Commit | Line | Data |
---|---|---|
805e021f CE |
1 | User-Visible OpenAFS Changes |
2 | ||
3 | OpenAFS 1.8.5 | |
4 | ||
5 | All platforms | |
6 | ||
7 | * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output | |
8 | Generated RPC handler routines ran output variables through XDR encoding | |
9 | even when the call had failed and would shortly be aborted (and for | |
10 | which uninitialized output variables is common); any complete packets | |
11 | assembled in the process would be sent to the peer, leaking the contents | |
12 | of the uninitialized memory in question. | |
13 | ||
14 | * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars | |
15 | Generated RPC handler routines did not initialize output variables of | |
16 | scalar (fixed-length) type, since they did not require dedicated logic to | |
17 | free. Such variables allocated on the stack could remain uninitialized | |
18 | in some cases (including those affected by OPENAFS-SA-2019-001), and the | |
19 | contents of uninitialized memory would be returned to the peer. | |
20 | ||
21 | All server platforms | |
22 | ||
23 | * Fix OPENAFS-SA-2019-003: fix crash in database servers | |
24 | The ubik debugging RPCs prioritize being fast and non-disruptive to | |
25 | database operations over strict correctness, and do not adhere to the | |
26 | usual locking protocol for data access. A data race could cause a NULL | |
27 | dereference if the second memory load was not optimized out by the | |
28 | compiler. | |
29 | ||
30 | OpenAFS 1.8.4 | |
31 | ||
32 | All platforms | |
33 | ||
34 | Build system updates to remove obsolete autoconf macros and remove missing | |
35 | script warning during builds (13480, 13481, 13482, 13483, 13484, 13486, | |
36 | 13789, 13790). | |
37 | ||
38 | Build system update to fix a conditional check in the pthread.m4 autoconf | |
39 | file (13595) | |
40 | ||
41 | Build system update to create the man3 subdirectory, fixing a | |
42 | reported build failure (13535). | |
43 | ||
44 | Remove the last reference to src/mcas in the documentation (13558). | |
45 | ||
46 | All server platforms | |
47 | ||
48 | Fix fileserver's parsing of the options -vlruthresh, -vlruinterval, | |
49 | -vlrumax and -novbc (13680). | |
50 | ||
51 | Fixes to make ptserver's behaviour when run in restricted mode consistent | |
52 | with the documentation: Non-members of the system:administrators group | |
53 | are no longer allowed to issue the adduser, setfields and delete pts | |
54 | commands, and all members of system:administrators are now allowed to | |
55 | issue pts commands in this mode, not just the admin principal (13686..88). | |
56 | ||
57 | All client platforms | |
58 | ||
59 | Fix missing Rx call clean-up after failing to read dcaches from a file | |
60 | server (13511). | |
61 | ||
62 | Fix an Rx call leak for calls aborted by a connection abort after the call | |
63 | was initialized but before use (13517). | |
64 | ||
65 | Remove the obsolete afs_xosi lock to remove unnecessary serialization of | |
66 | VOP_GETATTR calls. This can lead to improved performance under heavy | |
67 | workloads (13529). | |
68 | ||
69 | Increase the size of the Directory Name Lookup Cache (DNLC) to improve | |
70 | cache performance (13559). | |
71 | ||
72 | Fix getting tokens for cells with a three character name (13679). | |
73 | ||
74 | Avoid a misleading message about the cell being used when aklog is run | |
75 | with the -cell parameter but the AFSCELL environment variable is set to | |
76 | a different cell (13676). | |
77 | ||
78 | Build system update to honor the CFLAGS environment variable when building | |
79 | libuafs (13544). | |
80 | ||
81 | Linux | |
82 | ||
83 | Support for mainline kernels up to 5.3 (13787, 13789). | |
84 | ||
85 | More fixes for improper use of ENOENT fixes to avoid incorrect use of linux | |
86 | negative dentry cache, which can lead to false ENOENT errors (13542, 13543, | |
87 | 13590, 13692) (RT #134904). | |
88 | ||
89 | Return errors instead of returning incomplete directory listings when the | |
90 | directory objects are incomplete in the cache (13591). | |
91 | ||
92 | Add ppc64le_linux26 sysname for the ppc64le architecture (13636, 13637, | |
93 | 13589). | |
94 | ||
95 | Fix configure check for a kernel time function in order to build on | |
96 | Linux 5.0 (13523). | |
97 | ||
98 | RPM packaging update for RHEL8 adding a build requirement to ensure the | |
99 | kernel module can be built from the SRPM (13563) (RT #134900). | |
100 | ||
101 | On systemd based RHEL/Fedora systems, start the client after dkms startup | |
102 | is finished if the latter is installed and enabled, to avoid attempting | |
103 | starts without the kernel module being available yet (13674) (RT #134974). | |
104 | ||
105 | MacOS | |
106 | ||
107 | Build system updates for MacOS (13584). | |
108 | ||
109 | Solaris | |
110 | ||
111 | Add CTF debugging records to userspace objects to improve debugging | |
112 | of servers (13487). | |
113 | ||
114 | Convert the cache manager vnodes to be non-embebbed on Solaris 11 in order | |
115 | to make the cache manager more resilient across Solaris 11 changes (13524, | |
116 | 13525, 13526, 13527, 13528). | |
117 | ||
118 | ||
119 | OpenAFS 1.8.3 | |
120 | ||
121 | All platforms | |
122 | ||
123 | * Improved diagnostics and error messages (13186 13411 13417) | |
124 | ||
125 | * Avoid sending RX packets with random garbage in the userStatus field | |
126 | (13332) | |
127 | ||
128 | * Fixed detection of the RX initialization status (13416) | |
129 | ||
130 | * Assorted fixes to avoid segmentation faults and other potential problems | |
131 | by detecting internal errors rather than letting them go unnoticed | |
132 | (13329 13372) | |
133 | ||
134 | All server platforms | |
135 | ||
136 | * Fixed a build problem accidentally introduced in release 1.8.2 (13328) | |
137 | ||
138 | * Assorted efficiency improvements in the ubik implementation (13153 13218 | |
139 | 13188 13353) | |
140 | ||
141 | * Fixed locking around transaction list processing in volserver to avoid | |
142 | segmentation faults and other potential problems (13336 13337) | |
143 | ||
144 | * When the volserver attempts to remove a temporary volume after a | |
145 | transaction, but the volume was already removed, e.g., by the salvager, | |
146 | this is no longer treated as an error (13235) | |
147 | ||
148 | All client platforms | |
149 | ||
150 | * Update the CellServDB to the latest version from grand.central.org from | |
151 | May 14th 2018 (13409) | |
152 | ||
153 | * Avoid a panic during cache initialization when allocating the required | |
154 | memory fails (13307) | |
155 | ||
156 | * Add back the packet counters and timestamps to "vos status" output | |
157 | which had been missing since release 1.8.0 (13421) | |
158 | ||
159 | * Correctly handle errors encountered while reading data from the server | |
160 | and writing it to the cache, e.g., due to a full cache partition (13443) | |
161 | ||
162 | * Avoid a panic due to a recoverable error while flushing cache items | |
163 | (13503) | |
164 | ||
165 | Linux clients | |
166 | ||
167 | * Support mainline kernels 4.20 and 5.0 and distribution kernels with | |
168 | backports from those (13405 13406 13440 13441 13442) | |
169 | ||
170 | * DKMS-related fixes in Red Hat packaging (13438 13479) | |
171 | ||
172 | macOS | |
173 | ||
174 | * Support building and packaging on macOS 10.14 "Mojave" (13412 13413) | |
175 | ||
176 | ||
177 | OpenAFS 1.8.2 | |
178 | ||
179 | All platforms | |
180 | ||
181 | * Fix OPENAFS-SA-2018-002: information leakage in RPC output variables | |
182 | Various RPC routines did not always initialize all output fields, | |
183 | exposing memory contents to network attackers. The relevant RPCs include | |
184 | an AFSCB_ RPC, so cache managers are affected as well as servers. | |
185 | ||
186 | All server platforms | |
187 | ||
188 | * Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption | |
189 | Various RPCs were defined as allowing unbounded arrays as input, allowing | |
190 | an unauthenticated attacker to cause excess memory allocation and tie up | |
191 | network bandwidth by sending (or claiming to send) large input arrays. | |
192 | ||
193 | * Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc | |
194 | On systems using the in-tree backup system, the butc process was running | |
195 | with administrative credentials, but accepted incoming RPCs over | |
196 | unauthenticated connections; these incoming RPCs in turn triggered | |
197 | outgoing RPCs using the administrative credentials. Unauthenticated | |
198 | attackers could construct volue dumps containing arbitrary contents | |
199 | and cause these dumps to be restored and overwrite arbitrary volume | |
200 | contents; afterward, the backup database could be restored to its | |
201 | initial state, hiding evidence of the unauthorized changes. | |
202 | ||
203 | Running butc with -localauth now requires authenticated incoming | |
204 | connections, and the backup utility makes authenticated connections to | |
205 | the butc. Audit capabilities have been added to the butc RPC handlers. | |
206 | Command-line arguments are provided to retain the (insecure) historical | |
207 | behavior until all systems have been upgraded. | |
208 | ||
209 | OpenAFS 1.8.1.1 | |
210 | ||
211 | Linux Clients | |
212 | ||
213 | * Support for mainline kernel 4.18 and distribution kernels with backports | |
214 | from it (13268) | |
215 | ||
216 | OpenAFS 1.8.1 | |
217 | ||
218 | All Platforms | |
219 | ||
220 | * Improve the usability and consistency of the public API: install missing | |
221 | headers, and add additional symbols to the export list for shared libraries. | |
222 | ||
223 | * Improved Rx abort generation: use the proper serial number for an existing | |
224 | connection if possible, and 0 otherwise (to improve debugging). | |
225 | ||
226 | * Assorted minor fixes in response to static analysis of the codebase. | |
227 | ||
228 | * Fix memory-safety error in XDR decoding of enumerated types. | |
229 | ||
230 | All Server Platforms | |
231 | ||
232 | * Fix reference counting error that could cause an assertion failure | |
233 | in some workloads. | |
234 | ||
235 | * vldb_check -fix will no longer corrupt the vldb when multiple MH blocks are present. | |
236 | ||
237 | * Assorted cleanups and efficiency improvements in the ubik implementation. | |
238 | ||
239 | * Return a valid InlineBulkStatus response in error cases. | |
240 | ||
241 | * The fileserver now rejects invalid partition names when attaching partitions. | |
242 | ||
243 | All Client Platforms | |
244 | ||
245 | * Fix volume callbacks (e.g., when running 'vos release'). | |
246 | ||
247 | * Treat failure to obtain a DSlot as a hard error for that cache partition, | |
248 | avoiding a flood of "disk cache read error in CacheItems" log messages, | |
249 | and reducing the chance of subsequent panic. | |
250 | ||
251 | * Improve error messages for invalid values with -volume-ttl. | |
252 | ||
253 | * Remove useless error message: | |
254 | "find_preferred_connection: no connection and !create". | |
255 | ||
256 | * Avoid passing NULL to a kernel memory deallocator, which is not guaranteed | |
257 | to be safe on all systems. | |
258 | ||
259 | Linux | |
260 | ||
261 | * Add support for 64-bit ARM clients ("arm64"). | |
262 | ||
263 | * Fix panic when cache bypass is enabled. | |
264 | ||
265 | * Improve cache manager behavior when unable to open cache files. | |
266 | ||
267 | * Improvements to the RPM packaging. | |
268 | ||
269 | * Detect out-of-memory when using kernel pages for writing. | |
270 | ||
271 | Solaris | |
272 | ||
273 | * Fix various issues in the build process for recent Solaris versions. | |
274 | ||
275 | MacOS | |
276 | ||
277 | * Fix clients on OS X 10.13. | |
278 | ||
279 | FreeBSD / NetBSD / OpenBSD | |
280 | ||
281 | * Fix panic triggered during periodic cleanup operations and shutdown. | |
282 | ||
283 | OpenAFS 1.8.0 | |
284 | ||
285 | All Platforms | |
286 | ||
287 | * Substantial code quality improvements, largely spotted by Coverity and | |
288 | clang's static analysis. | |
289 | - Add new library for platform independent functions (opr). | |
290 | - Remove arbitrary path name length limits. | |
291 | - Convert to Heimdal's roken library for reliability. | |
292 | - Avoid garbage in allocated buffers (calloc). | |
293 | - Modernize signal handling in pthreaded server processes (softsig). | |
294 | - Improve code comments and additional Doxygen style comments. | |
295 | - Reduce compiler warnings, dead code, unused variables, and | |
296 | undefined behavior. | |
297 | - Fix bugs found by static code analyzer (clang-analyzer). | |
298 | - Improved unit test coverage. | |
299 | - Make VLDB flag definitions consistent. | |
300 | - Improve use of run-time assertions and add static assertions. | |
301 | - Add compiler attributes to assist static analyzers. | |
302 | - Clean up include headers in the entire tree. | |
303 | - Improve command-line handling library (libcmd). | |
304 | - Replace hash functions with Jenkin's hash function for faster | |
305 | and more evenly distributed lookups. | |
306 | - Provide a red-black tree data structure to enable algorithmic speedups. | |
307 | - Convert backup and salvage servers to the common logging API (libutil). | |
308 | - Improve volume id data type consistency (VolumeId). | |
309 | - Import APIs for kerberos-style profile configuration support. | |
310 | - Add new APIs to support UserList identities. | |
311 | - Add new APIs to support tabular output from command-line utilities. | |
312 | - Convert vnode macros to inline-functions. | |
313 | ||
314 | * Improved support for non-DES encryption types: | |
315 | - Convert to Heimdal's hcrypto library to support RFC 3961. | |
316 | - Add extended key file format replacing rxkad.keytab, and | |
317 | new key management APIs. | |
318 | - Add support for extended key types to asetkey. | |
319 | - Add akeyconvert to assist in upgrading to OpenAFS 1.8.x by converting an | |
320 | existing rxkad.keytab file to an extended key file. | |
321 | - Do not install the kaserver and related utilities by default to | |
322 | discourage the use of these DES-dependent components. | |
323 | - Remove obsolete klogin and klogin.krb programs. | |
324 | - Add new token APIs to support new rx security classes. | |
325 | ||
326 | * Migrate from LWP to POSIX threads (pthreads): | |
327 | - Convert the ptserver and vlserver from LWP to pthreads. | |
328 | - Remove LWP version of the file server binary. | |
329 | - Convert afsd, aklog, asetkey, klog.krb5, pts, udebug, and vos, from LWP | |
330 | to pthreads. | |
331 | ||
332 | * Improvements to Rx: | |
333 | - Restructure the Rx API to privatize the implementation. | |
334 | - Convert rx events to a red-black tree data structure to improve | |
335 | performance. | |
336 | - Convert from mutexes to atomic operations for counters to reduce lock | |
337 | contention. | |
338 | - Provide per-opcode Rx statistics. | |
339 | - Add an rx_opaque data type to support non-DES encryption types | |
340 | and general code cleanup. | |
341 | - Wake up the application thread after 'twind' is updated to avoid 100ms | |
342 | transmit delays when the receive window transitions from closed to | |
343 | open. | |
344 | - Fix for OPENAFS-SA-2017-001: sanity-check peer transport parmeters | |
345 | received in ack trailers | |
346 | ||
347 | * Libraries (both internal and installed) are built using libtool, including | |
348 | libuafs. The resulting shared libraries for libafsrpc and libafsauthent | |
349 | should be more usable than previously. | |
350 | ||
351 | * Improvements to the build system: | |
352 | - Convert to libtool to build shared libraries. | |
353 | - Clean up and improve the build system. | |
354 | - Support out of tree builds. | |
355 | - Add a makefile target to generate Doxygen source code documentation. | |
356 | - Link the Java API for OpenAFS with libuafs.a and remove the | |
357 | libjuafs.a library. | |
358 | - Always build the rxperf tool. | |
359 | - Fix man-page generation by make after ./regen.sh -q | |
360 | - Support the SOURCE_DATE_EPOCH environment variable to improve build | |
361 | reproducibility. | |
362 | - Modernize language specific SWIG typemaps for libuafs Perl bindings. | |
363 | - Refactor acinclude.m4 into a set of smaller m4 files (12876, 12877, 12878) | |
364 | ||
365 | * Improvements to documentation: | |
366 | - Document the new KeyFileExt file. | |
367 | - Reorganized the README files. | |
368 | - Improvements and fixes to documentation generation. | |
369 | - Add experimental epub and mobi support | |
370 | - Remove obsolete LWP information from the file server documentation. | |
371 | - Update and reorganize the Quick Start Guide. | |
372 | - Update the Admin Guide. | |
373 | - Remove AIX, HP-UX, and IRIX information from the Quick Start Guide. | |
374 | - Document the vldb and prdb (ubik) file formats. | |
375 | - Add PtLog man page. | |
376 | - Corrections and clarifications to man pages. | |
377 | - Add ubik threading analysis doc. | |
378 | - Normalize the location of text documents in the source tree. | |
379 | ||
380 | * Improvements for troublshooting, debugging, and testing: | |
381 | - Log more details on volume-server-to-fileserver communication errors | |
382 | when possible. | |
383 | - Set thread names in pthreaded servers on platforms which support | |
384 | thread names. | |
385 | - Add dynroot lock tracking to cmdebug | |
386 | - Fix tracking of an fstrace call site in the cache manager background | |
387 | process. | |
388 | - Add the afsload tool to simulate multiple cache managers for file server | |
389 | load testing. | |
390 | - Add run-time checks for refcount imbalances in the cache manager. | |
391 | - Fix missing newlines in afsd -debug output. | |
392 | ||
393 | * Developer tool improvements: | |
394 | - Improvements and fixes for rxgen (used to generate Rx RPC bindings). | |
395 | - Add tool for man page verification of command options. | |
396 | - Add tool to find Unix cache manager lock identification numbers. | |
397 | - Add an option for pretty build output. | |
398 | ||
399 | * RPM packaging updates: | |
400 | - Update the spec file to keep up with accumulated changes. | |
401 | - Move the klog.krb5 man page to the openafs-krb5 sub-package. | |
402 | - Remove stray man pages. (12870, 12871) | |
403 | - Prevent double-starting client on RHEL7 | |
404 | - Convert rpm spec file from deprecated 'make dest' to 'make install'. | |
405 | - Fix rpmbuild command line option default handling. | |
406 | - Support older versions of rpmbuild which do not support the | |
407 | rpmbuild %exclude directive. (12873) | |
408 | - Move the legacy kaserver and related programs to separate sub-packages, | |
409 | which are only built when rpmbuild is given the '--with kauth' option | |
410 | (12600, 12872) | |
411 | - Package the libuafs perl bindings (12921) | |
412 | ||
413 | * Add a new protection error code (PRNAMETOOLONG) instead of silently | |
414 | truncating names which exceed the maximum name length (PR_MAXNAMELEN). | |
415 | ||
416 | * Add an implementation limit (50000) on the number of names/ids which can | |
417 | be transmitted by unauthenticated clients to the ptserver, avoiding | |
418 | excessive resource consumption from unauthenticated requests. | |
419 | ||
420 | * Add the -config option to vos, pts, and aklog to specify the path to the | |
421 | cell configuration files. | |
422 | ||
423 | * Add more details in vos release -verbose output. | |
424 | ||
425 | * Add the cacheout -encrypt option to encrypt communication between the | |
426 | cacheout client and the fileserver. | |
427 | ||
428 | * Add the command line options to the afsio program to enable encryption of | |
429 | traffic between afsio and the fileserver (-clear, -crypt). | |
430 | ||
431 | * Add the vos release -force-reclone option to force recloning the volume to | |
432 | be released without forcing a full volume dump being transmitted to all | |
433 | remote sites. | |
434 | ||
435 | * Fix vos to avoid writing loopback addresses into the VLDB in | |
436 | certain cases. | |
437 | ||
438 | * Print bos and pts error messages to standard error instead of | |
439 | standard out. | |
440 | ||
441 | * Improve formatting of the -help output of all commands. | |
442 | ||
443 | * Change -n to -dryrun in all backup subcommands. | |
444 | ||
445 | * Change the backup deletedump -port command line option to -portoffset. | |
446 | ||
447 | * Add user and build host in the version string returned by | |
448 | rxdebug -version. | |
449 | ||
450 | * Support recent versions of gcc (7.2.1) (12897) | |
451 | ||
452 | All Server Platforms | |
453 | ||
454 | * Ubik servers using pthreads are now available and are used by default | |
455 | ||
456 | * As part of improving Ubik reliability in certain edge cases, an extra | |
457 | election cycle (about 60 seconds) may be needed before writes are | |
458 | permitted. This is a conservative change that may be removed in | |
459 | the future. | |
460 | ||
461 | * Avoid continually retransmitting the ubik database to remote sites when | |
462 | a write transaction occurs as remote sites are attempting to rejoin the | |
463 | ubik cluster. (12896) | |
464 | ||
465 | * Ensure the ubik database version number is updated on remote sites at the | |
466 | point the database is transferred to remote sites instead of waiting for | |
467 | the next ubik beacon. This avoids write transaction failures during the | |
468 | window between the database transfer and the next ubik beacon (12885). | |
469 | ||
470 | * Remove periodic background fsync by the fileserver (ihandle fsync thread). | |
471 | ||
472 | * Fix potential file handle leak in the file server ihandle caching layer. | |
473 | ||
474 | * Disable the so-called "hot threads" feature in the file server. The hot | |
475 | threads feature was intended as an optimization for dispatching incoming | |
476 | calls to the current listener thread, but has been reported to incur a | |
477 | performance penalty on modern multi-core systems. | |
478 | ||
479 | * Do not permit creation of users with id of ANONYMOUSID. | |
480 | ||
481 | * Do not save/restore host states in the fsstate.dat file for hosts which | |
482 | are in the process of retrieving CPS information from the ptserver when | |
483 | the fileserver is being shutdown. This fixes a bug in which the fileserver | |
484 | will incorrectly block all threads following a restart. | |
485 | ||
486 | * Add the ptserver -restrict_anonymous option to inhibit exposure of user | |
487 | names from the ptserver. | |
488 | ||
489 | * Do not truncate server log files by default when server processes | |
490 | are started. The -transarc-logs option provides backward compatibility | |
491 | with IBM AFS log handling on server startup. Log messages may be lost | |
492 | in back-to- back restarts when a server is running in this mode. | |
493 | ||
494 | * Reopen server logs on SIGUSR1. This may be used by third-party log | |
495 | rotation tools, such as logrotate, to reopen the log file handles after | |
496 | log files have been renamed. | |
497 | ||
498 | * Fix various bugs when logging with -mrafslogs enabled. | |
499 | ||
500 | * Dynamically reload the kerberos realm to AFS cell mapping (krb.conf) and | |
501 | exclusions for mapping kerberos principals to AFS identities (krb.excl) | |
502 | configuration when the CellServDB cell configuration file is touched. | |
503 | Previously, a restart of the file server was required after updating the | |
504 | kerberos mapping configuration files. | |
505 | ||
506 | * Add a command line option (-restricted_query) to the vlserver and | |
507 | volserver to restrict information queries about volumes to a specific | |
508 | group of users. | |
509 | ||
510 | * Add a command line option to the server programs to specify an alternate | |
511 | fully qualified log file name (-logfile). | |
512 | ||
513 | * Add a command line option (-config) to the server programs to specify | |
514 | an alternate path to the server configuration. | |
515 | ||
516 | * Add a command line option to the ptserver and vlserver to specify an | |
517 | alternate path to the database data files. | |
518 | ||
519 | * Add a command line option to the volume server to enable encryption of | |
520 | volume-server-to-volume-server-traffic (-s2scrypt). | |
521 | ||
522 | * Increase the maximum number of LWP threads allowed for the ptserver and | |
523 | vlserver from 16 to 64 (-lwp). | |
524 | ||
525 | * Remove an unused file server command line option (-k). | |
526 | ||
527 | * Fix an incorrect assertion in Demand Attach File Server which could cause | |
528 | the file server process to abort in certain rare conditions. | |
529 | ||
530 | * Deprecate the -bitmap-later configure option for non-Demand-Attach File | |
531 | Servers (DAFS). | |
532 | ||
533 | * Add -vhashsize support to non-Demand-Attach File Servers (DAFS). | |
534 | ||
535 | * Add support for subnet ranges in the NetInfo and NetRestrict | |
536 | configuration files. | |
537 | ||
538 | * Add the GetXStats RPC to the audit log. | |
539 | ||
540 | * Fix directory creation by bosserver when built for non-Transarc paths. | |
541 | ||
542 | * Fix incomplete list of server addresses retreived by vos listaddr when the | |
543 | vldb contains unreferenced multi-homed server entries. | |
544 | ||
545 | * Remove obsolete bos blockscanner and unblockscanner commands that | |
546 | were only needed for the removed MR-AFS functionality. | |
547 | ||
548 | * Remove obsolete bos salvage options that were only used by the | |
549 | removed MR-AFS functionality.. | |
550 | ||
551 | * Remove calls to the deprecated sbrk() function. | |
552 | ||
553 | * Add an experimental feature to database servers to support ubik reads | |
554 | while write transactions are in progress, enabled at build time with the | |
555 | --enable-ubik-read-while-write configure option. This feature is not | |
556 | considered ready for production usage at this time. | |
557 | ||
558 | * Avoid filling the FileLog with "Volume x offline: not in service" when | |
559 | a volume is administratively taken offline with vos offline. | |
560 | ||
561 | * Print an error message when bosserver is started with an unknown | |
562 | command line option. | |
563 | ||
564 | * Modify the volume updateDate when the volume is changed by a salvage. | |
565 | ||
566 | * Volume usage statistics are now preserved during reclone and restore | |
567 | operations by default, the behavior previously enabled by | |
568 | the -preserve-vol-stats flag to the volserver. The historical behavior | |
569 | can be retained via the -clear-vol-stats argument. | |
570 | ||
571 | All Client Platforms | |
572 | ||
573 | * Use rxkad_crypt by default for connections to fileservers. This matches | |
574 | the existing behavior of the Windows client and has been applied by | |
575 | the distribution packaging on many platforms already. | |
576 | ||
577 | * Add support for relative ACL changes with fs setacl. If a single plus (+) | |
578 | or minus (-) character is appended to the rights' letters argument, the | |
579 | new rights are computed relatively to the existing ones. | |
580 | ||
581 | * Remove afsd -settime and afsd -nosettime support. | |
582 | ||
583 | * Add the afsd -inumcalc option to specify the method used to calculate | |
584 | inode numbers presented by AFS. | |
585 | ||
586 | * Add the afsd -volume-ttl option to specify set the maximum amount of time | |
587 | information retrieved from the vlserver will be cached, regardless of | |
588 | callback expiry times. | |
589 | ||
590 | * Return EIO on internal errors instead of the misleading ENOENT. | |
591 | ||
592 | * Log ICMP errors received, if any, for unreachable servers. | |
593 | ||
594 | * Improve performance of clients with multiple PAGs for different cells. | |
595 | ||
596 | * Fix race condition between changing and using user tokens among cache | |
597 | manager threads. | |
598 | ||
599 | * Fix fs sysname for users with UID 2748 and 2750 when not running | |
600 | in -rmtsys mode. | |
601 | ||
602 | * Add Perl bindings for the user-space cache manager library (libuafs). | |
603 | ||
604 | * Fixes to the bypasscache feature. | |
605 | ||
606 | * Fix fs getcacheparms miscounts. | |
607 | ||
608 | * Remove the obsolete Netscape plugin. | |
609 | ||
610 | * Fix building gtx when ncurses is linked against libtinfo. | |
611 | ||
612 | * Update to the GCO CellServDB update from 14 March 2017. | |
613 | ||
614 | Linux | |
615 | ||
616 | * Remove Linux 2.2 and 2.4 support. | |
617 | ||
618 | * Changes to avoid EIO errors with multiple processes doing intensive mmap | |
619 | writing. (Drop PageReclaim AOP_WRITEPAGE_ACTIVATE.) | |
620 | ||
621 | * Prevent fakestat data inconsistencies in certain cases (131855). | |
622 | ||
623 | * Fix dentry leak which can cause a crash on shutdown. | |
624 | ||
625 | * Fix improper use of ENOENT and avoid incorrect use of linux negative | |
626 | dentry cache. | |
627 | ||
628 | * Use a more correct (less aggressive) scheme to react to downward | |
629 | pressure on cache usage, avoiding d_invalidate(), which can cause | |
630 | getcwd() failures on RHEL 7.4. | |
631 | ||
632 | * Apply a workaround to be compatible with RHEL 7.5's KABI preservation | |
633 | strategy for reading directories. | |
634 | ||
635 | * Improve error reporting when encountering corrupt directories. | |
636 | ||
637 | * Improve rx error handling in the Linux cache manager. | |
638 | ||
639 | * Rename kpasswd to kapasswd when packaging RPMs to avoid colliding with | |
640 | Kerberos kpasswd. | |
641 | ||
642 | * Do not use the obsolete --enable-largefile-fileservers configure option | |
643 | when packaging RPMs. | |
644 | ||
645 | * In Red Hat packaging, use a separate rpm for kmod debuginfo, | |
646 | removing a needless tight version dependency on the userspace package. | |
647 | (12822, 12875) | |
648 | ||
649 | * Use the RemainAfterExit systemd feature to avoid premature exit | |
650 | when -afsdb is not given, for RPM packages. | |
651 | ||
652 | * Remove Debian packaging files from the OpenAFS source tree. Debian | |
653 | packaging files are currently maintained in the downstream Debian | |
654 | infrastructure. | |
655 | ||
656 | * Add the sparc_linux26 sysname. | |
657 | ||
658 | * Desupport 32-bit Linux kernels on s390/s390x. | |
659 | ||
660 | * Fix Debian/Ubuntu build regression on kernel 3.16.39. | |
661 | ||
662 | * Fix --enable-kernel-debug for linux 4.8+. | |
663 | ||
664 | * Fix a hang encountered when accessing a previously removed | |
665 | directory entry (12811). | |
666 | ||
667 | * Support linux 4.10, 4.11, 4.12, 4.13, 4.14, 4.15 | |
668 | ||
669 | Solaris | |
670 | ||
671 | * Remove support for all Solaris and SunOS platforms prior to Solaris 8. | |
672 | ||
673 | * Build 64-bit binaries for Solaris x86 by default. | |
674 | ||
675 | * Use one-group PAGs on Solaris 11, which is required for PAG support | |
676 | on Solaris 11 since supplemental groups must be sorted starting with | |
677 | Solaris 11.1. | |
678 | ||
679 | * Update search paths for solaris cc for recent versions Solaris Studio. | |
680 | ||
681 | * Modernize declaration of module dependences by converting from the | |
682 | deprecated _depends_on symbol to ELF dependencies. | |
683 | ||
684 | * Avoid BAD TRAP panic due to invalid opcodes on x86 with Studio 12.5. | |
685 | ||
686 | * Add ctf debug records to Solaris kernel modules when debug builds | |
687 | are enabled and the ctf tools are present (ctfconvert/ctfmerge). | |
688 | ||
689 | * Save kernel module function arguments on x86 for debugging purposes. | |
690 | ||
691 | MacOS | |
692 | ||
693 | * Stop processing upcalls once rx shutdown starts. | |
694 | ||
695 | * Enable atomics for the darwin kernel. | |
696 | ||
697 | * Add a syscall to enable/disable bulkstat at run-time, which is | |
698 | disabled by default. | |
699 | ||
700 | * Fix path to binaries in the prefpane. | |
701 | ||
702 | * Fix builds on MacOS 10.12 by building only the active architecture | |
703 | by default. | |
704 | ||
705 | * Support versions up through 10.13 (High Sierra) and APFS | |
706 | ||
707 | FreeBSD | |
708 | ||
709 | * Use the native kernel module build system instead of an ad hoc | |
710 | replacement build system. | |
711 | ||
712 | * Remove FreeBSD packaging files from the OpenAFS source tree. FreeBSD | |
713 | packaging files are currently maintained in the downstream FreeBSD Ports | |
714 | Collection. | |
715 | ||
716 | * Stay up to date with new FreeBSD releases (through 10.3). | |
717 | ||
718 | * Do not claim AFS_VM_RDWR_ENV | |
719 | ||
720 | * Add sysnames and files for i386 and amd64 10.4, 11.1, and 12.0 | |
721 | (12-CURRENT, at present). (12887, 12888) | |
722 | ||
723 | * Remove trailing semicolons to fix the build on FreeBSD (12899) | |
724 | ||
725 | NetBSD | |
726 | ||
727 | * Stay up to date with new NetBSD releases (through 7.x) | |
728 | ||
729 | * Update to use cprng(9) as the randomness source on NetBSD 6.99/7.x. | |
730 | ||
731 | * Build system updates for NetBDS 6.99.x | |
732 | ||
733 | * Do not claim AFS_VM_RDWR_ENV | |
734 | ||
735 | OpenBSD | |
736 | ||
737 | * Stay up to date with new OpenBSD releases (through 4.7) | |
738 | ||
739 | * Do not claim AFS_VM_RDWR_ENV | |
740 | ||
741 | AIX | |
742 | ||
743 | * Updates for AIX support. | |
744 | ||
745 | * Fix build system for AIX exports. | |
746 | ||
747 | * Add the uidpag and localuid runtime options to the aklog LAM plugin. | |
748 | (These runtime options override the use of UID-based PAGs, which were | |
749 | introduced to appease the CDE screensaver.) | |
750 | ||
751 | OpenAFS 1.6.21 | |
752 | ||
753 | All platforms | |
754 | ||
755 | * Avoid a possible 100ms transmit delay in the RX protocol when a peer's | |
756 | receive window transitions from closed to open (12627) | |
757 | ||
758 | * Documentation improvements (12476 12477 12559[RT #133339]) | |
759 | ||
760 | All server platforms | |
761 | ||
762 | * When bosserver is started with an unknown option, print an error message | |
763 | and exit with a non-zero value rather than failing silently (12631) | |
764 | ||
765 | All DB server platforms | |
766 | ||
767 | * Hold the DB lock while checking for an aborted write transaction (12516) | |
768 | ||
769 | All file server platforms | |
770 | ||
771 | * On demand attach fileservers, don't save or restore a client's host | |
772 | state if CPS ("Current Protection Subdomain") recalculation for it is | |
773 | in progress, to avoid fileserver thread exhaustion (12568) | |
774 | ||
775 | * On demand attach fileservers, avoid flooding the log with error messages, | |
776 | which could happen when the fileserver was restarted while a volume was | |
777 | offline (12569) | |
778 | ||
779 | * Update a volume's "Last Update" time when its content is modified by | |
780 | the salvager, to make the change visible in the output of "vos examine" | |
781 | and to backup services (12633) | |
782 | ||
783 | All client platforms | |
784 | ||
785 | * Corrected the DCentries bucket counts for very large and zero length | |
786 | files in the output of "fs getcacheparms -excessive" (12604 12605) | |
787 | ||
788 | * Fixed a bug that prevented users with GID 2748 and 2750 from executing | |
789 | the "fs sysname" command on clients running afsd with -rmtsys (12607) | |
790 | ||
791 | * Provide a new -inumcalc switch for afsd to allow enabling the alternative | |
792 | MD5 method of inode number calculation, which was previously only | |
793 | possible on Linux and through the sysctl interface (12608 12632) | |
794 | ||
795 | Linux clients | |
796 | ||
797 | * Support for mainline kernel 4.12 and distribution kernels with backports | |
798 | from it (12624 12626) | |
799 | ||
800 | * Re-added the improved algorithm for freeing unused vcaches to reduce | |
801 | memory consumption first introduced with the 1.6.18 release, together | |
802 | with a fix for the issue leading to its removal in 1.6.18.2 (12448..12451) | |
803 | ||
804 | macOS clients | |
805 | ||
806 | * Fixed a crash while stopping the client on macOS 10.12 "Sierra" (12602) | |
807 | ||
808 | ||
809 | OpenAFS 1.6.20.2 | |
810 | ||
811 | All platforms | |
812 | ||
813 | * Build fixes required by recent compilers or platforms (12514 12521 12534 | |
814 | 12536 12538) | |
815 | ||
816 | * Allow the bos server to start successfully in the presence of those, by | |
817 | accepting a now checked return value indicating that the client ThisCell | |
818 | and CellServDB already exist (12522) | |
819 | ||
820 | Linux clients | |
821 | ||
822 | * Support for mainline kernels 4.10 and - most likely - 4.11 and | |
823 | distribution kernels with backports from them (12530 12588..12590 12598) | |
824 | ||
825 | * Support for distribution kernels with partial backports from 4.9 (12535) | |
826 | (RT #134158) | |
827 | ||
828 | * In Red Hat packaging, moved the klog.krb5 manual page into the krb5 | |
829 | subpackage (12511) | |
830 | ||
831 | * In Red Hat packaging, prevent systemd from double-starting the client | |
832 | (12587) | |
833 | ||
834 | * Allow aklog to function on current S390/S390x (12499) | |
835 | ||
836 | Solaris clients | |
837 | ||
838 | * Make process authentication groups work on Solaris 11, now using a single | |
839 | group ID (12524..12527) | |
840 | ||
841 | * Fix a BAD TRAP panic on Solaris 11 clients built with Studio 12.5 (12567) | |
842 | ||
843 | macOS clients | |
844 | ||
845 | * Fixed the preference pane for OS X 10.11 and later (12512) | |
846 | ||
847 | OpenAFS 1.6.20.1 | |
848 | ||
849 | All platforms | |
850 | ||
851 | * Build fixes required by recent compilers (12482..12484) | |
852 | ||
853 | Linux clients | |
854 | ||
855 | * Support for mainline kernel 4.9 and distribution kernels with | |
856 | backports from it (12478..12480) | |
857 | ||
858 | * In Red Hat packaging, make systemd deal correctly with the client | |
859 | when no userland processes remain after starting it (12481) | |
860 | (RT #133482) | |
861 | ||
862 | macOS | |
863 | ||
864 | * Support for release 10.12 "Sierra" (12431 12432) | |
865 | ||
866 | * Avoid a crash in the Mounts tab of the OpenAFS preference pane (12447) | |
867 | ||
868 | OpenAFS 1.6.20 (Security Release) | |
869 | ||
870 | All platforms | |
871 | ||
872 | * Fix for OPENAFS-SA-2016-003: file and directory names leak due to | |
873 | reuse of directory objects without zeroing the contents | |
874 | (12461 12462 12463 12464 12465) | |
875 | ||
876 | OpenAFS 1.6.19 | |
877 | ||
878 | All platforms | |
879 | ||
880 | * Documentation improvements (12304) | |
881 | * Fixes for test failures (12396 12415) | |
882 | ||
883 | All DB server platforms | |
884 | ||
885 | * Avoid potentially writing to an out of date volume location or protection | |
886 | database, or losing a database write, which could happen in rare cases | |
887 | under special conditions during database leader election | |
888 | (12339 12389) | |
889 | ||
890 | Solaris clients | |
891 | ||
892 | * Allow the fsinfo::: DTrace provider to work with AFS files (12371) | |
893 | ||
894 | Linux clients | |
895 | ||
896 | * Don't commit more data to a file than was actually copied during writes, | |
897 | which could happen on architectures with a page size > 4 KiB (12413) | |
898 | * Fixed build on PPC64 with GCC 6.1 (12388) (RT #133407) | |
899 | * Fixed build on x86_64 with recent GCC (12365 12366) | |
900 | ||
901 | ||
902 | OpenAFS 1.6.18.3 | |
903 | ||
904 | Linux clients | |
905 | ||
906 | * Support for mainline kernel 4.7 and distribution kernels with | |
907 | backports from it (12348) | |
908 | ||
909 | Solaris clients | |
910 | ||
911 | * Fixed memory mapped I/O on files >= 4 GiB (12349 12350) | |
912 | ||
913 | Note that there is a suspicion that this might break the client | |
914 | on very old Solaris releases (2.6). If it does, the breakage should | |
915 | occur at build time. | |
916 | ||
917 | OS X | |
918 | ||
919 | * Added tooling to build a package for OS X 10.10 "Yosemite" and | |
920 | 10.11 "El Capitan" (12335 12351) | |
921 | ||
922 | ||
923 | OpenAFS 1.6.18.2 | |
924 | ||
925 | Linux clients | |
926 | ||
927 | * Support for mainline kernel 4.6 and distribution kernels with | |
928 | backports from it (12332) | |
929 | ||
930 | * Switch back to the pre-1.6.18 algorithm for freeing unused vcaches. | |
931 | While the new algorithm is still believed to be correct, it turned | |
932 | out that at least on some kernels, including 4.5 and 4.6, the dentry | |
933 | for the current working directory may be erroneously invalidated. | |
934 | This could lead to errors like "Unable to read current working directory" | |
935 | when a directory wasn't accessed for a few minutes. (12323) | |
936 | ||
937 | * Use a secure URL to retrieve the CellServDB in the script to create | |
938 | the Red Hat source package (12330) | |
939 | ||
940 | FreeBSD | |
941 | ||
942 | * Added sysname IDs for 10.2 and 10.3 to fix the build on those platforms | |
943 | (12322) | |
944 | ||
945 | ||
946 | OpenAFS 1.6.18.1 | |
947 | ||
948 | Linux clients | |
949 | ||
950 | * Support for mainline kernel 4.5 and distribution kernels with | |
951 | backports from it (12300..12302) | |
952 | ||
953 | ||
954 | OpenAFS 1.6.18 | |
955 | ||
956 | All platforms | |
957 | ||
958 | * Documentation improvements (12224 11675 11613 12197) | |
959 | ||
960 | * Improved diagnostics and error messages (12129 12207 12185 12211 12113 | |
961 | 12215 12216) | |
962 | ||
963 | * Check that CellServDB entries are valid IPv4 addresses, to avoid | |
964 | occasional hangs or potentially other erratic behaviour due to invalid | |
965 | entries (12210) (RT #131794) | |
966 | ||
967 | All client platforms | |
968 | ||
969 | * Gracefully handle cases where a client shutdown sequence is initiated | |
970 | while the client is already shutting down, rather than cause a panic | |
971 | (12179) | |
972 | ||
973 | * Fixed several bugs that could cause erratic behaviour when the write | |
974 | offset into a file was more than 2 GiB beyond the file's current end | |
975 | on the server (12213 12214) | |
976 | ||
977 | All server platforms | |
978 | ||
979 | * Avoid a possible volserver crash during volume dump or restore due | |
980 | to invalid ACL entries (12127) | |
981 | ||
982 | * Allow recovering from a DAFS fileserver operation which allocates a | |
983 | new vnode but fails to update the vnode index, rather than crashing the | |
984 | server (12209) | |
985 | ||
986 | * Fixed a longstanding bug which could damage the volume location database | |
987 | when "vos changeaddr" was run with "-oldaddr" and "-newaddr" and the | |
988 | old address was present in a multi-homed entry (12089) | |
989 | ||
990 | FreeBSD | |
991 | ||
992 | * Added support for releases 10.2 and 10.3 (12232) | |
993 | ||
994 | Linux clients | |
995 | ||
996 | * Support for mainline kernel 4.4 and distribution kernels with | |
997 | backports from it, alas at a performance penalty (12226 12227 12228) | |
998 | (RT #132677 #132819) | |
999 | ||
1000 | * Avoid using excessive amounts of kernel memory for dynamically | |
1001 | allocated vcaches, by improving the algorithm to free unused ones | |
1002 | (12256 12257) | |
1003 | ||
1004 | * In Red Hat packaging, make the init script use "ip" if available, with | |
1005 | "ifconfig" as a fallback (12193) | |
1006 | ||
1007 | OS X | |
1008 | ||
1009 | * Basic support for release 10.11 "El Capitan" (12212) | |
1010 | ||
1011 | IRIX clients | |
1012 | ||
1013 | * Fixed kernel module builds with optimization (12198) (RT #131261) | |
1014 | ||
1015 | ||
1016 | OpenAFS 1.6.17 (Security Release) | |
1017 | ||
1018 | All server platforms | |
1019 | ||
1020 | * Fix for OPENAFS-SA-2016-001: foreign users can create groups as | |
1021 | if they were an administrator (RT #132822) (CVE-2016-2860) | |
1022 | ||
1023 | All client platforms | |
1024 | ||
1025 | * Fix for OPENAFS-SA-2016-002: information leakage from sending | |
1026 | uninitialized memory over the network. Multiple call sites | |
1027 | were vulnerable, with potential for leaking both kernel and | |
1028 | userland stack data (RT #132847) | |
1029 | ||
1030 | * Update to the GCO CellServDB update from 01 January 2016 (12188) | |
1031 | ||
1032 | Linux clients | |
1033 | ||
1034 | * Fix a crash when the root volume is not found and dynroot is not | |
1035 | in use, a regression introduced in 1.6.14.1 (12166) | |
1036 | ||
1037 | * Avoid introducing a dependency on the kernel-devel package corresponding | |
1038 | to the currently running system while building the srpm (12195) | |
1039 | ||
1040 | * Create systemd unit files with mode 0644 instead of 0755 | |
1041 | (12196) (RT #132662) | |
1042 | ||
1043 | OpenAFS 1.6.16 | |
1044 | ||
1045 | All platforms | |
1046 | ||
1047 | * Documentation improvements (11932 12096 12100 12112 12120) | |
1048 | ||
1049 | * Improved diagnostics and error messages (11586 11587) | |
1050 | ||
1051 | * Distribute the contributor code of conduct with the stable release (12056) | |
1052 | ||
1053 | All server platforms | |
1054 | ||
1055 | * Create PID files in the right location when bosserver is started with | |
1056 | the "-pidfiles" argument and transarc paths are not being used (12086) | |
1057 | ||
1058 | * Several fixes regarding volume dump creation and restore (11433 11553 | |
1059 | 11825 11826 12082) | |
1060 | ||
1061 | * Avoid a reported bosserver crash, and potentially others, by replacing | |
1062 | fixed size buffers with dynamically allocated ones in some user handling | |
1063 | functions (11436) (RT #130719) | |
1064 | ||
1065 | * Obey the "-toname" parameter in "vos clone" operations (11434) | |
1066 | ||
1067 | * Avoid writing a loopback address into the server CellServDB - search | |
1068 | for a non-loopback one, and fail if none is found (12083 12105) | |
1069 | ||
1070 | * Rebuild the vldb free list with "vldb_check -fix" (12084) | |
1071 | ||
1072 | * Fixed and improved the "check_sysid" utility (12090) | |
1073 | ||
1074 | * Fixed and improved the "prdb_check" utility (12101..04) | |
1075 | ||
1076 | All client platforms | |
1077 | ||
1078 | * Avoid a potential denial of service issue, by fixing a bug in pioctl | |
1079 | logic that allowed a local user to overrun a kernel buffer with a single | |
1080 | NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312) | |
1081 | ||
1082 | * Refuse to change multi-homed server entries with "vos changeaddr", | |
1083 | unless "-force" is given, to avoid corruption of those entries (12087) | |
1084 | ||
1085 | * Provide a new vos subcommand "remaddrs" for removing server entries, to | |
1086 | replace the slightly confusing "vos changeaddr -remove" (12092 12094) | |
1087 | ||
1088 | * Make "fs flushall" actually invalidate all cached data (11894) | |
1089 | ||
1090 | * Prevent spurious call aborts due to erroneous idle timeouts (11594) | |
1091 | ||
1092 | * Provide a "--disable-gtx" configure switch to avoid building and | |
1093 | installing libgtx and its header files as well as the depending | |
1094 | "scout" and "afsmonitor" applications (12095) | |
1095 | ||
1096 | * Fixed building the gtx applications against newer ncurses (12125) | |
1097 | ||
1098 | * Allow pioctls to work in environments where the syscall emulation | |
1099 | pseudo file is created in a read-only pseudo filesystem, like in | |
1100 | containers under recent versions of docker (12124) | |
1101 | ||
1102 | Linux clients | |
1103 | ||
1104 | * In Red Hat packaging, avoid following a symbolic link when writing | |
1105 | the client CellServDB, which could overwrite the server CellServDB, | |
1106 | by removing an existing symlink before writing the file (12081) | |
1107 | ||
1108 | * In Red Hat packaging, avoid a conflict of openafs-debuginfo with | |
1109 | krb5-debuginfo by excluding our kpasswd executable from debuginfo | |
1110 | processing (12128) (RT #131771) | |
1111 | ||
1112 | OpenAFS 1.6.15 (Security Release) | |
1113 | ||
1114 | All client and server platforms | |
1115 | ||
1116 | * Fix for OPENAFS-SA-2015-007 "Tattletale" | |
1117 | ||
1118 | When constructing an Rx acknowledgment (ACK) packet, Andrew-derived | |
1119 | Rx implementations do not initialize three octets of data that are | |
1120 | padding in the C language structure and were inadvertently included | |
1121 | in the wire protocol (CVE-2015-7762). Additionally, OpenAFS Rx in | |
1122 | versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0 | |
1123 | through 1.7.32 include a variable-length padding at the end of the | |
1124 | ACK packet, in an attempt to detect the path MTU, but only four octets | |
1125 | of the additional padding are initialized (CVE-2015-7763). | |
1126 | ||
1127 | OpenAFS 1.6.14.1 | |
1128 | ||
1129 | Linux clients | |
1130 | ||
1131 | * Support kernels up to 4.2 | |
1132 | ||
1133 | Due to changes to internal data structures with this kernel release, | |
1134 | the OpenAFS client can no longer reset the link count during path | |
1135 | lookups. Since volume root directories must behave like symlinks | |
1136 | instead of normal directories in order to satisfy Linux kernel | |
1137 | invariants, looking up paths containing more than 40 mount points | |
1138 | will fail with ELOOP on such kernels. | |
1139 | ||
1140 | OpenAFS 1.6.14 | |
1141 | ||
1142 | All server platforms | |
1143 | ||
1144 | * Prior to the OpenAFS security release 1.6.13, the Volume Location | |
1145 | Server (vlserver) RPC VL_ListAttributesN2() supported wildcard volume | |
1146 | name lookups via regular expression (regex) pattern matching. This | |
1147 | support was completely disabled in 1.6.13 because it was judged to be | |
1148 | a security risk due to buffer overruns in the implementation, as well | |
1149 | as the possibility of denial of service attacks where certain regular | |
1150 | expressions could cause excessive CPU usage in some regex | |
1151 | implementations. | |
1152 | ||
1153 | Unfortunately, after 1.6.13 was released, it was discovered that | |
1154 | the native OpenAFS 'backup' system uses the VL_ListAttributesN2() | |
1155 | regex support to evaluate configured volume sets. If you use the | |
1156 | OpenAFS 'backup' system (or another backup system which relies on it, | |
1157 | such as Tivoli Storage Manager (TSM, aka Tivoli ADSM)), and are using | |
1158 | volume sets which require regular expressions for the volume name, | |
1159 | then those volume sets cannot be resolved by OpenAFS 1.6.13. The next | |
1160 | paragraph provides details on how to identify any affected volume sets. | |
1161 | ||
1162 | OpenAFS backup volume sets may be described by fileserver, partition | |
1163 | name, and volume name. The fileserver and partition specifications | |
1164 | never require regular expression support. The volume name specification | |
1165 | always requires regular expression support except for when specifying | |
1166 | _all_ volumes via two special cases: the universal wildcard ".*", or "". | |
1167 | For example, volume name "proj" or "*.backup" or "homevol.*" all | |
1168 | require regex support - even if the specification contains no wildcard | |
1169 | characters and/or exactly matches an existing volume name. | |
1170 | ||
1171 | As a result of this issue, OpenAFS 1.6.14 replaces the 1.6.13 changes | |
1172 | to VL_ListAttributesN2. 1.6.14 prevents the buffer overruns and | |
1173 | reenables the regex support, but restricts it to OpenAFS super-users | |
1174 | and -localauth only. This is sufficient to restore the OpenAFS 'backup' | |
1175 | system's ability to work correctly with any previously supported volume | |
1176 | set. The OpenAFS 'backup' commands are already documented to require | |
1177 | super-user authorization, so this restriction is moot for the backup | |
1178 | system. | |
1179 | ||
1180 | There are no other direct consumers of the VL_ListAttributesN2() regex | |
1181 | support in the OpenAFS tree. However, the VL_ListAttributesN2 RPC is | |
1182 | publicly accessible and might be used by third party tools directly or | |
1183 | indirectly via OpenAFS's libadmin. Any such tools that issue | |
1184 | VL_ListAttributesN2 RPCs must now be executed using super-user or | |
1185 | -localauth tokens. | |
1186 | ||
1187 | None of the other security fixes in OpenAFS 1.6.13 are known to have | |
1188 | any issues, and are still included unchanged in OpenAFS 1.6.14. | |
1189 | ||
1190 | If there are any questions concerning the possible impact of OpenAFS | |
1191 | 1.6.13 or 1.6.14 at your site, please contact your OpenAFS support | |
1192 | provider or the openafs-info@openafs.org mailing list for further | |
1193 | assistance. | |
1194 | ||
1195 | OpenAFS 1.6.13 | |
1196 | ||
1197 | All server platforms | |
1198 | ||
1199 | * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the | |
1200 | clear when creating vldb entries | |
1201 | ||
1202 | * Workaround for CVE-2015-3283: bos commands can be spoofed, including | |
1203 | some which alter server state | |
1204 | ||
1205 | * Disabled searching the VLDB by volume name regular expression to avoid | |
1206 | possible buffer overruns in the volume location server | |
1207 | ||
1208 | All client platforms | |
1209 | ||
1210 | * Fix for CVE-2015-3284: pioctls leak kernel memory | |
1211 | ||
1212 | * Fix for CVE-2015-3285: kernel pioctl support for OSD command passing | |
1213 | can trigger a panic | |
1214 | ||
1215 | Solaris clients | |
1216 | ||
1217 | * Fix for CVE-2015-3286: Solaris grouplist modifications for PAGs can | |
1218 | panic or overwrite memory | |
1219 | ||
1220 | OpenAFS 1.6.12 | |
1221 | ||
1222 | All server platforms | |
1223 | ||
1224 | * Avoid database corruption if a database server is shut down and then | |
1225 | brought up again quickly with an altered database (11773 11774) | |
1226 | (RT #131997) | |
1227 | ||
1228 | All client platforms | |
1229 | ||
1230 | * Fixed a potential buffer overflow in aklog (11808) | |
1231 | ||
1232 | * Avoid a bogus warning regarding the checkserver daemon, which could be | |
1233 | logged during startup when the cache initialization was very fast (11680) | |
1234 | ||
1235 | * Added documentation of the inaccuracy of the 'partition' field in | |
1236 | 'fs listquota' output for partitions larger than 2 TiB (11626) | |
1237 | ||
1238 | Linux clients | |
1239 | ||
1240 | * Support kernels up to 4.1 (11872 11873) | |
1241 | ||
1242 | * Avoid spurious EIO errors when writing large chunks of data to | |
1243 | mmapped files (11877) | |
1244 | ||
1245 | OS X | |
1246 | ||
1247 | * Build fixes required at least on OS X 10.10 Yosemite with the latest | |
1248 | XCode (11859 11876 11842..11845 11863 11878 11879) | |
1249 | ||
1250 | OpenAFS 1.6.11.1 | |
1251 | ||
1252 | Linux clients | |
1253 | ||
1254 | * Support kernels up to 4.0 (11760 11761) | |
1255 | ||
1256 | FreeBSD clients | |
1257 | ||
1258 | * Fixed kernel module build on systems with an updated clang which no | |
1259 | longer accepts the -mno-align-long-strings as a no-op (11809) | |
1260 | ||
1261 | OpenAFS 1.6.11 | |
1262 | ||
1263 | All platforms | |
1264 | ||
1265 | * Allow aklog to succeed creating native K5 tokens even when mapping | |
1266 | the K5 principal to a K4 one fails (11538) | |
1267 | ||
1268 | * Build fixes (11435 11636) | |
1269 | ||
1270 | All client platforms | |
1271 | ||
1272 | * Avoid a potential kernel panic due to connection reference overcounts | |
1273 | (11645) (RT #131885) | |
1274 | ||
1275 | * Avoid potential corruption of files written using memory mapped I/O | |
1276 | when the file is larger than the cache (11656) (RT #131976) | |
1277 | ||
1278 | Linux clients | |
1279 | ||
1280 | * Support kernels at least up to 3.19 (11549 11550 11569 11570 11595 | |
1281 | 11658..11662 11694 11752) | |
1282 | ||
1283 | Note: By default this excludes kernels 3.17 to 3.17.2, which will leak | |
1284 | an inode reference when an error occurs in d_splice_alias(). The | |
1285 | module will build and work, but leak kernel memory, leading to | |
1286 | performance degradation and eventually system failure due to | |
1287 | memory exhaustion. Since it's impossible to detect this condition | |
1288 | automatically, the switch --enable-linux-d_splice_alias-extra-iput | |
1289 | must be passed to configure when building the module for those | |
1290 | kernels. The same would be necessary for any kernel with backports | |
1291 | of commit 908790fa3b779d37365e6b28e3aa0f6e833020c3 or commit | |
1292 | 95ad5c291313b66a98a44dc92b57e0b37c1dd589 but not the fix in commit | |
1293 | 51486b900ee92856b977eacfc5bfbe6565028070 in the linux-stable repo | |
1294 | (git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git) or | |
1295 | the corresponding changes on other branches. | |
1296 | ||
1297 | * Fixed a regression introduced in OpenAFS release 1.6.10 which could | |
1298 | make the spurious "getcwd: cannot access parent directories" problem | |
1299 | return (11558 11568) (RT #131780) | |
1300 | ||
1301 | * Avoid leaking memory when scanning a corrupt directory (11707) | |
1302 | ||
1303 | OS X clients | |
1304 | ||
1305 | * Support OS X 10.10 "Yosemite" (11571 11572 11611) (RT #131946) | |
1306 | ||
1307 | Solaris clients | |
1308 | ||
1309 | * Avoid reading random data rather than correct cache content when using | |
1310 | ZFS as the cache file system on Solaris >= 11, and fix potential similar | |
1311 | problems on other platforms (11713 11714) | |
1312 | ||
1313 | FreeBSD | |
1314 | ||
1315 | * Build fix for releases >= 11.0 (11610) | |
1316 | ||
1317 | OpenBSD | |
1318 | ||
1319 | * Support release 5.4 (11700) | |
1320 | ||
1321 | ||
1322 | OpenAFS 1.6.10 | |
1323 | ||
1324 | All platforms | |
1325 | ||
1326 | * Don't hide the "version" subcommand in help output (11214) | |
1327 | ||
1328 | * Documentation improvements (11126 11216 11222 11223 11225 11226) | |
1329 | ||
1330 | * Improved diagnostics and error messages (11154 11246 11247 11249 11181 | |
1331 | 11182 11183) | |
1332 | ||
1333 | * Build system improvements (11158 11221 11224 11225 11227..11241 11282 | |
1334 | 11342 11350 11353 11242 11367 11392) | |
1335 | ||
1336 | * Avoid potentially erratic behaviour under certain error conditions by | |
1337 | either avoiding or at least not ignoring them, in various places (11008 | |
1338 | 11010..11065 11112 11148 11196 11530) | |
1339 | ||
1340 | FreeBSD | |
1341 | ||
1342 | * Support releases 9.3 and 10.1 (11368 11369 11402 11403 11404) | |
1343 | ||
1344 | * Makes a disk cache more likely to work on FreeBSD, though such | |
1345 | configurations remain not very tested (11448) | |
1346 | ||
1347 | All server platforms | |
1348 | ||
1349 | * Added volscan(8) (11252..11280 11387 11388) | |
1350 | ||
1351 | * Fixed a bug causing subgroups not to function correctly if their | |
1352 | ptdb entry had more than one continuation entry (11352) | |
1353 | ||
1354 | * Logging improvements (10946 11153) | |
1355 | ||
1356 | * Allow log rotation via copy and truncate (11193) | |
1357 | ||
1358 | * Avoid a server crash during startup only observed on a single platform | |
1359 | and when using a 3rd party library under certain circumstances, which is | |
1360 | a collateral effect of the security improvements introduced in OpenAFS | |
1361 | release 1.6.5 (11075) (RT #131852) | |
1362 | ||
1363 | All client platforms | |
1364 | ||
1365 | * Raised the free space reported for /afs to the maximum possible value of | |
1366 | just under 2 TiB - the old value was 9 GiB on most platforms (10984) | |
1367 | ||
1368 | * Reduced the amount of stack space used (11162 11163 11203 11164..11167 | |
1369 | 11338 11339 11364..11366 11381) | |
1370 | ||
1371 | * Sped up a periodic client task which could be problematically slow | |
1372 | on systems with a large number of PAGs and files in use (11307) | |
1373 | ||
1374 | * Fixed failure of the up command with large ACLs (11111) | |
1375 | ||
1376 | * Avoid a potential crash of aklog (11218) | |
1377 | ||
1378 | * Avoid potential crashes of scout and xstat_fs_test (11155) | |
1379 | ||
1380 | Linux clients | |
1381 | ||
1382 | * Support kernels up to 3.16 (11308 11309) | |
1383 | ||
1384 | * Fixed a regression introduced in OpenAFS release 1.6.6 that made | |
1385 | checking for existing write locks incorrectly fail on readonly volumes | |
1386 | (11361) | |
1387 | ||
1388 | * Fixed a regression introduced in OpenAFS release 1.6.8 that could | |
1389 | cause VFS cache inconsistencies when a previously-accessed directory | |
1390 | entry was removed and recreated with the same name but pointing to a | |
1391 | different file on another client (11358) | |
1392 | ||
1393 | * Use the right path to depmod in Red Hat packaging to avoid dependency | |
1394 | calculation incorrectly failing unless a link /sbin -> /usr/sbin is | |
1395 | present on the system performing it (11171) (RT #131860) | |
1396 | ||
1397 | * Do not ignore kernel module build errors (11205) | |
1398 | ||
1399 | OpenAFS 1.6.9 | |
1400 | ||
1401 | All server platforms | |
1402 | ||
1403 | * Fix for OPENAFS-SA-2014-002 | |
1404 | ||
1405 | OpenAFS 1.6.8 | |
1406 | ||
1407 | All platforms | |
1408 | ||
1409 | * Documentation improvements (10751 10875 10931 10897 10883 10954 10955) | |
1410 | ||
1411 | * Improved diagnostics and error messages (10756 10814 10949) | |
1412 | ||
1413 | * Fixed a bug in RX that could make errors during packet reception go | |
1414 | unnoticed. (10733) | |
1415 | ||
1416 | * Fixed a bug that made "vos size -dump" display the wrong size for | |
1417 | large volumes. (10933) (RT #131819) | |
1418 | ||
1419 | All server platforms | |
1420 | ||
1421 | * Change the default fileserver sync behavior from "delayed" to "onclose". | |
1422 | This means that explicit syncing only happens when a volume is detached. | |
1423 | (10809) | |
1424 | ||
1425 | * Added the -offline-timeout and -offline-shutdown-timeout options to the | |
1426 | fileserver, to implement interrupting clients accessing volumes we are | |
1427 | trying to take offline. (6266 10799) | |
1428 | ||
1429 | All client platforms | |
1430 | ||
1431 | * When a client is shut down, it will give up its callbacks. The Windows | |
1432 | client has been doing this since 2007. Note that older fileservers | |
1433 | (1.3.50 to 1.4.5 and 1.5.0 to 1.5.27) had a bug in the implementation of | |
1434 | the relevant RPC that could cause crashes or other undefined behavior | |
1435 | when this happens. (6272 8840 10855) | |
1436 | ||
1437 | * Restored the pre-1.6 behavior of "vos e" being an alias for "vos examine". | |
1438 | (10886) | |
1439 | ||
1440 | * Avoid flooding logs with warnings about byte-range locks, by throttling | |
1441 | them per file. Also, make the messages more useful by including the | |
1442 | FID. (10836..10839) | |
1443 | ||
1444 | * Avoid a possible panic during shutdown while tracing. (10932) | |
1445 | ||
1446 | Linux clients | |
1447 | ||
1448 | * Fixed a bug that could cause the "getcwd: cannot access parent | |
1449 | directories" problem (10804 10984) | |
1450 | ||
1451 | * Avoid a delay when accessing uncached data in AFS in a confined | |
1452 | context under SELinux. (10598) | |
1453 | ||
1454 | * Red Hat packaging improvements (10600 10767 10807) | |
1455 | ||
1456 | OpenAFS 1.6.7 | |
1457 | ||
1458 | All server platforms | |
1459 | ||
1460 | * Fix for OPENAFS-SA-2014-001 | |
1461 | ||
1462 | * Fix for a potential DOS attack against RX servers | |
1463 | ||
1464 | OpenAFS 1.6.6 | |
1465 | ||
1466 | All platforms | |
1467 | ||
1468 | * As of this release, OpenAFS no longer ships uncompressed source tarballs. | |
1469 | Tarballs are still shipped with both compression formats, gzip and bzip2. | |
1470 | (10131) | |
1471 | ||
1472 | * Documentation improvements (10136 10314 10601) | |
1473 | ||
1474 | * Improved diagnostics and error messages (9412 10085 10274) | |
1475 | ||
1476 | * Avoid redefining "assert" in our public header files, which could | |
1477 | cause failures when building some applications using them. (10096) | |
1478 | ||
1479 | * Fixes for parallel builds (10005 10309 10337) | |
1480 | ||
1481 | * Added a -s switch to afscp (not installed by default) to help simulate | |
1482 | a slow client. (9416 9417) | |
1483 | ||
1484 | * Added a -probe switch to vlclient test program (not installed by default) | |
1485 | to ping all vlservers in a cell in parallel. (9570) | |
1486 | ||
1487 | All server platforms | |
1488 | * The fileserver now ignores any vice partitions with a NeverAttach flag | |
1489 | file present in the root directory. (RT #130561) (9470 9471) | |
1490 | ||
1491 | * Restrict forcing CPS ("Current Protection Subdomain") recalculation in | |
1492 | the fileserver to administrators. Also fixed a bug that could cause this | |
1493 | operation to be incomplete. (9485 9487) | |
1494 | ||
1495 | * Allow non-DAFS fileservers to attach unusable volumes, restoring pre-1.6 | |
1496 | behaviour. (RT #131505) (9499) | |
1497 | ||
1498 | * Restored the pre-1.6 behaviour when running vos examine for a volume | |
1499 | currently in a transaction, showing the volume as busy again rather than | |
1500 | offline. (9685 9915 9916) | |
1501 | ||
1502 | * Reduced the minimum time a bos salvage takes from 5 seconds to 1. (9476) | |
1503 | ||
1504 | * Fixed buserver to not segfault when started with the -servers option. | |
1505 | (RT #131706) (10166) | |
1506 | ||
1507 | * Salvager fixes, addressing a wide variety of possible problems from | |
1508 | unnecessary salvaging to aborts (9282 9283 9457 9458 9459 9461 9462 9480 | |
1509 | 9481 10165 10167) | |
1510 | ||
1511 | * Fixed a bug that could cause saved state information to be discarded | |
1512 | when restarting a large or busy fileserver, which negatively impacted | |
1513 | performance. (9683) | |
1514 | ||
1515 | * Fixed a bug that could have caused undefined behaviour in the vlserver | |
1516 | in rare cases when a fileserver registered its addresses in the VLDB. | |
1517 | (9429) | |
1518 | ||
1519 | * Added the -preserve-vol-stats switch to volserver, allowing it to keep | |
1520 | the access statistics across volume restore and reclone operations | |
1521 | instead of resetting them. (9477) | |
1522 | ||
1523 | * Inserted an exponential delay between retries when bosserver attempts to | |
1524 | restart a server process. (9571 10199) | |
1525 | ||
1526 | * Improved vldb_check (not installed by default) to cope with broken | |
1527 | vlentry names and volids, and provide more output to aid debugging. | |
1528 | (10268) | |
1529 | ||
1530 | * Releasing a volume after adding a new RO site no longer touches any of | |
1531 | the existing RO sites, if the RW data hasn't changed since the last | |
1532 | release. (10174) | |
1533 | ||
1534 | * Make the copyDate field for RO clones have the same meaning as for | |
1535 | remote RO volumes. Previously, the copyDate field for clones was updated | |
1536 | every time we released. (9451) | |
1537 | ||
1538 | * Fixed potentially undefined behaviour in ptserver when too many pts | |
1539 | ids are allocated. (10124) | |
1540 | ||
1541 | * Note that the server side NAT pings feature present in the prereleases | |
1542 | was removed before the final release, since no positive feedback | |
1543 | was provided during prerelease testing. (9420 10135) | |
1544 | ||
1545 | Linux servers | |
1546 | ||
1547 | * Start bosserver with -nofork in the systemd unit file, to allow systemd | |
1548 | to track its state (10093) | |
1549 | ||
1550 | All client platforms | |
1551 | ||
1552 | * No longer track file locks on read-only volumes. Write locks can't | |
1553 | succeed, read locks always will. Avoids log messages about this kind | |
1554 | of lock. (8910) | |
1555 | ||
1556 | * Added the "fs flushall" subcommand, which makes the client discard all | |
1557 | cached data. This was previously available on Windows only. (9065 9388 | |
1558 | 9389 9390) | |
1559 | ||
1560 | * Fixed a bug that could make the client incorrectly believe its cache | |
1561 | is up to date. This change could negatively impact AFS <-> DFS | |
1562 | translators, should those still be running anywhere. (8898) | |
1563 | ||
1564 | * Several changes to avoid panicing in certain error conditions. | |
1565 | (9131 9287 10354 10355 10356 10357) (partially addressing RT #131747) | |
1566 | ||
1567 | * Added the -rxmaxfrags switch to afsd, allowing to limit the number | |
1568 | of UDP fragments sent or received per RX packet. (9430) | |
1569 | ||
1570 | * Build fixes for aklog on several platforms (RT #131716) (9917 10107 10275) | |
1571 | ||
1572 | * Require that the AFS mountpoint specified in the cacheinfo file is | |
1573 | an absolute path. Relative paths result in a client that basically | |
1574 | works but is not fully functional. (10253) | |
1575 | ||
1576 | * Fixed a bug that could cause one of the afsd threads to enter an infinite | |
1577 | loop (10431 .. 10436) | |
1578 | ||
1579 | Linux clients | |
1580 | ||
1581 | * Support Linux kernels up to 3.13 (10241) | |
1582 | ||
1583 | * Fixed a bug that made readv/writev calls in AFS space fail with Linux | |
1584 | kernels where generic_file_aio_read exists but those operations have | |
1585 | not been switched to using aio_read/aio_write. This was a regression | |
1586 | introduced with release 1.6.3 and affected at least RHEL 5.9 kernels. | |
1587 | (10248) | |
1588 | ||
1589 | * Fixed a similar bug making core dumps fail in AFS space, affecting | |
1590 | a much wider range of kernels including the most recent ones. | |
1591 | (RT #131729) (10254) | |
1592 | ||
1593 | * Enhanced the keyring code to make PAGs work correctly on kernels with a | |
1594 | distribution specific change to the Linux keyring code. This affected at | |
1595 | least SLES 11 SP3 kernels. (10252) | |
1596 | ||
1597 | * Fixed a bug that could make failures during PAG instantiation go | |
1598 | unnoticed. (10255) | |
1599 | ||
1600 | * Fixed a bug that made compilation fail for Linux kernels without | |
1601 | keyring support. This affected at least the SLE 10 SDK and an | |
1602 | OEM version of SLES 11 SP1. (10325) | |
1603 | ||
1604 | * Fixed build for kernels with user namespace support enabled. Likely | |
1605 | to be required for Ubuntu 14.04 and eventually other distributions. | |
1606 | (10456 10457 10458 10518 10472) | |
1607 | ||
1608 | * Support RHEL 6.5 kernels, and possibly others with changes backported | |
1609 | from recent mainline kernels that touch getname/putname, by no longer | |
1610 | using those functions. Previously, the client could cause a kernel | |
1611 | panic when syscall auditing was enabled. (10578) | |
1612 | ||
1613 | * Make tmpfs usable as the cache filesystem again. This had been broken | |
1614 | since kernel 3.1 (9950 10193) | |
1615 | ||
1616 | * When starting the client fails, clean up the backing device information | |
1617 | created in sysfs, to avoid error messages during a subsequent start | |
1618 | and possible system instability later on (10454) | |
1619 | ||
1620 | * Update Red Hat packaging to support Fedora >= 20, RHEL >= 7 and | |
1621 | ELrepo kernels (10597 10619 10622 10703 10704) | |
1622 | ||
1623 | OS X Clients | |
1624 | ||
1625 | * Support OS X 10.9 "Mavericks" (10519 10541 10542 10543 10548 10549) | |
1626 | ||
1627 | AIX clients | |
1628 | ||
1629 | * Fixed a bug that caused the 1.6 AIX client to never receive any RX | |
1630 | packets in the kernel. (RT #131725) | |
1631 | ||
1632 | FUSE client | |
1633 | ||
1634 | * Support Solaris 11 (9454 9455) | |
1635 | ||
1636 | * Allow other users to access filesystems mounted by root. (9452) | |
1637 | ||
1638 | FreeBSD | |
1639 | ||
1640 | * Build tvolser and dvolser on this platform (10122) | |
1641 | * Several fixes to catch up with newer releases (10374 .. 10381) | |
1642 | ||
1643 | NetBSD | |
1644 | ||
1645 | * Build tsalvaged, tvolser and dvolser on this platform (10121) | |
1646 | * Fixed build on NetBSD 5 and newer. (10138) | |
1647 | ||
1648 | OpenAFS 1.6.5 | |
1649 | ||
1650 | All platforms | |
1651 | ||
1652 | * Fixes for OpenAFS-SA-2013-0003 and OpenAFS-SA-2013-0004 | |
1653 | ||
1654 | OpenAFS 1.6.4 | |
1655 | ||
1656 | All platforms | |
1657 | ||
1658 | * Obey the jumbo/nojumbo settings for ubik servers (the DB servers) | |
1659 | too. In previous releases, those servers may have used jumbograms | |
1660 | even if they were not configured to do so. This change corrects | |
1661 | the actual behaviour, and will improve performance and reliability | |
1662 | for sites where jumbograms are problematic. It could cause a decrease | |
1663 | in performance for sites where jumbograms work, but those can turn | |
1664 | them back on manually. | |
1665 | ||
1666 | * Dozens of fixes for common coding problems like use after free, | |
1667 | use of possibly uninitialised memory, reading or writing past the | |
1668 | end of arrays and potential NULL pointer derefences. Spotted by | |
1669 | code analysis tools or human inspection. | |
1670 | ||
1671 | * Documentation improvements. | |
1672 | ||
1673 | * Fixes and improvements to the diagnostic or log messages printed by | |
1674 | vos, the fileserver and others. | |
1675 | ||
1676 | * Build fixes, making parallel builds more reliable with certain | |
1677 | configuration options and helping various platforms including | |
1678 | recent releases of IRIX, Solaris and several flavours of Linux. | |
1679 | ||
1680 | * Avoid sending a small amount of data over the wire unencrypted | |
1681 | under certain conditions, and emit the correct error message in | |
1682 | this case. | |
1683 | ||
1684 | All server platforms | |
1685 | ||
1686 | * Avoid generating duplicate IDs for readonly and backup volumes, | |
1687 | which could happen under certain conditions. | |
1688 | ||
1689 | * Allow the fileserver to return volume data like quota or free space, | |
1690 | which is available publicly elsewhere, without the additional access | |
1691 | check for read permissions on a volume's root directory the fileserver | |
1692 | performed before. | |
1693 | ||
1694 | * The fileserver now emits a log message when it ran out of memory for | |
1695 | callbacks. | |
1696 | ||
1697 | * Avoid several potential fileserver problems, including memory | |
1698 | corruption and segmentation faults, due to client bookkeeping. | |
1699 | ||
1700 | * Avoid known cases of silent data corruption due to background syncs | |
1701 | on the fileserver, especially during Copy on Write. | |
1702 | ||
1703 | * Make the fileserver sync behaviour runtime configurable. Up to 1.4.5, | |
1704 | we had synchronous syncs which were safe but really slow. Since 1.4.5, | |
1705 | we've had asynchronous syncs which are much faster but believed to | |
1706 | be the cause of rare data corruption issues, and while all known cases | |
1707 | of these happening are believed to be fixed in the 1.6.3 release, doubts | |
1708 | remain. This change allows choosing between those, and in addition allows | |
1709 | to turn syncs by the fileserver off altogether, thus relying on the vice | |
1710 | partition's backend filesystem and the operating system, or to just | |
1711 | execute them when a volume is detached. The default behaviour is | |
1712 | unchanged from releases since 1.4.5, but it's highly recommended to | |
1713 | consider the additional options this change provides. Future OpenAFS | |
1714 | releases will default to "-sync=none". | |
1715 | ||
1716 | * For dbservers, avoid a situation where misinterpreting transient | |
1717 | network errors causes long-term issues with achieving ubik quorum. | |
1718 | ||
1719 | All UNIX client platforms | |
1720 | ||
1721 | * Improvements to the detection of an aklog-specific krb5 configuration | |
1722 | file, for the purposes of turning on "weak crypto" for aklog. | |
1723 | ||
1724 | * Fixed a regression introduced in release 1.6.2 which caused the | |
1725 | supposedly persistent disk cache to be discarded upon client start. | |
1726 | (RT #131655) | |
1727 | ||
1728 | Linux clients | |
1729 | ||
1730 | * Support Linux kernels up to 3.10 | |
1731 | ||
1732 | * Fixed two bugs making it impossible to unmount a disk cache filesystem | |
1733 | after it has been used by the client. (RT #131613) | |
1734 | ||
1735 | * Fixed a bug that could cause an oops with kernels 3.6 and later | |
1736 | ||
1737 | OpenBSD | |
1738 | ||
1739 | * Improved support for OpenBSD 4.9 to 5.3 | |
1740 | ||
1741 | OpenAFS 1.6.3 | |
1742 | ||
1743 | This release number had to be skipped for technical reasons. | |
1744 | ||
1745 | OpenAFS 1.6.2.1 | |
1746 | ||
1747 | Linux clients | |
1748 | ||
1749 | * Support Linux kernels up to 3.8. | |
1750 | ||
1751 | * Make the init script cope with the output of ifconfig on recent Fedora. | |
1752 | ||
1753 | OpenAFS 1.6.2 | |
1754 | ||
1755 | All platforms | |
1756 | ||
1757 | * Fix buffer overflows in fileserver and ptserver. | |
1758 | ||
1759 | * Abort an rx connection when given an unknown service (Gerrit 7593). | |
1760 | ||
1761 | * "idle dead" behavior improvements. | |
1762 | ||
1763 | * Documentation updates. | |
1764 | ||
1765 | All server platforms | |
1766 | ||
1767 | * Fix rare file corruption during background sync (Gerrit 8796). | |
1768 | ||
1769 | * Fix corrupting clients' metadata cache during certain errors (Gerrit | |
1770 | 6957). | |
1771 | ||
1772 | * Avoid saying a volume doesn't exist when accessed as the volume is | |
1773 | going offline (Gerrit 7488). | |
1774 | ||
1775 | * Fix fileservers to properly report >2 TiB partitions. | |
1776 | ||
1777 | * Fix stale volume info from vos examine on non-DAFS filservers. | |
1778 | ||
1779 | * Fix possible volume corruption with vos convertROtoRW. | |
1780 | ||
1781 | * Fix bosserver to preserve all command-line options over restart. | |
1782 | ||
1783 | * Fix bosserver to properly kill hung processes during shutdown. | |
1784 | ||
1785 | All UNIX client platforms | |
1786 | ||
1787 | * Fixes for memcache, especially on Solaris. | |
1788 | ||
1789 | * Increase the size of the DNS resolver answer buffer to allow sites | |
1790 | with a long response list to use SRV and AFSDB records. | |
1791 | ||
1792 | * Fix a crash when a server appears to run out of addresses (Gerrit | |
1793 | 7487). | |
1794 | ||
1795 | * Fix cache corruption when reading from a file another client is | |
1796 | simultaneously writing to (Gerrit 7994). | |
1797 | ||
1798 | * Improve handling of disk cache disk errors. | |
1799 | ||
1800 | Linux | |
1801 | ||
1802 | * fix DKMS configuration for DKMS 2.2. | |
1803 | ||
1804 | * Avoid generating inode number 0 with md5 inodes (Gerrit 7276). | |
1805 | ||
1806 | * Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914). | |
1807 | ||
1808 | * Make PAG-less access use the real UID of the calling process | |
1809 | instead of the effective UID, when determining what credentials to | |
1810 | use (Gerrit 7931). | |
1811 | ||
1812 | * Fix possible abuse of fs mkmount. | |
1813 | Prior to 1.6.2, users could crash a client by nesting volume mounts. | |
1814 | ||
1815 | * Fix fileserver memory corruption on RHEL 6 | |
1816 | Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load. | |
1817 | ||
1818 | * Fix client page cache corruption on Linux | |
1819 | When multiple clients read and write to a file, the reading client | |
1820 | may see first page (4096 bytes) of a file as nulls. | |
1821 | ||
1822 | * Support Linux kernels up to 3.7. | |
1823 | ||
1824 | * Support newer glibc versions. | |
1825 | ||
1826 | * Improve client systemd unit file. | |
1827 | ||
1828 | * Update Red Hat packaging. | |
1829 | ||
1830 | OS X | |
1831 | ||
1832 | * Fix crashes on shutdown. | |
1833 | ||
1834 | * Prevent unloading the module before shutdown completes. | |
1835 | ||
1836 | * Security improvement for the OpenAFS preference pane. | |
1837 | ||
1838 | Solaris | |
1839 | ||
1840 | * Support newer versions of the Sun Studio compiler software. | |
1841 | ||
1842 | * Support compiling on newer versions of Solaris 11 and Solaris 10. | |
1843 | ||
1844 | ||
1845 | OpenAFS 1.6.0 (2011-08-15) | |
1846 | ||
1847 | All platforms | |
1848 | ||
1849 | * Substantial Rx updates to correct erroneous behavior. | |
1850 | ||
1851 | * vos now properly deals with matching sites when servers are | |
1852 | multihomed. | |
1853 | ||
1854 | * Don't stop Rx keepalives after an ackall is received, avoiding | |
1855 | spurious connection timeouts. (128848) | |
1856 | ||
1857 | * Don't retry Rx calls on channels returning busy errors and improve | |
1858 | Rx busy call channel error handling. (128671) | |
1859 | ||
1860 | * Properly enable Rx connection hard timeouts. | |
1861 | ||
1862 | * Rx NAT pings are not enabled until peer has answered. | |
1863 | ||
1864 | * Initialize rx_multi lock before use. | |
1865 | ||
1866 | * Avoid spurious crashes when initializing in "backup" client. | |
1867 | ||
1868 | * Revert UUID support in vos. | |
1869 | ||
1870 | * pt_util fixed to properly create new databases. | |
1871 | ||
1872 | * MTU discovery now properly shut down on call reset. | |
1873 | ||
1874 | * Avoid leaking references to hosts during callback break multi-Rx | |
1875 | operations. (129376) | |
1876 | ||
1877 | * xstat tools now cope with differing timeval structures between | |
1878 | endpoints. | |
1879 | ||
1880 | * Numerous fixes to command argument parsing. | |
1881 | ||
1882 | * Documentation updates. | |
1883 | ||
1884 | All server platforms | |
1885 | ||
1886 | * A file descriptor leak which could result in corrupted files in the | |
1887 | fileserver was fixed. An IMMEDIATE upgrade from previous 1.5 release | |
1888 | fileservers is recommended. | |
1889 | ||
1890 | * Fix ptserver supergroups support on 64 bit platforms. | |
1891 | ||
1892 | * Demand attach salvaging doesn't use freed volume pointers. | |
1893 | ||
1894 | * Properly hold host lock during host enumeration in fileserver. | |
1895 | ||
1896 | * Attempt to recovery more quickly from timed out volume release | |
1897 | transactions. | |
1898 | ||
1899 | * Auditing now properly byte order swaps IP addresses when printing. | |
1900 | ||
1901 | * vos split now has improved error handling. | |
1902 | ||
1903 | * Many changes to again support Windows fileservers. | |
1904 | ||
1905 | * During volume removal, data removal speed improved. | |
1906 | ||
1907 | * Improve CPU utilization during volume attaching by DAFS. | |
1908 | ||
1909 | * In salvager check-only mode, avoid potentially fixing a vnode. | |
1910 | ||
1911 | * Fix support for large (greater than 2gb) volume special files. | |
1912 | ||
1913 | * Salvager will not crash if multiple or bad volume link tables are | |
1914 | encountered. | |
1915 | ||
1916 | * Avoid erroneous full dump by remembering which sites were out of | |
1917 | date at the start of the release. | |
1918 | ||
1919 | * A deleted volume can now be recreated properly. | |
1920 | ||
1921 | * Callbacks are again not broken during whole partition salvages. | |
1922 | ||
1923 | * Positional vectored IO fixed for largefile (>2GB) capable systems. | |
1924 | ||
1925 | * Fileserver per-client thread usage again properly enforced. | |
1926 | ||
1927 | * Anonymous dropbox support improved and drawbacks documented. | |
1928 | ||
1929 | * Demand attach: ensure vnodes are not reallocated while in use due to | |
1930 | volume bitmap errors. | |
1931 | ||
1932 | * Properly support large volume numbers (larger than 2147483647). | |
1933 | ||
1934 | * Allow salvager to be run manually again when DAFS is being | |
1935 | used. (129458) | |
1936 | ||
1937 | * Avoid leaking references to hosts during callback break multi-Rx | |
1938 | operations. (129376) | |
1939 | ||
1940 | * Demand attach: unlink fileserver state file on standalone salvage. | |
1941 | ||
1942 | * Salvager tries harder to detect linktable issues. | |
1943 | ||
1944 | * Demand attach: don't attach volumes with special status set. | |
1945 | ||
1946 | * Avoid crashing on host table exhaustion. Instead, defer clients. | |
1947 | ||
1948 | Microsoft Windows | |
1949 | ||
1950 | * afs_config will not longer set the Tray Icon State in the registry | |
1951 | if the checkbox is not present in the dialog. (128591) | |
1952 | ||
1953 | * AFS Explorer Shell Extension now works from folder backgrounds. | |
1954 | Overlays for mount points and symlinks are present in the dll, but | |
1955 | are not registered at present by the installers. | |
1956 | ||
1957 | * Do not use RankServerInterval registry value as the value for | |
1958 | PerformanceTuningInterval. | |
1959 | ||
1960 | * When the data version of a mountpoint or symlink changes, the target | |
1961 | string in the cm_scache_t object must be cleared. | |
1962 | ||
1963 | * "fs checkservers" now includes vldb servers in the output and only | |
1964 | lists multi-homed servers once. A multi-homed server that has at | |
1965 | least one up interface is no longer considered to be down. | |
1966 | ||
1967 | * When asynchronously storing dirty data buffers to the file server | |
1968 | ensure that (a) the cm_scache_t object and the cm_buf_t object are | |
1969 | for the same File ID so that locking and signalling work properly; | |
1970 | and (b) if the FID no longer exists on the file server, do not | |
1971 | panic, just discard the buffer. | |
1972 | ||
1973 | * When processing VNOVOL, VMOVED and VOFFLINE errors perform server | |
1974 | comparisons by UUID or address and not simply by cm_server_t | |
1975 | pointer. Otherwise, server failover may not succeed. | |
1976 | ||
1977 | * Do not preserve status information for cm_scache_t objects when the | |
1978 | issuing server is multi-homed. | |
1979 | ||
1980 | * Giving up all callbacks when shutting down or suspending the machine | |
1981 | is now significantly faster due to the use of an rx_multi | |
1982 | implementation. (This functionality is still off by default and | |
1983 | must be activated by a registry value.) | |
1984 | ||
1985 | * Race conditions were possible when updating the state of the | |
1986 | cm_volume_t flags and when moving the volumes within the least | |
1987 | recently used list. | |
1988 | ||
1989 | * Ensure that the lanahelper library does not perform a NCBRESET of | |
1990 | each lan adapter when enumerating the current network bindings. | |
1991 | Correcting this permits OpenAFS to work on Windows 7 when the | |
1992 | network adapter settings change. | |
1993 | ||
1994 | * Fix creation of mount points and symlinks as \\AFS\xxxx | |
1995 | ||
1996 | * Icon tray state now conditionally set. (128591) | |
1997 | ||
1998 | * Properly create new cell mount points in freelance mode. | |
1999 | ||
2000 | * Avoid recursive offline volume checks. | |
2001 | ||
2002 | * Fix caching of non-existent volumes. The test to trigger an | |
2003 | immediate CM_ERROR_NOSUCHVOLUME in cm_UpdateVolumeLocation() was | |
2004 | backwards. | |
2005 | ||
2006 | * Prevent the background daemon from checking the status of | |
2007 | non-existent volumes. cm_CheckOfflineVolumes() should skip volume | |
2008 | groups with the CM_VOLUMEFLAG_NOEXIST flag set. | |
2009 | ||
2010 | * The afskfw library should return an error immediately if the | |
2011 | krb5_32.dll library cannot be loaded. Affects afslogon.dll and | |
2012 | afscreds.exe. | |
2013 | ||
2014 | * No longer depend on leashw32.dll in afskfw library. | |
2015 | ||
2016 | * NPLogonNotify must provide the user password in all calls to | |
2017 | KFW_AFS_get_cred(). It cannot count on a credential cache being | |
2018 | preserved between calls. Permits tokens to be acquired for all | |
2019 | cells listed in the TheseCells registry value for a domain. | |
2020 | ||
2021 | * Improve the trace logging from NPLogonNotify(). | |
2022 | ||
2023 | * Avoid a race when writing the cm_scache_t mountPointString | |
2024 | when acquiring mount point or symlink target data via | |
2025 | cm_GetData(). The race could result in bogus target | |
2026 | data being cached. | |
2027 | ||
2028 | * Permit the use of des-cbc-md5 and des-cbc-md4 enctypes | |
2029 | as DES keys in asetkey.exe. | |
2030 | ||
2031 | * aklog supports dotted Kerberos v5 principal names. | |
2032 | ||
2033 | * afskfw library always attempts afs/cell@USER-REALM | |
2034 | ||
2035 | * afskfw library must test return code from krb5_cc_start_seq_get() or | |
2036 | will trigger a null pointer exception when using Heimdal. | |
2037 | ||
2038 | * Lock protected fields must be 32-bit in order to avoid memory | |
2039 | overwrite races. | |
2040 | ||
2041 | * Add support for NTFS symlinks. | |
2042 | ||
2043 | * Handle file search requests for virtual syscall ioctl file. | |
2044 | ||
2045 | * Process SyncOps properly to enforce ordered operations. | |
2046 | ||
2047 | * Avoid recursing during NewServer operations. | |
2048 | ||
2049 | * Correct lock acquisition order during SMB locking. | |
2050 | ||
2051 | * Add shutdown message to event log. | |
2052 | ||
2053 | * Check offline volume status by policy rather than on each daemon | |
2054 | thread run. | |
2055 | ||
2056 | * Return error on directory object not found instead of crashing. | |
2057 | ||
2058 | * Improve error message output. | |
2059 | ||
2060 | * afslogin.dll can start afsd_service if it's not starting or started. | |
2061 | ||
2062 | * Optimize away release lock RPCs for deleted files. | |
2063 | ||
2064 | * Background Daemon will not perform operations on deleted files. | |
2065 | ||
2066 | * Resort recently used directories to the top of the LRU if the | |
2067 | directory is larger than the stat cache. | |
2068 | ||
2069 | * Resort deleted objects to the bottom of the LRU. | |
2070 | ||
2071 | * Use interlocked operations for state and queue fields to allow safe | |
2072 | bit set and clear on multiprocessor systems. | |
2073 | ||
2074 | All UNIX client platforms | |
2075 | ||
2076 | * Servers now marked down when GetCapabilities returns error. | |
2077 | ||
2078 | * In-use vcache count is now properly tracked. | |
2079 | ||
2080 | * Check for /afs existance before starting, unless -nomount is | |
2081 | specified. | |
2082 | ||
2083 | * Avoid a potential panic when using /afs/.:mount syntax. | |
2084 | ||
2085 | * Avoid a panic in memcache mode due to missing CellItems file. | |
2086 | ||
2087 | * FUSE client support fixed for non-/afs mounts. | |
2088 | ||
2089 | * Avoid a potential deadlock (which times out) when we need to | |
2090 | allocate more callback returns and must flush some already in use. | |
2091 | ||
2092 | * Deal with libcom_err conflicts with other packages using it | |
2093 | (e.g. krb5) (128640) | |
2094 | ||
2095 | * Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV | |
2096 | record is not available. | |
2097 | ||
2098 | * Avoid holding unneeded locks when probing server capabilties. | |
2099 | ||
2100 | * Do not attempt page flushes for directories. | |
2101 | ||
2102 | * Rx connection reference counting is enabled. | |
2103 | ||
2104 | * An Rx connection reference count leak is fixed in bulkstat. | |
2105 | ||
2106 | * Handle unparsable directory objects. | |
2107 | ||
2108 | * Handle Kerberos cred cache errors in aklog. | |
2109 | ||
2110 | AIX | |
2111 | ||
2112 | * Fix PAG usage to track by PAG identifier, not group list. | |
2113 | ||
2114 | FreeBSD | |
2115 | ||
2116 | * Fix socket termination on shutdown. | |
2117 | ||
2118 | * Support for 7.2, 7.3, 7.4 and 8.2 included. | |
2119 | ||
2120 | * References to vcaches are no longer leaked during root or reclaim. | |
2121 | ||
2122 | * Remove support for "Giant" lock as we no longer need to use it. | |
2123 | ||
2124 | * Don't sleep with AFS GLOCK. | |
2125 | ||
2126 | * Properly enable 64 bit long long support. | |
2127 | ||
2128 | * Restore support for FreeBSD 7 (128612) | |
2129 | ||
2130 | * Fix locking issues at shutdown and avoid panic at shutdown due to | |
2131 | vcache flushing. | |
2132 | ||
2133 | * Support for virtual network stacks. | |
2134 | ||
2135 | * New RC script, updated packaging. | |
2136 | ||
2137 | IRIX | |
2138 | ||
2139 | * Properly create new vnodes to avoid crashing in the client. | |
2140 | ||
2141 | Linux | |
2142 | ||
2143 | * Support through kernel 2.6.39. Treat Linux 3.0 as Linux 2.6 for | |
2144 | sysname purposes. | |
2145 | ||
2146 | * Use rx_Readv in cache bypass to improve performance. | |
2147 | ||
2148 | * Properly handle 0-length replies during cache bypass operations. | |
2149 | ||
2150 | * Properly handle non-contiguous readpage cache bypass operations. | |
2151 | ||
2152 | * Do proper locking when transitioning to or from cache bypass. | |
2153 | ||
2154 | * Avoid extra runs of vcache freeing routine. (128756) | |
2155 | ||
2156 | * Perform vcache eviction via a fast path before visiting vcaches | |
2157 | where sleep is needed. | |
2158 | ||
2159 | * setpag() errors are now properly reported. | |
2160 | ||
2161 | * Avoid attempting to free stat cache entries when we are below | |
2162 | user-specified number of entries in use. | |
2163 | ||
2164 | * Properly track user-specified number of stat cache entries to use as | |
2165 | a desired usage target. | |
2166 | ||
2167 | * Don't read pages beyond EOF in the cache. (128452) | |
2168 | ||
2169 | * Various corrections and improvements to Red Hat packaging, including | |
2170 | modifying the init script to allow deferring for a new binary | |
2171 | restart and properly supporting RHEL6. | |
2172 | ||
2173 | * Fix lockup in 2.6.38 due to erroneous kernel feature configure test. | |
2174 | ||
2175 | * Improve RPM building tools. | |
2176 | ||
2177 | * Attempt to properly handle SELinux in packaging. | |
2178 | ||
2179 | * Init script properly returns status as exit code. | |
2180 | ||
2181 | * RPM packaging fixes (executable libraries, no postinstall message) | |
2182 | ||
2183 | * Kill i386 from RPM packaging. | |
2184 | ||
2185 | MacOS | |
2186 | ||
2187 | * MacOS 10.7 support. | |
2188 | ||
2189 | * Properly handle setpag errors. PAGs are not supported. | |
2190 | ||
2191 | * Check for unloaded kernel extensions when decoding AFS panics. | |
2192 | ||
2193 | * Disable "get tokens at login" in prefs pane if AD authentication | |
2194 | plugin is configured. | |
2195 | ||
2196 | * aklog AuthorizationPlugin now provided. | |
2197 | ||
2198 | * Preferences Pane behavior fixed for 1.6 series (version detection is | |
2199 | used to select default behavior). | |
2200 | ||
2201 | * A potential kernel panic during bulkstat operations is | |
2202 | fixed. (128511) | |
2203 | ||
2204 | * 64-bit MacOS kernel performance is greatly improved. (128934) | |
2205 | ||
2206 | * Properly shut down AFS, closing the Rx socket in the upcall handler | |
2207 | to avoid attempting to process data after we can no longer do so. | |
2208 | ||
2209 | * Rework logic for bulk status operations to avoid a potential hang. | |
2210 | ||
2211 | * Avoid panic when doing FSEvent synthesis. | |
2212 | ||
2213 | * Fix bug when using non-dynroot. | |
2214 | ||
2215 | * Update Kerberos support in PreferencesPane. | |
2216 | ||
2217 | NetBSD | |
2218 | ||
2219 | * Updates for platform support. | |
2220 | ||
2221 | OpenBSD | |
2222 | ||
2223 | * Bug fixes for issues introduced previously in 1.5 series. | |
2224 | ||
2225 | * Support through OpenBSD 4.8. | |
2226 | ||
2227 | Solaris | |
2228 | ||
2229 | * Switch to ioctl() syscall replacement for Solaris 11 since syscall | |
2230 | 65 is not safe. | |
2231 | ||
2232 | * Fix support for Solaris pre-10. | |
2233 | ||
2234 | * Corrected Solaris 11 startup script. | |
2235 | ||
2236 | * vcache mappings freed on shutdown to avoid panic. | |
2237 | ||
2238 | * Properly report errors for AFS system call callers. | |
2239 | ||
2240 | * Don't leave dangling function references if kernel extension fails | |
2241 | to load. | |
2242 | ||
2243 | * Try harder to avoid deadlocks on file-larger-than-cache operations. | |
2244 | ||
2245 | * Avoid panic on shutdown when mount failed. | |
2246 | ||
2247 | ||
2248 | OpenAFS 1.6.0pre2 | |
2249 | ||
2250 | All systems: Minor bugfixes. | |
2251 | ||
2252 | ADDITIONAL CHANGES IN 1.6.0PRE2 | |
2253 | ||
2254 | All platforms: | |
2255 | ||
2256 | - Documentation updates. | |
2257 | ||
2258 | - Don't stop Rx keepalives after an ackall is received, avoiding | |
2259 | spurious connection timeouts. (128848) | |
2260 | ||
2261 | - Don't retry Rx calls on channels returning busy errors. (128671) | |
2262 | ||
2263 | - vos will not die with a double free error at command completion. | |
2264 | ||
2265 | - Properly enable Rx connection hard timeouts. | |
2266 | ||
2267 | - Initialize rx_multi lock before use. | |
2268 | ||
2269 | - Avoid spurious crashes when initializing in "backup" client. | |
2270 | ||
2271 | All unix platforms: | |
2272 | ||
2273 | - Check for /afs existance before starting, unless -nomount is specified. | |
2274 | ||
2275 | - Avoid a potential panic when using /afs/.:mount syntax. | |
2276 | ||
2277 | - Avoid a panic in memcache mode due to missing CellItems file. | |
2278 | ||
2279 | All server platforms: | |
2280 | ||
2281 | - Attempt to recovery more quickly from timed out volume release | |
2282 | transactions. | |
2283 | ||
2284 | - Auditing now properly byte order swaps IP addresses when printing. | |
2285 | ||
2286 | - vos split now has improved error handling. | |
2287 | ||
2288 | - Many changes to again support Windows fileservers. | |
2289 | ||
2290 | - During volume removal, data removal speed improved. | |
2291 | ||
2292 | - Improve CPU utilization during volume attaching by DAFS. | |
2293 | ||
2294 | - In salvager check-only mode, avoid potentially fixing a vnode. | |
2295 | ||
2296 | - Fix support for large (greater than 2gb) volume special files. | |
2297 | ||
2298 | - Salvager will not crash if multiple or bad volume link tables | |
2299 | are encountered. | |
2300 | ||
2301 | - Avoid erroneous full dump by remembering which sites were out of date | |
2302 | at the start of the release. | |
2303 | ||
2304 | FreeBSD: | |
2305 | ||
2306 | - Remove support for "Giant" lock as we no longer need to use it. | |
2307 | ||
2308 | - Don't sleep with AFS GLOCK. | |
2309 | ||
2310 | - Properly enable 64 bit long long support. | |
2311 | ||
2312 | - Restore support for FreeBSD 7 (128612) | |
2313 | ||
2314 | - Fix locking issues at shutdown. | |
2315 | ||
2316 | Linux: | |
2317 | ||
2318 | - support through kernel 2.6.38. | |
2319 | ||
2320 | - RedHat packaging now properly supports RHEL6. | |
2321 | ||
2322 | - Use rx_Readv in cache bypass to improve performance. | |
2323 | ||
2324 | - Properly handle 0-length replies during cache bypass operations. | |
2325 | ||
2326 | - Properly handle non-contiguous readpage cache bypass operations. | |
2327 | ||
2328 | - Do proper locking when transitioning to or from cache bypass. | |
2329 | ||
2330 | - Avoid extra runs of vcache freeing routine. (128756) | |
2331 | ||
2332 | MacOS: | |
2333 | ||
2334 | - Check for unloaded kernel extensions when decoding AFS panics. | |
2335 | ||
2336 | - Properly handle setpag errors. PAGs are not supported. | |
2337 | ||
2338 | - Disable "get tokens at login" in prefs pane if AD authentication | |
2339 | plugin is configured. | |
2340 | ||
2341 | OpenBSD: | |
2342 | ||
2343 | - support through OpenBSD 4.8. | |
2344 | ||
2345 | Solaris: | |
2346 | ||
2347 | - Fix support for Solaris pre-10. | |
2348 | ||
2349 | Windows: | |
2350 | ||
2351 | - afs_config will not longer set the Tray Icon State | |
2352 | in the registry if the checkbox is not present in | |
2353 | the dialog. (128591) | |
2354 | ||
2355 | - AFS Explorer Shell Extension now works from folder | |
2356 | backgrounds. Overlays for mount points and symlinks | |
2357 | are present in the dll, but are not registered at present | |
2358 | by the installers. | |
2359 | ||
2360 | - Do not use RankServerInterval registry value as the value for | |
2361 | PerformanceTuningInterval. | |
2362 | ||
2363 | - When the data version of a mountpoint or symlink changes, | |
2364 | the target string in the cm_scache_t object must be cleared. | |
2365 | ||
2366 | - "fs checkservers" now includes vldb servers in the output | |
2367 | and only lists multi-homed servers once. A multi-homed | |
2368 | server that has at least one up interface is no longer | |
2369 | considered to be down. | |
2370 | ||
2371 | - When asynchronously storing dirty data buffers to the | |
2372 | file server ensure that (a) the cm_scache_t object and | |
2373 | the cm_buf_t object are for the same File ID so that | |
2374 | locking and signalling work properly; and (b) if the | |
2375 | FID no longer exists on the file server, do not panic, | |
2376 | just discard the buffer. | |
2377 | ||
2378 | - When processing VNOVOL, VMOVED and VOFFLINE errors perform | |
2379 | server comparisons by UUID or address and not simply by | |
2380 | cm_server_t pointer. Otherwise, server failover may not | |
2381 | succeed. | |
2382 | ||
2383 | - Do not preserve status information for cm_scache_t objects | |
2384 | when the issuing server is multi-homed. | |
2385 | ||
2386 | - Giving up all callbacks when shutting down or suspending | |
2387 | the machine is now significantly faster due to the use | |
2388 | of an rx_multi implementation. (This functionality is | |
2389 | still off by default and must be activated by a registry | |
2390 | value.) | |
2391 | ||
2392 | - Race conditions were possible when updating the state | |
2393 | of the cm_volume_t flags and when moving the volumes | |
2394 | within the least recently used list. | |
2395 | ||
2396 | - Ensure that the lanahelper library does not perform a | |
2397 | NCBRESET of each lan adapter when enumerating the | |
2398 | current network bindings. Correcting this permits OpenAFS | |
2399 | to work on Windows 7 when the network adapter settings | |
2400 | change. | |
2401 | ||
2402 | - Fix creation of mount points and symlinks as \\AFS\xxxx | |
2403 | ||
2404 | PREVIOUS CHANGES: | |
2405 | ||
2406 | All platforms: | |
2407 | ||
2408 | - vos now properly deals with matching sites when servers are multihomed. | |
2409 | ||
2410 | All Unix platforms: | |
2411 | ||
2412 | - Servers now marked down when GetCapabilities returns error. | |
2413 | ||
2414 | - In-use vcache count is now properly tracked. | |
2415 | ||
2416 | All server platforms: | |
2417 | ||
2418 | - Fix ptserver supergroups support on 64 bit platforms. | |
2419 | ||
2420 | - Demand attach salvaging doesn't use freed volume pointers. | |
2421 | ||
2422 | - Properly hold host lock during host enumeration in fileserver. | |
2423 | ||
2424 | FreeBSD: | |
2425 | ||
2426 | - Fix socket termination on shutdown. | |
2427 | ||
2428 | - Support for 7.2, 7.3, 7.4 and 8.2 included. | |
2429 | ||
2430 | - References to vcaches are no longer leaked during root or reclaim. | |
2431 | ||
2432 | Linux: | |
2433 | ||
2434 | - Define llseek handler to avoid ESPIPE error in 2.6.37. | |
2435 | ||
2436 | - Mount interface replaces get_sb (new for 2.6.37, not yet required). | |
2437 | ||
2438 | - RedHat init script allows deferring for a new binary restart. | |
2439 | ||
2440 | - DEFINE_MUTEX replaces DECLARE_MUTEX for 2.6.37. | |
2441 | ||
2442 | MacOS: | |
2443 | ||
2444 | - Correct return value from setpag syscall. | |
2445 | ||
2446 | OpenBSD: | |
2447 | ||
2448 | - Bug fixes for issues introduced previously in 1.5 series. | |
2449 | ||
2450 | Solaris: | |
2451 | ||
2452 | - Switch to ioctl() syscall replacement for Solaris 11 since syscall 65 | |
2453 | is not safe. | |
2454 | ||
2455 | ||
2456 | OpenAFS 1.5.78 (2010-11-04) | |
2457 | ||
2458 | All platforms | |
2459 | ||
2460 | * Revisions to Rx to fix performance issues. | |
2461 | ||
2462 | * Make fs getfid behave consistently across all platforms. (128372) | |
2463 | ||
2464 | * Properly check IDs handed to pts when creating users or groups so | |
2465 | useful error messages can be provided. (128343) | |
2466 | ||
2467 | * Correct byte order handling of port in afsconf_LookupServer for SRV | |
2468 | records. | |
2469 | ||
2470 | * Force a full dump when releasing to a site which was previously | |
2471 | marked "don't use", in case the previous clone was out of date. | |
2472 | ||
2473 | All server platforms | |
2474 | ||
2475 | * Demand salvage of attached volumes now correctly track attachment | |
2476 | state. | |
2477 | ||
2478 | * Avoid a potential crash due to failure to hold a lock when attaching | |
2479 | a volume fails. | |
2480 | ||
2481 | Microsoft Windows | |
2482 | ||
2483 | * Track SMB connections by SID rather than username. | |
2484 | ||
2485 | * Error write attempts to known-readonly volumes earlier. | |
2486 | ||
2487 | * Validate directory buffers to avoid potential crashes. | |
2488 | ||
2489 | * Handle VIO errors from bulkstatus. | |
2490 | ||
2491 | * Make PMTU discovery configurable and register error handlers for it. | |
2492 | ||
2493 | All UNIX client platforms | |
2494 | ||
2495 | * Use larger I/O sizes in memcache to improve performance. | |
2496 | ||
2497 | * Avoid potential alignment issues doing I/O for pioctl calls. | |
2498 | ||
2499 | FreeBSD | |
2500 | ||
2501 | * Avoid panicing if the listener process is not findable. | |
2502 | ||
2503 | * Avoid deadlock issues while performing lookups. | |
2504 | ||
2505 | Linux | |
2506 | ||
2507 | * Handle stale file handle errors for some cache partition types. | |
2508 | ||
2509 | * Avoid blocking with xvcache lock when attempting to free in-use | |
2510 | vcaches. | |
2511 | ||
2512 | * Build fixes for older kernels. | |
2513 | ||
2514 | * Properly configure LWP to use ucontext() on platforms where it | |
2515 | should. | |
2516 | ||
2517 | * Eliminate spurious errors from AFS system call returns. (126230) | |
2518 | ||
2519 | MacOS | |
2520 | ||
2521 | * Attempt to honor configured Kerberos defaults in Preferences Pane. | |
2522 | ||
2523 | ||
2524 | OpenAFS 1.5.77 (2010-09-08) | |
2525 | ||
2526 | All platforms | |
2527 | ||
2528 | * Rx path MTU detection will terminate detection in cases where the | |
2529 | minimum required packet size cannot be transferred. | |
2530 | ||
2531 | * vos dryrun mode now shows effects for syncvldb single volume case. | |
2532 | ||
2533 | * vos dryrun mode now shows "status after" for syncvldb and syncserv. | |
2534 | ||
2535 | All server platforms | |
2536 | ||
2537 | * RXAFS_GetStatistics64 now returns statistics properly. | |
2538 | ||
2539 | Microsoft Windows | |
2540 | ||
2541 | * Attempt to properly identify the local system SMB connection for | |
2542 | token tracking. | |
2543 | ||
2544 | * Remap timeout and offline errors to proper NT RPC errors. | |
2545 | ||
2546 | * Properly fail over to other replicas on bulkstat IO errors. | |
2547 | ||
2548 | * Properly error delete-mode createfile if a file is set readonly. | |
2549 | ||
2550 | * Validate directory entry buffers to avoid crashing the service. | |
2551 | ||
2552 | * Log file modes properly. | |
2553 | ||
2554 | * Log cell name when logging server information. | |
2555 | ||
2556 | All UNIX client platforms | |
2557 | ||
2558 | * cacheout program for discarding callbacks is now built. | |
2559 | ||
2560 | * bulkstatus kernel locking is corrected to avoid a potential panic. | |
2561 | ||
2562 | Dragonfly BSD | |
2563 | ||
2564 | * userspace support update | |
2565 | ||
2566 | FreeBSD | |
2567 | ||
2568 | * Updated vnode locking for children returned via lookup(). | |
2569 | ||
2570 | * Avoid file open undercount with needed calls to | |
2571 | FakeOpen/FakeClose(). | |
2572 | ||
2573 | * Use vnode_pager_setsize to properly track file size during kernel | |
2574 | IO. | |
2575 | ||
2576 | * Update system call installation. | |
2577 | ||
2578 | * Fix shutdown of Rx kernel listener to avoid potential dereference | |
2579 | after it's gone. | |
2580 | ||
2581 | * Avoid closing vnodes during vnode recycle. | |
2582 | ||
2583 | * Fix bogus call to FlushVS for vnode reclaims. | |
2584 | ||
2585 | Linux | |
2586 | ||
2587 | * Packaging updated for current configure options and built files. | |
2588 | ||
2589 | * Cache bypass now holds reference on pages during readpage. | |
2590 | ||
2591 | * s390x setgroups32 patching update. | |
2592 | ||
2593 | MacOS | |
2594 | ||
2595 | * DNS resolver is reinitialized on IP address change. (126440) | |
2596 | ||
2597 | ||
2598 | OpenAFS 1.5.76 (2010-08-16) | |
2599 | ||
2600 | All platforms | |
2601 | ||
2602 | * Updates to build-time configuration. | |
2603 | ||
2604 | * Fix XDR support in Rx to match header definition. | |
2605 | ||
2606 | * vos status now shows transaction creation, not action creation. | |
2607 | ||
2608 | * Rx avoids reporting loopback adapters when listing interfaces. | |
2609 | ||
2610 | All server platforms | |
2611 | ||
2612 | * Demand-Attach Fileserver always built and installed (dafileserver, | |
2613 | davolserver, dasalvager). | |
2614 | ||
2615 | * Return VNOVOL from fileserver when a volume is deleted. | |
2616 | ||
2617 | * Ignore duplicate tags during volume restore operation. | |
2618 | ||
2619 | * Update inode array after salvage repairs volume. | |
2620 | ||
2621 | * Zero a corrupted header in memory during salvage to avoid further | |
2622 | corruption. | |
2623 | ||
2624 | * Fix NAMEI backend to allow low-numbered volumes to work properly. | |
2625 | ||
2626 | * ptserver does not include cell name as part of length check for | |
2627 | names. | |
2628 | ||
2629 | * Updated error messages for unblessed volumes. | |
2630 | ||
2631 | * vlserver avoids buffer overflow with regex pattern | |
2632 | ||
2633 | * Attach-time failures now note failures as the rest of the fileserver | |
2634 | would. | |
2635 | ||
2636 | * Server argument logging will no longer overflow stack. | |
2637 | ||
2638 | * Provide fast-restart-like unsafe-nosalvage option for DAFS. | |
2639 | ||
2640 | * Deal with host hash collisions in the fileserver. | |
2641 | ||
2642 | Microsoft Windows | |
2643 | ||
2644 | * Avoid crashing when interpreting a drive letter as potentially | |
2645 | matching a cell name. | |
2646 | ||
2647 | * Properly handle volume package errors. | |
2648 | ||
2649 | * Allow page recycling from known-readonly content without ensuring | |
2650 | they are not dirty. | |
2651 | ||
2652 | * 32 bit tools installer should not override client configuration. | |
2653 | ||
2654 | * Ensure root scache item has a valid callback when use is attempted. | |
2655 | ||
2656 | * Freelance directory changes now properly invalidate and replace the | |
2657 | old root object. | |
2658 | ||
2659 | All UNIX client platforms | |
2660 | ||
2661 | * Support disconnected reconnecting with specified UID for PAGless | |
2662 | platforms. | |
2663 | ||
2664 | * Proper disconnected vnode reference tracking. | |
2665 | ||
2666 | * Update server site blacklisting to not return success if nothing was | |
2667 | blacklisted. | |
2668 | ||
2669 | * Avoid a panic during vcache contention due to CVInit vcache | |
2670 | racing. (127645) | |
2671 | ||
2672 | FreeBSD | |
2673 | ||
2674 | * Update for network stack in 8.1/9.0. | |
2675 | ||
2676 | HP-UX | |
2677 | ||
2678 | * Bug fixes. | |
2679 | ||
2680 | Linux | |
2681 | ||
2682 | * 2.6.36 support | |
2683 | ||
2684 | * Disable PMTU error packet handling. | |
2685 | ||
2686 | * flock() fixes. | |
2687 | ||
2688 | * Debian packaging updated. | |
2689 | ||
2690 | * freezer interface updates. | |
2691 | ||
2692 | MacOS | |
2693 | ||
2694 | * Hold references to disconnected mode written vnodes properly. | |
2695 | ||
2696 | Solaris | |
2697 | ||
2698 | * Handle NFS translator module references for amd64. | |
2699 | ||
2700 | * INODE fileserver backend support now exists for amd64. | |
2701 | ||
2702 | ||
2703 | OpenAFS 1.5.75 (2010-07-07) | |
2704 | ||
2705 | All platforms | |
2706 | ||
2707 | * Prevent rx_rpc_stats global lock from being a bottleneck. | |
2708 | ||
2709 | * Path MTU discovery is now provided to allow traffic to pass networks | |
2710 | with sub-1500 byte MTUs and poor fragment handling. | |
2711 | ||
2712 | * Further reduce Rx NAT ping transmission when enabled. | |
2713 | ||
2714 | * Update Kerberos 5-based token handling in rxkad from upstream | |
2715 | Heimdal. (127554) | |
2716 | ||
2717 | * Update version numbers emitted during build to reflect what is | |
2718 | actually being built. | |
2719 | ||
2720 | * Add "-human" switch for human-readable units in fs diskfree and | |
2721 | listquota. (124529) | |
2722 | ||
2723 | * vos provides reasons for locked volumes when known. | |
2724 | ||
2725 | * Do not count retransmission and ping acks as non-idle for Rx | |
2726 | connections. | |
2727 | ||
2728 | * Rx: provide service-specific data getter and setter routines. | |
2729 | ||
2730 | * Update build-time Kerberos detection. | |
2731 | ||
2732 | * Updated userspace AFS client. | |
2733 | ||
2734 | * Beginning of a modernized test suite. | |
2735 | ||
2736 | * Additional documentation. | |
2737 | ||
2738 | * Updated documentation, notably the Administrators Guide. | |
2739 | ||
2740 | * Substantial code cleanup. | |
2741 | ||
2742 | All server platforms | |
2743 | ||
2744 | * Update handling of vnode allocation failures. | |
2745 | ||
2746 | * DAFS: allow salvaging volumes not known to the fileserver, to allow | |
2747 | cleanup of data not attached to a current volume. | |
2748 | ||
2749 | * Properly handle volumes slated for destruction. | |
2750 | ||
2751 | * Handle volumes with many files properly. | |
2752 | ||
2753 | * Force core file generation in bosserver by overriding default | |
2754 | resource limits when possible. | |
2755 | ||
2756 | * Update vlclient and vldb_check. | |
2757 | ||
2758 | * Avoid potentially corrupting a volume on creation if files are left | |
2759 | from previous failed cleanup. | |
2760 | ||
2761 | * Note volume changed during salvage as needed. | |
2762 | ||
2763 | * DAFS: do not assume invalid addresses are in fileserver address hash | |
2764 | table. | |
2765 | ||
2766 | * Avoid tying up fileserver threads with volumes that are being taken | |
2767 | offline. | |
2768 | ||
2769 | * Do not set inUse on volumes for non-DAFS other than in fileserver. | |
2770 | ||
2771 | * Break origin's callback on target of rename operation. | |
2772 | ||
2773 | * Avoid unneeded parent directory link updates during some rename | |
2774 | operations. | |
2775 | ||
2776 | * Do not open /dev/console for writing in the fileserver. | |
2777 | ||
2778 | * DAFS: avoid spurious restarts when binary restarts are configured. | |
2779 | ||
2780 | * Avoid spurious and unneeded calls to sync(), which can slow down the | |
2781 | fileserver. | |
2782 | ||
2783 | Microsoft Windows | |
2784 | ||
2785 | * Revised SMB QuerySecurityInfo to address issues caused by MS10-020 | |
2786 | (http://support.microsoft.com/kb/980232) | |
2787 | ||
2788 | * Prevent use of the AFSCache file contents if mapped to a new | |
2789 | address. | |
2790 | ||
2791 | * Make fs newcell include behavior compatible with the non-Windows | |
2792 | version. | |
2793 | ||
2794 | * Provide a registry option (FreelanceImportCellServDB) to pre-create | |
2795 | mount points in the AFS root for all cells in CellServDB. | |
2796 | ||
2797 | * Fix a memory leak in the cm_FreeServerList() routine. | |
2798 | ||
2799 | * Reduce privilege when reading registry CellServDB. | |
2800 | ||
2801 | * Add support for RPC Pipe Service NetWkstaGetInfo levels needed for | |
2802 | Windows 7. | |
2803 | ||
2804 | * Prevent overflow when computing quota percentage in Explorer Shell. | |
2805 | (126846) | |
2806 | ||
2807 | * Generate meaningful errors for ACL operations on freelance AFS root. | |
2808 | ||
2809 | * Fix error handling on InlineBulkStatus RPCs. | |
2810 | ||
2811 | * Show configuration pages for all types of MSI installations. | |
2812 | ||
2813 | * Improve freemount AFS root directory handling and operations. | |
2814 | ||
2815 | * Properly validate GetVolumeStatus pioctl responses. | |
2816 | ||
2817 | * Commit file length changes and dirty buffers when flushing a file. | |
2818 | ||
2819 | All UNIX client platforms | |
2820 | ||
2821 | * Update version of files for disk cache. | |
2822 | ||
2823 | * Do not call afs_FlushVCBs with xvcache lock held, to improve | |
2824 | parallelization. | |
2825 | ||
2826 | * Add mariner log messages for creating and removing files. | |
2827 | ||
2828 | * Don't hold xvcache lock while creating symlinks, to improve | |
2829 | parallelization. | |
2830 | ||
2831 | * Provide -dynroot-sparse mode to not show all cells in CellServDB in | |
2832 | dynroot mode. | |
2833 | ||
2834 | * Avoid a potential crash in aklog in linked cell handling. | |
2835 | ||
2836 | * Log MTU-caused packet retransmission. | |
2837 | ||
2838 | * Prevent crashes caused be fs checkservers while cache is being set | |
2839 | up. | |
2840 | ||
2841 | * fs getserverprefs now has a buffer large enough for the default | |
2842 | CellServDB. | |
2843 | ||
2844 | * Report server address when logging warnings. | |
2845 | ||
2846 | * Avoid panic in GetCapabilities when cell is not known. | |
2847 | ||
2848 | * Lock process name and id for advisory lock warnings when possible. | |
2849 | ||
2850 | * Handle need for allocating additional Rx packets. | |
2851 | ||
2852 | * Properly handle errors from InlineBulkStatus operations. | |
2853 | ||
2854 | * Fix errors returned from fcntl() on readonly files locked for write. | |
2855 | ||
2856 | * Flush pending changes to the server on LOCK_EX unlock. | |
2857 | ||
2858 | * Reflect length changes as a result of callbacks even when file is | |
2859 | open for write. | |
2860 | ||
2861 | * Avoid hanging due to error exit when attempting to store a large | |
2862 | file to a non-largefile fileserver. | |
2863 | ||
2864 | * Recover from afs_GetVolSlot errors. | |
2865 | ||
2866 | FreeBSD | |
2867 | ||
2868 | * Bugfixes for kernel VFS and network routines. | |
2869 | ||
2870 | IRIX | |
2871 | ||
2872 | * Provide makesname(). | |
2873 | ||
2874 | Linux | |
2875 | ||
2876 | * Avoid syscall probes when keyrings are present, by default. (125215) | |
2877 | ||
2878 | * Remove "Big Kernel Lock" from VFS operations. | |
2879 | ||
2880 | * Use filehandles for all Linux 2.6 versions to avoid need for matched | |
2881 | afsd. (127530) | |
2882 | ||
2883 | * Updated RPM packaging. | |
2884 | ||
2885 | * Fix dkms configuration provided with RPMs. | |
2886 | ||
2887 | * Hold reference on pages during background I/O for cache bypass. | |
2888 | ||
2889 | * Fix cache bypass handling of non-largefile fileservers. | |
2890 | ||
2891 | * Protect truncate_inode_pages mappings with mutex or semaphore as | |
2892 | needed. | |
2893 | ||
2894 | * Fix pagevec use in cache bypass. (127505) | |
2895 | ||
2896 | * Updates for 2.6.35 | |
2897 | ||
2898 | MacOS | |
2899 | ||
2900 | * Improve launchd configuration. | |
2901 | ||
2902 | * Avoid hanging on recursive cache file lock acquisition when user | |
2903 | notification is enabled. | |
2904 | ||
2905 | * Fix and re-enable bulkstat mode. | |
2906 | ||
2907 | OpenBSD | |
2908 | ||
2909 | * Build updates. | |
2910 | ||
2911 | Solaris | |
2912 | ||
2913 | * Precluding unmount while AFS is busy. | |
2914 | ||
2915 | * Avoid deadlocking when releasing the VFS object. | |
2916 | ||
2917 | * Stop network interface poller in kernel on AFS shutdown. | |
2918 | ||
2919 | * Avoid issues with lookups on empty directory names. (127356) | |
2920 | ||
2921 | ||
2922 | OpenAFS 1.5.74 (2010-04-22) | |
2923 | ||
2924 | All platforms | |
2925 | ||
2926 | * Add "vos setaddrs" command. | |
2927 | ||
2928 | * Rx library lock contention avoidance between rx_NewCall and | |
2929 | rx_EndCall. | |
2930 | ||
2931 | * Rx library races due to inconsistent use of rx_connection | |
2932 | conn_data_lock to protect the flags field. | |
2933 | ||
2934 | * Rx library inconsistent use of RX_CALL_TQ_WAIT which could result in | |
2935 | deadlocks. | |
2936 | ||
2937 | * Rx library must signal transmit queue waiters when flushing. | |
2938 | ||
2939 | * afsmonitor shows busy counts now. | |
2940 | ||
2941 | * afsmonitor displays xstat callback statistics. | |
2942 | ||
2943 | * Provide expandgroups for pts mem on a supergroups server. | |
2944 | ||
2945 | * Provide supergroup option to liste nested groups during pts mem. | |
2946 | ||
2947 | All server platforms | |
2948 | ||
2949 | * Avoid volume lock contention during DAFS startup. | |
2950 | ||
2951 | Microsoft Windows | |
2952 | ||
2953 | * Avoid a race when updating cell vldb server lists that can result in | |
2954 | a crash. | |
2955 | ||
2956 | * Avoid a deadlock when managing CM_SCACHESYNC_STOREDATA state | |
2957 | operations for directory objects. | |
2958 | ||
2959 | * Add new Windows Application Event log messages for VBUSY, | |
2960 | VRESTARTING, ALL_BUSY, ALL_OFFLINE, and ALL_DOWN. | |
2961 | ||
2962 | * Reduce lock contention by waiting for cm_buf_t I/O operations. | |
2963 | ||
2964 | * Split the cm_buf_t flags field to separate the flags that are | |
2965 | protected by the cm_buf_t mutex from those protected by the | |
2966 | buf_globalLock. | |
2967 | ||
2968 | * In cm_UpdateVolumeLocation, avoid searching for a ".readonly" volume | |
2969 | on a numeric volume name. | |
2970 | ||
2971 | * File buffer allocations whose offsets are beyond server EOF should | |
2972 | be locally allocated and zero filled. The file server should not be | |
2973 | issued a FetchData rpc which is guaranteed to fail. | |
2974 | ||
2975 | * Enable integrated logon to work with Windows 7/2008 when user logons | |
2976 | are performed with a non-Domain Kerberos principal. | |
2977 | ||
2978 | * Add Protection Error messages to aklog output. | |
2979 | ||
2980 | All UNIX client platforms | |
2981 | ||
2982 | * Provide a FUSE-interfacing userspace afs client. | |
2983 | ||
2984 | * Updates to libuafs userspace cache manager. | |
2985 | ||
2986 | * Probe servers using GetCapabilities instead of GetTime, thus | |
2987 | requiring fewer RPCs. | |
2988 | ||
2989 | * Fix DNS SRV record handling for cell lookup. | |
2990 | ||
2991 | FreeBSD | |
2992 | ||
2993 | * Fix sleep/wakeup routines. | |
2994 | ||
2995 | * Update for 8.0 release. | |
2996 | ||
2997 | Linux | |
2998 | ||
2999 | * Handle high memory addresses correctly. | |
3000 | ||
3001 | MacOS | |
3002 | ||
3003 | * Make 32 bit AFS syscalls work again. | |
3004 | ||
3005 | * Work around finder "Duplicate" failure (caused by setting modes on | |
3006 | symlinks). | |
3007 | ||
3008 | * Disable bulkstat again (will be re-enabled at or before .75). | |
3009 | ||
3010 | * Provide symlink type hints during readdir. | |
3011 | ||
3012 | ||
3013 | OpenAFS 1.5.73 (2010-03-24) | |
3014 | ||
3015 | All systems: Minor bugfixes. New features. | |
3016 | ||
3017 | * New functionality: | |
3018 | ||
3019 | All systems: | |
3020 | ||
3021 | - NAT keepalive support at Rx level. | |
3022 | ||
3023 | * Bugfixes: | |
3024 | ||
3025 | All systems: | |
3026 | ||
3027 | - Corrected server IP address output in vos syncvldb verbose mode. | |
3028 | ||
3029 | - Corrected server IP address output for last "yes" host in udebug. | |
3030 | ||
3031 | - Corrected SRV record support for canonicalizing cell names. | |
3032 | ||
3033 | All UNIX clients: | |
3034 | ||
3035 | - Fixed a potential race in Disconnected AFS "remove" support. | |
3036 | ||
3037 | - Fix a potential blocking condition in fakestat mode. | |
3038 | ||
3039 | - Avoid some errors and stack overflow reports when vos is interrupted. | |
3040 | (33360,125535) | |
3041 | ||
3042 | - Clean up several minor memory leaks. | |
3043 | ||
3044 | - If a large file is stored to a non-largefile fileserver, avoid | |
3045 | a potential deadlock. | |
3046 | ||
3047 | - Increase maximum number of sysnames to 32. | |
3048 | ||
3049 | - Readd fs mariner "storing" message, missing since AFS 3.3. | |
3050 | ||
3051 | - Attempt timeouts on AFSDB lookups in userspace. | |
3052 | ||
3053 | - Avoid interrupting writes due to an idle deadtime timeout. | |
3054 | ||
3055 | All server platforms: | |
3056 | ||
3057 | - Properly notify only affected hosts for volume callbacks. (126497) | |
3058 | ||
3059 | - Allow volumes with trashed root directory to be recovered. (94658) | |
3060 | ||
3061 | - Hold lock in file and volservers when traversing partition list. | |
3062 | ||
3063 | - Use finer-grained locking in DAFS: volume, instead of partition locks. | |
3064 | ||
3065 | - Schedule all DAFS salvages via FSSYNC. | |
3066 | ||
3067 | - Avoid stale ptserver credential caching issue on keyfile update. | |
3068 | ||
3069 | - Improve callback table overflow handling. (126451) | |
3070 | ||
3071 | - Preclude deadlocks on when attempting to save DAFS state. | |
3072 | ||
3073 | - Avoid races deleting hosts. (126454) | |
3074 | ||
3075 | - Improve salvage speed for DAFS (124488) | |
3076 | ||
3077 | - The bosserver now handles SIGTERM. | |
3078 | ||
3079 | Microsoft Windows | |
3080 | ||
3081 | - Prevent the Explorer Shell extension from crashing if symlink | |
3082 | creation failed. (126406) | |
3083 | ||
3084 | - A Rx level NAT ping has been implemented. A registry value enables. | |
3085 | ||
3086 | - Adds krb5 error message translation to aklog, afscreds, | |
3087 | afslogon.dll, the network identity manager afs provider and | |
3088 | translate_et. | |
3089 | ||
3090 | - Default mode bit settings for file and directory creation are now | |
3091 | provided, and can be configured. | |
3092 | ||
3093 | - An SMB request trace facility is provided and can be enabled for | |
3094 | debugging. | |
3095 | ||
3096 | AIX: | |
3097 | ||
3098 | - Clean up properly on mount failure. | |
3099 | ||
3100 | - Add entry to /etc/vfs to allow umount to work. | |
3101 | ||
3102 | FreeBSD: | |
3103 | ||
3104 | - Additional work to support FreeBSD 8-current. | |
3105 | ||
3106 | IRIX: | |
3107 | ||
3108 | - Fix build issues with library order. | |
3109 | ||
3110 | Linux: | |
3111 | ||
3112 | - Fix s390 support conflict with executable stack patches. | |
3113 | ||
3114 | - Don't count root's AFS session keyrings against quota. | |
3115 | ||
3116 | - Correct dkms support in RPM config file. | |
3117 | ||
3118 | - Keyring destructor now properly cleans up all tokens. | |
3119 | ||
3120 | - Build again on old 2.6 kernels. | |
3121 | ||
3122 | - Avoid GLOCK leak when updating CellServDB in-core. | |
3123 | ||
3124 | - Fix byte-range lock handling. | |
3125 | ||
3126 | - Attempt to deal with bdi issues. (126514) | |
3127 | ||
3128 | MacOS: | |
3129 | ||
3130 | - Some FSEvents hinting for authentication events now done. (23781) | |
3131 | ||
3132 | - Update uninstaller. (125634) | |
3133 | ||
3134 | - Rewrite afssettings and fstab code to avoid licensing issue with APSL. | |
3135 | ||
3136 | - Growl client for user monitoring of AFS events included. | |
3137 | ||
3138 | - Properly support insert-only dropboxes. | |
3139 | ||
3140 | - Add bulkstat support. | |
3141 | ||
3142 | - Include support for moving in Finder across mount points. | |
3143 | ||
3144 | - Preferences Pane includes support for Kerberos 5 ticket renewal. | |
3145 | ||
3146 | OpenBSD: | |
3147 | ||
3148 | - Some support for OpenBSD 4.7. | |
3149 | ||
3150 | ||
3151 | OpenAFS 1.5.72 (2010-02-15) | |
3152 | ||
3153 | All platforms | |
3154 | ||
3155 | * Provide internationalization support in com_err. | |
3156 | ||
3157 | * Fix array length checking to avoid crashes when checking for a | |
3158 | volume type based on name in vos. | |
3159 | ||
3160 | All server platforms | |
3161 | ||
3162 | * Provide backward compatible "-f" flag to salvager for force mode. | |
3163 | ||
3164 | Microsoft Windows | |
3165 | ||
3166 | * Restore use of DNS AFSDB and SRV records by kaserver clients. | |
3167 | ||
3168 | All UNIX client platforms | |
3169 | ||
3170 | * Fix client cache file truncation to not lose chunks when truncating | |
3171 | a large file. | |
3172 | ||
3173 | * Ensure a cache writeback hook is installed in the client (bug from | |
3174 | 1.5.71). | |
3175 | ||
3176 | * Avoid spurious free memory warnings during clean shutdown. | |
3177 | ||
3178 | * Fakestat mode avoids AFSDB lookups. | |
3179 | ||
3180 | * "fs storebehind" now correctly reports errors on readonly volumes. | |
3181 | ||
3182 | * Additional documentation for "fs getcacheparms" | |
3183 | ||
3184 | * Forced new uuid generation with "fs uuid -generate" now works | |
3185 | enforced permission correctly. | |
3186 | ||
3187 | MacOS | |
3188 | ||
3189 | * Add optimized Rx event handler in kernel. | |
3190 | ||
3191 | * Installer now allows installing an older version. | |
3192 | ||
3193 | * Panic decoder can now deal with MacOS 10.5 again. | |
3194 | ||
3195 | * MacOS ._ files are now correctly not looked up as cellnames. | |
3196 | ||
3197 | Linux | |
3198 | ||
3199 | * To deal with SELinux file labeling, try cache accesses with current | |
3200 | credentials in event of failure. | |
3201 | ||
3202 | * Rx XDR encoding bug on i386 Linux is fixed (bug introduced in | |
3203 | 1.5.71). | |
3204 | ||
3205 | IRIX | |
3206 | ||
3207 | * Code compilation fixes. | |
3208 | ||
3209 | OpenBSD | |
3210 | ||
3211 | * Update for OpenBSD 4.6. | |
3212 | ||
3213 | ||
3214 | OpenAFS 1.5.69 (2010-01-19) | |
3215 | ||
3216 | All platforms | |
3217 | ||
3218 | * Configuration of BOSserver no longer defaults to weekly restarts | |
3219 | enabled. | |
3220 | ||
3221 | * Provide BOS restricted mode by default. | |
3222 | ||
3223 | * Add support for "vos endtrans" command. | |
3224 | ||
3225 | * Default to providing full output from vos listvol. | |
3226 | ||
3227 | * Correct additional-address tracking in the fileserver. | |
3228 | ||
3229 | * Improve Rx performance by not unnecessarily dropping and reacquiring | |
3230 | call locks in read and write processes. | |
3231 | ||
3232 | * Avoid crashes when monitoring volserver transactions across | |
3233 | potential transaction garbage collection. | |
3234 | ||
3235 | * Numerous warning fixes. | |
3236 | ||
3237 | All server platforms | |
3238 | ||
3239 | * Avoid saving fileserver state in demand attach fileserver when | |
3240 | panicing. | |
3241 | ||
3242 | * Demand attach fileserver allows other callers to schedule salvages. | |
3243 | ||
3244 | * Demand attach "bos salvage" now works correctly with restricted | |
3245 | mode. | |
3246 | ||
3247 | Microsoft Windows: | |
3248 | ||
3249 | * Numerous changes to the client-internal btree directory handling to | |
3250 | prevent errors. | |
3251 | ||
3252 | * fs examine reports owner and group ids as signed values (PTS groups | |
3253 | are negative). | |
3254 | ||
3255 | * Preclude corruption due to races writing to smb buffers. | |
3256 | ||
3257 | * Allow MTU settings in registry to be used. | |
3258 | ||
3259 | * Apply MTU to both send and receive sizes. | |
3260 | ||
3261 | All UNIX client platforms | |
3262 | ||
3263 | * Avoid double-freeing Rx call structure if reading a response from | |
3264 | the file server results in a short read. | |
3265 | ||
3266 | * Handle negative lengths in FetchStatus results correctly. | |
3267 | ||
3268 | * Properly clean up allocated memory at shutdown. | |
3269 | ||
3270 | * Default to AFSDB compiled into the cache manager. | |
3271 | ||
3272 | * Avoid inadvertant disclosure of stat() information to clients not so | |
3273 | entitled. | |
3274 | ||
3275 | * Correct a bug with AFSDB lookups introduced with SRV record support. | |
3276 | ||
3277 | MacOS | |
3278 | ||
3279 | * Install kernel panic processing tool in /Library/OpenAFS/Tools. | |
3280 | ||
3281 | * Include debugging symbols for kernel extension in additional package. | |
3282 | ||
3283 | * Support "Application Firewall" users. | |
3284 | ||
3285 | * Avoid ._cellname AFSDB lookups. | |
3286 | ||
3287 | * Compile preferences pane as a universal binary. | |
3288 | ||
3289 | Linux | |
3290 | ||
3291 | * Use splice to speed up storing files. | |
3292 | ||
3293 | * When using memcache, avoid duplicating work in readpages. | |
3294 | ||
3295 | * Use dget_parent to safely find an inode's parent. | |
3296 | ||
3297 | * Disable access time updates in our superblock. | |
3298 | ||
3299 | * Avoid crashing doing writeback if no credentials were stashed at | |
3300 | file open. | |
3301 | ||
3302 | * Simplify keyring support. | |
3303 | ||
3304 | * Properly clean up vcache in event of failed mount. | |
3305 | ||
3306 | FreeBSD | |
3307 | ||
3308 | * Update for current FreeBSD 8. | |
3309 | ||
3310 | Solaris | |
3311 | ||
3312 | * Abstractly manipulate groups as now required. | |
3313 | ||
3314 | * Abstractly access time instead of using lbolt directly. | |
3315 | ||
3316 | ||
3317 | OpenAFS 1.5.68 (2009-12-08) | |
3318 | ||
3319 | All platforms | |
3320 | ||
3321 | * aklog now attempts to convert non-AFS errors to human-readable | |
3322 | strings. | |
3323 | ||
3324 | * Make stack not executable when compiling assembler source with GCC. | |
3325 | ||
3326 | * Numerous source warning cleanups and code reorganization. | |
3327 | ||
3328 | All server platforms | |
3329 | ||
3330 | * Compute midnight for volume statistics calculation from local time. | |
3331 | ||
3332 | * Salvager now orphans duplicate special inodes when running to allow | |
3333 | recovery in event of a problem, instead of simply ignoring the | |
3334 | issue. | |
3335 | ||
3336 | * Support to ensure a server panic attempt leaves a core and thus | |
3337 | restarts in a timely manner, rather than potentially hanging. Use | |
3338 | panic to attempt cleanup before leaving a core when possible. | |
3339 | ||
3340 | * Volume sync data reported during bulkstatus is now set correctly. | |
3341 | ||
3342 | * Provide better tuning for fileserver file descriptor caching. | |
3343 | ||
3344 | * Allow more than 128 threads in fileserver by modifying host | |
3345 | structure in-use tracking. | |
3346 | ||
3347 | * Avoid crashes getting volume server status during transaction | |
3348 | cleanup. | |
3349 | ||
3350 | * Improved logging of offline volume conditions. | |
3351 | ||
3352 | * Correct volume statistics when cloning a volume. | |
3353 | ||
3354 | * Avoid referencing host structures in the fileserver which are marked | |
3355 | for deletion. | |
3356 | ||
3357 | * Demand attach fileserver corrections to avoid coring during an | |
3358 | aborted startup. | |
3359 | ||
3360 | * host array bounds checking corrections to avoid buffer overflow. | |
3361 | ||
3362 | * Handle special inodes correctly when promoting an inode fileserver | |
3363 | readonly volume to read-write. | |
3364 | ||
3365 | Microsoft Windows | |
3366 | ||
3367 | * Set the DOS Readonly attribute on a file/directory whenever the unix | |
3368 | mode combined with the mask 0200 is true. Previously there was a | |
3369 | discrepency between the mask used for testing for readonly behavior | |
3370 | and that used for setting the attribute. | |
3371 | ||
3372 | * Disable AFSVolSync based .readonly "whole-volume callback" support | |
3373 | because the all file servers prior to 1.5.67 (and perhaps 1.4.12) do | |
3374 | not properly assign a value to the AFSVolSync structure in bulk | |
3375 | status RPC responses. | |
3376 | ||
3377 | * Improve the error output from aklog to output the value from krb5 | |
3378 | error_message() if the afs_com_err output indicates an unknown | |
3379 | value. | |
3380 | ||
3381 | * Convert VBUSY and VRESTARTING to CM_ERROR_ALLBUSY and do not permit | |
3382 | them to be exposed to the smb redirector. | |
3383 | ||
3384 | * Convert STATUS_TIMEOUT responses to STATUS_IO_TIMEOUT to avoid | |
3385 | confusion within the smb redirector. | |
3386 | ||
3387 | * Fix the byte order assigned to port numbers associated with AFSDB | |
3388 | record lookups. They must be network byte order not host byte | |
3389 | order. | |
3390 | ||
3391 | * Add dynamic server ranking based on RPC round trip time | |
3392 | measurements. | |
3393 | ||
3394 | All UNIX client platforms | |
3395 | ||
3396 | * Additional shutdown-time memory leaks removed. | |
3397 | ||
3398 | * Improved logging of resource contention. | |
3399 | ||
3400 | * Provide dumping for Rx debug packet tracking support in source. | |
3401 | ||
3402 | * Update afscp test client to build, and provide an unlock client. | |
3403 | ||
3404 | * Client buffers for directory parsing can now be allocated beyond the | |
3405 | fixed set formerly provided. | |
3406 | ||
3407 | * Work around race condition when manipulating read-only volume | |
3408 | callbacks. | |
3409 | ||
3410 | * Bugfixes to get PAG value pioctl. | |
3411 | ||
3412 | * Bugfixes to SRV record support. | |
3413 | ||
3414 | Linux | |
3415 | ||
3416 | * Path MTU tracking code cleanup. | |
3417 | ||
3418 | * Avoid an oops due to racing with vcache recycling thread. | |
3419 | ||
3420 | * Changes to keyring PAG handling: for sufficiently new kernels, use | |
3421 | only keyring-based PAGs, and disable group PAGs entirely. | |
3422 | ||
3423 | * Updates to the kernel page cache interface: writing pages will now | |
3424 | not spuriously leak page locks, and will avoid requiring duplicate | |
3425 | work. | |
3426 | ||
3427 | * Credential references are now tracked using native atomic counters. | |
3428 | ||
3429 | * Kernel mutex/semaphore lock ordering fix to avoid deadlocks. | |
3430 | ||
3431 | * Manipulate disk cache with credentials used to initialize it, to | |
3432 | avoid security issues. | |
3433 | ||
3434 | MacOS | |
3435 | ||
3436 | * Fix fstrace message catalog location. | |
3437 | ||
3438 | * Fix kernel fstrace logging. | |
3439 | ||
3440 | ||
3441 | OpenAFS 1.5.66 (2009-10-25) | |
3442 | ||
3443 | All platforms | |
3444 | ||
3445 | * Avoid calling exit() in library code. | |
3446 | ||
3447 | * Add rx window size and peer timeout tuning APIs. | |
3448 | ||
3449 | * Correct rx peer timeout handling to disallow 0ms timeouts. | |
3450 | ||
3451 | * Correct calculation of rx RTT by disregarding retransmitted packets. | |
3452 | ||
3453 | * vos manpages updated to reflect changes in recent versions. | |
3454 | ||
3455 | * GNU-style long options (e.g. --cell) are now supported in all | |
3456 | commands. | |
3457 | ||
3458 | * fs listacl can now print a command to recreate the current ACL. | |
3459 | ||
3460 | All server platforms | |
3461 | ||
3462 | * Fix a race on transaction objects in the volserver which can cause a | |
3463 | crash. | |
3464 | ||
3465 | * Avoid destroying and setting to NULL the callback connection when it | |
3466 | could still be being used. | |
3467 | ||
3468 | * Correct unlink handling in salvager. | |
3469 | ||
3470 | * Improve error messages due to I/O errors in the volserver. | |
3471 | ||
3472 | * Correct an issue which caused converted RO to RW volumes on namei | |
3473 | fileservers to not come online immediately. | |
3474 | ||
3475 | Microsoft Windows | |
3476 | ||
3477 | * Official support for Windows 7 and Server 2008 R2. | |
3478 | ||
3479 | * Prevent a file server bug (FetchData returning an invalid length | |
3480 | instead of zero) from causing an "unexpected network error" when | |
3481 | writing to files. | |
3482 | ||
3483 | * Promote DNS SRV records as superior to DNS AFSDB records. Support | |
3484 | arbitrary port numbers for vldb servers. | |
3485 | ||
3486 | * Add AFSVolSync based .readonly "whole-volume callback" support. | |
3487 | With this functionality, multiple objects from a .readonly volume | |
3488 | can have their status validated by issuing a single | |
3489 | RXAFS_FetchStatus RPC. | |
3490 | ||
3491 | * Remove drive mapping functionality and service start/stop from | |
3492 | afscreds.exe. | |
3493 | ||
3494 | * Remove drive mapping functionality from afs_config.exe. | |
3495 | ||
3496 | * Use {HKLM,HKCU}\SOFTWARE\OpenAFS\Client DWORD "ShowMountTab" to | |
3497 | restore access to drive mapping functionality in afscreds.exe and | |
3498 | afs_config.exe. | |
3499 | ||
3500 | * Adjust SMB error return codes to avoid returning STATUS_TIMEOUT | |
3501 | which results in the SMB redirector disconnecting. | |
3502 | ||
3503 | * Network Identity Manager OpenAFS Provider now provides its own "AFS | |
3504 | lock" notification icon to report the status of "have tokens, have | |
3505 | no tokens, service not started, service started but inaccessible". | |
3506 | Hovering over the icon lists the cells for which tokens exist (if | |
3507 | any) and the OpenAFS version number. Double-clicking executes the | |
3508 | Network Identity Manager default action. | |
3509 | ||
3510 | * Prevent pioctl calls from retrying indefinitely when a sharing | |
3511 | violation error occurs. | |
3512 | ||
3513 | All UNIX client platforms | |
3514 | ||
3515 | * Correct a condition which could discard the error from initializing | |
3516 | a fetch request. | |
3517 | ||
3518 | * Avoid using invalid references to afs_Conn connection structures, | |
3519 | and thus potentially producing invalid data when a retry is needed. | |
3520 | ||
3521 | * SRV records are now supported for discovering AFS servers. | |
3522 | ||
3523 | Linux | |
3524 | ||
3525 | * Correct writepage behavior. | |
3526 | ||
3527 | * Fix error code handling in the writepage code. | |
3528 | ||
3529 | * Avoid leaking page locks, which could potentially hang a machine. | |
3530 | ||
3531 | MacOS X | |
3532 | ||
3533 | * Preferences Pane improvements. | |
3534 | ||
3535 | HP-UX | |
3536 | ||
3537 | * Avoiding attempting to handle critical signals in servers, so that | |
3538 | core file handling works correctly. | |
3539 | ||
3540 | ||
3541 | OpenAFS 1.5.65 (2009-10-06) | |
3542 | ||
3543 | All platforms | |
3544 | ||
3545 | * Code compilation warning fixes, to enable better finding and | |
3546 | tracking bugs. | |
3547 | ||
3548 | * Provide configure-time switch to enable code warning compilation. | |
3549 | ||
3550 | All server platforms | |
3551 | ||
3552 | * Demand-attach fileserver now makes volume LRU list operations | |
3553 | exclusive operations to avoid races during adding to the list. | |
3554 | ||
3555 | * Fileservers now avoid potential "negative length" fetches. | |
3556 | ||
3557 | * A leak in host tracking objects in the fileserver has been fixed. | |
3558 | ||
3559 | * Salvager now unlinks all files by full path, to deal with the change | |
3560 | to not chdir for core file tracking. | |
3561 | ||
3562 | * Salvager avoids asserting if the volume header is unreadable. | |
3563 | ||
3564 | * Demand-attach fileserver puts back volume references from fssync | |
3565 | handlers when done. | |
3566 | ||
3567 | Microsoft Windows | |
3568 | ||
3569 | * Improved service response to suspend and shutdown event | |
3570 | notifications. | |
3571 | ||
3572 | * Avoid a bug in the file server that can result in an invalid length | |
3573 | being returned as part of a fetch data response if the client | |
3574 | attempts to read beyond the length of the file. | |
3575 | ||
3576 | * Do not publish a default stream object for directories and mount | |
3577 | point objects. This was impacting the ability of some Windows XP | |
3578 | systems to save roaming profiles. | |
3579 | ||
3580 | All UNIX client platforms | |
3581 | ||
3582 | * A bug which could cause erroneous handling of lengths on data reads | |
3583 | has been fixed. | |
3584 | ||
3585 | * A bug where erroneous length returns from the fileserver could | |
3586 | result in a false error has been fixed. | |
3587 | ||
3588 | Linux | |
3589 | ||
3590 | * Background page copies are now supported for enhanced disk cache | |
3591 | read performance. | |
3592 | ||
3593 | * Blocking readahead is supported in readpages() to reduce overhead. | |
3594 | ||
3595 | * Use readpage() instead of read() to access cache data to avail disk | |
3596 | cache users of the kernel backing cache for improved performance. | |
3597 | ||
3598 | * Minimize credential handling for improved performance. | |
3599 | ||
3600 | MacOS X | |
3601 | ||
3602 | * Preferences Pane cleanup. | |
3603 | ||
3604 | Solaris | |
3605 | ||
3606 | * Provide a fs_pathconf method with sensible defaults. | |
3607 | ||
3608 | * Provide a _PC_FILESIZEBITS method to fix some NFS translator | |
3609 | consumers. | |
3610 | ||
3611 | ||
3612 | OpenAFS 1.5.64 (2009-09-22) | |
3613 | ||
3614 | All server platforms | |
3615 | ||
3616 | * The demand attach fileserver now puts back volume references gotten | |
3617 | via the fssync interface. | |
3618 | ||
3619 | * The demand attach fileserver had a structure reference error, which | |
3620 | has been correected. | |
3621 | ||
3622 | Microsoft Windows | |
3623 | ||
3624 | * Restores Windows 2000 compatibility. | |
3625 | ||
3626 | * Fixes a data consistency error between the output of NetWkstaGetInfo | |
3627 | and NetServerGetInfo RPCs, specify the Lan workstation group name | |
3628 | "AFS", and report server name as "AFS" instead of "\\AFS" when the | |
3629 | caller asks for "\\AFS". | |
3630 | ||
3631 | * Enables executables to be run from \\AFS on Windows 7. Returns | |
3632 | "Name not found" instead of "File not found" when a directory or | |
3633 | file name cannot be found. This avoids loader errors when system | |
3634 | dlls cannot be located in the executable directory. | |
3635 | ||
3636 | * Prevents cache manager from marking the file server "down" when the | |
3637 | data returned in response to either RXAFS_FetchData64 or | |
3638 | RXAFS_StoreData64 is invalid. | |
3639 | ||
3640 | * Adds pioctl data validation to the AFS Explorer Shell extension. | |
3641 | ||
3642 | All UNIX client platforms | |
3643 | ||
3644 | * A bug which could cause a kernel panic in 1.5.63 has been corrected. | |
3645 | This would manifest as a GetDCache panic or oops. | |
3646 | ||
3647 | Linux | |
3648 | ||
3649 | * aklog -setpag works again with recent kernels when keyring is in | |
3650 | use. | |
3651 | ||
3652 | MacOS | |
3653 | ||
3654 | * When Fast User Switch is in use, AFS login is now handled correctly | |
3655 | by the integration tool included with the preferences pane. | |
3656 | ||
3657 | * Several packaging bugs have been corrected. | |
3658 | ||
3659 | ||
3660 | OpenAFS 1.5.63 (2009-09-11) | |
3661 | ||
3662 | All platforms | |
3663 | ||
3664 | * The restorevol command is now documented and installed as a user | |
3665 | command. | |
3666 | ||
3667 | * The uss command now properly translates vldb entries to its expected | |
3668 | format when handling them in all cases. | |
3669 | ||
3670 | * Documentation now refers to Kerberos instead of kaserver. | |
3671 | ||
3672 | All server platforms | |
3673 | ||
3674 | * bosserver now handles BosConfig.new when restarting, allowing | |
3675 | configuration to be replaced at restart time rather than with bos | |
3676 | delete and bos create. Documentation is updated to reflect this. | |
3677 | ||
3678 | * The demand attach fileservice not longer potentially hangs trying to | |
3679 | terminate demand-salvages which have already exited. | |
3680 | ||
3681 | * The demand attach fileservice has been modified to avoid spurious | |
3682 | 'SYNC_putRes: write failed' warnings when some protocol messages | |
3683 | cannot be acknowledged due to the sender terminating the connection. | |
3684 | ||
3685 | * In the event of failure to contact the vlserver or ptserver, the | |
3686 | fileserver will not exit and trigger a forced salvage. It will | |
3687 | continue to try in the background to contact the needed services. | |
3688 | ||
3689 | * The salvager can now repair certain cases of a damamged vnode index. | |
3690 | ||
3691 | * The accessDate metadata for a volume is now updated correctly. | |
3692 | ||
3693 | Microsoft Windows | |
3694 | ||
3695 | * CRITICAL: Some applications for example those based on Cygwin were | |
3696 | unable to access data stored in the AFS name space. Explorer Shell | |
3697 | also experienced inconsistent behavior. This is fixed. | |
3698 | ||
3699 | * CRITICAL: Multiple AFS pioctl requests issued nearly simultaneously | |
3700 | by applications could result in pioctl responses being received by | |
3701 | the wrong requester. This in turn could result in application | |
3702 | crashes. symlink.exe, fs.exe, afslogon.dll, afscreds.exe, and the | |
3703 | netidmgr afscred.dll plugin were all affected. | |
3704 | ||
3705 | * Some XP machines running 1.5.62 had trouble saving roaming profile | |
3706 | data. This is fixed. | |
3707 | ||
3708 | * Integrated Logon (afslogon.dll) did not function with domain | |
3709 | specific configurations. | |
3710 | ||
3711 | * Ensure that access denied and over quota errors experienced while | |
3712 | storing data to the file server do not result in on-going retry | |
3713 | attempts. | |
3714 | ||
3715 | All UNIX client platforms | |
3716 | ||
3717 | * Except on Solaris and AIX, the compiler may now be overriden at | |
3718 | configure time by setting the CC environment variable. | |
3719 | ||
3720 | * afsd now properly deals with large cache partitions. | |
3721 | ||
3722 | FreeBSD | |
3723 | ||
3724 | * Build shared libafsauthent and libafsrpc. | |
3725 | ||
3726 | Linux | |
3727 | ||
3728 | * Kernel module DKMS support now installs an unstripped module to | |
3729 | allow debugging information to be collected. | |
3730 | ||
3731 | MacOS | |
3732 | ||
3733 | * Preferences pane properly updates token information. | |
3734 | ||
3735 | MacOS 10.6 | |
3736 | ||
3737 | * klog will now properly handle passwords of 8 or fewer characters | |
3738 | with an AFS string to key on hosts able to run 64 bit binaries. | |
3739 | ||
3740 | * A panic at AFS shutdown due to "NO PCB" on a udp_lock has been | |
3741 | addressed. | |
3742 | ||
3743 | * The panic decoder script included in the source now properly handles | |
3744 | 32 and 64 bit panics. | |
3745 | ||
3746 | NetBSD | |
3747 | ||
3748 | * Avoid defining AFS_KERBEROS_ENV globally as it creates a circular | |
3749 | dependency. | |
3750 | ||
3751 | * Build shared libafsauthent and libafsrpc. | |
3752 | ||
3753 | OpenBSD | |
3754 | ||
3755 | * Build shared libafsauthent and libafsrpc. | |
3756 | ||
3757 | ||
3758 | OpenAFS 1.5.62 (2009-08-28) | |
3759 | ||
3760 | All platforms | |
3761 | ||
3762 | * Numerous invisible changes to improve code maintainability, | |
3763 | portability and enhanceability. | |
3764 | ||
3765 | Microsoft Windows | |
3766 | ||
3767 | * CRITICAL: Fixes two errors that can result in data loss when storing | |
3768 | data to the file server. | |
3769 | 1. Failure to Store Portions of Unaligned Writes | |
3770 | 2. Failure to Store Data to File Servers Lacking Large File Support | |
3771 | Read the announcement for more details: | |
3772 | http://www.openafs.org/pipermail/openafs-announce/2009/000305.html | |
3773 | ||
3774 | * CRITICAL: The cache manager daemon thread could terminate when the | |
3775 | machine enters suspend mode. This daemon thread performs the | |
3776 | background check of down servers, offline volumes, callback | |
3777 | expirations, etc. | |
3778 | ||
3779 | * CRITICAL: Integrated Logon (afslogon.dll) was terminating | |
3780 | unexpectedly. Error checking has been improved and NULL pointer | |
3781 | dereferences after Lsa API calls fail have been eliminated. | |
3782 | ||
3783 | * For the first time, the OpenAFS SMB Server supports the DCE RPC | |
3784 | services SRVSVC and WKSSVC. Browsing \\AFS with the Explorer Shell | |
3785 | or NET VIEW will now be faster and provide additional functionality. | |
3786 | No longer will cell names longer than 12 characters be truncated. | |
3787 | ||
3788 | * Improvements to DFS Referral request processing have been | |
3789 | implemented. | |
3790 | ||
3791 | * Unnecessary DNS lookups of share names are avoided improving | |
3792 | performance. | |
3793 | ||
3794 | All UNIX client platforms | |
3795 | ||
3796 | * Non-Kerberos PAM modules work correctly again. | |
3797 | ||
3798 | MacOS X | |
3799 | ||
3800 | * MacOS 10.6 (Snowleopard) is now supported, both 32 and 64 bit mode. | |
3801 | ||
3802 | * Updates to the AFSCommander preferences pane. | |
3803 | ||
3804 | * Installer now permits cell names with dashes. | |
3805 | ||
3806 | ||
3807 | OpenAFS 1.5.61 (2009-08-06) | |
3808 | ||
3809 | All platforms | |
3810 | ||
3811 | * Correct another race condition in the Rx library that could result | |
3812 | in an unexpected panic while freeing the Rx call iovq. | |
3813 | ||
3814 | * rx packet resend and data packets sent counts were incorrect. | |
3815 | ||
3816 | * fs setquota, fs setcachesize, vos setfields, and vos create now | |
3817 | accept human readable orders of magnitude. (K, M, G) | |
3818 | ||
3819 | * fs listquota fixed to permit large quota sizes to be displayed. | |
3820 | ||
3821 | * Correct documentation of bosserver permissions requirements. | |
3822 | ||
3823 | * Modify vlserver to avoid potentially corrupting the database through | |
3824 | volume id reuse. | |
3825 | ||
3826 | * Generalized support for fast Rx timeout due to network | |
3827 | down/unreachable. | |
3828 | ||
3829 | All server platforms | |
3830 | ||
3831 | * Allow audit logs to be sent via sys5 IPC message queues instead of | |
3832 | logged directly. | |
3833 | ||
3834 | Microsoft Windows | |
3835 | ||
3836 | * If a file server becomes inaccessible while the cache manager has | |
3837 | dirty buffers to write, the afsd_service buf_IncrSync thread can | |
3838 | attempt to use 100% of the cpu. | |
3839 | ||
3840 | * Fix "fs newcell" which was broken in 1.5.60. | |
3841 | ||
3842 | * Do not attempt to synchronize dirty buffers if the associated volume | |
3843 | is known to be unavailable. | |
3844 | ||
3845 | * Modify behavior of a Freelance mountpoint target that does not | |
3846 | specify a cell. Instead of assuming the target volume is in the | |
3847 | Freelance.Local cell, use the workstation "Cell" specified in the | |
3848 | registry. A mountpoint target of "#root.cell." will now mean the | |
3849 | root.cell volume in the workstation cell for the current session. | |
3850 | If the workstation cell changes from "athena.mit.edu" to | |
3851 | "andrew.cmu.edu", the referenced volume will also change without | |
3852 | requiring that the mount point targets be altered. | |
3853 | ||
3854 | * Add cm_FindServerByUuid(). Re-implement RXAFS_InitCallBackState3() | |
3855 | to permit the server Uuid to be used to lookup the server object and | |
3856 | from that determine the cell. This permits callbacks that are | |
3857 | received from alternate addresses to be processed with a known | |
3858 | server object. Previously a request from an unknown server would | |
3859 | clear all callbacks from all cells. | |
3860 | ||
3861 | * Fix a bug that prevented optimal performance when using a non-zero | |
3862 | value for 'daemonCheckVolCBInterval'. As a reminder, when | |
3863 | "daemonCheckVolCBInterval" is set to a non-zero value, all .readonly | |
3864 | volume callbacks are automatically renewed 90 minutes before their | |
3865 | expiration. | |
3866 | ||
3867 | * Fix automatic ranking of vldb servers whose values are obtained from | |
3868 | the CellServDB file. | |
3869 | ||
3870 | * Add failover for RX CALL TIMEOUT errors when the volume is readonly | |
3871 | or the call is to a vldb server. | |
3872 | ||
3873 | * Add registry based cell search functionality to NetIdMgr, | |
3874 | afs_config.exe, and klog.exe. | |
3875 | ||
3876 | * afsconf_GetCellInfo() has been modified to perform gethostbyname() | |
3877 | lookups on the host names in the CellServDB instead of using the | |
3878 | specified IP addresses. This provides aklog, pts, vos, etc. the | |
3879 | same CellServDB behavior that the Windows Cache Manager uses. | |
3880 | ||
3881 | * When updating the stat cache entry callback of a .readonly object | |
3882 | from the volume group object, update the file server reference to | |
3883 | ensure it matches the most update to date callback. | |
3884 | ||
3885 | * Add proper support for processing callbacks from multi-homed file | |
3886 | servers. Instead of comparing servers by cm_server_t pointer, | |
3887 | compare them by UUID when the UUID is known. | |
3888 | ||
3889 | * During a shutdown short circuit the offline volume check daemon | |
3890 | functionality. | |
3891 | ||
3892 | * Return the error code of RXAFS_FetchData / RXAFS_StoreData in | |
3893 | preference to an error code reported by rx_EndCall. | |
3894 | ||
3895 | * Add "PerFileAccessCheck" registry value to permit testing against | |
3896 | experimental file servers that include per-file acl support. This | |
3897 | value is intentionally undocumented. It is not to be used by | |
3898 | production environment deployments. | |
3899 | ||
3900 | * Fix a bug introduced in 1.5.60 that prevents the afs netidmgr | |
3901 | provider from obtaining tokens when referrals are in play. | |
3902 | ||
3903 | * Add "fs chown" and "fs chgrp" commands to permit the owner and group | |
3904 | of objects stored in AFS to be set from Windows. | |
3905 | ||
3906 | * Avoid performing background daemon operations when the machine is | |
3907 | going into suspend mode. | |
3908 | ||
3909 | * Perform offline volume checks in most recently used order. | |
3910 | ||
3911 | * Prevent crash when a data version for a cache object goes backwards. | |
3912 | ||
3913 | * Multi-thread safe library versions are now being generated and used. | |
3914 | mtafsubik.lib, mtafsutil.lib, mtafsvldb.lib, mtafsvol.lib. | |
3915 | ||
3916 | * Microsoft SMB Redirector (mrxsmb.sys) support for | |
3917 | ExtendedSessTimeout values are now available on XP through Windows | |
3918 | 7. Add functionality to autodetect if such support is present on | |
3919 | the machine. If so, configure it if necessary and dynamically | |
3920 | adjust the AFS Rx timeout values accordingly. | |
3921 | ||
3922 | All UNIX client platforms | |
3923 | ||
3924 | * Fix out-of-tree source builds. | |
3925 | ||
3926 | MacOS | |
3927 | ||
3928 | * GUI installer now asks for local cell information. | |
3929 | ||
3930 | * AFS Commander preferences pane is now installed by default. | |
3931 | ||
3932 | Solaris | |
3933 | ||
3934 | * Avoid kernel panics due to null pointer dereferences in the network | |
3935 | interface poller kernel thread. | |
3936 | ||
3937 | ||
3938 | OpenAFS 1.5.60 (2009-05-31) | |
3939 | ||
3940 | All platforms | |
3941 | ||
3942 | * Retry volserver transaction creation on failure. | |
3943 | ||
3944 | * Allow building HTML and PDF documentation from included XML copies | |
3945 | of User Guide, Admin Guide and Quick Start Guide for Unix. | |
3946 | ||
3947 | * Documentation updates and additional documentation. | |
3948 | ||
3949 | * Add -encrypt support to pts client. | |
3950 | ||
3951 | * Convert MR-AFS fs commands to OSD commands. | |
3952 | ||
3953 | All server platforms | |
3954 | ||
3955 | * Updated background sync process in fileserver to avoid a race which | |
3956 | could result in a volume being taken offline. | |
3957 | ||
3958 | Microsoft Windows | |
3959 | ||
3960 | * On April 9th Microsoft released a Hot Fix for Windows Server 2003 | |
3961 | SP2 that corrects a deadlock in the smb redirector and also adds new | |
3962 | functionality that permits the AFS SMB server to be given a longer | |
3963 | timeout than is normally the case. New functionality has been added | |
3964 | to configure these additional LanmanWorkstation\Parameter values. | |
3965 | (This functionality has been backported to XP SP3 and is scheduled | |
3966 | to be released on June 5th.) | |
3967 | ||
3968 | * Fix RT#124787, a race condition between "fs flush <dir>", "fs | |
3969 | flushvolume", or "fs flushall" and on-going directory operations | |
3970 | that can result in afsd_service.exe crashing. | |
3971 | ||
3972 | * Release Notes, User and Administrator guides are now shipped as | |
3973 | indexed Windows HtmlHelp Files. (.chm). Shortcuts are provided from | |
3974 | the Start Menu. | |
3975 | ||
3976 | * A method of specifying Client CellServDB information within the | |
3977 | registry has been added that can be used to either override the | |
3978 | CellServDB file or force the use of DNS lookups for a given cell. | |
3979 | See the release notes for details. | |
3980 | ||
3981 | * The pioctl interface now properly handles drive letter substitution | |
3982 | to UNC paths. (SUBST <d:> <\\afs\cell\path>) | |
3983 | ||
3984 | * The BackConnectionHostNames registry value configuration was broken | |
3985 | when dynamic re-establishment of Netbios Name registrations was | |
3986 | added. This release restores the functionality. | |
3987 | ||
3988 | * All hidden vos.exe commands are now revealed. | |
3989 | ||
3990 | * Attempts to store the same dirty file chunk from multiple threads | |
3991 | are now prevented. | |
3992 | ||
3993 | * The IsPathInAfs test in Explorer Shell Extension and fs.exe now | |
3994 | permits broken symlinks to be treated as being in AFS. | |
3995 | ||
3996 | * vos.exe commands that output 64-bit integer values once again do so. | |
3997 | This was broken in 1.5.59. | |
3998 | ||
3999 | * Cygwin Import Libraries are provided in the SDK for all OpenAFS | |
4000 | DLLs. This permits building cygwin applications against OpenAFS | |
4001 | libraries. | |
4002 | ||
4003 | * NSIS installer does a much better job of cleaning up files left over | |
4004 | from previous installs. | |
4005 | ||
4006 | * libafsconf.dll moved from Client\Program to Common directory as is | |
4007 | is now used by all modules for CellServDB processing. | |
4008 | ||
4009 | All UNIX client platforms | |
4010 | ||
4011 | * Write back changes on last store for memcache to avoid discarding | |
4012 | changes. | |
4013 | ||
4014 | * Abstract disk cache support to allow for path, fh, inode based | |
4015 | caches with no need for messy ifdef structures each time a new type | |
4016 | is added. | |
4017 | ||
4018 | DragonflyBSD | |
4019 | ||
4020 | * Support as a userland port. | |
4021 | ||
4022 | FreeBSD | |
4023 | ||
4024 | * Corrected structure definition for userspace cache manager to allow | |
4025 | builds to complete. | |
4026 | ||
4027 | Linux | |
4028 | ||
4029 | * Corrected client locking support. | |
4030 | ||
4031 | * Updated patch to stop deadlocking in the kernel during mmap. | |
4032 | ||
4033 | * Avoid oops when setting up groups for PAGs to match keyrings. | |
4034 | ||
4035 | * Use Linux fh-based cache in cases where possible by default. | |
4036 | ||
4037 | MacOS 10.3: | |
4038 | ||
4039 | * Corrected structure definition for userspace cache manager to allow | |
4040 | builds to complete. | |
4041 | ||
4042 | OpenBSD | |
4043 | ||
4044 | * Support for OpenBSD 4.5. | |
4045 | ||
4046 | Solaris | |
4047 | ||
4048 | * Corrected support for server-side vos split interface. | |
4049 | ||
4050 | ||
4051 | OpenAFS 1.5.59 (2009-04-06) | |
4052 | ||
4053 | Microsoft Windows | |
4054 | ||
4055 | * Increased service priority class to "High" to match the priority of | |
4056 | system components that are dependent upon the a timely response. | |
4057 | ||
4058 | * SMB error responses avoid returning errors that could confuse the | |
4059 | Microsoft SMB redirector into disconnecting the connection to \\AFS. | |
4060 | ||
4061 | All UNIX client platforms (except MacOS X 10.4 and 10.5) | |
4062 | ||
4063 | * OpenAFS 1.5.59 contains fixes for the client issues addressed by the | |
4064 | security advisories OPENAFS-SA-2009-001 and OPENAFS-SA-2009-002. | |
4065 | ||
4066 | Linux platforms | |
4067 | ||
4068 | * Support for prerelease Linux 2.6.30 kernels. | |
4069 | ||
4070 | ||
4071 | OpenAFS 1.5.58 (2009-03-30) | |
4072 | ||
4073 | All platforms | |
4074 | ||
4075 | * Code cleanup and prototyping. | |
4076 | ||
4077 | * Avoid unnecessary blocking in Rx periodic cleanup code. | |
4078 | ||
4079 | All server platforms | |
4080 | ||
4081 | * Fileserver CopyOnWrite routine optimized for performance. | |
4082 | ||
4083 | * Make fileserver callback dumps 64 bit safe. | |
4084 | ||
4085 | * Fix byte order issues with fileserver host hashing. | |
4086 | ||
4087 | * Fix buffer size issues with butc. | |
4088 | ||
4089 | * Fix several Ubik recovery issues. | |
4090 | ||
4091 | * Avoid leaking file references in the fileserver. | |
4092 | ||
4093 | * Fix a race in DAFS while closing vnodes, and another offlining | |
4094 | volumes. | |
4095 | ||
4096 | * volserver interfaces for volume splitting client. | |
4097 | ||
4098 | Microsoft Windows | |
4099 | ||
4100 | * [RT 124293] A race condition exists which can result in a crash. | |
4101 | ||
4102 | * [RT 124276] If the vldb is out of sync with the contents of the file | |
4103 | servers, afsd_service will retry too many times when a file server | |
4104 | reports a volume as not being present. Now if the list reported by | |
4105 | the vldb is the same as the previously seen list, then the retry is | |
4106 | aborted. | |
4107 | ||
4108 | * [RT 124276] Read-only volume failover was broken in 1.5.53 whenever | |
4109 | accessing a volume results in VNOVOL or VMOVED. | |
4110 | ||
4111 | * [RT 124276] Prior to 1.3.70 the volume server reference list was not | |
4112 | reference counted and would be prematurely freed while in use. When | |
4113 | reference counting was added in 1.3.70 a bug was introduced that | |
4114 | could result in service reference list corruption. | |
4115 | ||
4116 | * Add Windows Application Event Log warning messages for "Client SMB | |
4117 | MPX value too large" and "Client SMB Buffer Size too small". | |
4118 | ||
4119 | * Renaming of files across directory boundaries would result in an | |
4120 | invalid handle error when attempting to access the files after the | |
4121 | move. | |
4122 | ||
4123 | * Fix the handling of Tran2 Set Path Info RPCs. Do not fail when a | |
4124 | smb file descriptor cannot be found. The whole point of using a | |
4125 | Path Info function is because an smb file descriptor wasn't | |
4126 | allocated. | |
4127 | ||
4128 | * More edge cases in which dynamic addition of Freelance root.afs | |
4129 | entries would get the wrong FID or where the root.afs directory | |
4130 | would not be refreshed. | |
4131 | ||
4132 | * Buffer overflow could occur if the workstation cell name was longer | |
4133 | than 64 characters. Crashes could occur in afscreds.exe, | |
4134 | afslogon.dll, and afsd_service.exe. | |
4135 | ||
4136 | * VNOSERVICE and VOFFLINE errors were leaking and were exposed to the | |
4137 | smb client. | |
4138 | ||
4139 | * Log file server uuid values as part of the cm_server object when | |
4140 | available. Dump the cm_server object list in response to "fs | |
4141 | memdump". | |
4142 | ||
4143 | * Optimize the performance of resetting access control lists when | |
4144 | tokens are set or removed. | |
4145 | ||
4146 | * Remove symlink recursion tests and increase max symlink count to 64 | |
4147 | from 16. | |
4148 | ||
4149 | * Windows specific Rx performance improvements. | |
4150 | ||
4151 | * Support for Network Identity Manager 2.0 | |
4152 | ||
4153 | All UNIX client platforms | |
4154 | ||
4155 | * Avoid issues with freeing resources at shutdown. | |
4156 | ||
4157 | * Numerous fixes to disconnected AFS. | |
4158 | ||
4159 | * Disconnected AFS fixes for replaying changes without double-freeing. | |
4160 | ||
4161 | * Attempt to use krb524 principal conversion in aklog if available. | |
4162 | ||
4163 | AIX | |
4164 | ||
4165 | * Kerberos configuration at build time corrected. | |
4166 | ||
4167 | Linux | |
4168 | ||
4169 | * Default to dynamic allocation of AFS kernel cache entries to allow | |
4170 | growth for inotify()-pinned entries. (beagle, famd, etc) | |
4171 | ||
4172 | * Change client truncation routines to avoid locking issues. | |
4173 | ||
4174 | * IA64 port clients fixed on Linux 2.6. | |
4175 | ||
4176 | * RPMs now install fstrace message catalog. | |
4177 | ||
4178 | * Support through kernel 2.6.29 tested. | |
4179 | ||
4180 | * Fix locking issues on CellServDB file in /proc. | |
4181 | ||
4182 | OpenBSD | |
4183 | ||
4184 | * Support OpenBSD 4.4 | |
4185 | ||
4186 | ||
4187 | OpenAFS 1.5.57 (2009-01-23) | |
4188 | ||
4189 | All platforms | |
4190 | ||
4191 | * Conditional compilation of rxdebug support is now possible. | |
4192 | ||
4193 | * Documentation updates. | |
4194 | ||
4195 | * Further race connditions in Rx have been corrected. | |
4196 | ||
4197 | All server platforms | |
4198 | ||
4199 | * Salvager no longer attempts to recreate headers in the wrong | |
4200 | partition. | |
4201 | ||
4202 | * Volumes are properly marked in use on creation and subsequently on | |
4203 | examination with vos. | |
4204 | ||
4205 | Microsoft Windows | |
4206 | ||
4207 | * Undo the "UAC manifest fix" applied to afs_config.exe. | |
4208 | ||
4209 | * Ensure that Freelance allocation of vnodes follow the AFS convention | |
4210 | of odd vnodes are directories and everything else is an even vnode. | |
4211 | ||
4212 | * Add Freelance logic to mount point and symlink evaluation functions. | |
4213 | ||
4214 | * Enhance smb_ParseASCIIBlock() so that it can handle all of the | |
4215 | STRING formats defined by the CIFS Technical Report 1.0. | |
4216 | ||
4217 | * Validate the output of smb_ParseASCIIBlock() in all callers. Return | |
4218 | CM_ERROR_BADSMB if the STRING field cannot be parsed. | |
4219 | CM_ERROR_BADSMB will cause the contents of the packet to be logged. | |
4220 | ||
4221 | * If multiple SMB Raw Write operations were taking place at the same | |
4222 | time, there could be data corruption because unique event objects | |
4223 | were not generated for each Netbios receive operation. | |
4224 | ||
4225 | All UNIX client platforms | |
4226 | ||
4227 | * Userspace AFS library can now deal with large files when supported | |
4228 | by the platform. | |
4229 | ||
4230 | * Numerous updates to disconnected AFS support, including changes to | |
4231 | allow reconnection to work in more circumstances. | |
4232 | ||
4233 | FreeBSD | |
4234 | ||
4235 | * FreeBSD unstrategy code has been updated. | |
4236 | ||
4237 | Linux | |
4238 | ||
4239 | * A race during file truncation has been corrected. | |
4240 | ||
4241 | * System call probing routines have been updated. | |
4242 | ||
4243 | * 2.6.29 is now supported. | |
4244 | ||
4245 | MacOS | |
4246 | ||
4247 | * 10.3 support has been corrected. | |
4248 | ||
4249 | OpenBSD | |
4250 | ||
4251 | * Initial OpenBSD 4.4 support. | |
4252 | ||
4253 | Solaris | |
4254 | ||
4255 | * Updates to allow compiling on newer OpenSolaris are now included. | |
4256 | ||
4257 | ||
4258 | OpenAFS 1.5.56 (2008-12-30) | |
4259 | ||
4260 | All platforms | |
4261 | ||
4262 | * libuafs (userspace cache manager) updated to correct several errors. | |
4263 | ||
4264 | * Additional rx debugging support is available as a conditional | |
4265 | compile. | |
4266 | ||
4267 | * A race condition in Rx leading to a panic has been corrected. | |
4268 | ||
4269 | * Rx idle time tracking has been corrected. | |
4270 | ||
4271 | * ubik clone server support has been corrected. | |
4272 | ||
4273 | All server platforms | |
4274 | ||
4275 | * Salvager no longer leaves cores in vice partitions. | |
4276 | ||
4277 | * The vol-dump tool now supports dumps larger than 2gb where possible. | |
4278 | ||
4279 | * Operations on multiple files now report all FIDs in the audit log. | |
4280 | ||
4281 | * butc XBSA support now works correctly on amd64. | |
4282 | ||
4283 | Microsoft Windows | |
4284 | ||
4285 | * The NetIDMgr AFS Provider automated configuration logic was broken | |
4286 | by the introduction of Kerberos referrals. If the realm of the | |
4287 | identity cannot be determined, the workstation cell is now assumed | |
4288 | to belong to the newly created identity. | |
4289 | ||
4290 | * Avoid a reference count under flow during rename operations. | |
4291 | ||
4292 | * Avoid a crash caused by treating an arbitrary length directory | |
4293 | search mask as an 8.3 mask. | |
4294 | ||
4295 | * Prevent rename operations if a case insensitive match for the target | |
4296 | name already exists and does not refer to the object being renamed. | |
4297 | ||
4298 | * Increase the maximum number of background daemons to 64. | |
4299 | ||
4300 | * Fix the UAC manifest applied to afs_config.exe | |
4301 | ||
4302 | All UNIX client platforms | |
4303 | ||
4304 | * Updates to disconnected AFS support. | |
4305 | ||
4306 | FreeBSD | |
4307 | ||
4308 | * FreeBSD 7.1 is now supported. | |
4309 | ||
4310 | * amd64 FreeBSD is now supported. | |
4311 | ||
4312 | Linux | |
4313 | ||
4314 | * Generic fh (exportfs API) cache type is now available. | |
4315 | ||
4316 | * Avoid some oopses due to backing_dev_info inode fields not being | |
4317 | filled. | |
4318 | ||
4319 | * 2.6.28 is now supported. | |
4320 | ||
4321 | MacOS | |
4322 | ||
4323 | * 10.3 support has been corrected. | |
4324 | ||
4325 | Solaris | |
4326 | ||
4327 | * Large partition support has been corrected. | |
4328 | ||
4329 | * Filesystem-agnostic cache is now available on Solaris 10 and 11. | |
4330 | ||
4331 | ||
4332 | OpenAFS 1.5.55 (2009-11-10) | |
4333 | ||
4334 | All platforms | |
4335 | ||
4336 | * Salvager avoids leaving core files in vice partitions. | |
4337 | ||
4338 | * NFS translator fixes. | |
4339 | ||
4340 | * Unresponsive server handling fixes. | |
4341 | ||
4342 | * A volserver race which could result in duplicate transactions is | |
4343 | fixed. | |
4344 | ||
4345 | Microsoft Windows | |
4346 | ||
4347 | * Fixes a panic caused by corruption of the SMB virtual circuit list. | |
4348 | (race condition) | |
4349 | ||
4350 | * Fixes a panic caused by receipt of a UTF-16 string that cannot be | |
4351 | converted to UTF-8. | |
4352 | ||
4353 | * Implements a more aggressive recovery algorithm for Netbios errors | |
4354 | that result in loss of communication to the AFS SMB server. | |
4355 | ||
4356 | * Improve pioctl response time when testing whether or not a PATH is | |
4357 | in AFS. | |
4358 | ||
4359 | * Adds support for linked cells. | |
4360 | ||
4361 | * Increases the length of the cell and realm names that can be input | |
4362 | into the Network Identity Manage AFS provider configuration dialog. | |
4363 | ||
4364 | All UNIX client platforms | |
4365 | ||
4366 | * Disconnected AFS avoids infinite recursion during rmdir. | |
4367 | ||
4368 | Linux | |
4369 | ||
4370 | * Support for 2.6.28 (not complete for NFS translator modules). | |
4371 | ||
4372 | * Support for using exportfs API for filesystem-agnostic cache. | |
4373 | ||
4374 | * Disable backing store readahead. | |
4375 | ||
4376 | * Avoid deadlocks when writing back mmapped files larger than the | |
4377 | cache. | |
4378 | ||
4379 | * Avoid Oops when doing PAG garbage collection. | |
4380 | ||
4381 | ||
4382 | OpenAFS 1.5.54 (2008-10-08) | |
4383 | ||
4384 | All platforms | |
4385 | ||
4386 | * Updates for new Tivoli X/Open API finding. | |
4387 | ||
4388 | * A double-free is corrected in Rx. | |
4389 | ||
4390 | All server platforms | |
4391 | ||
4392 | * Ubik cleans up file descriptor cache correctly when doing recovery. | |
4393 | ||
4394 | * Enhanced vldb error checker included. | |
4395 | ||
4396 | Microsoft Windows | |
4397 | ||
4398 | * Prevent a crash that could occur when multiple file / directory | |
4399 | change notifications are processed simultaneously. | |
4400 | ||
4401 | MacOS | |
4402 | ||
4403 | * AFS claims more free space so Finder will attempt file copies. | |
4404 | ||
4405 | Linux | |
4406 | ||
4407 | * Avoid spurious ENOENT when calling gwtcwd() on a volume root. | |
4408 | ||
4409 | * Avoid spurious ENOTDIR during fakestat. | |
4410 | ||
4411 | ||
4412 | OpenAFS 1.5.53 (2008-09-26) | |
4413 | ||
4414 | All platforms | |
4415 | ||
4416 | * rx avoids many packet leaks. | |
4417 | ||
4418 | * rx jumbogram disabling now works (and is the default). | |
4419 | ||
4420 | All server platforms | |
4421 | ||
4422 | * Demand Attach fileserver tries to avoid issues tracking offline | |
4423 | status of volumes. | |
4424 | ||
4425 | Microsoft Windows | |
4426 | ||
4427 | * Many potential deadlock conditions due to out of order lock | |
4428 | acquisitions have been corrected. | |
4429 | ||
4430 | * A race condition resulting in an undercount on the cm_scache_t | |
4431 | reference counts has been corrected. | |
4432 | ||
4433 | * An empty string when sent as an ioctl path is now properly | |
4434 | interpreted as meaning the current directory. This affects "fs | |
4435 | lsm", "symlink list", etc. | |
4436 | ||
4437 | * Fix smb string parsing differences where the smb protocol | |
4438 | documentation does not match the actual Windows implementation. | |
4439 | ||
4440 | * Random access denied errors fixed. | |
4441 | ||
4442 | * A file server lock synchronization issue was corrected in SMB | |
4443 | NTCreateX and NTTranCreate operations. This bug prevented properly | |
4444 | operation when loading roaming profiles. | |
4445 | ||
4446 | * Fix a heap overwrite error during server probe operations if a new | |
4447 | server is added while a probe operation is in progress. | |
4448 | ||
4449 | * Fix an LSA memory leak that was the result of an LSA error. | |
4450 | ||
4451 | * Do not leak cm_cell_t objects if the VLDB server lookup fails. | |
4452 | ||
4453 | * Only initialize rx mutex/lock objects once. | |
4454 | ||
4455 | * Do not nul terminate the AFS volume name when reported to Windows. | |
4456 | ||
4457 | * Improve VNOVOL error handling. Prevent updated vl information from | |
4458 | being destroyed immediately after it was acquired. This bug | |
4459 | prevented proper fail over when volumes are moved or removed from a | |
4460 | server. | |
4461 | ||
4462 | * Remove volume id from the server volume list in response to VMOVED | |
4463 | and VNOVOL errors. | |
4464 | ||
4465 | * "fs flushXXX" commands now destroy locally built B+ directory trees. | |
4466 | ||
4467 | * Prevent mixture of locally modified directory pages and file server | |
4468 | directory pages. | |
4469 | ||
4470 | * Fail over to alternate vl servers if a ubik error is returned. | |
4471 | ||
4472 | All UNIX client platforms | |
4473 | ||
4474 | * Disconnected AFS now supports read-write mode. | |
4475 | ||
4476 | * volserver now builds correctly. | |
4477 | ||
4478 | AIX | |
4479 | ||
4480 | * AIX 6 is now supported. | |
4481 | ||
4482 | FreeBSD | |
4483 | ||
4484 | * FreeBSD 7 is now supported. | |
4485 | ||
4486 | Linux | |
4487 | ||
4488 | * cache bypass is now supported. | |
4489 | ||
4490 | * 2.6.x kmod compilation now uses kernel compile options always. | |
4491 | ||
4492 | * Support through 2.6.27. | |
4493 | ||
4494 | MacOS | |
4495 | ||
4496 | * Show more space free so Finder doesn't get confused. | |
4497 | ||
4498 | Solaris 10 | |
4499 | ||
4500 | * Default to namei rather than inode. | |
4501 | ||
4502 | ||
4503 | OpenAFS 1.5.52 (2008-08-18) | |
4504 | ||
4505 | All platforms | |
4506 | ||
4507 | * Initialize volume updateDate at volume creation. | |
4508 | ||
4509 | * Avoid potential corruption of directories during salvage. | |
4510 | ||
4511 | * Check for out of memory condition during allocation of additional Rx | |
4512 | packets. | |
4513 | ||
4514 | Microsoft Windows | |
4515 | ||
4516 | * Restore support for Windows 2000 (broken in 1.5.50). | |
4517 | ||
4518 | * Perform additional validation on volume names in mount points during | |
4519 | creation and evaluation. | |
4520 | ||
4521 | * Fix several deadlocks, races, and reference count issues. | |
4522 | ||
4523 | * Further optimize SMB Directory Search processing and minimize the | |
4524 | number of InlineBulkStatus RPCs sent to the file server. | |
4525 | ||
4526 | * Enable "bos restricted" operations. | |
4527 | ||
4528 | * Fix the create of submounts used by the AFSCreds and afs_config | |
4529 | drive mapping tabs. | |
4530 | ||
4531 | * Fix a short name truncation bug. (1.5.50) | |
4532 | ||
4533 | * Fix the error code reported when attempting to delete a file on a | |
4534 | readonly volume or one that is marked with the readonly DOS | |
4535 | attribute. | |
4536 | ||
4537 | * Fix a heap corruption error when reading the CellServDB file | |
4538 | location. | |
4539 | ||
4540 | * Add the "RxUdpBufSize" registry value. The new default is 256KB. | |
4541 | ||
4542 | * Do not include trailing NULs in the directory search output. | |
4543 | (1.5.50) | |
4544 | ||
4545 | * Pre-allocate 64 Rx Packet buffers per thread in order to improve | |
4546 | performance. | |
4547 | ||
4548 | * For debugging: add smb lock requests and stat cache lock allocations | |
4549 | to the output from "fs memdump". | |
4550 | ||
4551 | NetBSD | |
4552 | ||
4553 | * Workaround broken sigwait() to allow fileserver to shut down | |
4554 | correctly pre NetBSD 5.0. | |
4555 | ||
4556 | Solaris 10 | |
4557 | ||
4558 | * Default to namei fileserver; Allow inode fileserver at configure | |
4559 | time by override. | |
4560 | ||
4561 | NFS translator | |
4562 | ||
4563 | * Try harder to avoid kernel panics for malformed requests. | |
4564 | ||
4565 | ||
4566 | OpenAFS 1.5.51 (2008-07-29) | |
4567 | ||
4568 | All platforms | |
4569 | ||
4570 | * salvager tries harder to arrange for clients to get VBUSY while | |
4571 | salvaging single volumes. | |
4572 | ||
4573 | * salvager avoids certain corruption when salvaging directories. | |
4574 | ||
4575 | * Rx connection clones disabled. | |
4576 | ||
4577 | Microsoft Windows | |
4578 | ||
4579 | * The 32-bit EXE 1.5.50 installer failed to properly install the C | |
4580 | Runtime library. When used as an upgrade OpenAFS would continue to | |
4581 | work but when used as a new installation, OpenAFS binaries would | |
4582 | fail to load. | |
4583 | ||
4584 | * Fixes the "fs" and "symlink" commands to properly parse Unicode path | |
4585 | prefixes during the pioctl remote procedure call. This bug would | |
4586 | result in file not found errors for files and directories that | |
4587 | clearly exist. (Bug introduced in 1.5.50) | |
4588 | ||
4589 | * Large File support is disabled. (Bug introduced in 1.5.50) | |
4590 | ||
4591 | * Removes the possibility of a deadlock during volume location update | |
4592 | operation if all of the reported file servers are unreachable at the | |
4593 | time of the update. | |
4594 | ||
4595 | * Ensures that reference counts are properly incremented/decremented | |
4596 | on Rx connection objects used for volume location RPCs. | |
4597 | ||
4598 | * Over Quota errors during cm_FSync() calls would lead to an infinite | |
4599 | loop as the error was never propagated to the caller. | |
4600 | ||
4601 | All UNIX client platforms | |
4602 | ||
4603 | * Bugfixes to disconnected AFS support in the cache manager. | |
4604 | ||
4605 | ||
4606 | OpenAFS 1.5.50 (2008-07-16) | |
4607 | ||
4608 | All platforms | |
4609 | ||
4610 | * volserver puts recloned volumes back online before returning the | |
4611 | volume to the fileserver, avoiding spurious VNOVOL errors. | |
4612 | ||
4613 | * Updated TSM X/Open API support available. | |
4614 | ||
4615 | * Demand Attach fileserver will not crash due to accesses during | |
4616 | volume cloning. | |
4617 | ||
4618 | * Substantial documentation updates. | |
4619 | ||
4620 | * Demand Attach fileserver state tracking and analyzer tool | |
4621 | improvements. | |
4622 | ||
4623 | * UAFS userspace cachemanager updates. | |
4624 | ||
4625 | * Corrected support for anti-meltdown protection in the client. | |
4626 | ||
4627 | Microsoft Windows | |
4628 | ||
4629 | * UNICODE Character Set Support. | |
4630 | ||
4631 | * Pioctl interfaces to the cache manager have been refactored to | |
4632 | provide layering between the SMB specific code and the general | |
4633 | purpose ioctl operation. | |
4634 | ||
4635 | * Garbage collect dead SMB virtual circuits as soon as they are no | |
4636 | longer being referenced. This avoids problems with outstanding | |
4637 | locks not being dropped when the virtual circuit becomes invalid. | |
4638 | ||
4639 | * Remove the IBM Administration Reference documentation and replace it | |
4640 | with the OpenAFS Command Reference Manual. | |
4641 | ||
4642 | * Avoid calling rx_SetDeadTime and rx_SetHardDeadTime functions each | |
4643 | time a connection is about to be used. Do not hold a lock on the rx | |
4644 | connection object while it is being selected. This avoids a race | |
4645 | between threads attempting to set the timeout values and removes a | |
4646 | bottleneck that was hampering performance. | |
4647 | ||
4648 | * Ensure that the smb directory attribute is set for all directory | |
4649 | objects. | |
4650 | ||
4651 | * Replace the VC Runtime EXE installer with the MSI installer in the | |
4652 | NSIS installer scripts. | |
4653 | ||
4654 | Solaris | |
4655 | ||
4656 | * Support for updates to OpenSolaris. | |
4657 | ||
4658 | Linux | |
4659 | ||
4660 | * Correct dentry revalidation for cross-directory renames. | |
4661 | ||
4662 | * Updated rpm packaging materials for 1.5 release series and 2.4 | |
4663 | kernels. | |
4664 | ||
4665 | * Corrected syscall table probing. | |
4666 | ||
4667 | * NFS translator updates for current kernels. | |
4668 | ||
4669 | ||
4670 | OpenAFS 1.5.39 (2008-06-24) | |
4671 | ||
4672 | All platforms | |
4673 | ||
4674 | * Updates for Demand Attach fileserver. | |
4675 | ||
4676 | Microsoft Windows | |
4677 | ||
4678 | * Fix two memory leaks. | |
4679 | ||
4680 | * Fix one missing lock. | |
4681 | ||
4682 | * Handle access denied errors when writing dirty buffers. | |
4683 | ||
4684 | * Fix two errors that would cause the *experimental* AFS Servers | |
4685 | to crash. | |
4686 | ||
4687 | ||
4688 | OpenAFS 1.5.38 (2008-05-24) | |
4689 | ||
4690 | All platforms | |
4691 | ||
4692 | * Add read-only disconnected support. | |
4693 | ||
4694 | ||
4695 | OpenAFS 1.5.37 (2008-05-21) | |
4696 | ||
4697 | All platforms | |
4698 | ||
4699 | * Includes a number of optimizations for testing. | |
4700 | ||
4701 | ||
4702 | OpenAFS 1.5.36 (2008-05-09) | |
4703 | ||
4704 | All platforms | |
4705 | ||
4706 | * Rx optimizations now attempt to deal with high latency WANs. | |
4707 | ||
4708 | * Client will not wait infinitely for a server which is not providing | |
4709 | data. Additional servers will be polled without marking the server | |
4710 | which is not providing data down. | |
4711 | ||
4712 | * vos move will not erroneously unlock locked vldb entries on failure. | |
4713 | ||
4714 | All server platforms | |
4715 | ||
4716 | * Fileserver avoids a potential infinite loop when a client | |
4717 | relinquishes an address. | |
4718 | ||
4719 | * Fileserver large setting now configures more threads. | |
4720 | ||
4721 | * Fileserver properly registers uuids of new clients. | |
4722 | ||
4723 | * Ubik servers do not improperly hide updates from clients. | |
4724 | ||
4725 | * Fileservers reserve enough file descriptors such that each thread | |
4726 | can cache one to avoid spurious errors. | |
4727 | ||
4728 | Microsoft Windows | |
4729 | ||
4730 | * Fix a cm_buf_t reference count leak when attempts to write dirty | |
4731 | buffers to the file server from within cm_IncrSyncer() fail. | |
4732 | ||
4733 | * Prevent udebug from crashing. | |
4734 | ||
4735 | * Another VNOVNODE issue fixed. When writing a dirty buffer to the | |
4736 | file server, if VNOVNODE is received, mark all buffers as invalid | |
4737 | without further attempts to contact the file server. | |
4738 | ||
4739 | ||
4740 | OpenAFS 1.4.12 | |
4741 | ||
4742 | All client systems: Major bugfixes. | |
4743 | File servers: Major bugfixes. | |
4744 | ||
4745 | * New functionality: | |
4746 | ||
4747 | All systems: | |
4748 | ||
4749 | - Provide portable (pioctl) method for discovering what PAG a user is | |
4750 | in. Required to support userspace PAG information collection on AIX | |
4751 | 5.1, and knowing whether Linux uses one group, two group, or only | |
4752 | keyring based PAGs. (124709) | |
4753 | ||
4754 | * Bugfixes: | |
4755 | ||
4756 | All systems: | |
4757 | ||
4758 | - Fixes to avoid issues cleaning up deleted hosts in the fileserver (126454) | |
4759 | ||
4760 | - Fixes to avoid dropping writes due to server idle timeouts. | |
4761 | ||
4762 | - Don't miss cache chunks of large files while truncating. | |
4763 | ||
4764 | - Avoid null pointer dereference for unexpected volume names in volume | |
4765 | utilities. | |
4766 | ||
4767 | - Don't mark connections waiting for additional packet window availability | |
4768 | idle. | |
4769 | ||
4770 | - Kerberos 5 utilities (klog.krb5, aklog) enable weak encryption support. | |
4771 | ||
4772 | - Avoid a double-free of an Rx call structure during a client fetch error. | |
4773 | ||
4774 | - Avoid losing hosts during address changes. (125215) | |
4775 | ||
4776 | - Clients shouldn't trust Fetchdata replies for the size of returned data. | |
4777 | ||
4778 | - fileserver will not hang when attempting to cleanup and dump core. | |
4779 | ||
4780 | - salvager will not leave core files in random directories. | |
4781 | ||
4782 | - avoid letting retransmit timer get to 0 seconds. | |
4783 | ||
4784 | - in event of dbserver contact failure, shut fileserver down cleanly. | |
4785 | ||
4786 | - handle large partitions during check for needed disk space at | |
4787 | client start. | |
4788 | ||
4789 | - time out Rx connections if network unreachable error received. | |
4790 | ||
4791 | - avoid dereferencing NULL pointer freeing Rx packets in receive. (125110) | |
4792 | ||
4793 | - mark stack not executable in LWP. (125491) | |
4794 | ||
4795 | - return a correct VolumeSync structure from Bulkstat RPCs in fileserver. | |
4796 | ||
4797 | - client attempts to better free memory at shutdown. | |
4798 | ||
4799 | - clear rx call queue safely. (125110) | |
4800 | ||
4801 | - retry VLserver registration on failure in fileserver. | |
4802 | ||
4803 | - update accessdate for volumes on access in fileserver. | |
4804 | ||
4805 | - additional safety checks on vlserver operations to avoid | |
4806 | database corruption. | |
4807 | ||
4808 | - make ktc_curpag available on all builds. (125155) | |
4809 | ||
4810 | FreeBSD: | |
4811 | ||
4812 | - Build fixes. | |
4813 | ||
4814 | Linux: | |
4815 | ||
4816 | - Handle kernel changes through 2.6.33. | |
4817 | ||
4818 | - Fix oops in clear_inode due to missed locking. (125589) | |
4819 | ||
4820 | - Better handle /afs mount failures. | |
4821 | ||
4822 | - Clean up after failures creating our kernel kmem cache. | |
4823 | ||
4824 | - Work around memory management issues with some kernels when configuring | |
4825 | the buffer cache/bdi (126514) | |
4826 | ||
4827 | - Rename compile_et to afs_compile_et to avoid RPM conflicts. | |
4828 | ||
4829 | - Handle whole-file locks properly. (126561) | |
4830 | ||
4831 | - Deal with kernel autoconf header renaming. | |
4832 | ||
4833 | - Handle SELinux cache backing file labels better to avoid potential oops. | |
4834 | (92944,125544) | |
4835 | ||
4836 | MacOS: | |
4837 | ||
4838 | - klog now works correctly on 64 bit machines. | |
4839 | ||
4840 | - launchd now used to launch AFS at boot. | |
4841 | ||
4842 | - Preferences pane included for 10.4 and later. | |
4843 | ||
4844 | - Older versions can now be installed from packages. | |
4845 | ||
4846 | - Finder does not trigger bogus AFSDB lookups in /afs in dynroot mode. | |
4847 | ||
4848 | - Include package with debug kernel module symbols. | |
4849 | ||
4850 | OpenBSD: | |
4851 | ||
4852 | - Build fixes. | |
4853 | ||
4854 | - Support for x86_64. | |
4855 | ||
4856 | Solaris: | |
4857 | ||
4858 | - Handle ZFS caches usefully. (125365) | |
4859 | ||
4860 | - Implement additional pathconf support. | |
4861 | ||
4862 | OpenAFS 1.4.11 | |
4863 | ||
4864 | Linux client systems: Major bugfixes. | |
4865 | All client systems: Minor bugfixes. | |
4866 | File servers: Major bugfixes. | |
4867 | ||
4868 | * New functionality: | |
4869 | ||
4870 | All systems: | |
4871 | ||
4872 | - Provide portable (pioctl) method for discovering what PAG a user is | |
4873 | in. Required to support userspace PAG information collection on AIX | |
4874 | 5.1, and knowing whether Linux uses one group, two group, or only | |
4875 | keyring based PAGs. (124709) | |
4876 | ||
4877 | * Bugfixes: | |
4878 | ||
4879 | All systems: | |
4880 | ||
4881 | - Fix bosserver to invoke salvager with "-force" instead of ambiguous | |
4882 | "-f". (124916) | |
4883 | ||
4884 | - Cleanup for ptserver argument parsing to allow debug mode to work. (124893) | |
4885 | ||
4886 | - Sanity checking for ptserver log levels. (124894) | |
4887 | ||
4888 | - Fix for uninitialized memory dereference in klog.krb5. | |
4889 | ||
4890 | - Fix an overflow in the cellconfig code used by client and server. (124891) | |
4891 | ||
4892 | - Fix an erroneous vos verbose mode format string. | |
4893 | ||
4894 | - Avoid losing writes on mmap()ed files when cache is memcache. (124671) | |
4895 | ||
4896 | - Provide an afsd switch to allow override of the maximum MTU. (124880) | |
4897 | ||
4898 | - Provide support for encrypt mode in pts. | |
4899 | ||
4900 | - Fix race in background sync code which could cause volumes to go offline. | |
4901 | (124359) | |
4902 | ||
4903 | - Fix fileserver to avoid a null pointer dereference in client identity | |
4904 | lookup routines. (125020) | |
4905 | ||
4906 | - Improve handling of moves of volumes from 1.5 series fileservers. (18349) | |
4907 | ||
4908 | FreeBSD: | |
4909 | ||
4910 | - UKERNEL build fix. (124681) | |
4911 | ||
4912 | Linux: | |
4913 | ||
4914 | - Allow syscall probing to be disabled by switch to configure at build time. | |
4915 | ||
4916 | - Fix bug in anti-recursion protection for mmap clients. (124627) | |
4917 | ||
4918 | - Avoid a panic caused by changing credentials during VFS operations. (124737) | |
4919 | ||
4920 | - Avoid need for rcu subsystem when unavailable. (124986) | |
4921 | ||
4922 | - Improve keyring PAG setup code. (125001) | |
4923 | ||
4924 | - Avoid possible ext3 cache truncation issues. (124942) | |
4925 | ||
4926 | MacOS: | |
4927 | ||
4928 | - MacOS 10.3 UKERNEL build fix. (124681) | |
4929 | ||
4930 | OpenBSD: | |
4931 | ||
4932 | - Update support for 4.5 (124719) | |
4933 | ||
4934 | OpenSolaris: | |
4935 | ||
4936 | - Updates for newer OpenSolaris kernels. (124116, 124924) | |
4937 | ||
4938 | OpenAFS 1.4.10 | |
4939 | ||
4940 | All client systems: Security fixes. | |
4941 | File servers: Major bugfixes. | |
4942 | All systems: Minor bugfixes. | |
4943 | ||
4944 | * Security fixes: | |
4945 | ||
4946 | All client systems: | |
4947 | ||
4948 | - Avoid a potential kernel memory overrun if more items than requested are | |
4949 | returned from an InlineBulk or BulkStatus message. (124579) | |
4950 | ||
4951 | Linux client systems: | |
4952 | ||
4953 | - Avoid converting negative errors into invalid kernel memory pointers. (124580) | |
4954 | ||
4955 | * Bugfixes: | |
4956 | ||
4957 | AIX: | |
4958 | ||
4959 | - Don't build aklog NAS module when krb5 is not available. (124522) | |
4960 | ||
4961 | FreeBSD: | |
4962 | ||
4963 | - Additional fixes and support. (124107, 123917) | |
4964 | ||
4965 | Linux: | |
4966 | ||
4967 | - Support 2.6.28. (123580) | |
4968 | ||
4969 | - Support 2.6.29. (124115) | |
4970 | ||
4971 | - Attempt to support 2.6.30 (124560) | |
4972 | ||
4973 | - Avoid race during truncation. (124094) | |
4974 | ||
4975 | - Dynamic vcache allocation support, to deal with inotify vcache pinning. (124334) | |
4976 | ||
4977 | - Correct use of truncate_inode_pages to vmtruncate for locking issues. (124128) | |
4978 | ||
4979 | - Update RPM configuration. (123650, 102673, 124272) | |
4980 | ||
4981 | - Update kernel feature detection. (124507, 123604) | |
4982 | ||
4983 | - Do appropriate locking for CellServDB in /proc. (124407) | |
4984 | ||
4985 | MacOS: | |
4986 | ||
4987 | - Fix MacOS 10.3 support. | |
4988 | ||
4989 | - Add candidate Darwin 10 support. | |
4990 | ||
4991 | NetBSD: | |
4992 | ||
4993 | - Corrected NetBSD version tests. (123647) | |
4994 | ||
4995 | OpenBSD: | |
4996 | ||
4997 | - Update support for 4.4 (124541) | |
4998 | ||
4999 | Solaris: | |
5000 | ||
5001 | - Support cache filesystems which do not allow open by inode number, enabled by | |
5002 | default on Solaris 9 and later. (123677) | |
5003 | ||
5004 | - Improve error code return quality. (124426) | |
5005 | ||
5006 | - Allow large partitions on Solaris servers. | |
5007 | ||
5008 | All client systems: | |
5009 | ||
5010 | - Avoid improper error messages about key version when krb5 is in use. (124220) | |
5011 | ||
5012 | - Avoid attempting to free kernel memory which was already freed. (124531) | |
5013 | ||
5014 | - Properly count offline volumes in vos client. (124333) | |
5015 | ||
5016 | All server systems: | |
5017 | ||
5018 | - Avoid 64 bit time issues in callback dump files. (124451) | |
5019 | ||
5020 | - Support more than one local Kerberos realm; Usernames are assumed to be the | |
5021 | same across realms. | |
5022 | ||
5023 | - Ubik recovery is corrected to avoid spurious errors. (123723) | |
5024 | ||
5025 | - Do proper host address hashing for little endian machines in fileserver. (124447) | |
5026 | ||
5027 | - Update backup utility to properly compute header needs in the backup buffer. | |
5028 | (124425) | |
5029 | ||
5030 | - Avoid blocking during Rx unused connection reaping. | |
5031 | ||
5032 | - Avoid leaking file handles in the fileserver when closing a volume. (124359) | |
5033 | ||
5034 | - Fix bosserver corefile naming to be y2k-safe. (124340) | |
5035 | ||
5036 | - Avoid potential infinite loop in deleted host handling in the fileserver. | |
5037 | ||
5038 | - Support large volume dumps in vol-dump. (123984) | |
5039 | ||
5040 | - Build butc XBSA support on 64 bit systems. | |
5041 | ||
5042 | All systems: | |
5043 | ||
5044 | - Properly track Rx connection idleness for timeouts. | |
5045 | ||
5046 | - Additional documentation. (124472) | |
5047 | ||
5048 | - Avoid a race which may result in an in-use Rx packet being freed. (123799) | |
5049 | ||
5050 | OpenAFS 1.4.9 | |
5051 | ||
5052 | All client systems: Security fixes. | |
5053 | ||
5054 | * Security fixes: | |
5055 | ||
5056 | All client systems: | |
5057 | ||
5058 | - Avoid a potential kernel memory overrun if more items than requested are | |
5059 | returned from an InlineBulk or BulkStatus message. (124579) | |
5060 | ||
5061 | Linux client systems: | |
5062 | ||
5063 | - Avoid converting negative errors into invalid kernel memory pointers. (124580) | |
5064 | ||
5065 | OpenAFS 1.4.8 | |
5066 | ||
5067 | File servers: Major bugfixes. | |
5068 | All systems: Minor bugfixes. | |
5069 | ||
5070 | * Bugfixes: | |
5071 | ||
5072 | AIX: | |
5073 | ||
5074 | - AIX 6.1 is now supported. | |
5075 | ||
5076 | - Unpin kernel memory references after free. (99456) | |
5077 | ||
5078 | FreeBSD: | |
5079 | ||
5080 | - FreeBSD 7 is now supported. | |
5081 | ||
5082 | Linux: | |
5083 | ||
5084 | - Avoid deadlock when writing back pages in an mmap()ed file larger than | |
5085 | the cache. (120491) | |
5086 | ||
5087 | - Update process tree walking for PAG garbage collection to avoid oopses. | |
5088 | (116603) | |
5089 | ||
5090 | - fakestat mode now correctly avoids spurious ENOTDIR errors. | |
5091 | ||
5092 | - Use kernel build system for all platforms. | |
5093 | ||
5094 | - Remove openafs directory from proc in correct order. (112910) | |
5095 | ||
5096 | - Handle renames across directories correctly in the linux dcache. (74672) | |
5097 | ||
5098 | - Probe syscall table when possible. (105457) | |
5099 | ||
5100 | - Mount point parsing is now updated to handle only well-formed mount | |
5101 | points rather than similarly-formed symlinks. (113558, 100836) | |
5102 | ||
5103 | - ucontext-style LWP is now anbled for glibc versions newer than 2.3. | |
5104 | ||
5105 | MacOS: | |
5106 | ||
5107 | - Update available space shown. (112910) | |
5108 | ||
5109 | NetBSD: | |
5110 | ||
5111 | - Work around broken SIGWAIT. (111404) | |
5112 | ||
5113 | Solaris: | |
5114 | ||
5115 | - Solaris 10 now defaults to namei fileservers. | |
5116 | ||
5117 | - NFS translator issues fixed. | |
5118 | ||
5119 | - Changes to address Solaris updates. (105495) | |
5120 | ||
5121 | All client systems: | |
5122 | ||
5123 | - udebug correctly displays the last "yes" host. | |
5124 | ||
5125 | - Allow more vldb lookups to be cached in the client. | |
5126 | ||
5127 | - Fix aklog to not be excessively verbose when not requested. | |
5128 | ||
5129 | - Add support for timing out accesses which are not completing in a timely | |
5130 | manner. | |
5131 | ||
5132 | - Properly flag backup volumes being added to the vldb by vos syncvldb. | |
5133 | ||
5134 | All server systems: | |
5135 | ||
5136 | - fileserver "large" setting now implies 128 threads instead of 12. | |
5137 | ||
5138 | - fileserver check for duplicate uuids is now applied correctly. | |
5139 | ||
5140 | - Newer xbsa APIs are supported for TSM integration in butc. | |
5141 | ||
5142 | - salvager avoids corrupting length of directory objects. (111585, 107767) | |
5143 | ||
5144 | - volserver avoids a race during volume release so a volume will not | |
5145 | appear to be offline. (107258) | |
5146 | ||
5147 | - Add support for returning errors when accesses are not completing | |
5148 | in a timely manner. | |
5149 | ||
5150 | - Avoid potential race in the volserver when creating transactions. (121263) | |
5151 | ||
5152 | - Return sensible error when a release or restore exhausts server | |
5153 | resources. (121040) | |
5154 | ||
5155 | - volserver now returns EXDEV if a new replica would duplicate one which | |
5156 | already existed elsewhere on the server. | |
5157 | ||
5158 | - Disable jumbograms by default. | |
5159 | ||
5160 | - volserver updates a volume's updateDate on volume creation. (110943) | |
5161 | ||
5162 | - Partitions over 2tb are now supported. (88811) | |
5163 | ||
5164 | All systems: | |
5165 | ||
5166 | - Re-enable Rx client keepalives. (20727) | |
5167 | ||
5168 | - Support autoconf 2.62. (118058) | |
5169 | ||
5170 | - Update Rx to avoid leaking packets. | |
5171 | ||
5172 | - vos supports the -noresolve options to avoid issues with 127.0.0.1 being | |
5173 | named in /etc/hosts. | |
5174 | ||
5175 | - Additional documentation. (104110) | |
5176 | ||
5177 | OpenAFS 1.4.7 | |
5178 | ||
5179 | File servers: Major bugfixes. | |
5180 | All systems: Minor bugfixes. | |
5181 | ||
5182 | * Bugfixes: | |
5183 | ||
5184 | AIX: | |
5185 | ||
5186 | - Kerberos as included in AIX has missing symbols. AFS krb5 tools now | |
5187 | deal correctly. | |
5188 | ||
5189 | - AIX LAM aklog plugin can now be used CDE screenlocker. | |
5190 | ||
5191 | - Add support for getting the current PAG in pagsh and PAM. | |
5192 | ||
5193 | - Avoid sending a terminal hangup to STREAMS in aklog. | |
5194 | ||
5195 | - Fix afsdb support in the client. | |
5196 | ||
5197 | Linux: | |
5198 | ||
5199 | - Kernels through 2.6.25 are now supported. (77370,88000,83716,83890,80463) | |
5200 | ||
5201 | - Client now only hashes dirty inodes. (78544) | |
5202 | ||
5203 | - Fix to avoid returning invalid mount point data when -fakestat-all is in use. | |
5204 | (93898) | |
5205 | ||
5206 | - RPM build system updates. (93616) | |
5207 | ||
5208 | - Restored write-on-close-or-fsync semantics when possible. (17509) | |
5209 | ||
5210 | - Enabled support for flock() on files in AFS. (53457) | |
5211 | ||
5212 | - ARM Linux now supported. | |
5213 | ||
5214 | - Kernel keyring support updated. | |
5215 | ||
5216 | - Fix client-displayed timestamp ordering by zeroing nanosecond field. | |
5217 | ||
5218 | MacOS: | |
5219 | ||
5220 | - Boot time init script now uses afs.conf to store config options. (81825) | |
5221 | ||
5222 | - Avoid kernel panic due to excessive lock tracking when removing files. | |
5223 | ||
5224 | - Avoid leaking kernel memory when trying to read() a directory. | |
5225 | ||
5226 | Solaris: | |
5227 | ||
5228 | - Avoid potential kernel panic if the root vnode of AFS changes. | |
5229 | ||
5230 | - Avoid potential kernel panic when shutting down if contracts are in use. | |
5231 | ||
5232 | - Avoid potential delays when creating new PAGs if the system clock | |
5233 | has gone backwards. | |
5234 | ||
5235 | All client systems: | |
5236 | ||
5237 | - At client shutdown, try harder to clean up in-use resources. (74479) | |
5238 | ||
5239 | - When fakestat is in use, enable optimization for Gnome Nautilus lookups. | |
5240 | ||
5241 | - Properly hold lock when updating disk cache metadata to avoid | |
5242 | kernel panic. (59136) | |
5243 | ||
5244 | - Avoid wrapping to the start of a file when attempting to write a large file | |
5245 | to a pre-largefile fileserver. (73720) | |
5246 | ||
5247 | All server systems: | |
5248 | ||
5249 | - Fixed to avoid truncating ubik databases during recovery. (77183) | |
5250 | ||
5251 | - fileserver issue with internal file cache filling has been fixed. (87977) | |
5252 | ||
5253 | - fileserver thread quota enforcement now done in all cases. (87416) | |
5254 | ||
5255 | - fileserver avoids potential network-related deadlock when breaking | |
5256 | callbacks. | |
5257 | ||
5258 | - fileserver avoids crash due to race of resource creation and user requests | |
5259 | at startup. | |
5260 | ||
5261 | - fileserver avoids crash when reinitializing Ubik connections. | |
5262 | ||
5263 | - volserver fixed to avoid leaving orphaned files during restore. (46937) | |
5264 | ||
5265 | - volserver now supports convertROtoRW for inode fileservers. | |
5266 | ||
5267 | - Support disabling kerberos 4 style username protection in servers. (75101) | |
5268 | ||
5269 | All systems: | |
5270 | ||
5271 | - Fix to butc to avoid crash due to threaded library variant. | |
5272 | ||
5273 | - Fix to avoid network retransmission issues if the system clock goes | |
5274 | backwards. | |
5275 | ||
5276 | - vos syncvldb and syncserver now support a dryrun (do nothing) mode. | |
5277 | ||
5278 | - vos addsite now supports adding a site where a replica is already | |
5279 | available. | |
5280 | ||
5281 | - vos clone now supports creating properly-named readonly and backup clones. | |
5282 | ||
5283 | - vos restore now allows an older copy of a volume at an alternate site to | |
5284 | not be removed. | |
5285 | ||
5286 | - cmdebug now supports dumping a client's CellServDB. | |
5287 | ||
5288 | - cmdebug now supports showing human-readable expiration times. | |
5289 | ||
5290 | - aklog now handles Kerberos referrals. | |
5291 | ||
5292 | - Additional documentation now included. (89288,89289,86677) | |
5293 | ||
5294 | OpenAFS 1.4.6 | |
5295 | ||
5296 | All systems: Major bugfixes. | |
5297 | ||
5298 | * Bugfixes: | |
5299 | ||
5300 | All systems: | |
5301 | ||
5302 | - fileserver host tracking code had a missing lock on a host structure; | |
5303 | that lock has been added. | |
5304 | ||
5305 | - fileserver handling for clients which are giving up callbacks did not | |
5306 | hold a lock, making it unsafe and allowing clients to potentially | |
5307 | crash the server by racing. | |
5308 | ||
5309 | - fileserver will now leave a corefile when it is doing a shutdown due | |
5310 | to error conditions. | |
5311 | ||
5312 | - fileserver again allows ufs as a valid filesystem type (regression in 1.4.5). | |
5313 | ||
5314 | - cbd handler for fileserver status data has an interpretation error which | |
5315 | could cause crashes corrected. | |
5316 | ||
5317 | - fileserver accurately tracks number of callbacks on a given file. | |
5318 | ||
5319 | OpenAFS 1.4.5 | |
5320 | ||
5321 | All systems: Minor bugfixes. | |
5322 | New systems: MacOS 10.5. | |
5323 | ||
5324 | All systems: | |
5325 | ||
5326 | - fileserver address tracking is improved to avoid potentially merging | |
5327 | unrelated hosts. | |
5328 | ||
5329 | - Documentation updates. | |
5330 | ||
5331 | - namei fileserver now does fsync()s in background batches for performance | |
5332 | improvements. | |
5333 | ||
5334 | - Kerberos ticket support corrected in bundled Kerberos 4 utilities on 64 | |
5335 | bit platforms. | |
5336 | ||
5337 | - fileserver includes limited per-host thread quota support to avoid | |
5338 | resource starvation. | |
5339 | ||
5340 | - fileserver deals with more damaged volumes without asserting. | |
5341 | ||
5342 | - vos validates dumpfiles before attempting restores. | |
5343 | ||
5344 | - vos clone will no longer potentially delete the parent volume. | |
5345 | ||
5346 | - Client no longer permits empty UUID to be created. | |
5347 | ||
5348 | - fs uuid command for checking, regenerating UUID added. | |
5349 | ||
5350 | - Updates for gcc 4.2. | |
5351 | ||
5352 | - fileserver treats w (write) permission as granting read lock permission | |
5353 | in addition to write. | |
5354 | ||
5355 | AIX: | |
5356 | ||
5357 | - Bundled NAS Kerberos is now supported. (5.x) | |
5358 | ||
5359 | - LAM aklog module is provided. (5.x) | |
5360 | ||
5361 | - Associate cache files with correct filesystem to avoid snapshots when | |
5362 | performing maintenance on local filesystems. | |
5363 | ||
5364 | Irix: | |
5365 | ||
5366 | - Makefile updates. | |
5367 | ||
5368 | Linux: | |
5369 | ||
5370 | - Kernels throigh 2.6.23 are known to work. | |
5371 | ||
5372 | - Updates to syscall table probing. | |
5373 | ||
5374 | - Bug fix in keyring PAG support to avoid oops. | |
5375 | ||
5376 | - updated sample RPM configuration. | |
5377 | ||
5378 | - sparc32 lwp support updated. | |
5379 | ||
5380 | - Avoid potential oops in symlink support in certain older kernels. | |
5381 | ||
5382 | - Avoid potential deadlock during vmalloc. | |
5383 | ||
5384 | - Corrected locking while interacting with kernel task list. | |
5385 | ||
5386 | MacOS: | |
5387 | ||
5388 | - Several panics fixed, including remove_fsref. (10.4 and later) | |
5389 | ||
5390 | - IP address changes now tracked. | |
5391 | ||
5392 | - Corrected support for dropboxes (li access without r) with cp and Finder. | |
5393 | ||
5394 | - fstrace and ancillary files now included. | |
5395 | ||
5396 | - man pages are now installed in the default MANPATH. | |
5397 | ||
5398 | - Servers will be timed out quickly if there is no route available. | |
5399 | ||
5400 | - Temporary files from remove-while-busy now cleaned up correctly. | |
5401 | ||
5402 | Solaris: | |
5403 | ||
5404 | - Updates to accomodate kernel interface changes. (10u4 and later) | |
5405 | ||
5406 | - knfs and NFS translator support updated. | |
5407 | ||
5408 | - Changes to accomodate version 5.4 xbsa library. | |
5409 | ||
5410 | - Updates for new SunStudio defaults. | |
5411 | ||
5412 | OpenAFS 1.4.2 | |
5413 | ||
5414 | All systems: Major bugfixes. | |
5415 | ||
5416 | * Bugfixes: | |
5417 | ||
5418 | All systems: | |
5419 | ||
5420 | * A bug in the namei volserver which could erroneously make a replicated or | |
5421 | moved volume go offline has been fixed. | |
5422 | ||
5423 | * Volume package users (fileserver, volserver, salvager) avoid using lockf to | |
5424 | avoid leaking byte range locks on volume internal files. | |
5425 | ||
5426 | MacOS 10.4: | |
5427 | ||
5428 | * A bug where the client kernel module could free stack memory (which caused | |
5429 | issues with 64 bit Intel most commonly) has been fixed. | |
5430 | ||
5431 | Linux: | |
5432 | ||
5433 | * A missing kernel feature test has been fixed. | |
5434 | ||
5435 | * group based PAG support is still enabled when possible. | |
5436 | ||
5437 | * ia32 syscall table support for amd64 has build fixes for modern kernels. | |
5438 | ||
5439 | Solaris: | |
5440 | ||
5441 | * fopen() is not safe for use with more than 255 file descriptors open; | |
5442 | Emulate it in the afsconf package so afsconf can be used in the fileserver. | |
5443 | ||
5444 | Windows: | |
5445 | ||
5446 | * DNS registration is disabled for the loopback adapter, and we make sure | |
5447 | Netbios is turned on. | |
5448 | ||
5449 | Since 1.4.1: | |
5450 | ||
5451 | All platforms: | |
5452 | * Remove use of ubik_Call in the source code so prototypes are used. | |
5453 | ||
5454 | * Avoid synchrony in call from the fileserver to the ptserver. | |
5455 | ||
5456 | * Fix a bug in the backup suite when restoring. | |
5457 | ||
5458 | * fileserver and volserver now log for error conditions which may cause | |
5459 | exiting. | |
5460 | ||
5461 | * rx avoids a stack overrun when more packets are needed. | |
5462 | ||
5463 | * volserver avoids holding a lock too long when purging volumes. | |
5464 | ||
5465 | * volserver lock initialization fixes | |
5466 | ||
5467 | * volserver volume nuke fixes to avoid leaving files behind | |
5468 | ||
5469 | * fileserver avoids error when authenticating ptserver requests | |
5470 | ||
5471 | * fileserver no longer crashes when GetCPS fails | |
5472 | ||
5473 | * salvager enhancements to deal better with corrupt volumes for namei | |
5474 | ||
5475 | Unix: | |
5476 | ||
5477 | * aklog deals with KDCs which give "generic" replies to principals not | |
5478 | existing. | |
5479 | ||
5480 | * Fix bug in cache parameter autotuning | |
5481 | ||
5482 | RedHat: | |
5483 | ||
5484 | * packaging fixes | |
5485 | ||
5486 | Linux: | |
5487 | ||
5488 | * amd64 pthread library family updates. | |
5489 | ||
5490 | * autoconf fixes for kernel feature testing | |
5491 | ||
5492 | * keyring PAG support now only enabled if needed features are present | |
5493 | and other updates | |
5494 | ||
5495 | * inline a version of BUG() so we get better oopses | |
5496 | ||
5497 | AIX: | |
5498 | ||
5499 | * tsm is updated to work with the new AIX 5 interface. | |
5500 | ||
5501 | MacOS: | |
5502 | ||
5503 | * Cross compile fixes | |
5504 | ||
5505 | * Packaging improvements | |
5506 | ||
5507 | * Large file support fixed (Thanks to Chaskiel Grundman) | |
5508 | ||
5509 | * Fixes for Leopard seed. | |
5510 | ||
5511 | * Installer image updates | |
5512 | ||
5513 | Windows: | |
5514 | ||
5515 | * Removes race conditions and a deadlock introduced in 1.4.1 | |
5516 | ||
5517 | * Fixes ANSI filename option. | |
5518 | ||
5519 | * Establishes new connections to file servers when | |
5520 | IP address configuration changes are detected. | |
5521 | ||
5522 | * Improved CIFS compatibility | |
5523 | ||
5524 | * Cache Manager optimizations | |
5525 | ||
5526 | * Fixes vlserver failover when mounting 'root.afs' | |
5527 | (Freelance mode disabled) | |
5528 | ||
5529 | * Installs help files in the correct location for use by afscreds.exe | |
5530 | and afs control panel. | |
5531 | ||
5532 | * Improve reporting of "over quota" and "disk full" errors. | |
5533 | ||
5534 | * Prevent crash when evaluating mount points to volumes that do | |
5535 | not exist | |
5536 | ||
5537 | * Removes auto-registration of AFS ID in foreign ptservers from | |
5538 | Integrated Logon DLL. This prevents crashes if the DLL is loaded | |
5539 | and unloaded prior to termination of the process. | |
5540 | ||
5541 | * SDK moved to \Program Files\OpenAFS\SDK | |
5542 | ||
5543 | * NSIS and WiX Installer Frameworks update to the latest versions | |
5544 | ||
5545 | * Improvements to the Kerberos Logon Integration | |
5546 | ||
5547 | * Prevents exception in Integrated Logon DLL during SysPrep | |
5548 | ||
5549 | * Prevents displays of MessageBox dialogs in response to Network Adapter | |
5550 | errors | |
5551 | ||
5552 | * Hard Dead and Connection Timeout values restricted to the CIFS Session | |
5553 | Timeout value. | |
5554 | ||
5555 | * Correct writing of BackConnectionsHostNames registry value. | |
5556 | ||
5557 | * Properly recycles Volume entries | |
5558 | ||
5559 | * The AFS Explorer Shell Extension always finds its resource library. | |
5560 | ||
5561 | * The export list for AFSAUTHENT.DLL has been corrected. (The AFS | |
5562 | plugin for NetIDMgr will no longer use 100% of CPU.) | |
5563 | ||
5564 | * Renaming files on Microsoft Vista Build 5536 works. | |
5565 | ||
5566 | * Better handling of "." directory in fs commands | |
5567 | ||
5568 | * Add OpenAFS License text to installers | |
5569 | ||
5570 | * fs setquota and fs mkmount commands behave the same as the UNIX | |
5571 | version | |
5572 | ||
5573 | OpenAFS 1.4.2 | |
5574 | ||
5575 | All systems: Major bugfixes. | |
5576 | ||
5577 | * Bugfixes: | |
5578 | ||
5579 | All systems: | |
5580 | ||
5581 | - Volume dump parsing code in the volserver has better error checking. | |
5582 | ||
5583 | - salvager has improved damaged volume handling on namei fileservers. | |
5584 | ||
5585 | - fileserver has size validity checks for when large file support is disabled. | |
5586 | ||
5587 | - fileserver avoids potentially multiply adding a host to its hash table. | |
5588 | ||
5589 | - rxkad client private data storage is allocated dynamically on ticket size. | |
5590 | ||
5591 | - Handle universal error code translation for file locking. | |
5592 | ||
5593 | - fileserver needs to swap callback connections on a client IP change. | |
5594 | ||
5595 | - fileserver host package revised to reduce lock contention. | |
5596 | ||
5597 | - Rx has been fixed to count hard acks, thus opening the congestion window. | |
5598 | ||
5599 | - All servers support bound Rx sockets (on one interface). | |
5600 | ||
5601 | - namei fileserver no longer use lockf() to avoid range locking issues. | |
5602 | ||
5603 | - most binaries now support the -version switch. | |
5604 | ||
5605 | - backup suite fixes for 64 bit platforms. | |
5606 | ||
5607 | - volserver avoids holding holds during volume purges. | |
5608 | ||
5609 | - volserver avoids losing files on namei during vos zap. | |
5610 | ||
5611 | AIX: | |
5612 | ||
5613 | - fileserver now properly supports large files. | |
5614 | ||
5615 | - TSM updates for AIX 5 | |
5616 | ||
5617 | - Kernel module avoids leaking Rx packets. | |
5618 | ||
5619 | - Avoid use of global ubik client structure in fileserver. | |
5620 | ||
5621 | - Update ubik call client interface to allow for prototyping. | |
5622 | ||
5623 | - audit logging fixes when stdarg does not provide integral va_list type. | |
5624 | ||
5625 | MacOS 10.4: | |
5626 | ||
5627 | - A bug where the client kernel module could free stack memory (which | |
5628 | caused issues with 64 bit Intel most commonly) has been fixed. | |
5629 | ||
5630 | - Packaging fixes and updates. | |
5631 | ||
5632 | - Uninstaller added. | |
5633 | ||
5634 | - Fix large file support. | |
5635 | ||
5636 | Linux: | |
5637 | ||
5638 | - autoconf kernel feature testing has been restructured. | |
5639 | ||
5640 | - PAG garbage collection is enabled by default. | |
5641 | ||
5642 | - Kerberos updates for RHEL3. | |
5643 | ||
5644 | - Fix POSIX lock enrollment for older Linux kernels. | |
5645 | ||
5646 | - Updates for new 2.6 kernels. | |
5647 | ||
5648 | - Avoid deadlocks in put_inode handler. | |
5649 | ||
5650 | - Keyring-based PAG support. | |
5651 | ||
5652 | - Fixes to avoid getting better oops info in the kernel. | |
5653 | ||
5654 | Solaris: | |
5655 | ||
5656 | - Remove some kernel symbol bindings for symbols we don't use. | |
5657 | ||
5658 | - Cleanup for loopback mount of AFS on Solaris 10. | |
5659 | ||
5660 | - Avoid issues with stdio not supporting file descriptors above 255 on | |
5661 | Solaris 8 and lower in the fileserver. | |
5662 | ||
5663 | OpenAFS 1.4.1 | |
5664 | ||
5665 | All systems: Major bugfixes. | |
5666 | New systems: MacOS 10.4 (PowerPC and Intel) | |
5667 | ||
5668 | * Bugfixes: | |
5669 | ||
5670 | All systems: | |
5671 | ||
5672 | - Several race conditions in the host tracking and handling in the fileserver | |
5673 | which could cause inconsistent behavior and crashes have been fixed. | |
5674 | ||
5675 | - A fileserver bug where a reference to a volume could be leaked and later | |
5676 | cause a deadlock as a result of a bulk status call | |
5677 | ||
5678 | - Reference counting of fileserver objects in unsigned 32 bit integers | |
5679 | instead of signed 16 bit integers. | |
5680 | ||
5681 | - Avoid type mismatches when handling time values (betweemn 32 bit and 64 bit | |
5682 | variables). | |
5683 | ||
5684 | - Fix a memory leak during multilevel packet queue handling. | |
5685 | ||
5686 | - Audit log output had been updated to include FIDs for newly created files. | |
5687 | ||
5688 | HP-UX 11i: | |
5689 | ||
5690 | - 64 bit (large file) inodes are supported. | |
5691 | ||
5692 | - Salvager will now handle large (>4gb) partitions. | |
5693 | ||
5694 | * New features: | |
5695 | ||
5696 | All systems: | |
5697 | ||
5698 | - asetkey is now included to ease Kerberos 5 integration for server | |
5699 | administrators. | |
5700 | ||
5701 | - A new fileserver statistics collection including callback statistics was | |
5702 | added. | |
5703 | ||
5704 | - man pages are now generated. | |
5705 | ||
5706 | Microsoft Windows: | |
5707 | ||
5708 | - Fixes error message problems experienced by fs.exe and the AFS Explorer | |
5709 | Shell Extensions related to the use of Universal Error Codes by the | |
5710 | AFS File Server | |
5711 | ||
5712 | - Adds full SMB/CIFS support for byte range locking. In this implementation | |
5713 | all locks are allocated locally and the AFS lock privilege is ignored. | |
5714 | While this will not prevent two processes on different machines from | |
5715 | simultaneously writing to the same file, it will prevent two processes | |
5716 | on the same machine from doing so. | |
5717 | ||
5718 | - The UP server check period has been reduced to once every ten minutes to | |
5719 | match the period used by the UNIX clients. The shorter period will | |
5720 | assist clients maintain RX connections through NATs. | |
5721 | ||
5722 | - Fixes the DOWN server check logic to ensure that any server that responds | |
5723 | to a check is marked UP unless it is in the process of restarting. | |
5724 | ||
5725 | - Add logic to better handle objects that no longer exist on the file server. | |
5726 | (VNOVNODE errors.) | |
5727 | ||
5728 | - Prevent the removal of existing drive mappings by "afscreds.exe -M" | |
5729 | ||
5730 | - Fixes the procmgmt library so that it doesn't cause applications that | |
5731 | unload it to crash. | |
5732 | ||
5733 | - Improves the warnings written to the afsd_init.log file when the | |
5734 | Windows RPC Protocol drivers are improperly configured. | |
5735 | ||
5736 | - Fixes "fs setserverprefs -vlserver". Multiple calls with the same | |
5737 | server parameter could result in a crash of afsd_service.exe. | |
5738 | ||
5739 | - The SMB/CIFS layer was audited for reference miscounts and memory leaks. | |
5740 | All SMB objects are now properly counted, locked, and released when | |
5741 | their work is done. | |
5742 | ||
5743 | - Prevent file truncation of the user does not have the appropriate access. | |
5744 | ||
5745 | - Token management was re-written to allow user tokens to be preserved | |
5746 | during integrated login and freed after logoff is complete. | |
5747 | ||
5748 | - Added a mechanism by which abandoned SMB virtual circuits can be | |
5749 | detected and the associated resources cleaned up. | |
5750 | ||
5751 | - Prevent the allocation of SMB file handles with a value of 0 or 0xFFFF | |
5752 | which would be considered invalid by Windows applications. | |
5753 | ||
5754 | - Fixed the processing of cell names to ensure that they are always | |
5755 | treated as case insensitive strings. | |
5756 | ||
5757 | - Fixed the network provider code to avoid querying the profile location | |
5758 | if integrated login is disabled. | |
5759 | ||
5760 | - If a mount point string is empty, return Path Not Found to the application. | |
5761 | ||
5762 | - Windows returns WSAECONNRESET when an ICMP packet is received in response | |
5763 | to a transmitted UDP packet that cannot be delivered. Do not mark the | |
5764 | connection as bad but instead retry the request. | |
5765 | ||
5766 | - Fix the data written to the registry as part of the BackConnectionHostnames | |
5767 | values. | |
5768 | ||
5769 | - Fixed the rx-lwp implementation to always generate unique rx call | |
5770 | identitiers. | |
5771 | ||
5772 | - The default "fs minidump" type now includes data segments. | |
5773 | ||
5774 | ||
5775 | OpenAFS 1.3 | |
5776 | ||
5777 | * -nosettime is now the default for afsd. Use "-settime" to get the | |
5778 | old behavior. | |
5779 | ||
5780 | * OpenBSD is now supported. | |
5781 | ||
5782 | * Mountpoint directory information is now only faked for cross-cell | |
5783 | mountpoints when using the -fakestat flag (e.g. for the directories | |
5784 | under /afs, but not for most other volumes mounted inside the cell). | |
5785 | The -fakestat-all switch can be used to fake information for all | |
5786 | mountpoints. | |
5787 | ||
5788 | * When fakestat is enabled on MacOSX, the Finder can be used to browse | |
5789 | a fully-populated /afs directory. However, this precludes reliable | |
5790 | use of entire volumes as MacOS bundles (i.e. containing a Contents | |
5791 | directory in the root of the volume). | |
5792 | ||
5793 | * Mountpoint directory information can be faked by the cache manager, | |
5794 | making operations such as stat'ing all cells under /afs much faster. | |
5795 | This is enabled by passing -fakestat to afsd, but might not be stable | |
5796 | on all platforms. | |
5797 | ||
5798 | ||
5799 | OpenAFS 1.2.9 | |
5800 | ||
5801 | * The kaserver now defaults to not allowing interrealm authentication, | |
5802 | due to security vulnerabilities in the krb4 protocol. The new | |
5803 | "-crossrealm" flag to the kaserver is provided to reenable interrealm | |
5804 | authentication if desired. | |
5805 | ||
5806 | * RedHat Linux 9.0 is now supported. | |
5807 | ||
5808 | * Solaris 9 12/02 is now supported. Solaris 7 and 8 x86 should now | |
5809 | work again. | |
5810 | ||
5811 | * On Linux machines using 2.2 series kernels, 2.2.19 or higher is now | |
5812 | required. | |
5813 | ||
5814 | * An OpenAFS 1.2.9 afsd will not work with kernel modules built from | |
5815 | an earlier OpenAFS release. In general, using a mismatched afsd and | |
5816 | kernel modules set is unsupported; it is not recommended that you use | |
5817 | such a configuration on a regular basis. | |
5818 | ||
5819 | ||
5820 | OpenAFS 1.2.8 | |
5821 | ||
5822 | * Mountpoint directory information is now only faked for cross-cell | |
5823 | mountpoits when using the -fakestat flag (e.g. for the directories | |
5824 | under /afs, but not for most other volumes mounted inside the cell). | |
5825 | The -fakestat-all switch can be used to fake information for all | |
5826 | mountpoints. | |
5827 | ||
5828 | * HPUX 11.0 is now supported. | |
5829 | ||
5830 | * It is now possible for AFS to use Kerberos 5 directly, via rxkad 2b. | |
5831 | See the OpenAFS 1.2.8 Release Notes for more information on using this | |
5832 | capability. | |
5833 | ||
5834 | * An NFS translator kernel module is now included and compiled by | |
5835 | default for Solaris only. | |
5836 | ||
5837 | ||
5838 | OpenAFS 1.2.7 | |
5839 | ||
5840 | * MacOS X 10.2 is now supported. FreeBSD 4.3 and later support is | |
5841 | included in this release, but is still under active development and | |
5842 | should only be used by those doing active development on the OpenAFS | |
5843 | FreeBSD client. | |
5844 | ||
5845 | * When fakestat is enabled on MacOSX, the Finder can be used to browse a | |
5846 | fully-populated /afs directory. However, this precludes reliable use | |
5847 | of entire volumes as MacOS bundles (i.e. containing a Contents | |
5848 | directory in the root of the volume). | |
5849 | ||
5850 | * The fileserver will now use Rx pings to determine if clients are | |
5851 | reachable prior to allocating resources to them, to prevent asymmetric | |
5852 | clients from consuming all fileserver resources. | |
5853 | ||
5854 | ||
5855 | OpenAFS 1.2.6 | |
5856 | ||
5857 | * Mountpoint directory information can be faked by the cache manager, | |
5858 | making operations such as stat'ing all cells under /afs much faster. | |
5859 | This is enabled by passing -fakestat to afsd. | |
5860 | ||
5861 | * Solaris 9 FCS and Solaris 7 and 8 x86 are now supported. | |
5862 | ||
5863 | ||
5864 | OpenAFS 1.2.5 | |
5865 | ||
5866 | * A remote denial of service attack in the AIX and IRIX clients has been | |
5867 | fixed. Users of those platforms are strongly encouraged to upgrade. | |
5868 | ||
5869 | * Fixed race conditions in fileserver that could result in crash. | |
5870 | ||
5871 | ||
5872 | OpenAFS 1.2.4 | |
5873 | ||
5874 | * Server logfiles now more consistant about format in which hosts are | |
5875 | referred to. | |
5876 | ||
5877 | * vfsck on Solaris will now allow force runs (using -y flag) even if old | |
5878 | inodes exist. | |
5879 | ||
5880 | ||
5881 | OpenAFS 1.2.3 | |
5882 | ||
5883 | * Cell aliases for dynroot can be specified in the CellAlias file in | |
5884 | /usr/vice/etc or /usr/local/etc/openafs, in format "realname alias", | |
5885 | one per line. They can also be managed at runtime with "fs newalias" | |
5886 | and "fs listaliases". | |
5887 | ||
5888 | ||
5889 | OpenAFS 1.2.2 | |
5890 | ||
5891 | * Solaris 9 and Linux PA-RISC are now supported. | |
5892 | ||
5893 | * fileserver will not erroneously delay legitimate errors for 3 seconds | |
5894 | after 10 errors are returned (e.g. stat() on a directory you can't | |
5895 | read). | |
5896 | ||
5897 | * Rx MTU calculation now works for Irix, Solaris and Linux | |
5898 | ||
5899 | * If afsd is started with the -dynroot flag, /afs will be locally | |
5900 | generated from the CellServDB. AFSDB cells will be mounted | |
5901 | automatically upon access. | |
5902 | ||
5903 | * The namei fileserver allows vice "partitions" to be directories | |
5904 | instead of partitions and will attach and display accordingly. | |
5905 | Creating the file "AlwaysAttach" in the /vicepX directory is used as | |
5906 | the trigger to attach it. | |
5907 | ||
5908 | * TSM support for butc no longer requires editing a Makefile, simply | |
5909 | specify the --enable-tivoli-tsm configure option. | |
5910 | ||
5911 | * Linux builds no longer require source changes every time the kernel | |
5912 | inode structure changes; the OpenAFS sources will now configure itself | |
5913 | to the actual inode structure as defined in the kernel sources. | |
5914 | ||
5915 | ||
5916 | OpenAFS 1.2.1 | |
5917 | ||
5918 | * vfsck on Digital UNIX and Solaris will now refuse to fsck mounted | |
5919 | mounted partitions. | |
5920 | ||
5921 | ||
5922 | OpenAFS 1.2.0 | |
5923 | ||
5924 | * AFS now supports --prefix and the other directory options of | |
5925 | configure. By default AFS builds assuming it will be installed in | |
5926 | /usr/local. In order to get traditional AFS directory paths (/usr/afs | |
5927 | and /usr/vice/etc) use the --enable-transarc-paths option to | |
5928 | configure. More details on the new directory layout are found in | |
5929 | README. | |
5930 | ||
5931 | ||
5932 | OpenAFS 1.1.1a | |
5933 | ||
5934 | * Windows 95/98/ME/NT/2000 - Consistent versioning: Installation, AFS | |
5935 | Control Center, Client dialog boxes and properties pages for | |
5936 | executables display a consistent OpenAFS version number. Installation | |
5937 | detects previous installation and prompts the user for upgrade | |
5938 | options. | |
5939 | ||
5940 | * Windows 95/98/ME/NT/2000 - Installation features: During installation | |
5941 | the user can select the source of the CellservDB file, AFS home cell, | |
5942 | and drive mappings. During installation a drive path mapping can | |
5943 | include a variable that will be substituted with the current UserName | |
5944 | that is logged in. | |
5945 | ||
5946 | * Windows 2000/NT - Integrated logon: The Integrated Logon feature | |
5947 | works now. | |
5948 | ||
5949 | * Windows 95/98/ME - Logon script features: The Windows 95/98/ME client | |
5950 | now offers a command-line option for starting up the AFS client | |
5951 | without authenication. It is now possilbe to start the AFS client | |
5952 | first and obtain tokens, and map drives all through Windows scripts. | |
5953 | This helps using Windows 95/98/ME client in Kerberos 5 environment. | |
5954 | ||
5955 | * Windows 2000/NT - LANA numbers: AFS client now scans the LANA numbers | |
5956 | to establish the correct NETBIOS connection. NetBEUI is no longer | |
5957 | needed. The user no longer needs to find the correct LANA number. | |
5958 | ||
5959 | * Windows 2000/NT - OpenAFS naming consistancy: Further progress has | |
5960 | been made to remove references to "Transarc AFS" and replace with | |
5961 | "OpenAFS". | |
5962 | ||
5963 | ||
5964 | OpenAFS 1.0 | |
5965 | ||
5966 | * AFS now builds with configure. The README for building has been | |
5967 | updated and includes full details. | |
5968 | ||
5969 | * A client system can now have multiple sysname values for @sys. They | |
5970 | will be searched in order when looking up files in AFS. The | |
5971 | -newsysname argument to fs sysname can be repeated to set multiple | |
5972 | sysnames. | |
5973 | ||
5974 | * A new system group is created for new cells (system:ptsviewers with id | |
5975 | -203). If this group exists, members of this group can examine and | |
5976 | read the entire protection database. They can examine all users and | |
5977 | groups and can get the membership of any group. | |
5978 | ||
5979 | * A new program, pt_util has been added to the distribution. This | |
5980 | program allows users to print the contents of the protection database | |
5981 | or to edit the protection database without running a ptserver. It can | |
5982 | be used to set up a new cell without ever running in noauth mode. Run | |
5983 | pt_util -h for help. | |
5984 | ||
5985 | * The fs setcrypt and fs getcrypt commands have been added. These | |
5986 | commands allow the system administrator to require that the client | |
5987 | encrypt all authenticated traffic between the client workstation and | |
5988 | AFS. The encryption used is weak, but is likely better than sending | |
5989 | unencrypted traffic in most environments. Some functions, such as | |
5990 | looking for a volume may not be encrypted, but data transfer certainly | |
5991 | is. By default data is not encrypted. At this time no significant | |
5992 | experimentation with server performance has been conducted. | |
5993 | ||
5994 | * By default AFS is compiled with AFS_AFSDB_ENV, enabling the -afsdb | |
5995 | option to be given to afsd on startup. If this option is used, then | |
5996 | new cells will be looked up using AFSDB records stored in DNS if they | |
5997 | are not found in CellServDB. This means that users can create | |
5998 | cross-cell mountpoints in directories they control to access cells not | |
5999 | in root.afs, and that cells in root.afs need not be in the client's | |
6000 | CellServDB. | |
6001 | ||
6002 | * AFS database servers can be marked as read-only clones. Surround the | |
6003 | hostname in square brackets on the bos addhost command and the | |
6004 | database server will never be elected sync site. This is useful for | |
6005 | cells distributed over a wide region. | |
6006 | ||
6007 | * The AFS servers now support the -syslog flag. This flag causes them | |
6008 | to log to syslog rather than to files. This flag is not supported on | |
6009 | NT. For all servers besides the salvager, the flag can also be | |
6010 | specified as -syslog=facility, where facility is an integer facility | |
6011 | code from syslog.h. A -syslogfacility option is provided for the | |
6012 | salvager to accomplish the same goal. | |
6013 | ||
6014 | * If the --enable-fast-restart flag is given when configuring AFS, then | |
6015 | the salvager supports the -dontsalvage flag which causes it to exit | |
6016 | without salvaging any volumes. If this is configured into the third | |
6017 | command of a fs process, then the fileserver will start without | |
6018 | salvaging. It will fail to attach volumes that need salvaging and | |
6019 | they can be salvaged manually. This provides significantly better | |
6020 | server startup performance at the cost of administrative complexity. | |
6021 | ||
6022 | * If the --enable-bitmap-later flag is given when configuring AFS, then | |
6023 | the fileserver creates bitmaps for free vnodes on demand, allowing | |
6024 | faster starts. | |
6025 | ||
6026 | * If bosserver finds a BosConfig.new file at startup, it reads this file | |
6027 | and renames it to BosConfig. This allows bosserver to be reconfigured | |
6028 | at next restart. | |
6029 | ||
6030 | * The bosserver can be placed in a restricted mode in which AFS | |
6031 | superusers are only granted limited access to the server host. The | |
6032 | following functionality is disabled when restricted mode is in use: | |
6033 | ||
6034 | bos exec | |
6035 | bos getlog (except for files with no '/'s in their name)* | |
6036 | bos create * | |
6037 | bos delete | |
6038 | bos install | |
6039 | bos uninstall | |
6040 | ||
6041 | specific exceptions are made for functionality that "bos salvage" | |
6042 | uses: | |
6043 | ||
6044 | A cron bnode who's name is "salvage-tmp", time is now, and command | |
6045 | begins with "/usr/afs/bin/salvager" may be created. This bnode deletes | |
6046 | itself when complete, so no special "delete" support is needed. This | |
6047 | functionality may be removed in the future if a "Salvage" RPC is | |
6048 | implimented. | |
6049 | ||
6050 | The file with the exact path /usr/afs/logs/SalvageLog may be fetched, | |
6051 | since that is how bos salvage [...] -showlog is implimented. | |
6052 | ||
6053 | Restricted mode is enabled using a new bos command (bos setrestricted) | |
6054 | or bossever command line switch (bosserver -restricted). Restricted | |
6055 | mode can be disabled by a) sending the bosserver process a SIGFPE | |
6056 | (which will then allow restricted operations until the next restart or | |
6057 | setrestricted command) or b) editing /usr/afs/local/BosConfig (or | |
6058 | BosConfig.new), and restarting the bosserver. | |
6059 | ||
6060 | * The bos UserList of trusted administrators can now contain cross-realm | |
6061 | Kerberos principals. | |
6062 | ||
6063 | * udebug now takes --server not --servers. | |
6064 | ||
6065 | * Several error messages have been improved to include volume numbers. | |
6066 | ||
6067 | * Several new ports have been included for UNIX platforms: Darwin | |
6068 | (ppc_darwin_12 and ppc_darwin_13), Linux 2.4 (i386_linux24), Linux on | |
6069 | the Powerpc (ppc_linux22 and ppc_linux24), Linux on the Sparc | |
6070 | (sparc_linux22, sparc64_linux22 and sparc64_linux24). | |
6071 | ||
6072 | * Incomplete FreeBSD and Alpha Linux ports are included. The FreeBSD | |
6073 | port has a working server and the Alpha Linux port has a partially | |
6074 | working client. | |
6075 | ||
6076 | * A native client for Windows 95/98/ME has been added to the | |
6077 | distribution. With this program, a gateway machine is no longer | |
6078 | required for Windows 9x to access AFS files. One drive letter will be | |
6079 | created on your machine by default - Z:. The Z: drive will be the | |
6080 | root of the AFS tree, allowing you to browse all sites that have AFS | |
6081 | servers available. Additional drive letters can be defined for other | |
6082 | AFS directories. A Windows Explorer shell extension is included that | |
6083 | allows you to right click on items within an AFS tree to bring up an | |
6084 | "AFS" menu item and perform various operations on a file or directory. | |
6085 | The most useful item is "Access Control Lists", which allows you to | |
6086 | view and edit the permissions of a particular directory. Command line | |
6087 | tools are also available in the install directory. These commands | |
6088 | include klog, unlog, tokens, kpasswd, symlink, fs and pts. The | |
6089 | installable includes a readme file that contains more information on | |
6090 | how to use the client program and known issues. | |
6091 | ||
6092 | * Support for large caches in afsd. Cachefiles are stored in | |
6093 | subdirectories. The default is 2048 files per subdirectory, which | |
6094 | should work fine in most situations. You can use the new afsd option | |
6095 | -files_per_subdir to change this number. Note that the first time you | |
6096 | run afsd with this patch, your cachefiles will get moved into | |
6097 | subdirectories. If you subsequently run an older version of afsd, you | |
6098 | will lose all your cached files. |