./filesystems/openafs, File system for sharing, scalability and transparent data migration

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.6.9, Package name: openafs-1.6.9, Maintainer: gendalia

AFS is a distributed filesystem product, pioneered at Carnegie Mellon
University and supported and developed as a product by Transarc
Corporation (now IBM Pittsburgh Labs). It offers a client-server
architecture for file sharing, providing location independence,
scalability and transparent migration capabilities for data. IBM
branched the source of the AFS product, and made a copy of the source
available for community development and maintenance. They called the
release OpenAFS.

Package options: namei, server, supergroups

Master sites:

SHA1: 563368f33552cd1cfd1711676aea0e2f1cf2fd1b
RMD160: 03a6f5dcd704c7c840839cee426a048160d7e206
Filesize: 14256.003 KB

Version history: (Expand)

CVS history: (Expand)

   2014-06-13 01:44:04 by Tracy Di Marco White | Files touched by this commit (2)
Log message:
Upgrade to OpenAFS 1.6.9

OpenAFS 1.6.9

  All server platforms

    * Fix for OPENAFS-SA-2014-002

OpenAFS 1.6.8

  All platforms

    * Documentation improvements (10751 10875 10931 10897 10883 10954 10955)

    * Improved diagnostics and error messages (10756 10814 10949)

    * Fixed a bug in RX that could make errors during packet reception go
      unnoticed. (10733)

    * Fixed a bug that made "vos size -dump" display the wrong size for
      large volumes. (10933)  (RT #131819)

  All server platforms

    * Change the default fileserver sync behavior from "delayed" to \ 
      This means that explicit syncing only happens when a volume is detached.

    * Added the -offline-timeout and -offline-shutdown-timeout options to the
      fileserver, to implement interrupting clients accessing volumes we are
      trying to take offline. (6266 10799)
   2014-04-16 19:51:43 by Tracy Di Marco White | Files touched by this commit (2)
Log message:
Upgrade OpenAFS to 1.6.7:
OpenAFS 1.6.7

  All server platforms

    * Fix for OPENAFS-SA-2014-001

    * Fix for a potential DOS attack against RX servers
   2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350)
Log message:
Remove example rc.d scripts from PLISTs.

These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
   2014-02-21 22:33:51 by Tracy Di Marco White | Files touched by this commit (8) | Package updated
Log message:
Upgrade OpenAFS to 1.6.6.
Remove unused options bos-new-config, fast-restart, & largefile.
Remove patches fixed upstream.

OpenAFS 1.6.6

  All platforms

    * As of this release, OpenAFS no longer ships uncompressed source tarballs.
      Tarballs are still shipped with both compression formats, gzip and bzip2.

    * Documentation improvements (10136 10314 10601)

    * Improved diagnostics and error messages (9412 10085 10274)

    * Avoid redefining "assert" in our public header files, which could
      cause failures when building some applications using them. (10096)

    * Fixes for parallel builds (10005 10309 10337)

    * Added a -s switch to afscp (not installed by default) to help simulate
      a slow client. (9416 9417)

    * Added a -probe switch to vlclient test program (not installed by default)
      to ping all vlservers in a cell in parallel. (9570)

  All server platforms
    * The fileserver now ignores any vice partitions with a NeverAttach flag
      file present in the root directory. (RT #130561) (9470 9471)

    * Restrict forcing CPS ("Current Protection Subdomain") \ 
recalculation in
      the fileserver to administrators. Also fixed a bug that could cause this
      operation to be incomplete. (9485 9487)

    * Allow non-DAFS fileservers to attach unusable volumes, restoring pre-1.6
      behaviour. (RT #131505) (9499)

    * Restored the pre-1.6 behaviour when running vos examine for a volume
      currently in a transaction, showing the volume as busy again rather than
      offline. (9685 9915 9916)

    * Reduced the minimum time a bos salvage takes from 5 seconds to 1. (9476)

    * Fixed buserver to not segfault when started with the -servers option.
      (RT #131706) (10166)

    * Salvager fixes, addressing a wide variety of possible problems from
      unnecessary salvaging to aborts (9282 9283 9457 9458 9459 9461 9462 9480
      9481 10165 10167)

    * Fixed a bug that could cause saved state information to be discarded
      when restarting a large or busy fileserver, which negatively impacted
      performance. (9683)

    * Fixed a bug that could have caused undefined behaviour in the vlserver
      in rare cases when a fileserver registered its addresses in the VLDB.

    * Added the -preserve-vol-stats switch to volserver, allowing it to keep
      the access statistics across volume restore and reclone operations
      instead of resetting them. (9477)

    * Inserted an exponential delay between retries when bosserver attempts to
      restart a server process. (9571 10199)

    * Improved vldb_check (not installed by default) to cope with broken
      vlentry names and volids, and provide more output to aid debugging.

    * Releasing a volume after adding a new RO site no longer touches any of
      the existing RO sites, if the RW data hasn't changed since the last
      release. (10174)

    * Make the copyDate field for RO clones have the same meaning as for
      remote RO volumes. Previously, the copyDate field for clones was updated
      every time we released. (9451)

    * Fixed potentially undefined behaviour in ptserver when too many pts
      ids are allocated. (10124)

    * Note that the server side NAT pings feature present in the prereleases
      was removed before the final release, since no positive feedback
      was provided during prerelease testing. (9420 10135)

  Linux servers

    * Start bosserver with -nofork in the systemd unit file, to allow systemd
      to track its state (10093)

  All client platforms

    * No longer track file locks on read-only volumes. Write locks can't
      succeed, read locks always will. Avoids log messages about this kind
      of lock. (8910)

    * Added the "fs flushall" subcommand, which makes the client \ 
discard all
      cached data. This was previously available on Windows only. (9065 9388
      9389 9390)

    * Fixed a bug that could make the client incorrectly believe its cache
      is up to date. This change could negatively impact AFS <-> DFS
      translators, should those still be running anywhere. (8898)

    * Several changes to avoid panicing in certain error conditions.
      (9131 9287 10354 10355 10356 10357) (partially addressing RT #131747)

    * Added the -rxmaxfrags switch to afsd, allowing to limit the number
      of UDP fragments sent or received per RX packet. (9430)

    * Build fixes for aklog on several platforms (RT #131716) (9917 10107 10275)

    * Require that the AFS mountpoint specified in the cacheinfo file is
      an absolute path. Relative paths result in a client that basically
      works but is not fully functional. (10253)

    * Fixed a bug that could cause one of the afsd threads to enter an infinite
      loop (10431 .. 10436)

  Linux clients

    * Support Linux kernels up to 3.13 (10241)

    * Fixed a bug that made readv/writev calls in AFS space fail with Linux
      kernels where generic_file_aio_read exists but those operations have
      not been switched to using aio_read/aio_write. This was a regression
      introduced with release 1.6.3 and affected at least RHEL 5.9 kernels.

    * Fixed a similar bug making core dumps fail in AFS space, affecting
      a much wider range of kernels including the most recent ones.
      (RT #131729) (10254)

    * Enhanced the keyring code to make PAGs work correctly on kernels with a
      distribution specific change to the Linux keyring code. This affected at
      least SLES 11 SP3 kernels. (10252)

    * Fixed a bug that could make failures during PAG instantiation go
      unnoticed. (10255)

    * Fixed a bug that made compilation fail for Linux kernels without
      keyring support. This affected at least the SLE 10 SDK and an
      OEM version of SLES 11 SP1. (10325)

    * Fixed build for kernels with user namespace support enabled. Likely
      to be required for Ubuntu 14.04 and eventually other distributions.
      (10456 10457 10458 10518 10472)

    * Support RHEL 6.5 kernels, and possibly others with changes backported
      from recent mainline kernels that touch getname/putname, by no longer
      using those functions. Previously, the client could cause a kernel
      panic when syscall auditing was enabled. (10578)

    * Make tmpfs usable as the cache filesystem again. This had been broken
      since kernel 3.1 (9950 10193)

    * When starting the client fails, clean up the backing device information
      created in sysfs, to avoid error messages during a subsequent start
      and possible system instability later on (10454)

    * Update Red Hat packaging to support Fedora >= 20, RHEL >= 7 and
      ELrepo kernels (10597 10619 10622 10703 10704)

  OS X Clients

    * Support OS X 10.9 "Mavericks" (10519 10541 10542 10543 10548 10549)

  AIX clients

    * Fixed a bug that caused the 1.6 AIX client to never receive any RX
      packets in the kernel. (RT #131725)

  FUSE client

    * Support Solaris 11 (9454 9455)

    * Allow other users to access filesystems mounted by root. (9452)


    * Build tvolser and dvolser on this platform (10122)
    * Several fixes to catch up with newer releases (10374 .. 10381)


    * Build tsalvaged, tvolser and dvolser on this platform (10121)
    * Fixed build on NetBSD 5 and newer. (10138)
   2013-09-17 03:04:12 by Jonathan A. Kollasch | Files touched by this commit (2) | Package updated
Log message:
Update openafs to 1.6.5

Changes since 1.6.2:
OpenAFS 1.6.5

commit 5f5b02a57102af1a85fb9bdaaec31b6094d0c9c4
Author: Michael Meffie <mmeffie@sinenomine.net>
Date:   Wed Jul 17 23:10:42 2013 +0100

    ubik: Fix encryption selection in ugen

    Make sure that we encrypt when requested to by the application

    Change-Id: If4c2ba2257bf060d3e9169ccdbcae54f54dfe5d7

commit 0e41558190a5190dee3037c08e8df31e61e5134e
Author: Simon Wilkinson <sxw@your-file-system.com>
Date:   Tue Jul 16 19:37:00 2013 +0100

    Make OpenAFS 1.6.5

    Change-Id: I693297ef6e20358966930cb29116d45b9151811f

commit 9e1c24a583634e6102091388dedc47745efce78a
Author: Ben Kaduk <kaduk@mit.edu>
Date:   Sat Jul 13 10:49:27 2013 +0100

    Add support for deriving DES keys to klog.krb5

    (cherry picked from commit e79102e7918ce5196e870a806879135743ec3abb)

    Change-Id: Ia7ebfdd10dcfd6cd164b10275016147630748bac

commit 4b7553600a7659d117df0bde7b1c1dfde031deb8
Author: Andrew Deason <adeason@sinenomine.net>
Date:   Wed Jul 10 12:52:28 2013 -0500

    Reload rxkad.keytab on CellServDB modification

    Make the reloading of rxkad.keytab keys occur in the same way that
    KeyFile keys are reloaded. That is, we only try to reload them if the
    CellServDB mtime has changed. This is intended to have exactly the
    same reloading behavior as KeyFile reloads.

    I would have triggered this from afsconf_Check, but that approach
    has annoyances. (Calling ticket5_keytab functions directly from
    cellconfig pulls in libkrb5 dependencies for everything that uses
    cellconfig, and we'd have to trigger an afsconf_Check call by calling
    some other cellconfig function.)


commit d2024c158e3a879305ff17cf726d3958f20677f4
Author: Andrew Deason <adeason@sinenomine.net>
Date:   Mon Jun 10 17:49:12 2013 -0500

    Avoid calling afsconf_GetLatestKey directly

    Don't call afsconf_GetLatestKey to determine whether we can print our
    own local tokens, since we may have keytab 'local' keys, but no DES
    keys. Just try to construct them and see if it fails, using
    afsconf_PickClientSecObj or afsconf_ClientAuth{,Secure} as

commit d4788f6e283b79a1b974dda1e8fae213efd34930
Author: Andrew Deason <adeason@sinenomine.net>
Date:   Mon Jun 10 17:15:27 2013 -0500

    auth: Do not always fallback to noauth

    Make afsconf_PickClientSecObj error out if we can't construct
    localauth tokens (unless the caller explicitly requested rxnull
    fallback). afsconf_ClientAuth{,Secure} still falls back, as always.

commit 95d57c74476c5a02ce6d9ca913dcbf88ac5c1143
Author: Ben Kaduk <kaduk@mit.edu>
Date:   Tue May 14 19:37:59 2013 -0400

    Clean up akimpersonate and use for server-to-server

    Since a6d7cacfd, aklog has been able to print a krb5 ticket to
    itself for an arbitrary client principal, allowing a user with
    access to the cell's krb5 key to get tokens as an arbitrary user.

    Now that it is possible to use native krb5 tickets with non-DES
    enctypes for authentication, and akimpersonate is available from libauth,
    use printed native krb5 tickets for server-to-server communication (as well
    as the -localauth versions of the client utilities).

    Remove the early call to afsconf_GetLatestKey() in
    afsconf_PickClientSecObj() so that we do not end up picking an old DES
    key before we try to find a better key to use.

    Before doing so, refactor the akimpersonate code to be more usable
    and readable, and eliminate some dead code.  For example, we always printed
    addressless tickets, so that code could be removed.  Other code had excessive
    stack usage for a library routine, which is eliminated.  Use a start time
    of 0 instead of 300 so that the printed ticket will always be
    detected as infinite-lifetime.

    In order to ensure usability on all platforms (in particular Solaris),
    provide a couple more compat shims to implement routines which are not
    always available from the krb5 library, in particular encode_krb5_ticket
    and encode_krb5_enc_tkt_part.  Thanks to Andrew Deason for implementing
    these compatability routines.

    UKERNEL doesn't need this stuff.

commit 15b77552b22e3ff3e7478008673775a45047f600
Author: Alexander Chernyakhovsky <achernya@mit.edu>
Date:   Tue May 14 18:12:08 2013 -0400

    Move akimpersonate to libauth

    Give it its own source file and header, install the header at
    depinstall time, and have aklog get the akimpersonate functionality
    from libauth.

    Keep the linux box copyright from aklog_main.c (but strip the trailing
    whitespace), as that block was added with the akimpersonate code.

    Remove all calls to afs_com_err() as is fitting for library code,
    to let it build.  Do not bother removing curly braces which are
    no longer needed; a future cleanup commit will catch that.

commit 1c7fa1405940a136a992d65023cc690b1111ab3e
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date:   Sun Mar 17 21:58:47 2013 -0400

    Derive DES/fcrypt session key from other key types

    If a kerberos 5 ticket has a session key with a non-DES enctype,
    use the NIST SP800-108 KDF in counter mode with HMAC_MD5 as the PRF to
    construct a DES key to be used by rxkad.

    To satisfy the requirements of the KDF, DES3 keys are first compressed into a
    168 bit form by reversing the RFC3961 random-to-key algorithm

    Change-Id: I4dc8e83a641f9892b31c109fb9025251de3dcb27

commit 33eecea7db14d06c59e1081b970d4caf0af773ca
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date:   Sun Feb 10 13:27:03 2013 -0500

    Integrate keytab-based decryption into afsconf_BuildServerSecurityObjects

    Now all servers can have it.

    authcon.o grows a krb5 dependency and needs to get KRB5_CPPFLAGS.

    Change-Id: I95fecb3f88c19b3d5193ea8200fa20c86ec08ad7

commit 14db1a40e5be3b7325951d002885bbf288d570c1
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date:   Sat Feb 9 12:42:20 2013 -0500

    New optional rxkad functionality for decypting krb5 tokens

    An additional, optional mechanism for decrypting krb5-format tokens
    is provided that uses the krb5 api with a key from a keytab
    instead of using libdes and the AFS KeyFile.

    The AIX compat stub for krb5_c_decrypt is contributed by Andrew Deason.

    Change-Id: I97c08122c60482b84d602d6fa6482f1d5deef142

commit 5e0cbc930508a697331bad07cc201c1e1985ff84
Author: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Date:   Sat Feb 9 12:01:37 2013 -0500

    Add rxkad server hook function to decrypt more types of tokens

    Allow tokens to be encrypted with algorithms other than DES.
    The security object owner must provide an implementation
    by calling rxkad_SetAltDecryptProc.

    Make sure plainsiz is initialized before calling the alternate decrypt

                       User-Visible OpenAFS Changes

OpenAFS 1.6.4

All platforms

    * Obey the jumbo/nojumbo settings for ubik servers (the DB servers)
      too. In previous releases, those servers may have used jumbograms
      even if they were not configured to do so. This change corrects
      the actual behaviour, and will improve performance and reliability
      for sites where jumbograms are problematic. It could cause a decrease
      in performance for sites where jumbograms work, but those can turn
      them back on manually.

    * Dozens of fixes for common coding problems like use after free,
      use of possibly uninitialised memory, reading or writing past the
      end of arrays and potential NULL pointer derefences. Spotted by
      code analysis tools or human inspection.

    * Documentation improvements.

    * Fixes and improvements to the diagnostic or log messages printed by
      vos, the fileserver and others.

    * Build fixes, making parallel builds more reliable with certain
      configuration options and helping various platforms including
      recent releases of IRIX, Solaris and several flavours of Linux.

    * Avoid sending a small amount of data over the wire unencrypted
      under certain conditions, and emit the correct error message in
      this case.

All server platforms

    * Avoid generating duplicate IDs for readonly and backup volumes,
      which could happen under certain conditions.

    * Allow the fileserver to return volume data like quota or free space,
      which is available publicly elsewhere, without the additional access
      check for read permissions on a volume's root directory the fileserver
      performed before.

    * The fileserver now emits a log message when it ran out of memory for

    * Avoid several potential fileserver problems, including memory
      corruption and segmentation faults, due to client bookkeeping.

    * Avoid known cases of silent data corruption due to background syncs
      on the fileserver, especially during Copy on Write.

    * Make the fileserver sync behaviour runtime configurable. Up to 1.4.5,
      we had synchronous syncs which were safe but really slow. Since 1.4.5,
      we've had asynchronous syncs which are much faster but believed to
      be the cause of rare data corruption issues, and while all known cases
      of these happening are believed to be fixed in the 1.6.3 release, doubts
      remain. This change allows choosing between those, and in addition allows
      to turn syncs by the fileserver off altogether, thus relying on the vice
      partition's backend filesystem and the operating system, or to just
      execute them when a volume is detached. The default behaviour is
      unchanged from releases since 1.4.5, but it's highly recommended to
      consider the additional options this change provides. Future OpenAFS
      releases will default to "-sync=none".

    * For dbservers, avoid a situation where misinterpreting transient
      network errors causes long-term issues with achieving ubik quorum.

All UNIX client platforms

    * Improvements to the detection of an aklog-specific krb5 configuration
      file, for the purposes of turning on "weak crypto" for aklog.

    * Fixed a regression introduced in release 1.6.2 which caused the
      supposedly persistent disk cache to be discarded upon client start.
      (RT #131655)

Linux clients

    * Support Linux kernels up to 3.10

    * Fixed two bugs making it impossible to unmount a disk cache filesystem
      after it has been used by the client. (RT #131613)

    * Fixed a bug that could cause an oops with kernels 3.6 and later


    * Improved support for OpenBSD 4.9 to 5.3

OpenAFS 1.6.3

  This release number had to be skipped for technical reasons.
   2013-04-08 13:17:26 by Blue Rats | Files touched by this commit (109)
Log message:
Remove "Trailing empty lines." and/or "Trailing white-space."
   2013-03-04 20:39:41 by Jonathan A. Kollasch | Files touched by this commit (2) | Package updated
Log message:
Update openafs to 1.6.2.

Upstream release notes:
                       User-Visible OpenAFS Changes

OpenAFS 1.6.2

  All platforms

    * Fix buffer overflows in fileserver and ptserver.

    * Abort an rx connection when given an unknown service (Gerrit 7593).

    * "idle dead" behavior improvements.

    * Documentation updates.

  All server platforms

    * Fix rare file corruption during background sync (Gerrit 8796).

    * Fix corrupting clients' metadata cache during certain errors (Gerrit

    * Avoid saying a volume doesn't exist when accessed as the volume is
      going offline (Gerrit 7488).

    * Fix fileservers to properly report >2 TiB partitions.

    * Fix stale volume info from vos examine on non-DAFS filservers.

    * Fix possible volume corruption with vos convertROtoRW.

    * Fix bosserver to preserve all command-line options over restart.

    * Fix bosserver to properly kill hung processes during shutdown.

  All UNIX client platforms

    * Fixes for memcache, especially on Solaris.

    * Increase the size of the DNS resolver answer buffer to allow sites
      with a long response list to use SRV and AFSDB records.

    * Fix a crash when a server appears to run out of addresses (Gerrit

    * Fix cache corruption when reading from a file another client is
      simultaneously writing to (Gerrit 7994).

    * Improve handling of disk cache disk errors.


    * fix DKMS configuration for DKMS 2.2.

    * Avoid generating inode number 0 with md5 inodes (Gerrit 7276).

    * Fix a crash when reading /proc/fs/openafs/unixusers (Gerrit 7914).

    * Make PAG-less access use the real UID of the calling process
      instead of the effective UID, when determining what credentials to
      use (Gerrit 7931).

    * Fix possible abuse of fs mkmount.
      Prior to 1.6.2, users could crash a client by nesting volume mounts.

    * Fix fileserver memory corruption on RHEL 6
      Prior to 1.6.2, fileservers on RHEL 6 may crash under heavy load.

    * Fix client page cache corruption on Linux
      When multiple clients read and write to a file, the reading client
      may see first page (4096 bytes) of a file as nulls.

    * Support Linux kernels up to 3.7.

    * Support newer glibc versions.

    * Improve client systemd unit file.

    * Update Red Hat packaging.

  OS X

    * Fix crashes on shutdown.

    * Prevent unloading the module before shutdown completes.

    * Security improvement for the OpenAFS preference pane.


    * Support newer versions of the Sun Studio compiler software.

    * Support compiling on newer versions of Solaris 11 and Solaris 10.
   2012-12-01 16:22:32 by Jonathan A. Kollasch | Files touched by this commit (13) | Package updated
Log message:
Update OpenAFS to 1.6.1.

Upstream release notes for 1.6.0 and 1.6.1:

            OpenAFS Release Notes - Version 1.6.1
All server platforms: Critical bugfixes.
All systems: Major bugfixes.

Sites running 1.6.0 fileserver are urged to update immediately to
avoid data loss.

Sites running 1.6.0 UNIX clients are urged to update immediately to
avoid excess network traffic.

All platforms:

- Updated idle dead handling to avoid issues with retrying
  calls which could succeed but error and then error on a retry.

- libafscp updates.

- uafs userspace cache manager updates.

All server platforms:

- A bug which can lose data on a fileserver for volumes which are
replicated or backed up has been fixed. Sites running 1.6.0 are urged to
upgrade immediately! (130295)

- Fix salvaging of volumes with large numeric IDs.

- Further correct tracking of alternate and changed addresses in
  the fileserver.

- Do not perform Rx keepalives during disk IO to allow timeouts
  to occur in event IO cannot complete.

- Properly associate link tables recreated during salvage with the volume
  group ID.

- Demand attach: better error handling during volume attachment.

- Confirm vnode lengths are as expected during fileserver operations.

- Demand attach: better handling of volumes being passed for salvage
  and being returned from salvage.

- Conditions which cause a restored volume to immediately need salvage
  are now properly tracked.

- Bosserver properly honors rxbind mode.

- Ensure salvager returns volumes to fileserver even when
  no applicable vnodes are found.

- DAFS: perform additional verification of data restored about
  clients and callbacks.

All UNIX platforms:

- Correct handling of server NAT pings to avoid unnecessary growth of
  NAT ping traffic.

- Fix hard mount retry behavior to retry all servers.

- Several lock order inversions which could deadlock fixed.

- Handle issues updating mtab.

- Fix fs setserverprefs to work again for DB servers.


- Track kernel API changes for 9.0


- Support for kernel versions through 3.4.

- Avoid potential panic due to an error being returned as a positive
  number when doing inode operations.

- Fix vcache lock ordering during readdir.

- Updated RPM packaging.

- Updated dkms support.

- Updated systemd support.


- Fix panic at shutdown due to not stopping network listener.

- Updated Kerberos support for additional issues in Lion.


- Updated support for 5.0 userspace binaries.

- Add support for 6.0.


- Avoid panic on shutdown when mount failed.

- Disable SSE instructions when compiling to avoid panics on non-SSE hosts.


- Properly handle VNOSERVICE, which indicates a fileserver has
  done an idle timeout of a call.

- Improved tracking of volume groups.

- Do not recycle buffers in the current file if they are in the active chunk
  and up to date.

- Support Windows 7 Advanced Firewall.

- Default to maximum 2 CPUs unless registry overrides.

- Failover and retry for VBUSY.

- Properly fetch unix mode when requested.

            OpenAFS Release Notes - Version 1.6.0
All UNIX systems: Security bugfixes.
All systems: Major bugfixes.

All platforms:

- Rx NAT pings are not enabled until peer has answered.

- Numerous fixes to command argument parsing.

All server platforms:

- Avoid crashing on host table exhaustion. Instead, defer clients.

All UNIX platforms:

- Rx connection reference counting is enabled.

- An Rx connection reference count leak is fixed in bulkstat.

- Handle unparsable directory objects.

- Handle Kerberos cred cache errors in aklog.


- Init script properly returns status as exit code.

- RPM packaging fixes (executable libraries, no postinstall message)

- Kill i386 from RPM packaging.


- Fix 32 bit Lion client support.

- Avoid panic when doing FSEvent synthesis.

- Fix bug when using non-dynroot.

- Update Kerberos support in PreferencesPane.


- Avoid panic on shutdown when mount failed.


- Add shutdown message to event log.

- Check offline volume status by policy rather than on each daemon thread

- Return error on directory object not found instead of crashing.

- Improve error message output.

- afslogin.dll can start afsd_service if it's not starting or started.

- Optimize away release lock RPCs for deleted files.

- Background Daemon will not perform operations on deleted files.

- Resort recently used directories to the top of the LRU if the directory
  is larger than the stat cache.

- Resort deleted objects to the bottom of the LRU.

- Use interlocked operations for state and queue fields to allow safe
  bit set and clear on multiprocessor systems.


All platforms:

- Substantial Rx updates to correct erroneous behavior.

- Salvager tries harder to detect linktable issues.

- Additional documentation.

- xstat tools now cope with differing timeval structures between endpoints.

All UNIX platforms:

- New build targets to make distribution tarfiles (make dist) and
  srpms (srpm).

Demand Attach Fileserver platforms:

- Don't attach volumes with special status set.


- Avoid panic at shutdown due to vcache flushing.

- Support virtual network stacks.


- Treat Linux 3.0 as Linux 2.6 for sysname purposes.

- Attempt to properly handle SELinux in packaging.


- MacOS 10.7 support.


- Try harder to avoid deadlocks on file-larger-than-cache operations.


- Add support for NTFS symlinks.

- Handle file search requests for virtual syscall ioctl file.

- Process SyncOps properly to enforce ordered operations.

- Avoid recursing during NewServer operations.

- Correct lock acquisition order during SMB locking.


All UNIX platforms:

- Fall back to afs3-vlserver SRV record values when afs3-ptserver SRV
  record is not available.

- Avoid holding unneeded locks when probing server capabilties.

- Do not attempt page flushes for directories.

Demand Attach Fileserver platforms:

- Unlink fileserver state file on standalone salvage.


- Support for virtual network stacks.


- Further corrections to Redhat packaging.

- Avoid showing files larger than one cache chunk size as full of NULLs.
  (129880) This bug was in unissued pre5 only, not in pre4.

- Fix lockup in 2.6.38 due to erroneous kernel feature configure test.


- Rework logic for bulk status operations to avoid a potential hang.


- Don't leave dangling function references if kernel extension fails to load.


- aklog supports dotted Kerberos v5 principal names.

- afskfw library always attempts afs/cell@USER-REALM

- afskfw library must test return code from
  krb5_cc_start_seq_get() or will trigger a null
  pointer exception when using Heimdal.

- lock protected fields must be 32-bit in order
  to avoid memory overwrite races.


All server platforms:

- Avoid leaking references to hosts during callback break multi-Rx
  operations. (129376)

All UNIX platforms:

- Avoid a potential deadlock (which times out) when we need to allocate more
  callback returns and must flush some already in use.

- Deal with libcom_err conflicts with other packages using it (e.g. krb5)


- Fix PAG usage to track by PAG identifier, not group list.


- Properly create new vnodes to avoid crashing in the client.


- Support 2.6.39.

- Avoid attempting to free stat cache entries when we are below user-specified
  number of entries in use.

- Properly track user-specified number of stat cache entries to use as a
  desired usage target.

- Don't read pages beyond EOF in the cache. (128452)


- Properly shut down AFS, closing the Rx socket in the upcall handler to
  avoid attempting to process data after we can no longer do so.


- Updates for platform support.


- Fix caching of non-existent volumes.  The test to
  trigger an immediate CM_ERROR_NOSUCHVOLUME in
  cm_UpdateVolumeLocation() was backwards.

- Prevent the background daemon from checking the
  status of non-existent volumes.  cm_CheckOfflineVolumes()
  should skip volume groups with the CM_VOLUMEFLAG_NOEXIST
  flag set.

- The afskfw library should return an error immediately
  if the krb5_32.dll library cannot be loaded.  Affects
  afslogon.dll and afscreds.exe.

- No longer depend on leashw32.dll in afskfw library.

- NPLogonNotify must provide the user password in all
  calls to KFW_AFS_get_cred().  It cannot count on a
  credential cache being preserved between calls.  Permits
  tokens to be acquired for all cells listed in the
  TheseCells registry value for a domain.

- Improve the trace logging from NPLogonNotify().

- Avoid a race when writing the cm_scache_t mountPointString
  when acquiring mount point or symlink target data via
  cm_GetData().  The race could result in bogus target
  data being cached.

- Permit the use of des-cbc-md5 and des-cbc-md4 enctypes
  as DES keys in asetkey.exe.


All server platforms:

- A file descriptor leak which could result in corrupted files
  in the fileserver was fixed. An IMMEDIATE upgrade from previous
  1.6 release candidates as well as 1.5 release fileserver is

- Properly support large volume numbers (larger than 2147483647).

All platforms:

- Documentation updates.

Demand Attach Fileserver platforms:

- Allow salvager to be run manually again when DAFS is being used. (129458)


- New RC script, updated packaging.


- Improve RPM building tools.

- setpag() errors are now properly reported.


- Preferences Pane behavior fixed for 1.6 series (version detection
  is used to select default behavior).

- A potential kernel panic during bulkstat operations is fixed. (128511)

- 64-bit MacOS kernel performance is greatly improved. (128934)


- Properly report errors for AFS system call callers.


- Properly create new cell mount points in freelance mode.

- Avoid recursive offline volume checks.


All platforms:

- Revert UUID support in vos.

- pt_util fixed to properly create new databases.

- Rx busy call channel error handling improved.

- MTU discovery now properly shut down on call reset.

- FUSE client support fixed for non-/afs mounts.

All server platforms:

- A deleted volume can now be recreated properly.

- Callbacks are again not broken during whole partition salvages.

- Positional vectored IO fixed for largefile (>2GB) capable systems.

- Fileserver per-client thread usage again properly enforced.

- Anonymous dropbox support improved and drawbacks documented.

Demand Attach Fileserver platforms:

- Ensure vnodes are not reallocated while in use due to volume
  bitmap errors.


- Perform vcache eviction via a fast path before visiting vcaches
  where sleep is needed.


- aklog AuthorizationPlugin now provided.


- Corrected Solaris 11 startup script.

- vcache mappings freed on shutdown to avoid panic.


- icon tray state now conditionally set (128591)


All platforms:

- Documentation updates.

- Don't stop Rx keepalives after an ackall is received, avoiding
  spurious connection timeouts. (128848)

- Don't retry Rx calls on channels returning busy errors. (128671)

- vos will not die with a double free error at command completion.

- Properly enable Rx connection hard timeouts.

- Initialize rx_multi lock before use.

- Avoid spurious crashes when initializing in "backup" client.

All unix platforms:

- Check for /afs existance before starting, unless -nomount is specified.

- Avoid a potential panic when using /afs/.:mount syntax.

- Avoid a panic in memcache mode due to missing CellItems file.

All server platforms:

- Attempt to recovery more quickly from timed out volume release

- Auditing now properly byte order swaps IP addresses when printing.

- vos split now has improved error handling.

- Many changes to again support Windows fileservers.

- During volume removal, data removal speed improved.

- Improve CPU utilization during volume attaching by DAFS.

- In salvager check-only mode, avoid potentially fixing a vnode.

- Fix support for large (greater than 2gb) volume special files.

- Salvager will not crash if multiple or bad volume link tables
  are encountered.

- Avoid erroneous full dump by remembering which sites were out of date
  at the start of the release.


- Remove support for "Giant" lock as we no longer need to use it.

- Don't sleep with AFS GLOCK.

- Properly enable 64 bit long long support.

- Restore support for FreeBSD 7 (128612)

- Fix locking issues at shutdown.


- support through kernel 2.6.38.

- RedHat packaging now properly supports RHEL6.

- Use rx_Readv in cache bypass to improve performance.

- Properly handle 0-length replies during cache bypass operations.

- Properly handle non-contiguous readpage cache bypass operations.

- Do proper locking when transitioning to or from cache bypass.

- Avoid extra runs of vcache freeing routine. (128756)


- Check for unloaded kernel extensions when decoding AFS panics.

- Properly handle setpag errors. PAGs are not supported.

- Disable "get tokens at login" in prefs pane if AD authentication
  plugin is configured.


- support through OpenBSD 4.8.


- Fix support for Solaris pre-10.


- afs_config will not longer set the Tray Icon State
  in the registry if the checkbox is not present in
  the dialog. (128591)

- AFS Explorer Shell Extension now works from folder
  backgrounds.  Overlays for mount points and symlinks
  are present in the dll, but are not registered at present
  by the installers.

- Do not use RankServerInterval registry value as the value for

- When the data version of a mountpoint or symlink changes,
  the target string in the cm_scache_t object must be cleared.

- "fs checkservers" now includes vldb servers in the output
  and only lists multi-homed servers once.  A multi-homed
  server that has at least one up interface is no longer
  considered to be down.

- When asynchronously storing dirty data buffers to the
  file server ensure that (a) the cm_scache_t object and
  the cm_buf_t object are for the same File ID so that
  locking and signalling work properly; and (b) if the
  FID no longer exists on the file server, do not panic,
  just discard the buffer.

- When processing VNOVOL, VMOVED and VOFFLINE errors perform
  server comparisons by UUID or address and not simply by
  cm_server_t pointer.  Otherwise, server failover may not

- Do not preserve status information for cm_scache_t objects
  when the issuing server is multi-homed.

- Giving up all callbacks when shutting down or suspending
  the machine is now significantly faster due to the use
  of an rx_multi implementation.  (This functionality is
  still off by default and must be activated by a registry

- Race conditions were possible when updating the state
  of the cm_volume_t flags and when moving the volumes
  within the least recently used list.

- Ensure that the lanahelper library does not perform a
  NCBRESET of each lan adapter when enumerating the
  current network bindings.  Correcting this permits OpenAFS
  to work on Windows 7 when the network adapter settings

- Fix creation of mount points and symlinks as \\AFS\xxxx


All platforms:

- vos now properly deals with matching sites when servers are multihomed.

All Unix platforms:

- Servers now marked down when GetCapabilities returns error.

- In-use vcache count is now properly tracked.

All server platforms:

- Fix ptserver supergroups support on 64 bit platforms.

- Demand attach salvaging doesn't use freed volume pointers.

- Properly hold host lock during host enumeration in fileserver.


- Fix socket termination on shutdown.

- Support for 7.2, 7.3, 7.4 and 8.2 included.

- References to vcaches are no longer leaked during root or reclaim.


- Define llseek handler to avoid ESPIPE error in 2.6.37.

- Mount interface replaces get_sb (new for 2.6.37, not yet required).

- RedHat init script allows deferring for a new binary restart.

- DEFINE_MUTEX replaces DECLARE_MUTEX for 2.6.37.


- Correct return value from setpag syscall.


- Bug fixes for issues introduced previously in 1.5 series.


- Switch to ioctl() syscall replacement for Solaris 11 since syscall 65
  is not safe.