File RELNOTES-1.8.8 of Package openafs
User-Visible OpenAFS Changes
OpenAFS 1.8.8
All platforms
* Improved documentation, diagnostics and error messages (14311 14326
14331 14367 14399 14419 14420 14427 14434 14436 14437 14438 14439
14440 14502 14516 14518 14546)
* Build fixes, mostly for recent compilers (14217 14298 14299 14668)
* Avoid some potential performance losses in the wire protocol (14503
14514)
* Avoid client connections hanging forever when the server is
restarted while they're active (14504 14505 14506 14507)
All server platforms
* Avoid Rx calls getting stuck on the incoming call queue for busy
servers (14394)
* Avoid a possible salvageserver deadlock (14283)
* Fixed salvageserver's parsing of the "-parallel all<number>" argument
(14285)
* Avoid potential salvager crashes (14515 14614)
* Fix "bos salvage -forceDAFS" when the BosConfig also contains a legacy
'fs' bnode in addition to the 'dafs' bnode (14665)
* Avoid erratic vlserver behaviour due to overflowing the maximum
VLDB size of 2 GB. Log a message and return an error instead (14288)
* Fixed a ptserver issue where 'pts mem -expandgroups' failed when
supergroups were enabled (14345) (RT #135147)
* Take read-only volumes offline while being converted to read-write
ones with "vos convertROtoRW", preventing them from ending up in an
inconsistent state when accessed during the conversion (14433)
* Avoid inconsistent volume states due to interrupted rename operations
and other potential issues (14449 14450)
* Add new variants to asetkey's "delete" command to allow deleting
non-des keys (14293)
* Improved ubik performance and robustness (14141 14142 14365)
* Fixed building the vol-bless utility, which is now also built by
default but still not installed and distributed (14601)
* Fixed parsing of "-cores none" when bosserver is started this way
(14589)
All client platforms
* Avoid crashes or panics when potentially recoverable errors
during cache I/O are encountered (14286)
* Avoid flooding servers with NAT pings, which could happen under
certain circumstances (14364)
* Avoid possible panics during client startup or shutdown (14393 14441)
* Avoid potential buffer overflows by one character in the "bos" client
program and in libadmin client programs (14664 14666 14698)
* Fixed a slow kernel memory leak triggered by retrieving tokens for
userspace commands as an authenticated user (14667 14663) (RT #135238)
* Fixed several potential problems in "aklog -keytab" (14478 14479
14480 14481 14482)
* Performance improvements (14391)
* Avoid unexpected "cold" shutdowns upon umount /afs on platforms
which should perform a "warm" shutdown by default (14610)
* Avoid memory leaks during shutdown (14615 14616)
* Fixed building the afscp utility, which is still not built by default
though (14627)
Linux clients
* Support mainline kernels up to and including 5.13 (14267 14268 14269
14315 14563 14564 14565) (RT #135242)
Note that as of mainline kernel 5.13, OpenAFS currently won't build
on PowerPC due to a new ABI restriction.
* Avoid failures of cache I/O operations in the context of tasks
restricted by security mechanisms like AppArmor (14082 14099)
* Avoid a crash while loading the kernel module when reading from
/proc/fs/openafs/CellServDB before afsd has started (14284)
* Avoid more possible causes of getcwd() failures (14451)
* Restore the -setpag functionality in some older utilities like klog
(14327 14328)
macOS
* Added support for release 11.0 "Big Sur" (14597 14598 14605 14600)
FreeBSD
* Support releases 11.2, 12.1, 12.2 (14520 14537 14590)
* Add a wide range of FBSD specific fixes and improvements (14521..36)
OpenAFS 1.8.7
All platforms
* Fix initial Rx Connection ID (CID) generation.
Remove stale initialization and overflow detection logic that resulted
in connection failures due to all CIDs being set to 0x80000002.
(14493, 14494, 14497)
OpenAFS 1.8.6
All platforms
* Address warnings and errors encountered when building OpenAFS with
modern compilers like gcc9 or recent clang (13727..45 13749..50 13756
13846 13879)
* Avoid some rare cases of Rx calls getting stuck in the incoming queue
(13892)
* Display the usage of simple commands (commands without subcommands) when
run only with the -help option (13894)
* Fix a memory leak in the cache manager and the fileserver while
processing "fs uuid" or "fs setcbaddr" (13899)
* Fix a memory leak when reopening krb local realms configuration (13900)
* Avoid possible crashes when freeing kerberos contexts (13902)
All server platforms
* Do not leave empty directories behind in the file server vice partition
when running the "vos zap -force" command (13897)
* Fix "vos zap -force" failures when the volume being zapped does not have
an entry in the fileserver's volume group cache (e.g., during fileserver
startup) (13896)
* Relax the length limits on some membership lists used in ptserver RPCs,
introduced in release 1.8.0 to prevent denial of service attacks, to
accommodate use cases of some larger existing sites (13844)
* Improved diagnostics and error messages (13898 13906..8 13938)
* Ensure that fileservers running in readonly mode actually reject all
write requests, but introduce a -admin-write switch allowing writes
by members of the system:administrators group (14018 14019)
All client platforms
* Require the -insecure_des switch to be passed to aklog and klog.krb5
to make them work with single-DES encryption types (13791)
* Avoid a panic due to a retryable error - retry in a background request
instead (13847)
* Avoid blocking other functions on the completion of some potentially
long-running RPCs issued by the server (13893)
* Fix a potential memory leak in "fs getserverprefs" when the pioctl fails
with E2BIG (13895)
* Avoid the local cache incorrectly reflecting the state of a file on the
fileserver after flushing large chunks of data to the server. This
issue was present on FreeBSD clients, but probably not Linux/Solaris
ones (13951) (RT #135041)
* After a VLDB lookup of a read-write volume already failed, don't bother
looking up corresponding read-only or backup volumes since those lookups
are bound to fail, in order to make the client more responsive and
avoid unnecessary load on the vlserver (13968)
* Allow a "vos rename" to succeed if the new volume name is the same as
that in the current VLDB, to make it possible to complete a previously
interrupted volume rename (14055)
* Allow processes which are sleeping due to PAG throttling to be killable
(13974).
* Fix set PAG failures due to signals (13975).
Linux clients
