cpptraj (5.1.0+dfsg-4) unstable; urgency=medium . * Stop the build on test failures. * Build with OpenMM support on armhf, mips64el and riscv64 as well. * Bump copyright years. cpptraj (5.1.0+dfsg-3) unstable; urgency=medium . * Build with OpenMM on platforms which support OpenMM. * Build with libfftw3-dev. * Skip one more test case. cpptraj (5.1.0+dfsg-2) unstable; urgency=medium . * Adjust debian/watch to ignore old two-digit year number-based tags. * Run unittest during build. * Add autopkgtest. cpptraj (5.1.0+dfsg-1) unstable; urgency=medium . * Initial release. (Closes: #1017000) linux-show-player (0.5.3-2) unstable; urgency=medium . * Non-maintainer Upload from Debian/ repository * Depends on deadlib for removed modules (Closes: #1084706) * Fix Homepage and Watch file (Closes: #1089559) * Fix SyntaxWarning (Closes: #1085668) . [ Debian Janitor ] * Set upstream metadata fields: Repository-Browse. * Update standards version to 4.6.1, no changes needed. linux-show-player (0.5.3-1) unstable; urgency=medium . * New upstream release (0.5.3). Closes: #1009095. * Bump Standards-Version to 4.6.0. No changes required. * debian/control: Bump X-Python3-Version to (>= 3.10). linux-show-player (0.5.2-1) unstable; urgency=medium . * New upstream releaese (0.5.2): + Remove 00-fix-async-decorator.patch and remove-backslash-eof.patch. Patches have been applied by upstream * Bump debhelper-compat version to (= 13) * debian/watch: Bump file standard version to 4 * Bump package Standards-Version to 4.5.1. No changes required * Document Forwarded header as not needed in patch 00-installs-package- data.patch * Mark autopkgtest as superficial. Closes: #969838 linux-show-player (0.5.1-3) unstable; urgency=medium . [ Ondřej Nový ] * d/control: Fix wrong Vcs-* . [ Josue Ortega ] * Update package to use debhelper-compat ( =12) * Add patch: remove-backslash-eof. Closes: #950801 * Add autopkg tests * Bump Standards-Version to 4.5.0. No changes required * debian/control: Add Rules-Requires-Root field linux-show-player (0.5.1-2) unstable; urgency=medium . * Upload to unstable. * Add missing dependency on python3-gst-1.0 linux-show-player (0.5.1-1) experimental; urgency=medium . * New upstream release (0.5.1). * Renames async decorator to async function in order to fix compatibility with Python 3.7 (Closes: #904367). * Bumps X-Python3-Version from (>= 3.5) to (>= 3.6). * Bumps compat level from 10 to 11. * debian/control: - Updates VCS fields to use salsa.debian.org. - Bumps Standards-Version to 4.1.5, no changes required. linux-show-player (0.5-1) unstable; urgency=low . * Initial release. Closes: #825028 openafs (1.8.13.2-1) unstable; urgency=medium . * New upstream release: - Support Linux versions through 6.13 (Closes: #1089501) * Set Rules-Require-Root (Closes: #1093345) openafs (1.8.13-1) unstable; urgency=high . * New upstream security release: - Fix OPENAFS-SA-2024-001: theft of credentials from Unix PAGs (CVE-2024-10394) - Fix OPENAFS-SA-2024-002: fileserver crash on malformed StoreACL (CVE-2024-10396) - Fix OPENAFS-SA-2024-003: buffer overflows in XDR responses (CVE-2024-10397) - Closes: #1087406, #1087407 openafs (1.8.12.1-1) unstable; urgency=medium . * New upstream release: - Support Linux versions through 6.10 (Closes: #1077837). * Update Standards-Version to 4.7.0 (no changes needed). openafs (1.8.12~pre1-1) unstable; urgency=medium . * New upstream release candidate. From 1.8.12pre1: - Support Linux versions through 6.9 (Closes: #1060896). - Wait to run rx-perf test until server has started (Closes: #886696). - Avoid unsupported relocation type on AArch64 kmods (Closes: 1069781). From 1.8.11: - Flush Linux VFS dentry caches from `fs flush*` commands, reducing the need to write to /proc/sys/vm/drop_caches when troubleshooting. - Various bugfixes to avoid crashes and potential memory corruption. - Additional warnings in server logs: when an older version of a volume is restored, and when bosserver is not started in restricted mode. - Improve checks to avoid running RPCs when spurious packets are received. - Update to CellServDB from grand.central.org from 31 Oct 2023. - Address a couple potential sources of performance degradation in clients. - Refresh cache entries when size mismatches are detected. * Drop alternative dependency on kernel-package from openafs-modules-source; it has been gone since stretch (Closes: #1014397). * Re-enable rx-perf test, disabled since 1.8.8.1-2, after upstream's change. * Switch from pkg-config to pkgconf. openafs (1.8.10-2.2) unstable; urgency=medium . * Non-maintainer upload. * Move afsd (back) into /usr/sbin (Closes: #1059432). Update path in init script and systemd service unit. openafs (1.8.10-2.1) unstable; urgency=medium . * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1062829 openafs (1.8.10-2.1~exp1) experimental; urgency=medium . * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. openafs (1.8.10-2) unstable; urgency=medium . * Update lintian overrides to use appropriate context. * Import upstream patches to support Linux versions through 6.6 (Closes: #1043131) * Update README.servers and afs-newcell to reflect rxkad-k5 usage (Closes: #1019751) * Clean up some more generated upstream files (Closes: #1048470) * Update Brazilian Portuguese debconf translation; thanks Paulo Henrique de Lima Santana (Closes: 1028070) * Add Romanian debconf translation; thanks Remus-Gabriel Chelu (Closes: #1033142) * Update Swedish debconf translation; thanks Martin Bagge / brother (Closes: #1054618) openafs (1.8.10-1) unstable; urgency=medium . * New upstream release: - Support Linux versions through 6.4 (Closes: #1038002) - Update to CellServDB from grand.central.org from 9 May 2022. - Add -literal option for "fs getfid". * Drop dependency on lsb-base. * Build-depend on libncurses-dev rather than libncurses5-dev. * Update bundled CellServDB to grand.central.org version of 09 May 2022. * Bump Standards-Version to 4.6.2 (no changes needed). openafs (1.8.9-1) unstable; urgency=medium . [ Benjamin Kaduk ] * New upstream release: - Support kernels up to 6.0. - Avoid delays in certain scenarios. - Detect invalid RPC inputs for FetchData RPCs to prevent volumes from unnecessarily being taken offline. . [ Alejandro R. Sedeño ] * Do not build DKMS module on PREEMPT_RT kernels. openafs (1.8.8.1-3) unstable; urgency=low . [ Andreas Beckmann ] * Switch to B-D: dh-dkms. * Declare Testsuite: autopkgtest-pkg-dkms. . [ Benjamin Kaduk ] * Import upstream patches to support linux through 5.18 (Closes: #1010764) - This will change kernels from 5.8 through 5.17 to use the "readahead" interface rather than "readpages". - This imports some code from autoconf-archive and updates debian/copyright to list the new license/files. * Bump Standards-Version to 4.6.1 (no changes needed) openafs (1.8.8.1-2) unstable; urgency=medium . * Skip unit test that fails on the buildds by virtue of using a hardcoded port number. openafs (1.8.8.1-1) unstable; urgency=high . * New upstream release: - Support linux kernel 5.16 (Closes: #1005404) - Treat the Rx SACK table as bits, not bytes, in preparation for subsequent changes to expand the maximum window size. openafs (1.8.8-3) unstable; urgency=medium . * Import upstream FTBFS fix for Linux 5.15 openafs (1.8.8-2) unstable; urgency=medium . * Import upstream patch to improve support for linux 5.14 (avoiding a runtime error when the set_page_dirty operation is requested) openafs (1.8.8-1) unstable; urgency=medium . * New upstream release: - Support linux kernel 5.14 (Closes: #995134) PowerPC may be affected by a new ABI restriction. - Fix key handling for keys with parity bits (e.g., triple-DES) (Closes: #987690) - Use proper credentials for I/O to cache to avoid unneeded blockage by security mechanisms like AppArmor - Improvements in certain Rx call edge cases - Attempt to recover from certain errors instead of panicking clients - Additional changes noted in upstream changelog * Update debian/copyright for new file added upstream * Update to policy 4.6.0 (no changes needed) * Specify Build-Depends-Package in symbols files * Update to watch file version=4 openafs (1.8.6-5) unstable; urgency=emergency . * Pull in upstream patches to fix outgoing connections after unix epoch time 0x60000000 (Closes: #980115, #980116) openafs (1.8.6-4) unstable; urgency=medium . * Bump Standards-Version to 4.5.0 (no changes needed) * Pull in upstream patches for linux kernel 5.9 support openafs (1.8.6-3) unstable; urgency=medium . * Pull in upstream patches for linux kernel 5.8 support (Closes: #970258) openafs (1.8.6-2) unstable; urgency=medium . * Pull in upstream patches for -fcommon support (Closes: #966881) openafs (1.8.6-1) unstable; urgency=medium . * New upstream release: - Support linux kernel 5.7 (thanks Paolo Pisati for an early backport) (Closes: #964027) - other changes noted in the 1.8.6~pre1-1 entry openafs (1.8.6~pre1-3) unstable; urgency=medium . * Temporarily disable a test that fails on armhf buildd but not porterbox openafs (1.8.6~pre1-2) unstable; urgency=medium . * Pull in upstream patch to not resolve IP addresses to names in the vos tests (Closes: #953729) * Only use dh_missing --fail-missing for binary packages, to match the behavior used by the debhelper-compat-9 packaging prior to 1.8.6~pre1-1 (Closes: #953709) openafs (1.8.6~pre1-1) unstable; urgency=medium . * New upstream prerelease (Closes: #953709): - Code cleanup prompted by gcc9 errors - Update "vos zap -force" to clean up empty directories - Relax implementation-specific XDR array length limits for prdb types, which were being hit in practice at some large sites - Tighten up fileservers' -readonly mode, and add an option to allow members of system:administrators to be able to write to readonly servers - Support linux kernels up to version 5.6rc2 - Additional sundry changes; see upstream NEWS * Pull in additional patches from upstream: - Support linux kernel 5.6 release - Recognize ppc64le in configure's OS-detection logic - Skip vos tests if vlserver port is already bound (Closes: 953729) * Fix typo preventing ppc64el support from working (Closes: #946520) * Update Italian debconf translation; thanks Beatrice Torracca (Closes: #952799) * Update to debhelper-compat 12 openafs (1.8.5-1) unstable; urgency=high . * New upstream security release (Closes: #943587): - Fix OPENAFS-SA-2019-001, OPENAFS-SA-2019-002: information leakage from uninitialized RPC output variables - Fix OPENAFS-SA-2019-003: database server DoS (NULL dereference) * Configure --without-ctf-tools to allow kernel module builds when ctfutils are installed. (Closes: #935771) * Enable support for ppc64le. (Closes: #941658) openafs (1.8.4~pre1-1) unstable; urgency=medium . [ Ondřej Nový ] * d/control: Removing redundant Priority field in binary package * d/changelog: Remove trailing whitespaces . [ Anders Kaseorg ] * New upstream release 1.8.3: - Miscellaneous improvements to error handling and server efficiency (see NEWS). - Support Linux 5.0. * Update CellServDB from grand.central.org (2018-05-14). * Remove custom compression settings for Debian tarball and binary packages. . [ Benjamin Kaduk ] * New upstream prerelease 1.8.4pre1: - Further work to avoid spurious ENOENTs from filesystem access. - Fix the behavior of ptserver -restricted to match the documentation. - Autoconf updates and modernization. (Closes: #934758) - Additional miscellaneous improvements (see NEWS). * openafs-fileserver now depends on openafs-krb5 for akeyconvert in the maintainer script. (Closes: #934236) * Debconf translation update: - Danish, thanks Joe Hansen. (Closes: #923111) * Backport upstream patch to require opt-in for weak crypto in aklog and klog.krb5. (Closes: #931819) openafs (1.8.2-1) unstable; urgency=high . * New upstream release 1.8.1.1: - Support Linux 4.18. * New upstream security release 1.8.2 (Closes: #908616): - Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc (CVE-2018-16947). - Fix OPENAFS-SA-2018-002: information leakage in RPC output variables (CVE-2018-16948). - Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption (CVE-2018-16949). openafs (1.8.1-1) unstable; urgency=medium . * New upstream release. In addition to changes in pre2: - Fix issue where `vldb_check -fix` would corrupt databases with multiple MH blocks - Improved error handling when the cache partition is inaccessible - Improved error handling when page allocation fails * Supply sysname generation for arm64 to get further in the build. openafs (1.8.1~pre2-1) unstable; urgency=medium . * New upstream prerelease: - Add support for arm64 - Improve usability of the shared libraries and public API - Fix volume callbacks so clients see updates after volume releases - Fix Rx connection refcount error that could lead to server crashes - Fix panic when cahe bypass is enabled - Use valid serial number for Rx aborts if possible (and 0 otherwise) - Return valid InlineBulkStatus responses in error cases - The fileserver rejects invalid partition names when attaching partitions - Improve cache manager behavior when unable to open cache files (e.g., if the cache partition is remounted readonly) - Improve some error messages * Update Dutch debconf translation; thanks Frans Spiesschaert. (Closes: #895459) openafs (1.8.0-1) unstable; urgency=low . * New upstream release. Changes since pre5: - Fix issues with -Wpointer-sign - Edits to the afsd manpage regarding the -volume-ttl feature * Update debian/README.source to reflect the move from Alioth to Salsa * Update German debconf translation; thanks Pfannenstein Erik. (Closes: #887663) openafs (1.8.0~pre5-1) unstable; urgency=low . [ Russ Allbery ] * Remove myself from Uploaders. . [ Benjamin Kaduk ] * New upstream release candidate: - Update CellServDB from grand.central.org (2017-03-14) - Avoid rare deadlock condition when recreating a deleted file/directory on old Linux kernels - Clean up ubik DISK_ RPC behavior with respect to sending updates to sites that would reject the update - Remove includes of , for compatibility with glibc 2.26 - Do not include RXGEN_OPCODE when throttling clients that generate too many abort replies * Update Vcs- entries in control to reflect the move from alioth to salsa * Correct 1.8.0~pre4-1 changelog entry to reflect that it closed one more Mayhem-reported bug. (Closes: #716446) openafs (1.8.0~pre4-1) unstable; urgency=low . [ Benjamin Kaduk ] * New upstream major release (prerelease): - Servers no longer use rxkad.keytab for long-term keys, which are now stored in KeyFileExt. Administrators must use akeyconvert or similar tooling to populate the KeyFileExt after updating the krb5 keys in rxkad.keytab. In most cases, `akeyconvert` with no arguments will suffice; that command is run automatically in the package's postinstall script. - kaserver, klog.afs, pam-openafs-kaserver, and other kauth-related tools are removed. - Server log handling has changed. Logs are not truncated at startup by default, and are re-opened on SIGUSR1, to be compatible with external log rotation tools. - Client time management support (afsd -settime and afsd -nosettime) has been removed. - Linux versions prior to 2.6 are no longer supported by the client. - Desupport 32-bit s390/s390x - Most binaries now use pthreads instead of LWP green threads. - The fileserver ihandle fsync thread is removed. - Support Linux up to 4.14 - Provide vldb cache timeout option for clients - Eliminate potential 100ms delay after rx receive window changes - Modify volume update date after salvager makes changes - Improve ubik safety for relabels and writes shortly after an election - Preserve volume stats during reclone and restore operations - Improve command-line parsing for various utilities. (Closes: #715623, #715787, #716144, #716234, #716444) - Fix for OPENAFS-SA-2017-001. (Closes: #883602) - Many other generic improvements throughout the tree; consult the upstream changelog for details. * Add versioned build-depends for renamed symbols in heimdal-multidev. (Closes: #848664) * Bump Standards-Version to 4.1.3 (no changes needed). * Update Dutch debconf translation; thanks Frans Spiesschaert. (Closes: #874280) . [ Anders Kaseorg ] * Use dh_auto_configure. * Correct some paths in the openafs-doc packaging openafs (1.8.0~pre3-1) experimental; urgency=low . * New upstream prerelease: - Improve compatibility with recent linux versions - Fix several race conditions in the asynchronous event handler framework - (not new to this prerelease) Improve command-line parsing for various utilities. (Closes: #715623, #715787, #716144, #716444) - Fix for OPENAFS-SA-2017-001. (Closes: #883602) openafs (1.8.0~pre2-1) experimental; urgency=low . * Add versioned build-depends for renamed symbols in heimdal-multidev. (Closes: #848664) * New upstream prerelease: - Desupport 32-bit s390/s390x - Adopt jenkins hash for endianness independence - With afsd -debug, print syscalls on separate lines - Restore debug symbols for the kernel module - Support Linux up to 4.13 - Provide vldb cache timeout option for clients - Eliminate potential 100ms delay after rx receive window changes - Modify volume update date after salvager makes changes - Restore client behavior of trying all servers instead of looping on an unresponsive preferred server - Improve ubik safety for relabels and writes shortly after an election - Preserve volume stats during reclone and restore operations * Add automatic akeyconvert invocation to openafs-fileserver.postinst openafs (1.8.0~pre1-5) experimental; urgency=medium . * debian/patches/opr-Make-opr_jhash_opaque-endian-independent.patch, debian/patches/opr-Make-opr_jhash_opaque-consistent-with-opr_jhash.patch, debian/patches/opr-Make-opr_uuid_hash-endian-independent.patch: Fix test failures on big-endian architectures. openafs (1.8.0~pre1-4) experimental; urgency=medium . * debian/patches/0006-softsig-helper-fix-signame-loop.patch Fix test failures on 32-bit architectures. * debian/patches/0007-Run-jhash-t-verbosely.patch Provide more output from failing tests. openafs (1.8.0~pre1-3) experimental; urgency=medium . * Replace hard-coded x86_64-linux-gnu with DEB_HOST_MULTIARCH. * Use dh_auto_configure. openafs (1.8.0~pre1-2) experimental; urgency=medium . * Move libtool, heimdal-multidev from Build-Depends-Indep to Build-Depends. * debian/patches/tests-opr-softsig-t-Avoid-hanging-due-to-intermediat.patch, debian/patches/opr-ExitHandler-re-raise-the-signal-instead-of-exiti.patch Fix test failures. openafs (1.8.0~pre1-1) experimental; urgency=low . * New upstream major release: - Servers no longer use rxkad.keytab for long-term keys, which are now stored in KeyFileExt. Administrators must use akeyconvert or similar tooling to populate the KeyFileExt. In most cases, `akeyconvert` with no arguments will suffice. - kaserver, klog.afs, pam-openafs-kaserver, and other kauth-related tools are removed. - Server log handling has changed. Logs are not truncated at startup by default, and are re-opened on SIGUSR1, to be compatible with external log rotation tools. - Client time management support (afsd -settime and afsd -nosettime) has been removed. - Linux versions prior to 2.6 are no longer supported by the client. - Most binaries now use pthreads instead of LWP green threads. - The fileserver ihandle fsync thread is removed. - Many other generic improvements throughout the tree; consult the upstream changelog for details. openafs (1.6.22-3) unstable; urgency=medium . * Pull in upstream patch to avoid OOPS on linux 4.14 kernels. (Closes: #884420) * Pull in pending upstream patch to include stdint.h where needed. This should allow Ubuntu to return to syncing openafs from Debian. openafs (1.6.22-2) unstable; urgency=medium . * Update Russian debconf translation; thanks Lev Lamberov. (Closes: #883916) * Pull in upstream patches to build with kernel 4.14. (Closes: #884276) openafs (1.6.22-1) unstable; urgency=high . * New upstream security release: - Fix for OPENAFS-SA-2017-001. (Closes: #883602) - Improved support for recent Linux versions openafs (1.6.21-3) unstable; urgency=medium . * Build documentation with FORCE_SOURCE_DATE=1, without which pdfTeX refuses to behave fully reproducibly. * debian/patches: - Linux-Include-linux-uaccess.h-rather-than-asm-uacces.patch: Fix build failure on s390x with Linux kernel 4.12. (LP: #1711835) openafs (1.6.21-2) unstable; urgency=medium . * debian/patches: - AFS_component_version_number.c-Respect-SOURCE_DATE_E.patch: Use UTC for better reproducibility. - 0003-Add-dummy-exit-command-for-afsd-to-do-nothing.patch: Fix rebasing mistake so -exit works correctly. - Linux-4.13-use-designated-initializers-where-require.patch: Support Linux kernel 4.13. (LP: #1706433) * Update Portuguese debconf translation; thanks Rui Branco. (Closes: #871559) * Update French debconf translation; thanks Alban Vidal. (Closes: #872026) * Update CellServDB from grand.central.org (2017-03-14). openafs (1.6.21-1) unstable; urgency=medium . * New upstream release (1.6.21): - Include support for Linx versions through 4.12. (Closes: #859155) - Improve support for Linux kernels with backported patches. (Closes: #855366) - Improve bosserver startup behavior with unexpected arguments or configuration symlinks. - Re-enable vcache cleanup improvement from 1.6.18, with bugs fixed. - Provide the afsd -inumcalc option; this behavior was previously only configurable via sysctl. - The salvager updates volume "last update" times when modifying volumes. - Demand-attach fileserver improvements for reducing log spew and preventing thread exhaustion during CPS recalculation. - Avoid a potential 100ms transmit delay in RX when the peer's receive window advances. * Switch openafs-fileserver.service to Type=simple and pass -nofork to bosserver. (Closes: #865962) * Update for policy version 4.0.0, honor nodoc in DEB_BUILD_OPTIONS * Use service(8) instead of /etc/init.d/* directly in documentation and helper scripts openafs (1.6.20-2) unstable; urgency=medium . * Build-Depend debhelper (>= 9.20160114) for dh_strip --dbgsym-migration. * debian/patches: - LINUX-split-dentry-eviction-from-osi_TryEvictVCache.patch, Reformat-src-afs-LINUX-osi_vcache.c.patch, LINUX-do-not-use-d_invalidate-to-evict-dentries.patch, afs-shake-harder-in-shake-loose-vcaches.patch: Avoid system hangs on busy machines due to vcache deallocation failures. - Linux-4.9-deal-with-demise-of-GROUP_AT.patch, Linux-4.9-inode_operation-rename-now-takes-flags.patch, Linux-4.9-inode_change_ok-becomes-setattr_prepare.patch: Support Linux kernel 4.9. (Closes: #847011) - AFS_component_version_number.c-Respect-SOURCE_DATE_E.patch: Respect SOURCE_DATE_EPOCH in cml_version_number to improve build reproducibility. * openafs-modules-source: Generate /usr/src/openafs.tar.bz2 reproducibly. openafs (1.6.20-1) unstable; urgency=high . * New upstream release (1.6.19): - Fix issue that could result in using out-of-date database versions in rare cases - Don't commit more data to a file than was actually copied during writes, which could happen on architectures with a page size greater than 4K * New upstream security release (1.6.20): - Fix information leakage (file/directory names) from reused directory buffers openafs (1.6.18.3-3) unstable; urgency=medium . * Drop openafs-dbg in favor of automatically generated dbgsym packages. * Mark openafs-doc Multi-Arch: foreign. * debian/patches/tests-util-ktime-t.c-Specify-EST-offset-in-TZ.patch: Fix FTBFS with tzdata uninstalled. (Closes: #839481) * Depend lsb-base (>= 3.0-6) in openafs-client and openafs-fileserver for /lib/lsb/init-functions. openafs (1.6.18.3-2) unstable; urgency=medium . * Drop hardening-wrapper in favor of passing flags via CC. (Closes: #836642) * Clean doxyen-generated documentation with dh_doxygen. openafs (1.6.18.3-1) unstable; urgency=medium . * New upstream release 1.6.18.3: - Support Linux kernel 4.7. openafs (1.6.18.2-1) unstable; urgency=medium . * New upstream release 1.6.18.2: - Support Linux kernel 4.6. - Revert the vcache cleanup improvement of 1.6.18, which exposed another previously latent issue that wrongly invalidated the current working directry on some kernels. * Update CellServDB to the 2016-01-01 release. openafs (1.6.18.1-1) unstable; urgency=medium . * New upstream release 1.6.18.1: - Support Linux kernel 4.5. - Check return value from bdi_init. * Import upstream Gerrit patch to allow building with Linux kernel 4.6. (Closes: #826922) openafs (1.6.18-1) unstable; urgency=high . * New upstream release 1.6.18: - Support for Linux 4.4 kernels. - Improve dynamic vcache cleanup behavior, reducing memory usage and avoiding a long hang when many vcaches are in use - Deprecate afsd -settime. - Failure to release a volume now reports an error back to the client. - Check for invalid IP addresses in the CellServDB. - Fix dafileserver crash experience with large volumes. - Close race between "umount /afs" and "afsd -shutdown". - Prefer -dryrun arguments to -noexecute. - Limit ChangeAddr RPCs to removal, to avoid database corruption. - Improve behavior relating to large (~2GB fetches from the fileserver). * Import patches from upstream gerrit to improve support for Linux 4.5 kernels. (Closes: #821782) * Depend on sysint.target instead of basic.target in openafs-client.service, to eliminate dependency cycles with other services that depend on remote-fs.target. (Closes: #794451) openafs (1.6.17-2) unstable; urgency=high . * debian/rules: Fix FTBFS when built with dpkg-buildpackage -A. (Closes: #806088) openafs (1.6.17-1) unstable; urgency=high . * New upstream release 1.6.16. - Fix bosserver crashes related to fixed-sized buffers. - Fix potential denial of service issue in pioctl logic (CVE-2015-8312). - Provide a new vos remaddrs subcommand for removing server entries. - Allow pioctls to work with read-only /proc (e.g. Docker containers). * New upstream security release 1.6.17. - Prevent users in foreign Kerberos realms from creating groups as if they were administrators (CVE-2016-2860). - Fix an information leak of uninitialized memory over the network. - Fix a crash when the AFS root volume is not found. * debian/patches/Linux-4.4-key_payload-has-no-member-value.patch, debian/patches/Linux-4.4-Use-locks_lock_file_wait.patch, debian/patches/Linux-4.4-Do-not-use-splice.patch: Add upstream patches for current Linux kernel support. (Closes: #815521) openafs (1.6.15-1) unstable; urgency=high . * New upstream security release. - Fix data leakage in rx ACK packets, OPENAFS-SA-2015-007, CVE-2015-7762, CVE-2015-7763. openafs (1.6.14-1) unstable; urgency=medium . * New upstream release. - Restore support for using regexes for volume names to backup, accidentally disabled as part of the fix for OPENAFS-SA-2015-006 * Update Swedish translation, thanks Martin Bagge and Anders Jonsson. (Closes: #781678) * Note that the protocol document rfc5864.txt is dual licensed. (Closes: #768385) * Supply copyright notice for systemd helper scripts. (Closes: #779170) * Import upstream patches to support the 4.2 Linux kernel. openafs (1.6.13-1) unstable; urgency=high . * New upstream security release. - OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire in the clear when creating vldb entries - OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed, including some which alter server state - OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents - OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD command passing can trigger a panic - OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not affect Debian - OPENAFS-SA-2015-006: buffer overflow in vlserver * Also includes changes from the upstream 1.6.12 release: - Avoid database corruption if a database server is shut down and brought up again quickly with an altered database - Fix a potential buffer overflow in aklog - Support for Linux kernels up to 4.1 - Avoid spurious EIO errors when writing large chunks of data to mmapped files openafs (1.6.11.1-1) unstable; urgency=medium . * New upstream release. - Support for Linux kernels up to 4.0. openafs (1.6.11~pre2-1) experimental; urgency=low . * New upstream pre-release. - Avoid using a stale data version in certain cases when writing files larger than the AFS cache, which manifested as file corruption. - Fix a refcount leak that could lead to panics. - Support newer linux versions, up through 3.19. - Fix some leaks and crashes in error cases. openafs (1.6.11~pre1-1) experimental; urgency=low . * New upstream pre-release. - Linux kernels up to 3.17 are now supported. - Fix more incorrect behavior in our revalidation of dcache entries. Bugs in this area can cause stale path lookups in certain situations, as well as cause getcwd() to fail spuriously. - Allow aklog to succeed in creating native K5 tokens even when K5-to-K4 principal conversion fails. openafs (1.6.10-4) unstable; urgency=medium . * Update Spanish translation, thanks Javier Fernandez-Sanguino Pena. (Closes: #773565) * Import many patches from upstream: - Support newer linux versions, up through 3.19. (Closes: #771298) - Avoid some spurious getcwd() failures. - Improve configure test for key_type.match (which caused buggy behavior in certain versions of RHEL). - Fix a refcount leak that would manifest as an unrelated OOPS. - Avoid using a stale data version in certain cases when writing files larger than the AFS cache, which manifested as file corruption. This leaves us roughly equivalent to the forthcoming 1.6.11pre2 release candidate. * Update CellServDB to the 2015-01-19 release. openafs (1.6.10-3) unstable; urgency=medium . * Make openafs-client Before=umount.target for improved shutdown behavior. (Affects: #760063) * Mark openafs-client.service as RemainAfterExit=true. (Closes: #770815) openafs (1.6.10-2) unstable; urgency=medium . * Some shell quoting and similar cleanups in openafs-client-precheck from Anders Kaseorg. * Make the openafs-client unit silently succeed when it is already running, to match the behavior of the sysV script. (Closes: #767056) openafs (1.6.10-1) unstable; urgency=medium . * New upstream release. - fix segfault with aklog -path. * The 1.6.10~pre1-1 changelog entry contains a full summary of changes in the upstream release. * Add a systemd unit file for openafs-client. (Closes: #760063) - The variables AFS_PRE_SHUTDOWN and AFS_POST_INIT from /etc/openafs.afs.conf are no longer honored. They should be converted to the systemd format and placed in /etc/systemd/system/openafs-client.service.d/ ; automatic conversion is not possible. In particular, the kill_all_afs functionality is not available. - The LIBAFS, MODULEDIR, and DKMSDIR settings from /etc/openafs/afs.conf are not used by the unit file. - The extra shutdown handling for when the NFS translator is used was not converted to the systemd format; the necessary feature was removed from the Linux kernel in 2008. - Support for cold shutdowns is removed. They generally resulted only in strange failures later on. * Add a systemd unit file for openafs-fileserver. * Use heap-allocated buffers of sufficient length for realpath() in userok.c. (Closes: #757378) * Update Dutch translation. (Closes: #765083) openafs (1.6.10~pre1-1) experimental; urgency=low . [ Benjamin Kaduk ] * New upstream pre-release. - Linux kernels up to 3.16 are now supported. - The amount of free space and reported for /afs is now 2 TiB, up from the previous reported value of around 9 GiB. - Fix 'pts removeuser' behavior in the ptserver for some supergroups over a certain membership size. - Fix logging behavior when rotating logs via the "copy and truncate" approach. - Add new log messages in the volserver log and the vlserver audit log. - Reduce the amount of kernel stack space used in the client. - Improve error handling for a wide variety of cases for various tools. - Improve periodic hanging in the client when a large number of PAGs and files are in use. - Fix 'afs-up' to handle large ACLs correctly. - Fix a crash in 'aklog' when retrying ticket acquisition. - Fix a crash in xstat_fs_test and scout when their local port is already in use. - Fix an error in the client lock handling that prevented checking for the existence of write locks on readonly volumes. - Fix an error in the client that could cause cache inconsistencies if another client removed a directory entry, and recreated a different entry with the same name. - Avoid ignoring build failures during the client kernel module build process, hopefully leading to better error messages in some cases when building the kernel module. - Fix various possible problems when building with parallel make. . [ Andrew Deason ] * Include the new volscan tool in openafs-fileserver. . [ Russ Allbery ] * Retroactively add the CVE for OPENAFS-SA-2014-002 to the changelog for 1.6.9-1. It was assigned after the release was uploaded. * Add Benjamin Kaduk as Maintainer and move myself to Uploaders. openafs (1.6.9-2) unstable; urgency=medium . [ Russ Allbery ] * Retroactively add the CVE for OPENAFS-SA-2014-002 to the changelog for 1.6.9-1. It was assigned after the release was uploaded. * Add Benjamin Kaduk as Maintainer and move myself to Uploaders. . [ Benjamin Kaduk ] * Apply upstream deltas to fix the build with the linux kernel 3.16 (Closes: #762248): - [ea0c9d8c] Linux 3.16: Switch to iter_file_splice_write - [02a07404] Linux 3.16: Convert to new write_iter/read_iter ops * Update README.source for the gbp pq patch-management procedure. openafs (1.6.9-1) unstable; urgency=high . * New upstream release. - OPENAFS-SA-2014-002: Fix use of uninitialized memory in the host object in the fileserver. openafs (1.6.8-1) unstable; urgency=medium . * New upstream release. - Change the default fileserver sync behavior from delayed to onclose so that explicit syncing only happens when a volume is detached. - Add -offline-timeout and -offline-shutdown-timeout options to the fileserver, allowing interrupting of clients accessing volumes that the fileserver is trying to take off-line. - Fix RX bug that could hide errors during packet reception. - Fix vos size -dump display for large volumes. - Give up callbacks when the client is shut down. This can cause crashes in old fileservers (prior to 1.4.6). - Restore vos e alias for vos examine. - Throttle byte-range lock warnings per file, and include the FID of the file that the client is trying to lock. - Avoid a possible panic during shutdown while tracing. - Fix a bug that could cause getcwd to fail to find parent directories. - Avoid a delay when accessing uncached data in AFS in a confined context under SELinux. - Documentation, diagnostics, and error message improvements. * Add Lintian override for the copy of RFC 5864, which has been dual-licensed by the author. openafs (1.6.7-1) unstable; urgency=high . * New upstream security release. - OPENAFS-SA-2014-001: Fix potential buffer overflow in the fileserver. (CVE-2014-0159) - Fix a potential DoS attack against Rx servers by avoiding suspending the listener thread when delaying connection abort messages. openafs (1.6.6-1) unstable; urgency=low . * New upstream release. - Remove server-side NAT pings since there's no evidence they help. * Fix linking of /usr/share/doc directories for libpam-openafs-kaserver, openafs-fuse, and openafs-kpasswd. This was broken in previous releases by a miswritten debian/rules override. Thanks to Andreas Beckmann for finding the problem and solution. (Closes: #736305) * Accept AFS_DYNROOT=true as an alias for Yes in afs.conf.client, matching behavior of releases prior to 1.6.2.1-1. (Closes: #729353) openafs (1.6.6~pre2-1) unstable; urgency=low . * New upstream pre-release. - Linux kernels up to 3.12 are now supported, including kernels with user namespace support enabled (which affects Debian's 3.12-1 kernel and newer). - Fixed core dumps into AFS with current kernels. - When starting the client fails, backing device information created in sysfs is now properly cleared. - The AFS mountpoint specified in the cacheinfo file must now be an absolute path. - Stop tracking file locks on read-only volumes. Write locks always fail and read locks always succeed. - New fs flushall command to discard all cached data. - Fixed a bug that could cause the client to incorrectly believe its cache was up to date. - New -rxmaxfrags switch to afsd to limit the number of UDP fragments sent or received per RX packet. - Fixed afsd threads entering an infinite loop. - The file server now ignores any vice partitions with a NeverAttach flag file present in the root directory. - Enabled server-side NAT pings to refresh NAT timeouts. - Forcing file server CPS recalculation (for IP ACLs) is now restricted to administrators. - vos examine of a volume in a transaction is now shown as busy again rather than off-line. - Multiple bug fixes to the salvager. - Fixed a bug that could cause state information to be discarded when restarting a large or busy file server. - Fixed a vlserver bug during file server address registration. - volserver supports a new -preserve-vol-stats option, which preserves access statistics across volume restore and reclone operations. - Releasing a volume after adding a new RO site no longer touches the existing RO sites if the volume has not changed since the last release. - Fixed undefined ptserver behavior with too many allocated PTS ids. - Avoid redefining assert in public header files. - Documentation, diagnostics, and error message improvements. openafs (1.6.5.2-1) unstable; urgency=medium . * New upstream release. - Fix support for tmpfs as the cache filesystem. - Support kernels with backported changes affecting getname/putname. * Exit successfully in the openafs-client init script if /sbin/afsd doesn't exist, indicating that openafs-client is not installed. * Load /lib/lsdb/init-functions in the openafs-client init script as the first step towards upstart or systemd support. * Update standards version to 3.9.5 (no changes required). openafs (1.6.5.1-1) unstable; urgency=low . * New upstream release. - Support for Linux 3.11 and 3.12 (up to 3.12-rc3). - Fixed core dumps into AFS with some Linux kernels. * Cherry-pick additional upstream fixes. - [7242e25a] Fix library ordering when building aklog. - [514fc63d] Fix budb crash when the -servers command-line option is given. (Closes: #718253) * Ignore errors when reading ThisCell in the openafs-client config script. If the file doesn't end in a newline, read will still succeed and set the variable, but will exit with a non-zero status. This would abort configuration of the package without a useful error message. * Drop Recommends of libjs-jquery in openafs-doc. We're no longer replacing the embedded jQuery, pending a better fix in the Doxygen packaging. * Optimize the get-orig-source target. Thanks, Anders Kaseorg. * Translation updates: - German, thanks Erik Pfannenstein. (Closes: #719154) openafs (1.6.5-1) unstable; urgency=high . * New upstream release. - OPENAFS-SA-2013-003: New support for non-DES enctypes in the long-lived AFS key. This requires deploying rxkad.keytab files on each server containing all of the encryption types for the cell AFS key. Once this is deployed on servers, DES will only be used for the session key. Once deployed on all clients, a stronger security mechanism will be used that allows the DES keys to be removed from the AFS principal in the Kerberos KDC (but still uses DES for some session encryption purposes). (CVE-2013-4134) - OPENAFS-SA-2013-004: Properly support the -encrypt option in vos, including with -localauth. (CVE-2013-4135) * Move the documentation and kernel module build dependencies to Build-Depends-Indep and only do those parts of the build if building architecture-independent packages. * Drop the sequence numbers from the openafs-client init script registration. Debian now always uses dependency-based boot ordering. * Translation updates: - Japanese, thanks victory. (Closes: #714223) openafs (1.6.4-1) unstable; urgency=low . * New upstream release. openafs (1.6.3-1) unstable; urgency=low . * New upstream release. - Support for Linux 3.9 and 3.10. (Closes: #711920) - Multiple fixes for use after free, use of uninitialized memory, and similar C memory management bugs found via code analysis. - Obey jumbo/nojumbo settings for Ubik (database) servers. - General improvements in diagnostic and log messages. - Avoid incorrectly sending small amounts of data over the wire unencrypted in some situations and report the correct error message in this case. - Avoid generating duplicate IDs for readonly and backup volumes. - Return quota and free space information without an access check. - Improve client bookkeeping in the file server, fixing several potential corruption and segfault issues. - Avoid known cases of silent data corruption in background syncs in the file server. - Run-time configuration support for fileserver synchronization. - Fix transient network error interference with establishing a ubik quorum. - Do not discard the persistent client disk cache on restart. - Fix bugs that made it impossible to unmount a disk cache file system after it had been used by the client. * Give openafs-dbserver its own documentation directory rather than linking it to openafs-client, allowing relaxation of the versioned dependency on openafs-client to Recommends. (However, openafs-client will still have to be installed for the openafs-fileserver init script, which uses the bos binary, so will still be pulled in by dependencies.) * Cleanup of the openafs-client postinst script. - Perform all work unconditionally to handle various rare error recovery cases properly. - Only force creation of CellServDB on initial installation or if AFSDB/SRV records are not being used. * Remove openafs-fileserver postinst support for upgrades from ancient versions (1.4.4.dfsg1-4 and 1.4.11+dfsg-3). * General coding style cleanup of maintainer scripts. openafs (1.6.2.1-2) unstable; urgency=low . * Upload to unstable. * Translation updates: - Brazilian Portuguese, thanks Albino B Neto. (Closes: #706627) openafs (1.6.2.1-1) experimental; urgency=low . * New upstream release. - Support for Linux 3.8. * Support configuring -dynroot-sparse via debconf. The AFS_DYNROOT option in /etc/openafs/afs.conf.client is now tri-valued instead of a boolean, and the boolean values will be mapped to the corresponding options on upgrade. Based on work by Jakob Haufe. (Closes: #644564) * Translation updates: - Czech, thanks Martin Šín. (Closes: #705013) - Russian, thanks Yuri Kozlov. (Closes: #705159) - French, thanks Christian Perrier. (Closes: #705296) - Portuguese, thanks Miguel Figueiredo. (Closes: #705307) - Danish, thanks Joe Hansen. (Closes: #705660) - Italian, thanks Beatrice Torracca. (Closes: #705864) openafs (1.6.2-1) experimental; urgency=low . * New upstream release. - OPENAFS-SA-2013-001: Fix fileserver buffer overflow when parsing client-supplied ACL entries and protect against client parsing of bad ACL entries. (CVE-2013-1794) - OPENAFS-SA-2013-002: Fix ptserver buffer overflow via integer overflow in the IdToName RPC. (CVE-2013-1795) - Fix aklog warning about allow_weak_crypto. * Update CellServDB to the 2013-01-28 version. * Fix DKMS builds of the OpenAFS kernel module for amd64 kernels on the i386 architecture by parsing the kernel version for the architecture and kernel class and using that to tell the OpenAFS build system what sysname to use. Patch from Thorsten Alteholz. * Avoid re-running setup after build when building modules from the openafs-modules-source package with module-assistant. This will hopefully avoid an issue where, following an upgrade of openafs-modules-source, module-assistant cannot build new module packages without an intervening module-assistant clean. Patch from Thorsten Alteholz. (Closes: #660622) * Make another attempt at suppressing the wildcard action for building debian/rules to fix problems building module packages using make-kpkg. Patch from Thorsten Alteholz. (Closes: #639475) openafs (1.6.2~pre3-1) experimental; urgency=low . * New upstream prerelease. - Avoid unnecessary panic in kernel module when freeing vcaches. - Add additional objects to the *_pic libraries in support of the AFS Perl bindings. * Remove unnecessary change to the upstream Debian packaging files to support armhf. These files aren't used during a package build, so no need to carry a Debian patch. openafs (1.6.2~pre2-2) experimental; urgency=low . * Restore include of in userspace builds of rx/rx_packet.h to get a definition of MIN and MAX on, at least, powerpc. Thanks, Andrew Deason. openafs (1.6.2~pre2-1) experimental; urgency=low . * New upstream prerelease. - Support Linux kernels up to 3.7. (Closes: #685973) - Fix fileservers to properly report >2 TiB partitions. - Fix stale volume info from vos examine on non-DAFS filservers. - Fix possible volume corruption with vos convertROtoRW. - Fix bosserver to preserve all command-line options over restart. - Fix bosserver to properly kill hung processes during shutdown. - Fixes for memcache, especially on Solaris. - Increase the size of the DNS resolver answer buffer to allow sites with a long response list to use SRV and AFSDB records. - Fix possible abuse of fs mkmount. In previous versions, users could crash a client by nesting volume mounts. - Fix client page cache corruption on Linux. When multiple clients read and write to a file, the reading client may see first couple bytes of a file as nulls. - Support newer glibc versions. * Build-Depend on hardening-wrapper and enable it to work around the current upstream munging of CFLAGS and LDFLAGS. (Closes: #659663) * Fix server installation instructions in README.servers, which used the early demand-attach syntax before separate demand-attach binaries were built. Thanks, Björn Torkelsson. (Closes: #693311) * Remove the symlink from the openafs-fileserver doc directory to the openafs-client doc directory. We used to install this symlink and share doc directories, but this stopped in 1.4.12+dfsg-1. However, dpkg doesn't remove symlinks to a directory, so systems that had upgraded from the older package were overwriting openafs-client doc files with the openafs-fileserver versions. Thanks, Andreas Beckmann. (Closes: #694063) * Switch to xz compression for the upstream tarball, Debian tarball, and binary packages. * Remove debian/import-upstream and change README.source to document using git-import-orig with --upstream-vcs-tag instead. * Move single-debian-patch to local-options and patch-header to local-patch-header so that they only apply to the packages I build and NMUs get regular version-numbered patches. * Update Vcs-* URLs for the new anonscm.debian.org URL layout. * Update standards version to 3.9.4 (no changes required). openafs (1.6.1-3) unstable; urgency=high . * Apply upstream security patches: - OPENAFS-SA-2013-001: Fix fileserver buffer overflow when parsing client-supplied ACL entries and protect against client parsing of bad ACL entries. (CVE-2013-1794) - OPENAFS-SA-2013-002: Fix ptserver buffer overflow via integer overflow in the IdToName RPC. (CVE-2013-1795) openafs (1.6.1-2) unstable; urgency=low . * Translation updates: - Fix German translation encoding. Thanks, Christian PERRIER. (Closes: #678736) - Italian, thanks Beatrice Torracca. (Closes: #671640) openafs (1.6.1-1) unstable; urgency=low * New upstream release. - Do not ignore all InlineBulkStatus errors in file server. - Support for Linux 3.3 and 3.4. - Fix incorrect kernel error handling in afs_notify_change. - Fix locking around RXS_PreparePacket. openafs (1.6.1~pre4-1) unstable; urgency=low * New upstream prerelease. - Always retry busy rx calls and retriable actions. - Do not abort the salvager on large volume IDs. - Ensure one NAT ping connection per srvAddr. - Improvements to the file server address tracking. - Improve locking in the host table in the file server. - Avoid discrepancy between lastBusy and PEER_BUSY. - Allow a null host for callback breaks. - Fix probing for noop_fsync in the Linux kernel. - Fix handling of expired locks in the file server. - Reset blacklisted servers on a hard-mount retry. * Update debhelper compatibility level to V9. * Update standards version to 3.9.3 (no changes required). openafs (1.6.1~pre2-1) unstable; urgency=low * New upstream prerelease. - Disable server-side Rx keepalive during disk I/O. - Avoid timing out on non-kernel busy Rx channels. - Add separate client connection pool for replicated volumes. - Remove SYNC client disable behavior on some error patterns. - Correctly test for the end of the Rx call queue. - Fix cleanup of special inodes on the server. - Provide a public Rx function for toggling keepalive. - Fix connection management in the client checkserver loop. - Discard cached state in the client when unsure of validity. - Fix thread safety of free inode management with demand-attach. - Fix xstat handling of time values on 64-bit platforms. - Increase the idledead time. - Fix return status of fsync on a directory. * Fix afs-newcell's creation of the file server process to pass -localauth. This was broken when demand-attach support was added. Thanks, Florian Hatat. (Closes: #652973) * Fix afs-newcell's unwind of file server process creation. Thanks, Davor. (Closes: #655136) * Description typo, thanks Jonas Smedegaard. (Closes: #657933) * Translation updates: - Danish, thanks Joe Hansen. (Closes: #654933) openafs (1.6.1~pre1-1) unstable; urgency=low * New upstream prerelease. - Install new afsio utility. - Fixes performance issues in both the client and the server. - Rate-limit waiting for volume messages in kernel logs. - Avoid a possible memory allocation issue in ticket data management. - Disable MTU discovery. - Reduce the quantity of NAT pings sent by the client. - Various fixes for demand-attach file servers. - Fix volume lock violations. - Report the bosserver -rxbind address in a file. - Revert process group changes on keyring failure. - Various fixes for the salvager. openafs (1.6.0-3) unstable; urgency=low * Apply upstream deltas to fix file corruption issue in file server: - [c73b6644] viced: disable accelerated copyonwrite - [4e05bc3b] remove CopyOnWrite2 and unused vars openafs (1.6.0-2) unstable; urgency=low * Apply upstream deltas for Linux 3.1 and 3.2 (Closes: #649765): - [f129142] Linux: 3.1: update RCU path walking detection in permission i_op (Closes: #649996) - [7f55b45] Linux: d_delete now takes a const argument - [737a280] Linux: 3.2: Use set_nlink to update i_nlink - [364fad6] Linux: 3.1: adapt to fsync changes - [032736b] Linux: make sure backing_dev_info is zeroed * Add support for armhf. Patch from Konstantinos Margaritis. (Closes: #645395) openafs (1.6.0-1) unstable; urgency=low * New upstream stable release. - Rx NAT pings are not enabled until peer has answered - Numerous fixes to command argument parsing - Avoid crashing on host table exhaustion and defer clients instead - Rx connection reference counting is enabled - An Rx connection reference count leak is fixed in bulkstat - Handle unparsable directory objects - Handle Kerberos credential cache errors in aklog * Generate stub header files that include the actual system header when building libuafs instead of symlinking h to the appropriate directory. Fixes build failures now that Debian has switched to multiarch and moved some of the system headers. (Closes: #639063, LP #831287) * Fix another Doxygen call to generate a configuration file, and remove the generated configuration files after Doxygen runs. * Update CellServDB to the 2011-08-14 release. openafs (1.6.0~pre7-2) unstable; urgency=low * Force use of dblatex to build the manual, even if docbook2pdf is available, since the latter dies with errors about TeX capacity. (Closes: #635306) * Fix generation of protocol documentation from Doxygen headers. Doxygen cannot be called directly on header files and needs a configuration file to be generated first. Thanks, Anders Kaseorg. * Add another dummy rule for ./debian/rules to the kernel module rules file to fix another variation of make-kpkg breakage. openafs (1.6.0~pre7-1) unstable; urgency=low * New upstream prerelease. - Substantial Rx updates to correct erroneous behavior - Salvager tries harder to detect linktable issues - Additional documentation - xstat tools now cope with differing timeval structures between endpoints - Don't attach volumes with special status set in demand attach - Treat Linux 3.0 as Linux 2.6 for sysname purposes * Update README.source for a few changes in procedures and source package format. * Reapply the removal of the Doxygen-generated copy of jquery, since this apparently wasn't as fixed as had been advertised. However, make it conditional on the existence of the jquery.js script, so we should hopefully only fix this where necessary. openafs (1.6.0~pre6-2) unstable; urgency=medium * Urgency set to medium since 1.6.0~pre6-1 has been in unstable for some time, blocked only by the armel build problem, and 1.6.0~pre4-1 in testing has serious bugs. * Revert the removal of Doxygen's jquery copy. This has now been fixed in the Doxygen package. * Disable optimization on armel to work around #630746. openafs (1.6.0~pre6-1) unstable; urgency=low * New upstream prerelease. - Don't do unnecessary page invalidation with directories. - Flush vcaches in afs_shutdown for better callback givebacks. - Fix the vnode type for dynroot FIDs. - Fix volinfo -filenames. - Fall back to afs3-vlserver for SRV records for afs3-prserver. - Fix a client locking issue on ICBS that could deadlock. - Fix callback state handling with demand-attach when salvaged. - Fix reference leak in GetCapabilities. - Document DNS SRV record usage in afsd man page. * Add a dummy debian/rules rule in the kernel module rules file to fix builds with make-kpkg. (Closes: #622260) * Remove and symlink the copies of jquery generated by Doxygen and add a Recommends on libjs-jquery for openafs-doc. openafs (1.6.0~pre5-2) unstable; urgency=low * Apply upstream patch from http://gerrit.openafs.org/#change,4656 for correct reading of files larger than the chunk size. * Use dpkg-buildflags to get the default values of CFLAGS, CPPFLAGS, and LDFLAGS. Upstream does not entirely honor these yet, but we're getting closer. * Update to standards version 3.9.2 (no changes required). openafs (1.6.0~pre5-1) unstable; urgency=low * New upstream prerelease. - Avoid downward vcache pressure when entries are free. - Avoid client to fileserver deadlock during callback giveup. - Improve calculation of when to flush vcaches. - Don't read pages beyond the cache EOF. - Improve file server reference counting, locking, and logging. - Rename the OpenAFS com_err library to avoid conflicts. - Restrict the number of CBRs allocated at once. - Permit importing of -md5 and -md4 keys with asetkey. - Fix token return in aklog with 524 conversion. * Apply upstream patch from http://gerrit.openafs.org/#change,4654 to fix a configure problem detecting Linux kernel properties, leading to a lockup on 2.6.38 kernels. * Update import-upstream and README.source for moving 1.6 from the experimental and upstream-1.5 branches to the master and upstream branches. * Change to Debian source format 3.0 (quilt). Force a single Debian patch for simplicity since the packaging is maintained in Git using branches, and include a patch header explaining why. openafs (1.6.0~pre4-1) unstable; urgency=low * Upload to unstable. * New upstream prerelease. - Fix file descriptor leak in the file server that could result in corrupted files. - Properly support large volume numbers. - Document current client setuid behavior. (Closes: #612608) - Allow salvager to be run manually with demand-attach servers. - Properly report setpag() errors. * Apply upstream deltas: - [1e322b88] Linux: 2.6.39: deal with BKL removal - [a8aa6f42] Linux: 2.6.39: replace path_lookup with kern_path * Declare optional dependencies in the openafs-client init script on openafs-fileserver so that, if the same host is running both a fileserver and a client, the fileserver starts before and stops after the client. openafs (1.6.0~pre3-1) experimental; urgency=low * New upstream prerelease. - Revert UUID support in vos. - pt_util fixed to properly create new database. - MTU discovery now properly shut down on call reset. - FUSE client support fixed for non-/afs mounts. - A deleted volume can now be recreated properly. - Callbacks are again not broken during whole partition salvages. - Positional vectored IO fixed. - Fileserver per-client thread usage again properly enforced. - Anonymous dropbox support improved and drawbacks documented. - Ensure vnodes are not reallocated while in use for demand-attach. - Perform vcache eviction via a fast path before visiting vcaches where sleep is needed. * Apply upstream deltas: - [17b48f99] Add missing semicolon (Closes: #618496) - [ee2811b0] viced: Allow checkout of VOL_STATE_DELETED volumes openafs (1.6.0~pre2-1) experimental; urgency=low * New upstream prerelease. - Avoid spurious Rx connection timeouts. - Do not retry Rx calls on channels returning busy errors. - Fix double-free error in the vos command-line utility. - Properly enable Rx connection hard timeouts. - Fix lock initialization in Rx. - Check for /afs existence before starting unless -nomount given. - Fix panic when using /afs/.:mount syntax. - Avoid a panic in memcache mode due to missing CellItems file. - Attempt to recover more quickly from timed-out volume releases. - Improve speed of volume removal. - Improve CPU utilization during demand-attach volume attachment. - Fix various error handling problems. - Linux 2.6.38 support. - Improve correctness and performance in cache bypass mode. - Avoid extra runs of the vcache freeing routine. * In README.modules, document the need to install the Linux headers package in the DKMS instructions and the need for module-assistant clean openafs in the module-assitant instructions. (Closes: #606235) openafs (1.6.0~pre1-1) experimental; urgency=low * New upstream prerelease. - Rx performance improvements. - Correct byte order handling of port in SRV record lookups. - More robust vos release to sites previously marked "don't use." - vos properly matches sites with multihomed servers. - Fix ptserver supergroups support on 64-bit platforms. - Bug fixes for demand-attach salvaging. - Avoid potential crash when attaching a volume fails. - Properly hold the host lock during host enumeration in fileserver. - Use larger I/O sizes in memcache to improve performance. - Avoid potential alignment issues in pioctl calls. - Servers now marked down when GetCapabilities returns an error. - Avoid blocking xvcache lock when freeing in-use vcaches. - In-use vcache count now properly tracked. - Properly configure LWP to use ucontext on appropriate platforms. - Eliminate spurious AFS system call errors. - Linux 2.6.37 support. * Apply upstream deltas: - [4a3e5291] Update NEWS for 1.5.78 and 1.6.0pre1 * In the openafs-client init script, don't attempt to stop or restart the AFS client if module loading is disabled. Stopping afsd without unloading the module would leave the system in an inconsistent state. * Add $named to Should-Start in the openafs-client init script since the client may do DNS lookups for the VLDB and file servers during startup in some situations. (Closes: #586226) * Drop --enable-reduced-depends for right now. aklog doesn't deal with it correctly. * Now that upstream has renamed compile_et to afs_compile_et, include it in libopenafs-dev. * Update CellServDB to the 2010-12-13 version. openafs (1.5.77-2) experimental; urgency=low * Apply upstream deltas: - [ca2a7363] libuafs: Don't #define user (fixes armel build) - [f7f366d0] Link dafssync-debug(8) to fssync-debug(8) - [a2cf6b8d] Fix POD errors in fileserver and dasalvager - [e36b4e00] Update bos create man page for new demand-attach * Add backslashes to the DKMS command, which will be required once DKMS uses proper shell quoting. * In openafs-modules-source, use /lib/modules/`uname -r`/build as the default path to the kernel headers rather than /usr/src/linux. Current kernel header packages will create an appropriate symlink there. This default is only used when neither module-assistant nor kernel-package are used. * In the openafs-client init script, stop looking for openafs.o; Debian hasn't supported 2.4 kernels for quite some time. Remove all the $MP handling since we force a module name of openafs.ko using --with-linux-kernel-packaging. openafs (1.5.77-1) experimental; urgency=low * Apply upstream deltas: - [7594331c] Add NEWS entries for OpenAFS 1.5.77 and 1.5.76 * New upstream testing release. - Demand-attach servers are now always built and installed under separate names (dafileserver, davolserver, dasalvager). This means that the default names are no longer demand-attach, which means that upgrades from previous experimental versions will fail (but upgrades from non-experimental versions will be much cleaner). - Linux 2.6.36 support and improved freezer interface support. - More robust path MTU detection. - Return VNOVOL from fileserver when a volume is deleted. - Improve handling of some corruption in the salvager. - Relax too-strict checks in ptserver on foreign names. - Better reporting of failures during volume attach. - Better fileserver handling of host hash collisions. - Fix statistics reporting in RXAFS_GetStatistics64. - Improved disconnected mode reference tracking. - Avoid a kernel panic during vcache contention. - Fix potential kernel panic during bulkstatus. - Better vos dry-run mode for syncvldb and syncserv. - Fix s390x kernel build support. * Update afs-newcell and README.servers to recommend using the demand-attach fileserver binaries and dafs bos type. * Force disabling of Linux syscall probing in kernel module builds. * Remove obsolete --enable-demand-attach-fs and --enable-disconnected configure flags. These are now unconditional upstream. * The openafs-fileserver init script now depends on $named since apparently the volserver requires DNS during startup. Thanks, Jaap Winius. (Closes: #589783) * Use dpkg --print-architecture, not --print-installation-architecture, in the openafs-fileserver config script. The latter is deprecated. Thanks, Peter Palfrader. (Closes: #594488) * Add a dependency on libc6-dev to openafs-modules-dkms. dkms doesn't depend on it because most kernel modules don't need it, but openafs builds userspace helper programs. Thanks, Peter Palfrader. * Fix the sample CellServDB entry printed by afs-newcell if the cell isn't found in /etc/openafs/CellServDB to include the correct server syntax. Thanks, Peter Palfrader. * Run the DKMS build commands in a subshell to work around a DKMS bug that caused the module build logs to be discarded. (LP: #593509) * Add a status command to the openafs-fileserver init script. * Update to debhelper compatibility level V8. - Rewrite debian/rules to use dh and overrides. - Use dh_installdocs --link-doc to handle linked doc directories. - Rewrite debian/module/rules to use dh and overrides. - Bump -source package dependency and compat to debhelper 8. * Add ${perl:Depends} to openafs-modules-dkms and perl to the dependencies of openafs-modules-source, since Perl is used as part of the module build system now. * Remove bison and flex dependencies for the module build packages. We now ship the results of rxgen, so don't need all the tools required to build the full source tree. * Update standards version to 3.9.1 (no changes required). openafs (1.5.75-2) experimental; urgency=low * Apply upstream deltas: - [57d727da] Link libafsauthent with -lresolv if required - [c3fc948e] Check for crypt in external library - [a1351d48] Fix ktime test on 64-bit systems * Use --after instead of --remaining in binary-indep to avoid running dh_auto_install and doing the installation process again. openafs (1.5.75-1) experimental; urgency=low * New upstream testing release. - Path MTU discovery for networks with bad fragmentation. - New -human flag for human-readable units in some fs commands. - Provide reasons for locked volumes in vos when known. - Improvements to Rx ping and NAT handling. - Improvements to the userspace AFS client. - Substantial updates to the Administrator's Guide. - Various bug fixes and improvements to the file server. - Force core file generation in bosserver. - Improve vlclient and vldb_check. - Avoid volume corruption on creation if files were left over from a previous failed cleanup. - Do not tie up fileserver threads with volumes being taken offline. - Break origin's callback on the target of a rename operation. - Do not open /dev/console in the fileserver. (Closes: #582111) - Avoid unneeded sync() calls in the fileserver. - Update client disk cache version. - Parallelization improvements in lock management in the client. - New -dynroot-sparse mode for afsd to not show all cells in the CellServDB until that cell is needed. - Fix aklog crash with linked cell handling. - Fix fs getserverprefs -vlservers with default CellServDB list. - Report server address when logging warnings. - Avoid panic in GetCapabilities with an unknown cell. - Report process name and ID for advisory lock warnings when possible. - Flush pending changes to server when releasing file locks. - Various other client bug fixes on error handling and callbacks. - Disable syscall probes when keyrings are supported. - Use filehandles for all Linux 2.6 versions to avoid incompatibilities with mismatched afsds. - Update Linux kernel support for 2.6.35. - The stripped source tree generated for kernel module builds is now truly architecture-independent and can build on i386 for amd64 kernels (for example). (Closes: #518270) - Fix build problems on alpha. * Apply upstream deltas: - [bbce0515] Add NEWS entries for 1.5.75 - [c790e7d0] Remove a few erroneous NEWS entries for 1.5.75 - [9e2aba99] Fix ktime test for errors - [5cc6293c] Provide man pages for more fssync-debug commands * Set the OpenAFS build version to the Debian package version with -debian appended so that the Debian package versions can be distinguished from unmodified upstream versions. * Build shared library packages for libafsauthent and libafsrpc. Upstream is now more careful about the ABI. (Closes: #433054) * Explicitly link libafsauthent with -lresolv -lcrypt. This is a temporary fix for Linux that will be replaced by a better upstream fix in the next release. * openafs-modules-source and openafs-modules-dkms are now architecture: all. The generated kernel source is now architecture-independent. * openafs-modules-source and openafs-modules-dkms now recommend an appropriate version of openafs-client. * Update kernel module packaging scripts: - Remove selection of linux-image vs. kernel-image for kernel names. - Use Breaks instead of Conflicts. - Update standards version to 3.9.0. * Tighten the dependencies on openafs-client in packages that symlink their /usr/share/doc directories to openafs-client's to meet the Policy requirements for changelog files. * Remove the lpia architecture. This was an experiment in Ubuntu that has apparently been dropped. * Add preliminary support for powerpcspe, mapping that architecture to ppc_linux26. The kernel build won't work unless uname -m on that architecture returns ppc. * Minor update to README.Debian for openafs-doc: the old IBM release notes are no longer included. * Remove conflicts/replaces/provides for openafs-ptutil, which was ancient (removed in 2001). * Install an upstream changelog file now that upstream provides one. * Add a workaround in the clean target to allow the same packaging files to be used by upstream, which removes changelog during distclean because it's Autoconf-generated. This workaround will not trigger during a normal Debian package build. * Update standards version to 3.9.0. - Use Breaks instead of Conflicts where appropriate. openafs (1.5.74.1-1) experimental; urgency=low * New upstream testing release. - Correctly recognize cache version differences in upgrades from 1.4 and invalidate the old cache. - Resolve symlinks in fs rmmount. - Include PID in byte-range lock warning. * Preserve the AFS mount point and cache directorys set in /etc/openafs/cacheinfo if the file already exists rather than overwriting them with the defaults. Thanks, Liam Healy. (Closes: #580077) * In the openafs-client init script, don't assume that AFS is mounted on /afs when unmounting it or killing processes with AFS files open. Instead, parse /etc/mtab to find the AFS mount point. * Move the experimental afsd.fuse AFS FUSE client into openafs-fuse to avoid adding a FUSE dependency in openafs-client. Document its current limitations in the package description. openafs (1.5.74-2) experimental; urgency=low * Apply upstream deltas: - [e6f6c349] Fixes and clarifications to vos setaddrs man page - [d80382ef] Remove special-case call for KAM_SetPassword on s390 * Fix ucontext detection on ppc_linux26, hopefully fixing build failures on the Debian powerpc architecture. * Install afsd.fuse and a man page link for it if the FUSE client build is enabled. * Add build dependency on libfuse-dev and pass --enable-fuse-client to configure so that the new FUSE afsd is built. Install afsd.fuse into the openafs-client package for the time being; it will move to some other package before being uploaded to unstable so that openafs-client doesn't keep a dependency on libfuse. There is, as yet, no documentation or init script support for the FUSE implementation. openafs (1.5.74-1) experimental; urgency=low * New upstream testing release. - New vos setaddrs command. - Significant improvements to libuafs (user-space AFS client). - Initial FUSE implementation for afsd. - pts mem -supergroup and -expandgroups options. - Rx lock acquisition and thread safety fixes. - Fileserver capabilities support for the UNIX client. - Various afsmonitor improvements. openafs (1.5.73.3-1) experimental; urgency=low * New upstream testing release. - New demand-attach file server support for greatly improved file server restart times. - Support for split readonly/read-write client caches. - Better client handling of file server meltdowns. - Experimental read-only client disconnected mode. - NFS translator clients now work properly on Linux. - Client cache readahead. - Network performance improvements. - New libkopenafs library providing a kernel PAG manipulation interface (a subset of the API provided by Heimdal's libkafs). * Apply upstream deltas: - [7d395f17] Improve demand-attach fileserver bos documentation - [a763edc3] Make src/rx/rx.c not executable - [8d41bc24] Reallocate memory in aklog for the AFS ID string - [be449999] Fix typo in bos_create manpage - [fdb9429e] Linux: kmap() not page_address() * Build OpenAFS with demand-attach enabled for the file server, bos restricted mode enabled for bosserver, and disconnected mode enabled for the client. Except for demand-attach, these options don't change the default behavior, just make new capabilities available. * The openafs-modules package now provides openafs-modules3 and conflicts on pre-1.5.61 openafs-client packages since the interface between afsd and the module has changed. openafs-client now conflicts with openafs-modules2 and recommends openafs-modules3. * Change the default permissions of /etc/openafs/server to 0755 to match upstream defaults, but do not change permissions on upgrade. The only file in that directory that needs to be protected is KeyFile, which should be mode 0600 anyway. Drop the patch to bosserver to allow more restrictive permissions. bosserver will complain about directory permissions after upgrade until the directory is manually changed. * Upstream now installs afszcm.cat and finds it in /usr/share/openafs/C, so use the version installed via make install and install it in the same location. * Upstream builds specific files with -fno-strict-aliasing where needed, so we no longer need to build the whole source with that flag. * Upstream no longer includes files covered by the Apple Public Source License, so we no longer have to repackage the upstream source to remove those files. Drop Debian patches to the build system that were compensating for the removal of those files. * Switch to generating upstream tarballs from the upstream Git tag rather than from tarball releases. There's no reason to include all the generated files when we're going to regenerate them anyway, and this saves effort combining the doc and src tarballs. openafs (1.4.14+dfsg-2) unstable; urgency=low * Apply upstream deltas, including 2.6.38 support: - [2325283b] vos status: actually show created time - [f6a272c6] vos: Mark longjmp-used variables as 'volatile' - [70c0dd9e] Honour --enable-debug for userspace parts - [15908bb1] vol: Log ignored dirs that look like partitions - [f7721817] volser-higher-thread-limit-20080327 - [166019b1] Linux: Add autoconf macro for structure checks - [62c7e0b0] Linux: Add general autoconf macro for Linux kernel - [a9ca625b] allow compile flags to be passed to AC_CHECK_LINUX_BUILD - [29855d9d] 2.6.38: Adjust for permission inode operation changes - [0d95e6b8] linux: 2.6.38: New d_op handling - [9a915340] linux: 2.6.38: Make d_revalidate RCU-walk aware - [9e614faf] Linux: 2.6.38: deal with dcache_lock removal - [fe8d833e] Linux: 2.6.38: dentry->d_count is not an atomic - [7350bf89] Fix Linux: 2.6.38: dentry->d_count is not an atomic * Apply backported keyring fixes from Anders Kaseorg in Ubuntu package: - [c4537f04] Don't count root session keyrings against quota (LP: #723481) - [dfcd3fca] Linux: Reduce key_alloc flags confusion (from http://gerrit.openafs.org/4033) - [01c6e6bb] Linux: install_session_keyring: key_alloc flags are unsigned long (from http://gerrit.openafs.org/4034) * In README.modules, document the need to install the Linux headers package in the DKMS instructions and the need for module-assistant clean openafs in the module-assitant instructions. (Closes: #606235) openafs (1.4.14+dfsg-1) unstable; urgency=low * New upstream release. - Fix a double-free, which allows an attack against any krb5-aware Rx service by exploiting when the double-free occurs in ASN1 payloads in network packets. - In the Linux kernel module's flock support, avoid dereferencing a pointer that is not a pointer due to failing to properly ERR_PTR a return value. - Add support for Linux kernels up to 2.6.37. (LP: #675768) * Add $named to Should-Start in the openafs-client init script since the client may do DNS lookups for the VLDB and file servers during startup in some situations. (Closes: #586226) * Use dpkg --print-architecture, not --print-installation-architecture, in the openafs-fileserver config script. The latter is deprecated. Thanks, Peter Palfrader. (Closes: #594488) * Add a dependency on libc6-dev to openafs-modules-dkms. dkms doesn't depend on it because most kernel modules don't need it, but openafs builds userspace helper programs. Thanks, Peter Palfrader. (Closes: #607903) * Fix the sample CellServDB entry printed by afs-newcell if the cell isn't found in /etc/openafs/CellServDB to include the correct server syntax. Thanks, Peter Palfrader. openafs (1.4.12.1+dfsg-3) unstable; urgency=low * Apply upstream deltas: - [639c0e46] ubik: ntohl on reading the replay log - [fd19dd09] vol AttachByName should mimic other volpkg errors - [ebb6accf] Include com_err.h in dumpstuff.c * The openafs-fileserver init script now depends on $named since apparently the volserver requires DNS during startup. Thanks, Jaap Winius. (Closes: #589783) * Run the DKMS build commands in a subshell to work around a DKMS bug that caused the module build logs to be discarded. (LP: #593509) * Add a status command to the openafs-fileserver init script. * Update standards version to 3.9.1. - Remove obsolete conflicts/replaces/provides on openafs-ptutil. openafs (1.4.12.1+dfsg-2) unstable; urgency=low * Apply upstream deltas to fix crashes in the file server: - [f9e1b702] Do not use AFS_PTR_FMT or %p in 1.4 * Remove the lpia architecture. This was an experiment in Ubuntu that has apparently been dropped. * Add preliminary support for powerpcspe, mapping that architecture to ppc_linux26. The kernel build won't work unless uname -m on that architecture returns ppc. * Minor update to README.Debian for openafs-doc: the old IBM release notes are no longer included. openafs (1.4.12.1+dfsg-1) unstable; urgency=low * New upstream release. - Support for Linux 2.6.34. (LP: #566956) - Fix some possible kernel panics. * Apply upstream deltas: - [c29ac4fe] viced host UUID and address hashing corrections - [3fc5c531] prdb_verify -rebuild with supergroups fix * Adjust get-orig-source to cope with tarballs for patch releases being in the same directory as the parent normal release. openafs (1.4.12+dfsg-5) unstable; urgency=low * Skip killing processes with files open in AFS if AFS does not appear to be mounted according to /etc/mtab. Otherwise, we may call lsof without a specific mount point and kill far more processes than we intend to. (This code is disabled by default, so this problem would only be seen by people who enabled it.) openafs (1.4.12+dfsg-4) unstable; urgency=low * Apply upstream deltas: - [a2701509] Linux: don't count pag keys against root's keyring quotas - [3c1d60a1] VOL_LOCK needed when traversing DiskPartitionList - [89193695] Adjust afs_lockctl for byte-range lock fixes - [0bec77e1] Don't ignore error code from session keyring creation * Preserve the AFS mount point and cache directorys set in /etc/openafs/cacheinfo if the file already exists rather than overwriting them with the defaults. Thanks, Liam Healy. (Closes: #580077) * In the openafs-client init script, don't assume that AFS is mounted on /afs when unmounting it or killing processes with AFS files open. Instead, parse /etc/mtab to find the AFS mount point. openafs (1.4.12+dfsg-3) unstable; urgency=low * Apply upstream deltas: - [135e196b] Create missing root directory when ORPH_ATTACH - [190ef2cb] volmonitor keep vtrans lock - [812dcc2c] Increase the maximum number of sysnames - [a123d4ab] Print rxdebug statistics as unsigned values * If the user configures openafs-client to use AFSDB records for VLDB server location, don't prompt the user for VLDB servers for the local cell even if they're not present in CellServDB and don't try to add an entry for the local cell to CellServDB. (Closes: #575299) openafs (1.4.12+dfsg-2) unstable; urgency=low * Apply upstream deltas: - [4ca7b6fc] Remove lih_r - [f3899ac3] Allow GetSomeSpace_r to select an optimal host - [94a43966] h_TossStuff_r: check held-ness after lock - [b78eeb0c] h_TossStuff_r: make sure host does not go away - [0583af32] volmonitor copy link before calling free - [eb799d07] Move non-executable stack assembly code to end of file * Build with -fno-strict-aliasing. The upstream development branch has a better fix that selectively enables this for specific files with known problems, but be conservative for the stable release. openafs (1.4.12+dfsg-1) unstable; urgency=low * New upstream release. - Enable weak encryption types in aklog and klog.krb5. - Build support for Linux 2.6.33. - Improvements to host tracking safety in the file server. - Fall back to current kernel credentials if we can't use stored ones. - Fix truncation handling in some large file situations. - Further fixes to mmap handling. - Avoid double-free in some FetchData64 error situations. - Stop warning about system call hooks when keyrings are in use. - Flush vcaches when a mount fails to avoid inconsistent data. - New dump tag and length standard for vos dump. - Fix stack executability for programs containing assembly code. - Various salvager robustness fixes. * Use dh_dkms from the DKMS package to handle creation of the maintainer scripts for openafs-modules-dkms rather than rolling our own. (LP: #497149) * Update init script to require $remote_fs be started first and stopped after OpenAFS. This won't be the case in the long run, but for now some important boot-time options need /usr/bin/fs to set them. * List $syslog in Should-Start for the openafs-client init script, since otherwise if loading the module causes a kernel panic, it won't be logged to disk. * Update CellServDB to the 2010-02-28 version. * Add README.source explaining maintenance procedures and a debian/import-upstream script to do a Git-aware merge of a new upstream release that will allow us to cherry-pick upstream patches and do proper merges. * Stop linking the openafs-fileserver doc directory to openafs-client so that we can provide a separate NEWS.Debian. * Update standards version to 3.8.4 (no changes required). openafs (1.4.11+dfsg-6) unstable; urgency=low * Apply upstream deltas: - [c12ec354] Fix write_begin configure test for recent RHEL kernels - [b7198421] Fix memory allocation warnings at shutdown - [7183c113] Do not check *aoutSize in PGetPAG - [c0323c49] cm: address race condition in afs_QueueVCB - [ad6dabdc] Clean up console message - [c9f7fe37] Make ktc_curpag also detect ONEGROUP PAG gids - [2f87c43e] volser transaction object race conditions - [2d6c0390] Add array bounds checking in h_Enumerate - [70f6a328] Check for (hostFlags & HOSTDELETED) after h_Lock_r - [c7a59397] Avoid IHandle leak when failing to attach volume * Remove incorrect return call in shutdown_icl() introduced by b7198421. * Do not attempt to build the kernel module with DKMS if the appropriate Linux headers aren't installed. Based on code from the common DKMS postinst script (which we'll just use once it's reliably available). Thanks, Anders Kaseorg. (LP: #487535) * Fix configure flags used for enabling or disabling LWP and kernel debugging flags and always pass --disable-strip-binaries. * Fix the openafs-dbg dependencies and package description to reflect its inclusion of debugging symbols for all server binaries in openafs-fileserver and openafs-dbserver, but not the legacy PAM modules. * In anticipation of a change in dpkg-source's defaults, force source package format 1.0. The package is maintained using Git and generating a proper quilt series is complex and relatively pointless work, so the additional complexity of the 3.0 format is currently not that useful. * Change section of openafs-modules-dkms to kernel to match override. openafs (1.4.11+dfsg-5) unstable; urgency=low * Apply upstream deltas: - [7833e472] Make afsd.pod reflect reality - [c9974c7a] Avoid prematurely destroying callback_rxcon - [9b37972e] Linux: 2.6.32 - Adapt to writeback changes - [abdf72bc] Linux: Avoid deadlock in readdir - release GLOCK for filldir - [bdb4f98a] Protect rx_call iovq from simultaneous attempts to empty it - [c08609ae] Avoid using released hosts - [a410b7fd] Linux - Fix disk cache access for selinux/AppArmor constrained processes (LP: #415766) - [49094ccf] Add automatic sysname detection for ARM Linux - [525b594a] Make ktc_curpag generally available (LP: #446521) * In the postinst of openafs-modules-dkms, if the openafs module is already added in DKMS, try to remove it first before adding it. This should more correctly handle the case of a user installing this package without the correct kernel headers, having it fail in postinst, and then installing the correct headers and having dpkg attempt to configure the package again. Thanks, Philipp Kaluza. (Closes: #553542) openafs (1.4.11+dfsg-4) unstable; urgency=low * When changing the name of the source package built by openafs-modules-source, we need to change the package name in the changelog as well or dpkg-gencontrol explodes. Thanks, Aaron M. Ucko. (Closes: #549140) openafs (1.4.11+dfsg-3) unstable; urgency=low * Apply upstream deltas: - openafs-stable-1_4_x/fileserver-no-negative-fetchdata-20090926: never return a negative data length from client reads past the end of a file. - openafs-stable-1_4_x/fileserver-gethost-r-cleanup-fixes-20090925: fix memory leak and possible double-free in error handling cases in fileserver. - openafs-stable-1_4_x/fileserver-retry-registeraddrs-20090810: retry VL_RegisterAddrs in the file server on failure. - openafs-stable-1_4_x/kernel-init-vrequest-structure-20090914: properly initialize vrequest structure in the kernel. * Change the permissions of /var/lib/openafs/local to 0700 to match upstream defaults. This directory contains the fssync.sock file used for coordination between the fileserver and the volserver, and commands sent to that socket are not authenticated. Linux protects the socket from unprivileged writes by default, but other operating systems do not. Upstream therefore wants this directory to be 0700 and bosserver will complain by default if it's not. Changing the permissions let us drop a patch to bosserver. * Fix the second module control file for the standards version, section, and maintainer update. * Change the source package name of the stripped package generated by openafs-modules-source so that, should someone build a Debian source package from it, it won't have the same name as the main openafs source package. openafs (1.4.11+dfsg-2) unstable; urgency=low * Add armv5tel to debian/sysname, mapping it to arm_linux26. Patch from Daniel Bayer. Also make the similar change for the module source package. (Closes: #542315) * Also install restorevol in the openafs-client package. * Swap maintainer and uploaders in the packaging files for the module source package, matching the main package. * Update standards version to 3.8.3. - Change section of packages generated by openafs-modules-source to kernel. - Add Homepage to packages generated by openafs-modules-source. openafs (1.4.11+dfsg-1) unstable; urgency=low * New upstream release. openafs (1.4.11~pre3+dfsg-1) unstable; urgency=low * New upstream release candidate. - Further fixes for rcu_read_lock dependencies in some kernels. - Clean up return values of Linux vnode operations. - Call inode's setattr operation correctly. * Ignore failures to remove an existing DKMS tree in the prerm of the openafs-modules-dkms package. In the possible cases where the tree may not be present to be removed, failing package removal doesn't make sense. (Further addresses LP #368471.) * Don't install man pages for fs command variants that are only available on Windows. * Bring src/config/linux-version closer to upstream since upstream now handles unversioned source directories. There is one remaining change required to search for UTS_RELEASE in the correct header path. * Update CellServDB to 2009-06-29 version. * Translation updates: - Russian, thanks Yuri Kozlov. (Closes: #534807) openafs (1.4.6.dfsg1-2) unstable; urgency=low * Apply additional upstream patches to the 2.6.24 support to fix builds with older kernels. Thanks to Felix Koop for the testing. (Closes: #458331) * Remove old /etc/openafs/server-local files from older versions when purging openafs-fileserver. * Minor reformatting of openafs-client's postrm. * Remove databases on purge of openafs-dbserver. * Remove log files when purging openafs-fileserver or openafs-dbserver per Policy 10.8. openafs (1.4.6.dfsg1-1) unstable; urgency=low * New upstream release. - Fixes multiple serious problems with the file server. * Apply upstream patch for Linux 2.6.24 support. Thanks to Anders Kaseorg for researching the necessary deltas. (Closes: #456258) * Apply upstream patch to allocate vnodes from the malloc pool rather than off the stack, fixing file server problems on SPARC. Thanks to Barney Sowood for tracking down the patch. (Closes: #448380) * Apply upstream patch from the 1.5 series to allow multiple realms to be listed in the server krb.conf and hence treated as local. * Build bosserver with --enable-bos-new-config. On startup, if BosConfig.new exists, it will be renamed to BosConfig before the configuration is read. (Closes: #453398) * Add a comment to /etc/openafs/afs.conf.client that the file is managed by debconf. (Closes: #447183) * Add more debugging and bug reporting instructions to README.Debian. * Mention in README.Debian that the server is built with supergroups enabled and with the multiple local realm patch. (Closes: #453399) * Support reconfigure in postinst. * Recode debian/copyright to UTF-8. * Update to standards version 3.7.3 (no changes required). openafs (1.4.5.dfsg1-1) unstable; urgency=low * New upstream release. - Even with a new enough Linux kernel to support keyrings, we still may have found the system call table and need to clean it up when unloading the module. (Closes: #448793) * Use uname -m rather than dpkg --print-architecture to determine the sysname for kernel module builds. Otherwise, builds with a different kernel architecture than userspace (amd64 kernels with i386 userspace, for example) don't work. Thanks, Anders Kaseorg. (Closes: #448452) * Fix signing the generated the changes file on a kernel module build. The module build file reorganization required an additional change to genchanges. Thanks, Anders Kaseorg. (Closes: #448449) * Expose prototypes for the ktc_* functions. (Closes: #449432) * Fix man pages for subcommands to use an underscore in the NAME section instead of a space so that they'll be indexed properly by the current groff and man-db. * Update CellServDB to 2007-10-25 GCO release. * Add Homepage to the package control fields. openafs (1.4.4.dfsg1-7) unstable; urgency=low * Switch to quilt for managing patches to the upstream source. * Stop installing the Administrator's Reference. All of the useful information in here has been converted to man pages. * Use the upstream man page for pt_util, which lets us remove the docbook-to-man build dependency. * Update to the latest CellServDB from grand.central.org. * Trim additional unuseful debug information from openafs-dbg. * Restructure the source for the module package. The build files for the module build are now in debian/module in the source package and there is a completely separate rules file. This way, the module build rules don't have to depend on quilt and the structure is clearer. * Fix debhelper dependencies for the module build. * Update module standards version to 3.7.2 (no changes required). openafs (1.4.4.dfsg1-6) unstable; urgency=low * Apply upstream patch for the OpenAFS file server to treat clients that have an all-zero UUID as if they don't have UUID support, working around bugs in various client versions that can cause multiple hosts to use all-zero UUIDs and conflict with each other. * Use dpkg --print-architecture to determine the AFS sysname for both regular builds (avoiding --print-installation-architecture, which is deprecated) and kernel builds (avoiding arch, which is temporarily not in unstable and which wouldn't do the right thing for cross-compiles). Thanks, Chris Hanson. (Closes: #435765) * Add hppa as a recognized architecture for kernel module builds, although OpenAFS currently only supports 2.4 kernels on HPPA so this isn't that useful. openafs (1.4.4.dfsg1-5) unstable; urgency=low * Apply upstream patch from Jeffrey Hutzelman to fix syscall probing on AMD64 with Linux 2.6.22 kernels. (Closes: #430179) * Add a union to des_ks_struct and reorder includes to get the correct alignment for DES code on SPARC. Thanks, Chaskiel Grundman. Partly addresses #415952. * Fix a typo in debian/kern-sysname that caused openafs-modules-source to still assume all ia64 systems used Linux 2.4. Thanks, Jakob Haufe. (Closes: #432344) * Use LSB logging functions for openafs-fileserver and support passing arguments to bosserver in /etc/default/openafs-fileserver by setting DAEMON_ARGS. * Clean up more completely after a purge of openafs-fileserver. Remove the files created by the server in /var/lib/openafs/local, remove KeyFile and CellServDB.old from /etc/openafs/server, and remove BosConfig from /etc/openafs. openafs (1.4.4.dfsg1-4) unstable; urgency=low * Apply upstream patch from Jeffrey Hutzelman to fix kernel module builds on ppc64. (Closes: #427555) * Apply upstream patches for Linux 2.6.22 support. (Closes: #428401) * Apply upstream patch to fix the AFS /proc structure under Linux 2.6.22.1 and later. * Move /etc/openafs/server-local to /var/lib/openafs/local. Most of the files here are automatically generated and hence not configuration files, and the file server has to write to this directory to start (so having it in /etc breaks read-only / file systems). Thanks, Alexei Sheplyakov. (Closes: #405697) * Move upserver and upclient to /usr/lib/openafs (from /usr/sbin) to match upstream's layout and for consistency with the other servers run via bosserver. * Use --name instead of --exec in the openafs-fileserver init script and drop the --pidfile option (bosserver doesn't create a PID file) so that we don't start a second bosserver on upgrades. * Go back to using krb5-config. The dependency problem has now been fixed on all platforms in the krb5 package and this is the preferred upstream method. openafs (1.4.4.dfsg1-3) unstable; urgency=low * Always generate a UUID on client startup even if for some reason we don't think we have any network interfaces. Otherwise, the client will use an all-zeroes UUID, which will collide with every other client with the same problem. * When afsd is started with -rmtsys, it starts another process that afsd -shutdown doesn't kill. Update the init script to kill this process on stop. (Closes: #405982) * Don't use krb5-config to get a library list. It runs the risk of encoding unnecessary library dependencies. Instead, hard-code the flags and libraries we actually need. (Closes: #424448) * When loading a module using the upstream naming convention, don't append the .mp to the module name for modprobe. (Closes: #420597) openafs (1.4.4.dfsg1-2) unstable; urgency=low * Debian kernels as of 2.6.20 enable CONFIG_PARAVIRT, which redefines several core kernel calls as redirects through a paravirt.ops table that's marked GPL-only. This breaks all non-GPL modules that used those (previously generally exported) calls even indirectly. Apply a hack to switch from spin_lock_irq to spin_lock_irqsave to avoid the paravirt redirection so that the module will build. * Enable ucontext for all Linux builds with glibc 2.4 or later, not just with i386 and amd64, and (following an upstream patch) always use ucontext on ia64. Newer versions of glibc change internal structures in ways that cause the old LWP code to have stack overflows. (Closes: #419903) * Apply upstream patch to crashes on contention in afs_xuser when a process in a PAG exits. Thanks, Chaskiel Grundman. * When determining the AFS sysname for kernel module builds, add explicit cases for 2.6 kernels for all architectures that support them (everything except non-64-bit sparc_linux). Fixes build problems with ia64 and probably other architectures. Thanks to Ippokratis Pandis for the debugging help. (Closes: #411818) * Prefer alpha_linux_26 to alpha_linux_24 for the non-kernel build on Alpha, now that the source supports it. * Add support for the s390x architecture. Upstream supports it and there's no reason not to. * Fix the watch file to remove .dfsg\d+ when comparing versions. openafs (1.4.4-1) experimental; urgency=low * New upstream release. (Closes: #415699) - Support newer Linux kernels. (Closes: #409797, #410120) - Add aklog fallbacks for null realms to support the referral capability in MIT Kerberos 1.6 and later. (Closes: #410314) * Apply patch from Thomas Sesselmann to support setting options to pass to bosserver in /etc/default/openafs-fileserver. (Closes: #409357) * Remove the rx_Init calls in the PAM module. The internal counters that had to be initialized that way have been removed. * Now that we're running regen.sh as part of the build process, only patch the Autoconf source files and not the generated output to make the diff easier to audit. openafs (1.4.2-6) unstable; urgency=medium * SECURITY: Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. * Apply upstream fix to use a single high-numbered group for the PAG on 2.6 kernels and sort the group properly. Fixes AFS-caused group ordering problems that could lead the kernel to ignore some group membership for users. (Closes: #414911) * Apply upstream fix for segfaults in pts rename. (Closes: #409184) * Apply upstream fix to show reasonable free space numbers for AFS in df. Without this fix, some programs which use df to check free space may think that directories in AFS are full and prevent the user from attempting to write files. (Closes: #415294) * Translation updates: - Dutch, thanks cobaco. (Closes: #413701) - Portuguese, thanks Miguel Figueiredo. (Closes: #414800) openafs (1.4.2-5) unstable; urgency=low * Translation updates: - Chinese, thanks Chun Tian (binghe). (Closes: #406063) openafs (1.4.2-3) unstable; urgency=low * No longer pass explicit cache tuning options to afsd and instead let OpenAFS automatically choose tuning based on the cache size. * Accept trailing whitespace in ThisCell. * Fix path canonicalization on the server, enabling bos getlog with a simple log name to work properly against a Debian bosserver. * Change the documentation of afsd -shutdown to be less dire and more accurate. Thanks, Daniel J. Priem. (Closes: #394990) * Document (at least partially) AFS's mapping of Kerberos v5 principal names to Kerberos v4 format in the aklog man page. Thanks, Daniel J. Priem. (Closes: #394832) * Document that aklog -setpag may not always work. openafs (1.4.2-2) unstable; urgency=low * Upstream fix to prevent butc segfaulting. openafs (1.4.2-1) unstable; urgency=medium * New upstream release, fixes amd64 kernel issues * Update CellServDB openafs (1.4.2~fc4-3) unstable; urgency=low * Apply patch from Chaskiel Grundman to fix kernel panics when loading the kernel module into AMD64 2.6.18 kernels. (Closes: #390653) * Apply upstream patch to fix klog segfaults. (Closes: #390940) * The UTS_RELEASE string is no longer found in linux/version.h in 2.6.18, so fall back on looking in config/kernel.release. Thanks to Marcus Watts for the patch. openafs (1.4.2~fc4-2) unstable; urgency=low * Apply additional upstream patch for AMD64 2.6.18 kernel module build issues. (Closes: #389729) openafs (1.4.2~fc2-1) unstable; urgency=low * New upstream release candidate. - Supports new Linux kernel versions. (Closes: #383028) * Translation updates: - German, thanks Henrik Kroeger. (Closes: #384803) openafs (1.4.1-4) unstable; urgency=low * Apply upstream fix from Derek Atkins for compilation with kernel versions prior to 2.6.10. (Closes: #376576) openafs (1.4.1-3) unstable; urgency=low * Include all of AFS's local XDR implementation in the build for shlibafsrpc, fixing problems with undefined symbols in the PAM module on AMD64. * When creating a new file server in afs-newcell, use a set of tuning flags from Harald Barth rather than relying on the defaults. This doesn't help with general bos create; long term, the defaults need to be fixed. (Closes: #364100) * Add a note in README.servers about fileserver tuning options. * Update debconf templates to follow the best practice recommendations from the Developer's Reference. * Regenerate the man pages on build since the pre-generated ones were done with a very old version of pod2man. * Update standards version to 3.7.2 (no changes required). * Use a better method of optionally running make distclean. * Add build-arch and build-indep targets, just in case. * Translation updates: - Czech, thanks Martin Šín. - Portuguese (Brazil), thanks André Luís Lopes. - French, thanks Christian Perrier. - Vietnamese, thanks Clytie Siddall. openafs (1.4.1-2) unstable; urgency=low * Exit successfully in the openafs-client init script if no module is installed, since otherwise openafs-client will fail to install until one builds a module. This restores previous accidental behavior due to a bug in debhelper. (Closes: #362695) * libopenafs-dev must conflict with liblwp-dev since they both provide liblwp.a. Thanks, Justin Pryzby. (Closes: #362842) * openafs-client recommends lsof, since the init script uses it for cleaner shutdown. openafs (1.4.1-1) unstable; urgency=low * New upstream release. - Supports Linux 2.6.16. (Closes: #358203) - Suspend should work with newer kernels. (Closes: #341588) - Safer cache size calculation. (Closes: #360176) - Upstream now includes man pages, so remove our backport. * Subsume openafs-krb5 into this source package. - Acknowledge NMU. (Closes: #304933) - Update to the OpenAFS aklog and asetkey. (Closes: #196094) - Backport asetkey from upstream CVS. - Include ka-forwarder from the old migration toolkit. - Add man pages for asetkey and ka-forwarder. * Subsume openafs-doc into this source package. * Since 2.6 is the supported kernel for etch, build the userspace with a sysname of *_linux26 where supported. This only affects the sys command. (Using livesys instead is better.) (Closes: #358118) * Always pass the system type into Autoconf, following autotools-dev best practices. * Add an explicit copyright statement to debian/copyright. openafs (1.4.0-4) unstable; urgency=low * Hopefully fix sparc64 kernel support. Thanks, Troy Benjegerdes. (Closes: #219429) * Document the need to restart ptserver and vlserver on the existing database servers when adding a new one. Thanks, Niklas Edmundsson. (Closes: #349659) * Include xstat_cm_test and xstat_fs_test in openafs-client, as they're quite useful for debugging. openafs (1.4.0-3) unstable; urgency=low * Apply upstream patch from Chas Williams to be more careful about what dentry is used in renames, avoiding a kernel fault when renaming dentries accessed through multiple paths (such as RO and RW). * Apply patch to allow the module to build with the Ubuntu kernel. Thanks, Björn Torkelsson. (Closes: #342607) * Stop unconditionally forcing the compiler to cc or gcc in configure, allowing, among other things, building the kernel module with a compiler other than the default system compiler. (Closes: #338306) * Call kernel-version correctly from prep-modules, which fixes build issues with manually-built kernels. (Closes: #344851) * Backport man pages from upstream CVS. (Closes: #79763) * Include afsmonitor and livesys in openafs-client. * Include volinfo in openafs-fileserver. * Document FAM's lack of support for AFS's security model and recommend gamin instead. (Closes: #343246) * Add a hint to README.Debian on what to do about the cache partition if running ReiserFS or XFS without a spare partition. * Use make install into debian/tmp rather than make dest. make dest is mostly for Transarc compatibility and make install looks more like a typical package and makes it easier to evaluate differences in FHS location between upstream and Debian. As a side effect, there's no need to mess with the @sys link. (Closes: #165909) * Install more files with dh_install rather than install commands in debian/rules so that *.install shows a more complete picture of what goes into each package. * Don't ignore make distclean errors. openafs (1.4.0-2) unstable; urgency=low * Install more of the standard OpenAFS utilities. (Closes: #138851) - openafs-dbserver: Install prdb_check and vldb_check. - openafs-fileserver: Install voldump. - openafs-client: Install fstrace, scout, and up (as afs-up). - Modify fstrace to load its catalog from /usr/share/openafs. * Do not install kpwvalid. The default version does little useful and the kpwvalid binary must be in AFS for it to take effect. * Overhaul the way kernel modules are built. - Recommend linux-image rather than kernel-image for newer kernels. - Always recommend the kernel package; since it's only a recommends, there's no need to special-case the hand-built kernel case. - Be less fragile about how the kernel version is used in prep-modules to support other ways kernel modules are built. (Closes: #341836) - Add Build-Depends and Uploaders to the openafs-modules-source control file. - Remove unused parts of prep-modules and heavily comment it. * openafs-client should only recommend the AFS kernel module. Many of the client programs will work in unauthenticated mode without it, and openafs-fileserver depends on it (but doesn't require the kernel module). (Closes: #342095) * openafs-modules-source no longer has to depend on as many libraries. * Suggest the same PAM settings for pam_krb5 that libpam-krb5 does. * Update uploader address. openafs (1.3.82-2) unstable; urgency=low * Output error messages from heredocs in the init script with cat rather than echo. Thanks, Reid Barton. (Closes: #311729) * Make bosserver less picky about permissions and remove the attempt to set /etc/openafs/server-local not-world-readable since dh_fixperms was overridding it anyway. (Closes: #312921) * Fix some spacing and capitalization errors in the debconf templates. Thanks, Clytie Siddall. (Closes: #316597) * Initial Czech translation, thanks Martin Sin. (Closes: #310699) * New Vietnamese translation, thanks Clytie Siddall. (Closes: #316598) * Update standards version to 3.6.2 (no changes required). openafs (1.3.82-1) unstable; urgency=medium * New upstream version. (Closes: #307699) - Proper locking for preempt kernels. This bug manifested as an inability to shut down AFS cleanly. (Closes: #308399, #304040) - Correctly handle the inotify semaphore. (Closes: #303495) * Repackage upstream to remove MacOS-specific files covered by the APSL. Remove the WINNT directory to save space since we have to repackage anyway. Provide a get-orig-source target to do the repackaging. * libpam-openafs-kaserver: Fix compilation so that the PAM module isn't missing symbols and therefore unusable. (Closes: #308844) * Apply patch from Chas Williams to fix stale cache data from deleted files, a bug introduced in 1.3.82. * In all cases, only build the module appropriate to the kernel we're building against. Building an SMP module against a non-SMP kernel fails due to missing defines. (Closes: #225907) * README.modules: Add documentation for module-assistant and recommend it when using Debian kernels. Mention divergences from upstream in module naming. (Closes: #253168) Emphasize that the kernel source tree used for make-kpkg must be identically configured to the kernel the module will be used with. * Update copyright with more complete information from upstream src/LICENSE. * Simplify clean target. Upstream make distclean is now better. openafs (1.3.81-5) unstable; urgency=low * Handle modules named either with or without the .mp extension on SMP hosts. (Closes: #305389, #307280, #307797) * README.Debian: Document that the client cache partition must be ext2 or ext3 and that XFS and ReiserFS will not work. upserver and upclient are now provided. Provide some information about why kaserver is not provided. (Closes: #249315) * Overhaul the module build rules. - Use debhelper to build the module binary package. - Let debhelper handle the module postinst and prerm control scripts. - Properly support modules_config and modules_clean. - Break the build process into configure, build, install, and binary rules, paralleling the regular build rules and making it easier to maintain the make-kpkg build targets. - Include the kernel version in the long description. - Update standards version of module packages to 3.6.1. - Include the copyright and basic documentation in the module binary package. Otherwise, policy requires an exact versioned dependency on the package containing the copyright file. * Update standards version to 3.6.1. - Install Debian::OpenAFS::ConfigUtils in /usr/share, not /usr/lib. - Always enable debugging symbols and disable optimization if noopt is set in DEB_BUILD_OPTIONS. (Alas, this doesn't entirely work; the upstream makefiles don't always honor the configure options.) - /etc/init.d/openafs-fileserver restart starts bosserver if it's not already running. * Update debhelper compatibility level to V4. - Remove all *.conffiles control files. They're no longer needed. - Use misc:Depends to get debconf dependencies. - Use dh_install rather than the movefiles script. * openafs-dbserver doesn't need to depend on debconf. * Use dh_perl to get the correct Perl dependency for openafs-dbserver. * Remove unnecessary build dependencies. * Depend on comerr-dev rather than e2fslibs-dev. * Remove unnecessary preinst for openafs-fileserver. * Clean up and reformat package build rules. * Update lintian overrides. openafs (1.3.73-1) experimental; urgency=low * New upstream version - Works with 2.6.8 and 2.6.9, Closes: #277521 * Remove call to dh_suidregister * Update sysname to prefer 2.4 on more arches for largefile issues * Patch from pnelson@ANDREW.CMU.EDU to add x86_64 support to sysname scripts * debian/sysname: Use installation architecture openafs (1.3.70-1) experimental; urgency=low * New upstream version * debian/kern-sysname: 2.6* not 2.6 * Enable supergroups and largefile-fileserver openafs (1.3.65-1) experimental; urgency=low * New upstream Version, Closes: #256580 openafs (1.3.64-2) experimental; urgency=low * Allow loading of a .ko file not just .o openafs (1.3.64-1) experimental; urgency=low * New upstream version * Add 2.6 to kern-sysname for i386 * Apply patch from /afs/cs.cmu.edu/user/jhutz/junk/openafs-patches/openafs-build-on-linux26 which correctly generates 2.6 modules, Closes: #234284 * use make only_libafs not dest_only_libafs - AS a result, build times are much faster, Closes: #144781 * Correct module build scripts to install module package from new location * Fix afslocaldir to be /etc/openafs/server-local, Closes: #237154 openafs (1.2.11-3) unstable; urgency=high * Now that libopenafs-dev contains binaries, it should have shared library dependencies, Closes: #267509 * New fr.po from Christian Perrier, Closes: #237098 openafs (1.2.11-2) unstable; urgency=low * Install rxgen * Install upserver and upclient * Mark as version 1.2.11, Closes: #255883 openafs (1.2.11-1) unstable; urgency=high * Versions prior to 1.2.10 stopped working with multiple servers in a cell because of a ubik bug prompting the 1.2.11 release. * Fix afs startup script not to start afsd if already running; really fixed in 1.2.10-3, but not documented, Closes: #219702 openafs (1.2.10-3) unstable; urgency=low * Fix Openafs not to include kernel headers from /usr/include, Closes: #220600 * Fix typo in openafs templates, Closes: #215714 * New French translations, Closes: #216158 * Build-depend on e2fslibs-dev to get appropriate headers openafs (1.2.10-2) unstable; urgency=low * New Brazilian Portuguese (pt_BR) translations, Closes: #208035 * Don't conflict with ircd, Closes: #204865 * Fix wording of question about using dynroot, Closes: #209332 * New French debconf translations, sorry about the delay in including these, Closes: #203608 * Avoid yes/no construction in openafs-client templates, Closes: #198476 * Fix libpam-openafs-kaserver to include the symbols it needs, patch from Daniel Joseph Barnhart Clark , Closes: #194818 openafs (1.2.10-1) unstable; urgency=low * New upstream version * net/*.h included properly by kernel module, Closes: #204642 * Don't build libafsrpc or libafsauthent, as we can't exactly use them because they contain non-pic code, Closes: #203456 * I think I finally build the PAM module on hppa, Closes: #179679 * Decnet includes should work now because of the change of the net symlink, Closes: #204486 * Escape $ in debian/rules, Closes: #204185 openafs (1.2.9-3) unstable; urgency=low * Add support for kernel headers, thanks to Patrick Sodre, Closes: #173137 * Add patch to support the Debian 2.4.21 Kernel sources, thanks to amu, Closes: #198774 * Add chronyd to list of programs we assume set the clock, thanks RISKO Gergely, Closes: #201725 * Fix template formatting (extra leading spaces), Closes: #198477 * New French translations, thanks Christian Perrier, Closes: #198719 * Fix PAM problem on hppa, Closes: #179679 * Don't translate defaults: Closes: #198384 * Fix movefiles error handling and errors exposed by this change. The contents of libopenafs-dev were somewhat wrong because of this. * Make /usr/src/modules root.src 775, Closes: #201733 openafs (1.2.9-1) unstable; urgency=low * Literal newline fixes, Closes: #175627 * Require new kernel modules per upstream change. * New upstream version * Fix section of libopenafs-dev to libdevel * openafs-client stop should shut down afsd if it is running even if afs not mounted, Closes: #188000 * Fix to build on alpha again; PAM patch was broken * Report i386_linux24 not linux22 on i386, Closes: #187789 * Convert to po-debconf, patch from Andre Luis Lopes, CLoses: #187901 * Fix from Lamont to build on hppa, Closes: #179679 openafs (1.2.8-4) unstable; urgency=low * Fix from Eduard Bloch to compile on kernels with variable numbers of CPUs; he is not sure it actually works yet though, Closes: #178505 * Patch that might possibly fix the fails to build on recent unstable; definitely fixes a bug in include path handling, but I am not sure it is a correct patch since I cannot reproduce the problem, Closes: #178154 openafs (1.2.8-3) unstable; urgency=medium * Patch from Eduard Bloch to build the PAM module for kaserver users; the main thing this patch does in create a bunch of PIC object files so it is a policy-conformant shared library, Closes: #174668 * Do not include -I/usr/include and especially -I/usr/include/sys in the PAM Makefile so gcc 3.2 works; already fixed upstream, Closes: #176538 openafs (1.2.8-2) unstable; urgency=low * Convert v5 principal names to v4 style names in rxkad 2b. Especially important for rcmd vs host * Fix debian/rules clean to remove generated files, Closes: #174625 * Fix AFS not to declare errno, Closes: #174059 resource-agents (1:4.16.0-2) unstable; urgency=medium . * debian/tests: fix failing named test * debian/control: add depends on psmisc (Closes: #1095291) runc (1.1.15+ds1-2) unstable; urgency=medium . * Team upload. . [ zhangdandan ] * Fix loongarch64 support (Closes: #1095452)