors.
|
|
|
|
* Properly fail over to other replicas on bulkstat IO errors.
|
|
|
|
* Properly error delete-mode createfile if a file is set readonly.
|
|
|
|
* Validate directory entry buffers to avoid crashing the service.
|
|
|
|
* Log file modes properly.
|
|
|
|
* Log cell name when logging server information.
|
|
|
|
All UNIX client platforms
|
|
|
|
* cacheout program for discarding callbacks is now built.
|
|
|
|
* bulkstatus kernel locking is corrected to avoid a potential panic.
|
|
|
|
Dragonfly BSD
|
|
|
|
* userspace support update
|
|
|
|
FreeBSD
|
|
|
|
* Updated vnode locking for children returned via lookup().
|
|
|
|
* Avoid file open undercount with needed calls to
|
|
FakeOpen/FakeClose().
|
|
|
|
* Use vnode_pager_setsize to properly track file size during kernel
|
|
IO.
|
|
|
|
* Update system call installation.
|
|
|
|
* Fix shutdown of Rx kernel listener to avoid potential dereference
|
|
after it's gone.
|
|
|
|
* Avoid closing vnodes during vnode recycle.
|
|
|
|
* Fix bogus call to FlushVS for vnode reclaims.
|
|
|
|
Linux
|
|
|
|
* Packaging updated for current configure options and built files.
|
|
|
|
* Cache bypass now holds reference on pages during readpage.
|
|
|
|
* s390x setgroups32 patching update.
|
|
|
|
MacOS
|
|
|
|
* DNS resolver is reinitialized on IP address change. (126440)
|
|
|
|
|
|
OpenAFS 1.5.76 (2010-08-16)
|
|
|
|
All platforms
|
|
|
|
* Updates to build-time configuration.
|
|
|
|
* Fix XDR support in Rx to match header definition.
|
|
|
|
* vos status now shows transaction creation, not action creation.
|
|
|
|
* Rx avoids reporting loopback adapters when listing interfaces.
|
|
|
|
All server platforms
|
|
|
|
* Demand-Attach Fileserver always built and installed (dafileserver,
|
|
davolserver, dasalvager).
|
|
|
|
* Return VNOVOL from fileserver when a volume is deleted.
|
|
|
|
* Ignore duplicate tags during volume restore operation.
|
|
|
|
* Update inode array after salvage repairs volume.
|
|
|
|
* Zero a corrupted header in memory during salvage to avoid further
|
|
corruption.
|
|
|
|
* Fix NAMEI backend to allow low-numbered volumes to work properly.
|
|
|
|
* ptserver does not include cell name as part of length check for
|
|
names.
|
|
|
|
* Updated error messages for unblessed volumes.
|
|
|
|
* vlserver avoids buffer overflow with regex pattern
|
|
|
|
* Attach-time failures now note failures as the rest of the fileserver
|
|
would.
|
|
|
|
* Server argument logging will no longer overflow stack.
|
|
|
|
* Provide fast-restart-like unsafe-nosalvage option for DAFS.
|
|
|
|
* Deal with host hash collisions in the fileserver.
|
|
|
|
Microsoft Windows
|
|
|
|
* Avoid crashing when interpreting a drive letter as potentially
|
|
matching a cell name.
|
|
|
|
* Properly handle volume package errors.
|
|
|
|
* Allow page recycling from known-readonly content without ensuring
|
|
they are not dirty.
|
|
|
|
* 32 bit tools installer should not override client configuration.
|
|
|
|
* Ensure root scache item has a valid callback when use is attempted.
|
|
|
|
* Freelance directory changes now properly invalidate and replace the
|
|
old root object.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Support disconnected reconnecting with specified UID for PAGless
|
|
platforms.
|
|
|
|
* Proper disconnected vnode reference tracking.
|
|
|
|
* Update server site blacklisting to not return success if nothing was
|
|
blacklisted.
|
|
|
|
* Avoid a panic during vcache contention due to CVInit vcache
|
|
racing. (127645)
|
|
|
|
FreeBSD
|
|
|
|
* Update for network stack in 8.1/9.0.
|
|
|
|
HP-UX
|
|
|
|
* Bug fixes.
|
|
|
|
Linux
|
|
|
|
* 2.6.36 support
|
|
|
|
* Disable PMTU error packet handling.
|
|
|
|
* flock() fixes.
|
|
|
|
* Debian packaging updated.
|
|
|
|
* freezer interface updates.
|
|
|
|
MacOS
|
|
|
|
* Hold references to disconnected mode written vnodes properly.
|
|
|
|
Solaris
|
|
|
|
* Handle NFS translator module references for amd64.
|
|
|
|
* INODE fileserver backend support now exists for amd64.
|
|
|
|
|
|
OpenAFS 1.5.75 (2010-07-07)
|
|
|
|
All platforms
|
|
|
|
* Prevent rx_rpc_stats global lock from being a bottleneck.
|
|
|
|
* Path MTU discovery is now provided to allow traffic to pass networks
|
|
with sub-1500 byte MTUs and poor fragment handling.
|
|
|
|
* Further reduce Rx NAT ping transmission when enabled.
|
|
|
|
* Update Kerberos 5-based token handling in rxkad from upstream
|
|
Heimdal. (127554)
|
|
|
|
* Update version numbers emitted during build to reflect what is
|
|
actually being built.
|
|
|
|
* Add "-human" switch for human-readable units in fs diskfree and
|
|
listquota. (124529)
|
|
|
|
* vos provides reasons for locked volumes when known.
|
|
|
|
* Do not count retransmission and ping acks as non-idle for Rx
|
|
connections.
|
|
|
|
* Rx: provide service-specific data getter and setter routines.
|
|
|
|
* Update build-time Kerberos detection.
|
|
|
|
* Updated userspace AFS client.
|
|
|
|
* Beginning of a modernized test suite.
|
|
|
|
* Additional documentation.
|
|
|
|
* Updated documentation, notably the Administrators Guide.
|
|
|
|
* Substantial code cleanup.
|
|
|
|
All server platforms
|
|
|
|
* Update handling of vnode allocation failures.
|
|
|
|
* DAFS: allow salvaging volumes not known to the fileserver, to allow
|
|
cleanup of data not attached to a current volume.
|
|
|
|
* Properly handle volumes slated for destruction.
|
|
|
|
* Handle volumes with many files properly.
|
|
|
|
* Force core file generation in bosserver by overriding default
|
|
resource limits when possible.
|
|
|
|
* Update vlclient and vldb_check.
|
|
|
|
* Avoid potentially corrupting a volume on creation if files are left
|
|
from previous failed cleanup.
|
|
|
|
* Note volume changed during salvage as needed.
|
|
|
|
* DAFS: do not assume invalid addresses are in fileserver address hash
|
|
table.
|
|
|
|
* Avoid tying up fileserver threads with volumes that are being taken
|
|
offline.
|
|
|
|
* Do not set inUse on volumes for non-DAFS other than in fileserver.
|
|
|
|
* Break origin's callback on target of rename operation.
|
|
|
|
* Avoid unneeded parent directory link updates during some rename
|
|
operations.
|
|
|
|
* Do not open /dev/console for writing in the fileserver.
|
|
|
|
* DAFS: avoid spurious restarts when binary restarts are configured.
|
|
|
|
* Avoid spurious and unneeded calls to sync(), which can slow down the
|
|
fileserver.
|
|
|
|
Microsoft Windows
|
|
|
|
* Revised SMB QuerySecurityInfo to address issues caused by MS10-020
|
|
(http://support.microsoft.com/kb/980232)
|
|
|
|
* Prevent use of the AFSCache file contents if mapped to a new
|
|
address.
|
|
|
|
* Make fs newcell include behavior compatible with the non-Windows
|
|
version.
|
|
|
|
* Provide a registry option (FreelanceImportCellServDB) to pre-create
|
|
mount points in the AFS root for all cells in CellServDB.
|
|
|
|
* Fix a memory leak in the cm_FreeServerList() routine.
|
|
|
|
* Reduce privilege when reading registry CellServDB.
|
|
|
|
* Add support for RPC Pipe Service NetWkstaGetInfo levels needed for
|
|
Windows 7.
|
|
|
|
* Prevent overflow when computing quota percentage in Explorer Shell.
|
|
(126846)
|
|
|
|
* Generate meaningful errors for ACL operations on freelance AFS root.
|
|
|
|
* Fix error handling on InlineBulkStatus RPCs.
|
|
|
|
* Show configuration pages for all types of MSI installations.
|
|
|
|
* Improve freemount AFS root directory handling and operations.
|
|
|
|
* Properly validate GetVolumeStatus pioctl responses.
|
|
|
|
* Commit file length changes and dirty buffers when flushing a file.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Update version of files for disk cache.
|
|
|
|
* Do not call afs_FlushVCBs with xvcache lock held, to improve
|
|
parallelization.
|
|
|
|
* Add mariner log messages for creating and removing files.
|
|
|
|
* Don't hold xvcache lock while creating symlinks, to improve
|
|
parallelization.
|
|
|
|
* Provide -dynroot-sparse mode to not show all cells in CellServDB in
|
|
dynroot mode.
|
|
|
|
* Avoid a potential crash in aklog in linked cell handling.
|
|
|
|
* Log MTU-caused packet retransmission.
|
|
|
|
* Prevent crashes caused be fs checkservers while cache is being set
|
|
up.
|
|
|
|
* fs getserverprefs now has a buffer large enough for the default
|
|
CellServDB.
|
|
|
|
* Report server address when logging warnings.
|
|
|
|
* Avoid panic in GetCapabilities when cell is not known.
|
|
|
|
* Lock process name and id for advisory lock warnings when possible.
|
|
|
|
* Handle need for allocating additional Rx packets.
|
|
|
|
* Properly handle errors from InlineBulkStatus operations.
|
|
|
|
* Fix errors returned from fcntl() on readonly files locked for write.
|
|
|
|
* Flush pending changes to the server on LOCK_EX unlock.
|
|
|
|
* Reflect length changes as a result of callbacks even when file is
|
|
open for write.
|
|
|
|
* Avoid hanging due to error exit when attempting to store a large
|
|
file to a non-largefile fileserver.
|
|
|
|
* Recover from afs_GetVolSlot errors.
|
|
|
|
FreeBSD
|
|
|
|
* Bugfixes for kernel VFS and network routines.
|
|
|
|
IRIX
|
|
|
|
* Provide makesname().
|
|
|
|
Linux
|
|
|
|
* Avoid syscall probes when keyrings are present, by default. (125215)
|
|
|
|
* Remove "Big Kernel Lock" from VFS operations.
|
|
|
|
* Use filehandles for all Linux 2.6 versions to avoid need for matched
|
|
afsd. (127530)
|
|
|
|
* Updated RPM packaging.
|
|
|
|
* Fix dkms configuration provided with RPMs.
|
|
|
|
* Hold reference on pages during background I/O for cache bypass.
|
|
|
|
* Fix cache bypass handling of non-largefile fileservers.
|
|
|
|
* Protect truncate_inode_pages mappings with mutex or semaphore as
|
|
needed.
|
|
|
|
* Fix pagevec use in cache bypass. (127505)
|
|
|
|
* Updates for 2.6.35
|
|
|
|
MacOS
|
|
|
|
* Improve launchd configuration.
|
|
|
|
* Avoid hanging on recursive cache file lock acquisition when user
|
|
notification is enabled.
|
|
|
|
* Fix and re-enable bulkstat mode.
|
|
|
|
OpenBSD
|
|
|
|
* Build updates.
|
|
|
|
Solaris
|
|
|
|
* Precluding unmount while AFS is busy.
|
|
|
|
* Avoid deadlocking when releasing the VFS object.
|
|
|
|
* Stop network interface poller in kernel on AFS shutdown.
|
|
|
|
* Avoid issues with lookups on empty directory names. (127356)
|
|
|
|
|
|
OpenAFS 1.5.74 (2010-04-22)
|
|
|
|
All platforms
|
|
|
|
* Add "vos setaddrs" command.
|
|
|
|
* Rx library lock contention avoidance between rx_NewCall and
|
|
rx_EndCall.
|
|
|
|
* Rx library races due to inconsistent use of rx_connection
|
|
conn_data_lock to protect the flags field.
|
|
|
|
* Rx library inconsistent use of RX_CALL_TQ_WAIT which could result in
|
|
deadlocks.
|
|
|
|
* Rx library must signal transmit queue waiters when flushing.
|
|
|
|
* afsmonitor shows busy counts now.
|
|
|
|
* afsmonitor displays xstat callback statistics.
|
|
|
|
* Provide expandgroups for pts mem on a supergroups server.
|
|
|
|
* Provide supergroup option to liste nested groups during pts mem.
|
|
|
|
All server platforms
|
|
|
|
* Avoid volume lock contention during DAFS startup.
|
|
|
|
Microsoft Windows
|
|
|
|
* Avoid a race when updating cell vldb server lists that can result in
|
|
a crash.
|
|
|
|
* Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA state
|
|
operations for directory objects.
|
|
|
|
* Add new Windows Application Event log messages for VBUSY,
|
|
VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN.
|
|
|
|
* Reduce lock contention by waiting for cm_buf_t I/O operations.
|
|
|
|
* Split the cm_buf_t flags field to separate the flags that are
|
|
protected by the cm_buf_t mutex from those protected by the
|
|
buf_globalLock.
|
|
|
|
* In cm_UpdateVolumeLocation, avoid searching for a ".readonly" volume
|
|
on a numeric volume name.
|
|
|
|
* File buffer allocations whose offsets are beyond server EOF should
|
|
be locally allocated and zero filled. The file server should not be
|
|
issued a FetchData rpc which is guaranteed to fail.
|
|
|
|
* Enable integrated logon to work with Windows 7/2008 when user logons
|
|
are performed with a non-Domain Kerberos principal.
|
|
|
|
* Add Protection Error messages to aklog output.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Provide a FUSE-interfacing userspace afs client.
|
|
|
|
* Updates to libuafs userspace cache manager.
|
|
|
|
* Probe servers using GetCapabilities instead of GetTime, thus
|
|
requiring fewer RPCs.
|
|
|
|
* Fix DNS SRV record handling for cell lookup.
|
|
|
|
FreeBSD
|
|
|
|
* Fix sleep/wakeup routines.
|
|
|
|
* Update for 8.0 release.
|
|
|
|
Linux
|
|
|
|
* Handle high memory addresses correctly.
|
|
|
|
MacOS
|
|
|
|
* Make 32 bit AFS syscalls work again.
|
|
|
|
* Work around finder "Duplicate" failure (caused by setting modes on
|
|
symlinks).
|
|
|
|
* Disable bulkstat again (will be re-enabled at or before .75).
|
|
|
|
* Provide symlink type hints during readdir.
|
|
|
|
|
|
OpenAFS 1.5.73 (2010-03-24)
|
|
|
|
All platforms
|
|
|
|
* NAT keepalive support at Rx level.
|
|
|
|
* Corrected SRV record support for cell name canonicalization.
|
|
|
|
All server platforms
|
|
|
|
* Fix volume callback notification to not notify unaffected clients.
|
|
(126497)
|
|
|
|
* Allow root directory recreation by salvager. (94658)
|
|
|
|
* Numerous DAFS fixes.
|
|
|
|
* Improvements to callback table overflow handling. (126451)
|
|
|
|
* bosserver now shuts down cleanly on SIGTERM.
|
|
|
|
Microsoft Windows
|
|
|
|
* Prevent the Explorer Shell extension from crashing if symlink
|
|
creation failed. (126406)
|
|
|
|
* A Rx level NAT ping has been implemented. A registry value enables.
|
|
|
|
* Adds krb5 error message translation to aklog, afscreds,
|
|
afslogon.dll, the network identity manager afs provider and
|
|
translate_et.
|
|
|
|
* Default mode bit settings for file and directory creation are now
|
|
provided, and can be configured.
|
|
|
|
* An SMB request trace facility is provided and can be enabled for
|
|
debugging.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Rx idle deadtime does not stop file writes.
|
|
|
|
* Disconnected AFS no longer has a race condition during remove ops.
|
|
|
|
* Fakestat avoids a condition which could cause it to block on network
|
|
activity.
|
|
|
|
* Several fixes to handle interruptions in vos operations. (33360,
|
|
125535)
|
|
|
|
* Allow more sysnames in a sysname list.
|
|
|
|
* Attempt to enforce timeouts on AFSDB lookups.
|
|
|
|
AIX
|
|
|
|
* Clean up properly on mount failure.
|
|
|
|
* Add entry to /etc/vfs to allow umount to work.
|
|
|
|
Linux
|
|
|
|
* Several issues to deal with older kernels.
|
|
|
|
* Avoid leaking the global lock in the /proc cellservdb code.
|
|
|
|
* Keyring destruction now cleans up all tokens.
|
|
|
|
* Keyring quotas are not enforced against root.
|
|
|
|
MacOS
|
|
|
|
* Some FSEvents hinting for authentication events now done. (23781)
|
|
|
|
* Update uninstaller. (125634)
|
|
|
|
* Rewrite afssettings and fstab code to avoid licensing issue with
|
|
APSL.
|
|
|
|
* Growl client for user monitoring of AFS events included.
|
|
|
|
* Properly support insert-only dropboxes.
|
|
|
|
* Add bulkstat support.
|
|
|
|
* Include support for moving in Finder across mount points.
|
|
|
|
* Preferences Pane includes support for Kerberos 5 ticket renewal.
|
|
|
|
|
|
OpenAFS 1.5.72 (2010-02-15)
|
|
|
|
All platforms
|
|
|
|
* Provide internationalization support in com_err.
|
|
|
|
* Fix array length checking to avoid crashes when checking for a
|
|
volume type based on name in vos.
|
|
|
|
All server platforms
|
|
|
|
* Provide backward compatible "-f" flag to salvager for force mode.
|
|
|
|
Microsoft Windows
|
|
|
|
* Restore use of DNS AFSDB and SRV records by kaserver clients.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Fix client cache file truncation to not lose chunks when truncating
|
|
a large file.
|
|
|
|
* Ensure a cache writeback hook is installed in the client (bug from
|
|
1.5.71).
|
|
|
|
* Avoid spurious free memory warnings during clean shutdown.
|
|
|
|
* Fakestat mode avoids AFSDB lookups.
|
|
|
|
* "fs storebehind" now correctly reports errors on readonly volumes.
|
|
|
|
* Additional documentation for "fs getcacheparms"
|
|
|
|
* Forced new uuid generation with "fs uuid -generate" now works
|
|
enforced permission correctly.
|
|
|
|
MacOS
|
|
|
|
* Add optimized Rx event handler in kernel.
|
|
|
|
* Installer now allows installing an older version.
|
|
|
|
* Panic decoder can now deal with MacOS 10.5 again.
|
|
|
|
* MacOS ._ files are now correctly not looked up as cellnames.
|
|
|
|
Linux
|
|
|
|
* To deal with SELinux file labeling, try cache accesses with current
|
|
credentials in event of failure.
|
|
|
|
* Rx XDR encoding bug on i386 Linux is fixed (bug introduced in
|
|
1.5.71).
|
|
|
|
IRIX
|
|
|
|
* Code compilation fixes.
|
|
|
|
OpenBSD
|
|
|
|
* Update for OpenBSD 4.6.
|
|
|
|
|
|
OpenAFS 1.5.69 (2010-01-19)
|
|
|
|
All platforms
|
|
|
|
* Configuration of BOSserver no longer defaults to weekly restarts
|
|
enabled.
|
|
|
|
* Provide BOS restricted mode by default.
|
|
|
|
* Add support for "vos endtrans" command.
|
|
|
|
* Default to providing full output from vos listvol.
|
|
|
|
* Correct additional-address tracking in the fileserver.
|
|
|
|
* Improve Rx performance by not unnecessarily dropping and reacquiring
|
|
call locks in read and write processes.
|
|
|
|
* Avoid crashes when monitoring volserver transactions across
|
|
potential transaction garbage collection.
|
|
|
|
* Numerous warning fixes.
|
|
|
|
All server platforms
|
|
|
|
* Avoid saving fileserver state in demand attach fileserver when
|
|
panicing.
|
|
|
|
* Demand attach fileserver allows other callers to schedule salvages.
|
|
|
|
* Demand attach "bos salvage" now works correctly with restricted
|
|
mode.
|
|
|
|
Microsoft Windows:
|
|
|
|
* Numerous changes to the client-internal btree directory handling to
|
|
prevent errors.
|
|
|
|
* fs examine reports owner and group ids as signed values (PTS groups
|
|
are negative).
|
|
|
|
* Preclude corruption due to races writing to smb buffers.
|
|
|
|
* Allow MTU settings in registry to be used.
|
|
|
|
* Apply MTU to both send and receive sizes.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Avoid double-freeing Rx call structure if reading a response from
|
|
the file server results in a short read.
|
|
|
|
* Handle negative lengths in FetchStatus results correctly.
|
|
|
|
* Properly clean up allocated memory at shutdown.
|
|
|
|
* Default to AFSDB compiled into the cache manager.
|
|
|
|
* Avoid inadvertant disclosure of stat() information to clients not so
|
|
entitled.
|
|
|
|
* Correct a bug with AFSDB lookups introduced with SRV record support.
|
|
|
|
MacOS
|
|
|
|
* Install kernel panic processing tool in /Library/OpenAFS/Tools.
|
|
|
|
* Include debugging symbols for kernel extension in additional package.
|
|
|
|
* Support "Application Firewall" users.
|
|
|
|
* Avoid ._cellname AFSDB lookups.
|
|
|
|
* Compile preferences pane as a universal binary.
|
|
|
|
Linux
|
|
|
|
* Use splice to speed up storing files.
|
|
|
|
* When using memcache, avoid duplicating work in readpages.
|
|
|
|
* Use dget_parent to safely find an inode's parent.
|
|
|
|
* Disable access time updates in our superblock.
|
|
|
|
* Avoid crashing doing writeback if no credentials were stashed at
|
|
file open.
|
|
|
|
* Simplify keyring support.
|
|
|
|
* Properly clean up vcache in event of failed mount.
|
|
|
|
FreeBSD
|
|
|
|
* Update for current FreeBSD 8.
|
|
|
|
Solaris
|
|
|
|
* Abstractly manipulate groups as now required.
|
|
|
|
* Abstractly access time instead of using lbolt directly.
|
|
|
|
|
|
OpenAFS 1.5.68 (2009-12-08)
|
|
|
|
All platforms
|
|
|
|
* aklog now attempts to convert non-AFS errors to human-readable
|
|
strings.
|
|
|
|
* Make stack not executable when compiling assembler source with GCC.
|
|
|
|
* Numerous source warning cleanups and code reorganization.
|
|
|
|
All server platforms
|
|
|
|
* Compute midnight for volume statistics calculation from local time.
|
|
|
|
* Salvager now orphans duplicate special inodes when running to allow
|
|
recovery in event of a problem, instead of simply ignoring the
|
|
issue.
|
|
|
|
* Support to ensure a server panic attempt leaves a core and thus
|
|
restarts in a timely manner, rather than potentially hanging. Use
|
|
panic to attempt cleanup before leaving a core when possible.
|
|
|
|
* Volume sync data reported during bulkstatus is now set correctly.
|
|
|
|
* Provide better tuning for fileserver file descriptor caching.
|
|
|
|
* Allow more than 128 threads in fileserver by modifying host
|
|
structure in-use tracking.
|
|
|
|
* Avoid crashes getting volume server status during transaction
|
|
cleanup.
|
|
|
|
* Improved logging of offline volume conditions.
|
|
|
|
* Correct volume statistics when cloning a volume.
|
|
|
|
* Avoid referencing host structures in the fileserver which are marked
|
|
for deletion.
|
|
|
|
* Demand attach fileserver corrections to avoid coring during an
|
|
aborted startup.
|
|
|
|
* host array bounds checking corrections to avoid buffer overflow.
|
|
|
|
* Handle special inodes correctly when promoting an inode fileserver
|
|
readonly volume to read-write.
|
|
|
|
Microsoft Windows
|
|
|
|
* Set the DOS Readonly attribute on a file/directory whenever the unix
|
|
mode combined with the mask 0200 is true. Previously there was a
|
|
discrepency between the mask used for testing for readonly behavior
|
|
and that used for setting the attribute.
|
|
|
|
* Disable AFSVolSync based .readonly "whole-volume callback" support
|
|
because the all file servers prior to 1.5.67 (and perhaps 1.4.12) do
|
|
not properly assign a value to the AFSVolSync structure in bulk
|
|
status RPC responses.
|
|
|
|
* Improve the error output from aklog to output the value from krb5
|
|
error_message() if the afs_com_err output indicates an unknown
|
|
value.
|
|
|
|
* Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and do not permit
|
|
them to be exposed to the smb redirector.
|
|
|
|
* Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT to avoid
|
|
confusion within the smb redirector.
|
|
|
|
* Fix the byte order assigned to port numbers associated with AFSDB
|
|
record lookups. They must be network byte order not host byte
|
|
order.
|
|
|
|
* Add dynamic server ranking based on RPC round trip time
|
|
measurements.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Additional shutdown-time memory leaks removed.
|
|
|
|
* Improved logging of resource contention.
|
|
|
|
* Provide dumping for Rx debug packet tracking support in source.
|
|
|
|
* Update afscp test client to build, and provide an unlock client.
|
|
|
|
* Client buffers for directory parsing can now be allocated beyond the
|
|
fixed set formerly provided.
|
|
|
|
* Work around race condition when manipulating read-only volume
|
|
callbacks.
|
|
|
|
* Bugfixes to get PAG value pioctl.
|
|
|
|
* Bugfixes to SRV record support.
|
|
|
|
Linux
|
|
|
|
* Path MTU tracking code cleanup.
|
|
|
|
* Avoid an oops due to racing with vcache recycling thread.
|
|
|
|
* Changes to keyring PAG handling: for sufficiently new kernels, use
|
|
only keyring-based PAGs, and disable group PAGs entirely.
|
|
|
|
* Updates to the kernel page cache interface: writing pages will now
|
|
not spuriously leak page locks, and will avoid requiring duplicate
|
|
work.
|
|
|
|
* Credential references are now tracked using native atomic counters.
|
|
|
|
* Kernel mutex/semaphore lock ordering fix to avoid deadlocks.
|
|
|
|
* Manipulate disk cache with credentials used to initialize it, to
|
|
avoid security issues.
|
|
|
|
MacOS
|
|
|
|
* Fix fstrace message catalog location.
|
|
|
|
* Fix kernel fstrace logging.
|
|
|
|
|
|
OpenAFS 1.5.66 (2009-10-25)
|
|
|
|
All platforms
|
|
|
|
* Avoid calling exit() in library code.
|
|
|
|
* Add rx window size and peer timeout tuning APIs.
|
|
|
|
* Correct rx peer timeout handling to disallow 0ms timeouts.
|
|
|
|
* Correct calculation of rx RTT by disregarding retransmitted packets.
|
|
|
|
* vos manpages updated to reflect changes in recent versions.
|
|
|
|
* GNU-style long options (e.g. --cell) are now supported in all
|
|
commands.
|
|
|
|
* fs listacl can now print a command to recreate the current ACL.
|
|
|
|
All server platforms
|
|
|
|
* Fix a race on transaction objects in the volserver which can cause a
|
|
crash.
|
|
|
|
* Avoid destroying and setting to NULL the callback connection when it
|
|
could still be being used.
|
|
|
|
* Correct unlink handling in salvager.
|
|
|
|
* Improve error messages due to I/O errors in the volserver.
|
|
|
|
* Correct an issue which caused converted RO to RW volumes on namei
|
|
fileservers to not come online immediately.
|
|
|
|
Microsoft Windows
|
|
|
|
* Official support for Windows 7 and Server 2008 R2.
|
|
|
|
* Prevent a file server bug (FetchData returning an invalid length
|
|
instead of zero) from causing an "unexpected network error" when
|
|
writing to files.
|
|
|
|
* Promote DNS SRV records as superior to DNS AFSDB records. Support
|
|
arbitrary port numbers for vldb servers.
|
|
|
|
* Add AFSVolSync based .readonly "whole-volume callback" support.
|
|
With this functionality, multiple objects from a .readonly volume
|
|
can have their status validated by issuing a single
|
|
RXAFS_FetchStatus RPC.
|
|
|
|
* Remove drive mapping functionality and service start/stop from
|
|
afscreds.exe.
|
|
|
|
* Remove drive mapping functionality from afs_config.exe.
|
|
|
|
* Use {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab" to
|
|
restore access to drive mapping functionality in afscreds.exe and
|
|
afs_config.exe.
|
|
|
|
* Adjust SMB error return codes to avoid returning STATUS_TIMEOUT
|
|
which results in the SMB redirector disconnecting.
|
|
|
|
* Network Identity Manager OpenAFS Provider now provides its own "AFS
|
|
lock" notification icon to report the status of "have tokens, have
|
|
no tokens, service not started, service started but inaccessible".
|
|
Hovering over the icon lists the cells for which tokens exist (if
|
|
any) and the OpenAFS version number. Double-clicking executes the
|
|
Network Identity Manager default action.
|
|
|
|
* Prevent pioctl calls from retrying indefinitely when a sharing
|
|
violation error occurs.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Correct a condition which could discard the error from initializing
|
|
a fetch request.
|
|
|
|
* Avoid using invalid references to afs_Conn connection structures,
|
|
and thus potentially producing invalid data when a retry is needed.
|
|
|
|
* SRV records are now supported for discovering AFS servers.
|
|
|
|
Linux
|
|
|
|
* Correct writepage behavior.
|
|
|
|
* Fix error code handling in the writepage code.
|
|
|
|
* Avoid leaking page locks, which could potentially hang a machine.
|
|
|
|
MacOS X
|
|
|
|
* Preferences Pane improvements.
|
|
|
|
HP-UX
|
|
|
|
* Avoiding attempting to handle critical signals in servers, so that
|
|
core file handling works correctly.
|
|
|
|
|
|
OpenAFS 1.5.65 (2009-10-06)
|
|
|
|
All platforms
|
|
|
|
* Code compilation warning fixes, to enable better finding and
|
|
tracking bugs.
|
|
|
|
* Provide configure-time switch to enable code warning compilation.
|
|
|
|
All server platforms
|
|
|
|
* Demand-attach fileserver now makes volume LRU list operations
|
|
exclusive operations to avoid races during adding to the list.
|
|
|
|
* Fileservers now avoid potential "negative length" fetches.
|
|
|
|
* A leak in host tracking objects in the fileserver has been fixed.
|
|
|
|
* Salvager now unlinks all files by full path, to deal with the change
|
|
to not chdir for core file tracking.
|
|
|
|
* Salvager avoids asserting if the volume header is unreadable.
|
|
|
|
* Demand-attach fileserver puts back volume references from fssync
|
|
handlers when done.
|
|
|
|
Microsoft Windows
|
|
|
|
* Improved service response to suspend and shutdown event
|
|
notifications.
|
|
|
|
* Avoid a bug in the file server that can result in an invalid length
|
|
being returned as part of a fetch data response if the client
|
|
attempts to read beyond the length of the file.
|
|
|
|
* Do not publish a default stream object for directories and mount
|
|
point objects. This was impacting the ability of some Windows XP
|
|
systems to save roaming profiles.
|
|
|
|
All UNIX client platforms
|
|
|
|
* A bug which could cause erroneous handling of lengths on data reads
|
|
has been fixed.
|
|
|
|
* A bug where erroneous length returns from the fileserver could
|
|
result in a false error has been fixed.
|
|
|
|
Linux
|
|
|
|
* Background page copies are now supported for enhanced disk cache
|
|
read performance.
|
|
|
|
* Blocking readahead is supported in readpages() to reduce overhead.
|
|
|
|
* Use readpage() instead of read() to access cache data to avail disk
|
|
cache users of the kernel backing cache for improved performance.
|
|
|
|
* Minimize credential handling for improved performance.
|
|
|
|
MacOS X
|
|
|
|
* Preferences Pane cleanup.
|
|
|
|
Solaris
|
|
|
|
* Provide a fs_pathconf method with sensible defaults.
|
|
|
|
* Provide a _PC_FILESIZEBITS method to fix some NFS translator
|
|
consumers.
|
|
|
|
|
|
OpenAFS 1.5.64 (2009-09-22)
|
|
|
|
All server platforms
|
|
|
|
* The demand attach fileserver now puts back volume references gotten
|
|
via the fssync interface.
|
|
|
|
* The demand attach fileserver had a structure reference error, which
|
|
has been correected.
|
|
|
|
Microsoft Windows
|
|
|
|
* Restores Windows 2000 compatibility.
|
|
|
|
* Fixes a data consistency error between the output of NetWkstaGetInfo
|
|
and NetServerGetInfo RPCs, specify the Lan workstation group name
|
|
"AFS", and report server name as "AFS" instead of "\\AFS" when the
|
|
caller asks for "\\AFS".
|
|
|
|
* Enables executables to be run from \\AFS on Windows 7. Returns
|
|
"Name not found" instead of "File not found" when a directory or
|
|
file name cannot be found. This avoids loader errors when system
|
|
dlls cannot be located in the executable directory.
|
|
|
|
* Prevents cache manager from marking the file server "down" when the
|
|
data returned in response to either RXAFS_FetchData64 or
|
|
RXAFS_StoreData64 is invalid.
|
|
|
|
* Adds pioctl data validation to the AFS Explorer Shell extension.
|
|
|
|
All UNIX client platforms
|
|
|
|
* A bug which could cause a kernel panic in 1.5.63 has been corrected.
|
|
This would manifest as a GetDCache panic or oops.
|
|
|
|
Linux
|
|
|
|
* aklog -setpag works again with recent kernels when keyring is in
|
|
use.
|
|
|
|
MacOS
|
|
|
|
* When Fast User Switch is in use, AFS login is now handled correctly
|
|
by the integration tool included with the preferences pane.
|
|
|
|
* Several packaging bugs have been corrected.
|
|
|
|
|
|
OpenAFS 1.5.63 (2009-09-11)
|
|
|
|
All platforms
|
|
|
|
* The restorevol command is now documented and installed as a user
|
|
command.
|
|
|
|
* The uss command now properly translates vldb entries to its expected
|
|
format when handling them in all cases.
|
|
|
|
* Documentation now refers to Kerberos instead of kaserver.
|
|
|
|
All server platforms
|
|
|
|
* bosserver now handles BosConfig.new when restarting, allowing
|
|
configuration to be replaced at restart time rather than with bos
|
|
delete and bos create. Documentation is updated to reflect this.
|
|
|
|
* The demand attach fileservice not longer potentially hangs trying to
|
|
terminate demand-salvages which have already exited.
|
|
|
|
* The demand attach fileservice has been modified to avoid spurious
|
|
'SYNC_putRes: write failed' warnings when some protocol messages
|
|
cannot be acknowledged due to the sender terminating the connection.
|
|
|
|
* In the event of failure to contact the vlserver or ptserver, the
|
|
fileserver will not exit and trigger a forced salvage. It will
|
|
continue to try in the background to contact the needed services.
|
|
|
|
* The salvager can now repair certain cases of a damamged vnode index.
|
|
|
|
* The accessDate metadata for a volume is now updated correctly.
|
|
|
|
Microsoft Windows
|
|
|
|
* CRITICAL: Some applications for example those based on Cygwin were
|
|
unable to access data stored in the AFS name space. Explorer Shell
|
|
also experienced inconsistent behavior. This is fixed.
|
|
|
|
* CRITICAL: Multiple AFS pioctl requests issued nearly simultaneously
|
|
by applications could result in pioctl responses being received by
|
|
the wrong requester. This in turn could result in application
|
|
crashes. symlink.exe, fs.exe, afslogon.dll, afscreds.exe, and the
|
|
netidmgr afscred.dll plugin were all affected.
|
|
|
|
* Some XP machines running 1.5.62 had trouble saving roaming profile
|
|
data. This is fixed.
|
|
|
|
* Integrated Logon (afslogon.dll) did not function with domain
|
|
specific configurations.
|
|
|
|
* Ensure that access denied and over quota errors experienced while
|
|
storing data to the file server do not result in on-going retry
|
|
attempts.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Except on Solaris and AIX, the compiler may now be overriden at
|
|
configure time by setting the CC environment variable.
|
|
|
|
* afsd now properly deals with large cache partitions.
|
|
|
|
FreeBSD
|
|
|
|
* Build shared libafsauthent and libafsrpc.
|
|
|
|
Linux
|
|
|
|
* Kernel module DKMS support now installs an unstripped module to
|
|
allow debugging information to be collected.
|
|
|
|
MacOS
|
|
|
|
* Preferences pane properly updates token information.
|
|
|
|
MacOS 10.6
|
|
|
|
* klog will now properly handle passwords of 8 or fewer characters
|
|
with an AFS string to key on hosts able to run 64 bit binaries.
|
|
|
|
* A panic at AFS shutdown due to "NO PCB" on a udp_lock has been
|
|
addressed.
|
|
|
|
* The panic decoder script included in the source now properly handles
|
|
32 and 64 bit panics.
|
|
|
|
NetBSD
|
|
|
|
* Avoid defining AFS_KERBEROS_ENV globally as it creates a circular
|
|
dependency.
|
|
|
|
* Build shared libafsauthent and libafsrpc.
|
|
|
|
OpenBSD
|
|
|
|
* Build shared libafsauthent and libafsrpc.
|
|
|
|
|
|
OpenAFS 1.5.62 (2009-08-28)
|
|
|
|
All platforms
|
|
|
|
* Numerous invisible changes to improve code maintainability,
|
|
portability and enhanceability.
|
|
|
|
Microsoft Windows
|
|
|
|
* CRITICAL: Fixes two errors that can result in data loss when storing
|
|
data to the file server.
|
|
1. Failure to Store Portions of Unaligned Writes
|
|
2. Failure to Store Data to File Servers Lacking Large File Support
|
|
Read the announcement for more details:
|
|
http://www.openafs.org/pipermail/openafs-announce/2009/000305.html
|
|
|
|
* CRITICAL: The cache manager daemon thread could terminate when the
|
|
machine enters suspend mode. This daemon thread performs the
|
|
background check of down servers, offline volumes, callback
|
|
expirations, etc.
|
|
|
|
* CRITICAL: Integrated Logon (afslogon.dll) was terminating
|
|
unexpectedly. Error checking has been improved and NULL pointer
|
|
dereferences after Lsa API calls fail have been eliminated.
|
|
|
|
* For the first time, the OpenAFS SMB Server supports the DCE RPC
|
|
services SRVSVC and WKSSVC. Browsing \\AFS with the Explorer Shell
|
|
or NET VIEW will now be faster and provide additional functionality.
|
|
No longer will cell names longer than 12 characters be truncated.
|
|
|
|
* Improvements to DFS Referral request processing have been
|
|
implemented.
|
|
|
|
* Unnecessary DNS lookups of share names are avoided improving
|
|
performance.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Non-Kerberos PAM modules work correctly again.
|
|
|
|
MacOS X
|
|
|
|
* MacOS 10.6 (Snowleopard) is now supported, both 32 and 64 bit mode.
|
|
|
|
* Updates to the AFSCommander preferences pane.
|
|
|
|
* Installer now permits cell names with dashes.
|
|
|
|
|
|
OpenAFS 1.5.61 (2009-08-06)
|
|
|
|
All platforms
|
|
|
|
* Correct another race condition in the Rx library that could result
|
|
in an unexpected panic while freeing the Rx call iovq.
|
|
|
|
* rx packet resend and data packets sent counts were incorrect.
|
|
|
|
* fs setquota, fs setcachesize, vos setfields, and vos create now
|
|
accept human readable orders of magnitude. (K, M, G)
|
|
|
|
* fs listquota fixed to permit large quota sizes to be displayed.
|
|
|
|
* Correct documentation of bosserver permissions requirements.
|
|
|
|
* Modify vlserver to avoid potentially corrupting the database through
|
|
volume id reuse.
|
|
|
|
* Generalized support for fast Rx timeout due to network
|
|
down/unreachable.
|
|
|
|
All server platforms
|
|
|
|
* Allow audit logs to be sent via sys5 IPC message queues instead of
|
|
logged directly.
|
|
|
|
Microsoft Windows
|
|
|
|
* If a file server becomes inaccessible while the cache manager has
|
|
dirty buffers to write, the afsd_service buf_IncrSync thread can
|
|
attempt to use 100% of the cpu.
|
|
|
|
* Fix "fs newcell" which was broken in 1.5.60.
|
|
|
|
* Do not attempt to synchronize dirty buffers if the associated volume
|
|
is known to be unavailable.
|
|
|
|
* Modify behavior of a Freelance mountpoint target that does not
|
|
specify a cell. Instead of assuming the target volume is in the
|
|
Freelance.Local cell, use the workstation "Cell" specified in the
|
|
registry. A mountpoint target of "#root.cell." will now mean the
|
|
root.cell volume in the workstation cell for the current session.
|
|
If the workstation cell changes from "athena.mit.edu" to
|
|
"andrew.cmu.edu", the referenced volume will also change without
|
|
requiring that the mount point targets be altered.
|
|
|
|
* Add cm_FindServerByUuid(). Re-implement RXAFS_InitCallBackState3()
|
|
to permit the server Uuid to be used to lookup the server object and
|
|
from that determine the cell. This permits callbacks that are
|
|
received from alternate addresses to be processed with a known
|
|
server object. Previously a request from an unknown server would
|
|
clear all callbacks from all cells.
|
|
|
|
* Fix a bug that prevented optimal performance when using a non-zero
|
|
value for 'daemonCheckVolCBInterval'. As a reminder, when
|
|
"daemonCheckVolCBInterval" is set to a non-zero value, all .readonly
|
|
volume callbacks are automatically renewed 90 minutes before their
|
|
expiration.
|
|
|
|
* Fix automatic ranking of vldb servers whose values are obtained from
|
|
the CellServDB file.
|
|
|
|
* Add failover for RX CALL TIMEOUT errors when the volume is readonly
|
|
or the call is to a vldb server.
|
|
|
|
* Add registry based cell search functionality to NetIdMgr,
|
|
afs_config.exe, and klog.exe.
|
|
|
|
* afsconf_GetCellInfo() has been modified to perform gethostbyname()
|
|
lookups on the host names in the CellServDB instead of using the
|
|
specified IP addresses. This provides aklog, pts, vos, etc. the
|
|
same CellServDB behavior that the Windows Cache Manager uses.
|
|
|
|
* When updating the stat cache entry callback of a .readonly object
|
|
from the volume group object, update the file server reference to
|
|
ensure it matches the most update to date callback.
|
|
|
|
* Add proper support for processing callbacks from multi-homed file
|
|
servers. Instead of comparing servers by cm_server_t pointer,
|
|
compare them by UUID when the UUID is known.
|
|
|
|
* During a shutdown short circuit the offline volume check daemon
|
|
functionality.
|
|
|
|
* Return the error code of RXAFS_FetchData / RXAFS_StoreData in
|
|
preference to an error code reported by rx_EndCall.
|
|
|
|
* Add "PerFileAccessCheck" registry value to permit testing against
|
|
experimental file servers that include per-file acl support. This
|
|
value is intentionally undocumented. It is not to be used by
|
|
production environment deployments.
|
|
|
|
* Fix a bug introduced in 1.5.60 that prevents the afs netidmgr
|
|
provider from obtaining tokens when referrals are in play.
|
|
|
|
* Add "fs chown" and "fs chgrp" commands to permit the owner and group
|
|
of objects stored in AFS to be set from Windows.
|
|
|
|
* Avoid performing background daemon operations when the machine is
|
|
going into suspend mode.
|
|
|
|
* Perform offline volume checks in most recently used order.
|
|
|
|
* Prevent crash when a data version for a cache object goes backwards.
|
|
|
|
* Multi-thread safe library versions are now being generated and used.
|
|
mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib.
|
|
|
|
* Microsoft SMB Redirector (mrxsmb.sys) support for
|
|
ExtendedSessTimeout values are now available on XP through Windows
|
|
7. Add functionality to autodetect if such support is present on
|
|
the machine. If so, configure it if necessary and dynamically
|
|
adjust the AFS Rx timeout values accordingly.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Fix out-of-tree source builds.
|
|
|
|
MacOS
|
|
|
|
* GUI installer now asks for local cell information.
|
|
|
|
* AFS Commander preferences pane is now installed by default.
|
|
|
|
Solaris
|
|
|
|
* Avoid kernel panics due to null pointer dereferences in the network
|
|
interface poller kernel thread.
|
|
|
|
|
|
OpenAFS 1.5.60 (2009-05-31)
|
|
|
|
All platforms
|
|
|
|
* Retry volserver transaction creation on failure.
|
|
|
|
* Allow building HTML and PDF documentation from included XML copies
|
|
of User Guide, Admin Guide and Quick Start Guide for Unix.
|
|
|
|
* Documentation updates and additional documentation.
|
|
|
|
* Add -encrypt support to pts client.
|
|
|
|
* Convert MR-AFS fs commands to OSD commands.
|
|
|
|
All server platforms
|
|
|
|
* Updated background sync process in fileserver to avoid a race which
|
|
could result in a volume being taken offline.
|
|
|
|
Microsoft Windows
|
|
|
|
* On April 9th Microsoft released a Hot Fix for Windows Server 2003
|
|
SP2 that corrects a deadlock in the smb redirector and also adds new
|
|
functionality that permits the AFS SMB server to be given a longer
|
|
timeout than is normally the case. New functionality has been added
|
|
to configure these additional LanmanWorkstation\Parameter values.
|
|
(This functionality has been backported to XP SP3 and is scheduled
|
|
to be released on June 5th.)
|
|
|
|
* Fix RT#124787, a race condition between "fs flush <dir>", "fs
|
|
flushvolume", or "fs flushall" and on-going directory operations
|
|
that can result in afsd_service.exe crashing.
|
|
|
|
* Release Notes, User and Administrator guides are now shipped as
|
|
indexed Windows HtmlHelp Files. (.chm). Shortcuts are provided from
|
|
the Start Menu.
|
|
|
|
* A method of specifying Client CellServDB information within the
|
|
registry has been added that can be used to either override the
|
|
CellServDB file or force the use of DNS lookups for a given cell.
|
|
See the release notes for details.
|
|
|
|
* The pioctl interface now properly handles drive letter substitution
|
|
to UNC paths. (SUBST <d:> <\\afs\cell\path>)
|
|
|
|
* The BackConnectionHostNames registry value configuration was broken
|
|
when dynamic re-establishment of Netbios Name registrations was
|
|
added. This release restores the functionality.
|
|
|
|
* All hidden vos.exe commands are now revealed.
|
|
|
|
* Attempts to store the same dirty file chunk from multiple threads
|
|
are now prevented.
|
|
|
|
* The IsPathInAfs test in Explorer Shell Extension and fs.exe now
|
|
permits broken symlinks to be treated as being in AFS.
|
|
|
|
* vos.exe commands that output 64-bit integer values once again do so.
|
|
This was broken in 1.5.59.
|
|
|
|
* Cygwin Import Libraries are provided in the SDK for all OpenAFS
|
|
DLLs. This permits building cygwin applications against OpenAFS
|
|
libraries.
|
|
|
|
* NSIS installer does a much better job of cleaning up files left over
|
|
from previous installs.
|
|
|
|
* libafsconf.dll moved from Client\Program to Common directory as is
|
|
is now used by all modules for CellServDB processing.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Write back changes on last store for memcache to avoid discarding
|
|
changes.
|
|
|
|
* Abstract disk cache support to allow for path, fh, inode based
|
|
caches with no need for messy ifdef structures each time a new type
|
|
is added.
|
|
|
|
DragonflyBSD
|
|
|
|
* Support as a userland port.
|
|
|
|
FreeBSD
|
|
|
|
* Corrected structure definition for userspace cache manager to allow
|
|
builds to complete.
|
|
|
|
Linux
|
|
|
|
* Corrected client locking support.
|
|
|
|
* Updated patch to stop deadlocking in the kernel during mmap.
|
|
|
|
* Avoid oops when setting up groups for PAGs to match keyrings.
|
|
|
|
* Use Linux fh-based cache in cases where possible by default.
|
|
|
|
MacOS 10.3:
|
|
|
|
* Corrected structure definition for userspace cache manager to allow
|
|
builds to complete.
|
|
|
|
OpenBSD
|
|
|
|
* Support for OpenBSD 4.5.
|
|
|
|
Solaris
|
|
|
|
* Corrected support for server-side vos split interface.
|
|
|
|
|
|
OpenAFS 1.5.59 (2009-04-06)
|
|
|
|
Microsoft Windows
|
|
|
|
* Increased service priority class to "High" to match the priority of
|
|
system components that are dependent upon the a timely response.
|
|
|
|
* SMB error responses avoid returning errors that could confuse the
|
|
Microsoft SMB redirector into disconnecting the connection to \\AFS.
|
|
|
|
All UNIX client platforms (except MacOS X 10.4 and 10.5)
|
|
|
|
* OpenAFS 1.5.59 contains fixes for the client issues addressed by the
|
|
security advisories OPENAFS-SA-2009-001 and OPENAFS-SA-2009-002.
|
|
|
|
Linux platforms
|
|
|
|
* Support for prerelease Linux 2.6.30 kernels.
|
|
|
|
|
|
OpenAFS 1.5.58 (2009-03-30)
|
|
|
|
All platforms
|
|
|
|
* Code cleanup and prototyping.
|
|
|
|
* Avoid unnecessary blocking in Rx periodic cleanup code.
|
|
|
|
All server platforms
|
|
|
|
* Fileserver CopyOnWrite routine optimized for performance.
|
|
|
|
* Make fileserver callback dumps 64 bit safe.
|
|
|
|
* Fix byte order issues with fileserver host hashing.
|
|
|
|
* Fix buffer size issues with butc.
|
|
|
|
* Fix several Ubik recovery issues.
|
|
|
|
* Avoid leaking file references in the fileserver.
|
|
|
|
* Fix a race in DAFS while closing vnodes, and another offlining
|
|
volumes.
|
|
|
|
* volserver interfaces for volume splitting client.
|
|
|
|
Microsoft Windows
|
|
|
|
* [RT 124293] A race condition exists which can result in a crash.
|
|
|
|
* [RT 124276] If the vldb is out of sync with the contents of the file
|
|
servers, afsd_service will retry too many times when a file server
|
|
reports a volume as not being present. Now if the list reported by
|
|
the vldb is the same as the previously seen list, then the retry is
|
|
aborted.
|
|
|
|
* [RT 124276] Read-only volume failover was broken in 1.5.53 whenever
|
|
accessing a volume results in VNOVOL or VMOVED.
|
|
|
|
* [RT 124276] Prior to 1.3.70 the volume server reference list was not
|
|
reference counted and would be prematurely freed while in use. When
|
|
reference counting was added in 1.3.70 a bug was introduced that
|
|
could result in service reference list corruption.
|
|
|
|
* Add Windows Application Event Log warning messages for "Client SMB
|
|
MPX value too large" and "Client SMB Buffer Size too small".
|
|
|
|
* Renaming of files across directory boundaries would result in an
|
|
invalid handle error when attempting to access the files after the
|
|
move.
|
|
|
|
* Fix the handling of Tran2 Set Path Info RPCs. Do not fail when a
|
|
smb file descriptor cannot be found. The whole point of using a
|
|
Path Info function is because an smb file descriptor wasn't
|
|
allocated.
|
|
|
|
* More edge cases in which dynamic addition of Freelance root.afs
|
|
entries would get the wrong FID or where the root.afs directory
|
|
would not be refreshed.
|
|
|
|
* Buffer overflow could occur if the workstation cell name was longer
|
|
than 64 characters. Crashes could occur in afscreds.exe,
|
|
afslogon.dll, and afsd_service.exe.
|
|
|
|
* VNOSERVICE and VOFFLINE errors were leaking and were exposed to the
|
|
smb client.
|
|
|
|
* Log file server uuid values as part of the cm_server object when
|
|
available. Dump the cm_server object list in response to "fs
|
|
memdump".
|
|
|
|
* Optimize the performance of resetting access control lists when
|
|
tokens are set or removed.
|
|
|
|
* Remove symlink recursion tests and increase max symlink count to 64
|
|
from 16.
|
|
|
|
* Windows specific Rx performance improvements.
|
|
|
|
* Support for Network Identity Manager 2.0
|
|
|
|
All UNIX client platforms
|
|
|
|
* Avoid issues with freeing resources at shutdown.
|
|
|
|
* Numerous fixes to disconnected AFS.
|
|
|
|
* Disconnected AFS fixes for replaying changes without double-freeing.
|
|
|
|
* Attempt to use krb524 principal conversion in aklog if available.
|
|
|
|
AIX
|
|
|
|
* Kerberos configuration at build time corrected.
|
|
|
|
Linux
|
|
|
|
* Default to dynamic allocation of AFS kernel cache entries to allow
|
|
growth for inotify()-pinned entries. (beagle, famd, etc)
|
|
|
|
* Change client truncation routines to avoid locking issues.
|
|
|
|
* IA64 port clients fixed on Linux 2.6.
|
|
|
|
* RPMs now install fstrace message catalog.
|
|
|
|
* Support through kernel 2.6.29 tested.
|
|
|
|
* Fix locking issues on CellServDB file in /proc.
|
|
|
|
OpenBSD
|
|
|
|
* Support OpenBSD 4.4
|
|
|
|
|
|
OpenAFS 1.5.57 (2009-01-23)
|
|
|
|
All platforms
|
|
|
|
* Conditional compilation of rxdebug support is now possible.
|
|
|
|
* Documentation updates.
|
|
|
|
* Further race connditions in Rx have been corrected.
|
|
|
|
All server platforms
|
|
|
|
* Salvager no longer attempts to recreate headers in the wrong
|
|
partition.
|
|
|
|
* Volumes are properly marked in use on creation and subsequently on
|
|
examination with vos.
|
|
|
|
Microsoft Windows
|
|
|
|
* Undo the "UAC manifest fix" applied to afs_config.exe.
|
|
|
|
* Ensure that Freelance allocation of vnodes follow the AFS convention
|
|
of odd vnodes are directories and everything else is an even vnode.
|
|
|
|
* Add Freelance logic to mount point and symlink evaluation functions.
|
|
|
|
* Enhance smb_ParseASCIIBlock() so that it can handle all of the
|
|
STRING formats defined by the CIFS Technical Report 1.0.
|
|
|
|
* Validate the output of smb_ParseASCIIBlock() in all callers. Return
|
|
CM_ERROR_BADSMB if the STRING field cannot be parsed.
|
|
CM_ERROR_BADSMB will cause the contents of the packet to be logged.
|
|
|
|
* If multiple SMB Raw Write operations were taking place at the same
|
|
time, there could be data corruption because unique event objects
|
|
were not generated for each Netbios receive operation.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Userspace AFS library can now deal with large files when supported
|
|
by the platform.
|
|
|
|
* Numerous updates to disconnected AFS support, including changes to
|
|
allow reconnection to work in more circumstances.
|
|
|
|
FreeBSD
|
|
|
|
* FreeBSD unstrategy code has been updated.
|
|
|
|
Linux
|
|
|
|
* A race during file truncation has been corrected.
|
|
|
|
* System call probing routines have been updated.
|
|
|
|
* 2.6.29 is now supported.
|
|
|
|
MacOS
|
|
|
|
* 10.3 support has been corrected.
|
|
|
|
OpenBSD
|
|
|
|
* Initial OpenBSD 4.4 support.
|
|
|
|
Solaris
|
|
|
|
* Updates to allow compiling on newer OpenSolaris are now included.
|
|
|
|
|
|
OpenAFS 1.5.56 (2008-12-30)
|
|
|
|
All platforms
|
|
|
|
* libuafs (userspace cache manager) updated to correct several errors.
|
|
|
|
* Additional rx debugging support is available as a conditional
|
|
compile.
|
|
|
|
* A race condition in Rx leading to a panic has been corrected.
|
|
|
|
* Rx idle time tracking has been corrected.
|
|
|
|
* ubik clone server support has been corrected.
|
|
|
|
All server platforms
|
|
|
|
* Salvager no longer leaves cores in vice partitions.
|
|
|
|
* The vol-dump tool now supports dumps larger than 2gb where possible.
|
|
|
|
* Operations on multiple files now report all FIDs in the audit log.
|
|
|
|
* butc XBSA support now works correctly on amd64.
|
|
|
|
Microsoft Windows
|
|
|
|
* The NetIDMgr AFS Provider automated configuration logic was broken
|
|
by the introduction of Kerberos referrals. If the realm of the
|
|
identity cannot be determined, the workstation cell is now assumed
|
|
to belong to the newly created identity.
|
|
|
|
* Avoid a reference count under flow during rename operations.
|
|
|
|
* Avoid a crash caused by treating an arbitrary length directory
|
|
search mask as an 8.3 mask.
|
|
|
|
* Prevent rename operations if a case insensitive match for the target
|
|
name already exists and does not refer to the object being renamed.
|
|
|
|
* Increase the maximum number of background daemons to 64.
|
|
|
|
* Fix the UAC manifest applied to afs_config.exe
|
|
|
|
All UNIX client platforms
|
|
|
|
* Updates to disconnected AFS support.
|
|
|
|
FreeBSD
|
|
|
|
* FreeBSD 7.1 is now supported.
|
|
|
|
* amd64 FreeBSD is now supported.
|
|
|
|
Linux
|
|
|
|
* Generic fh (exportfs API) cache type is now available.
|
|
|
|
* Avoid some oopses due to backing_dev_info inode fields not being
|
|
filled.
|
|
|
|
* 2.6.28 is now supported.
|
|
|
|
MacOS
|
|
|
|
* 10.3 support has been corrected.
|
|
|
|
Solaris
|
|
|
|
* Large partition support has been corrected.
|
|
|
|
* Filesystem-agnostic cache is now available on Solaris 10 and 11.
|
|
|
|
|
|
OpenAFS 1.5.55 (2009-11-10)
|
|
|
|
All platforms
|
|
|
|
* Salvager avoids leaving core files in vice partitions.
|
|
|
|
* NFS translator fixes.
|
|
|
|
* Unresponsive server handling fixes.
|
|
|
|
* A volserver race which could result in duplicate transactions is
|
|
fixed.
|
|
|
|
Microsoft Windows
|
|
|
|
* Fixes a panic caused by corruption of the SMB virtual circuit list.
|
|
(race condition)
|
|
|
|
* Fixes a panic caused by receipt of a UTF-16 string that cannot be
|
|
converted to UTF-8.
|
|
|
|
* Implements a more aggressive recovery algorithm for Netbios errors
|
|
that result in loss of communication to the AFS SMB server.
|
|
|
|
* Improve pioctl response time when testing whether or not a PATH is
|
|
in AFS.
|
|
|
|
* Adds support for linked cells.
|
|
|
|
* Increases the length of the cell and realm names that can be input
|
|
into the Network Identity Manage AFS provider configuration dialog.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Disconnected AFS avoids infinite recursion during rmdir.
|
|
|
|
Linux
|
|
|
|
* Support for 2.6.28 (not complete for NFS translator modules).
|
|
|
|
* Support for using exportfs API for filesystem-agnostic cache.
|
|
|
|
* Disable backing store readahead.
|
|
|
|
* Avoid deadlocks when writing back mmapped files larger than the
|
|
cache.
|
|
|
|
* Avoid Oops when doing PAG garbage collection.
|
|
|
|
|
|
OpenAFS 1.5.54 (2008-10-08)
|
|
|
|
All platforms
|
|
|
|
* Updates for new Tivoli X/Open API finding.
|
|
|
|
* A double-free is corrected in Rx.
|
|
|
|
All server platforms
|
|
|
|
* Ubik cleans up file descriptor cache correctly when doing recovery.
|
|
|
|
* Enhanced vldb error checker included.
|
|
|
|
Microsoft Windows
|
|
|
|
* Prevent a crash that could occur when multiple file / directory
|
|
change notifications are processed simultaneously.
|
|
|
|
MacOS
|
|
|
|
* AFS claims more free space so Finder will attempt file copies.
|
|
|
|
Linux
|
|
|
|
* Avoid spurious ENOENT when calling gwtcwd() on a volume root.
|
|
|
|
* Avoid spurious ENOTDIR during fakestat.
|
|
|
|
|
|
OpenAFS 1.5.53 (2008-09-26)
|
|
|
|
All platforms
|
|
|
|
* rx avoids many packet leaks.
|
|
|
|
* rx jumbogram disabling now works (and is the default).
|
|
|
|
All server platforms
|
|
|
|
* Demand Attach fileserver tries to avoid issues tracking offline
|
|
status of volumes.
|
|
|
|
Microsoft Windows
|
|
|
|
* Many potential deadlock conditions due to out of order lock
|
|
acquisitions have been corrected.
|
|
|
|
* A race condition resulting in an undercount on the cm_scache_t
|
|
reference counts has been corrected.
|
|
|
|
* An empty string when sent as an ioctl path is now properly
|
|
interpreted as meaning the current directory. This affects "fs
|
|
lsm", "symlink list", etc.
|
|
|
|
* Fix smb string parsing differences where the smb protocol
|
|
documentation does not match the actual Windows implementation.
|
|
|
|
* Random access denied errors fixed.
|
|
|
|
* A file server lock synchronization issue was corrected in SMB
|
|
NTCreateX and NTTranCreate operations. This bug prevented properly
|
|
operation when loading roaming profiles.
|
|
|
|
* Fix a heap overwrite error during server probe operations if a new
|
|
server is added while a probe operation is in progress.
|
|
|
|
* Fix an LSA memory leak that was the result of an LSA error.
|
|
|
|
* Do not leak cm_cell_t objects if the VLDB server lookup fails.
|
|
|
|
* Only initialize rx mutex/lock objects once.
|
|
|
|
* Do not nul terminate the AFS volume name when reported to Windows.
|
|
|
|
* Improve VNOVOL error handling. Prevent updated vl information from
|
|
being destroyed immediately after it was acquired. This bug
|
|
prevented proper fail over when volumes are moved or removed from a
|
|
server.
|
|
|
|
* Remove volume id from the server volume list in response to VMOVED
|
|
and VNOVOL errors.
|
|
|
|
* "fs flushXXX" commands now destroy locally built B+ directory trees.
|
|
|
|
* Prevent mixture of locally modified directory pages and file server
|
|
directory pages.
|
|
|
|
* Fail over to alternate vl servers if a ubik error is returned.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Disconnected AFS now supports read-write mode.
|
|
|
|
* volserver now builds correctly.
|
|
|
|
AIX
|
|
|
|
* AIX 6 is now supported.
|
|
|
|
FreeBSD
|
|
|
|
* FreeBSD 7 is now supported.
|
|
|
|
Linux
|
|
|
|
* cache bypass is now supported.
|
|
|
|
* 2.6.x kmod compilation now uses kernel compile options always.
|
|
|
|
* Support through 2.6.27.
|
|
|
|
MacOS
|
|
|
|
* Show more space free so Finder doesn't get confused.
|
|
|
|
Solaris 10
|
|
|
|
* Default to namei rather than inode.
|
|
|
|
|
|
OpenAFS 1.5.52 (2008-08-18)
|
|
|
|
All platforms
|
|
|
|
* Initialize volume updateDate at volume creation.
|
|
|
|
* Avoid potential corruption of directories during salvage.
|
|
|
|
* Check for out of memory condition during allocation of additional Rx
|
|
packets.
|
|
|
|
Microsoft Windows
|
|
|
|
* Restore support for Windows 2000 (broken in 1.5.50).
|
|
|
|
* Perform additional validation on volume names in mount points during
|
|
creation and evaluation.
|
|
|
|
* Fix several deadlocks, races, and reference count issues.
|
|
|
|
* Further optimize SMB Directory Search processing and minimize the
|
|
number of InlineBulkStatus RPCs sent to the file server.
|
|
|
|
* Enable "bos restricted" operations.
|
|
|
|
* Fix the create of submounts used by the AFSCreds and afs_config
|
|
drive mapping tabs.
|
|
|
|
* Fix a short name truncation bug. (1.5.50)
|
|
|
|
* Fix the error code reported when attempting to delete a file on a
|
|
readonly volume or one that is marked with the readonly DOS
|
|
attribute.
|
|
|
|
* Fix a heap corruption error when reading the CellServDB file
|
|
location.
|
|
|
|
* Add the "RxUdpBufSize" registry value. The new default is 256KB.
|
|
|
|
* Do not include trailing NULs in the directory search output.
|
|
(1.5.50)
|
|
|
|
* Pre-allocate 64 Rx Packet buffers per thread in order to improve
|
|
performance.
|
|
|
|
* For debugging: add smb lock requests and stat cache lock allocations
|
|
to the output from "fs memdump".
|
|
|
|
NetBSD
|
|
|
|
* Workaround broken sigwait() to allow fileserver to shut down
|
|
correctly pre NetBSD 5.0.
|
|
|
|
Solaris 10
|
|
|
|
* Default to namei fileserver; Allow inode fileserver at configure
|
|
time by override.
|
|
|
|
NFS translator
|
|
|
|
* Try harder to avoid kernel panics for malformed requests.
|
|
|
|
|
|
OpenAFS 1.5.51 (2008-07-29)
|
|
|
|
All platforms
|
|
|
|
* salvager tries harder to arrange for clients to get VBUSY while
|
|
salvaging single volumes.
|
|
|
|
* salvager avoids certain corruption when salvaging directories.
|
|
|
|
* Rx connection clones disabled.
|
|
|
|
Microsoft Windows
|
|
|
|
* The 32-bit EXE 1.5.50 installer failed to properly install the C
|
|
Runtime library. When used as an upgrade OpenAFS would continue to
|
|
work but when used as a new installation, OpenAFS binaries would
|
|
fail to load.
|
|
|
|
* Fixes the "fs" and "symlink" commands to properly parse Unicode path
|
|
prefixes during the pioctl remote procedure call. This bug would
|
|
result in file not found errors for files and directories that
|
|
clearly exist. (Bug introduced in 1.5.50)
|
|
|
|
* Large File support is disabled. (Bug introduced in 1.5.50)
|
|
|
|
* Removes the possibility of a deadlock during volume location update
|
|
operation if all of the reported file servers are unreachable at the
|
|
time of the update.
|
|
|
|
* Ensures that reference counts are properly incremented/decremented
|
|
on Rx connection objects used for volume location RPCs.
|
|
|
|
* Over Quota errors during cm_FSync() calls would lead to an infinite
|
|
loop as the error was never propagated to the caller.
|
|
|
|
All UNIX client platforms
|
|
|
|
* Bugfixes to disconnected AFS support in the cache manager.
|
|
|
|
|
|
OpenAFS 1.5.50 (2008-07-16)
|
|
|
|
All platforms
|
|
|
|
* volserver puts recloned volumes back online before returning the
|
|
volume to the fileserver, avoiding spurious VNOVOL errors.
|
|
|
|
* Updated TSM X/Open API support available.
|
|
|
|
* Demand Attach fileserver will not crash due to accesses during
|
|
volume cloning.
|
|
|
|
* Substantial documentation updates.
|
|
|
|
* Demand Attach fileserver state tracking and analyzer tool
|
|
improvements.
|
|
|
|
* UAFS userspace cachemanager updates.
|
|
|
|
* Corrected support for anti-meltdown protection in the client.
|
|
|
|
Microsoft Windows
|
|
|
|
* UNICODE Character Set Support.
|
|
|
|
* Pioctl interfaces to the cache manager have been refactored to
|
|
provide layering between the SMB specific code and the general
|
|
purpose ioctl operation.
|
|
|
|
* Garbage collect dead SMB virtual circuits as soon as they are no
|
|
longer being referenced. This avoids problems with outstanding
|
|
locks not being dropped when the virtual circuit becomes invalid.
|
|
|
|
* Remove the IBM Administration Reference documentation and replace it
|
|
with the OpenAFS Command Reference Manual.
|
|
|
|
* Avoid calling rx_SetDeadTime and rx_SetHardDeadTime functions each
|
|
time a connection is about to be used. Do not hold a lock on the rx
|
|
connection object while it is being selected. This avoids a race
|
|
between threads attempting to set the timeout values and removes a
|
|
bottleneck that was hampering performance.
|
|
|
|
* Ensure that the smb directory attribute is set for all directory
|
|
objects.
|
|
|
|
* Replace the VC Runtime EXE installer with the MSI installer in the
|
|
NSIS installer scripts.
|
|
|
|
Solaris
|
|
|
|
* Support for updates to OpenSolaris.
|
|
|
|
Linux
|
|
|
|
* Correct dentry revalidation for cross-directory renames.
|
|
|
|
* Updated rpm packaging materials for 1.5 release series and 2.4
|
|
kernels.
|
|
|
|
* Corrected syscall table probing.
|
|
|
|
* NFS translator updates for current kernels.
|
|
|
|
|
|
OpenAFS 1.5.39 (2008-06-24)
|
|
|
|
All platforms
|
|
|
|
* Updates for Demand Attach fileserver.
|
|
|
|
Microsoft Windows
|
|
|
|
* Fix two memory leaks.
|
|
|
|
* Fix one missing lock.
|
|
|
|
* Handle access denied errors when writing dirty buffers.
|
|
|
|
* Fix two errors that would cause the *experimental* AFS Servers
|
|
to crash.
|
|
|
|
|
|
OpenAFS 1.5.38 (2008-05-24)
|
|
|
|
All platforms
|
|
|
|
* Add read-only disconnected support.
|
|
|
|
|
|
OpenAFS 1.5.37 (2008-05-21)
|
|
|
|
All platforms
|
|
|
|
* Includes a number of optimizations for testing.
|
|
|
|
|
|
OpenAFS 1.5.36 (2008-05-09)
|
|
|
|
All platforms
|
|
|
|
* Rx optimizations now attempt to deal with high latency WANs.
|
|
|
|
* Client will not wait infinitely for a server which is not providing
|
|
data. Additional servers will be polled without marking the server
|
|
which is not providing data down.
|
|
|
|
* vos move will not erroneously unlock locked vldb entries on failure.
|
|
|
|
All server platforms
|
|
|
|
* Fileserver avoids a potential infinite loop when a client
|
|
relinquishes an address.
|
|
|
|
* Fileserver large setting now configures more threads.
|
|
|
|
* Fileserver properly registers uuids of new clients.
|
|
|
|
* Ubik servers do not improperly hide updates from clients.
|
|
|
|
* Fileservers reserve enough file descriptors such that each thread
|
|
can cache one to avoid spurious errors.
|
|
|
|
Microsoft Windows
|
|
|
|
* Fix a cm_buf_t reference count leak when attempts to write dirty
|
|
buffers to the file server from within cm_IncrSyncer() fail.
|
|
|
|
* Prevent udebug from crashing.
|
|
|
|
* Another VNOVNODE issue fixed. When writing a dirty buffer to the
|
|
file server, if VNOVNODE is received, mark all buffers as invalid
|
|
without further attempts to contact the file server.
|
|
|
|
|
|
=======> Changes back to 1.3 have not yet been incorporated here <=======
|
|
|
|
|
|
OpenAFS 1.3
|
|
|
|
* -nosettime is now the default for afsd. Use "-settime" to get the
|
|
old behavior.
|
|
|
|
* OpenBSD is now supported.
|
|
|
|
* Mountpoint directory information is now only faked for cross-cell
|
|
mountpoints when using the -fakestat flag (e.g. for the directories
|
|
under /afs, but not for most other volumes mounted inside the cell).
|
|
The -fakestat-all switch can be used to fake information for all
|
|
mountpoints.
|
|
|
|
* When fakestat is enabled on MacOSX, the Finder can be used to browse
|
|
a fully-populated /afs directory. However, this precludes reliable
|
|
use of entire volumes as MacOS bundles (i.e. containing a Contents
|
|
directory in the root of the volume).
|
|
|
|
* Mountpoint directory information can be faked by the cache manager,
|
|
making operations such as stat'ing all cells under /afs much faster.
|
|
This is enabled by passing -fakestat to afsd, but might not be stable
|
|
on all platforms.
|
|
|
|
|
|
OpenAFS 1.2.9
|
|
|
|
* The kaserver now defaults to not allowing interrealm authentication,
|
|
due to security vulnerabilities in the krb4 protocol. The new
|
|
"-crossrealm" flag to the kaserver is provided to reenable interrealm
|
|
authentication if desired.
|
|
|
|
* RedHat Linux 9.0 is now supported.
|
|
|
|
* Solaris 9 12/02 is now supported. Solaris 7 and 8 x86 should now
|
|
work again.
|
|
|
|
* On Linux machines using 2.2 series kernels, 2.2.19 or higher is now
|
|
required.
|
|
|
|
* An OpenAFS 1.2.9 afsd will not work with kernel modules built from
|
|
an earlier OpenAFS release. In general, using a mismatched afsd and
|
|
kernel modules set is unsupported; it is not recommended that you use
|
|
such a configuration on a regular basis.
|
|
|
|
|
|
OpenAFS 1.2.8
|
|
|
|
* Mountpoint directory information is now only faked for cross-cell
|
|
mountpoits when using the -fakestat flag (e.g. for the directories
|
|
under /afs, but not for most other volumes mounted inside the cell).
|
|
The -fakestat-all switch can be used to fake information for all
|
|
mountpoints.
|
|
|
|
* HPUX 11.0 is now supported.
|
|
|
|
* It is now possible for AFS to use Kerberos 5 directly, via rxkad 2b.
|
|
See the OpenAFS 1.2.8 Release Notes for more information on using this
|
|
capability.
|
|
|
|
* An NFS translator kernel module is now included and compiled by
|
|
default for Solaris only.
|
|
|
|
|
|
OpenAFS 1.2.7
|
|
|
|
* MacOS X 10.2 is now supported. FreeBSD 4.3 and later support is
|
|
included in this release, but is still under active development and
|
|
should only be used by those doing active development on the OpenAFS
|
|
FreeBSD client.
|
|
|
|
* When fakestat is enabled on MacOSX, the Finder can be used to browse a
|
|
fully-populated /afs directory. However, this precludes reliable use
|
|
of entire volumes as MacOS bundles (i.e. containing a Contents
|
|
directory in the root of the volume).
|
|
|
|
* The fileserver will now use Rx pings to determine if clients are
|
|
reachable prior to allocating resources to them, to prevent asymmetric
|
|
clients from consuming all fileserver resources.
|
|
|
|
|
|
OpenAFS 1.2.6
|
|
|
|
* Mountpoint directory information can be faked by the cache manager,
|
|
making operations such as stat'ing all cells under /afs much faster.
|
|
This is enabled by passing -fakestat to afsd.
|
|
|
|
* Solaris 9 FCS and Solaris 7 and 8 x86 are now supported.
|
|
|
|
|
|
OpenAFS 1.2.5
|
|
|
|
* A remote denial of service attack in the AIX and IRIX clients has been
|
|
fixed. Users of those platforms are strongly encouraged to upgrade.
|
|
|
|
* Fixed race conditions in fileserver that could result in crash.
|
|
|
|
|
|
OpenAFS 1.2.4
|
|
|
|
* Server logfiles now more consistant about format in which hosts are
|
|
referred to.
|
|
|
|
* vfsck on Solaris will now allow force runs (using -y flag) even if old
|
|
inodes exist.
|
|
|
|
|
|
OpenAFS 1.2.3
|
|
|
|
* Cell aliases for dynroot can be specified in the CellAlias file in
|
|
/usr/vice/etc or /usr/local/etc/openafs, in format "realname alias",
|
|
one per line. They can also be managed at runtime with "fs newalias"
|
|
and "fs listaliases".
|
|
|
|
|
|
OpenAFS 1.2.2
|
|
|
|
* Solaris 9 and Linux PA-RISC are now supported.
|
|
|
|
* fileserver will not erroneously delay legitimate errors for 3 seconds
|
|
after 10 errors are returned (e.g. stat() on a directory you can't
|
|
read).
|
|
|
|
* Rx MTU calculation now works for Irix, Solaris and Linux
|
|
|
|
* If afsd is started with the -dynroot flag, /afs will be locally
|
|
generated from the CellServDB. AFSDB cells will be mounted
|
|
automatically upon access.
|
|
|
|
* The namei fileserver allows vice "partitions" to be directories
|
|
instead of partitions and will attach and display accordingly.
|
|
Creating the file "AlwaysAttach" in the /vicepX directory is used as
|
|
the trigger to attach it.
|
|
|
|
* TSM support for butc no longer requires editing a Makefile, simply
|
|
specify the --enable-tivoli-tsm configure option.
|
|
|
|
* Linux builds no longer require source changes every time the kernel
|
|
inode structure changes; the OpenAFS sources will now configure itself
|
|
to the actual inode structure as defined in the kernel sources.
|
|
|
|
|
|
OpenAFS 1.2.1
|
|
|
|
* vfsck on Digital UNIX and Solaris will now refuse to fsck mounted
|
|
mounted partitions.
|
|
|
|
|
|
OpenAFS 1.2.0
|
|
|
|
* AFS now supports --prefix and the other directory options of
|
|
configure. By default AFS builds assuming it will be installed in
|
|
/usr/local. In order to get traditional AFS directory paths (/usr/afs
|
|
and /usr/vice/etc) use the --enable-transarc-paths option to
|
|
configure. More details on the new directory layout are found in
|
|
README.
|
|
|
|
|
|
OpenAFS 1.1.1a
|
|
|
|
* Windows 95/98/ME/NT/2000 - Consistent versioning: Installation, AFS
|
|
Control Center, Client dialog boxes and properties pages for
|
|
executables display a consistent OpenAFS version number. Installation
|
|
detects previous installation and prompts the user for upgrade
|
|
options.
|
|
|
|
* Windows 95/98/ME/NT/2000 - Installation features: During installation
|
|
the user can select the source of the CellservDB file, AFS home cell,
|
|
and drive mappings. During installation a drive path mapping can
|
|
include a variable that will be substituted with the current UserName
|
|
that is logged in.
|
|
|
|
* Windows 2000/NT - Integrated logon: The Integrated Logon feature
|
|
works now.
|
|
|
|
* Windows 95/98/ME - Logon script features: The Windows 95/98/ME client
|
|
now offers a command-line option for starting up the AFS client
|
|
without authenication. It is now possilbe to start the AFS client
|
|
first and obtain tokens, and map drives all through Windows scripts.
|
|
This helps using Windows 95/98/ME client in Kerberos 5 environment.
|
|
|
|
* Windows 2000/NT - LANA numbers: AFS client now scans the LANA numbers
|
|
to establish the correct NETBIOS connection. NetBEUI is no longer
|
|
needed. The user no longer needs to find the correct LANA number.
|
|
|
|
* Windows 2000/NT - OpenAFS naming consistancy: Further progress has
|
|
been made to remove references to "Transarc AFS" and replace with
|
|
"OpenAFS".
|
|
|
|
|
|
OpenAFS 1.0
|
|
|
|
* AFS now builds with configure. The README for building has been
|
|
updated and includes full details.
|
|
|
|
* A client system can now have multiple sysname values for @sys. They
|
|
will be searched in order when looking up files in AFS. The
|
|
-newsysname argument to fs sysname can be repeated to set multiple
|
|
sysnames.
|
|
|
|
* A new system group is created for new cells (system:ptsviewers with id
|
|
-203). If this group exists, members of this group can examine and
|
|
read the entire protection database. They can examine all users and
|
|
groups and can get the membership of any group.
|
|
|
|
* A new program, pt_util has been added to the distribution. This
|
|
program allows users to print the contents of the protection database
|
|
or to edit the protection database without running a ptserver. It can
|
|
be used to set up a new cell without ever running in noauth mode. Run
|
|
pt_util -h for help.
|
|
|
|
* The fs setcrypt and fs getcrypt commands have been added. These
|
|
commands allow the system administrator to require that the client
|
|
encrypt all authenticated traffic between the client workstation and
|
|
AFS. The encryption used is weak, but is likely better than sending
|
|
unencrypted traffic in most environments. Some functions, such as
|
|
looking for a volume may not be encrypted, but data transfer certainly
|
|
is. By default data is not encrypted. At this time no significant
|
|
experimentation with server performance has been conducted.
|
|
|
|
* By default AFS is compiled with AFS_AFSDB_ENV, enabling the -afsdb
|
|
option to be given to afsd on startup. If this option is used, then
|
|
new cells will be looked up using AFSDB records stored in DNS if they
|
|
are not found in CellServDB. This means that users can create
|
|
cross-cell mountpoints in directories they control to access cells not
|
|
in root.afs, and that cells in root.afs need not be in the client's
|
|
CellServDB.
|
|
|
|
* AFS database servers can be marked as read-only clones. Surround the
|
|
hostname in square brackets on the bos addhost command and the
|
|
database server will never be elected sync site. This is useful for
|
|
cells distributed over a wide region.
|
|
|
|
* The AFS servers now support the -syslog flag. This flag causes them
|
|
to log to syslog rather than to files. This flag is not supported on
|
|
NT. For all servers besides the salvager, the flag can also be
|
|
specified as -syslog=facility, where facility is an integer facility
|
|
code from syslog.h. A -syslogfacility option is provided for the
|
|
salvager to accomplish the same goal.
|
|
|
|
* If the --enable-fast-restart flag is given when configuring AFS, then
|
|
the salvager supports the -dontsalvage flag which causes it to exit
|
|
without salvaging any volumes. If this is configured into the third
|
|
command of a fs process, then the fileserver will start without
|
|
salvaging. It will fail to attach volumes that need salvaging and
|
|
they can be salvaged manually. This provides significantly better
|
|
server startup performance at the cost of administrative complexity.
|
|
|
|
* If the --enable-bitmap-later flag is given when configuring AFS, then
|
|
the fileserver creates bitmaps for free vnodes on demand, allowing
|
|
faster starts.
|
|
|
|
* If bosserver finds a BosConfig.new file at startup, it reads this file
|
|
and renames it to BosConfig. This allows bosserver to be reconfigured
|
|
at next restart.
|
|
|
|
* The bosserver can be placed in a restricted mode in which AFS
|
|
superusers are only granted limited access to the server host. The
|
|
following functionality is disabled when restricted mode is in use:
|
|
|
|
bos exec
|
|
bos getlog (except for files with no '/'s in their name)*
|
|
bos create *
|
|
bos delete
|
|
bos install
|
|
bos uninstall
|
|
|
|
specific exceptions are made for functionality that "bos salvage"
|
|
uses:
|
|
|
|
A cron bnode who's name is "salvage-tmp", time is now, and command
|
|
begins with "/usr/afs/bin/salvager" may be created. This bnode deletes
|
|
itself when complete, so no special "delete" support is needed. This
|
|
functionality may be removed in the future if a "Salvage" RPC is
|
|
implimented.
|
|
|
|
The file with the exact path /usr/afs/logs/SalvageLog may be fetched,
|
|
since that is how bos salvage [...] -showlog is implimented.
|
|
|
|
Restricted mode is enabled using a new bos command (bos setrestricted)
|
|
or bossever command line switch (bosserver -restricted). Restricted
|
|
mode can be disabled by a) sending the bosserver process a SIGFPE
|
|
(which will then allow restricted operations until the next restart or
|
|
setrestricted command) or b) editing /usr/afs/local/BosConfig (or
|
|
BosConfig.new), and restarting the bosserver.
|
|
|
|
* The bos UserList of trusted administrators can now contain cross-realm
|
|
Kerberos principals.
|
|
|
|
* udebug now takes --server not --servers.
|
|
|
|
* Several error messages have been improved to include volume numbers.
|
|
|
|
* Several new ports have been included for UNIX platforms: Darwin
|
|
(ppc_darwin_12 and ppc_darwin_13), Linux 2.4 (i386_linux24), Linux on
|
|
the Powerpc (ppc_linux22 and ppc_linux24), Linux on the Sparc
|
|
(sparc_linux22, sparc64_linux22 and sparc64_linux24).
|
|
|
|
* Incomplete FreeBSD and Alpha Linux ports are included. The FreeBSD
|
|
port has a working server and the Alpha Linux port has a partially
|
|
working client.
|
|
|
|
* A native client for Windows 95/98/ME has been added to the
|
|
distribution. With this program, a gateway machine is no longer
|
|
required for Windows 9x to access AFS files. One drive letter will be
|
|
created on your machine by default - Z:. The Z: drive will be the
|
|
root of the AFS tree, allowing you to browse all sites that have AFS
|
|
servers available. Additional drive letters can be defined for other
|
|
AFS directories. A Windows Explorer shell extension is included that
|
|
allows you to right click on items within an AFS tree to bring up an
|
|
"AFS" menu item and perform various operations on a file or directory.
|
|
The most useful item is "Access Control Lists", which allows you to
|
|
view and edit the permissions of a particular directory. Command line
|
|
tools are also available in the install directory. These commands
|
|
include klog, unlog, tokens, kpasswd, symlink, fs and pts. The
|
|
installable includes a readme file that contains more information on
|
|
how to use the client program and known issues.
|
|
|
|
* Support for large caches in afsd. Cachefiles are stored in
|
|
subdirectories. The default is 2048 files per subdirectory, which
|
|
should work fine in most situations. You can use the new afsd option
|
|
-files_per_subdir to change this number. Note that the first time you
|
|
run afsd with this patch, your cachefiles will get moved into
|
|
subdirectories. If you subsequently run an older version of afsd, you
|
|
will lose all your cached files.
|