./filesystems/openafs, File system for sharing, scalability and transparent data migration

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.6.21, Package name: openafs-1.6.21, Maintainer: gendalia

AFS is a distributed filesystem product, pioneered at Carnegie Mellon
University and supported and developed as a product by Transarc
Corporation (now IBM Pittsburgh Labs). It offers a client-server
architecture for file sharing, providing location independence,
scalability and transparent migration capabilities for data. IBM
branched the source of the AFS product, and made a copy of the source
available for community development and maintenance. They called the
release OpenAFS.


Required to build:
[pkgtools/cwrappers]

Package options: namei, server, supergroups

Master sites:

SHA1: ea48a2fde9ed4732e8041216c9e24dd500e24ea4
RMD160: 834b42debfcbf0a003280ac0300b3af65625ad48
Filesize: 14338.864 KB

Version history: (Expand)


CVS history: (Expand)


   2017-07-21 03:39:33 by Sevan Janiyan | Files touched by this commit (3) | Package updated
Log message:
Update to 1.6.21

            User-Visible OpenAFS Changes

OpenAFS 1.6.21

  All platforms

    * Avoid a possible 100ms transmit delay in the RX protocol when a peer's
      receive window transitions from closed to open (12627)

    * Documentation improvements (12476 12477 12559[RT #133339])

  All server platforms

    * When bosserver is started with an unknown option, print an error message
      and exit with a non-zero value rather than failing silently (12631)

  All DB server platforms

    * Hold the DB lock while checking for an aborted write transaction (12516)

  All file server platforms

    * On demand attach fileservers, don't save or restore a client's host
      state if CPS ("Current Protection Subdomain") recalculation for it is
      in progress, to avoid fileserver thread exhaustion (12568)

    * On demand attach fileservers, avoid flooding the log with error messages,
      which could happen when the fileserver was restarted while a volume was
      offline (12569)

    * Update a volume's "Last Update" time when its content is modified by
      the salvager, to make the change visible in the output of "vos \ 
examine"
      and to backup services (12633)

  All client platforms

    * Corrected the DCentries bucket counts for very large and zero length
      files in the output of "fs getcacheparms -excessive" (12604 12605)

    * Fixed a bug that prevented users with GID 2748 and 2750 from executing
      the "fs sysname" command on clients running afsd with -rmtsys (12607)

    * Provide a new -inumcalc switch for afsd to allow enabling the alternative
      MD5 method of inode number calculation, which was previously only
      possible on Linux and through the sysctl interface (12608 12632)

  Linux clients

    * Support for mainline kernel 4.12 and distribution kernels with backports
      from it (12624 12626)

    * Re-added the improved algorithm for freeing unused vcaches to reduce
      memory consumption first introduced with the 1.6.18 release, together
      with a fix for the issue leading to its removal in 1.6.18.2 (12448..12451)

  macOS clients

    * Fixed a crash while stopping the client on macOS 10.12 "Sierra" \ 
(12602)
   2016-10-03 10:30:13 by Thomas Klausner | Files touched by this commit (2)
Log message:
Try listing all relevant licenses.
   2016-05-17 12:32:09 by Filip Hajny | Files touched by this commit (36)
Log message:
Use REAL_ROOT_USER/REAL_ROOT_GROUP instead of ROOT_USER/ROOT_GROUP
for all pkgsrc dir/file ownership rules. Fixes unprivileged
user/group names from leaking into binary packages, manifest as
non-fatal chown/chgrp failure messages at pkg_add time.

Bump respective packages' PKGREVISION.
   2016-04-04 14:48:29 by Jonathan A. Kollasch | Files touched by this commit (7) | Package updated
Log message:
Fix build of OpenAFS userland on at least NetBSD/amd64 7.0.
Hopefully NetBSD/x86 -current also works.

Should merely be a build fix, but bump PKGREVISION anyway.

This commit allocates sysname numbers that have not yet been submitted
upstream.
   2016-03-18 18:11:37 by Jonathan A. Kollasch | Files touched by this commit (2) | Package updated
Log message:
Update OpenAFS to 1.6.17, fixes security vulnerabilities.

                       User-Visible OpenAFS Changes

OpenAFS 1.6.17 (Security Release)

  All server platforms

    * Fix for OPENAFS-SA-2016-001: foreign users can create groups as
      if they were an administrator (RT #132822) (CVE-2016-2860)

  All client platforms

    * Fix for OPENAFS-SA-2016-002: information leakage from sending
      uninitialized memory over the network.  Multiple call sites
      were vulnerable, with potential for leaking both kernel and
      userland stack data (RT #132847)

    * Update to the GCO CellServDB update from 01 January 2016 (12188)

  Linux clients

    * Fix a crash when the root volume is not found and dynroot is not
      in use, a regression introduced in 1.6.14.1 (12166)

    * Avoid introducing a dependency on the kernel-devel package corresponding
      to the currently running system while building the srpm (12195)

    * Create systemd unit files with mode 0644 instead of 0755
      (12196) (RT #132662)

OpenAFS 1.6.16

  All platforms

    * Documentation improvements (11932 12096 12100 12112 12120)

    * Improved diagnostics and error messages (11586 11587)

    * Distribute the contributor code of conduct with the stable release (12056)

  All server platforms

    * Create PID files in the right location when bosserver is started with
      the "-pidfiles" argument and transarc paths are not being used \ 
(12086)

    * Several fixes regarding volume dump creation and restore (11433 11553
      11825 11826 12082)

    * Avoid a reported bosserver crash, and potentially others, by replacing
      fixed size buffers with dynamically allocated ones in some user handling
      functions (11436) (RT #130719)

    * Obey the "-toname" parameter in "vos clone" operations \ 
(11434)

    * Avoid writing a loopback address into the server CellServDB - search
      for a non-loopback one, and fail if none is found (12083 12105)

    * Rebuild the vldb free list with "vldb_check -fix" (12084)

    * Fixed and improved the "check_sysid" utility (12090)

    * Fixed and improved the "prdb_check" utility (12101..04)

  All client platforms

    * Avoid a potential denial of service issue, by fixing a bug in pioctl
      logic that allowed a local user to overrun a kernel buffer with a single
      NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312)

    * Refuse to change multi-homed server entries with "vos changeaddr",
      unless "-force" is given, to avoid corruption of those entries \ 
(12087)

    * Provide a new vos subcommand "remaddrs" for removing server \ 
entries, to
      replace the slightly confusing "vos changeaddr -remove" (12092 12094)

    * Make "fs flushall" actually invalidate all cached data (11894)

    * Prevent spurious call aborts due to erroneous idle timeouts (11594)

    * Provide a "--disable-gtx" configure switch to avoid building and
      installing libgtx and its header files as well as the depending
      "scout" and "afsmonitor" applications (12095)

    * Fixed building the gtx applications against newer ncurses (12125)

    * Allow pioctls to work in environments where the syscall emulation
      pseudo file is created in a read-only pseudo filesystem, like in
      containers under recent versions of docker (12124)

  Linux clients

    * In Red Hat packaging, avoid following a symbolic link when writing
      the client CellServDB, which could overwrite the server CellServDB,
      by removing an existing symlink before writing the file (12081)

    * In Red Hat packaging, avoid a conflict of openafs-debuginfo with
      krb5-debuginfo by excluding our kpasswd executable from debuginfo
      processing (12128) (RT #131771)
   2015-11-04 18:41:21 by Alistair G. Crooks | Files touched by this commit (78)
Log message:
Remove duplicate SHA512 digests that crept in.
   2015-11-03 01:15:02 by Alistair G. Crooks | Files touched by this commit (39)
Log message:
Add SHA512 digests for distfiles for filesystems category

Existing SHA1 digests verified, all found to be the same on the
machine holding the existing distfiles (morden).  Existing SHA1
digests retained for now as an audit trail.
   2015-10-28 20:43:01 by Jonathan A. Kollasch | Files touched by this commit (2) | Package updated
Log message:
update openafs to 1.6.15

OpenAFS 1.6.15 (Security Release)

  All client and server platforms

    * Fix for OPENAFS-SA-2015-007 "Tattletale"

      When constructing an Rx acknowledgment (ACK) packet, Andrew-derived
      Rx implementations do not initialize three octets of data that are
      padding in the C language structure and were inadvertently included
      in the wire protocol (CVE-2015-7762).  Additionally, OpenAFS Rx in
      versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0
      through 1.7.32 include a variable-length padding at the end of the
      ACK packet, in an attempt to detect the path MTU, but only four octets
      of the additional padding are initialized (CVE-2015-7763).