commit 6ffe15c832435472510895df918c23720476c587 Author: Stephan Wiesand Date: Wed Dec 2 14:09:21 2015 +0100 Make OpenAFS 1.6.16 Update version strings for release 1.6.16. Change-Id: If6f4e230a3a7f6deacd139f99f727d72d01a75ef Reviewed-on: http://gerrit.openafs.org/12121 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Stephan Wiesand commit 4bb4602c71ac53e5603f65e40e28bc6bcec835aa Author: Stephan Wiesand Date: Mon Dec 14 15:11:37 2015 +0100 Update NEWS for 1.6.16 Release notes for OpenAFS 1.6.16 Change-Id: I5c1676b2bad4e94039691fb17f33fb5e278fadbf Reviewed-on: http://gerrit.openafs.org/12131 Reviewed-by: Benjamin Kaduk Tested-by: Benjamin Kaduk Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 2ef863720da4d9f368aaca0461c672a3008195ca Author: Mark Vitale Date: Fri Aug 7 11:56:16 2015 -0400 afs: pioctl kernel memory overrun CVE-2015-8312: Any pioctl with an input buffer size (ViceIoctl->in_size) exactly equal to AFS_LRALLOCSIZE (4096 bytes) will cause a one-byte overwrite of its kernel memory working buffer. This may crash the operating system or cause other undefined behavior. The attacking pioctl must be a valid AFS pioctl code. However, it need not specify valid arguments (in the ViceIoctl), since only rudimentary checking is done in afs_HandlePioctl. Most argument validation occurs later in the individual pioctl handlers. Nor does the issuer need to be authenticated or authorized in any way, since authorization checks also occur much later, in the individual pioctl handlers. An unauthorized user may therefore trigger the overrun by either crafting his own malicious pioctl, or by issuing a privileged command, e.g. 'fs newalias', with appropriately sized but otherwise arbitrary arguments. In the latter case, the attacker will see the expected error message: "fs: You do not have the required rights to do this operation" but in either case the damage has been done. Pioctls are not logged or audited in any way (except those that cause loggable or auditable events as side effects). root cause: afs_HandlePioctli() calls afs_pd_alloc() to allocate two two afs_pdata structs, one for input and one for output. The memory for these buffers is based on the requested size, plus at least one extra byte for the null terminator to be set later: requested size allocated ================= ================================= > AFS_LRALLOCSIZ osi_Alloc(size+1) <= AFS_LRALLOCSIZ afs_AllocLargeSize(AFS_LRALLOCSIZ) afs_HandlePioctl then adds a null terminator to each buffer, one byte past the requested size. This is safe in all cases except one: if the requested in_size was _exactly_ AFS_LRALLOCSIZ (4096 bytes), this null is one byte beyond the allocated storage, zeroing a byte of kernel memory. Commit 6260cbecd0795c4795341bdcf98671de6b9a43fb introduced the null terminators and they were correct at that time. But the commit message warns: "note that this works because PIGGYSIZE is always less than AFS_LRALLOCSIZ" Commit f8ed1111d76bbf36a466036ff74b44e1425be8bd introduced the bug by increasing the maximum size of the buffers but failing to account correctly for the null terminator in the case of input buffer size == AFS_LRALLOCSIZ. Commit 592a99d6e693bc640e2bdfc2e7e5243fcedc8f93 (master version of one of the fixes in the recent 1.6.13 security release) is the fix that drew my attention to this new bug. Ironically, 592a99 (combined with this commit), will make it possible to eliminate the "offending" null termination line altogether since it will now be performed automatically by afs_pd_alloc(). [kaduk@mit.edu: adjust commit message for CVE number assignment, reduce unneeded churn in the diff.] Change-Id: I0299274c6d879f95c9b40cc85859294c26c410d7 commit 7029ed89b65e8bc903f09773f3be6fb995d18b8f Author: Chas Williams <3chas3@gmail.com> Date: Wed Dec 2 10:38:42 2015 -0500 Open syscall emulation file O_RDONLY As reported on the -info mailing list, docker is now exporting the /proc filesystem as read only. ioctl() doesn't need write permissions to do its work, so change O_RDWR to O_RDONLY. Reviewed-on: http://gerrit.openafs.org/12122 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Benjamin Kaduk (cherry picked from commit 359e1f2a25d242984229edfb378c0b95c3ee8570) Change-Id: I5ec9262a30c1aa40604e1265b4da00f4597c1cc8 Reviewed-on: http://gerrit.openafs.org/12124 Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit 28a06cd8e4a8f57ddfc52a570b63b5ccf85bfc7b Author: Brandon S Allbery Date: Tue Nov 24 16:39:02 2015 -0500 gtx: use getmaxyx() with sensible fallbacks configure now checks for the standard getmaxyx() macro; failing that, it looks for the older but pre-standardization getmaxx() and getmaxy(), then falls back to the 4.2BSD curses _maxx and _maxy fields; if all else fails, gtx building is disabled. gtx now defines getmaxyx() itself if necessary, based on the above. This also fixes a bug in gtx with all ncurses versions > 1.8.0 on platforms other than NetBSD and OS X: gtx was using the _maxx and _maxy fields, which starting with ncurses 1.8.1 were off by 1 from the expected values. As such, behavior of scout and/or afsmonitor may change on most ncurses-using platforms. Reviewed-on: http://gerrit.openafs.org/12107 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Benjamin Kaduk (cherry picked from commit b800f7d9bd5ea390ab330c1c0c38ac8277eb9998) Change-Id: Ia42eb33a963aa15131511c07ef4823f3f061a762 Reviewed-on: http://gerrit.openafs.org/12125 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit 5eaca907f2afa6f1a3bfbbae5e7985401d7ff3ad Author: Stephan Wiesand Date: Tue Dec 8 13:13:47 2015 +0100 redhat: exclude kpasswd from debuginfo processing While kpasswd was in the separate openafs-kpasswd package to avoid clashing with the krb5 executable, openafs-debuginfo still conflicted with krb5-debuginfo. Remove the x-bits from kpasswd in %install to make debuginfo processing ignore it, and add them back in the %files list. Make kapasswd a copy rather than a hard link to have it processed in the usual way. This is a 1.6-only change. On the master branch, this issue is fixed by commit 4e3ceaccd9dc2b6e6a20e938d82af1ebaa2c43c8 which however removes kpasswd altogether and is thus considered inapproriate for the stable release series. FIXES 131771 Change-Id: Icd940e3f5da133a98401c7a28ed6ee0c637bf602 Reviewed-on: http://gerrit.openafs.org/12128 Reviewed-by: Michael Meffie Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Tested-by: Stephan Wiesand Reviewed-by: Marcio Brito Barbosa Reviewed-by: Stephan Wiesand commit 2eeff84fd318c0bbe5754c7503cace4748a7dee6 Author: Michael Meffie Date: Tue Mar 31 11:08:34 2015 -0400 doc: remove unimplemented -showsuid and -showmounts from the salvageserver man page These options were copied from the salvager man page and are not implemented by the salvageserver. Reviewed-on: http://gerrit.openafs.org/11817 Reviewed-by: Perry Ruiter Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit fb91be7759605bb4ea5b4dd3ce089df1141c431a) Change-Id: I615a9a972d5a4a798ba9caae2ee7fd1562081a56 Reviewed-on: http://gerrit.openafs.org/12120 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Stephan Wiesand commit a456e0af43bd83135b5903cbb632a28489608ce5 Author: Michael Meffie Date: Tue Mar 31 11:04:26 2015 -0400 doc: add syslog options to salvageserver man page Add the missing -syslog and -syslogfacility options to the salvageserver man page. Reviewed-on: http://gerrit.openafs.org/11816 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit e4bae29efc3d370d1eaf6d954c63c324094c48e5) Change-Id: I7501b801a49219a1a47d98516426661ad32a8102 Reviewed-on: http://gerrit.openafs.org/12112 Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit e3f17f794403ccdb97937e706bbd6a9acf7af29a Author: Stephan Wiesand Date: Tue Nov 3 13:25:45 2015 +0100 Make OpenAFS 1.6.16pre1 Update version strings for 1.6.16 prerelease. Change-Id: If59033fb6fad94e2c23d732ea17d2399b3ce6c05 Reviewed-on: http://gerrit.openafs.org/12080 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 501011de89869fb9d615e8e0015a19f77b6ffe08 Author: Stephan Wiesand Date: Tue Nov 17 18:54:46 2015 +0100 Update NEWS for 1.6.16pre1 A first stab at 1.6.16 release notes Change-Id: I32c8c583a6a3122ab4d4774803246cae0a372d18 Reviewed-on: http://gerrit.openafs.org/12099 Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit cbc3f0813406af5becc516cbf462645f5f2819ff Author: Michael Meffie Date: Tue Feb 17 21:54:46 2015 -0500 prdb_check: fix out of bounds array access in continuation entries A continuation entry (struct contentry) contains 39 id elements, however a regular entry (struct prentry) contains only 10 id elements. Attempting to access more than 10 elements of a regular entry is undefined behavior. Use a stuct contentry when when processing continuation entries in prdb_check. This is done to safely traverse the id arrays of the continuation entries. Use the new pr_PrintContEntry to print continuation entries. The undefined behavior manfests as a segmentation violation in WalkNextChain() when built with GCC 4.8 with optimization enabled. Reviewed-on: http://gerrit.openafs.org/11742 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 15e8678661ec49f5eac3954defad84c06b3e0164) Change-Id: Ifc0682cd2b6b1590b10c44ccdda181fd4227c1c2 Reviewed-on: http://gerrit.openafs.org/12104 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit 246338ef17620111ad50383b7fb5a65b8c369f67 Author: Michael Meffie Date: Tue Feb 17 20:58:27 2015 -0500 prdb_check: check for continuation entries in owner chains Continuation entries may not be in owner chains. Fix the comments in WalkOwnerChain (which were probably copied from WalkNextChain) and add a check and error message for continuation entries found on owner chains. Reviewed-on: http://gerrit.openafs.org/11751 Reviewed-by: Daria Phoebe Brashear Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit 3e9e244d1004972f202490faa0375768959f7690) Change-Id: I8da044e32e6ade0d8d3050ccebf46d1e735e333a Reviewed-on: http://gerrit.openafs.org/12103 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit 687c60bdec2d886b866b8a0cbfa975a20106f9ab Author: Michael Meffie Date: Tue Feb 17 21:11:50 2015 -0500 libprot: add pr_PrintContEntry function A continuation entry (struct contentry) contains 39 id elements, however a regular entry (struct prentry) contains only 10 id elements. Attempting to access more than 10 elements of a regular entry is undefined behavior. Add a new function to safely print continuation entries and change pr_PrintEntry to avoid accessing the entries array out of bounds. The pr_PrintEntry function is at this time only used by the prdb_check and ptclient debugging utilities. Reviewed-on: http://gerrit.openafs.org/11750 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 121ac2d939e19741986ddfbd387b5310c40edd0d) Change-Id: Ifaa5ba1df0e40ae03e5a80fa7f0490196e7e4369 Reviewed-on: http://gerrit.openafs.org/12102 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit 626f2ecf03c069dbd66402a98dd3eb63bfe8e701 Author: Simon Wilkinson Date: Sun Apr 22 10:58:17 2012 +0100 ptserver: Remove PR_REMEMBER_TIMES The #define PR_REMEMBER_TIMES is always true, so remove the #define, and all of the #ifdefs that it triggers Reviewed-on: http://gerrit.openafs.org/7264 Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit 25a5c423a0d12086ab3cc390306bcd0f0324a731) Change-Id: Ifb31d3783ca5caaf11260d37dffab3fd45b435ab Reviewed-on: http://gerrit.openafs.org/12101 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Benjamin Kaduk Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit c9a7bcc0fa587b3df21c761bbf0c2393c636bcc4 Author: Stephan Wiesand Date: Tue Nov 17 15:03:03 2015 +0100 writeconfig: emit error messages again in VerifyEntries Before commit e4a8a7a38dbf29e89bc1a7b6b017447a6aa0c764 an error message was printed if looking up a server hostname failed. Restore this, and also print a message in the now detected case that the lookup returns loopback addresses only. Reviewed-on: http://gerrit.openafs.org/12097 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk (cherry picked from commit f6247f90c9644d7a396531c219c585f705e0c251) Change-Id: I6edc433cbbc8f2d8528501aa30b0aceafb85dbb6 Reviewed-on: http://gerrit.openafs.org/12105 Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit 2371ecd93db57cde2ac000802ed470f30d14e7f5 Author: Michael Meffie Date: Mon Nov 3 19:06:15 2014 -0500 avoid writing loopback addresses into CellServDB Do not use loopback addresses for the server side CellServDB file. Use getaddrinfo() instead of gethostbyname() to look up a list of IPv4 addresses for a given hostname, and take the first non-loopback address. This avoids writing a loopback address into the CellServDB on systems such as Debian, which map the address 127.0.1.1 to the hostname in the /etc/hosts file. Reviewed-on: http://gerrit.openafs.org/11585 Tested-by: BuildBot Reviewed-by: D Brashear (cherry picked from commit e4a8a7a38dbf29e89bc1a7b6b017447a6aa0c764) Change-Id: Ib53b924b49c4c959c2228f953227e37fb94030a9 Reviewed-on: http://gerrit.openafs.org/12083 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 5e90ee976f024891867dcacf0440a1882471f89e Author: Michael Meffie Date: Mon Feb 9 09:37:54 2015 -0500 doc: fix the salvageserver log file name Fix capitialization of the salvageserver log file name. Reviewed-on: http://gerrit.openafs.org/11728 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Stephan Wiesand Reviewed-by: Benjamin Kaduk (cherry picked from commit ef435746d04845753477af8b7d920d66e9dce54f) Change-Id: Iff597d46f9915d2a0c089ac2c8ec66d9ba039344 Reviewed-on: http://gerrit.openafs.org/12100 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Mark Vitale Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit b09ba3ceeff409930dd05cab71999623695e4598 Author: Michael Meffie Date: Wed May 21 17:27:47 2014 -0400 doc: document the version subcommand Document the built-in version sub-command which displays the OpenAFS version string. This sub-command is provided by the cmd library. Document the switch style -version option provided by the cmd library for the initcmd based commands: afsmonitor, scout, xstat_fs_test, and xstat_cm_test. Reviewed-on: http://gerrit.openafs.org/11161 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit ed52ea68c661a7428baeddeca2d95972fe3fe618) Change-Id: Ie7a5194b8c407c8899ae71f168dfbaf5b47a3ae5 Reviewed-on: http://gerrit.openafs.org/12096 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 34af3b8b06462a4298ddd88869c48ac59e884dd8 Author: Michael Meffie Date: Fri Nov 6 11:56:31 2015 -0500 vos: reinstate the -localauth option for vos setaddrs Commit d1d411576cf39c4bc55918df0eb64327718d566c added the vos remaddrs subcommand, but unfortunately stole the common parameters from setaddrs. Fix this bug and remove the extra blank line between the subcommand syntax and the common params macro. Reviewed-on: http://gerrit.openafs.org/12093 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 69d11fd5ee556bb375967d7c41dab39b9c1befbe) Change-Id: I99e6586c8d2b5e2a20bfb404099f6aed950356e7 Reviewed-on: http://gerrit.openafs.org/12094 Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit 475ddc66b902c361e04a7cdf5f4026c9e28aed6d Author: Michael Meffie Date: Mon Nov 17 11:23:38 2014 -0500 vos: remaddrs sub-command Introduce the vos remaddrs sub-command for removing multi-homed server entries from the vldb. The remaddrs sub-command completes the listaddrs and setaddrs command suite and allows vos changeaddr to be deprecated completely. Reviewed-on: http://gerrit.openafs.org/11606 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Daria Brashear Reviewed-by: Jeffrey Altman (cherry picked from commit d1d411576cf39c4bc55918df0eb64327718d566c) Change-Id: I427077559509c9cb658a6758d8b371b744e6c643 Reviewed-on: http://gerrit.openafs.org/12092 Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit 1529791969580c0ae20258cf4f320a07e3e1670d Author: Derrick Brashear Date: Tue Jun 12 14:10:04 2012 -0400 gtx: add configure switch to force not building allow gtx and associated software to be turned off. Reviewed-on: http://gerrit.openafs.org/7552 Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit 5d53c12b95c6ffac6c00e4fec6138a51b6185dd7) Change-Id: I79e3e2116dd244f4561be841beecb7c24eb59a18 Reviewed-on: http://gerrit.openafs.org/12095 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand Tested-by: Stephan Wiesand commit 0fb533dd0befea1db90222f98c6f464a52a8ede4 Author: Michael Meffie Date: Fri Nov 14 16:57:53 2014 -0500 fix byte ordering in check_sysid Several uuid fields as well as the ip addreses in the sysid file are in network byte order. Fix the check_sysid utility to decode these fields properly. In addition, print the server uuid in the common string format used to display uuids, instead of by individual uuid fields. Reviewed-on: http://gerrit.openafs.org/11603 Tested-by: BuildBot Reviewed-by: Daria Brashear (cherry picked from commit 52b8073a6c1ef11f1a47fb26d77efd87425be556) Note: Although this fix is marked as a "cherry-pick", this patch was rewritten for the 1.6 branch since the opr uuid handling functions are not available in the 1.6 branch. Change-Id: I52e74fc28b30f06a8180ff65a8006c9281162fe9 Reviewed-on: http://gerrit.openafs.org/12090 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit efb10d6facd3933a68b167fcdeaff65fbc77461b Author: Michael Meffie Date: Tue Dec 16 19:25:06 2014 -0500 vos: changeaddr refuse to change mh entries without -force Add a client side check to vos changeaddr -oldaddr -newaddr to refuse to change multihomed server entries, unless -force is given. Reviewed-on: http://gerrit.openafs.org/11638 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit 656aaacd01a90f658a5126111af9988fa1854dec) Change-Id: I4eb7e2b3a2e027b5e1368298a274b0328c8b1343 Reviewed-on: http://gerrit.openafs.org/12087 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 38a14a9d3744083d30871e71d58ae4dafb8093b9 Author: Michael Meffie Date: Mon Feb 9 15:04:19 2015 -0500 bozo: fix -pidfiles default Fix the default value for the -pidfiles argument. The pidfiles should be stored in the local state directory, not the server configuration directory when using modern paths. Fixes commit bdf86d245fd55c5c7ac7ea81e3d6b6bafdbe1783. Reviewed-on: http://gerrit.openafs.org/11732 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit df05a15ce3cb1c730bf87613711c38fa25be349f) Change-Id: I61f97e5bae24a1ee38526d0f7ff8560e0b7586b2 Reviewed-on: http://gerrit.openafs.org/12086 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 4833551e2aaf1aa8f1e8a01197af99a9dbfd332a Author: Michael Meffie Date: Sat Nov 8 13:14:27 2014 -0500 vldb_check: rebuild free list with -fix Rebuild the vldb free chain in addition to the hash chains when vldb_check is run with the -fix option. Print a FIX: message for entries added to the free chain. Example vldb with a broken free chain. $ vldb_check vldb.broken address 199364 (offset 0x30b04): Free vlentry not on free chain address 223192 (offset 0x36818): Free vlentry not on free chain address 235180 (offset 0x396ec): Free vlentry not on free chain Scanning 1707 entries for possible repairs $ vldb_check -fix vldb.broken Rebuilding 1707 entries FIX: Putting free entry on the free chain: addr=199364 (offset 0x30b04) FIX: Putting free entry on the free chain: addr=223192 (offset 0x36818) FIX: Putting free entry on the free chain: addr=235180 (offset 0x396ec) Thanks to Kostas Liakakis for reporting this bug. Reviewed-on: http://gerrit.openafs.org/11598 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit 3b9d52b2e8020cce65d55516db36580d58a51f0b) Change-Id: I01987451857b26fb9e87984da85976196145e1dd Reviewed-on: http://gerrit.openafs.org/12084 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 5d5879f469ce2f950a3d99ee85a6142476d02aaf Author: Michael Meffie Date: Mon Sep 29 12:14:24 2014 -0400 vos: preserve cloneId and backupId when restoring Preserve the volume clone and backup ids in the volume header when restoring over an existing volume, instead of always setting the clone and backup ids to zero. For example, before this change, restoring over a volume resets the ROnly and Backup ids reported in the volume header section of vos examine. $ vos examine xyzzy xyzzy 536871023 RW 3 K On-line myhost /vicepa RWrite 536871023 ROnly 536871024 Backup 536871025 ... RWrite: 536871023 ROnly: 536871024 Backup: 536871025 number of sites -> 2 server myhost partition /vicepa RW Site server myhost partition /vicepa RO Site $ cat /tmp/xyzzy.dump | vos restore myhost a xyzzy -overwrite incremental Restoring volume xyzzy Id 536871023 on server myhost partition /vicepa .. done Restored volume xyzzy on myhost /vicepa $ vos examine xyzzy xyzzy 536871023 RW 3 K On-line myhost /vicepa RWrite 536871023 ROnly 0 Backup 0 ... RWrite: 536871023 ROnly: 536871024 Backup: 536871025 number of sites -> 2 server myhost partition /vicepa RW Site server myhost partition /vicepa RO Site Reviewed-on: http://gerrit.openafs.org/11516 Tested-by: BuildBot Reviewed-by: Daria Brashear (cherry picked from commit 7266685a03b12ca03c247623e7ffdc054a017382) Change-Id: Iad0ef8f2d3fa1ef87b87bcbf9f74735ede1c2140 Reviewed-on: http://gerrit.openafs.org/12082 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit a3ac0f52e0c97bd3c3e37322e4759d653e76a82f Author: Michael Meffie Date: Thu Nov 13 12:12:12 2014 -0500 redhat: do not overwite the server CellServDB The bosserver creates a pair of symlinks in the client's configuration directory (/usr/vice/etc) during startup, if the configuration files are not present: /usr/vice/etc/CellServDB -> /usr/afs/etc/CellServDB /usr/vice/etc/ThisCell -> /usr/afs/etc/ThisCell Due to a bug in the bosserver (which is not fixed on 1.6.x), the symlinks are only created when the /usr/vice/etc directory already exists when the bosserver is started. If the bosserver is started before the client is installed (and the /usr/vice/etc directory is present), then the packaging script will write to the symlink CellServDB, overwriting the server's CellServDB with the contents of the client's CellServDB.local and CellServDB.dist files. Also, if the client is started after the bosserver creates the symlinks, the client init script will overwrite the server's CellServDB with the contents of the client's CellServDB.local and CellServDB.dist files. Update the packaging and the client init script to delete this symlink if present, since it is only intended to provide stub configuration for the client utilities while setting up an initial server. Then, the updating of the CellServDB will create a local file, instead of following the symlink and overwriting the server CellServDB. While here, adjust the indentation whitespace to match the tabs below. Reviewed-on: http://gerrit.openafs.org/11601 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot (cherry picked from commit 75d67780b42c1a7bfa506fcd230b28a6f293fcbd) Change-Id: I7f899c7ea35d5df6a2e846a0354717fd51e2eba4 Reviewed-on: http://gerrit.openafs.org/12081 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 3ce1880c08663e07e0b2817c83c011ca7c250bf2 Author: Benjamin Kaduk Date: Wed Sep 17 12:07:02 2014 -0400 Fix disk name initialization in scout Scout needs to initialize names in scout_disk structures to prevent the use of uninitialized data. However, '\0' is a NUL character constant, i.e., the integer value 0, which is interpreted as NULL (the pointer constant) in a pointer context, such as when assigned to a variable of type char*. Since the name field in these structs is passed to printing routines, the safe initialization value is the empty string constant "", not a zero value. Reviewed-on: http://gerrit.openafs.org/11469 Tested-by: BuildBot Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Perry Ruiter Reviewed-by: Jeffrey Altman (cherry picked from commit 57ca77786eb6c04519f9358f1456fdf5b8006757) Change-Id: I970e19c698cc26255cd244671908a631ef959c30 Reviewed-on: http://gerrit.openafs.org/12078 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Michael Meffie Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit b6294fd5f484e933fff627a69032a8c5ef0de568 Author: Anders Kaseorg Date: Sat Aug 1 05:52:59 2015 -0400 src/kauth/krb_udp.c: Remove redundant NULL check for array address Resolves this warning with clang: krb_udp.c:302:13: warning: address of array 'tentry.misc_auth_bytes' will always evaluate to 'true' [-Wpointer-bool-conversion] if (tentry.misc_auth_bytes) { ~~ ~~~~~~~^~~~~~~~~~~~~~~ Reviewed-on: http://gerrit.openafs.org/11964 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 09bf3ebb26a3d8a4bd10571b394a59207a7f6980) Change-Id: I94850d438902c358239142d696fae7206cef55a6 Reviewed-on: http://gerrit.openafs.org/12077 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 9ef3a6ae65bb80d320525ad561e10f960269d182 Author: Jeffrey Hutzelman Date: Tue Jun 18 12:35:36 2013 -0400 userok.c: Fix fixed-size on-stack path buffers Several functions in src/auth/userok.c construct pathnames in fixed size buffers on their stacks. Those buffers are simultaneously too small for the purpose for which they are used and too large to be placed on the stack. This change replaces these fixed-size buffers with dynamically-allocated buffers which are either exactly the right size (due to asprintf) or have size AFSDIR_PATH_MAX. FIXES 130719 Reviewed-on: http://gerrit.openafs.org/9986 Tested-by: BuildBot Reviewed-by: Derrick Brashear (cherry picked from commit 68e02987f62e1c507ddf7fd35847338b130c243d) This file has diverged quite substantially between master and 1.6.x, so though it is marked as a "cherry-pick", this patch was substantially rewritten for the 1.6 branch. In particular, we must use afs_asprintf() since asprintf() is not available everywhere. Change-Id: Iac62cb8293e7b28b422e7401eccb1f26841aff66 Reviewed-on: http://gerrit.openafs.org/11436 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Benjamin Kaduk Reviewed-by: Daria Phoebe Brashear Reviewed-by: Mark Vitale Reviewed-by: Michael Meffie Reviewed-by: Stephan Wiesand commit c1c7f4b58b1eefe7b14e33dd07d75e50d8da609f Author: Stephan Wiesand Date: Tue Aug 4 13:28:35 2015 +0200 vlserver: Use the right variable for error code in SVL_GetStats Commit 6c9fe7f80e4b5d9fb21609ee6743470d39dfb8f5 missed one instance of "code" (as used on the master branch) that should have been changed to "errorcode" (as used on the 1.6 branch) as part of the cherry-pick. Fix this so that the right varlue is returned. This is a 1.6-only change. Change-Id: I97d9ac5961836843b617bab007d0c4d8bed82fef Reviewed-on: http://gerrit.openafs.org/11970 Reviewed-by: Daria Phoebe Brashear Reviewed-by: Mark Vitale Tested-by: BuildBot Reviewed-by: Stephan Wiesand commit 132a4e9db14665f243991578a599f2eae8bc9537 Author: Daria Phoebe Brashear Date: Thu Aug 20 13:20:38 2015 -0400 openafs: add a contributor code of conduct In the interest of fostering a friendly, welcoming environment for contributors, institute a code of conduct for the project. Adapted from the Contributor Covenant. LICENSE MIT Reviewed-on: http://gerrit.openafs.org/11987 Tested-by: BuildBot Reviewed-by: Jonathan A. Kollasch Reviewed-by: Thomas L. Kula Reviewed-by: Nathaniel Filardo Reviewed-by: Michael Meffie Reviewed-by: Marcio Brito Barbosa Reviewed-by: Stephan Wiesand Reviewed-by: Benjamin Kaduk (cherry picked from commit c6a8739a67edca8a7e987bd1f3d5dcc226ad47a0) Change-Id: I797bd8256a8509e3b75c8d5cd708fa5edeab64c4 Reviewed-on: http://gerrit.openafs.org/12056 Tested-by: BuildBot Reviewed-by: Michael Meffie Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 11c4c6394d56f819a2e92b2651525b56707a4970 Author: Benjamin Kaduk Date: Wed Dec 10 14:07:14 2014 -0500 Handle backupDate of zero In older versions of OpenAFS (prior to 2001), the backupDate was never set. Try to provide somewhat more reasonable behavior in this case, by using a different date in that case. Reviewed-on: http://gerrit.openafs.org/11627 Tested-by: BuildBot Reviewed-by: Jeffrey Altman (cherry picked from commit 34e495d69a8831c57cac2ccf18898e63f02c7745) Change-Id: Ia8250ed6e699d2ed8e2b5de7481c54ae65b0718c Reviewed-on: http://gerrit.openafs.org/11826 Reviewed-by: Daria Phoebe Brashear Reviewed-by: Benjamin Kaduk Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 918fc9c4e65638447b24cc0eb603912dd6908234 Author: Hans-Werner Paulsen Date: Wed Sep 17 09:41:16 2014 +0200 use V_creationDate in DumpHeader for R/O volumes This patch modifies a patch committed as 1e6fb1b7b7, the dumpTimes.to is now set to creationDate for R/O volumes. The old value copyDate is wrong, if the R/O volumes is re-cloned. This does not happen with "vos dump -clone", but may happen with dumping a R/O volume directly: "vos dump ". Reviewed-on: http://gerrit.openafs.org/11468 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Daria Brashear Reviewed-by: Benjamin Kaduk (cherry picked from commit cb6de07fb8a12199ad0f1c4990f19074a9a54fcc) Change-Id: I65df02bc4f98d58ba1461d36e79be2f72098ef7c Reviewed-on: http://gerrit.openafs.org/11825 Reviewed-by: Daria Phoebe Brashear Tested-by: BuildBot Reviewed-by: Hans-Werner Paulsen Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit fa308563f98883ca4e0ef51c4c78f4c36a6bc729 Author: Hans-Werner Paulsen Date: Thu Aug 14 11:56:22 2014 +0200 use V_copyDate in DumpHeader for cloned volumes Volume dumps can be created from backup volumes, cloned volumes, or directly from RW volumes. The beginning and end of the time range covered by the dump is recorded in the DumpHeader. The end time is based on the type of the volume. Use backupDate for backup volumes, use copyDate for cloned volumes, and updateDate for RW volumes. Reviewed-on: http://gerrit.openafs.org/11389 Reviewed-by: Jeffrey Altman Tested-by: BuildBot Reviewed-by: D Brashear (cherry picked from commit 1e6fb1b7b7ed32e2035452db9fc221f38a8b4956) Change-Id: I7372a1f46b96c4c42fb45b71f0d71017216f3830 Reviewed-on: http://gerrit.openafs.org/11433 Tested-by: BuildBot Reviewed-by: Hans-Werner Paulsen Reviewed-by: Daria Phoebe Brashear Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 54ccd71286bd7254154d0cc26c286759368ac9b7 Merge: cb18459 3994c23 Author: Jeffrey Altman Date: Wed Oct 28 20:50:58 2015 -0400 Merge tag 'openafs-stable-1_6_15' into openafs-stable-1_6_x OpenAFS 1.6.15 # gpg: Signature made Wed Oct 28 09:48:29 2015 EDT using RSA key ID 497DF878 # gpg: Good signature from "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: aka "Jeffrey Altman " # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: D642 5358 16E2 A515 06F2 C373 DC66 D423 497D F878 commit 3994c23187d42164a1f3d3b5ddedd59525417864 Author: Jeffrey Altman Date: Wed Oct 28 09:06:44 2015 -0400 VERSION: 1.6.15 Update configure version strings for 1.6.15. Change-Id: I1b730216b982b7c327730b1d0cf4061666f0fa8d commit d12f72f1afcdee1076287a7fc41f8abcaae4ddc4 Author: Jeffrey Altman Date: Wed Oct 28 08:49:20 2015 -0400 NEWS: Update for 1.6.15 Security vulnerability release. Document OPENAFS-SA-2015-007. Change-Id: Id36480024fbdac7d3478bec7f3026b2c05bc37f0 commit 9191cdfc9b2f00d320e775031bb3be1173302e5b Author: Jeffrey Altman Date: Thu Oct 8 22:22:12 2015 -0400 rx: OPENAFS-SA-2015-007 "Tattletale" CVE-2015-7762: The CMU/Transarc/IBM definition of rx_AckDataSize(nAcks) was mistakenly computed from sizeof(struct rx_ackPacket) and inadvertently added three octets to the computed ack data size due to C language alignment rules. When constructing ack packets these three octets are not assigned a value before writing them to the network. Beginning with AFS 3.3, IBM extended the ACK packet with the "maxMTU" ack trailer value which was appended to the packet according to the rx_AckDataSize() computation. As a result the three unassigned octets were unintentionally cemented into the ACK packet format. In OpenAFS commit 4916d4b4221213bb6950e76dbe464a09d7a51cc3 Nickolai Zeldovich noticed that the size produced by the rx_AckDataSize(nAcks) macro was dependent upon the compiler and processor architecture. The rx_AckDataSize() macro was altered to explicitly expose the three octets that are included in the computation. Unfortunately, the failure to initialize the three octets went unnoticed. The Rx implementation maintains a pool of packet buffers that are reused during the lifetime of the process. When an ACK packet is constructed three octets from a previously received or transmitted packets will be leaked onto the network. These octets can include data from a received packet that was encrypted on the wire and then decrypted. If the received encrypted packet is a duplicate or if it is outside the valid window, the decrypted packet will be used immediately to construct an ACK packet. CVE-2015-7763: In OpenAFS commit c7f9307c35c0c89f7ec8ada315c81ebc47517f86 the ACK packet was further extended in an attempt to detect the path MTU between two peers. When the ACK reason is RX_ACK_PING a variable number of octets is appended to the ACK following the ACK trailers. The implementation failed to initialize all of the padding region. A variable amount of data from previous packets can be leaked onto the network. The padding region can include data from a received packet that was encrypted on the wire and then decrypted. OpenAFS 1.5.75 through 1.5.78 and all 1.6.x releases (including release candidates) are vulnerable. Credits: Thanks to John Stumpo for identifying both vulnerabilities. Thanks to Simon Wilkinson for patch development. Thanks to Ben Kaduk for managing the security release cycle. Change-Id: I29e47610e497c0ea94033450f434da11c367027c commit cb18459a5dae9559de506d7decf02a636847d0fa Author: Benjamin Kaduk Date: Mon Sep 8 13:47:33 2014 -0400 Tweak AFSDIR_PATH_MAX definition On recent Debian, we run into runtime errors in the test suite because _POSIX_PATH_MAX is only 256, and that buffer is too small for a call to realpath(). Use PATH_MAX if it's available and larger than _POSIX_PATH_MAX, in a way that should be safe even when PATH_MAX is not defined. Reviewed-on: http://gerrit.openafs.org/11453 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Perry Ruiter Reviewed-by: D Brashear Tested-by: D Brashear (cherry picked from commit ec2382e060753dfdcaf84b9ac03e1534c65fcdbc) Change-Id: I37222dcb019ed9593a499b84a3e4ab30b8a9cf9c Reviewed-on: http://gerrit.openafs.org/11588 Tested-by: BuildBot Reviewed-by: Daria Phoebe Brashear Reviewed-by: Jeffrey Altman Reviewed-by: Stephan Wiesand commit 49facf65daeda716dc61ef56b95b4bec99d0f2c1 Author: Andrew Deason Date: Mon Oct 27 16:39:34 2014 -0500 rx: Reset lastSendData when resetting call Currently we use call->lastSendData to attempt to detect a stalled call, if it's been too long since the last time the call sent any data. However, we never initialize lastSendData to anything when creating a new call. This means that when rx_NewCall (or rxi_NewCall) returns, lastSendData can be nonzero. This can happen if we reuse a DALLY call, or if we pull a call off of rx_freeCallQueue. This can be a time very far in the past, since the lastSendData time has not changed since the last time the call was used; it will remain unchanged until a user of the new call writes something to the call stream. This can be a problem between the time when a caller creates a new call with rx_NewCall and when the caller actually writes something to the stream. Between those two times, if lastSendData happens to be set to a time in the past, we may call rxi_CheckCall on that call, and abort the call for being idle. The call will thus be aborted before it even sent any data on the wire. This is of particular concern for multi_Rx calls, since those can create a large number of call structures, possibly introducing a delay between calling rx_NewCall and writing anything to the stream (if one of the later rx_NewCall invocations blocks waiting for an open call channel, for instance, all of the previous allocated calls will stick around unused for potentially a long time). One such multi_Rx call is done by the cache manager, where it periodically uses multi_Rx to call RXAFS_GetCapabilities to probe fileservers for reachability. If this issue occurs during that operation you can see a large number of servers get marked down for code -9 (RX_CALL_IDLE), and then get marked as coming back up. To fix this, set lastSendData to 0 when resetting a call, along with most of the other fields in a call, to indicate that the call has never sent any data. As long as lastSendData is 0, the call will never get aborted with RX_CALL_IDLE, and this situation will be avoided. This ensures that this issue cannot happen, since rxi_ResetCall is guaranteed to be called at some point whenever we reuse a call structure for any reason. Reviewed-on: http://gerrit.openafs.org/11557 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk Reviewed-by: Jeffrey Altman (cherry picked from commit 8c78a44cf5197ceee6907e947074973138c442f0) Change-Id: I1016de366bbd6d3d3cf542b42d7689b60dbacafe Reviewed-on: http://gerrit.openafs.org/11594 Tested-by: BuildBot Reviewed-by: Daria Phoebe Brashear Reviewed-by: Jeffrey Altman Reviewed-by: Stephan Wiesand commit c2005f1ff0052c3a77c39349551441962c100278 Author: Russ Allbery Date: Sat Jun 29 14:27:55 2013 -0700 Fix restorevol crash on corrupt nDumpTimes value If the number of dump times claimed in the volume header was greater than MAXDUMPTIMES, restorevol would happily write over random stack memory and crash. Sanity-check the loaded value and cap it to MAXDUMPTIMES with a warning. Bug found by Mayhem and reported by Alexandre Rebert. Reviewed-on: http://gerrit.openafs.org/10025 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Derrick Brashear (cherry picked from commit d5fb2c2bdccedbd539cb2629cf918d5f37b82c7b) Change-Id: I0b4718afd3c3330581ce5da875f9f8a83fe6b132 Reviewed-on: http://gerrit.openafs.org/11553 Tested-by: BuildBot Reviewed-by: Daria Phoebe Brashear Reviewed-by: Jeffrey Altman Reviewed-by: Benjamin Kaduk Reviewed-by: Stephan Wiesand commit d359431504bfd543e6f38d41656a430b7b8fc2de Author: Hans-Werner Paulsen Date: Tue Aug 26 11:55:06 2014 +0200 vos clone use the value of the -toname argument The -toname argument was not followed with the vos clone command. The name of the clone volume was always ".clone". Reviewed-on: http://gerrit.openafs.org/11431 Tested-by: BuildBot Reviewed-by: D Brashear (cherry picked from commit 65ec004ce5fdca7446f65cb70f720a77a861762c) Change-Id: Iddae8e1531838270e48b8d32ba8d7e82e3441033 Reviewed-on: http://gerrit.openafs.org/11434 Reviewed-by: Benjamin Kaduk Tested-by: BuildBot Reviewed-by: Hans-Werner Paulsen Reviewed-by: Stephan Wiesand commit f7f72c9098477d64394ed0fbd19374d3670447e9 Author: Jeffrey Hutzelman Date: Sun Jun 16 16:28:22 2013 -0400 Ignore return values harder In various places where we intentionally ignore the return values of system calls and standard library routines, this changes the way in which we do so, to avoid compiler warnings when building on Ubuntu 12.10, with gcc 4.7.2 and eglibc 2.15-0ubuntu20.1. Reviewed-on: http://gerrit.openafs.org/9980 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit 73cad3be0a3489237ab7e66d3b12c52ffb0b67d0) Change-Id: I934406d67d7409655a7084894fd231c410d72c58 Reviewed-on: http://gerrit.openafs.org/11715 Tested-by: BuildBot Reviewed-by: Jeffrey Altman Reviewed-by: Daria Phoebe Brashear Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 20093d0b69a02bd3fd243698472422e9239b21f1 Author: Michael Meffie Date: Tue Feb 18 15:23:54 2014 -0500 vos: cross-device link error message Print a better diagnostic message for cross-device link errors, which happens when a clone volume is not in the same partition as the parent read-write volume. Reviewed-on: http://gerrit.openafs.org/10850 Reviewed-by: D Brashear Reviewed-by: Chas Williams - CONTRACTOR Tested-by: BuildBot Reviewed-by: Jeffrey Altman (cherry picked from commit da1597d74a0f56e35a156ec27df231f965934910) Change-Id: I30cb0e87612732bfbce2c001831324d1a9e54409 Reviewed-on: http://gerrit.openafs.org/11587 Reviewed-by: Daria Phoebe Brashear Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand commit 3b93c89863512b17d9fbc6b9e8702d63853ff8bf Author: Michael Meffie Date: Tue Feb 18 13:59:59 2014 -0500 volser: log message for cross-device link errors Add a log entry to the volume server to help diagnose those pesky 'Invalid cross-link device' errors returned by vos, which occur when a clone volume is located in a different partition than the parent read-write volume, or when a read-only volume is on the incorrect partition on the server. With this change, a new log entry is added when the volume server fails to create a clone or a read-write volume because a volume with the target volume id already exists on a different partition. For a clone volume, this would be a different partition than the read-write volume. For a read-only volume, this would be a different partition than indicated in the vldb. Examples: Volume foobar is on /vicepb, but foobar.backup is incorrectly on partition /vicepa. $ vos backup foobar Failed to clone the volume 536870934 : Invalid cross-device link VolserLog: VCreateVolume: volume 536870936 for parent 536870934 found on /vicepa; unable to create volume on /vicepb. 1 Volser: Clone: Couldn't create new volume 536870936 for parent 536870934; clone aborted ... The vldb indicates a read-only volume should be on /vicepa on a remote site, but the actual volume is on /vicepb. $ vos release xyzzy Failed to create the ro volume: : Input/output error The volume 536870921 could not be released to the following 1 sites: mantis /vicepa VOLSER: release could not be completed ... VolserLog on mantis: VCreateVolume: volume 536870922 for parent 536870921 found on /vicepb; unable to create volume on /vicepa. ... Reviewed-on: http://gerrit.openafs.org/10849 Tested-by: BuildBot Reviewed-by: Perry Ruiter Reviewed-by: D Brashear (cherry picked from commit 21a85792c44e2145eea6d10dc31d58028ba933b8) Change-Id: Ib0a8a12e61948ed45b0b0a87723cac8668c987ff Reviewed-on: http://gerrit.openafs.org/11586 Tested-by: BuildBot Reviewed-by: Daria Phoebe Brashear Reviewed-by: Jeffrey Altman Reviewed-by: Stephan Wiesand commit e1655c9027ac60a5df8f9fdddf4add17b845c1e0 Author: Michael Meffie Date: Thu Jun 11 20:28:43 2015 -0400 libafs: reset all the volumes with fs flushall Fix a logic bug in fs flushall in which only the first volume in each hash chain is reset (invalidated). Instead, reset all the volumes in the volume hash. This bug was introduced in commit 4197bbecd9d0b2ff0b8eaec75a0df9a64f713cf0 (libafs: fs flushall for unix cm) Also, when flushing a single volume with fs flushvolume, don't bother searching all the hash chains, instead start on the hash chain containing the volume being flushed. Reviewed-on: http://gerrit.openafs.org/11892 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Jeffrey Altman (cherry picked from commit 82e02157fec248293e7336f0e0b3d1c9da545228) Change-Id: I5dddbaed265ee1ce5dc14e88e22abcb29d96db58 Reviewed-on: http://gerrit.openafs.org/11894 Tested-by: BuildBot Reviewed-by: Mark Vitale Reviewed-by: Stephan Wiesand Tested-by: Stephan Wiesand commit f3131a3535d1871909aac0ea47fe8212f14fc31d Author: Andrew Deason Date: Mon Feb 10 16:23:07 2014 -0600 bozo: Constify bozo_Log 'format' argument We clearly do not need to modify the format string; declare it const. This makes the signature of bozo_Log identical to FSLog, which can make it easier to use these functions interchangeably. Reviewed-on: http://gerrit.openafs.org/10830 Tested-by: BuildBot Reviewed-by: Benjamin Kaduk (cherry picked from commit ed1b1df3c8acf9a2c5d4dface88ac15dcb8d7a2e) Change-Id: I29fb3df82866dc8457d92a0b88eb02ae50879db7 Reviewed-on: http://gerrit.openafs.org/11931 Tested-by: BuildBot Reviewed-by: Perry Ruiter Reviewed-by: Jeffrey Altman Reviewed-by: Stephan Wiesand commit d863f67e0b50a9f6dfc8dc072c42d10a6fceaa9e Author: Benjamin Kaduk Date: Fri Jul 24 22:55:05 2015 -0400 Remove stray underscore from preprocessor conditional AFS_FBSD_110_ENV is not defined anywhere, so this conditional did not behave as expected. Introduced by me in commit e51d3b13c2b208efe72b584b532a28444633feff which was apparently not as well tested as it could have been. Change-Id: I57da8f69ba963b7602092bc524c6435059d8ae12 Reviewed-on: http://gerrit.openafs.org/11944 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Perry Ruiter Reviewed-by: Stephan Wiesand commit 5c7dbe867d2b035449c2aa9011cfe923920a4cf2 Author: Michael Meffie Date: Fri Jun 26 09:09:18 2015 -0400 doc: bosserver runs in the background Since OpenAFS 1.0 bosserver automatically puts itself into the background and removes it's controlling terminal. Update the examples in the Admin and Quick Start Guides to remove the unneeded '&' on the command line to start the bosserver. Reviewed-on: http://gerrit.openafs.org/11906 Reviewed-by: Benjamin Kaduk Reviewed-by: Jeffrey Altman Tested-by: Jeffrey Altman (cherry picked from commit 4ef47f787a64dc5c8ebb73a454b0851c86d7c06b) Change-Id: Ife77c07bb5a00244ef346c0eb70782685c2bb2b1 Reviewed-on: http://gerrit.openafs.org/11932 Tested-by: BuildBot Reviewed-by: Chas Williams <3chas3@gmail.com> Reviewed-by: Perry Ruiter Reviewed-by: Jeffrey Altman Reviewed-by: Stephan Wiesand