Upstream release notes:
User-Visible OpenAFS Changes
OpenAFS 1.6.2
All platforms
* Fix buffer overflows in fileserver and ptserver.
* Abort an rx connection when given an unknown service (Gerrit 7593).
* "idle dead" behavior improvements.
* Documentation updates.
All server platforms
* Fix rare file corruption during background sync (Gerrit 8796).
* Fix corrupting clients' metadata cache during certain errors (Gerrit
6957).
* Avoid saying a volume doesn't exist when accessed as the volume is
going offline (Gerrit 7488).
* Fix fileservers to properly report >2 TiB partitions.
* Fix stale volume info from vos examine on non-DAFS filservers.
* Fix possible volume corruption with vos convertROtoRW.
* Fix bosserver to preserve all command-line options over restart.
* Fix bosserver to properly kill hung processes during shutdown.
All UNIX client platforms
* Fixes for memcache, especially on Solaris.
* Increase the size of the DNS resolver answer buffer to allow sites
with a long response list to use SRV and AFSDB records.
* Fix a crash when a server appears to run out of addresses (Gerrit
7487).
* Fix cache corruption when reading from a file another client is
simultaneously writing to (Gerrit 7994).
* Improve handling of disk cache disk errors.
Linux
* fix DKMS configuration for DKMS 2.2.
* Avoid generating inode number 0 with md5 inodes (Gerrit 7276).
* Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914).
* Make PAG-less access use the real UID of the calling process
instead of the effective UID, when determining what credentials to
use (Gerrit 7931).
* Fix possible abuse of fs mkmount.
Prior to 1.6.2, users could crash a client by nesting volume mounts.
* Fix fileserver memory corruption on RHEL 6
Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load.
* Fix client page cache corruption on Linux
When multiple clients read and write to a file, the reading client
may see first page (4096 bytes) of a file as nulls.
* Support Linux kernels up to 3.7.
* Support newer glibc versions.
* Improve client systemd unit file.
* Update Red Hat packaging.
OS X
* Fix crashes on shutdown.
* Prevent unloading the module before shutdown completes.
* Security improvement for the OpenAFS preference pane.
Solaris
* Support newer versions of the Sun Studio compiler software.
* Support compiling on newer versions of Solaris 11 and Solaris 10.
Upstream release notes for 1.6.0 and 1.6.1:
OpenAFS Release Notes - Version 1.6.1
_________________________________________________________________
All server platforms: Critical bugfixes.
All systems: Major bugfixes.
_________________________________________________________________
Sites running 1.6.0 fileserver are urged to update immediately to
avoid data loss.
Sites running 1.6.0 UNIX clients are urged to update immediately to
avoid excess network traffic.
All platforms:
- Updated idle dead handling to avoid issues with retrying
calls which could succeed but error and then error on a retry.
- libafscp updates.
- uafs userspace cache manager updates.
All server platforms:
- A bug which can lose data on a fileserver for volumes which are
replicated or backed up has been fixed. Sites running 1.6.0 are urged to
upgrade immediately! (130295)
- Fix salvaging of volumes with large numeric IDs.
- Further correct tracking of alternate and changed addresses in
the fileserver.
- Do not perform Rx keepalives during disk IO to allow timeouts
to occur in event IO cannot complete.
- Properly associate link tables recreated during salvage with the volume
group ID.
- Demand attach: better error handling during volume attachment.
- Confirm vnode lengths are as expected during fileserver operations.
- Demand attach: better handling of volumes being passed for salvage
and being returned from salvage.
- Conditions which cause a restored volume to immediately need salvage
are now properly tracked.
- Bosserver properly honors rxbind mode.
- Ensure salvager returns volumes to fileserver even when
no applicable vnodes are found.
- DAFS: perform additional verification of data restored about
clients and callbacks.
All UNIX platforms:
- Correct handling of server NAT pings to avoid unnecessary growth of
NAT ping traffic.
- Fix hard mount retry behavior to retry all servers.
- Several lock order inversions which could deadlock fixed.
- Handle issues updating mtab.
- Fix fs setserverprefs to work again for DB servers.
FreeBSD:
- Track kernel API changes for 9.0
Linux:
- Support for kernel versions through 3.4.
- Avoid potential panic due to an error being returned as a positive
number when doing inode operations.
- Fix vcache lock ordering during readdir.
- Updated RPM packaging.
- Updated dkms support.
- Updated systemd support.
MacOS:
- Fix panic at shutdown due to not stopping network listener.
- Updated Kerberos support for additional issues in Lion.
NetBSD:
- Updated support for 5.0 userspace binaries.
- Add support for 6.0.
Solaris:
- Avoid panic on shutdown when mount failed.
- Disable SSE instructions when compiling to avoid panics on non-SSE hosts.
Windows:
- Properly handle VNOSERVICE, which indicates a fileserver has
done an idle timeout of a call.
- Improved tracking of volume groups.
- Do not recycle buffers in the current file if they are in the active chunk
and up to date.
- Support Windows 7 Advanced Firewall.
- Default to maximum 2 CPUs unless registry overrides.
- Failover and retry for VBUSY.
- Properly fetch unix mode when requested.
OpenAFS Release Notes - Version 1.6.0
_________________________________________________________________
All UNIX systems: Security bugfixes.
All systems: Major bugfixes.
_________________________________________________________________
All platforms:
- Rx NAT pings are not enabled until peer has answered.
- Numerous fixes to command argument parsing.
All server platforms:
- Avoid crashing on host table exhaustion. Instead, defer clients.
All UNIX platforms:
- Rx connection reference counting is enabled.
- An Rx connection reference count leak is fixed in bulkstat.
- Handle unparsable directory objects.
- Handle Kerberos cred cache errors in aklog.
Linux:
- Init script properly returns status as exit code.
- RPM packaging fixes (executable libraries, no postinstall message)
- Kill i386 from RPM packaging.
MacOS:
- Fix 32 bit Lion client support.
- Avoid panic when doing FSEvent synthesis.
- Fix bug when using non-dynroot.
- Update Kerberos support in PreferencesPane.
Solaris:
- Avoid panic on shutdown when mount failed.
Windows:
- Add shutdown message to event log.
- Check offline volume status by policy rather than on each daemon thread
run.
- Return error on directory object not found instead of crashing.
- Improve error message output.
- afslogin.dll can start afsd_service if it's not starting or started.
- Optimize away release lock RPCs for deleted files.
- Background Daemon will not perform operations on deleted files.
- Resort recently used directories to the top of the LRU if the directory
is larger than the stat cache.
- Resort deleted objects to the bottom of the LRU.
- Use interlocked operations for state and queue fields to allow safe
bit set and clear on multiprocessor systems.
CHANGES IN 1.6.0PRE7
All platforms:
- Substantial Rx updates to correct erroneous behavior.
- Salvager tries harder to detect linktable issues.
- Additional documentation.
- xstat tools now cope with differing timeval structures between endpoints.
All UNIX platforms:
- New build targets to make distribution tarfiles (make dist) and
srpms (srpm).
Demand Attach Fileserver platforms:
- Don't attach volumes with special status set.
FreeBSD:
- Avoid panic at shutdown due to vcache flushing.
- Support virtual network stacks.
Linux:
- Treat Linux 3.0 as Linux 2.6 for sysname purposes.
- Attempt to properly handle SELinux in packaging.
MacOS:
- MacOS 10.7 support.
Solaris:
- Try harder to avoid deadlocks on file-larger-than-cache operations.
Windows:
- Add support for NTFS symlinks.
- Handle file search requests for virtual syscall ioctl file.
- Process SyncOps properly to enforce ordered operations.
- Avoid recursing during NewServer operations.
- Correct lock acquisition order during SMB locking.
CHANGES IN 1.6.0PRE6
All UNIX platforms:
- Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV
record is not available.
- Avoid holding unneeded locks when probing server capabilties.
- Do not attempt page flushes for directories.
Demand Attach Fileserver platforms:
- Unlink fileserver state file on standalone salvage.
FreeBSD:
- Support for virtual network stacks.
Linux:
- Further corrections to Redhat packaging.
- Avoid showing files larger than one cache chunk size as full of NULLs.
(129880) This bug was in unissued pre5 only, not in pre4.
- Fix lockup in 2.6.38 due to erroneous kernel feature configure test.
MacOS:
- Rework logic for bulk status operations to avoid a potential hang.
Solaris:
- Don't leave dangling function references if kernel extension fails to load.
Windows:
- aklog supports dotted Kerberos v5 principal names.
- afskfw library always attempts afs/cell@USER-REALM
- afskfw library must test return code from
krb5_cc_start_seq_get() or will trigger a null
pointer exception when using Heimdal.
- lock protected fields must be 32-bit in order
to avoid memory overwrite races.
CHANGES IN 1.6.0PRE5
All server platforms:
- Avoid leaking references to hosts during callback break multi-Rx
operations. (129376)
All UNIX platforms:
- Avoid a potential deadlock (which times out) when we need to allocate more
callback returns and must flush some already in use.
- Deal with libcom_err conflicts with other packages using it (e.g. krb5)
(128640)
AIX:
- Fix PAG usage to track by PAG identifier, not group list.
Irix:
- Properly create new vnodes to avoid crashing in the client.
Linux:
- Support 2.6.39.
- Avoid attempting to free stat cache entries when we are below user-specified
number of entries in use.
- Properly track user-specified number of stat cache entries to use as a
desired usage target.
- Don't read pages beyond EOF in the cache. (128452)
MacOS:
- Properly shut down AFS, closing the Rx socket in the upcall handler to
avoid attempting to process data after we can no longer do so.
NetBSD:
- Updates for platform support.
Windows:
- Fix caching of non-existent volumes. The test to
trigger an immediate CM_ERROR_NOSUCHVOLUME in
cm_UpdateVolumeLocation() was backwards.
- Prevent the background daemon from checking the
status of non-existent volumes. cm_CheckOfflineVolumes()
should skip volume groups with the CM_VOLUMEFLAG_NOEXIST
flag set.
- The afskfw library should return an error immediately
if the krb5_32.dll library cannot be loaded. Affects
afslogon.dll and afscreds.exe.
- No longer depend on leashw32.dll in afskfw library.
- NPLogonNotify must provide the user password in all
calls to KFW_AFS_get_cred(). It cannot count on a
credential cache being preserved between calls. Permits
tokens to be acquired for all cells listed in the
TheseCells registry value for a domain.
- Improve the trace logging from NPLogonNotify().
- Avoid a race when writing the cm_scache_t mountPointString
when acquiring mount point or symlink target data via
cm_GetData(). The race could result in bogus target
data being cached.
- Permit the use of des-cbc-md5 and des-cbc-md4 enctypes
as DES keys in asetkey.exe.
CHANGES IN 1.6.0PRE4
All server platforms:
- A file descriptor leak which could result in corrupted files
in the fileserver was fixed. An IMMEDIATE upgrade from previous
1.6 release candidates as well as 1.5 release fileserver is
SUGGESTED!
- Properly support large volume numbers (larger than 2147483647).
All platforms:
- Documentation updates.
Demand Attach Fileserver platforms:
- Allow salvager to be run manually again when DAFS is being used. (129458)
FreeBSD:
- New RC script, updated packaging.
Linux:
- Improve RPM building tools.
- setpag() errors are now properly reported.
MacOS:
- Preferences Pane behavior fixed for 1.6 series (version detection
is used to select default behavior).
- A potential kernel panic during bulkstat operations is fixed. (128511)
- 64-bit MacOS kernel performance is greatly improved. (128934)
Solaris:
- Properly report errors for AFS system call callers.
Windows:
- Properly create new cell mount points in freelance mode.
- Avoid recursive offline volume checks.
CHANGES IN 1.6.0PRE3
All platforms:
- Revert UUID support in vos.
- pt_util fixed to properly create new databases.
- Rx busy call channel error handling improved.
- MTU discovery now properly shut down on call reset.
- FUSE client support fixed for non-/afs mounts.
All server platforms:
- A deleted volume can now be recreated properly.
- Callbacks are again not broken during whole partition salvages.
- Positional vectored IO fixed for largefile (>2GB) capable systems.
- Fileserver per-client thread usage again properly enforced.
- Anonymous dropbox support improved and drawbacks documented.
Demand Attach Fileserver platforms:
- Ensure vnodes are not reallocated while in use due to volume
bitmap errors.
Linux:
- Perform vcache eviction via a fast path before visiting vcaches
where sleep is needed.
MacOS:
- aklog AuthorizationPlugin now provided.
Solaris:
- Corrected Solaris 11 startup script.
- vcache mappings freed on shutdown to avoid panic.
Windows:
- icon tray state now conditionally set (128591)
CHANGES IN 1.6.0PRE2
All platforms:
- Documentation updates.
- Don't stop Rx keepalives after an ackall is received, avoiding
spurious connection timeouts. (128848)
- Don't retry Rx calls on channels returning busy errors. (128671)
- vos will not die with a double free error at command completion.
- Properly enable Rx connection hard timeouts.
- Initialize rx_multi lock before use.
- Avoid spurious crashes when initializing in "backup" client.
All unix platforms:
- Check for /afs existance before starting, unless -nomount is specified.
- Avoid a potential panic when using /afs/.:mount syntax.
- Avoid a panic in memcache mode due to missing CellItems file.
All server platforms:
- Attempt to recovery more quickly from timed out volume release
transactions.
- Auditing now properly byte order swaps IP addresses when printing.
- vos split now has improved error handling.
- Many changes to again support Windows fileservers.
- During volume removal, data removal speed improved.
- Improve CPU utilization during volume attaching by DAFS.
- In salvager check-only mode, avoid potentially fixing a vnode.
- Fix support for large (greater than 2gb) volume special files.
- Salvager will not crash if multiple or bad volume link tables
are encountered.
- Avoid erroneous full dump by remembering which sites were out of date
at the start of the release.
FreeBSD:
- Remove support for "Giant" lock as we no longer need to use it.
- Don't sleep with AFS GLOCK.
- Properly enable 64 bit long long support.
- Restore support for FreeBSD 7 (128612)
- Fix locking issues at shutdown.
Linux:
- support through kernel 2.6.38.
- RedHat packaging now properly supports RHEL6.
- Use rx_Readv in cache bypass to improve performance.
- Properly handle 0-length replies during cache bypass operations.
- Properly handle non-contiguous readpage cache bypass operations.
- Do proper locking when transitioning to or from cache bypass.
- Avoid extra runs of vcache freeing routine. (128756)
MacOS:
- Check for unloaded kernel extensions when decoding AFS panics.
- Properly handle setpag errors. PAGs are not supported.
- Disable "get tokens at login" in prefs pane if AD authentication
plugin is configured.
OpenBSD:
- support through OpenBSD 4.8.
Solaris:
- Fix support for Solaris pre-10.
Windows:
- afs_config will not longer set the Tray Icon State
in the registry if the checkbox is not present in
the dialog. (128591)
- AFS Explorer Shell Extension now works from folder
backgrounds. Overlays for mount points and symlinks
are present in the dll, but are not registered at present
by the installers.
- Do not use RankServerInterval registry value as the value for
PerformanceTuningInterval.
- When the data version of a mountpoint or symlink changes,
the target string in the cm_scache_t object must be cleared.
- "fs checkservers" now includes vldb servers in the output
and only lists multi-homed servers once. A multi-homed
server that has at least one up interface is no longer
considered to be down.
- When asynchronously storing dirty data buffers to the
file server ensure that (a) the cm_scache_t object and
the cm_buf_t object are for the same File ID so that
locking and signalling work properly; and (b) if the
FID no longer exists on the file server, do not panic,
just discard the buffer.
- When processing VNOVOL, VMOVED and VOFFLINE errors perform
server comparisons by UUID or address and not simply by
cm_server_t pointer. Otherwise, server failover may not
succeed.
- Do not preserve status information for cm_scache_t objects
when the issuing server is multi-homed.
- Giving up all callbacks when shutting down or suspending
the machine is now significantly faster due to the use
of an rx_multi implementation. (This functionality is
still off by default and must be activated by a registry
value.)
- Race conditions were possible when updating the state
of the cm_volume_t flags and when moving the volumes
within the least recently used list.
- Ensure that the lanahelper library does not perform a
NCBRESET of each lan adapter when enumerating the
current network bindings. Correcting this permits OpenAFS
to work on Windows 7 when the network adapter settings
change.
- Fix creation of mount points and symlinks as \\AFS\xxxx
PREVIOUS CHANGES:
All platforms:
- vos now properly deals with matching sites when servers are multihomed.
All Unix platforms:
- Servers now marked down when GetCapabilities returns error.
- In-use vcache count is now properly tracked.
All server platforms:
- Fix ptserver supergroups support on 64 bit platforms.
- Demand attach salvaging doesn't use freed volume pointers.
- Properly hold host lock during host enumeration in fileserver.
FreeBSD:
- Fix socket termination on shutdown.
- Support for 7.2, 7.3, 7.4 and 8.2 included.
- References to vcaches are no longer leaked during root or reclaim.
Linux:
- Define llseek handler to avoid ESPIPE error in 2.6.37.
- Mount interface replaces get_sb (new for 2.6.37, not yet required).
- RedHat init script allows deferring for a new binary restart.
- DEFINE_MUTEX replaces DECLARE_MUTEX for 2.6.37.
MacOS:
- Correct return value from setpag syscall.
OpenBSD:
- Bug fixes for issues introduced previously in 1.5 series.
Solaris:
- Switch to ioctl() syscall replacement for Solaris 11 since syscall 65
is not safe.
This package is still broken on DragonFly after this fix.
error:
vfs.o: In function `vfs_file_begin':
vfs.c:(.text+0x244): undefined reference to `DTTOIF'
The package can't find pthread_create without this LDFLAG. I tried used
the mk-pthread buildlink and it didn't fix it. I am not sure why only
DragonFly sees the problem, so leaving it as a platform-specific fix for
now is probably wise.
Release 1.9.2 (2012-07-03)
----------------------------
Notable Bugfixes
''''''''''''''''
- Several regressions in support for reading (`#1636`_), writing/modifying
(`#1670`_, `#1749`_), verifying (`#1628`_) and repairing (`#1655`_, `#1669`_,
`#1676`_, `#1689`_) mutable files have been fixed.
- FTP can now list directories containing mutable files, although it
still does not support reading or writing mutable files. (`#680`_)
- The FTP frontend would previously show Jan 1 1970 for all timestamps;
now it shows the correct modification time of the directory entry.
(`#1688`_)
- If a node is configured to report incidents to a log gatherer, but the
gatherer is offline when some incidents occur, it would previously not
"catch up" with those incidents as intended. (`#1725`_)
- OpenBSD 5 is now supported. (`#1584`_)
- The ``count-good-share-hosts`` field of file check results is now
computed correctly. (`#1115`_)
Configuration/Behavior Changes
''''''''''''''''''''''''''''''
- The capability of the upload directory for the drop-upload frontend
is now specified in the file ``private/drop_upload_dircap`` under
the gateway's node directory, rather than in its ``tahoe.cfg``.
(`#1593`_)
This isn't strictly true; foolscap needs to be >= 0.6.3 if Twisted is
> 10, but it's easier to just require it than invent new compound
dependencies.
PKGREVISION++, because tahoe-lafs built with Twisted > 10 and foolscap
0.6.1 (from today or earlier in pkgsrc) fails to work.
Remove devel/py-ctypes (only needed by and supporting python24).
Remove PYTHON_VERSIONS_ACCEPTED and PYTHON_VERSIONS_INCOMPATIBLE
lines that just mirror defaults now.
Miscellaneous cleanup while editing all these files.
Filesystem (fuse) implemented on Mosso's Cloud Files
Cloudfuse is a FUSE application which provides access to Rackspace's
Cloud Files (or any installation of Swift).
Cloud Files is a remote storage system which is similar in principle to
Amazon S3. It provides a simple RESTful interface to storing and retrieving
objects.
http://www.rackspacecloud.com/cloud_hosting_products/files
Pyfilesystem is a Python module that provides a simplified common
interface to many types of filesystem. Filesystems exposed via
Pyfilesystem can also be served over the network, or 'mounted' on the
native filesystem.
Pyfilesystem simplifies working directories and paths, even if you
only intend to work with local files. Differences in path formats
between platforms are abstracted away, and you can write code that
sand-boxes any changes to a given directory.
Pyfilesystem works with Linux, Windows and Mac.
(And of course, NetBSD.)
Release 1.9.1 (2012-01-12)
--------------------------
Security-related Bugfix
'''''''''''''''''''''''
- Fix flaw that would allow servers to cause undetected corruption when
retrieving the contents of mutable files (both SDMF and MDMF). (`#1654`_)
.. _`#1654`: https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1654
environment, where the rules for building .so files don't really
accomodate multiple libs in the same package properly.
This is a hack; bootstrap-mk-files should be fixed.
This package can use either setuptools (egg.mk) or distutils
(distutils.mk), but it prefers setuptools and thus should be built
with our egg.mk support. Adjust PLIST for egg.mk (different)
variables and drop eggfile conditionalization, as eggs always have
egg-info directories.
Thanks to dholland@ and obache@ for noticing/suggesting.
"fuse-python".
Upstream does not provide NEWS. Perusal of Changelog leads to the
conclusion that there are many bugfixes and minor enhancements, but no
major changes.
(Tested with "bup fuse" and ../fuse-wikipediafs on NetBSD 5.1_STABLE.)
- fix lookup cache that was not really used
- fix advlock for read-only files
- return EBADF on directory read/write instead of passing to the filesystem
- The most significant new feature in this release is MDMF: "Medium-size
Distributed Mutable Files". Unlike standard SDMF files, these provide
efficient partial-access (reading and modifying small portions of the file
instead of the whole thing). MDMF is opt-in (it is not yet the default
format for mutable files), both to ensure compatibility with previous
versions, and because the algorithm does not yet meet memory-usage goals.
Enable it with ``--format=MDMF`` in the CLI (``tahoe put`` and ``tahoe
mkdir``), or the "format" radioboxes in the web interface. See
`<docs/specifications/mutable.rst>`_ for more details (`#393`_, `#1507`_)
- A "blacklist" feature allows blocking access to specific files through
a particular gateway. See the "Access Blacklist" section of
`<docs/configuration.rst>`_ for more details. (`#1425`_)
- A "drop-upload" feature has been added, which allows you to upload
files to a Tahoe-LAFS directory just by writing them to a local
directory. This feature is experimental and should not be relied on
to store the only copy of valuable data. It is currently available
only on Linux. See `<docs/frontends/drop-upload.rst>`_ for documentation.
(`#1429`_)
- The timeline of immutable downloads can be viewed using a zoomable and
pannable JavaScript-based visualization. This is accessed using the
'timeline' link on the File Download Status page for the download, which
can be reached from the Recent Uploads and Downloads page.
- do not confuse FUSE fileno with inode numbers
- do not use kernel name cache, implement our own instead.
- honour cache directive from FUSE filesystem for name and attrbiutes
and the amount of data memory involved is not easy to forcast. We therefore
raise the limit to the maximum.
Patch from Manuel Bouyer. It helps completing a cvs update on a glusterfs
volume.
This maintenance release with no new features. Majot bug fixes are:
Bug 2464 Fixed all the issues caused by GFID mismatch during
distribute rename.
Bug 2988 Fixed the issue of high CPU usage when Directory Quota
is enabled.
Bug 3122 Enhanced the volume set interface to support io-threads
on the client.
Bug 3210 Fixed the issue of modified mtime/atime of the files after
rebalance operation.
Bug 3191 Fixed the issue with symlinks during rebalance operation.
** Security-related Bugfix
- Fix flaw that would allow a person who knows a storage index of a file to
delete shares of that file (#1528).
- Remove corner cases in mutable file bounds management which could expose
extra lease info or old share data (from prior versions of the mutable
file) if someone with write authority to that mutable file exercised these
corner cases in a way that no actual Tahoe-LAFS client does. (Probably not
exploitable.) (#1528).