User-Visible OpenAFS Changes OpenAFS 1.8.8 All platforms * Improved documentation, diagnostics and error messages (14311 14326 14331 14367 14399 14419 14420 14427 14434 14436 14437 14438 14439 14440 14502 14516 14518 14546) * Build fixes, mostly for recent compilers (14217 14298 14299 14668) * Avoid some potential performance losses in the wire protocol (14503 14514) * Avoid client connections hanging forever when the server is restarted while they're active (14504 14505 14506 14507) All server platforms * Avoid Rx calls getting stuck on the incoming call queue for busy servers (14394) * Avoid a possible salvageserver deadlock (14283) * Fixed salvageserver's parsing of the "-parallel all" argument (14285) * Avoid potential salvager crashes (14515 14614) * Fix "bos salvage -forceDAFS" when the BosConfig also contains a legacy 'fs' bnode in addition to the 'dafs' bnode (14665) * Avoid erratic vlserver behaviour due to overflowing the maximum VLDB size of 2 GB. Log a message and return an error instead (14288) * Fixed a ptserver issue where 'pts mem -expandgroups' failed when supergroups were enabled (14345) (RT #135147) * Take read-only volumes offline while being converted to read-write ones with "vos convertROtoRW", preventing them from ending up in an inconsistent state when accessed during the conversion (14433) * Avoid inconsistent volume states due to interrupted rename operations and other potential issues (14449 14450) * Add new variants to asetkey's "delete" command to allow deleting non-des keys (14293) * Improved ubik performance and robustness (14141 14142 14365) * Fixed building the vol-bless utility, which is now also built by default but still not installed and distributed (14601) * Fixed parsing of "-cores none" when bosserver is started this way (14589) All client platforms * Avoid crashes or panics when potentially recoverable errors during cache I/O are encountered (14286) * Avoid flooding servers with NAT pings, which could happen under certain circumstances (14364) * Avoid possible panics during client startup or shutdown (14393 14441) * Avoid potential buffer overflows by one character in the "bos" client program and in libadmin client programs (14664 14666 14698) * Fixed a slow kernel memory leak triggered by retrieving tokens for userspace commands as an authenticated user (14667 14663) (RT #135238) * Fixed several potential problems in "aklog -keytab" (14478 14479 14480 14481 14482) * Performance improvements (14391) * Avoid unexpected "cold" shutdowns upon umount /afs on platforms which should perform a "warm" shutdown by default (14610) * Avoid memory leaks during shutdown (14615 14616) * Fixed building the afscp utility, which is still not built by default though (14627) Linux clients * Support mainline kernels up to and including 5.13 (14267 14268 14269 14315 14563 14564 14565) (RT #135242) Note that as of mainline kernel 5.13, OpenAFS currently won't build on PowerPC due to a new ABI restriction. * Avoid failures of cache I/O operations in the context of tasks restricted by security mechanisms like AppArmor (14082 14099) * Avoid a crash while loading the kernel module when reading from /proc/fs/openafs/CellServDB before afsd has started (14284) * Avoid more possible causes of getcwd() failures (14451) * Restore the -setpag functionality in some older utilities like klog (14327 14328) macOS * Added support for release 11.0 "Big Sur" (14597 14598 14605 14600) FreeBSD * Support releases 11.2, 12.1, 12.2 (14520 14537 14590) * Add a wide range of FBSD specific fixes and improvements (14521..36) OpenAFS 1.8.7 All platforms * Fix initial Rx Connection ID (CID) generation. Remove stale initialization and overflow detection logic that resulted in connection failures due to all CIDs being set to 0x80000002. (14493, 14494, 14497) OpenAFS 1.8.6 All platforms * Address warnings and errors encountered when building OpenAFS with modern compilers like gcc9 or recent clang (13727..45 13749..50 13756 13846 13879) * Avoid some rare cases of Rx calls getting stuck in the incoming queue (13892) * Display the usage of simple commands (commands without subcommands) when run only with the -help option (13894) * Fix a memory leak in the cache manager and the fileserver while processing "fs uuid" or "fs setcbaddr" (13899) * Fix a memory leak when reopening krb local realms configuration (13900) * Avoid possible crashes when freeing kerberos contexts (13902) All server platforms * Do not leave empty directories behind in the file server vice partition when running the "vos zap -force" command (13897) * Fix "vos zap -force" failures when the volume being zapped does not have an entry in the fileserver's volume group cache (e.g., during fileserver startup) (13896) * Relax the length limits on some membership lists used in ptserver RPCs, introduced in release 1.8.0 to prevent denial of service attacks, to accommodate use cases of some larger existing sites (13844) * Improved diagnostics and error messages (13898 13906..8 13938) * Ensure that fileservers running in readonly mode actually reject all write requests, but introduce a -admin-write switch allowing writes by members of the system:administrators group (14018 14019) All client platforms * Require the -insecure_des switch to be passed to aklog and klog.krb5 to make them work with single-DES encryption types (13791) * Avoid a panic due to a retryable error - retry in a background request instead (13847) * Avoid blocking other functions on the completion of some potentially long-running RPCs issued by the server (13893) * Fix a potential memory leak in "fs getserverprefs" when the pioctl fails with E2BIG (13895) * Avoid the local cache incorrectly reflecting the state of a file on the fileserver after flushing large chunks of data to the server. This issue was present on FreeBSD clients, but probably not Linux/Solaris ones (13951) (RT #135041) * After a VLDB lookup of a read-write volume already failed, don't bother looking up corresponding read-only or backup volumes since those lookups are bound to fail, in order to make the client more responsive and avoid unnecessary load on the vlserver (13968) * Allow a "vos rename" to succeed if the new volume name is the same as that in the current VLDB, to make it possible to complete a previously interrupted volume rename (14055) * Allow processes which are sleeping due to PAG throttling to be killable (13974). * Fix set PAG failures due to signals (13975). Linux clients