D-Bus 1.10.22 (2017-07-27)
==
The “roof terrace” release.
Fixes:
• dbus_message_iter_append_basic() no longer leaks memory if it fails to
append a file descriptor to a message. (fd.o #101568, Simon McVittie)
• dbus_message_iter_open_container() no longer leaks memory if it runs out
of memory. (fd.o #101568, Simon McVittie)
• dbus_message_append_args_valist() no longer leaks memory if given an
unsupported type. This situation is still considered to be a programming
error which needs to be corrected by the user of libdbus.
(fd.o #101568, Simon McVittie)
• Wrap test-pending-call-disconnected with dbus-run-session so that it can
pass in environments that are not already running a D-Bus session bus,
fixing a build-time test regression in 1.10.20
(fd.o #101698, Simon McVittie)
• Ensure that tests fail if they would otherwise have tried to connect to
the real session bus (fd.o #101698, Simon McVittie)
• Make build-time tests cope with finding Python 3, but not Python 2
(fd.o #101716, Simon McVittie)
Set PKG_SYSCONFSUBDIR where appropriate, and use {MAKE,OWN}_DIRS to
create the directory tree under ${PKG_SYSCONFDIR} instead of using
INSTALLATION_DIRS.
Bump the PKGREVISION of packages that changed due to changes in the
package install scripts.
Set PKG_SYSCONFSUBDIR to "mcollective" so that all config files are
found in the "mcollective" subdirectory of ${PKG_SYSCONFBASE}.
Add ${PKG_SYSCONFDIR}/ssl to OWN_DIRS since it must be created at
package installation time.
Don't list directories outside of ${PREFIX} in INSTALLATION_DIRS
since INSTALLATION_DIRS are only created when the package is
installed into the destdir-staging directory.
Bump the PKGREVISION due to fixes in the package install scripts.
-------------------------------------------------------------------
Add ${PKG_SYSCONFDIR}/menus to MAKE_DIRS to ensure that the menus
subdirectory is created before the example menu file is copied
there. We use MAKE_DIRS instead of OWN_DIRS since this directory
is probably owned by another package.
Bump the PKREVISION due to fixes in the package install scripts.
(I am not 100% sure about the PLIST changes, I'd appreciate for someone
to verify.)
Version 1.0.11 (2017-07-21)
---------------------------
Bug fixes:
- use limited unpacker for outer key (security precaution), #2174
- fix paperkey import bug
Other changes:
- change --checkpoint-interval default from 600s to 1800s, #2841.
this improves efficiency for big repositories a lot.
- docs: fix OpenSUSE command and add OpenSUSE section
- tests: add tests for split_lstring and paperkey
- vagrant:
- fix openbsd shell
- backport cpu/ram setup from master
- add stretch64 VM
Version 1.0.11rc1 (2017-06-27)
------------------------------
Bug fixes:
- performance: rebuild hashtable if we have too few empty buckets, #2246.
this fixes some sporadic, but severe performance breakdowns.
- Archive: allocate zeros when needed, #2308
fixes huge memory usage of mount (8 MiB × number of archives)
- IPv6 address support
also: Location: more informative exception when parsing fails
- borg single-file binary: use pyinstaller v3.2.1, #2396
this fixes that the prelink cronjob on some distros kills the
borg binary by stripping away parts of it.
- extract:
- warning for unextracted big extended attributes, #2258
- also create parent dir for device files, if needed.
- don't write to disk with --stdout, #2645
- archive check: detect and fix missing all-zero replacement chunks, #2180
- fix (de)compression exceptions, #2224#2221
- files cache: update inode number, #2226
- borg rpc: use limited msgpack.Unpacker (security precaution), #2139
- Manifest: use limited msgpack.Unpacker (security precaution), #2175
- Location: accept //servername/share/path
- fix ChunkIndex.__contains__ assertion for big-endian archs (harmless)
- create: handle BackupOSError on a per-path level in one spot
- fix error msg, there is no --keep-last in borg 1.0.x, #2282
- clamp (nano)second values to unproblematic range, #2304
- fuse / borg mount:
- fix st_blocks to be an integer (not float) value
- fix negative uid/gid crash (they could come into archives e.g. when
backing up external drives under cygwin), #2674
- fix crash if empty (None) xattr is read
- do pre-mount checks before opening repository
- check llfuse is installed before asking for passphrase
- borg rename: expand placeholders, #2386
- borg serve: fix forced command lines containing BORG_ env vars
- fix error msg, it is --keep-within, not --within
- fix borg key/debug/benchmark crashing without subcommand, #2240
- chunker: fix invalid use of types, don't do uint32_t >> 32
- document follow_symlinks requirements, check libc, #2507
New features:
- added BORG_PASSCOMMAND environment variable, #2573
- add minimal version of in repository mandatory feature flags, #2134
This should allow us to make sure older borg versions can be cleanly
prevented from doing operations that are no longer safe because of
repository format evolution. This allows more fine grained control than
just incrementing the manifest version. So for example a change that
still allows new archives to be created but would corrupt the repository
when an old version tries to delete an archive or check the repository
would add the new feature to the check and delete set but leave it out
of the write set.
- borg delete --force --force to delete severely corrupted archives, #1975
Other changes:
- embrace y2038 issue to support 32bit platforms
- be more clear that this is a "beyond repair" case, #2427
- key file names: limit to 100 characters and remove colons from host name
- upgrade FUSE for macOS to 3.5.8, #2346
- split up parsing and filtering for --keep-within, better error message, #2610
- docs:
- fix caskroom link, #2299
- address SSH batch mode, #2202#2270
- improve remote-path description
- document snapshot usage, #2178
- document relative path usage, #1868
- one link per distro in the installation page
- development: new branching model in git repository
- kill api page
- added FAQ section about backing up root partition
- add bountysource badge, #2558
- create empty docs.txt reequirements, #2694
- README: how to help the project
- note -v/--verbose requirement on affected options, #2542
- document borg init behaviour via append-only borg serve, #2440
- be clear about what buzhash is used for (chunking) and want it is not
used for (deduplication)- also say already in the readme that we use a
cryptohash for dedupe, so people don't worry, #2390
- add hint about chunker params to borg upgrade docs, #2421
- clarify borg upgrade docs, #2436
- quickstart: delete problematic BORG_PASSPRHASE use, #2623
- faq: specify "using inline shell scripts"
- document pattern denial of service, #2624
- tests:
- remove attic dependency of the tests, #2505
- travis:
- enhance travis setuptools_scm situation
- install fakeroot for Linux
- add test for borg delete --force
- enable remote tests on cygwin (the cygwin issue that caused these tests
to break was fixed in cygwin at least since cygwin 2.8, maybe even since
2.7.0).
- remove skipping the noatime tests on GNU/Hurd, #2710
- fix borg import issue, add comment, #2718
- include attic.tar.gz when installing the package
also: add include_package_data=True
Version 1.0.10 (2017-02-13)
---------------------------
Bug fixes:
- Manifest timestamps are now monotonically increasing,
this fixes issues when the system clock jumps backwards
or is set inconsistently across computers accessing the same repository, #2115
- Fixed testing regression in 1.0.10rc1 that lead to a hard dependency on
py.test >= 3.0, #2112
New features:
- "key export" can now generate a printable HTML page with both a QR code and
a human-readable "paperkey" representation (and custom text) through the
``--qr-html`` option.
The same functionality is also available through `paperkey.html <paperkey.html>`_,
which is the same HTML page generated by ``--qr-html``. It works with existing
"key export" files and key files.
Other changes:
- docs:
- language clarification - "borg create --one-file-system" option does not respect
mount points, but considers different file systems instead, #2141
- setup.py: build_api: sort file list for determinism
Version 1.0.10rc1 (2017-01-29)
------------------------------
Bug fixes:
- borg serve: fix transmission data loss of pipe writes, #1268
This affects only the cygwin platform (not Linux, BSD, OS X).
- Avoid triggering an ObjectiveFS bug in xattr retrieval, #1992
- When running out of buffer memory when reading xattrs, only skip the
current file, #1993
- Fixed "borg upgrade --tam" crashing with unencrypted repositories. Since
:ref:`the issue <tam_vuln>` is not relevant for unencrypted repositories,
it now does nothing and prints an error, #1981.
- Fixed change-passphrase crashing with unencrypted repositories, #1978
- Fixed "borg check repo::archive" indicating success if "archive" does not exist, #1997
- borg check: print non-exit-code warning if --last or --prefix aren't fulfilled
- fix bad parsing of wrong repo location syntax
- create: don't create hard link refs to failed files,
mount: handle invalid hard link refs, #2092
- detect mingw byte order, #2073
- creating a new segment: use "xb" mode, #2099
- mount: umount on SIGINT/^C when in foreground, #2082
Other changes:
- binary: use fixed AND freshly compiled pyinstaller bootloader, #2002
- xattr: ignore empty names returned by llistxattr(2) et al
- Enable the fault handler: install handlers for the SIGSEGV, SIGFPE, SIGABRT,
SIGBUS and SIGILL signals to dump the Python traceback.
- Also print a traceback on SIGUSR2.
- borg change-passphrase: print key location (simplify making a backup of it)
- officially support Python 3.6 (setup.py: add Python 3.6 qualifier)
- tests:
- vagrant / travis / tox: add Python 3.6 based testing
- vagrant: fix openbsd repo, #2042
- vagrant: fix the freebsd64 machine, #2037#2067
- vagrant: use python 3.5.3 to build binaries, #2078
- vagrant: use osxfuse 3.5.4 for tests / to build binaries
vagrant: improve darwin64 VM settings
- travis: fix osxfuse install (fixes OS X testing on Travis CI)
- travis: require succeeding OS X tests, #2028
- travis: use latest pythons for OS X based testing
- use pytest-xdist to parallelize testing
- fix xattr test race condition, #2047
- setup.cfg: fix pytest deprecation warning, #2050
- docs:
- language clarification - VM backup FAQ
- borg create: document how to backup stdin, #2013
- borg upgrade: fix incorrect title levels
- add CVE numbers for issues fixed in 1.0.9, #2106
- fix typos (taken from Debian package patch)
- remote: include data hexdump in "unexpected RPC data" error message
- remote: log SSH command line at debug level
- API_VERSION: use numberspaces, #2023
- remove .github from pypi package, #2051
- add pip and setuptools to requirements file, #2030
- SyncFile: fix use of fd object after close (cosmetic)
- Manifest.in: simplify, exclude \*.{so,dll,orig}, #2066
- ignore posix_fadvise errors in repository.py, #2095
(works around issues with docker on ARM)
- make LoggedIO.close_segment reentrant, avoid reentrance
root users might run their own svscans. We want to signal only the
svscan process responsible for this service. Use argv0(1) to set
procname to "nbsvscan".
Bump version.
CHANGES from 3.0:
-----
2015-09-03 Jean Delvare <jdelvare@suse.de>
* version.h: Set version to 3.1.
2017-05-23 Jean Delvare <jdelvare@suse.de>
* dmidecode.c, dmiopt.c: Add a new option to extract OEM strings, like
we already have for many other strings.
* dmidecode.8: Document the new option.
2017-04-27 Jean Delvare <jdelvare@suse.de>
Update to support SMBIOS specification version 3.1.1.
* dmidecode.c: Add support for 3-digit versions.
* dmidecode.c: Add new enumerated values for processors (DMI type 4).
2017-04-27 Jean Delvare <jdelvare@suse.de>
Update to support SMBIOS specification version 3.1.0.
* dmidecode.c: Add support for extended BIOS ROM size (DMI type 0).
* dmidecode.c: Add new enumerated values for chassis types
(DMI type 3).
* dmidecode.c: Add new enumerated values for processors (DMI type 4).
* dmidecode.c: Don't assume 8-bit processor family in dmi_processor_id
(DMI type 4).
* dmidecode.c: Decode the MIDR register on ARM processors
(DMI type 4).
* dmidecode.c: Add support for large cache sizes (DMI type 7).
* dmidecode.c: Add Mini PCIe system slot enumerated values
(DMI type 9).
* dmidecode.c: Clarify the memory speed unit (DMI type 17).
* dmidecode.c: Add support for structure type 43 (TPM Device).
2017-04-11 Jean Delvare <jdelvare@suse.de>
* util.c: Don't leak a file descriptor in function read_file.
* util.c, util.c, dmidecode.c: Let callers pass an offset to function
read_file.
* dmidecode.c: Fix reading from SMBIOS 3 dump files using a 64-bit
entry point.
2017-04-10 Jean Delvare <jdelvare@suse.de>
* dmidecode.c: Decode the processor ID of the Intel Core M, AMD
Athlon X4 and AMD Opteron X1000/X2000 processors (DMI type 4).
* dmidecode.c: Display the IPMI interrupt number as a decimal
number (DMI type 38).
2017-01-20 Jean Delvare <jdelvare@suse.de>
* biosdecode.c: Decode the entry point defined in the Intel
Multiprocessor specification.
2017-01-20 Jean Delvare <jdelvare@suse.de>
* dmidecode.c: Only decode one DMI table.
This fixes Savannah bug #50022:
https://savannah.nongnu.org/bugs/?50022
2016-09-22 Jean Delvare <jdelvare@suse.de>
* README: Explain that we can no longer support Cygwin.
2016-06-30 Petr Oros <poros@redhat.com>
* dmidecode.c: Unmask LRDIMM in memory type detail (DMI type 17).
2015-11-02 Jean Delvare <jdelvare@suse.de>
* dmidecode.c, util.c, util.h: Let read_file return the actual data
size.
* dmidecode.c: Use read_file to read the DMI table from sysfs.
This fixes Savannah bug #46176:
https://savannah.nongnu.org/bugs/?46176
* dmidecode.c: Check the sysfs entry point length.
2015-10-21 Xie XiuQi <xiexiuqi@huawei.com>
* dmidecode.c: Handle SMBIOS 3.0 entry points on EFI systems.
2015-10-20 Jean Delvare <jdelvare@suse.de>
* dmidecode.c: Handle OEM-specific types in group associations
(DMI type 14).
2015-10-14 Jean Delvare <jdelvare@suse.de>
* util.c: Avoid SIGBUS on mmap failure.
This fixes Savannah bug #46066:
https://savannah.nongnu.org/bugs/?46066
* util.c: Fix error paths in mem_chunk.
2015-10-01 Roy Franz <roy.franz@linaro.org>
* dmiopt.c: Add "--no-sysfs" option description to -h output.
BREAKING CHANGES:
- agent: Added a new `enable_script_checks` configuration option that
defaults to `false`, meaning that in order to allow an agent to run
health checks that execute scripts, this will need to be configured
and set to `true`.
- api: Reworked `context` support in the API client to more closely
match the Go standard library, and added context support to write
requests in addition to read requests.
- ui: Since the UI is now bundled with the application we no longer
provide a separate UI package for downloading.
FEATURES:
- agent: Added a new[`block_endpoints` configuration option that
allows blocking HTTP API endpoints by prefix.
- cli: Added a new `consul catalog` command for reading datacenters,
nodes, and services from the catalog.
- server: (Consul Enterprise) Added a new `consul operator area
update` command and corresponding HTTP endpoint to allow for
transitioning the TLS setting of network areas at runtime.
- server: (Consul Enterprise) Added a new `UpgradeVersionTag` field to
the Autopilot config to allow for using the migration feature to
roll out configuration or cluster changes, without having to upgrade
Consul itself.
IMPROVEMENTS:
- agent: (Consul Enterprise) Snapshot agent rotation uses S3's
pagination API, enabling retaining more than a 100 snapshots.
- agent: Removed registration of the `consul` service from the agent
since it's already handled by the leader.
- agent: Changed /v1/acl/clone response to 403 (from 404) when trying
to clone an ACL that doesn't exist.
- agent: Changed the `consul exec` ACL resolution logic to use the
`acl_agent_token` if it's available.
- agent: Updated memberlist to get latest LAN gossip tuning based on
the Lifeguard paper published by Hashicorp Research.
- api: Added the ability to pass in a `context` as part of the
`QueryOptions` during a request.
- api: Changed signature for "done" channels on `agent.Monitor()` and
`session.RenewPeriodic` methods to make them more compatible with
`context`.
- docs: Added a complete end-to-end example of ACL bootstrapping in
the ACL Guide.
- vendor: Updated golang.org/x/sys/unix to support IBM s390 platforms.
- agent: rewrote Docker health checks without using the Docker client
and its dependencies.
BUG FIXES:
- agent: Fixed an issue where watch plans would take up to 10 minutes
to close their connections and give up their file descriptors after
reloading Consul.
- agent: (Consul Enterprise) Fixed an issue with the snapshot agent
where it could get stuck trying to obtain the leader lock after an
extended server outage.
- agent: Fixed HTTP health checks to allow them to set the `Host`
header correctly on outgoing requests.
- agent: Serf snapshots can now auto recover from disk write errors
without needing a restart.
- agent: Fixed log redacting code to properly remove tokens from log
lines with ACL tokens in the URL itself: `/v1/acl/clone/:uuid`,
`/v1/acl/destroy/:uuid`, `/v1/acl/info/:uuid`.
- agent: Fixed an issue in the Docker client where Docker checks would
get EOF errors trying to connect to a volume-mounted Docker socket.
- agent: Fixed a crash when using Azure auto discovery.
- agent: Added `node` read privileges to the `acl_agent_master_token`
by default so it can see all nodes, which enables it to be used with
operations like `consul members`.
- agent: Fixed an issue where enabling `-disable-keyring-file` would
cause gossip encryption to be disabled.
- agent: Fixed a race condition where checks that are not associated
with any existing services were allowed to persist.
- agent: Stop docker checks on service deregistration and on shutdown.
- server: Updated the Raft library to pull in a fix where servers that
are very far behind in replication can get stuck in a loop trying to
install snapshots.
- server: Fixed a rare but serious deadlock where the Consul leader
routine could get stuck with the Raft internal leader routine while
waiting for the initial barrier after a leader election.
- server: Added automatic cleanup of failed Raft snapshots.
- server: (Consul Enterprise) Fixed an issue where networks areas
would not be able to be added when the server restarts if the Raft
log contained a specific sequence of adds and deletes for network
areas with the same peer datacenter.
- ui: Provided a path to reset the ACL token when the current token is
invalid.
- ui: Removed an extra fetch of the nodes resource when loading the
UI.
- ui: Changed default ACL token type to "client" when creating ACLs.
- ui: Display a 404 error instead of a 200 when trying to load a
nonexistent node.
Fix RELRO.
Version 1.0
This release is the culmination of all the previous efforts to bring
Tarsnap GUI to a point where it is feature rich, reliable and robust
enough to be called "stable". We have been hard at work to bring
you the most complete cross-platform open-source and non-intrusive
secure online backup solution front-end on top of the tarsnap service
possible. This release adds many new features like support for
automatic job backup scheduling enable/disable, full I18N support,
full search/filter capabilities in Archives, Archive contents and
Job lists, detailed Archive contents using long ls list format with
sortable columns, save console log to file and running concurrent
restore operations and more, as well as many many improvements,
code refactoring, fixes and overall adjustments on speed, resource
usage, reliability, usability&accesibility and error management &
reporting.
Tarsnap 1.0.39 is now available. (Yes, just 2 weeks after 1.0.38.) This
version brings several important bug fixes:
* tarsnap 1.0.38 (but not earlier versions) would exit with an assertion
failure after successfully creating an archive containing a file with a
"last modified" time prior to January 1st, 1970.
* tarsnap 1.0.38 and earlier could crash if instructed to archive the
contents of corrupt cpio or ar archives (via the @archive directive).
* tarsnap 1.0.38 and earlier could crash if passed an invalidly encrypted
key file.
New features:
* updated Catalan, Chinese (China), English (United States), Japanese, Korean, Polish, Portuguese (Brazil), Ukrainian translations
Bug fixes:
* fixed history page to display values in chronological order
* fixed security vulnerability with execution of the remote commands on server; thanks to MATSUDA Daiki, Ron Waisberg for report
* items use global regexps with multiple subexpressions
* fixed memory leak when using UserParameter with suppressed characters passed in arguments
* fixed collecting value of VMware host memory balloon size
* fixed incorrectly escaped IT Service parent name
* fixed sorting of host interfaces; fixed selection of the default host interface
* fixed update in mass update form when inventory mode is not set explicitly
* fixed missed page number in problems export
* fixed unchecked checkboxes after deleting script, mediatype or proxy
* fixed user's access level to display popup content
* removed link from uneditable template and host names in all configuration sections
* improved LDAP authentication module status check for authentication form
* fixed incorrectly displayed calendar date in maintenance edit form
* fixed trigger wizard expressions sorting as well as wizard crash due incorrect expression removal
* fixed nested host group filter in top 100 triggers, item configuration list and dashboard widgets
* fixed permissions and performance issues with event.get and problem.get methods
* fixed handling of database failure during ID selection
* fixed problem with lost IDs of unlinkable templates
* fixed Oracle batch insert return value
* fixed displaying hints with no content inside
* fixed undefined index error in host import form while importing templates
* fixed cookie vulnerability for tabbed forms
* fixed duplicated error messages in screens section
- Fixed CVE-2017-11610. A vulnerability was found where an authenticated
client can send a malicious XML-RPC request to ``supervisord`` that will
run arbitrary shell commands on the server. The commands will be run as
the same user as ``supervisord``. Depending on how ``supervisord`` has been
configured, this may be root. See
https://github.com/Supervisor/supervisor/issues/964 for details.
Fixed a bug introduced in 3.3.0 where the supervisorctl reload command would crash supervisord with the error OSError: [Errno 9] Bad file descriptor if the kqueue poller was used. Patch by Jared Suttles.
Fixed a bug introduced in 3.3.0 where supervisord could get stuck in a polling loop after the web interface was used, causing high CPU usage. Patch by Jared Suttles.
Fixed a bug where if supervisord attempted to start but aborted due to another running instance of supervisord with the same config, the pidfile of the running instance would be deleted. Patch by coldnight.
Fixed a bug where supervisorctl fg would swallow most XML-RPC faults. fg now prints the fault and exits.
Parsing the config file will now fail with an error message if a process or group name contains a forward slash character (/) since it would break the URLs used by the web interface.
supervisorctl reload now shows an error message if an argument is given. Patch by Joel Krauska.
supervisorctl commands avail, reread, and version now show an error message if an argument is given.
Tarsnap 1.0.38 is now available. This version brings several new features
compared to tarsnap 1.0.37:
* Tarsnap now supports OpenSSL 1.1.
* tarsnap accepts an --iso-dates option, which causes times to be printed in
YYYY-MM-DD HH:MM:SS format rather than the traditional unix "ls -l" style.
* tarsnap accepts a --force-resources option to proceed with decryption of a
passphrase-encrypted key file even if it is anticipated to use an excessive
amount of memory or CPU time. (This may be useful if tarsnap inaccurately
estimates the amount of memory your system has available.)
* tarsnap accepts an --archive-names <file> option, which reads a list of
archive names to operate on when operating in -d and --print-stats modes.
(This should make some scripts simpler; no more need to construct a command
line which has '-f' inserted before each archive name.)
Potentially (but unlikely) breaking changes in this code compared to tarsnap
1.0.37:
* tarsnap now applies the --humanize-numbers option to the "progress" output
printed by SIGINFO / SIGUSR1. If you have scripts which send signals to
tarsnap and parse its output, they may need to be updated.
* tarsnap -v now prints 'Deleting archive "foo"' even if only one archive is
being deleted. If you have scripts which parse the output of tarsnap -v,
they may need to be updated.
* tarsnap now prints a warning if you pass '--configfile /nosuchfile'. If you
have scripts which rely on being able to specify nonexistent configuration
files and not get any warnings from tarsnap, they may need to be updated.
(Also, if you were doing that, I *really* want to know why.)
There are also two changes which most users should not encounter:
* tarsnap now has an --initialize-cachedir mode; this is intended for use by
the GUI. (The cache directory will be initialized automatically in normal
usage of the tarsnap command-line utility.)
* tarsnap's configure script takes a --with-conf-no-sample option which
results in the sample tarsnap configuration file being installed as
"tarsnap.conf" rather than "tarsnap.conf.sample". This is intended for use in
some packaging systems which have mechanisms for managing configuration files,
and should probably not be used by hand (since it will overwrite your existing
tarsnap.conf).
3.5.1 - 15 June 2017
- Doc fix: Missed a curly brace in an example. (#412)
- Feature: Dynamic metadata functions (#392) - It is now possible to
dynamically add metadata to lager messages. See the "dynamic
metadata" section above for more information.
- Doc fix: Add information about the "application" placeholder. (#414)
3.5.0 - 28 May 2017
- Bugfix: Support OTP 20 gen_event messages (#410)
- Feature: Enable console output to standard_error.
Convert to proplist configuration style (like file handler)
Deprecate previous configuration directives (#409)
- Bugfix: Enable the event shaper to filter messages before they're
counted; do not count application/supervisor start/stops
toward high water mark. (#411)
- Docs: Add PR guidelines; add info about the #lager chat room on freenode.
3.4.2 - 26 April 2017
- Docs: Document how to make lager use UTC timestamps (#405)
- Docs: Add a note about our triage cadence.
- Docs: Update lager_syslog URL
- Docs: Document placeholders for error_logger integration (#404)
- Feature: Add hex.pm metadata and full rebar3 support.
3.4.1 - 28 March 2017
- Docs: Added documentation around using lager in the context of elixir applications (#398)
- Bugfix: Properly expand paths when log_root is set. (#386)
- Policy: Removed R15 from Travis configuration
3.4.0 - 16 March 2017
- Policy: Adopt official OTP support policy. (This is the **last** lager 3.x release
that will support R15.)
- Test: Fix timeouts, R15 missing functions on possibly long-running tests in Travis. (#394, #395)
- Feature: capture and log metadata from error_logger messages (#397)
- Feature: Expose new trace filters and enable filter composition (#389)
- Feature: Log crashes from gen_fsm and gen_statem correctly (#391)
- Docs: Typo in badge URL (#390)
3.3.0 - 16 February 2017
- Docs: Fix documentation to make 'it' unambiguous when discussing asychronous
operation. (#387)
- Test: Fix test flappiness due to insufficient sanitation between test runs (#384, #385)
- Feature: Allow metadata only logging. (#380)
- Feature: Add an upper case severity formatter (#372)
- Feature: Add support for suppressing start/stop messages from supervisors (#368)
- Bugfix: Fix ranch crash messages (#366)
- Test: Update Travis config for 18.3 and 19.0 (#365)
3.2.4 - 11 October 2016
- Test: Fix dialyzer warnings.
3.2.3 - 29 September 2016
- Dependency: Update to goldrush 0.19
3.2.2 - 22 September 2016
- Bugfix: Backwards-compatibility fix for `{crash_log, undefined}` (#371)
- Fix documentation/README to reflect the preference for using `false`
as the `crash_log` setting value rather than `undefined` to indicate
that the crash log should not be written (#364)
- Bugfix: Backwards-compatibility fix for `lager_file_backend` "legacy"
configuration format (#374)
2017-07-05 Martin Mares <mj@ucw.cz>
* Released as 3.5.5.
* Better decoding of AER capability.
* "Slot Implemented" flag is decoded for PCI/PCI-X to PCIe bridges.
* Minor fixes of decoding other capabilities.
* As usually, updated pci.ids to the current snapshot of the database.
- omfwd: add parameter "tcp_frameDelimiter"
- omkafka: large refactor of kafka subsystem
- imfile: improved handling of atomically renamed file (w/ wildcards)
- imfile: add capability to truncate oversize messages or split into
multiple
- mmdblookup
* upgraded from "contrib" to "fully supported" state
* refactored and simplified code
* added ability to specify custom names for extracted fields
* bugfix: fixed multiple memory leaks
- imptcp: add new parameter "flowControl"
- imrelp: add "maxDataSize" config parameter
- multiple modules: gtls: improve error if certificate file can't be
opened
- omsnare: allow different tab escapes
- omelasticsearch: converted to use libfastjson instead of json-c
- imjournal: _PID fallback
- multiple modules: add better error messages when regcomp is failing
- omhiredis: fix build warnings
- imfile bugfix: files mv-ed in into directory were not handled
- omprog bugfix: execve() incorrectly called
- imfile bugfix: multiline timeout did not work if state file exists
- lmsig_ksi-ls12 bugfix: build problems on some platforms
- core bugfix: invalid object type assertion
- regression fix: local hostname was not always detected properly on
early start (w/o network).
- bugfix: format security issues in zmq3 modules
- bugfix build system: add libksi only to those binaries that need it
- bugfix KSI ls12 components: invalid tree height calculation
- testbench/CI enhancements
D-Bus 1.10.20 (2017-06-29)
==
The “suggesting a delivery gone horribly wrong” release.
Fixes:
• Fix a reference leak when blocking on a pending call on a connection
that has been disconnected (fd.o #101481, Shin-ichi MORITA)
• Don't put timestamps in the Doxygen-generated documentation, for
closer-to-reproducible builds (fd.o #100692, Simon McVittie)
• Avoid an assertion failure when connecting to a semicolon-separated
series of addresses, one of which fails (fd.o #101257, Simon McVittie)
Documentation:
• Update git URIs in HACKING document to sync up with cgit.freedesktop.org
(fd.o #100715, Simon McVittie)
BREAKING CHANGES:
- agent: Parse values given to `?passing` for health endpoints.
- agent: The default value of `-disable-host-node-id` has been changed
from false to true.
IMPROVEMENTS:
- agent: Added a `-disable-keyring-file` option to prevent writing
keyring data to disk.
- agent: Added automatic notify to systemd on Linux after LAN join is
complete, which makes it easier to order services that depend on
Consul being available.
- agent: The `http_api_response_headers` config has been moved into a
new `http_config` struct, so the old form is still supported but is
deprecated.
- dns: Added support for EDNS(0) size adjustments if set in the
request frame.
- server: Added a startup warning for servers when expecting to
bootstrap with an even number of nodes.
- agent: (Consul Enterprise) Added support for non rotating,
statically named snapshots for S3 snapshots using the snapshot
agent.
BUG FIXES:
- agent: Fixed a regression where configuring -1 for the port was no
longer disabling the DNS server.
- agent: Fix `consul leave` shutdown race.
- agent: Show a better error message than 'EOF' when attempting to
join with the wrong gossip key.
- agent: Fixed an issue where the `Method` and `Header` features of
HTTP health checks were not being applied.
- agent: Fixed an issue where internally-configured watches were not
working because of an incorrect protocol error, and unified internal
watch handling during reloads of the Consul agent.
- server: Fixed an issue where the leader could return stale data
duing queries as it is starting up.
From DESCR:
Monitoring::Plugin and its associated Monitoring::Plugin::* modules are
a family of perl modules to streamline writing Monitoring plugins. The
main end user modules are Monitoring::Plugin, providing an
object-oriented interface to the entire Monitoring::Plugin::*
collection, and Monitoring::Plugin::Functions, providing a simpler
functional interface to a useful subset of the available functionality.
recommends using `etckeeper unclean` to determine if there are any
changes in need of committing, which works with every VCS that
etckeeper supports. Bump PKGREVISION.
* Handle possible IOError
* avoid crashing on Ruby 2.3.1 when fd is closed
* Add license info to the gemspec.
* Add test environment.
* Initial move to bundler and travis testing.
* Update readme with travis, code climate and coveralls
* Fix invalid or closed file descriptor issues on JRuby
* Modernize copyright/documentation
* Fix incorrect development dependency on ffi
* Update homepage = guard
* Update badge links for guard org
* Add JRuby and Rubinius cases on Travis CI.
* Delete watchers that received the "IN_IGNORED" flag
* Made size more accurately allocated.
* Fix for breaking change for Ruby and runtime dependency version condition.
* Remove stuff that doesn't work on older rubies.
* Remove wrong comment for utopia.gemspec from Gemfile.
* Fix to suppress warning when "gem build rb-inotify.gemspec" (#70)
Puppet 4.10.4 Released June 19, 2017.
This is a single issue release to resolve a regression introduced in Puppet
4.10.3. Resources created using the syntax Resource[xx::yy] would cause an
error because Puppet would not find an existing xx::yy user defined resource
type. This was caused by fixing another problem with inconsistent use of
upper and lowercase in references. (PUP-7671)
Puppet 4.10.3 Released June 15, 2017.
This is a minor bug fix release. Using ampersands (&) in custom facts was
causing Puppet runs to fail in Puppet 4.10.2. This release resolves that
issue. (PUP-7658)
Puppet 4.10.2 Released June 13, 2017.
This is a bug fix release included in Puppet agent 1.10.2, that also includes
two new deprecations for Puppet.
Note: There is a known issue with this release when using ampersands in custom
facts. You can revert back to 4.10.1, or upgrade to 4.10.4.
Affecting all Beats
- Removed empty sections from the template files, causing indexing
errors for array objects.
Metricbeat
- Fix issue affecting Windows services timing out at startup.
- Add filtering to system filesystem metricset to remove relative
mountpoints like those from Linux network namespaces.
Packetbeat
- Clean configured geoip.paths before attempting to open the database.
2017/01/28 - Version 1.1.0
- Gtk 3.22 supported
- Allow several spaces in mountpoint names
- Support fuseblk devices by not using fusermount -u for them (checks for fuse.* now)
2016/05/29 - Version 1.0.0
- Gtk 3 Support only
- Panel Version 4.12 only
2017-06-16 20:10
* New version 0.8.0
* New plugin is not compatible with previous versions;
you will have to add and configure it again!
* Port to GTK+3
* Add xfconf support
* Add new "system" layout style
* Allow adjusting widget size
* Allow displaying language name instead of country name
* Allow hiding tooltip icon
* Load flags from XDG_DATA_HOME if present
* Translation updates: ar ast bg ca cs da de el en_AU es fr he hr hu
id is it ja kk ko lt ms nb nl oc pl pt pt_BR ru sk sr sv th tr ug uk
zh_CN zh_TW
* Fix Indian flag filename
* Fix charset for layout names
1.2.1 (2017/02/09)
-----------------
- rework sizing of the progressbar (#12948, #12974)
- rework the use of GtkCssProvider to use a singleton
- fix progressbar color with Gtk 3.16/3.18
- da, is and oc translation updates
1.2.0 (2016/11/01)
-----------------
- set progressbar trough and color minimal width/height to 4px so that it looks like with gtk+2
- Use MemAvailable on Linux 3.14+ (#12686)
1.3.1
=====
- Set progressbar minimal width and height depending on the orientation (#12941,#12949)
- Apply css on the correct widget class for Gtk 3.16/3.18
- rework the use of GtkCssProvider to use a singleton
- da and oc translation updates
1.3.0
=====
- Fix progress bar grow direction in deskbar and vertical modes
- set progressbar minimal width/height to 4px so that it looks like with gtk+2
4.0.0 (2017/02/25)
==================
- Fix PangoFontDescription not being able to display initial default string
3.99 (2016/11/02)
================
- Port to Gtk3
- Fix font styling to work with Gtk 3.22
- Add support for "genmon" in 'xfce4-panel --plugin-event' (Bug #10734)
- Fix default tooltip does not work (bug #11284)
- Add <txtclick> functionality (Bug #3437)
* === Released 0.1.5 ===
* Tons of svn improvements/fixes, courtesy of Stefan Sperling
* Fixed MACRO naming in makefiles. Bug #7850
* Fixed invalid usage of g_quark_from_static_string. Bug #6322
1.2.0
- New Feature: identify windows by clicking on them (Simon Steinbeiss, Florian Sch?ller)
- Give the filter/search entry focus by default (Bug #11868)
- Add delete and shift/delete keyboard shortcuts to the treeview
- Improve kill and terminate dialog wording
- Add Ctrl+q keyboard shortcut to close the taskmanager
- Improve memory usage on FreeBSD system (Olivier Duchateau)
- Lots and lots of translation updates (thanks to everyone!)
1.6.11
======
- Fix a crash for on cut/pasting of multiple files (Bug #12260)
- Fix a crash when renaming files (Bug #12264)
- Fix missing return value for debug in thunar_file_reload (bug #12827)
- Fix thunar history being deleted after view change (bug #12708)
- Expand the name column by default in details view (#11357)
- Silently ignore G_IO_ERROR_FAILED_HANDLED (#8695)
- Fixing missing return value in standard view
- Fix crashes when reloading target file after move (bug #11983)
- Translation updates: Arabic, Asturian, Basque, Bulgarian, Catalan, Croatian,
Danish, Dutch (Flemish), English (Australia), English (Great Britain), Finnish,
French, Galician, German, Greek, Hebrew, Hungarian, Icelandic, Italian, Korean,
Lithuanian, Norwegian Bokmal, Norwegian Nynorsk, Occitan, Portuguese,
Portuguese (Brazilian), Slovak, Swedish
May 23, 2017
- Fix account daemon behavior when block-project-ssh-keys is unset in metadata.
April 26, 2017
- Remove logic that overrides home directory permissions.
March 27, 2017
- Prevent unchanged authorized keys file writes.
- Accounts daemon sets the home directory permission to 750 instead of 755.
Affecting all Beats
- Fix importing the dashboards when the limit for max open files is
too low.
- Fix console output.
- Binaries upgraded to Go 1.7.6 which contains security fixes.
Filebeat
- Fix issue that new prospector was not reloaded on conflict.
- Fix grok pattern in filebeat module system/auth without hostname.
- Fix the Mysql slowlog parsing of IP addresses.
Winlogbeat
- Add the ability to use LevelRaw if Level isn't populated in the
event XML.
- Build system: The Notify Email plugin is no longer linked with
indirect dependencies.
- collectd: A race condition when calculating a metric's rate has been
fixed.
- AMQP, Exec, UnixSock, Write Kafka plugins: Parsing of the PUTVAL
command with multiple values has been fixed.
- AMQP plugin: The "ExchangeType" option is now also valid for
publishers.
- BIND plugin: Fix parsing of the sample time provided by BIND.
Previously, the time was assumed to be in the local timezone when in
fact it was in UTC.
- BIND plugin: Memory leaks have been fixed.
- cURL-JSON plugin: Handling of arrays has been fixed.
- DPDKStat plugin: Error handling during initialization has been
improved.
- DPDKStat plugin: Handling of a number of metrics has been improved,
for example "rx_q0bytes".
- Intel RDT plugin: Configuration handling has been changed to be more
graceful.
- Log Logstash plugin: If writing the log entry fails, print it to
"STDERR" instead.
- LogFile plugin: If writing to the file fails, print log messages on
"STDERR" instead.
- memcachec, Tail plugins: A resource leak in the matching
infrastructure has been fixed.
- MQTT plugin: Invalid symbols in topic names are now replaced and a
resource leak has been fixed.
- Network plugin: A potential endless-loop has been fixed. This can be
triggered remotely by sending a signed network packet to a server
which is not set up to check signatures.
- Perl plugin: A potential double-free has been fixed.
- Processes plugin: A compilation error on AIX has been fixed.
- SMART plugin: A check for the "CAP_SYS_RAWIO" capability has been
added.
- Write Graphite plugin: Error handling in the case that calculating a
metric's rate fails has been improved. Previously, the raw counter
values were sent to Graphite.
- Write Prometheus plugin: An incorrect use of "realloc(3)" has been
fixed.
FEATURES:
- agent: Added a method for transitioning to gossip encryption on an
existing cluster
- agent: Added a method for transitioning to TLS on an existing cluster
- agent: Added support for RetryJoin on Azure
- agent: (Consul Enterprise) Added AWS server side encryption support
for S3 snapshots using the snapshot agent.
IMPROVEMENTS:
- agent: Added a check which prevents advertising or setting a service
to a zero address (`0.0.0.0`, `[::]`, `::`).
- agent: Allow binding to any public IPv6 address with `::`
- agent: Removed SCADA-related code for Atlas and deprecated all
Atlas-related configuration options.
- agent: Added support for custom check id and name when registering
checks along with a service.
- agent: Updated go-sockaddr library to add support for new helper
functions in bind address templates (`GetPrivateIPs`, `GetPublicIPs`),
new math functions, and to pick up fixes for issues with detecting
addresses on multi-homed hosts.
- agent: Watches now reset their index back to zero after an error, or
if the index goes backwards, which allows watches to recover after a
server restart with fresh state.
- agent: HTTP health checks now upport custom method and headers.
- agent: Increased the graceful leave timeout from 5 to 15 seconds.
- agent: Added additional logging when the agent handles signals and
when it exits.
- build: Added support for linux/arm64 binaries.
- build: Consul now builds with Go 1.8.3.
- ui: Added a sticky scroll to the KV side panel so the KV edit box
always stays in place.
BUG FIXES:
- agent: Added defensive code to prevent agents from infecting the
network coordinates with `NaN` or `Inf` values, and added code to
clean up in environments where this has happened.
- api: Added code to always read from the body of a request so that
connections will always be returned to the pool.
- build: Added a vendor fix to allow compilation on Illumos.
- cli: Fixed an issue where `consul exec` would return a 0 exit code,
even when there were nodes that didn't respond.
* pkgsrc change: ruby-chef support ruby23 only.
Changes from previous version are too many to write here. Please refer
<6b9ebb11c6/CHANGELOG.md> in detail.
The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.
This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for Samsung Exynos5422 devices.
Changes:
- Improved pre/post send and receive commands
- make daemon NOT abort even if there is no configuration found
- change smf dependency to multi-user so that iscsi is running
Logger::Syslog is a Logger replacement that logs to syslog. It is almost
drop-in with a few caveats. You can add Logger::Syslog to your Rails
production environment to aggregate logs between multiple machines.
NOTE! You can only set the Logger::Syslog program name and facility when you
initialize Logger::Syslog for the first time. This is a limitation of the way
Logger::Syslog uses syslog (and in some ways, a limitation of the way
syslog(3) works). Attempts to change Logger::Syslog's program name or
facility after the first initialization will be ignored.
This particular Logger::Syslog improves the original by correctly mapping
Rails log severities to the Syslog counterparts. It also adds the ability to
select a syslog facility other than "user."
The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.
This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for ARM Ltd. Versatile Express boards.
Fix case where OWN_DIRS_PERMS obviously was intended instead of OWN_DIRS.
Also use ${REAL_ROOT_USER}:${REAL_ROOT_GROUP} instead of hardcoding
root:wheel.
Bump PKGREVISION for fixes that changed binary package.
Bug fixes
1000: fixed some setup.py warnings.
1002: [SunOS] remove C macro which will not be available on new Solaris versions. (patch by Danek Duvall)
1004: [Linux] Process.io_counters() may raise ValueError.
1006: [Linux] cpu_freq() may return None on some Linux versions does not support the function; now the function is not declared instead.
1009: [Linux] sensors_temperatures() may raise OSError.
1010: [Linux] virtual_memory() may raise ValueError on Ubuntu 14.04.
----------------------------------------------------------------------
The project is long time abandoned but it can be still usable to rescue
data from old STACKER and DOUBLESPACE volumes.
The version dmsdos-0.9.2.3-pre2-alt2 is based on patches found at
http://packages.altlinux.org/en/Sisyphus/srpms/dmsdos/get
2012-06-07 Fr. Br. George <george at altlinux.ru> 0.9.2.3-alt2
- Fix gcc4.6 build
2012-03-25 Fr. Br. George <george at altlinux.ru> 0.9.2.3-alt1
- Initial build
The modified version disables kernel code build which allows
to build userspace tools for volume dump.
(pkgsrc changes)
- LICENSE= gnu-gpl-v2
- Drop two patches, alt2 version included them.
The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.
This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for NVIDIA Tegra210 devices.
The devicetree is a data structure for describing hardware. Rather than
hard coding every detail of a device into an operating system, many aspects
of the hardware can be described in a data structure that is passed to the
operating system at boot time.
This package includes Device Tree Blob (.dtb) files generated from
the Linux kernel for NVIDIA Tegra124 devices.
Changes since 2.1.2.0, excluding module changes which are too numerous:
## 2.3 "Ramble On" - 2017-04-12
### Major Changes
* Documented and renamed the previously released 'single var vaulting' feature, allowing user to use vault encryption for single variables in a normal YAML vars file.
* Allow module_utils for custom modules to be placed in site-specific directories and shipped in roles
* On platforms that support it, use more modern system polling API instead of select in the ssh connection plugin.
This removes one limitation on how many parallel forks are feasible on these systems.
* Windows/WinRM supports (experimental) become method "runas" to run modules and scripts as a different user, and to transparently access network resources.
* The WinRM connection plugin now uses pipelining when executing modules, resulting in significantly faster execution for small tasks.
* The WinRM connection plugin can now manage Kerberos tickets automatically when `ansible_winrm_transport=kerberos` and `ansible_user`/`ansible_password` are specified.
* Refactored/standardized most Windows modules, adding check-mode and diff support where possible.
* Extended Windows module API with parameter-type support, helper functions. (i.e. Expand-Environment, Add-Warning, Add-DeprecatationWarning)
* restructured how async works to allow it to apply to action plugins that choose to support it.
### Minor Changes
* The version and release facts for OpenBSD hosts were reversed.
This has been changed so that version has the numeric portion and release has the name of the release.
* removed 'package' from default squash actions as not all package managers support it and it creates errors when using loops,
any user can add back via config options if they don't use those package managers or otherwise avoid the errors.
* Blocks can now have a `name` field, to aid in playbook readability.
* default strategy is now configurable via ansible.cfg or environment variable.
* Added 'ansible_playbook_python' which contains 'current python executable', it can be blank in some cases in which Ansible is not invoked via the standard CLI (sys.executable limitation).
* Added 'metadata' to modules to enable classification
* ansible-doc now displays path to module and existing 'metadata'
* added optional 'piped' transfer method to ssh plugin for when scp and sftp are missing, ssh plugin is also now 'smarter' when using these options
* default controlpersist path is now a custom hash of host-port-user to avoid the socket path length errors for long hostnames
* Various fixes for Python3 compatibility
* Fixed issues with inventory formats not handling 'all' and 'ungrouped' in an uniform way.
* 'service' tasks can now use async again, we had lost this capability when changed into an action plugin.
* made any_errors_fatal inheritable from play to task and all other objects in between.
* many small performance improvements in inventory and variable handling and in task execution.
### Deprecations
* Specifying --tags (or --skip-tags) multiple times on the command line
currently leads to the last one overriding all the previous ones. This behaviour is deprecated.
In the future, if you specify --tags multiple times the tags will be merged together.
From now on, using --tags multiple times on one command line will emit a deprecation warning.
Setting the merge_multiple_cli_tags option to True in the ansible.cfg file will enable the new behaviour.
In 2.4, the default will be to merge and you can enable the old overwriting behaviour via the config option.
In 2.5, multiple --tags options will be merged with no way to go back to the old behaviour.
## 2.2.1 "The Battle of Evermore" - 2017-01-16
### Major Changes
* Security fix for CVE-2016-9587 - An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server as the user and group Ansible is running as.
### Minor Changes
* Fixes a bug where undefined variables in with_* loops would cause a task failure even if the when condition would cause the task to be skipped.
* Fixed a bug related to roles where in certain situations a role may be run more than once despite not allowing duplicates.
* Fixed some additional bugs related to atomic_move for modules.
* Fixes multiple bugs related to field/attribute inheritance in nested blocks and includes, as well as task iteration logic during failures.
* Fixed pip installing packages into virtualenvs using the system pip instead of the virtualenv pip.
* Fixed dnf on systems with dnf-2.0.x (some changes in the API).
* Fixed traceback with dnf install of groups.
* Fixes a bug in which include_vars was not working with failed_when.
* Fix for include_vars only loading files with .yml, .yaml, and .json extensions. This was only supposed to apply to loading a directory of vars files.
* Fixes several bugs related to properly incrementing the failed count in the host statistics.
* Fixes a bug with listening handlers which did not specify a `name` field.
* Fixes a bug with the `play_hosts` internal variable, so that it properly reflects the current list of hosts.
* Fixes a bug related to the v2_playbook_on_start callback method and legacy (v1) plugins.
* Fixes an openssh related process exit race condition, related to the fact that connections using ControlPersist do not close stderr.
* Improvements and fixes to OpenBSD fact gathering.
* Updated `make deb` to use pbuilder. Use `make local_deb` for the previous non-pbuilder build.
* Fixed Windows async to avoid blocking due to handle inheritance.
* Fixed bugs in the mount module on older Linux kernels and *BSDs
* Various minor fixes for Python 3
* Inserted some checks for jinja2-2.9, which can cause some issues with Ansible currently.
## 2.2 "The Battle of Evermore" - 2016-11-01
### Major Changes:
* Added the `listen` feature for modules. This feature allows tasks to more easily notify multiple handlers, as well as making it easier for handlers from decoupled roles to be notified.
* Major performance improvements.
* Added support for binary modules
* Added the ability to specify serial batches as a list (`serial: [1, 5, 10]`), which allows for so-called "canary" actions in one play.
* Fixed 'local type' plugins and actions to have a more predictable relative path. Fixes a regression of 1.9 (PR #16805). Existing users of 2.x will need to adjust related tasks.
* `meta` tasks can now use conditionals.
* `raw` now returns `changed: true` to be consistent with shell/command/script modules. Add `changed_when: false` to `raw` tasks to restore the pre-2.2 behavior if necessary.
* New privilege escalation become method `ksu`
* Windows `async:` support for long-running or background tasks.
* Windows `environment:` support for setting module environment vars in play/task.
* Added a new `meta` option: `end_play`, which can be used to skip to the end of a play.
* roles can now be included in the middle of a task list via the new `include_role` module, this also allows for making the role import 'loopable' and/or conditional.
* The service module has been changed to use system specific modules if they exist and fall back to the old service module if they cannot be found or detected.
* Add ability to specify what ssh client binary to use on the controller. This
can be configured via ssh_executable in the ansible config file or by setting
ansible_ssh_executable as an inventory variable if different ones are needed
for different hosts.
* Windows:
* several facts were modified or renamed for consistency with their Unix counterparts, and many new facts were added. If your playbooks rely on any of the following keys, please ensure they are using the correct key names and/or values:
- ansible_date_time.date (changed to use yyyy-mm-dd format instead of default system-locale format)
- ansible_date_time.iso8601 (changed to UTC instead of local time)
- ansible_distribution (now uses OS caption string, e.g.: "Microsoft Windows Server 2012 R2 Standard", version is still available on ansible_distribution_version)
- ansible_totalmem (renamed to ansible_memtotal_mb, units changed to MB instead of bytes)
* `async:` support for long-running or background tasks.
* `environment:` support for setting module environment vars in play/task.
* Tech Preview: Work has been done to get Ansible running under Python3. This work is not complete enough to depend upon in production environments but it is enough to begin testing it.
* Most of the controller side should now work. Users should be able to run python3 /usr/bin/ansible and python3 /usr/bin/ansible-playbook and have core features of ansible work.
* A few of the most essential modules have been audited and are known to work. Others work out of the box.
* We are using unit and integration tests to help us port code and not regress later. Even if you are not familiar with python you can still help by contributing integration tests (just ansible roles) that exercise more of the code to make sure it continues to run on both Python2 and Python3.
* scp_if_ssh now supports True, False and "smart". "smart" is the default and will retry failed sftp transfers with scp.
* Network:
* Refactored all network modules to remove duplicate code and take advantage of Ansiballz implementation
* All functionality from *_template network modules have been combined into *_config module
* Network *_command modules not longer allow configuration mode statements
### Minor Changes
* now -vvv shows exact path from which 'currently executing module' was picked up from.
* loop_control now has a label option to allow fine grained control what gets displayed per item
* loop_control now has a pause option to allow pausing for N seconds between loop iterations of a task.
* New privilege escalation become method `ksu`
* `raw` now returns `changed: true` to be consistent with shell/command/script modules. Add `changed_when: false` to `raw` tasks to restore the pre-2.2 behavior if necessary.
* removed previously deprecated ';' as host list separator.
* Only check if the default ssh client supports ControlPersist once instead of once for each host + task combination.
* Fix a problem with the pip module updating the python pip package itself.
* ansible_play_hosts is a new magic variable to provide a list of hosts in scope for the current play. Unlike play_hosts it is not subject to the 'serial' keyword.
* ansible_play_batch is a new magic variable meant to substitute the current play_hosts.
## 2.1.4 "The Song Remains the Same" - 2017-01-16
* Security fix for CVE-2016-9587 - An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server as the user and group Ansible is running as.
* Fixed a bug with conditionals in loops, where undefined variables and other errors will defer raising the error until the conditional has been evaluated.
* Added a version check for jinja2-2.9, which does not fully work with Ansible currently.
## 2.1.3 "The Song Remains the Same" - 2016-11-04
* Security fix for CVE-2016-8628 - Command injection by compromised server via fact variables. In some situations, facts returned by modules could overwrite connection-based facts or some other special variables, leading to injected commands running on the Ansible controller as the user running Ansible (or via escalated permissions).
* Security fix for CVE-2016-8614 - apt_key module not properly validating keys in some situations.
###Minor Changes:
* The subversion module from core now marks its password parameter as no_log so
the password is obscured when logging.
* The postgresql_lang and postgresql_ext modules from extras now mark
login_password as no_log so the password is obscured when logging.
* Fixed several bugs related to locating files relative to role/playbook directories.
* Fixed a bug in the way hosts were tested for failed states, resulting in incorrectly skipped block sessions.
* Fixed a bug in the way our custom JSON encoder is used for the to_json* filters.
* Fixed some bugs related to the use of non-ascii characters in become passwords.
* Fixed a bug with Azure modules which may be using the latest rc6 library.
* Backported some docker_common fixes.
availability and performance of IT infrastructure components. Zabbix is open
source and comes at no cost.
With Zabbix it is possible to gather virtually limitless types of data from
the network. High performance real-time monitoring means that tens of thousands
of servers, virtual machines and network devices can be monitored
simultaneously. Along with storing the data, visualization features are
available (overviews, maps, graphs, screens, etc), as well as very flexible
ways of analyzing the data for the purpose of alerting.
Due to the critical nature of issue 41230 we have decided to patch the 2016.11.5 packages with P.R.41244. This issue affects all calls to a salt-minion if there is an ipv6 nameserver set on the minion's host. The patched packages on repo.saltstack.com will divert from the v2016.11.5 tag and pypi packages due to the additional PR applied to the packages.
Bug fixes.
* New upstream release:
* merged Makefile patch
* update standards version, no change
* Remove pre-compiled .pyc for bzr plugin from Debian package,
and add python:Depends to Depends so that dh_python2 will install
maintainer script snippets. Unfortunately, this adds a completely
unnecessary dependency on python, which etckeeper does not need in
normal operation.
* Make etckeeper commit store metadata changes. The pre-commit
hook has always (and continues) to do that, but pre-commit is only
run when there are changes to tommit. This makes metadata-only
changes get committed.
* Move systemd files to /lib/systemd; /usr/lib/systemd is not used
on Debian.
* Optimised find for special and hard linked files.
Thanks, Rike-Benjamin Schuppner.
* Adjust when Pacman 5 calls etckeeper hooks.
Thanks, Tilman Blumenbach and Christian Hesse.
* Only run Pacman hooks when files in /etc have changed.
Thanks, Christian Hesse.
* Added systemd timer that can run etckeeper 10 minutes after boot, and also
daily. It's not enabled by default, partly because of overlap with the
cron job.
Thanks, Christian Hesse.
* Added support for pacmatic, contributed by nicolaichuk.
* bzr: make sure EMAIL is defined
Thanks, Serge E. Hallyn
* Fix Makefile version patterns to ignore non-native version number
(Antoine Beaupré)
* Support ~/.config/git/config when determining the author name and email.
Thanks, Richard Savio
* Added support for Arch's pacman package manager version 5.
Thanks, Tilman Blumenbach.
* Set HOME if it's not set, as is the case when using ubuntu's
update-manager.
* Move bash completion out of etc and into usr.
* Prepare upload to Debian unstable
* Fix Makefile version patterns to ignore non-native version number
* Fix lintian warnings:
* remove .pyc files on build
* install bash completions in standard location
* ignore missing debian/config file, we ask only on purge on purpose
* ignore full path for /usr/bin/etckeeper, we use it to stash it for
later
* Update to standards 3.9.6, no change
* Remove obsolete XS-Python-Version field
* Run debconf-updatepo, outdating a bunch of translations
* Use getent utility instead of perl. (Elan Ruusamäe)
* Initial FreeBSD support with pkgng plugin. (William Johansson)
* Fix README.md symlink in package (Sebastian Schmidt, Antoine Beaupré,
closes: #791566)
* Fix typo of GIT_COMMITTER_EMAIL.
* Update git URL in control file.
* Send yum pre-commit output to /dev/null
Thanks, Andrew Colin Kissa
* Set LANG=C internally when doing some operations that have
been reported to fail in other locales.
* Fix name of DNF plugin.
* Add --version
Thanks Andreas Wansner.
* New website, http://etckeeper.branchable.com/
* Add build-depends on dh-python.
* Added support for Fedora's DNF highlevel package manager.
Thanks, Peter Listiak and Petr Spacek.
* Add architecture info to dpkg list-installed. Closes: #768145
* Orphaned the Debian package.
* Recommend cron-daemon, rather than cron, as etckeeper only needs
cron.daily functionality. Closes: #762721
* Handle failure to commit in post-install, pre-install by showing a
warning, rather than propigating the error to apt.
This avoids breaking the apt run when eg, git is misconfigured and
cannot commit.
pre-install already did this when it was able to use debconf to display a
message, but now debconf is not used, and it always behaves this way.
Closes: #760011
* Ignore check-mk-agent-logwatch's FHS violating
/etc/check_mk/logwatch.state. Closes: #753903
* Only allow [-a-z_] in etckeeper commands to avoid any possible directory
traversal etc issues.
* update-ignore, uninit: Fix parsing of ignore files containing '\'
* Portability fixes. Thanks, Harald Dunkel.
* Add support for pushing to multiple remote repositories.
Thanks, Rouben.
* Fix handling of git ignores like dir/*
Thanks, Pim van den Berg
* Fix too broad matching of .gitignored files.
Closes: #732339
* Remove lvm/backup from default ignores, because lvm
documentation recommends backing that up, for use by
vgcfgrestore.
* Fix exporting of some git variables. Closes: #728583
* Fix git update-ignore syntax. Closes: #721873
* Avoid listing .gitignored files in .etckeeper file. Closes: #607665
Thanks, Zdenek Crha
* Fix hilarious typo hardcoding my name. Closes: #718425
* Guard git config calls. Closes: #717957
* Quote user and group names, in case one contains a space.
* Added support for the pacman package manager.
(Thanks, Tiago Stürmer Daitx)
* Use user.name and user.email from the .gitconfig file belonging to the
user who sued or sudoed to root, in preference to making up values for
that user.
* cron.daily: Fix typo in stale lockfile handling code.
Closes: #717908
* Deal with unix^wlinux portability nonsense.
Version 8.27.0 [v8-stable] 2017-05-16
- imkafka: add module
- imptcp enhancements:
* optionally emit an error message if incoming messages are truncated
* optionally emit connection tracking message (on connection create and
close)
* add "maxFrameSize" parameter to specify the maximum size permitted
in octet-counted mode
* add parameter "discardTruncatedMsg" to permit truncation of
oversize messages
* improve octect-counted mode detection: if the octet count is larger
then the set frame size (or overly large in general), it is now
assumed that octet-stuffing mode is used. This probably solves a
number of issues seen in real deployments.
- imtcp enhancements:
* add parameter "discardTruncatedMsg" to permit truncation of
oversize messages
* add "maxFrameSize" parameter to specify the maximum size permitted
in octet-counted mode
- imfile bugfix: "file not found error" repeatedly being reported
for configured non-existing file.
- imfile: in inotify mode, add error message if configured file cannot
be found
- imfile: add parameter "fileNotFoundError" to optinally disable
"file not found" error messages
- core: replaced gethostbyname() with getaddrinfo() call
- omkafka: add "origin" field to stats output
- imuxsock: rate-limiting also uses process name
both for the actual limit procesing as well as warning messages emitted
- Added new module: KSI log signing ver. 1.2 (lmsig_ksi_ls12)
- rsylsog base functionality now builds on osx (Mac)
- build now works on solaris again
- imfile: fix cross-platform build issue
- bugfix core: segfault when no parser could parse message
- bugfix core: rate-limit internal messages when going to external log system
- bugfix core: when obtaining local hostname, a NULL pointer could be
accessed.
- bugfix core: on shutdown, stderr was written to, even if alrady closed
- bugfix core: perform MainqObj destruction only when not NULL already
- bugfix core: memory leak when internal messages not processed internally
- bugfix imptcp: potential overflow in octet count computation
when a very large octet count was specified, the counter could overflow
- agent: Fixed an issue where NAT-configured agents with a non-routable
advertise address would refuse to make RPC connections to Consul
servers. This was a regression related to GH-2822 in Consul 0.8.2.
==== Bugfixes
Affecting all Beats
- Improve error message when downloading the dashboards fails.
- Fix potential Elasticsearch output URL parsing error if protocol
scheme is missing.
- Downgrade Elasticsearch per batch item failure log to debug level.
- Make `@timestamp` accessible from format strings.
Filebeat
- Allow log lines without a program name in the Syslog fileset.
- Don't stop Filebeat when modules are used with the Logstash output.
Metricbeat
- Fixing panic on the Prometheus collector when label has a comma.
- Make system process metricset honor the `cpu_ticks` config option.
Winlogbeat
- Fix null terminators include in raw XML string when include_xml is
enabled.
==== Added
Affecting all Beats
- Update index mappings to support future Elasticsearch 6.X.
Filebeat
- Add auditd module for reading audit logs on Linux.
- Add fileset for the Linux authorization logs.
Heartbeat
- Add default ports in HTTP monitor.
Metricbeat
- Add beta Jolokia module.
- Add dashboard for the MySQL module.
- Module configuration reloading is now beta instead of experimental.
- Marked http fields from the HAProxy module optional to improve
compatibility with 1.5.
- Add support for custom HTTP headers and TLS for the Metricbeat
modules.
Packetbeat
- Add DNS dashboard for an overview the DNS traffic.
- Add DNS Tunneling dashboard to highlight domains with large numbers
of subdomains or high data volume.
BREAKING CHANGES:
- api: HttpClient now defaults to nil in the client config and will be
generated if left blank. A NewHttpClient function has been added for
creating an HttpClient with a custom Transport or TLS config.
IMPROVEMENTS:
- agent: Added an error at agent startup time if both -ui and -ui-dir
are configured together.
- agent: Added the datacenter of a node to the catalog, health, and
query API endpoints which contain a Node structure.
- agent: Added the ca_path, tls_cipher_suites, and
tls_prefer_server_cipher_suites options to give more flexibility
around configuring TLS.
- agent: Reduced the timeouts for the -dev server mode so that the
development server starts up almost instantly.
- agent: Added verify_incoming_rpc and verify_incoming_https options
for more granular control over incoming TLS enforcement.
- agent: Use bind address as source for outgoing connections.
- api: Added the ACL replication status endpoint to the Go API client
library.
- cli: Added Raft protocol version to output of operator raft
list-peers command.
- ui: Added optional JSON validation when editing KV entries in the
web UI.
- ui: Updated ACL guide links and made guides open in a new tab.
BUG FIXES:
- server: Fixed a panic when the tombstone garbage collector was
stopped.
- server: Fixed a panic in Autopilot that could occur when a node is
elected but cannot complete leader establishment and steps back
down.
- server: Added a new peers.json format that allows outage recovery
when using Raft protocol version 3 and higher. Previously, you'd
have to set the Raft protocol version back to 2 in order to manually
recover a cluster.
- ui: Add and update favicons
-------------------------------------
v3.8.0
- Additional Intel GPU checks
- Gentoo release check (whether it's stable/testing/experimental)
- Chromebrew detection for Chrome OS pkgs
- OpenBSD fixes
- Manjaro logo updated
- Added Fux logo
- Enable easily addable custom lines through customlines() function
- Line wrapping with '-w' command line option
- Fix issue with extra space and host variable
- Improvements to OS X font detection
- Fixed package count, shell detection and colors on NetBSD
- Added pkgsrc support for OS X
- Use new NixOS logo
- Use new KaOS logo
- PCLinuxOS logo added
- pomf host removed (does not exist anymore)
- Display the package count, resolution, GPU and OS version on Haiku
- Display release version and package count on TinyCore Linux
- Display exact release version on Windows 10
- Use modern logo on Windows 10 and Windows 8
- Support for Blackbox on Windows
- Improve BusyBox shell detection
- Added detection for Trinity/TWin, chromeos-wm, FLWM, howm,
sway, LXQt and Deepin [DEs/WMs]
- Added detection for Alpine, BunsenLabs, Chrome OS, Chromium
OS, Devuan, Fux, GrombyangOS, KDE neon, Kogaion, Mer, Msys,
Netrunner, Oracle Linux, PCLinuxOS, Qubes OS, Parrot
Security, Pardus, Red Star OS, ROSA, SailfishOS,
SparkyLinux, SteamOS, SUSE Linux Enterprise and SwagArch
(pkgsrc changes)
- Drop patch, upstream now included.
Launch a subprocess in a pseudo terminal (pty), and interact with both
the process and its pty.
Sometimes, piping stdin and stdout is not enough. There might be a
password prompt that doesn’t read from stdin, output that changes when
it’s going to a pipe rather than a terminal, or curses-style
interfaces that rely on a terminal. If you need to automate these
things, running the process in a pseudo terminal (pty) is the answer.
### Version 0.6.3 / 2017-03-24
See beta release notes.
### Version 0.6.3.beta.1 / 2017-03-10
* Bug fix: Fixed child process creation problems on Windows 7 when a child was declared as a leader.
### Version 0.6.2 / 2017-02-25
* Bug fix: Fixed a potentially broken edge case that could occur on older 32-bit OSX systems.
### Version 0.6.1 / 2017-01-22
* Bug fix: Fixed a dependency that was accidentally declared as a runtime
dependency instead of a development dependency.
### Version 0.6.0 / 2017-01-22
* Support for Ruby 2.4 added
Affecting all Beats
- Fix panic when testing regex-AST to match against date patterns.
Filebeat
- Fix modules default file permissions.
- Allow - in Apache access log byte count.
Metricbeat
- Avoid errors when some Apache status fields are missing.
D-Bus 1.10.18 (2017-04-05)
==
The “can't handle a self-referential paradox” release.
Fixes:
• Re-order dbus-daemon startup so that on SELinux systems, the thread
that reads AVC notifications retains the ability to write to the
audit log (fd.o #92832, Debian #857660; Laurent Bigonville)
• Fix a harmless read overflow and some memory leaks in a unit test
(fd.o #100568, Philip Withnall)
IMPROVEMENTS:
- agent: Node IDs derived from host information are now hashed to
prevent things like common server hardware from generating IDs with
a common prefix across nodes.
- agent: Added new -disable-host-node-id CLI flag and
disable_host_node_id config option to the Consul agent to prevent it
from using information from the host when generating a node ID.
- agent: Removed useless "==> Caught signal: broken pipe" logging
since that often results from problems sending telemetry or broken
incoming client connections; operators don't need to be alerted to
these.
- cli: Added TLS options for setting the client/CA certificates to use
when communicating with Consul.
- build: Consul is now built with Go 1.8.1.
- ui: Updates Consul assets to new branding.
BUG FIXES:
- api: Added missing Raft index fields to AgentService and Node
structures.
- server: Fixed an issue where flood joins would not work with IPv6
addresses.
- server: Fixed an issue where electing a 0.8.x leader during an
upgrade would cause a panic in older servers.
- server: Fixed an issue where tracking of leadership changes could
become incorrect when changes occurred very rapidly.
- server: Fixed a panic when checking ACLs on a session that doesn't
exist.
Changelog:
Fixed:
* Authentication failure is reported as unknown general system error.
* Unable to backup virtual machines with active Docker containers.
and allows parsing separate sysfs files rather than reading the config file
on newer kernels.
Adam Jackson (1):
chmod a-x README.cygwin
Chuck Tuffli (1):
libpciaccess: Fix incorrect format specification
Emil Velikov (7):
autogen.sh: pass --force to autoreconf, quote string variables
linux sysfs: retrieve vendor, device... info via separate sysfs files
autogen.sh: use quoted string variables
Revert "linux_sysfs: include <limits.h> for PATH_MAX"
configure.ac: remove AC_CONFIG_SRCDIR macro
configure.ac: set AC_CONFIG_AUX_DIR
libpciaccess 0.13.5
Felix Janda (2):
linux_sysfs.c: Include <limits.h> for PATH_MAX
linux_sysfs: include <limits.h> for PATH_MAX
Henry Zhao (2):
probe should not hold pci nexus drivers open
use cached devinfo snapshots, remove unnecessary di_init()
Julien Cristau (1):
Include config.h before anything else in *.c
Keith Busch (1):
Ignore 32-bit domains
Mihail Konev (1):
autogen: add default patch prefix
Peter Hutterer (1):
autogen.sh: use exec instead of waiting for configure to finish
Thomas Klausner (1):
Fix quoting issue.
arsharma (2):
vgaarb: add a the trailing NULL character on read(vgaarb_fd)
device-name: handle calloc failure in insert()
- enable internal error messages at all times
- core: added logging name of source of rate-limited messages
- omfwd: omfwd: add support for network namespaces
- imrelp: honor input name if provided when submitting to impstats
- imptcp: add ability to set owner/group/access perms for uds
- mmnormalize: add ability to load a rulebase from action() parameter
- pmrfc3164 improvements
- permit to ignore leading space in MSG
- permit to use at-sign in host names
- permit to require tag to end in colon
- add new global parameter "umask"
- core: make use of -T command line option more secure
- omfile: add error if both file and dynafile are set
- bugfix: build problem on MacOS (not a supported platform)
- regression fix: in 8.25, str2num() returned error on empty string
- bugfix omsnmp: improper handling of new-style configuration
parameters
- bugfix: rsyslog identifies itself as "liblogging-stdlog" in internal
messages
- bugfix imfile: wrong files were monitored when using multiple imfile
inputs
- bugfix: setting net.aclResolveHostname/net.acladdhostnameonfail
segfaults
- bugfix: immark emitted error messages with text "imuxsock"
- bugfix tcpflood: build failed if RELP was disabled
- fix gcc6 compiler warnings
- the output module array passing interface has been removed
Version 2.0.3, 2017-03-22
- add ability to load rulebase from a string
- bugfix: string parser did not correctly parse word at end of line
- bugfix: literal parser does not always store value if name is specified
Version 2.0.2, 2016-11-15
- bugfix: no error was emitted on invalid "annotate" line
- "annnotate": permit inline comments
- fix a problem with cross-compilation
- bugfix: abort in literal path compaction when useing "alternative" parser
- bugfix: lognormalizer could loop
- fix misleading compiler warning
- testbench: add test for "annotate" functionality
BREAKING CHANGES:
- Command-Line Interface RPC Deprecation: The RPC client interface has
been removed.
- Version 8 ACLs Are Now Opt-Out: The acl_enforce_version_8
configuration now defaults to true to enable full version 8 ACL
support by default.
- Remote Exec Is Now Opt-In: The default for disable_remote_exec was
changed to "true", so now operators need to opt-in to having agents
support running commands remotely via consul exec.
- Raft Protocol Compatibility: When upgrading to Consul 0.8.0 from a
version lower than 0.7.0, users will need to set the -raft-protocol
option to 1 in order to maintain backwards compatibility with the old
servers during the upgrade.
FEATURES:
- Autopilot: A set of features has been added to allow for automatic
operator-friendly management of Consul servers.
- Dead Server Cleanup: Dead servers will periodically be cleaned up and
removed from the Raft peer set
- Server Health Checking: An internal health check has been added to
track the stability of servers.
- New Server Stabilization: When a new server is added to the cluster,
there will be a waiting period where it must be healthy and stable for
a certain amount of time before being promoted to a full, voting member.
- Advanced Redundancy: (Consul Enterprise) A new -non-voting-server
option flag has been added for Consul servers to configure a server
that does not participate in the Raft quorum.
- Upgrade Orchestration: (Consul Enterprise) Autopilot will
automatically orchestrate an upgrade strategy for Consul servers
- Network Areas: (Consul Enterprise) A new capability has been added
which allows operators to define network areas that join together two
Consul datacenters.
- WAN Soft Fail: Request routing between servers in the WAN is now more
robust by treating Serf failures as advisory but not final.
- WAN Join Flooding: A new routine was added that looks for Consul
servers in the LAN and makes sure that they are joined into the WAN as
well.
- Validate command: To provide consistency across our products, the
configtest command has been deprecated and replaced with the validate
command
IMPROVEMENTS:
- agent: Fixed a missing case where gossip would stop flowing to dead
nodes for a short while.
- agent: Changed agent to seed Go's random number generator.
- agent: Serf snapshots no longer have the executable bit set on the
file.
- agent: Consul is now built with Go 1.8.
- agent: Updated aws-sdk-go version (used for EC2 auto join) for Go 1.8
compatibility.
- agent: User-supplied node IDs are now normalized to lower-case.
- agent: Added checks to enforce uniqueness of agent node IDs at cluster
join time and when registering with the catalog.
- cli: Standardized handling of CLI options for connecting to the Consul
agent.
- cli: Updated go-cleanhttp library for better HTTP connection handling
between CLI commands and the Consul agent
- cli: The operator raft subcommand has had its two modes split into the
list-peers and remove-peer subcommands.
- cli: Added an -id flag to the operator raft remove-peer command to
allow removing a peer by ID.
- dns: Allows the .service tag to be optional in RFC 2782 lookups.
- server: Changed the internal EnsureRegistration RPC endpoint to
prevent registering checks that aren't associated with the top-level
node being registered.
BUG FIXES:
- agent: Fixed an issue with consul watch not working when http was
listening on a unix socket.
- agent: Fixed an issue where checks and services could not sync
deregister operations back to the catalog when version 8 ACL support
is enabled.
- agent: Fixed an issue where agents could use the ACL token registered
with a service when registering checks for the same service that were
registered with a different ACL token.
- cli: Fixed consul kv commands not reading the CONSUL_HTTP_TOKEN
environment variable.
- cli: Fixed an issue where prefixing an address with a protocol (such
as 'http://' or 'https://') in -http-addr or CONSUL_HTTP_ADDR would
give an error.
- cli: Fixed an issue where error messages would get printed to stdout
instead of stderr.
- server: Fixed an issue with version 8 ACLs where servers couldn't
deregister nodes from the catalog during reconciliation.
- server: Fixed an issue where servers could temporarily roll back
changes to a node's metadata or tagged addresses when making updates
to the node's health checks.
- server: Fixed an issue where the service name consul was not subject
to service ACL policies with version 8 ACLs enabled.
==== Breaking changes
Affecting all Beats
- Configuration files must be owned by the user running the Beat or by
root, and they must not be writable by others.
- Change Beat generator. Use
`$GOPATH/src/github.com/elastic/beats/script/generate.py` to
generate a beat.
Filebeat
- Always use absolute path for event and registry. This can lead to
issues when relative paths were used before.
Metricbeat
- Linux cgroup metrics are now enabled by default for the system
process metricset. The configuration option for the feature was
renamed from `cgroups` to `process.cgroups.enabled`.
- Change field names `couchbase.node.couch.*.actual_disk_size.*` to
`couchbase.node.couch.*.disk_size.*`
==== Bugfixes
Affecting all Beats
- Add `_id`, `_type`, `_index` and `_score` fields in the generated
index pattern.
Filebeat
- Fix empty registry file on machine crash.
Metricbeat
- Add error handling to system process metricset for when Linux
cgroups are missing from the kernel.
- Add labels to the Docker healthcheck metricset output.
Winlogbeat
- Fix handling of empty strings in event_data.
==== Added
Affecting all Beats
- Files created by Beats (logs, registry, file output) will have 0600
permissions.
- RPM/deb packages will now install the config file with 0600
permissions.
- Add the option to pass custom HTTP headers to the Elasticsearch
output.
- Unify `regexp` and `contains` conditionals, for both to support
array of strings and convert numbers to strings if required.
- Add the option to load the sample dashboards during the Beat startup
phase.
- Disabled date detection in Elasticsearch index templates. Date
fields must be explicitly defined in index templates.
- Using environment variables in the configuration file is now GA,
instead of experimental.
Filebeat
- Add Filebeat modules for system, apache2, mysql, and nginx.
- Add the `pipeline` config option at the prospector level, for
configuring the Ingest Node pipeline ID.
- Update regular expressions used for matching file names or lines
(multiline, include/exclude functionality) to new matchers improving
performance of simple string matches.
- The `symlinks` and `harverster_limit` settings are now GA, instead
of experimental.
- close_timeout is also applied when the output is blocking.
- Improve handling of different path variants on Windows.
Metricbeat
- Add experimental dbstats metricset to MongoDB module.
- Use persistent, direct connections to the configured nodes for
MongoDB module.
- Add dynamic configuration reloading for modules.
- Add docker health metricset
- Add docker image metricset
- System module uses new matchers for white-listing processes.
- Add Beta CEPH module with health metricset.
- Add Beta php_fpm module with pool metricset.
- The Docker, Kafka, and Prometheus modules are now Beta, instead of
experimental.
- The HAProxy module is now GA, instead of experimental.
- Add the ability to collect the environment variables from system
processes.
==== Deprecated
Affecting all Beats
- Usage of field `_type` is deprecated. It should not be used in
queries or dashboards.
Filebeat
- The experimental `publish_async` option is now deprecated and is
planned to be removed in 6.0.
This includes stub domains support, but it should be considered
experimental at this time. Stub domains hangs with serial ports,
or more more than one virual disk (multiple virtual ethernet have not been
tested).
* Avoid crashing after fd is closed
* Add support for platforms with libinotify
* Add license to gemspec.
* Do not follow into symlinked directories when traversing directories
This is pretty much a relaunch of the project,
the internet site and the accompanying documentation.
There are too much changes for a detailed report.
The most prominent feature of this version is that
the multithreaded RS03 codec reached production
quality, and all required features have been implemented.
A few things will be added with the next releases:
- adaptive reading is currently disabled as it does
not support RS03 yet and would crash or misbehave
on RS03 error correction data
- a heuristic for an exhaustive re-discovery of RS03
structures in a badly damaged medium is missing in
the decoder
But these things should not keep you from using RS03,
as the encoder is complete and future decoder enhancements
do not affect already created RS03 data.
