User-Visible OpenAFS Changes
-OpenAFS 1.8.0pre2
+OpenAFS 1.9.0
+
+ All platforms
+
+ Introduce the rxgk Rx security class, initially limited to server-to-server
+ traffic and local keys (gerrit topic: rxgk-phase1).
+
+ Add options to the vos and pts commands for server-to-server rxgk support.
+
+ Add support to add and delete rxgk keys with asetkey. Add support to
+ generate random keys with asetkey, which can be useful to create certain
+ types of rxgk keys.
+
+ Raise implementation-defined anti-DoS length limits for prdb-related XDR
+ array types, which were being reached at some sites (13838).
+
+ Bring "-setpag" functionality in klog to parity with aklog (14146).
+
+ Fix potential Rx hang when an incoming call must wait (14158).
+
+ Fix latent bug preventing RX_CONN_NAT_PING from working (13041).
+
+ Fix potential rx_connection leak in pthreaded programs (13042).
+
+ Avoid NatPing storm with many connections to the same server (14312).
+
+ Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (12879, 12839).
+
+ Make non-verbose "vos remsite" output output more readable (14127).
+
+ Display the usage of simple commands (commands without subcommands) when run
+ only with the -help option (10983).
+
+ Replace SOURCE-MAP with a README.md (14003).
+
+ Improve documentation of minimum required dependency versions (14305).
+
+ Remove unused definition of LINUX_PKGREL from configure.ac (14117).
+
+ Improve logging and diagnostic messages:
+ * Add a warning message to vos when performing an incremental volume
+ restore over an existing volume which is newer than the dump
+ volume (13251)
+ * Log the binding address and port during startup in the cache manager and
+ all of the server processes (13272)
+ * Improve volume server logging to provide better information during
+ volume restore failures (13252)
+ * Improved cache manager syslog tracing (11858)
+ * Improved database server logging to log important messages at the
+ default logging level, log information during database synchronizations,
+ and log diagnostic messages during recovery aborts (12617, 13079, 12618)
+ * Set a thread name for rx listener threads (13600)
+ * Avoid truncating authentication information in vlserver log
+ messages (13466)
+ * Log when ubik recovery aborts a running remote transaction (13862).
+
+ Fix warnings issued by static code analyzers:
+ * Fix possible undefined variable in disconnected mode (13207)
+ * Remove redundant conditionals (13158, 13157)
+ * Exit if out of memory while attempting to format command help
+ messages (13335)
+ * Fix possible undefined variable when reading old vldb formats (13755)
+
+ Assorted memory-handling fixes (13461, 12293, 13355, 13395, 13396, 13161,
+ 13659, 13714, 13715, 13760, 13716, 13761).
+
+ Fix many (but not all) of the new warnings issued by recent versions of
+ gcc and clang (12987..12989, 13010, 13287, 13462..13464, 13467..13468,
+ 13470..13476, 13494, 13660..13664, 13684, 13726, 13754, 14049, 14092,
+ 14106, 14207, 14273, 14277, 14274, 14275, 14279, 14292, 14125).
+
+ Added unit tests for functions mapping vice partition to id (13176).
+
+ Fix issues resulting in parallel "make install" to fail (13786, 14137).
+
+ Updated libauth test program (13394).
+
+ General code cleanup; remove unused code or obsolete code, old comments,
+ or refactor for clarity
+ (12988, 13204, 13209, 13210, 13213, 13226, 13227, 13260, 13271, 13277,
+ 13309, 13310, 13324, 13325, 13339, 13345, 13346, 13351, 13361, 13362, 13363,
+ 13390, 13397, 13408, 13414, 13458, 13490, 13500, 13509, 13514, 13557, 13640,
+ 13655, 13282, 13683, 13995, 14218, 14219, 14236, 14246, 14322, 14338).
+
+ Build system clean up and fixes
+ (12956, 12961, 12962, 12963, 12992, 12993, 12994, 13237, 13275, 13338,
+ 13357, 13360, 13387, 13419, 13594, 13652, 14115, 14148..14150, 14132,
+ 14133, 14135, 14153).
+
+ All server platforms
+
+ Improve database server logging by logging messages when and why a server
+ is marked as down (12616).
+
+ Log a warning message when starting server processes with no encryption
+ keys available (13911).
+
+ Fix use of triple-DES cell-wide keys for rxkad.krb5 (14203).
+
+ Remove redundant lseek system calls and use positional I/O in the database
+ servers to improve performance (12271, 12272).
+
+ Fix option parsing to enable parallel salvageserver operation (14201).
+
+ Fix an edge case where writes were errneously allowed on readonly
+ fileservers (13934).
+
+ Add an option to allow members of system:administrators to perform
+ write operations on otherwise readonly fileservers (13707).
+
+ Allow "vos rename" to be re-run to finish a previously interrupted
+ volume rename operation (13720).
+
+ Return errors for short reads during volume dumps instead of silently
+ padding with NUL bytes (14255).
+
+ Work around potential deadlocks when the salvageserver spawns a child
+ at the same time another thread is writing to the log (14239).
+
+ Do not overwrite the errno variable when logging certain database sendfile
+ errors (13263).
+
+ Avoid confusing log message ("Unable to create the volume") when
+ restoring over an existing volume (14208).
+
+ Fix vldb listing of created-but-not-released RO replicas (14154).
+
+ Avoid confusing "half-locked" state for interrupted volume renames (14157).
+
+ Prevent attempts to grow the VLDB past the maximum 2GB size (14180).
+
+ Fix a bug that prevented logging of discarded callbacks (14256).
+
+ Code migration to POSIX Threads (pthreads) from LWP.
+ * Convert upserver and upclient to pthreads (12754)
+ * Convert xstat libraries and related utilities to pthreads (12745, 12746,
+ 12747, 12753, 13454, 13455)
+
+ All client platforms
+
+ Attempt to detect and report some common types of cache corruption
+ (13436, 13747, 13969, 14002).
+
+ Log a warning when the cache is "stressed" (almost full) to suggest
+ possible re-tuning (13255).
+
+ Require opt-in to use the historical/deprecated single-DES krb5
+ encryption types, which are being removed from krb5 distributions (13689).
+
+ Fix incorrect informational messages when the AFSCELL environment
+ variable is set (13371).
+
+ Assorted cleanup and microoptimizations (12655, 13254, 12656, 13253, 14241,
+ 13256, 14254).
+
+ Tidy up the shutdown sequence, closing some memory leaks and not
+ generatin Rx traffic while Rx datastructures are being deconstructed
+ (13718, 13719).
+
+ Fix reading entries of historic vldb formats (13465).
+
+ Suppress warning about running unauthenticated for `bos -noauth` (14306).
+
+ Linux
+
+ Support upstream kernels through Linux 5.9.
+
+ Be more careful about overriding the current credentials for operations
+ on cache files, preventing spurious permission errors when systems like
+ AppArmor and SELinux are in use (13751, 14098).
+
+ Avoid panics from procfs when the kernel module is loaded but afsd is
+ not running (14093).
+
+ Improve ppc64le support (13980, 14046).
+
+ Improve RPM packaging (14114, 14116, 14266)
+
+ MacOS
+
+ Simplify background-move return-code processing (13280).
+
+ Support macOS Catalina (13935, 13936, 13668..13671, 13928, 14062, 14222).
+
+ Add OpenAFS.pkg to the list of files to be codesigned (14221).
+
+ Solaris
+
+ Remove references to (unspported) SunOS 4 (13506).
+
+ Build system fixes for parallel make on Solaris.
+
+ Support function attributes when building with recent versions of Solaris
+ compilers.
+
+ Fix many (but not all) of the compiler warnings when building on the Solaris
+ platform.
+
+ Add autoconf support for Studio 12.6 tools (13867).
+
+ FreeBSD
+
+ General improvements to VFS compliance.
+
+ Create destination kernel module directory when installing on
+ FreeBSD (13653, 13690)).
+
+ Add param.h files and sysnames for FreeBSD 11.2 (13534), 11.3 (13792),
+ and 12.1 (13982).
+
+ Fix fcntl-style locks by adapting to quirky historical behavior (12579).
+
+ Support kernels that use VIMAGE support at runtime, not just at
+ build-time (12580).
+
+ Change LWP stack strategy to avoid SIGBUS errors (13691).
+
+ Skip SIGBUS test (for reasons unrelated to the previous) (14145).
+
+
+OpenAFS 1.8.6
+
+ All platforms
+
+ * Address warnings and errors encountered when building OpenAFS with
+ modern compilers like gcc9 or recent clang (13727..45 13749..50 13756
+ 13846 13879)
+
+ * Avoid some rare cases of Rx calls getting stuck in the incoming queue
+ (13892)
+
+ * Display the usage of simple commands (commands without subcommands) when
+ run only with the -help option (13894)
+
+ * Fix a memory leak in the cache manager and the fileserver while
+ processing "fs uuid" or "fs setcbaddr" (13899)
+
+ * Fix a memory leak when reopening krb local realms configuration (13900)
+
+ * Avoid possible crashes when freeing kerberos contexts (13902)
+
+ All server platforms
+
+ * Do not leave empty directories behind in the file server vice partition
+ when running the "vos zap -force" command (13897)
+
+ * Fix "vos zap -force" failures when the volume being zapped does not have
+ an entry in the fileserver's volume group cache (e.g., during fileserver
+ startup) (13896)
+
+ * Relax the length limits on some membership lists used in ptserver RPCs,
+ introduced in release 1.8.0 to prevent denial of service attacks, to
+ accommodate use cases of some larger existing sites (13844)
+
+ * Improved diagnostics and error messages (13898 13906..8 13938)
+
+ * Ensure that fileservers running in readonly mode actually reject all
+ write requests, but introduce a -admin-write switch allowing writes
+ by members of the system:administrators group (14018 14019)
+
+ All client platforms
+
+ * Require the -insecure_des switch to be passed to aklog and klog.krb5
+ to make them work with single-DES encryption types (13791)
+
+ * Avoid a panic due to a retryable error - retry in a background request
+ instead (13847)
+
+ * Avoid blocking other functions on the completion of some potentially
+ long-running RPCs issued by the server (13893)
+
+ * Fix a potential memory leak in "fs getserverprefs" when the pioctl fails
+ with E2BIG (13895)
+
+ * Avoid the local cache incorrectly reflecting the state of a file on the
+ fileserver after flushing large chunks of data to the server. This
+ issue was present on FreeBSD clients, but probably not Linux/Solaris
+ ones (13951) (RT #135041)
+
+ * After a VLDB lookup of a read-write volume already failed, don't bother
+ looking up corresponding read-only or backup volumes since those lookups
+ are bound to fail, in order to make the client more responsive and
+ avoid unnecessary load on the vlserver (13968)
+
+ * Allow a "vos rename" to succeed if the new volume name is the same as
+ that in the current VLDB, to make it possible to complete a previously
+ interrupted volume rename (14055)
+
+ * Allow processes which are sleeping due to PAG throttling to be killable
+ (13974).
+
+ * Fix set PAG failures due to signals (13975).
+
+ Linux clients
+
+ * Support mainline kernels up to and including 5.7 (14069 14094 14095
+ 14209 14210)
+
+ * Make builds succeed with --enable-checking for mainline kernels
+ 5.3-rc2 and later (13910)
+
+ * Avoid possible deadlocks (13748 13765)
+
+ * Fix build of libuafs on ppc64le (14104)
+
+ * Fix build on certain recent 32-bit distributions (14234) (RT #135084)
+
+ macOS
+
+ * Support building, packaging and notarization on macOS 10.15 "Catalina"
+ (14031..7 14068)
+
+ Microsoft Windows
+
+ * Build fixes (13848..52)
+
+OpenAFS 1.8.5
+
+All platforms
+
+ * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output
+ Generated RPC handler routines ran output variables through XDR encoding
+ even when the call had failed and would shortly be aborted (and for
+ which uninitialized output variables is common); any complete packets
+ assembled in the process would be sent to the peer, leaking the contents
+ of the uninitialized memory in question.
+
+ * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars
+ Generated RPC handler routines did not initialize output variables of
+ scalar (fixed-length) type, since they did not require dedicated logic to
+ free. Such variables allocated on the stack could remain uninitialized
+ in some cases (including those affected by OPENAFS-SA-2019-001), and the
+ contents of uninitialized memory would be returned to the peer.
+
+All server platforms
+
+ * Fix OPENAFS-SA-2019-003: fix crash in database servers
+ The ubik debugging RPCs prioritize being fast and non-disruptive to
+ database operations over strict correctness, and do not adhere to the
+ usual locking protocol for data access. A data race could cause a NULL
+ dereference if the second memory load was not optimized out by the
+ compiler.
+
+OpenAFS 1.8.4
+
+ All platforms
+
+ Build system updates to remove obsolete autoconf macros and remove missing
+ script warning during builds (13480, 13481, 13482, 13483, 13484, 13486,
+ 13789, 13790).
+
+ Build system update to fix a conditional check in the pthread.m4 autoconf
+ file (13595)
+
+ Build system update to create the man3 subdirectory, fixing a
+ reported build failure (13535).
+
+ Remove the last reference to src/mcas in the documentation (13558).
+
+ All server platforms
+
+ Fix fileserver's parsing of the options -vlruthresh, -vlruinterval,
+ -vlrumax and -novbc (13680).
+
+ Fixes to make ptserver's behaviour when run in restricted mode consistent
+ with the documentation: Non-members of the system:administrators group
+ are no longer allowed to issue the adduser, setfields and delete pts
+ commands, and all members of system:administrators are now allowed to
+ issue pts commands in this mode, not just the admin principal (13686..88).
+
+ All client platforms
+
+ Fix missing Rx call clean-up after failing to read dcaches from a file
+ server (13511).
+
+ Fix an Rx call leak for calls aborted by a connection abort after the call
+ was initialized but before use (13517).
+
+ Remove the obsolete afs_xosi lock to remove unnecessary serialization of
+ VOP_GETATTR calls. This can lead to improved performance under heavy
+ workloads (13529).
+
+ Increase the size of the Directory Name Lookup Cache (DNLC) to improve
+ cache performance (13559).
+
+ Fix getting tokens for cells with a three character name (13679).
+
+ Avoid a misleading message about the cell being used when aklog is run
+ with the -cell parameter but the AFSCELL environment variable is set to
+ a different cell (13676).
+
+ Build system update to honor the CFLAGS environment variable when building
+ libuafs (13544).
+
+ Linux
+
+ Support for mainline kernels up to 5.3 (13787, 13789).
+
+ More fixes for improper use of ENOENT fixes to avoid incorrect use of linux
+ negative dentry cache, which can lead to false ENOENT errors (13542, 13543,
+ 13590, 13692) (RT #134904).
+
+ Return errors instead of returning incomplete directory listings when the
+ directory objects are incomplete in the cache (13591).
+
+ Add ppc64le_linux26 sysname for the ppc64le architecture (13636, 13637,
+ 13589).
+
+ Fix configure check for a kernel time function in order to build on
+ Linux 5.0 (13523).
+
+ RPM packaging update for RHEL8 adding a build requirement to ensure the
+ kernel module can be built from the SRPM (13563) (RT #134900).
+
+ On systemd based RHEL/Fedora systems, start the client after dkms startup
+ is finished if the latter is installed and enabled, to avoid attempting
+ starts without the kernel module being available yet (13674) (RT #134974).
+
+ MacOS
+
+ Build system updates for MacOS (13584).
+
+ Solaris
+
+ Add CTF debugging records to userspace objects to improve debugging
+ of servers (13487).
+
+ Convert the cache manager vnodes to be non-embebbed on Solaris 11 in order
+ to make the cache manager more resilient across Solaris 11 changes (13524,
+ 13525, 13526, 13527, 13528).
+
+
+OpenAFS 1.8.3
+
+ All platforms
+
+ * Improved diagnostics and error messages (13186 13411 13417)
+
+ * Avoid sending RX packets with random garbage in the userStatus field
+ (13332)
+
+ * Fixed detection of the RX initialization status (13416)
+
+ * Assorted fixes to avoid segmentation faults and other potential problems
+ by detecting internal errors rather than letting them go unnoticed
+ (13329 13372)
+
+ All server platforms
+
+ * Fixed a build problem accidentally introduced in release 1.8.2 (13328)
+
+ * Assorted efficiency improvements in the ubik implementation (13153 13218
+ 13188 13353)
+
+ * Fixed locking around transaction list processing in volserver to avoid
+ segmentation faults and other potential problems (13336 13337)
+
+ * When the volserver attempts to remove a temporary volume after a
+ transaction, but the volume was already removed, e.g., by the salvager,
+ this is no longer treated as an error (13235)
+
+ All client platforms
+
+ * Update the CellServDB to the latest version from grand.central.org from
+ May 14th 2018 (13409)
+
+ * Avoid a panic during cache initialization when allocating the required
+ memory fails (13307)
+
+ * Add back the packet counters and timestamps to "vos status" output
+ which had been missing since release 1.8.0 (13421)
+
+ * Correctly handle errors encountered while reading data from the server
+ and writing it to the cache, e.g., due to a full cache partition (13443)
+
+ * Avoid a panic due to a recoverable error while flushing cache items
+ (13503)
+
+ Linux clients
+
+ * Support mainline kernels 4.20 and 5.0 and distribution kernels with
+ backports from those (13405 13406 13440 13441 13442)
+
+ * DKMS-related fixes in Red Hat packaging (13438 13479)
+
+ macOS
+
+ * Support building and packaging on macOS 10.14 "Mojave" (13412 13413)
+
+
+OpenAFS 1.8.2
+
+ All platforms
+
+ * Fix OPENAFS-SA-2018-002: information leakage in RPC output variables
+ Various RPC routines did not always initialize all output fields,
+ exposing memory contents to network attackers. The relevant RPCs include
+ an AFSCB_ RPC, so cache managers are affected as well as servers.
+
+ All server platforms
+
+ * Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption
+ Various RPCs were defined as allowing unbounded arrays as input, allowing
+ an unauthenticated attacker to cause excess memory allocation and tie up
+ network bandwidth by sending (or claiming to send) large input arrays.
+
+ * Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc
+ On systems using the in-tree backup system, the butc process was running
+ with administrative credentials, but accepted incoming RPCs over
+ unauthenticated connections; these incoming RPCs in turn triggered
+ outgoing RPCs using the administrative credentials. Unauthenticated
+ attackers could construct volue dumps containing arbitrary contents
+ and cause these dumps to be restored and overwrite arbitrary volume
+ contents; afterward, the backup database could be restored to its
+ initial state, hiding evidence of the unauthorized changes.
+
+ Running butc with -localauth now requires authenticated incoming
+ connections, and the backup utility makes authenticated connections to
+ the butc. Audit capabilities have been added to the butc RPC handlers.
+ Command-line arguments are provided to retain the (insecure) historical
+ behavior until all systems have been upgraded.
+
+OpenAFS 1.8.1.1
+
+ Linux Clients
+
+ * Support for mainline kernel 4.18 and distribution kernels with backports
+ from it (13268)
+
+OpenAFS 1.8.1
+
+ All Platforms
+
+ * Improve the usability and consistency of the public API: install missing
+ headers, and add additional symbols to the export list for shared libraries.
+
+ * Improved Rx abort generation: use the proper serial number for an existing
+ connection if possible, and 0 otherwise (to improve debugging).
+
+ * Assorted minor fixes in response to static analysis of the codebase.
+
+ * Fix memory-safety error in XDR decoding of enumerated types.
+
+ All Server Platforms
+
+ * Fix reference counting error that could cause an assertion failure
+ in some workloads.
+
+ * vldb_check -fix will no longer corrupt the vldb when multiple MH blocks are present.
+
+ * Assorted cleanups and efficiency improvements in the ubik implementation.
+
+ * Return a valid InlineBulkStatus response in error cases.
+
+ * The fileserver now rejects invalid partition names when attaching partitions.
+
+ All Client Platforms
+
+ * Fix volume callbacks (e.g., when running 'vos release').
+
+ * Treat failure to obtain a DSlot as a hard error for that cache partition,
+ avoiding a flood of "disk cache read error in CacheItems" log messages,
+ and reducing the chance of subsequent panic.
+
+ * Improve error messages for invalid values with -volume-ttl.
+
+ * Remove useless error message:
+ "find_preferred_connection: no connection and !create".
+
+ * Avoid passing NULL to a kernel memory deallocator, which is not guaranteed
+ to be safe on all systems.
+
+ Linux
+
+ * Add support for 64-bit ARM clients ("arm64").
+
+ * Fix panic when cache bypass is enabled.
+
+ * Improve cache manager behavior when unable to open cache files.
+
+ * Improvements to the RPM packaging.
+
+ * Detect out-of-memory when using kernel pages for writing.
+
+ Solaris
+
+ * Fix various issues in the build process for recent Solaris versions.
+
+ MacOS
+
+ * Fix clients on OS X 10.13.
+
+ FreeBSD / NetBSD / OpenBSD
+
+ * Fix panic triggered during periodic cleanup operations and shutdown.
+
+OpenAFS 1.8.0
All Platforms
- Wake up the application thread after 'twind' is updated to avoid 100ms
transmit delays when the receive window transitions from closed to
open.
+ - Fix for OPENAFS-SA-2017-001: sanity-check peer transport parmeters
+ received in ack trailers
* Libraries (both internal and installed) are built using libtool, including
libuafs. The resulting shared libraries for libafsrpc and libafsauthent
- Support the SOURCE_DATE_EPOCH environment variable to improve build
reproducibility.
- Modernize language specific SWIG typemaps for libuafs Perl bindings.
+ - Refactor acinclude.m4 into a set of smaller m4 files (12876, 12877, 12878)
* Improvements to documentation:
- Document the new KeyFileExt file.
- Add PtLog man page.
- Corrections and clarifications to man pages.
- Add ubik threading analysis doc.
+ - Normalize the location of text documents in the source tree.
* Improvements for troublshooting, debugging, and testing:
- Log more details on volume-server-to-fileserver communication errors
- Add tool to find Unix cache manager lock identification numbers.
- Add an option for pretty build output.
- * RPM packaging updated:
+ * RPM packaging updates:
- Update the spec file to keep up with accumulated changes.
- Move the klog.krb5 man page to the openafs-krb5 sub-package.
+ - Remove stray man pages. (12870, 12871)
- Prevent double-starting client on RHEL7
- Convert rpm spec file from deprecated 'make dest' to 'make install'.
- Fix rpmbuild command line option default handling.
+ - Support older versions of rpmbuild which do not support the
+ rpmbuild %exclude directive. (12873)
+ - Move the legacy kaserver and related programs to separate sub-packages,
+ which are only built when rpmbuild is given the '--with kauth' option
+ (12600, 12872)
+ - Package the libuafs perl bindings (12921)
* Add a new protection error code (PRNAMETOOLONG) instead of silently
truncating names which exceed the maximum name length (PR_MAXNAMELEN).
* Add user and build host in the version string returned by
rxdebug -version.
+ * Support recent versions of gcc (7.2.1) (12897)
+
All Server Platforms
* Ubik servers using pthreads are now available and are used by default
+ * As part of improving Ubik reliability in certain edge cases, an extra
+ election cycle (about 60 seconds) may be needed before writes are
+ permitted. This is a conservative change that may be removed in
+ the future.
+
+ * Avoid continually retransmitting the ubik database to remote sites when
+ a write transaction occurs as remote sites are attempting to rejoin the
+ ubik cluster. (12896)
+
+ * Ensure the ubik database version number is updated on remote sites at the
+ point the database is transferred to remote sites instead of waiting for
+ the next ubik beacon. This avoids write transaction failures during the
+ window between the database transfer and the next ubik beacon (12885).
+
* Remove periodic background fsync by the fileserver (ihandle fsync thread).
* Fix potential file handle leak in the file server ihandle caching layer.
* Modify the volume updateDate when the volume is changed by a salvage.
+ * Volume usage statistics are now preserved during reclone and restore
+ operations by default, the behavior previously enabled by
+ the -preserve-vol-stats flag to the volserver. The historical behavior
+ can be retained via the -clear-vol-stats argument.
+
All Client Platforms
+ * Use rxkad_crypt by default for connections to fileservers. This matches
+ the existing behavior of the Windows client and has been applied by
+ the distribution packaging on many platforms already.
+
* Add support for relative ACL changes with fs setacl. If a single plus (+)
or minus (-) character is appended to the rights' letters argument, the
new rights are computed relatively to the existing ones.
* Remove the obsolete Netscape plugin.
+ * Fix building gtx when ncurses is linked against libtinfo.
+
+ * Update to the GCO CellServDB update from 14 March 2017.
+
Linux
* Remove Linux 2.2 and 2.4 support.
* Fix improper use of ENOENT and avoid incorrect use of linux negative
dentry cache.
+ * Use a more correct (less aggressive) scheme to react to downward
+ pressure on cache usage, avoiding d_invalidate(), which can cause
+ getcwd() failures on RHEL 7.4.
+
+ * Apply a workaround to be compatible with RHEL 7.5's KABI preservation
+ strategy for reading directories.
+
* Improve error reporting when encountering corrupt directories.
* Improve rx error handling in the Linux cache manager.
* Do not use the obsolete --enable-largefile-fileservers configure option
when packaging RPMs.
+ * In Red Hat packaging, use a separate rpm for kmod debuginfo,
+ removing a needless tight version dependency on the userspace package.
+ (12822, 12875)
+
* Use the RemainAfterExit systemd feature to avoid premature exit
when -afsdb is not given, for RPM packages.
* Fix --enable-kernel-debug for linux 4.8+.
- * Support linux 4.10, 4.11, 4.12
+ * Fix a hang encountered when accessing a previously removed
+ directory entry (12811).
+
+ * Support linux 4.10, 4.11, 4.12, 4.13, 4.14, 4.15
Solaris
* Avoid BAD TRAP panic due to invalid opcodes on x86 with Studio 12.5.
+ * Add ctf debug records to Solaris kernel modules when debug builds
+ are enabled and the ctf tools are present (ctfconvert/ctfmerge).
+
+ * Save kernel module function arguments on x86 for debugging purposes.
+
MacOS
* Stop processing upcalls once rx shutdown starts.
* Fix builds on MacOS 10.12 by building only the active architecture
by default.
+ * Support versions up through 10.13 (High Sierra) and APFS
+
FreeBSD
* Use the native kernel module build system instead of an ad hoc
* Do not claim AFS_VM_RDWR_ENV
+ * Add sysnames and files for i386 and amd64 10.4, 11.1, and 12.0
+ (12-CURRENT, at present). (12887, 12888)
+
+ * Remove trailing semicolons to fix the build on FreeBSD (12899)
+
NetBSD
* Stay up to date with new NetBSD releases (through 7.x)
(These runtime options override the use of UID-based PAGs, which were
introduced to appease the CDE screensaver.)
+
OpenAFS 1.6.21
All platforms
* Avoid panic on shutdown when mount failed.
+OpenAFS 1.6.0pre2
+
+ All systems: Minor bugfixes.
+
+ ADDITIONAL CHANGES IN 1.6.0PRE2
+
+ All platforms:
+
+ - Documentation updates.
+
+ - Don't stop Rx keepalives after an ackall is received, avoiding
+ spurious connection timeouts. (128848)
+
+ - Don't retry Rx calls on channels returning busy errors. (128671)
+
+ - vos will not die with a double free error at command completion.
+
+ - Properly enable Rx connection hard timeouts.
+
+ - Initialize rx_multi lock before use.
+
+ - Avoid spurious crashes when initializing in "backup" client.
+
+ All unix platforms:
+
+ - Check for /afs existance before starting, unless -nomount is specified.
+
+ - Avoid a potential panic when using /afs/.:mount syntax.
+
+ - Avoid a panic in memcache mode due to missing CellItems file.
+
+ All server platforms:
+
+ - Attempt to recovery more quickly from timed out volume release
+ transactions.
+
+ - Auditing now properly byte order swaps IP addresses when printing.
+
+ - vos split now has improved error handling.
+
+ - Many changes to again support Windows fileservers.
+
+ - During volume removal, data removal speed improved.
+
+ - Improve CPU utilization during volume attaching by DAFS.
+
+ - In salvager check-only mode, avoid potentially fixing a vnode.
+
+ - Fix support for large (greater than 2gb) volume special files.
+
+ - Salvager will not crash if multiple or bad volume link tables
+ are encountered.
+
+ - Avoid erroneous full dump by remembering which sites were out of date
+ at the start of the release.
+
+ FreeBSD:
+
+ - Remove support for "Giant" lock as we no longer need to use it.
+
+ - Don't sleep with AFS GLOCK.
+
+ - Properly enable 64 bit long long support.
+
+ - Restore support for FreeBSD 7 (128612)
+
+ - Fix locking issues at shutdown.
+
+ Linux:
+
+ - support through kernel 2.6.38.
+
+ - RedHat packaging now properly supports RHEL6.
+
+ - Use rx_Readv in cache bypass to improve performance.
+
+ - Properly handle 0-length replies during cache bypass operations.
+
+ - Properly handle non-contiguous readpage cache bypass operations.
+
+ - Do proper locking when transitioning to or from cache bypass.
+
+ - Avoid extra runs of vcache freeing routine. (128756)
+
+ MacOS:
+
+ - Check for unloaded kernel extensions when decoding AFS panics.
+
+ - Properly handle setpag errors. PAGs are not supported.
+
+ - Disable "get tokens at login" in prefs pane if AD authentication
+ plugin is configured.
+
+ OpenBSD:
+
+ - support through OpenBSD 4.8.
+
+ Solaris:
+
+ - Fix support for Solaris pre-10.
+
+ Windows:
+
+ - afs_config will not longer set the Tray Icon State
+ in the registry if the checkbox is not present in
+ the dialog. (128591)
+
+ - AFS Explorer Shell Extension now works from folder
+ backgrounds. Overlays for mount points and symlinks
+ are present in the dll, but are not registered at present
+ by the installers.
+
+ - Do not use RankServerInterval registry value as the value for
+ PerformanceTuningInterval.
+
+ - When the data version of a mountpoint or symlink changes,
+ the target string in the cm_scache_t object must be cleared.
+
+ - "fs checkservers" now includes vldb servers in the output
+ and only lists multi-homed servers once. A multi-homed
+ server that has at least one up interface is no longer
+ considered to be down.
+
+ - When asynchronously storing dirty data buffers to the
+ file server ensure that (a) the cm_scache_t object and
+ the cm_buf_t object are for the same File ID so that
+ locking and signalling work properly; and (b) if the
+ FID no longer exists on the file server, do not panic,
+ just discard the buffer.
+
+ - When processing VNOVOL, VMOVED and VOFFLINE errors perform
+ server comparisons by UUID or address and not simply by
+ cm_server_t pointer. Otherwise, server failover may not
+ succeed.
+
+ - Do not preserve status information for cm_scache_t objects
+ when the issuing server is multi-homed.
+
+ - Giving up all callbacks when shutting down or suspending
+ the machine is now significantly faster due to the use
+ of an rx_multi implementation. (This functionality is
+ still off by default and must be activated by a registry
+ value.)
+
+ - Race conditions were possible when updating the state
+ of the cm_volume_t flags and when moving the volumes
+ within the least recently used list.
+
+ - Ensure that the lanahelper library does not perform a
+ NCBRESET of each lan adapter when enumerating the
+ current network bindings. Correcting this permits OpenAFS
+ to work on Windows 7 when the network adapter settings
+ change.
+
+ - Fix creation of mount points and symlinks as \\AFS\xxxx
+
+ PREVIOUS CHANGES:
+
+ All platforms:
+
+ - vos now properly deals with matching sites when servers are multihomed.
+
+ All Unix platforms:
+
+ - Servers now marked down when GetCapabilities returns error.
+
+ - In-use vcache count is now properly tracked.
+
+ All server platforms:
+
+ - Fix ptserver supergroups support on 64 bit platforms.
+
+ - Demand attach salvaging doesn't use freed volume pointers.
+
+ - Properly hold host lock during host enumeration in fileserver.
+
+ FreeBSD:
+
+ - Fix socket termination on shutdown.
+
+ - Support for 7.2, 7.3, 7.4 and 8.2 included.
+
+ - References to vcaches are no longer leaked during root or reclaim.
+
+ Linux:
+
+ - Define llseek handler to avoid ESPIPE error in 2.6.37.
+
+ - Mount interface replaces get_sb (new for 2.6.37, not yet required).
+
+ - RedHat init script allows deferring for a new binary restart.
+
+ - DEFINE_MUTEX replaces DECLARE_MUTEX for 2.6.37.
+
+ MacOS:
+
+ - Correct return value from setpag syscall.
+
+ OpenBSD:
+
+ - Bug fixes for issues introduced previously in 1.5 series.
+
+ Solaris:
+
+ - Switch to ioctl() syscall replacement for Solaris 11 since syscall 65
+ is not safe.
+
+
OpenAFS 1.5.78 (2010-11-04)
All platforms
OpenAFS 1.5.73 (2010-03-24)
- All platforms
+ All systems: Minor bugfixes. New features.
- * NAT keepalive support at Rx level.
+ * New functionality:
- * Corrected SRV record support for cell name canonicalization.
+ All systems:
- All server platforms
+ - NAT keepalive support at Rx level.
+
+ * Bugfixes:
+
+ All systems:
+
+ - Corrected server IP address output in vos syncvldb verbose mode.
+
+ - Corrected server IP address output for last "yes" host in udebug.
+
+ - Corrected SRV record support for canonicalizing cell names.
+
+ All UNIX clients:
+
+ - Fixed a potential race in Disconnected AFS "remove" support.
+
+ - Fix a potential blocking condition in fakestat mode.
+
+ - Avoid some errors and stack overflow reports when vos is interrupted.
+ (33360,125535)
+
+ - Clean up several minor memory leaks.
+
+ - If a large file is stored to a non-largefile fileserver, avoid
+ a potential deadlock.
- * Fix volume callback notification to not notify unaffected clients.
- (126497)
+ - Increase maximum number of sysnames to 32.
- * Allow root directory recreation by salvager. (94658)
+ - Readd fs mariner "storing" message, missing since AFS 3.3.
- * Numerous DAFS fixes.
+ - Attempt timeouts on AFSDB lookups in userspace.
- * Improvements to callback table overflow handling. (126451)
+ - Avoid interrupting writes due to an idle deadtime timeout.
- * bosserver now shuts down cleanly on SIGTERM.
+ All server platforms:
+
+ - Properly notify only affected hosts for volume callbacks. (126497)
+
+ - Allow volumes with trashed root directory to be recovered. (94658)
+
+ - Hold lock in file and volservers when traversing partition list.
+
+ - Use finer-grained locking in DAFS: volume, instead of partition locks.
+
+ - Schedule all DAFS salvages via FSSYNC.
+
+ - Avoid stale ptserver credential caching issue on keyfile update.
+
+ - Improve callback table overflow handling. (126451)
+
+ - Preclude deadlocks on when attempting to save DAFS state.
+
+ - Avoid races deleting hosts. (126454)
+
+ - Improve salvage speed for DAFS (124488)
+
+ - The bosserver now handles SIGTERM.
Microsoft Windows
- * Prevent the Explorer Shell extension from crashing if symlink
+ - Prevent the Explorer Shell extension from crashing if symlink
creation failed. (126406)
- * A Rx level NAT ping has been implemented. A registry value enables.
+ - A Rx level NAT ping has been implemented. A registry value enables.
- * Adds krb5 error message translation to aklog, afscreds,
+ - Adds krb5 error message translation to aklog, afscreds,
afslogon.dll, the network identity manager afs provider and
translate_et.
- * Default mode bit settings for file and directory creation are now
+ - Default mode bit settings for file and directory creation are now
provided, and can be configured.
- * An SMB request trace facility is provided and can be enabled for
+ - An SMB request trace facility is provided and can be enabled for
debugging.
- All UNIX client platforms
+ AIX:
- * Rx idle deadtime does not stop file writes.
+ - Clean up properly on mount failure.
- * Disconnected AFS no longer has a race condition during remove ops.
+ - Add entry to /etc/vfs to allow umount to work.
- * Fakestat avoids a condition which could cause it to block on network
- activity.
+ FreeBSD:
- * Several fixes to handle interruptions in vos operations. (33360,
- 125535)
+ - Additional work to support FreeBSD 8-current.
- * Allow more sysnames in a sysname list.
+ IRIX:
- * Attempt to enforce timeouts on AFSDB lookups.
+ - Fix build issues with library order.
- AIX
+ Linux:
- * Clean up properly on mount failure.
+ - Fix s390 support conflict with executable stack patches.
- * Add entry to /etc/vfs to allow umount to work.
+ - Don't count root's AFS session keyrings against quota.
- Linux
+ - Correct dkms support in RPM config file.
- * Several issues to deal with older kernels.
+ - Keyring destructor now properly cleans up all tokens.
- * Avoid leaking the global lock in the /proc cellservdb code.
+ - Build again on old 2.6 kernels.
- * Keyring destruction now cleans up all tokens.
+ - Avoid GLOCK leak when updating CellServDB in-core.
- * Keyring quotas are not enforced against root.
+ - Fix byte-range lock handling.
- MacOS
+ - Attempt to deal with bdi issues. (126514)
+
+ MacOS:
- * Some FSEvents hinting for authentication events now done. (23781)
+ - Some FSEvents hinting for authentication events now done. (23781)
- * Update uninstaller. (125634)
+ - Update uninstaller. (125634)
- * Rewrite afssettings and fstab code to avoid licensing issue with
- APSL.
+ - Rewrite afssettings and fstab code to avoid licensing issue with APSL.
- * Growl client for user monitoring of AFS events included.
+ - Growl client for user monitoring of AFS events included.
- * Properly support insert-only dropboxes.
+ - Properly support insert-only dropboxes.
- * Add bulkstat support.
+ - Add bulkstat support.
- * Include support for moving in Finder across mount points.
+ - Include support for moving in Finder across mount points.
- * Preferences Pane includes support for Kerberos 5 ticket renewal.
+ - Preferences Pane includes support for Kerberos 5 ticket renewal.
+
+ OpenBSD:
+
+ - Some support for OpenBSD 4.7.
OpenAFS 1.5.72 (2010-02-15)
without further attempts to contact the file server.
-=======> Changes back to 1.3 have not yet been incorporated here <=======
+OpenAFS 1.4.12
+
+ All client systems: Major bugfixes.
+ File servers: Major bugfixes.
+
+ * New functionality:
+
+ All systems:
+
+ - Provide portable (pioctl) method for discovering what PAG a user is
+ in. Required to support userspace PAG information collection on AIX
+ 5.1, and knowing whether Linux uses one group, two group, or only
+ keyring based PAGs. (124709)
+
+ * Bugfixes:
+
+ All systems:
+
+ - Fixes to avoid issues cleaning up deleted hosts in the fileserver (126454)
+
+ - Fixes to avoid dropping writes due to server idle timeouts.
+
+ - Don't miss cache chunks of large files while truncating.
+
+ - Avoid null pointer dereference for unexpected volume names in volume
+ utilities.
+
+ - Don't mark connections waiting for additional packet window availability
+ idle.
+
+ - Kerberos 5 utilities (klog.krb5, aklog) enable weak encryption support.
+
+ - Avoid a double-free of an Rx call structure during a client fetch error.
+
+ - Avoid losing hosts during address changes. (125215)
+
+ - Clients shouldn't trust Fetchdata replies for the size of returned data.
+
+ - fileserver will not hang when attempting to cleanup and dump core.
+
+ - salvager will not leave core files in random directories.
+
+ - avoid letting retransmit timer get to 0 seconds.
+
+ - in event of dbserver contact failure, shut fileserver down cleanly.
+
+ - handle large partitions during check for needed disk space at
+ client start.
+
+ - time out Rx connections if network unreachable error received.
+
+ - avoid dereferencing NULL pointer freeing Rx packets in receive. (125110)
+
+ - mark stack not executable in LWP. (125491)
+
+ - return a correct VolumeSync structure from Bulkstat RPCs in fileserver.
+
+ - client attempts to better free memory at shutdown.
+
+ - clear rx call queue safely. (125110)
+
+ - retry VLserver registration on failure in fileserver.
+
+ - update accessdate for volumes on access in fileserver.
+
+ - additional safety checks on vlserver operations to avoid
+ database corruption.
+
+ - make ktc_curpag available on all builds. (125155)
+
+ FreeBSD:
+
+ - Build fixes.
+
+ Linux:
+
+ - Handle kernel changes through 2.6.33.
+
+ - Fix oops in clear_inode due to missed locking. (125589)
+
+ - Better handle /afs mount failures.
+
+ - Clean up after failures creating our kernel kmem cache.
+
+ - Work around memory management issues with some kernels when configuring
+ the buffer cache/bdi (126514)
+
+ - Rename compile_et to afs_compile_et to avoid RPM conflicts.
+
+ - Handle whole-file locks properly. (126561)
+
+ - Deal with kernel autoconf header renaming.
+
+ - Handle SELinux cache backing file labels better to avoid potential oops.
+ (92944,125544)
+
+ MacOS:
+
+ - klog now works correctly on 64 bit machines.
+
+ - launchd now used to launch AFS at boot.
+
+ - Preferences pane included for 10.4 and later.
+
+ - Older versions can now be installed from packages.
+
+ - Finder does not trigger bogus AFSDB lookups in /afs in dynroot mode.
+
+ - Include package with debug kernel module symbols.
+
+ OpenBSD:
+
+ - Build fixes.
+
+ - Support for x86_64.
+
+ Solaris:
+
+ - Handle ZFS caches usefully. (125365)
+
+ - Implement additional pathconf support.
+
+OpenAFS 1.4.11
+
+ Linux client systems: Major bugfixes.
+ All client systems: Minor bugfixes.
+ File servers: Major bugfixes.
+
+ * New functionality:
+
+ All systems:
+
+ - Provide portable (pioctl) method for discovering what PAG a user is
+ in. Required to support userspace PAG information collection on AIX
+ 5.1, and knowing whether Linux uses one group, two group, or only
+ keyring based PAGs. (124709)
+
+ * Bugfixes:
+
+ All systems:
+
+ - Fix bosserver to invoke salvager with "-force" instead of ambiguous
+ "-f". (124916)
+
+ - Cleanup for ptserver argument parsing to allow debug mode to work. (124893)
+
+ - Sanity checking for ptserver log levels. (124894)
+
+ - Fix for uninitialized memory dereference in klog.krb5.
+
+ - Fix an overflow in the cellconfig code used by client and server. (124891)
+
+ - Fix an erroneous vos verbose mode format string.
+
+ - Avoid losing writes on mmap()ed files when cache is memcache. (124671)
+
+ - Provide an afsd switch to allow override of the maximum MTU. (124880)
+
+ - Provide support for encrypt mode in pts.
+
+ - Fix race in background sync code which could cause volumes to go offline.
+ (124359)
+
+ - Fix fileserver to avoid a null pointer dereference in client identity
+ lookup routines. (125020)
+
+ - Improve handling of moves of volumes from 1.5 series fileservers. (18349)
+
+ FreeBSD:
+
+ - UKERNEL build fix. (124681)
+
+ Linux:
+
+ - Allow syscall probing to be disabled by switch to configure at build time.
+
+ - Fix bug in anti-recursion protection for mmap clients. (124627)
+
+ - Avoid a panic caused by changing credentials during VFS operations. (124737)
+
+ - Avoid need for rcu subsystem when unavailable. (124986)
+
+ - Improve keyring PAG setup code. (125001)
+
+ - Avoid possible ext3 cache truncation issues. (124942)
+
+ MacOS:
+
+ - MacOS 10.3 UKERNEL build fix. (124681)
+
+ OpenBSD:
+
+ - Update support for 4.5 (124719)
+
+ OpenSolaris:
+
+ - Updates for newer OpenSolaris kernels. (124116, 124924)
+
+OpenAFS 1.4.10
+
+ All client systems: Security fixes.
+ File servers: Major bugfixes.
+ All systems: Minor bugfixes.
+
+ * Security fixes:
+
+ All client systems:
+
+ - Avoid a potential kernel memory overrun if more items than requested are
+ returned from an InlineBulk or BulkStatus message. (124579)
+
+ Linux client systems:
+
+ - Avoid converting negative errors into invalid kernel memory pointers. (124580)
+
+ * Bugfixes:
+
+ AIX:
+
+ - Don't build aklog NAS module when krb5 is not available. (124522)
+
+ FreeBSD:
+
+ - Additional fixes and support. (124107, 123917)
+
+ Linux:
+
+ - Support 2.6.28. (123580)
+
+ - Support 2.6.29. (124115)
+
+ - Attempt to support 2.6.30 (124560)
+
+ - Avoid race during truncation. (124094)
+
+ - Dynamic vcache allocation support, to deal with inotify vcache pinning. (124334)
+
+ - Correct use of truncate_inode_pages to vmtruncate for locking issues. (124128)
+
+ - Update RPM configuration. (123650, 102673, 124272)
+
+ - Update kernel feature detection. (124507, 123604)
+
+ - Do appropriate locking for CellServDB in /proc. (124407)
+
+ MacOS:
+
+ - Fix MacOS 10.3 support.
+
+ - Add candidate Darwin 10 support.
+
+ NetBSD:
+
+ - Corrected NetBSD version tests. (123647)
+
+ OpenBSD:
+
+ - Update support for 4.4 (124541)
+
+ Solaris:
+
+ - Support cache filesystems which do not allow open by inode number, enabled by
+ default on Solaris 9 and later. (123677)
+
+ - Improve error code return quality. (124426)
+
+ - Allow large partitions on Solaris servers.
+
+ All client systems:
+
+ - Avoid improper error messages about key version when krb5 is in use. (124220)
+
+ - Avoid attempting to free kernel memory which was already freed. (124531)
+
+ - Properly count offline volumes in vos client. (124333)
+
+ All server systems:
+
+ - Avoid 64 bit time issues in callback dump files. (124451)
+
+ - Support more than one local Kerberos realm; Usernames are assumed to be the
+ same across realms.
+
+ - Ubik recovery is corrected to avoid spurious errors. (123723)
+
+ - Do proper host address hashing for little endian machines in fileserver. (124447)
+
+ - Update backup utility to properly compute header needs in the backup buffer.
+ (124425)
+
+ - Avoid blocking during Rx unused connection reaping.
+
+ - Avoid leaking file handles in the fileserver when closing a volume. (124359)
+
+ - Fix bosserver corefile naming to be y2k-safe. (124340)
+
+ - Avoid potential infinite loop in deleted host handling in the fileserver.
+
+ - Support large volume dumps in vol-dump. (123984)
+
+ - Build butc XBSA support on 64 bit systems.
+
+ All systems:
+
+ - Properly track Rx connection idleness for timeouts.
+
+ - Additional documentation. (124472)
+
+ - Avoid a race which may result in an in-use Rx packet being freed. (123799)
+
+OpenAFS 1.4.9
+
+ All client systems: Security fixes.
+
+ * Security fixes:
+
+ All client systems:
+
+ - Avoid a potential kernel memory overrun if more items than requested are
+ returned from an InlineBulk or BulkStatus message. (124579)
+
+ Linux client systems:
+
+ - Avoid converting negative errors into invalid kernel memory pointers. (124580)
+
+OpenAFS 1.4.8
+
+ File servers: Major bugfixes.
+ All systems: Minor bugfixes.
+
+ * Bugfixes:
+
+ AIX:
+
+ - AIX 6.1 is now supported.
+
+ - Unpin kernel memory references after free. (99456)
+
+ FreeBSD:
+
+ - FreeBSD 7 is now supported.
+
+ Linux:
+
+ - Avoid deadlock when writing back pages in an mmap()ed file larger than
+ the cache. (120491)
+
+ - Update process tree walking for PAG garbage collection to avoid oopses.
+ (116603)
+
+ - fakestat mode now correctly avoids spurious ENOTDIR errors.
+
+ - Use kernel build system for all platforms.
+
+ - Remove openafs directory from proc in correct order. (112910)
+
+ - Handle renames across directories correctly in the linux dcache. (74672)
+
+ - Probe syscall table when possible. (105457)
+
+ - Mount point parsing is now updated to handle only well-formed mount
+ points rather than similarly-formed symlinks. (113558, 100836)
+
+ - ucontext-style LWP is now anbled for glibc versions newer than 2.3.
+
+ MacOS:
+
+ - Update available space shown. (112910)
+
+ NetBSD:
+
+ - Work around broken SIGWAIT. (111404)
+
+ Solaris:
+
+ - Solaris 10 now defaults to namei fileservers.
+
+ - NFS translator issues fixed.
+
+ - Changes to address Solaris updates. (105495)
+
+ All client systems:
+
+ - udebug correctly displays the last "yes" host.
+
+ - Allow more vldb lookups to be cached in the client.
+
+ - Fix aklog to not be excessively verbose when not requested.
+
+ - Add support for timing out accesses which are not completing in a timely
+ manner.
+
+ - Properly flag backup volumes being added to the vldb by vos syncvldb.
+
+ All server systems:
+
+ - fileserver "large" setting now implies 128 threads instead of 12.
+
+ - fileserver check for duplicate uuids is now applied correctly.
+
+ - Newer xbsa APIs are supported for TSM integration in butc.
+
+ - salvager avoids corrupting length of directory objects. (111585, 107767)
+
+ - volserver avoids a race during volume release so a volume will not
+ appear to be offline. (107258)
+
+ - Add support for returning errors when accesses are not completing
+ in a timely manner.
+
+ - Avoid potential race in the volserver when creating transactions. (121263)
+
+ - Return sensible error when a release or restore exhausts server
+ resources. (121040)
+
+ - volserver now returns EXDEV if a new replica would duplicate one which
+ already existed elsewhere on the server.
+
+ - Disable jumbograms by default.
+
+ - volserver updates a volume's updateDate on volume creation. (110943)
+
+ - Partitions over 2tb are now supported. (88811)
+
+ All systems:
+
+ - Re-enable Rx client keepalives. (20727)
+
+ - Support autoconf 2.62. (118058)
+
+ - Update Rx to avoid leaking packets.
+
+ - vos supports the -noresolve options to avoid issues with 127.0.0.1 being
+ named in /etc/hosts.
+
+ - Additional documentation. (104110)
+
+OpenAFS 1.4.7
+
+ File servers: Major bugfixes.
+ All systems: Minor bugfixes.
+
+ * Bugfixes:
+
+ AIX:
+
+ - Kerberos as included in AIX has missing symbols. AFS krb5 tools now
+ deal correctly.
+
+ - AIX LAM aklog plugin can now be used CDE screenlocker.
+
+ - Add support for getting the current PAG in pagsh and PAM.
+
+ - Avoid sending a terminal hangup to STREAMS in aklog.
+
+ - Fix afsdb support in the client.
+
+ Linux:
+
+ - Kernels through 2.6.25 are now supported. (77370,88000,83716,83890,80463)
+
+ - Client now only hashes dirty inodes. (78544)
+
+ - Fix to avoid returning invalid mount point data when -fakestat-all is in use.
+ (93898)
+
+ - RPM build system updates. (93616)
+
+ - Restored write-on-close-or-fsync semantics when possible. (17509)
+
+ - Enabled support for flock() on files in AFS. (53457)
+
+ - ARM Linux now supported.
+
+ - Kernel keyring support updated.
+
+ - Fix client-displayed timestamp ordering by zeroing nanosecond field.
+
+ MacOS:
+
+ - Boot time init script now uses afs.conf to store config options. (81825)
+
+ - Avoid kernel panic due to excessive lock tracking when removing files.
+
+ - Avoid leaking kernel memory when trying to read() a directory.
+
+ Solaris:
+
+ - Avoid potential kernel panic if the root vnode of AFS changes.
+
+ - Avoid potential kernel panic when shutting down if contracts are in use.
+
+ - Avoid potential delays when creating new PAGs if the system clock
+ has gone backwards.
+
+ All client systems:
+
+ - At client shutdown, try harder to clean up in-use resources. (74479)
+
+ - When fakestat is in use, enable optimization for Gnome Nautilus lookups.
+
+ - Properly hold lock when updating disk cache metadata to avoid
+ kernel panic. (59136)
+
+ - Avoid wrapping to the start of a file when attempting to write a large file
+ to a pre-largefile fileserver. (73720)
+
+ All server systems:
+
+ - Fixed to avoid truncating ubik databases during recovery. (77183)
+
+ - fileserver issue with internal file cache filling has been fixed. (87977)
+
+ - fileserver thread quota enforcement now done in all cases. (87416)
+
+ - fileserver avoids potential network-related deadlock when breaking
+ callbacks.
+
+ - fileserver avoids crash due to race of resource creation and user requests
+ at startup.
+
+ - fileserver avoids crash when reinitializing Ubik connections.
+
+ - volserver fixed to avoid leaving orphaned files during restore. (46937)
+
+ - volserver now supports convertROtoRW for inode fileservers.
+
+ - Support disabling kerberos 4 style username protection in servers. (75101)
+
+ All systems:
+
+ - Fix to butc to avoid crash due to threaded library variant.
+
+ - Fix to avoid network retransmission issues if the system clock goes
+ backwards.
+
+ - vos syncvldb and syncserver now support a dryrun (do nothing) mode.
+
+ - vos addsite now supports adding a site where a replica is already
+ available.
+
+ - vos clone now supports creating properly-named readonly and backup clones.
+
+ - vos restore now allows an older copy of a volume at an alternate site to
+ not be removed.
+
+ - cmdebug now supports dumping a client's CellServDB.
+
+ - cmdebug now supports showing human-readable expiration times.
+
+ - aklog now handles Kerberos referrals.
+
+ - Additional documentation now included. (89288,89289,86677)
+
+OpenAFS 1.4.6
+
+ All systems: Major bugfixes.
+
+ * Bugfixes:
+
+ All systems:
+
+ - fileserver host tracking code had a missing lock on a host structure;
+ that lock has been added.
+
+ - fileserver handling for clients which are giving up callbacks did not
+ hold a lock, making it unsafe and allowing clients to potentially
+ crash the server by racing.
+
+ - fileserver will now leave a corefile when it is doing a shutdown due
+ to error conditions.
+
+ - fileserver again allows ufs as a valid filesystem type (regression in 1.4.5).
+
+ - cbd handler for fileserver status data has an interpretation error which
+ could cause crashes corrected.
+
+ - fileserver accurately tracks number of callbacks on a given file.
+
+OpenAFS 1.4.5
+
+ All systems: Minor bugfixes.
+ New systems: MacOS 10.5.
+
+ All systems:
+
+ - fileserver address tracking is improved to avoid potentially merging
+ unrelated hosts.
+
+ - Documentation updates.
+
+ - namei fileserver now does fsync()s in background batches for performance
+ improvements.
+
+ - Kerberos ticket support corrected in bundled Kerberos 4 utilities on 64
+ bit platforms.
+
+ - fileserver includes limited per-host thread quota support to avoid
+ resource starvation.
+
+ - fileserver deals with more damaged volumes without asserting.
+
+ - vos validates dumpfiles before attempting restores.
+
+ - vos clone will no longer potentially delete the parent volume.
+
+ - Client no longer permits empty UUID to be created.
+
+ - fs uuid command for checking, regenerating UUID added.
+
+ - Updates for gcc 4.2.
+
+ - fileserver treats w (write) permission as granting read lock permission
+ in addition to write.
+
+ AIX:
+
+ - Bundled NAS Kerberos is now supported. (5.x)
+
+ - LAM aklog module is provided. (5.x)
+
+ - Associate cache files with correct filesystem to avoid snapshots when
+ performing maintenance on local filesystems.
+
+ Irix:
+
+ - Makefile updates.
+
+ Linux:
+
+ - Kernels throigh 2.6.23 are known to work.
+
+ - Updates to syscall table probing.
+
+ - Bug fix in keyring PAG support to avoid oops.
+
+ - updated sample RPM configuration.
+
+ - sparc32 lwp support updated.
+
+ - Avoid potential oops in symlink support in certain older kernels.
+
+ - Avoid potential deadlock during vmalloc.
+
+ - Corrected locking while interacting with kernel task list.
+
+ MacOS:
+
+ - Several panics fixed, including remove_fsref. (10.4 and later)
+
+ - IP address changes now tracked.
+
+ - Corrected support for dropboxes (li access without r) with cp and Finder.
+
+ - fstrace and ancillary files now included.
+
+ - man pages are now installed in the default MANPATH.
+
+ - Servers will be timed out quickly if there is no route available.
+
+ - Temporary files from remove-while-busy now cleaned up correctly.
+
+ Solaris:
+
+ - Updates to accomodate kernel interface changes. (10u4 and later)
+
+ - knfs and NFS translator support updated.
+
+ - Changes to accomodate version 5.4 xbsa library.
+
+ - Updates for new SunStudio defaults.
+
+OpenAFS 1.4.2
+
+ All systems: Major bugfixes.
+
+ * Bugfixes:
+
+ All systems:
+
+ * A bug in the namei volserver which could erroneously make a replicated or
+ moved volume go offline has been fixed.
+
+ * Volume package users (fileserver, volserver, salvager) avoid using lockf to
+ avoid leaking byte range locks on volume internal files.
+
+ MacOS 10.4:
+
+ * A bug where the client kernel module could free stack memory (which caused
+ issues with 64 bit Intel most commonly) has been fixed.
+
+ Linux:
+
+ * A missing kernel feature test has been fixed.
+
+ * group based PAG support is still enabled when possible.
+
+ * ia32 syscall table support for amd64 has build fixes for modern kernels.
+
+ Solaris:
+
+ * fopen() is not safe for use with more than 255 file descriptors open;
+ Emulate it in the afsconf package so afsconf can be used in the fileserver.
+
+ Windows:
+
+ * DNS registration is disabled for the loopback adapter, and we make sure
+ Netbios is turned on.
+
+ Since 1.4.1:
+
+ All platforms:
+ * Remove use of ubik_Call in the source code so prototypes are used.
+
+ * Avoid synchrony in call from the fileserver to the ptserver.
+
+ * Fix a bug in the backup suite when restoring.
+
+ * fileserver and volserver now log for error conditions which may cause
+ exiting.
+
+ * rx avoids a stack overrun when more packets are needed.
+
+ * volserver avoids holding a lock too long when purging volumes.
+
+ * volserver lock initialization fixes
+
+ * volserver volume nuke fixes to avoid leaving files behind
+
+ * fileserver avoids error when authenticating ptserver requests
+
+ * fileserver no longer crashes when GetCPS fails
+
+ * salvager enhancements to deal better with corrupt volumes for namei
+
+ Unix:
+
+ * aklog deals with KDCs which give "generic" replies to principals not
+ existing.
+
+ * Fix bug in cache parameter autotuning
+
+ RedHat:
+
+ * packaging fixes
+
+ Linux:
+
+ * amd64 pthread library family updates.
+
+ * autoconf fixes for kernel feature testing
+
+ * keyring PAG support now only enabled if needed features are present
+ and other updates
+
+ * inline a version of BUG() so we get better oopses
+
+ AIX:
+
+ * tsm is updated to work with the new AIX 5 interface.
+
+ MacOS:
+
+ * Cross compile fixes
+
+ * Packaging improvements
+
+ * Large file support fixed (Thanks to Chaskiel Grundman)
+
+ * Fixes for Leopard seed.
+
+ * Installer image updates
+
+ Windows:
+
+ * Removes race conditions and a deadlock introduced in 1.4.1
+
+ * Fixes ANSI filename option.
+
+ * Establishes new connections to file servers when
+ IP address configuration changes are detected.
+
+ * Improved CIFS compatibility
+
+ * Cache Manager optimizations
+
+ * Fixes vlserver failover when mounting 'root.afs'
+ (Freelance mode disabled)
+
+ * Installs help files in the correct location for use by afscreds.exe
+ and afs control panel.
+
+ * Improve reporting of "over quota" and "disk full" errors.
+
+ * Prevent crash when evaluating mount points to volumes that do
+ not exist
+
+ * Removes auto-registration of AFS ID in foreign ptservers from
+ Integrated Logon DLL. This prevents crashes if the DLL is loaded
+ and unloaded prior to termination of the process.
+
+ * SDK moved to \Program Files\OpenAFS\SDK
+
+ * NSIS and WiX Installer Frameworks update to the latest versions
+
+ * Improvements to the Kerberos Logon Integration
+
+ * Prevents exception in Integrated Logon DLL during SysPrep
+
+ * Prevents displays of MessageBox dialogs in response to Network Adapter
+ errors
+
+ * Hard Dead and Connection Timeout values restricted to the CIFS Session
+ Timeout value.
+
+ * Correct writing of BackConnectionsHostNames registry value.
+
+ * Properly recycles Volume entries
+
+ * The AFS Explorer Shell Extension always finds its resource library.
+
+ * The export list for AFSAUTHENT.DLL has been corrected. (The AFS
+ plugin for NetIDMgr will no longer use 100% of CPU.)
+
+ * Renaming files on Microsoft Vista Build 5536 works.
+
+ * Better handling of "." directory in fs commands
+
+ * Add OpenAFS License text to installers
+
+ * fs setquota and fs mkmount commands behave the same as the UNIX
+ version
+
+OpenAFS 1.4.2
+
+ All systems: Major bugfixes.
+
+ * Bugfixes:
+
+ All systems:
+
+ - Volume dump parsing code in the volserver has better error checking.
+
+ - salvager has improved damaged volume handling on namei fileservers.
+
+ - fileserver has size validity checks for when large file support is disabled.
+
+ - fileserver avoids potentially multiply adding a host to its hash table.
+
+ - rxkad client private data storage is allocated dynamically on ticket size.
+
+ - Handle universal error code translation for file locking.
+
+ - fileserver needs to swap callback connections on a client IP change.
+
+ - fileserver host package revised to reduce lock contention.
+
+ - Rx has been fixed to count hard acks, thus opening the congestion window.
+
+ - All servers support bound Rx sockets (on one interface).
+
+ - namei fileserver no longer use lockf() to avoid range locking issues.
+
+ - most binaries now support the -version switch.
+
+ - backup suite fixes for 64 bit platforms.
+
+ - volserver avoids holding holds during volume purges.
+
+ - volserver avoids losing files on namei during vos zap.
+
+ AIX:
+
+ - fileserver now properly supports large files.
+
+ - TSM updates for AIX 5
+
+ - Kernel module avoids leaking Rx packets.
+
+ - Avoid use of global ubik client structure in fileserver.
+
+ - Update ubik call client interface to allow for prototyping.
+
+ - audit logging fixes when stdarg does not provide integral va_list type.
+
+ MacOS 10.4:
+
+ - A bug where the client kernel module could free stack memory (which
+ caused issues with 64 bit Intel most commonly) has been fixed.
+
+ - Packaging fixes and updates.
+
+ - Uninstaller added.
+
+ - Fix large file support.
+
+ Linux:
+
+ - autoconf kernel feature testing has been restructured.
+
+ - PAG garbage collection is enabled by default.
+
+ - Kerberos updates for RHEL3.
+
+ - Fix POSIX lock enrollment for older Linux kernels.
+
+ - Updates for new 2.6 kernels.
+
+ - Avoid deadlocks in put_inode handler.
+
+ - Keyring-based PAG support.
+
+ - Fixes to avoid getting better oops info in the kernel.
+
+ Solaris:
+
+ - Remove some kernel symbol bindings for symbols we don't use.
+
+ - Cleanup for loopback mount of AFS on Solaris 10.
+
+ - Avoid issues with stdio not supporting file descriptors above 255 on
+ Solaris 8 and lower in the fileserver.
+
+OpenAFS 1.4.1
+
+ All systems: Major bugfixes.
+ New systems: MacOS 10.4 (PowerPC and Intel)
+
+ * Bugfixes:
+
+ All systems:
+
+ - Several race conditions in the host tracking and handling in the fileserver
+ which could cause inconsistent behavior and crashes have been fixed.
+
+ - A fileserver bug where a reference to a volume could be leaked and later
+ cause a deadlock as a result of a bulk status call
+
+ - Reference counting of fileserver objects in unsigned 32 bit integers
+ instead of signed 16 bit integers.
+
+ - Avoid type mismatches when handling time values (betweemn 32 bit and 64 bit
+ variables).
+
+ - Fix a memory leak during multilevel packet queue handling.
+
+ - Audit log output had been updated to include FIDs for newly created files.
+
+ HP-UX 11i:
+
+ - 64 bit (large file) inodes are supported.
+
+ - Salvager will now handle large (>4gb) partitions.
+
+ * New features:
+
+ All systems:
+
+ - asetkey is now included to ease Kerberos 5 integration for server
+ administrators.
+
+ - A new fileserver statistics collection including callback statistics was
+ added.
+
+ - man pages are now generated.
+
+ Microsoft Windows:
+
+ - Fixes error message problems experienced by fs.exe and the AFS Explorer
+ Shell Extensions related to the use of Universal Error Codes by the
+ AFS File Server
+
+ - Adds full SMB/CIFS support for byte range locking. In this implementation
+ all locks are allocated locally and the AFS lock privilege is ignored.
+ While this will not prevent two processes on different machines from
+ simultaneously writing to the same file, it will prevent two processes
+ on the same machine from doing so.
+
+ - The UP server check period has been reduced to once every ten minutes to
+ match the period used by the UNIX clients. The shorter period will
+ assist clients maintain RX connections through NATs.
+
+ - Fixes the DOWN server check logic to ensure that any server that responds
+ to a check is marked UP unless it is in the process of restarting.
+
+ - Add logic to better handle objects that no longer exist on the file server.
+ (VNOVNODE errors.)
+
+ - Prevent the removal of existing drive mappings by "afscreds.exe -M"
+
+ - Fixes the procmgmt library so that it doesn't cause applications that
+ unload it to crash.
+
+ - Improves the warnings written to the afsd_init.log file when the
+ Windows RPC Protocol drivers are improperly configured.
+
+ - Fixes "fs setserverprefs -vlserver". Multiple calls with the same
+ server parameter could result in a crash of afsd_service.exe.
+
+ - The SMB/CIFS layer was audited for reference miscounts and memory leaks.
+ All SMB objects are now properly counted, locked, and released when
+ their work is done.
+
+ - Prevent file truncation of the user does not have the appropriate access.
+
+ - Token management was re-written to allow user tokens to be preserved
+ during integrated login and freed after logoff is complete.
+
+ - Added a mechanism by which abandoned SMB virtual circuits can be
+ detected and the associated resources cleaned up.
+
+ - Prevent the allocation of SMB file handles with a value of 0 or 0xFFFF
+ which would be considered invalid by Windows applications.
+
+ - Fixed the processing of cell names to ensure that they are always
+ treated as case insensitive strings.
+
+ - Fixed the network provider code to avoid querying the profile location
+ if integrated login is disabled.
+
+ - If a mount point string is empty, return Path Not Found to the application.
+
+ - Windows returns WSAECONNRESET when an ICMP packet is received in response
+ to a transmitted UDP packet that cannot be delivered. Do not mark the
+ connection as bad but instead retry the request.
+
+ - Fix the data written to the registry as part of the BackConnectionHostnames
+ values.
+
+ - Fixed the rx-lwp implementation to always generate unique rx call
+ identitiers.
+
+ - The default "fs minidump" type now includes data segments.
OpenAFS 1.3