mirror of
https://git.openafs.org/openafs.git
synced 2025-01-20 07:51:00 +00:00
9ea40ebfb7
Cummulative update of changes including:
* Add code to block the issuance of AFS tokens by aklog.exe or
afscreds.exe when the Kerberos 5 principal name contains a dot.
* Modify the IsAdmin() function to always treat the local SYSTEM
account as an AFS client administrator. Affects fs.exe and
afs_config.exe.
* Modify the internal handling of Quota Exceeded errors
* Upgrade all reference count fields in the Windows cache manager
and the osi library to use unsigned long instead of signed short.
A similar fix has been applied to the afs rpc (rx) library.
* fix the Windows cache manager to prevent it from replacing the
rx_connection object associated with the cm_conn_t object on each
and every operation if "fs crypt" was set. This explains the
dramatic performance difference when crypt is used vs clear.
The problem: 'cryptall', a boolean flag indicating whether or not
"fs crypt" is set, was being compared to the rx_connection
cryptlevel which is either rxkad_clear:0 or rxkad_crypt:2.
1 != 2 and therefore the rx_connection was always destroyed
and replaced on each and every operation.
Lock the cm_conn_t object around every call to RXAFS_xxxx functions.
It is not safe for the cm_conn_t object to not be locked because
rx_DestroyConnection might be called from another thread if:
- the user's tokens have changed or expired
- the crypt mode has changed
This fix appears to have also taken care of the problems associated
with Overlapped Writes resulting in Delayed Write errors.
* fix NSIS installer's AdminGroup.exe to properly create and
remove groups when given -create or -remove. The string comparison
test was wrong.
* fs sysname now accepts a list of sysname values
* added a new registry value HKLM\SOFTWARE\OpenAFS\Client "IoctlDebug"
DWORD which when set to a non-zero value will cause error message
text to be output to stderr from the pioctl() routine. Useful in
debugging failures of fs.exe, tokens.exe, etc.
* added a test to the power management code to only perform a
flush operation if there is at least one network adapter which
is not a loopback adapter.
* Fix bug in loading of registry value HKLM\SOFTWARE\OpenAFS\Client
"EnableKFW". This value will not be read if the key
HKCU\SOFTWARE\OpenAFS\Client exists; even if the "EnableKFW"
value under that key does not.
* provide mechanisms to force the use of krb524d for Kerberos 5
ticket to AFS token conversion. For afslogon.dll and afscreds.exe
there is a new registry value "Use524" and for aklog.exe a new
command line parameter "-m".
* Fix the pattern matching algorithm to properly match patterns
ending with a '*'.
* smb_ReceiveCoreRename() was factored to produce smb_Rename()
which is used by both the original function and the new
smb_ReceiveNTRename(). smb_ReceiveNTRename() supports the
creation of HardLinks in addition to Renaming. smb_Link()
is a new function which creates HardLinks via cm_Link().
cm_Link() is a new vnodeops function which creates links
using RXAFS_Link().
smb_ReceiveNTRename() does not support the File Copy and
Move Cluster Information operations described in its interface.
ReceiveNTRename is under documented in CIFS-TR-1p00_FINAL.pdf.
* When opening files via symlinks, we should follow the symlinks
until we reach the actual file stat cache entry. The stat cache
entry of the file should then be stored in the FID instead of
stat scache entry of the symlink.
* return bad operation errors for all unimplemented functions
even if we do not know the functions exist.
* Log bad packets and unknown operation packets to the trace log
* Map CM_ERROR_BADOP to STATUS_NOT_SUPPORTED instead of
0xC09820FF
* Update list of known CIFS operations to include all those listed
in CIFS-TR-1p00_FINAL.pdf.
* Modify the handling of HKLM\SOFTWARE\OpenAFS\Client\Submounts
to support the REG_EXPAND_SZ type.
|
||
|---|---|---|
| doc | ||
| src | ||
| .cvsignore | ||
| .splintrc | ||
| acconfig.h | ||
| acinclude.m4 | ||
| config.guess | ||
| config.sub | ||
| configure-libafs.in | ||
| configure.in | ||
| INSTALL | ||
| install-sh | ||
| libafsdep | ||
| Makefile-libafs.in | ||
| Makefile.in | ||
| missing | ||
| mkinstalldirs | ||
| NEWS | ||
| README | ||
| README-NT | ||
| README-WIN9X | ||
| README.CVS | ||
| README.DEVEL | ||
| README.OBSOLETE | ||
| README.SECURITY | ||
| regen.sh | ||
Copyright 2000, International Business Machines Corporation and others.
All Rights Reserved.
This software has been released under the terms of the IBM Public
License. For details, see the LICENSE file in the top-level source
directory or online at http://www.openafs.org/dl/license10.html
Short instructions for sites upgrading from a previous version of AFS:
% ./configure --enable-transarc-paths
% make
% make dest
will create a Transarc-style dest tree in ${SYS_NAME}/dest where
${SYS_NAME} is the AFS sysname of the system you built for.
This assumes if you're building for Linux that your kernel source is
in /usr/src/linux.
Otherwise, please read on.
Building OpenAFS on UNIX and LINUX
----------------------------------
A. Creating the proper directory structure.
Uncompress the source into a directory of your choice. A directory
in afs space is also valid. In the directory that you uncompressed the
source in, you will only have an src/ directory.
1. Pick a system to build for, and note its default AFS sys_name.
A directory will be automatically created for binaries to be written
into with this name when you build.
alpha_dux40
alpha_dux50 (only tested on 5.0A, does not work with 5.1)
i386_fbsd_42, i386_fbsd_43, i386_fbsd_44, i386_fbsd_45,
i386_fbsd_46, i386_fbsd_47, i386_fbsd_50, i386_fbsd_51,
i386_fbsd_52, i386_fbsd_53
i386_linux22
i386_linux24
i386_linux26
i386_umlinux22
i386_umlinux24
i386_obsd31, i386_obsd32, i386_obsd33, i386_obsd34, i386_obsd35,
i386_obsd36
rs_aix42
sgi_65 (file server not tested)
sun4_413 (No client support, no fileserver support, db servers only)
sun4x_56, sun4x_57, sun4x_58, sun4x_59 (logging UFS not supported
for mixed-use partitions containing client cache)
ppc_darwin_70
ppc_linux22
ppc_linux24
alpha_linux22
alpha_linux24
ia64_linux24
sparc_linux22
sparc_linux24
sparc64_linux22
sparc64_linux24
hp_ux110 (See notes below for information on getting missing header)
hp_ux102 (Client port possible, but db servers and utilities work)
2. Using configure in the top level directory, configure for your
AFS system type, providing the necessary flags:
% ./configure --with-afs-sysname=sun4x_58 --enable-transarc-paths
For Linux systems you need also provide the path in which your
kernel headers for your configured kernel can be found. This should
be the path of the directory containing a child directory named
"include". So if your version file was
/usr/src/linux/include/linux/version.h you would invoke:
% ./configure --with-afs-sysname=i386_linux24 --with-linux-kernel-headers=/usr/src/linux
Currently you can build for only one Linux kernel at a time,
and the version is extracted from the kernel headers in the root
you specify.
Be prepared to provide the switches --enable-obsolete and
--enable-insecure if you require the use of any bundled but obsolete
or insecure software included with OpenAFS. See README.obsolete and
README.insecure for more details.
There are two modes for directory path handling: "Transarc mode" and "default mode":
- In Transarc mode, we retain compatibility with Transarc/IBM AFS tools
by putting client configuaration files in /usr/vice/etc, and server
files in /usr/afs under the traditional directory layout.
- In default mode, files are located in standardized locations, usually
under $(prefix).
- Client programs, libraries, and related files always go in standard
directories under $(prefix). This rule covers things that would go
into $(bindir), $(includedir), $(libdir), $(mandir), and $(sbindir).
- Other files get located in the following places:
Directory Transarc Mode Default Mode
============ ========================= ==============================
viceetcdir /usr/vice/etc $(sysconfdir)/openafs
afssrvdir /usr/afs/bin (servers) $(libexecdir)/openafs
afsconfdir /usr/afs/etc $(sysconfdir)/openafs/server
afslocaldir /usr/afs/local $(localstatedir)/openafs
afsdbdir /usr/afs/db $(localstatedir)/openafs/db
afslogdir /usr/afs/logs $(localstatedir)/openafs/logs
afsbosconfig $(afslocaldir)/BosConfig $(afsconfdir)/BosConfig
afsbosserver $(afsbindir)/bosserver $(sbindir)/bosserver
B Building
1. Now, you can build OpenAFS.
% make
2. Install your build using either "make install" to install
into the current system (you will need to be root, and files
will be placed as appropriate for Transarc or standard paths),
"make install DESTDIR=/some/path" to install into an alternate
directory tree, or if you configured with --enable-transarc-paths
make dest to create a complete binary tree in the dest directory
under the directory named for the sys_name you built for,
e.g. sun4x_57/dest or i386_linux22/dest
2. As appropriate you can clean up or, if you're using Linux, build for
another kernel version.
To clean up:
% make clean
C Problems
If you have a problem building this source, you may want to visit
http://www.openafs.org/ to see if any problems have been reported
or to find out how to get more help.
Mailing lists have been set up to help; More details can be found
on the openafs.org site.
D Linux Notes
To build for another Linux kernel version:
the system type defined in step A1.
% ./configure --with-afs-sysname=i386_linux22 --with-linux-kernel-headers=/usr/src/linux-2.2.19-i686
% make
Your dest tree will now include an additional kernel module for your
additional kernel headers. Be aware that if the kernel version string
which UTS_RELEASE is defined to in include/linux/version.h matches the
last kernel you built for, the previous kernel module will be
overwritten.
E HP-UX 11.0 Notes
HP-UX 11.0 requires a header called vfs_vm.h which HP has provided on their
web site: http://h21007.www2.hp.com/dspp/tech/tech_TechSoftwareDetailPage_IDX/1,1703,687,00.html
To navigate down from the top level of the portal, one would do
www.hp.com/dspp -> i want to... -> download software -> operating systems
to get to the same page.
F OpenBSD Notes
You need kernel source installed to build OpenAFS. Use the
--with-bsd-kernel-headers= configure option if your kernel source is not
in /usr/src/sys.
There is a package builder in src/packaging/OpenBSD. "sh buildpkg.sh"
should make a package for the client. Use pkg_add to install. The
package will install using transarc-paths, regardless of how you
configured. The package builder does not work on OpenBSD 3.5 and later
due to the incompatible re-write of pkg_create.
There is no server package, but I am told that "make install" will put
server binaries in /usr/afs.
Your kernel may panic when you try to shutdown after running the OpenAFS
client. To prevent this, change the "dangling vnode" panic in
sys/kern/vfs_syscalls.c to a printf and build a new kernel.
You can't run arla and OpenAFS at the same time.
G FreeBSD Notes
The FreeBSD client is very new and untested. Do not trust it for
production work.
You need kernel source installed to build OpenAFS. Use the
--with-bsd-kernel-headers= configure option if your kernel source is not
in /usr/src/sys.
You also need access to your kernel build directory for the opt_global.h
include file. Use the --with-bsd-kernel-build= configure option if your
kernel build is not GENERIC in the standard place.
There is a package builder in src/packaging/OpenBSD. "sh buildpkg.sh"
should make a package for the client. Use pkg_add to install. The
package will install using transarc-paths, regardless of how you
configured. The builder uses an old version of the /usr/vice/etc/rc file
that probably won't work. You might be able to replace it with something
like "kldload libafs.ko; /usr/vice/etc/afsd".
There is no server package, but I am told that "make install" will put
server binaries in /usr/afs.