3 * FIX: charset conversion failed when copying from Mac OS 9. Bug #523.
4 * UPD: Don't force S_ISGID for directories on FreeBSD. Bug #525.
5 * NEW: Add support for ZFS ACLs on FreeBSD with libsunacl. From FR#83.
6 * FIX: Active Directory LDAP queries for ACL support with new options
7 "ldap user filter" and "ldap group filter". Bug #526.
8 * NEW: Option "vol dbnest", when set to true, the CNID database for
9 a volume is stored in the volume root of a share in a directory
10 .AppleDB like in Netatalk 2. Defaults to false. From FR#84.
11 * FIX: Small fix in the DSI tickle handling. Bug #528.
15 * FIX: Fix a crash when using pam_winbind. Fixes bug #516.
16 * NEW: New global/volume option "ignored attributes"
17 * FIX: "afp listen" option failed to take IPv6 addresses. Bug #515.
18 * FIX: Fix a possible crash in set_groups. Bug #518.
19 * NEW: Send optional AFP messages for vetoed files, new option
20 "veto message" can be used to enable sending messages.
21 Then whenever a client tries to access any file or directory
22 with a vetoed name, it will be sent an AFP message indicating
23 the name and the directory. From FR #81.
24 * NEW: New boolean volume option "delete veto files". If this option is
25 set to yes, then Netatalk will attempt to recursively delete any
26 vetoed files and directories. FR #82.
27 * UPD: systemd unit dir is /usr/lib/systemd/system .
28 * FIX: Saving files from application like MS Word may result in the file
29 loosing metadata like the Finder label. Bug #521.
33 * FIX: Opening files without metadata EA may result in an invalid
34 metadata EA. Check for malformed metadata EAs and delete them.
36 * FIX: Fix an issue with filenames containing non-ASCII characters that
37 lead to a failure setting the size of a files ressource fork.
38 This affected application like Adobe Photoshop where saving
39 files may fail. Fixes bug #511.
40 * UPD: Enhance ACL mapping, change global ACL option 'map acls' to take
41 the following options: "none", "rights" (default), "mode".
42 none = no mapping, this resembles the previous false/no setting
43 rights = map ACLs to Finder UARights, this resembles the previous
44 true/yes setting. This is the default.
45 mode = map ACLs to Finder UARights and UNIX mode
47 * FIX: Fix a possible crash in cname() where cname_mtouname calls
48 dirlookup() where the curdir is freed because the dircache
49 detected a dev/inode cache difference and evicted the object
50 from the cache. Fixes bug #498.
51 * FIX: Add missing include, fixes bug #512.
52 * FIX: Change default FinderInfo for directories to be all 0, fixes
54 * NEW: New option "afp interfaces" which allows specifying where
55 Netatalk listens for AFP connections by interface names.
60 * UPD: afpd: Increase default DSI server quantum to 1 MB
61 * UPD: bundled libevent2 is now static
62 * NEW: --with-lockfile=PATH configure option for specifying an
63 alternative path for the netatalk lockfile.
64 * UPD: systemd service file use PIDFile and ExecReload.
66 * UPD: RedHat sysvinit: rm graceful, reimplement reload, add condrestart
67 * FIX: Couldn't create folders on FreeBSD 9.1 ZFS fileystems.
69 * FIX: Fix an issue with user homes when user home directory has not the
70 same name as the username.
72 * UPD: Fix PAM config install, new default installation dir is
73 $sysconfdir/pam.d/. Add configure option --with-pam-confdir
74 to specify alternative path.
75 * NEW: AFP stats about active session via dbus IPC. Client side python
76 program `afpstats`. Requires dbus, dbus-glib any python-dbus.
77 configure option --dbus-sysconf-dir for specifying dbus
78 system security configuration files.
79 New option 'afpstats' (default: no) which determines whether
80 to enable the feature or not.
81 * NEW: configure option --with-init-dir
82 * NEW: dtrace probes, cf include/atalk/afp_dtrace.d for available
84 * UPD: Reload groups when reloading volumes. FR #71.
85 * FIX: Attempt to read read-only ._ rfork results in disconnect.
87 * FIX: File's ressource fork can't be read if metadata EA is missing.
89 * FIX: Conversion from adouble v2 to ea for directories.
91 * FIX: Error messages when mounting read-only filesystems.
93 * FIX: Permissions of ._ AppleDouble ressource fork after conversion
96 * UPD: Use FreeBSD sendfile() capability to send protocol header.
98 * UPD: Increase IO size when sendfile() is not used.
100 * FIX: Can't set Finder label on symlinked folder with "follow symlinks = yes".
102 * FIX: Setting POSIX ACLs on Linux
104 * FIX: "ad ls" segfault if requested object is not in an AFP volume.
109 * NEW: afpd: Put file extension type/creator mapping back in which had
111 * NEW: afpd: new option 'ad domain'. From FR #66.
112 * FIX: volumes and home share with symlinks in the path
113 * FIX: Copying packages to a Netatalk share could fail, bug #469
114 * FIX: Reloading volumes from config file was broken. Fixes bug #474.
115 * FIX: Fix _device-info service type registered with dns-sd API
116 * FIX: Fix pathname bug for FCE modified event.
117 * FIX: Remove length limitation of options like "valid users".
119 * FIX: Dont copy our metadata EA in copyfile(). Fixes bug #452.
120 * FIX: Fix an error where catalog search gave incomplete results.
122 * REM: Remove TimeMachine volume used size FCE event.
123 * UPD: Add quoting support to '[in]valid users' option. Fixes bug #472.
124 * FIX: Install working PAM config on Solaris 11. Fixes bug #481.
125 * FIX: Fix a race condition between dbd and the cnid_dbd daemon
126 which could result in users being disconnected from volumes
127 when dbd was scanning their volumes. Fixes bug #477.
128 * FIX: Netatalk didn't start when the last line of the config file
129 afp.conf wasn't terminated by a newline. Fixes bug #476.
130 * NEW: Add a new volumes option 'follow symlinks'. The default setting is
131 false, symlinks are not followed on the server. This is the same
132 behaviour as OS X's AFP server.
133 Setting the option to true causes afpd to follow symlinks on the
134 server. symlinks may point outside of the AFP volume, currently
135 afpd doesn't do any checks for "wide symlinks".
136 * FIX: Automatic AppleDouble conversion to EAs failing for directories.
138 * FIX: dbd failed to convert appledouble files of symlinks.
143 * NEW: afpd: Optional "ldap uuid encoding = string | ms-guid" parameter to
144 afp.conf, allowing for usage of the binary objectGUID fields from
146 * FIX: afpd: Fix a Solaris 10 SPARC sendfilev bug
147 * FIX: afpd: Fix a crash on FreeBSD
148 * FIX: afpd: Fixes open file handle refcounting bug which was reported as
149 being unable to play movies off a Netatalk AFP share.
151 * FIX: afpd: Fix a possible data corruption when reading from and writing
152 to the server simultaniously under load
153 * FIX: Fix possible alignment violations due to bad casts
154 * FIX: dbd: Fix logging
155 * FIX: apple_dump: Extended Attributes AppleDouble support for *BSD
156 * FIX: handling of '/' and ':' in volume name
157 * UPD: Install relevant includes necessary for building programs with
158 installed headers and shared lib libatalk
159 * UPD: libevent configure args to pick up installed version. Removed
160 configure arg --disable-libevent, added configure args
161 --with-libevent-header|lib.
162 * UPD: gentoo initscript: merge from portage netatalk.init,v 1.1
163 * REM: Remove --with-smbsharemodes configure option, it was an
164 empty stub not yet implemented
169 * UPD: afpd: force read only mode if cnid scheme is last
170 * REM: afpd: removed global option "icon"
171 * FIX: CNID path for user homes
176 * UPD: Solaris and friends: Replace initscript with SMF manifest
177 * FIX: Solaris and friends: resource fork handling
182 * UPD: afpd: Performance tuning of read/write AFP operations. New option
183 "afp read locks" (default: no) which disables that the server
184 applies UNIX byte range locks to regions of files in AFP read and
186 * UPD: apple_dump: Extended Attributes AppleDouble support.
187 (*BSD is not supported yet)
189 Changes in 3.0 alpha3
190 =====================
192 * NEW: afpd: Per volume "login message", NetAFP bug ID #18
193 * NEW: afpd: Cross-platform locking (share modes) on Solaris and derivates
194 with Solaris CIFS/SMB server. Uses new Solaris fcntl F_SHARE share
195 reservation locking primitives. Enabled by default, set global
196 "solaris share reservations" option to false to disable it.
197 * NEW: ad: ad set subcommand for changing Mac metadata on the server
198 * UPD: unix charset is UTF8 by default.
199 vol charset is same value as unix charset by default.
200 * UPD: .AppleDesktop/ are stored in $localstatedir/netatalk/CNID
201 (default: /var/netatalk/CNID), databases found in AFP volumes are
203 * FIX: afpd: Server info packet was malformed resulting in broken
204 server names being displayed on clients
205 * FIX: afpd: Byte order detection. Fixes an error where Netatalk on
206 OpenIndiana returned wrong volume size information.
208 Changes in 3.0 alpha2
209 =====================
211 * UPD: afpd: Store '.' as is and '/' as ':' on the server, don't
212 CAP hexencode as "2e" and "2f" respectively
213 * UPD: afdp: Automatic name conversion, renaming files and directories
214 containing CAP sequences to their not enscaped forms
215 * UPD: afpd: Correct handling of user homes and users without homes
216 * UPD: afpd: Perform complete automatic adouble:v2 to adouble:ea conversion
217 as root. Previously only unlinking the adouble:v2 file was done as root
218 * UPD: dbd: -C option removes CAP encoding
219 * UPD: Add graceful option to RedHat init script
220 * UPD: Add --disable-bundled-libevent configure options When set to yes,
221 we rely on a properly installed version on libevent CPPFLAGS and LDFLAGS
222 should be set properly to pick that up
223 * UPD: Run ldconfig on Linux at the end of make install
224 * FIX: afpd: ad cp on appledouble = ea volumes
225 * FIX: dbd: ignore ._ appledouble files
226 * REM: Volumes options "use dots" and "hex encoding"
228 Changes in 3.0 alpha1
229 =====================
231 * NEW: Central configuration file afp.conf which replaces all previous files
232 * NEW: netatalk: service controller starting and restarting afpd and cnid_metad
234 * NEW: afpd: Extended Attributes AppleDouble backend (default)
235 * UPD: CNID databases are stored in $localstatedir/netatalk/CNID
236 (default: /var/netatalk/CNID), databases found in AFP volumes are
238 * UPD: Start scripts and service manifests have been changed to only start
239 the new netatalk service controller process
240 * UPD: afpd: UNIX privileges and use dots enabled by default
241 * UPD: afpd: Support for arbitrary AFP volumes using variable expansion has been
243 * UPD: afpd: afp_voluuid.conf and afp_signature.conf location has been
244 changed to $localstatedir/netatalk/ (default: /var/netatalk/)
245 * UPD: afpd: default server messages dir changed to $localstatedir/netatalk/msg/
246 * UPD: dbd: new option -C for conversion from AppleDouble v2 to ea
247 * REM: AppleTalk support has been removed
248 * REM: afpd: SLP and AFP proxy support have been removed
249 * REM: afpd: legacy file extension to type/creator mapping has been removed
250 * REM: afpd: AppleDouble backends v1, osx and sfm have been removed
255 * FIX: Missing UAM links
256 * FIX: Lockup in AFP logout on Fedora 17
257 * FIX: Reset signal handlers and alarm timer after successfull PAM
258 authentication. Fixes a problem with AFP disconnects caused
259 by pam_smbpass.so messing with our handlers and timer.
260 * FIX: afpd: Fix a possible problem with sendfile on Solaris derived
266 * NEW: afpd: support for mdnsresponder
267 * NEW: afpd: new LDAP config option ldap_uuid_string
268 * UPD: based on Unicode 6.1.0
269 * UPD: experimental systemd service files: always run both afpd and cnid_metad
270 * UPD: afpd: Ensure our umask is not altered by eg pam_umask
271 * UPD: afpd: Use GSS_C_NO_NAME as server principal when Kerberos options -fqdn
272 and -krb5service are not set, from Jamie Gilbertson
273 * UPD: afpd: Changed behaviour for TimeMachine volumes in case there's a problem
274 talking to the CNID daemons. Previously the volume was flagged read-only
275 and an AFP message was sent to the client. As this might result in
276 TimeMachine assuming the backup sparse bundle is damaged, we now just
277 switch the CNID database to an in-memory tdb without the additional stuff.
278 * FIX: afpd: sendfile() on FreeBSD was broken, courtesy of Denis Ahrens
279 * FIX: afpd: Dont use searchdb when doing partial name search
280 * FIX: afpd: Fix a possible bug handling disconnected sessions,
282 * FIX: afpd: Close IPC fds in afpd session child inherited from the afpd
284 * FIX: dbd: Don't remove BerkeleyDB if it's still in use by eg cnid_dbd, fixes
285 bug introduced in 2.2.2
286 * FIX: debian initscript: start avahi-daemon (if available) before atalkd
287 * FIX: Zeroconf could not advertise non-ASCII time machine volume name
292 * NEW: afpd: New option "adminauthuser". Specifying eg "-adminauthuser root"
293 whenever a normal user login fails, afpd tries to authenticate as
294 the specified adminauthuser. If this succeeds, a normal session is
295 created for the original connecting user. Said differently: if you
296 know the password of adminauthuser, you can authenticate as any other
298 * NEW: configure option "--enable-suse-systemd" for openSUSE12.1 and later.
299 "--enable-redhat-systemd" and "--enable-suse-systemd" are same as
301 "--enable-suse" is renamed "--enable-suse-sysv".
302 * NEW: experimental systemd service files in distrib/systemd/
303 * UPD: afpd: Enhanced POSIX ACL mapping semantics, from Laura Mueller
304 * UPD: afpd: Reset options every time a :DEFAULT: line is found in a
306 * UPD: afpd: Convert passwords from legacy encoding (wire format) to host
307 encoding, NetAFP Bug ID #14
308 * UPD: afpd: Don't set ATTRBIT_SHARED flag for directories
309 * UPD: afpd: Use sendfile() on Solaris and FreeBSD for sending data
310 * UPD: afpd: Faster volume used size calculation for "volsizelimit" option,
311 cf man AppleVolume.default for details
312 * FIX: afpd: ACL access checking
313 * FIX: afpd: Fix an error when duplicating files that lacked an AppleDouble
314 file which lead to a possible Finder crash
315 * FIX: afpd: Read-only filesystems lead to afpd processes running as root
316 * FIX: afpd: Fix for filesystem without NFSv4 ACL support on Solaris
317 * FIX: afpd: Fix catsearch bug, NetAFP Bug ID #12
318 * FIX: afpd: Fix dircache bug, NetAFP Bug ID #13
319 * FIX: dbd: Better checking for duplicated or bogus CNIDs from AppleDouble
321 * FIX: dbd: Remove BerkeleyDB database environment after running `dbd`. This
322 is crucial for the automatic BerkeleyDB database upgrade feature which
323 is built into cnid_dbd and dbd.
324 * FIX: Fix compilation error when AppleTalk support is disabled
325 * FIX: Portability fixes
326 * FIX: search of surrogate pair
331 * NEW: afpd: disable continous service feature by default, new option
332 -keepsessions to enable it
333 * NEW: configure option "--enable-redhat-systemd" for Fedora15 and later.
334 "--enable-redhat" is renamed "--enable-redhat-sysv".
335 * UPD: afpd: Enhance ACL support detection for volumes: enable them per volume
337 1) ACL support compiled in, 2) the volume supports ACLs, 3) the new
338 volume option "noacls" is not set for the volume.
339 The previous behaviour was to enable ACL support for a volume if
340 1) it was compiled in and 2) the volume supported ACLs. There was no way
341 to disable ACLs for a volume.
342 * UPD: afpd: add a configurable hold time option to FCE file modification event
343 generation, default is 60 s, new option "fceholdfmod" to change it
344 * UPD: afpd: add support for new NetBSD quota subsystem, Bug ID 3249879
345 * FIX: afpd: increase BerkeleyDB locks and lockobjs
346 * FIX: afpd: create special folder as root
347 * FIX: afpd: fix compilation error if --enable-ddp is used
348 * FIX: afpd: More robust IPC reconnect error handling
349 * FIX: afpd: ACL access checking
350 * FIX: afpd: fix a possible race condition between SIGCHLD handler and
351 new connection attempts
352 * FIX: afpd: fix undefined behaviour when more then ~510 connetions where
354 * FIX: afpd: fix a crash when searching for a UUID that is not a special
355 local UUID and LDAP support is not compiled in
356 * FIX: afpd: .volinfo file not created on first volume access if user in rolist
357 * FIX: afpd: possible crash at startup when registering with Avahi
358 when Avahi is not running
359 * FIX: afpd: return correct user/group type when mapping UUIDs to names
360 * FIX: afpd: for directories add DARWIN_ACE_DELETE ACE
361 if DARWIN_ACE_ADD_SUBDIRECTORY is set
362 * FIX: afpd: afpd crashed when it failed to register with Avahi because eg
363 user service registration is disabled in the Avahi config
364 * FIX: dbd: function checking and removing malformed ad:ea header files failed
365 to chdir back to the original working directory
366 * FIX: cnid_dbd: increase BerkeleyDB locks and lockobjs
367 * FIX: cnid_dbd: implement -d option, deletes CNID db
368 * FIX: dbd: better detection of local (or SMB/NFS) modifications on AFP volumes
369 * FIX: suse: initscript return better status
370 * FIX: Sourcecode distribution: add missing headers
371 * FIX: Solaris 10: missing dirfd replacement function
372 * FIX: case-conversion of surrogate pair
373 * FIX: Compilation error on GNU/kFreeBSD, fixes Bug ID 3392794 and
375 * FIX: Fix Debian Bug#637025
376 * FIX: Multiple *BSD compilation compatibility fixes, Bug ID 3380785
377 * FIX: precompose_w() failed if tail character is decomposed surrogate pair
382 * NEW: afpd: new volume option "nonetids"
383 * NEW: afpd: ACL access check caching
384 * NEW: afpd: FCE event notifications
385 * NEW: afpd: new option "-mimicmodel" for specifying Bonjour model registration
386 * UPD: Support for Berkeley DB 5.1
387 * UPD: case-conversion is based on Unicode 6.0.0
388 * UPD: cnid_metad: allow up to 4096 volumes
389 * UPD: afpd: only forward SIGTERM and SIGUSR1 from parent to childs
390 * UPD: afpd: use internal function instead of popening du -sh in order to
391 calculate the used size of a volume for option "volsizelimit"
392 * UPD: afpd: Add negative UUID caching, enhance local UUID handling
393 * FIX: afpd: configuration reload with SIGHUP
394 * FIX: afpd: crashes in the dircache
395 * FIX: afpd: Correct afp logout vs dsi eof behaviour
396 * FIX: afpd: new catsearch was broken
397 * FIX: afpd: only use volume UUIDs in master afpd
398 * FIX: dbd: Multiple fixes, reliable locking
399 * FIX: ad file suite: fix an error that resulted in CNID database
405 * NEW: afpd: new afpd.conf options "tcprcvbuf" and "tcpsndbuf" to customize
406 the corresponding TCP socket options.
407 * NEW: afpd: new afpd.conf option "nozeroconf" which disabled automatic
408 Zeroconf service registration.
409 * FIX: afpd: generate mersenne primes for DHX2 UAM once at startup,
411 * FIX: afpd: DSI streaming deadlock
412 * FIX: afpd: extended sleep
413 * FIX: afpd: directory cache
414 * FIX: Support for platforms that do not have the *at functions
415 * UPD: afpd: put POSIX write lock on volume files while reading them
420 * FIX: afpd: fix option volsizelimit to return a usefull value for the
421 volume free space using `du -sh` with popen
422 * FIX: afpd: fix idle connection disconnects
423 * FIX: afpd: don't disconnect sessions for clients if boottimes don't match
424 * FIX: afpd: better handling of very long filenames that contain many
425 multibyte UTF-8 glyphs
431 * UPD: afpd: AFP 3.x can't be disabled
436 * FIX: composition of Surrogate Pair
437 * UPD: gentoo,suse,cobalt,tru64: inistscript name is "netatalk", not "atalk"
438 * UPD: gentoo: rc-update install don't hook in the Makefile
443 * UPD: afpd: new option "searchdb" which enables fast catalog searches
445 * UPD: Case-insensitive fast search with the CNID db
446 * UPD: cnid_dbd: afpd now passes the volume path, not the db path when
447 connecting for a volume. cnid_dbd will read the
448 ".AppleDesktop/.volinfo" file of the volume in order to figure
449 out the CNID db path and the volume charset encoding.
454 * NEW: Enhanced CNID "dbd" database for fast name search support.
455 Important: this makes cnidscheme "cdb" incompatible with "dbd".
456 * NEW: afpd: support for fast catalog searches
457 * NEW: ad utility: ad find
458 * UPD: afpd: CNID database versioning check for "cdb" scheme
459 * UPD: cnid_dbd: CNID database versioning and upgrading. Additional
460 CNID database index for fast name searches.
465 * FIX: afpd: various fixes
466 * FIX: Any daemon did not run if atalkd doesn't exist (redhat/debian)
471 * FIX: afpd: fix compilation error when ACL support is not available
472 * FIX: Ensure Appletalk manpages and config files are distributed
477 * NEW: ad utility: ad cp
478 * NEW: ad utility: ad rm
479 * NEW: ad utility: ad mv
480 * NEW: afpd: dynamic directoy and CNID cache (new config option -dircachesize)
481 * NEW: afpd: POSIX 1e ACL support
482 * NEW: afpd: automagic Zeroconf registration with avahi, registering both
483 the service _afpovertcp._tcp and TimeMachine volumes with _adisk._tcp.
484 * UPD: afpd: ACLs usable (though not visible on the client side) without common
485 directory service, by mapping ACLs to UARight
486 * UPD: afpd: performance improvements for ACL access calculations
487 * UPD: AppleTalk is disabled by default at configuration time. If needed
488 use configure switch --enable-ddp.
489 * FIX: afpd: Solaris 10 compatibilty fix: don't use SO_SNDTIMEO/SO_RCVTIMEO,
490 use non-blocking IO and select instead.
491 * FIX: cnid_dbd: Solaris 10 compatibilty fix: don't use SO_SNDTIMEO/SO_RCVTIMEO,
492 use non-blocking IO and select instead.
493 * REM: afile/achfile/apple_cp/apple_mv/apple_rm: use ad
498 * FIX: afpd: Fix for LDAP user cache corruption
499 * FIX: afpd: Fix for not shown ACLs for when filesyem uid or gid
500 couldn't be resolved because (eg deleted users/groups)
501 * FIX: gentoo: cannot set $CNID_CONFIG
502 * FIX: ubuntu: servername was empty
503 * FIX: Solaris: configure script failed to enable DDP module
504 * FIX: AppleDouble buffer overrun by extremely long filename
505 * UPD: afpd: return version info with machine type in DSIGetStatus
506 * UPD: dbd: use on-disk temporary rebuild db instead of in-memory db
507 * UPD: suse: initscript update
512 * UPD: afpd: support newlines in -loginmesg with \n escaping syntax
513 * UPD: afpd: support for changed chmod semantics on ZFS with ACLs
515 * FIX: afpd: fix leaking ressource when moving objects on the server
516 * FIX: afpd: backport Solaris 10 compatibilty fix from 2.2: don't use
517 SO_SNDTIMEO/SO_RCVTIMEO, use non-blocking IO and select instead.
518 * FIX: afpd: misaligned memory access on Sparc in ad_setattr, fixes
520 * FIX: cnid_dbd: backport Solaris 10 compatibilty fix from 2.2: don't
521 use SO_SNDTIMEO/SO_RCVTIMEO, use non-blocking IO and select instead.
526 * FIX: afpd: Downstream fix for FreeBSD PR 148022
527 * FIX: afpd: Fixes for bugs 3074077 and 3074078
528 * FIX: afpd: Better handling of symlinks in combination with ACLs and EAs.
530 * FIX: dbd: Adding a file with the CNID from it's adouble file did
531 not work in case that CNID was already occupied in the database
532 * FIX: macusers: add support for Solaris
533 * NEW: cnid_metad: use a PID lockfile
534 * NEW: afpd: prevent log flooding
535 * UPD: dbd: ignore ".zfs" snapshot directories
536 * UPD: dbd: support interrupting -re mode
541 * FIX: afpd: fix a serious error in networking IO code
542 * FIX: afpd: Solaris 10 compatibilty fix: don't use SO_SNDTIMEO, use
543 non-blocking IO and select instead for writing/sending data.
544 * UPD: Support for BerkeleyDB 5.0.
549 * FIX: afpd: fix for possible crash in case more then one server is
550 configured in afpd.conf.
551 * FIX: afpd: ExtendedAttributes in FreeBSD
552 * FIX: afpd: sharing home folders corrupted the per volume umask.
553 * UPD: afpd: umask for home folders is no longer taken from startup umask.
554 * UPD: afpd: dont and permissions with parent folder when creating new
555 directories on "upriv" volumes.
556 * UPD: afpd: use 'afpserver@fqdn' instead of 'afpserver/fqdn@realm'.
557 Prevents a crash in older GNU GSSAPI libs on eg. CentOS 5.x.
562 * UPD: fallback to a temporary in memory tdb CNID database if the volume
563 database can't be opened now works with the default backend "dbd" too.
564 * FIX: afpd: afp_ldap.conf was missing from tarball. This only effected
566 * FIX: afpd: Check if options->server is set in set_signature, preventing
568 * FIX: afpd: server signature wasn't initialized in some cases
569 * FIX: DESTDIR support: DESTDIR was expanded twice
570 * FIX: Fix for compilation error if header files of an older Netatalk
571 version are installed.
573 Changes in 2.1-release
574 ======================
576 * NEW: afpd: new volume option "volsizelimit" for limitting reported volume
577 size. Useful for limitting TM backup size.
578 * UPD: dbd: -c option for rebuilding volumes which prevents the creation
579 of .AppleDouble stuff, only removes orphaned files.
584 * NEW: afpd: static generated AFP signature stored in afp_signature.conf,
585 cf man 5 afp_signature.conf
586 * NEW: afpd: clustering support: new per volume option "cnidserver".
587 * UPD: afpd: set volume defaults options "upriv" and "usedots" in the
588 volume config file AppleVolumes.default. This will only affect
589 new installations, but not upgrades.
590 * FIX: afpd: prevent security attack guessing valid server accounts. afpd
591 now returns error -5023 for unknown users, as does AppleFileServer.
596 * NEW: afpd: AFP 3.2 support
597 * NEW: afpd: Extended Attributes support using native attributes or
598 using files inside .AppleDouble directories.
599 * NEW: afpd: ACL support with ZFS
600 * NEW: cnid_metad: options -l and -f to configure logging
602 * NEW: AppleDouble compatible UNIX files utility suite `ad ...`.
603 With 2.1 only `ad ls`.
604 * NEW: CNID database maintanance utility dbd
605 * NEW: support BerkeleyDB upgrade. Starting with the next release
606 after 2.1 in case of BerkeleyDB library updates, Netatalk
607 will be able to upgrade the CNID databases.
608 * NEW: afpd: store and read CNIDs to/from AppleDouble files by default.
609 This is used as a cache and as a backup in case the database
610 is deleted or corrupted. It can be disabled with a new volume
611 option "nocnidcache".
612 * NEW: afpd: sending SIGINT to a child afpd process enables debug logging
613 to /tmp/afpd.PID.XXXXXX.
614 * NEW: configure args to download and install a "private" Webmin instance
615 including only basic Webmin modules plus our netatalk.wbm.
616 * NEW: fallback to a temporary in memory tdb CNID database if the volume
617 database can't be opened.
618 * NEW: support for Unicode characters in the range above U+010000 using
619 internal surrogate pairs
620 * NEW: apple_dump: utility to dump AppleSingle and AppleDouble files
621 * NEW: afpldaptest: utility to check afp_ldap.conf.
622 * UPD: atalkd and papd are now disabled by default. AppleTalk is legacy.
623 * UPD: slp advertisement is now disabled by default. server option -slp
625 * UPD: cdb/dbd CNID backend requires BerkeleyDB >= 4.6
626 * UPD: afpd: default CNID backend is "dbd"
627 * UPD: afpd: try to install PAM config that pulls in system|common auth
628 * UPD: afpd: symlink handling: never followed server side, client resolves
629 them, so it's safe to use them now.
630 * UPD: afpd: Comment out all extension->type/creator mappings in
631 AppleVolumes.system. They're unmaintained, possibly wrong and
633 * FIX: rewritten logger
634 * FIX: afpd: UNIX permissions handling
635 * FIX: cnid_dbd: always use BerkeleyDB transactions
636 * FIX: initscripts installation now correctly uses autoconf paths,
637 ie they're installed to --sysconfdir.
638 * FIX: UTF-8 volume name length
639 * FIX: atalkd: workaround for broken Linux 2.6 AT kernel module:
640 Linux 2.6 sends broadcast queries to the first available socket
641 which is in our case the last configured one. atalkd now tries to
643 Note: now a misconfigured or plugged router can broadcast a wrong route !
644 * REM: afpd: removed CNID backends "db3", "hash" and "mtab"
645 * REM: cnid_maint: use dbd
646 * REM: cleanappledouble.pl: use dbd
647 * REM: nu: use `macusers` instead
652 * NEW: afpd: Time Machine support with new volume option "tm".
653 * FIX: papd: Remove variable expansion for BSD printers. Fixes CVE-2008-5718.
654 * FIX: afpd: .AppleDxxx folders were user accessible if option 'usedots'
656 * FIX: afpd: vetoed files/dirs where still accessible
657 * FIX: afpd: cnid_resolve: don't return '..' as a valid name.
658 * FIX: uniconv: -d option wasn't working
663 * REM: remove timeout
664 * NEW: afpd: DHX2 uams using GNU libgcrypt.
665 * NEW: afpd: volume options 'illegalseq', 'perm' and 'invisibledots'
666 'ilegalseq' encode illegal sequence in filename asis, ex "\217-", which is not
667 a valid SHIFT-JIS char, is encoded as U\217 -.
668 'perm' value OR with the client requested permissions. (help with OSX 10.5
669 strange permissions).
670 Make dot files visible by default with 'usedots', use 'invisibledots'
671 for keeping the old behavior, ie for OS9 (OSX hide dot files on its
673 * NEW: afpd: volume options allow_hosts/denied hosts
674 * NEW: afpd: volume options dperm/fperm default directory and file
675 permissions or with server requests.
676 * NEW: afpd: afpd.conf, allow line continuation with \
677 * NEW: afpd: AppleVolumes.default allow line continuation with \
678 * NEW: afpd: Mac greek encoding.
679 * NEW: afpd: CJK encoding.
680 * UPD: afpd: Default UAMs: DHX + DHX2
681 * FIX: afpd: return the right error in createfile and copyfile if the disk
683 * FIX: afpd: resolveid return the same error code than OSX if it's a directory
684 * FIX: afpd: server name check, test for the whole loopback subnet
686 * UPD: afpd: limit comments size to 128 bytes, (workaround for Adobe CS2 bug).
687 * UPD: afpd: no more daemon icon.
688 * UPD: usedots, return an invalide name only for .Applexxx files used by netatalk not
689 all files starting with .apple.
690 * UPD: cnid: increase the number of cnid_dbd slots to 512.
691 * FIX: cnid: dbd detach the daemon from the control terminal.
692 * UPD: cnid: never ending Berkeley API changes...
693 * UPD: cnid: dbd add a timeout when reading data from afpd client.
694 * UPD: cnid: Don't wait five second after the first error when speaking to the dbd
696 * FIX: papd: vars use % not $
697 * FIX: papd: quote chars in popen variables expansion. security fix.
698 * FIX: papd: papd -d didn't write to stderr.
699 * FIX: papd: ps comments don't always use ()
700 * FIX: many compilation errors (solaris, AFS, Tru64, xfs quota...).
705 * NEW: afpd: add a cachecnid option that controls if afpd should
706 use the IDs stored in the AD2 files as cache. Defaults
708 * UPD: afpd: deal with more than 32 groups.
709 * FIX: afpd: several catsearch fixes, based on patch from
711 * FIX: afpd: fix a race when a client very quickly reconnects and
712 tries to kill its old session.
713 * FIX: afpd: OSX style symlink caused problems with Panther clients.
714 * FIX: afpd: old files with default type didn't show the right icon
715 in finder, from Shlomi Yaakobovich, slightly modified.
716 * FIX: cnid_check: disable cnid_check if CNID db was configured with
717 transactions and really bail out after the first error.
718 * FIX: admin-group configure option was broken.
719 * FIX: several problems with IDs cached in AD2 files.
720 * FIX: Ignore BIDI in UTF8 hints from OSX.
721 * FIX: Lots of gcc warning fixes.
722 * FIX: small configure script changes.
728 * NEW: cnid: Add an indexes check and rebuild, optional for dbd
729 (parameter check default no), standalone program cnid_index for
731 * UPD: Enhanced afpd's -v command line switch and added -V for more
733 * UPD: uams_gss: build the principal used by uams_gss.so from afpd's
734 configuration, don't use GSS_C_NT_HOSTBASED_SERVICE
735 * UPD: cnid_dbd: add process id in syslog and small clean up
736 * REM: remove netatalkshorternamelinks.pl cf. SF bug [ 1061396 ]
737 netatalkshorternamelinks.pl broken
738 * FIX: afpd: check for DenyRead on FPCopyFile
739 * FIX: afpd: add missing flush for AD2 Metadata on FPCopyFile, SF bug
740 [ 1055691 ] Word 98 OS 9 Saving an existing file
741 * FIX: afpd: Deal with AFP3 connection and type 2 (non-UTF8) names.
742 reported by Gair Heaton, HI RESOLUTION SYSTEMS
743 * FIX: afpd: Broken 'crlf' option
744 * FIX: afpd: fix SF bug [ 1079622 ] afpd/dhx memory bug,
746 * FIX: afpd: Return an error if we cannot get the db stamp in
748 * FIX: afpd: Fix slp registration with Solaris9 slpd, from
749 hat at fa2.so-net.ne.jp
755 * NEW: --enable-debian configure option. Will install /etc/init.d/atalk
756 to get not in conflict with standard debian /etc/init.d/netatalk.
757 Reads netatalk.conf from $ETCDIR and not from /etc/default/
758 * UPD: Disable logger code by default. Log to syslog instead
759 * UPD: changed netatalk.conf default settings to prevent problems with
760 AppleTalk zone names containing spaces
761 * FIX: insecure tempfile handling bug in etc2ps.sh,
762 found by Trustix, CAN-2004-0974.
763 * REM: remove add_netatalk_printer and netatalk.template from stable
764 branch until fixed. (possible symlink vulnerabilities)
765 * FIX: afpd: set hasBeenInited in default finder info. This bug caused
766 endless finder refreshes with OS9 finder if the noadouble option
767 was used. From TSUBAKIMOTO Hiroya.
768 * FIX: afpd: fix a bug in default CREATOR/TYPE handling. Due to this bug
769 the type/creator mappings in AppleVolumes.system were ignored,
770 causing problems i.e. with OS9 clients.
771 * FIX: AppleVolumes.system: By default don't define a CREATOR/TYPE for a
772 file of unknown type.
773 * FIX: fix two Tru64 UNIX compilation errors,
774 from Burkhard Schmidt bs AT cpfs.mpg.de
775 * FIX: afpd: FPMapId wasn't using UTF8 for groups if requested by client.
780 * UPD: afpd: add an error message if -ipaddr parameter cannot be parsed
781 * UPD: updated documentation
782 * FIX: afpd: fix a file descriptor and memory leak with OSX ._ resource fork
783 * FIX: afpd: Prevent overwriting a file by renaming a file in the same
784 directory to the same name. Won't work with OSX, the dest file gets
785 deleted by OSX first.
786 * FIX: sometimes '0' was used instead of 0 for creator/type
787 * FIX: removed setpgrp check from configure, we don't use it anymore and
788 it doesn't work with cross compile.
789 * FIX: fix for Solaris "make maintainer-clean", from Alexander Barton
790 * FIX: fix username matching bug in afppasswd. from kanai at nadmin dot org
791 * FIX: reworked username check a little. Depending on the UAM, the wrong
792 username _could_ have been selected.
797 * UPD: use 0 0 for default creator/type rather than UNIX TEXT, from
799 * UPD: updated documentation
800 * UPD: change machine type from Macintosh to Netatalk in status reply
801 * FIX: afpd: CopyFile only create a resource fork for destination if source
803 * FIX: afpd: mangling: for utf8 --> max filename length is 255 bytes, else 31.
804 * FIX: cnid_dbd: fix a signed/unsigned, 16/32 bits mismatch. from Burkhard
805 Schmidt, bs at cpfs.mpg.de.
806 * FIX: afpd: After ad_setid don't flush resource fork if it has not been
808 * FIX: NEWS: Fixed ancient NEWS entries. Removed umlauts
809 * FIX: fix macname cache, SF bug 1021642
810 * FIX: revert Makefile change from 2.0-rc1. We have to include BDB_CFLAGS
816 * NEW: new manual page for asip-status.pl
817 * UPD: updated documentation
818 * UPD: uams: link uam_dhx_passwd.so to lcrypt before lcrypto. might help with
820 * UPD: Improved BerkeleyDB detection
821 * UPD: sys/solaris/Makefile.in: enable 'make check', from Alexander Barton
822 * UPD: tcp wrappers detection should work on OpenBSD as well now
823 * UPD: macbin: increase the maximum size of macbinary forks, as suggested by
824 Sourceforge bug ID 829221
825 * UPD: ASP: rework getstatus. use several ASP packets if the client allows
826 it, otherwise just send as much as we can
827 * FIX: FreeBSD 5 build, from Alex Barton (alex at barton.de)
828 * FIX: OSX 10.3 build
829 * FIX: papd: workaround a problem with PJL before Postscript
830 * FIX: afpd: make sure we only disconnect on old session if the users match
831 * FIX: apfd: Quark6 mangled long filenames should work better now
832 * FIX: enhance ADv1 to ADv2 conversion. Fixed a SIGSEGV reported by Mark Baker
833 * FIX: better detection of invalid resource forks
834 * FIX: fix some linking problems on OpenBSD
835 * FIX: afpd: catsearch.c, filedir.c: fix bogus casts, from Olaf Hering
837 * FIX: afpd: don't try to create special folders and .volinfo on read-only
839 * FIX: iconv/unicode enhancements. fixed a sigsegv on conversion error
840 * FIX: configure.in: fix a typo, reported by Joerg Rossdeutscher
841 * FIX: uniconv: enhanced uniconv behaviour
842 * FIX: fixed some Solaris compilation problems
843 * FIX: papd/Makefile.am: add a missing $DESTDIR, from Vlad Agranovsky
844 * FIX: afpd: quota.c: remove a c99 declaration, from Yann Rouillard
845 * FIX: configure.in: Solaris/gcc 3.0 fix, from Yann Rouillard
846 * FIX: afpd: fix a SIGSEGV when sharing home dirs without any options in
848 * FIX: numerous small bugfixes
853 * NEW: atalkd, papd and npb tools now support nbpnames with extended
855 * NEW: integrated CUPS support for papd
856 * NEW: optionally advertise SSH tunneling capabilties
857 * NEW: automatic logfile removal for cnid_metad
858 * NEW: asip-status.pl has been added to netatalk
859 * UPD: updated documentation
860 * UPD: we now require Berkeley DB >= 4.1
861 * UPD: 64bit Linux fixes from Stew Benedict, Mandrakesoft
862 * UPD: remove --enable-sendfile
863 * UPD: more verbose error messages
864 * FIX: better handling for resource forks without read access
865 * FIX: Tru64 build, by Burkhard Schmidt
866 * FIX: MIT Kerberos detection
867 * FIX: varios *BSD compile problems
868 * FIX: compile problem with libiconv, reported by Joe Marcus Clarke
869 * FIX: adv1tov2: make it work with the new structure
870 * FIX: afpd: filenames longer than 127 bytes were not enumerated correctly,
871 reported by Thies C. Arntzen
872 * FIX: afpd: return IP before FQDN in status reply.
873 * FIX: afpd: Mac chooser could crash on a codepage conversion error
874 * FIX: afpd: KerberosV auth with Panther clients, make long AD tickets work,
875 reported by Andrew Smith
876 * FIX: atalkd: could send invalid NBPLKUP replies, e.g with more than 15
877 printers. Reported by Almacha
878 * FIX: papd: fix papd.conf parsing problems with consecutive ':' and missing
879 newline. Reported by Craig White.
880 * FIX: megatron: make megatron work with UTF-8 volumes
881 * FIX: timeout: running timeout with commands which accept arguments,
883 * FIX: uniconv: fix a SEGFAULT, reported by Matthew Geier
884 * FIX: pam detection: PAM_C/LDFLAGS were always empty, from Alexander Barton
885 * FIX: numerous small bugfixes.
890 * NEW: OSX style adouble scheme
891 * NEW: japanese SHIFT_JIS codepage (iconv supplied)
892 * NEW: Solaris kernel module build integrated with configure
893 * NEW: Gentoo start scripts
894 * NEW: cnid_dbd doesn't use transactions by default
895 * FIX: afpd: the volume casefold option was broken
896 * FIX: afpd: update AD2 headers and keep owner on file exchange
897 * FIX: Solaris 9 and FreeBSD 4.9/5.2 compilation
898 * FIX: free space reported with groups quotas on Linux
899 * FIX: OS9/OS X didn't update free space
900 * FIX: finder crash if folder opened got deleted by another process
901 * FIX: randnum UAM wasn't AFP3 ready
902 * FIX: numerous small bugfixes.
904 Changes in 2.0-alpha2
905 =====================
907 * NEW: uniconv tool for converting volume encoding.
908 * NEW: afpd: Make sure getstatus doesn't return loopback address as server IP.
909 * NEW: afpd: Specify USEDOTS with MSWINDOWS implicitely.
910 * NEW: afpd: SRVLOC register with IP address instead of hostname by default,
911 if -fqdn is specified register with FQDN. Added extended character
912 support for SLP, non ASCII characters are escaped Added ZONE to registration.
913 * NEW: atalkd: Make atalkd set interfaces to ALLMULTI on linux by default.
914 * NEW: cnid_metad: Use DB_PRIVATE attribute for dbd backend without transaction.
915 * FIX: afpd: Partial workaround for an OSX client deadlock.
916 * FIX: afpd: Reenumerate folder if db is out of sync in resolveID.
917 * FIX: afpd: Don't modify modification date in copyfile.
918 * FIX: afpd: Variable $v substitution: always use name defined in config files.
919 * FIX: libatalk: Speed optimisation for byte locking was broken on resource fork.
920 * FIX: Solaris 9 compilation.
921 * FIX: Tru64 compilation fixes.
922 * FIX: AFS compilation fixes.
923 * FIX: strncpy bugfix.
924 * FIX: configure, man pages update and small bugfixes.
926 Changes in 2.0-alpha1
927 =====================
929 * NEW: afpd: We now support AFP 3.x, which features long filenames and
931 * NEW: CNID handling completely reworked. We now use per Volume configurable
933 * NEW: Two new daemons, cnid_metad and cnid_dbd to implement the dbd CNID backend.
934 Using Berkeley DB transactions with the CNID database should be safe now.
935 * NEW: The on disk format of the CNID database has changed. We now support 8 byte
936 device and inode numbers and an additinal type field that should make
937 detection of file/directory changes outside of afpd more robust.
938 Changed from HASH to BTREE access which speeds things up in certain cases
939 and reduces database file size.
940 * NEW: Long file name mangling is now implemented using the CNID ID, so no database is
941 required to map names to mangled names. This is the same method Mac OS X uses.
942 * NEW: New format (version 2) for Metadata in AppleDouble files. We record device and
943 inode of the underlying file as well as the CNID. This can be used for recovery
944 and speeds up access to the CNID.
945 * NEW: The old NLS codepage system has been removed. It was replaced by an iconv
946 based conversion system, which provides much more flexibility.
947 * NEW: You can safely use extended characters in volume names and for SIGUSR2 messaging.
948 * NEW: The default volume encoding is UTF-8.
949 * NEW: All documentation is now generated using DocBook. New or completely reworked
950 sections about installing, setting up and upgrading Netatalk replace various
951 README files in the doc directory.
952 * FIX: Protect afpd better against unexpected signals during updates of the CNID
953 database with the cdb backend. This makes database corruption less likely.
954 * FIX: All manpages have been reviewed and should now be up to date.
955 * FIX: Tons of bug fixes since 1.6.4. Please consults the CVS change log for details.
960 * NEW: afpd: Using the mswindows option now implicitly specifies usedots.
962 * UPD: afpd.8: Updated the option documentation.
963 [Thomas Kaiser, Sebastian Rittau]
964 * FIX: configure: Removed broken --with-flock-locks option. [Bjoern Fernhomberg]
965 * FIX: libatalk: Do not log network probe (OSX 10.3). [Didier Gautheron]
966 * FIX: libatalk: Deadlock in signal handlers. [Didier]
967 * FIX: libatalk: Compilation with Linux kernel 2.6 fixed. [Sebastian, Bjoern]
968 * FIX: afpd: Solaris compile issues. [Bjoern]
969 * FIX: afpd: If connection broke in dsi_tickle the child did never die. [Bjoern]
970 * FIX: afpd: Catsearch, fixes a possible segmentation fault. [Bjoern]
971 * FIX: afpd: Compilation issues. [Olaf Hering, Sebastian]
972 * FIX: cnid: Fix compile problems on Tru64. [Burkhard Schmidt]
973 * FIX: megatron: Fixed an uninitialized variable. [Olaf]
974 * FIX: installation: Don't overwrite PAM file if --enable-overwrite configure
975 option is not set. [Sam, Ryan Cleary]
976 * FIX: installation: Fixed BSD installation. [Toru TAKAMIZU]
977 * FIX: docs: Removed ssl-dir/ssl-dirs confusion from doc/INSTALL. [Bjoern]
982 * UPD: afpd: Infrastructural support for an upcoming Kerberos 5 UAM.
984 * UPD: uams_dhx_passwd: Better random seed in Tru64. [Burkhard Schmidt]
985 * FIX: afpd: Bug in AFP connection negotiation stage. [Sam]
986 * FIX: afpd: Catsearch, when Mac and unix name differ, search on attributes.
987 * FIX: afpd: Files could be opened for writing on read-only filesystems.
988 * FIX: afpd: Debugging using SIGUSR1 was broken. [Stefan Muenkner]
989 * FIX: afpd: Segfault after login. [Robby Griffin, Sean Bolton]
990 * FIX: psf: Correct path to etc2ps.sh.
991 * FIX: shell_utils: Don't distribute generated files.
992 * FIX: aecho: -A option didn't work. [Chris Shiels]
993 * FIX: configure: Berkeley DB path detection could be wrong. [Stefan]
994 * FIX: Automake build fixes.
999 * FIX: atalkd: Fixes for reading long configuration file lines. [Dan Wilga]
1000 * FIX: afpd: CNID id allocation in a multiuser environment.
1001 * FIX: papd: Fix PSSP support when PAM is enabled.
1002 * FIX: macusers: Can now cope with IP addresses as well as host names.
1003 * FIX: etc2ps.sh: Install correctly.
1008 * UPD: Improve --enable-fhs. [Olaf Hering]
1009 * UPD: Add BDB 4.1.x support.
1010 * UPD: Add more documentation on CNID, as well as list which versions
1011 of Berkeley DB are supported.
1012 * FIX: Codepage file maccode.koi8-r is now correctly cleaned.
1013 * FIX: Fix init script location on SuSE. [Olaf]
1014 * FIX: Build fixes. [Olaf, Steven N. Hirsch]
1015 * FIX: Various bugs when a user doesn't have access permission to a folder.
1016 (Fixes an OSX kernel panic.)
1017 * FIX: CNID, folders' DID handling with concurrent access or symlinks.
1018 (Fixes an endless loop in afpd.)
1023 * FIX: pap looks at the STDOUT file descriptor to see if it's connected to
1024 a tty, instead of STDIN.
1029 * UPD: Removed --with-catsearch option from configure and enable FPCatSearch
1031 * UPD: The dbpath argument does now support variable substitution.
1032 * FIX: Build fix for non-GNU-C compilers in libatalk/util/logger.c.
1033 * FIX: Two directories with the same name but different case confused the
1035 * FIX: The ROOT_PARENT directory could get invalidated.
1038 ====================
1040 * NEW: Long file name mangling support.
1041 * NEW: Improved log file support.
1042 * NEW: Server-side find capability ("FPCatSearch")
1043 * NEW: Concurrent datastore (CDB) is now the default CNID datastore. This
1044 should be heavily tested in a multiuser environment.
1045 * NEW: Variable substitution support has been added for the dbpath AppleVolume
1047 * UPD: CNID DID handling is now enabled by default.
1048 * FIX: Various bug and build fixes as well as code cleanups.
1053 * NEW: Allow afpd debugging to be enabled by sending the afpd process
1055 * NEW: Allow SLP to be disabled per afpd process by adding a new -noslp flag
1057 * FIX: Use server name (if not NULL) for the SLP URL.
1058 * FIX: papd: buffer overflow during config file read (Olaf Hering)
1063 * FIX: File open read only and then read write (aka pb with Illustrator).
1064 * FIX: Problems with unexpected EOF when reading files on a ddp connection
1065 Photoshop, old finder.
1066 * FIX: --with-nls-dir option does now work
1071 * UPD: Extend the --disable-shell-check functionality to ignore users
1072 with _no_ shell. Also, send a log message if a user is refused login
1073 based on the fact that they have no shell.
1074 * UPD: Autoconf updates.
1075 * UPD: Tru64 afpd authentication updates.
1076 * UPD: As always: lots of minor code cleanups.
1077 * FIX: Problems with Photoshop trying to open image files has been
1079 * FIX: Preserve special permission bits when creating or modifying
1081 * FIX: afp_deleteid() now deletes the specified file and not the parent
1083 * FIX: papd does now announce that it supports binary data to its clients.
1084 * FIX: NetBSD ELF support.
1085 * FIX: acleandir.rc is now installed in the bin directory.
1086 * FIX: megatron does now compile even if compiled with -DDEBUG.
1087 * FIX: Clean up some syslog messages.
1092 * NEW: NetBSD support contributed by David Rankin and NetBSD contributors.
1093 This includes a new configure option --enable-netbsd.
1094 * NEW: Add the -client_polling afpd.conf flag to allow for clients to poll
1095 the server every 10 seconds for open window updates. Currently
1096 this is the only way to get asynchronous directory updates.
1097 * UPD: Use separate macro for AFS configure check.
1098 * UPD: Some Perl scripts are now (partially) auto-generated. This improves
1099 out-of-the-box usage of Netatalk.
1100 * UPD: Solaris Kernel Makefile is now auto-generated. This fixes some path
1101 issues, but isn't perfect, yet. Added some Solaris compatibility
1102 fixes to the Kernel sources, too.
1103 * UPD: CNID DB code sync'd with the current CVS version. NOTE: Using this
1104 code requires you to delete _all_ existing .AppleDB directories in
1105 order to avoid database corruption!
1106 * FIX: The file AppleVolumes.system contained wrong line breaks so that
1107 not all file types were properly recognized.
1108 * FIX: AFS compilation would fail due to a misnamed variable.
1109 * FIX: SLP configure check was wrong so SLP did not compile.
1110 * FIX: Fix the way quotas are handled under certain situations.
1111 * FIX: Do not enable debugging code if debugging option is not set.
1112 * FIX: Some problems with wrongly assigned DIDs were fixed.
1113 * FIX: Various bug fixes and code cleanups.
1118 * NEW: Added a program called cnid_didname_verify that can be used to
1119 verify the consistency of the CNID database.
1120 * NEW: New afpd option: -timeout. Warning: This still doesn't do what it's
1122 * UPD: Code cleanups and compatibility fixes to macusers.
1123 * UPD: AppleVolumes.system was cleaned up.
1124 * FIX: Really fix Tru64 compilation (see last entry).
1125 * FIX: Hand correct error value back to AFP client when deleting files or
1127 * FIX: Leading or trailing spaces are now forbidden on volumes that have
1128 the AFPVOL_MSWINDOWS flag set.
1129 * FIX: Minor code cleanups and warning fixes.
1130 * FIX: Make quota support work on FreeBSD.
1135 * FIX: Compilation on Tru64 systems was broken, since libtool's acinclude.m4
1136 file on the packagers system did not contain the necessary patch.
1137 * FIX: On some systems, atalkd refuses to start, since it couldn't detect
1138 any interfaces. This was caused by an overzealous validity check.
1143 * FIX: contrib/shell_utils/lp2pap.sh was erased when "make clean" was called.
1144 Now we distribute lp2pap.sh.tmpl instead, and lp2pap.sh is automatically
1145 generated during package build.
1146 * FIX: Some platforms (notably Tru64) don't have the snprintf() call, which
1147 was used in etc/afp/afp_config.c. This call was replaced by sprintf()
1148 and prior bounds checking.
1150 Changes from the 1.4b1 release:
1151 ===============================
1153 * Fixed the maximum free/total volume size in afpd.
1155 * Made ~ the default volume in afpd.
1157 * Fixed pid file handling and changed setpgrp() to setpgid() in afpd,
1160 * Added code to afpd to set the Unix file time stamps with utime().
1162 * Fixed a bug in papd's printcap code which limited it to 15 or so
1165 * Fixed papd's handling of piped printers.
1167 * Fixed papd's handling of bad job names.
1169 * Fixed atalkd to send NBP LKUP packets from NBP port.
1171 * Added "sync;sync;sync" to Solaris kinstall to help with streams
1174 * Added nlocalrts to streams ddp.conf. Thanks Thomas Tornblom.
1176 * Fixed signed extension infinite loop in Solaris module.
1178 * Moved all the config files to .../config.
1180 Changes from the 1.3.3 release:
1181 ===============================
1183 * Added code from Sun Microsystems, Inc (OPCOM) for Solaris support.
1186 * Added support for FreeBSD, mostly changes by Mark Dawson and Julian
1189 * All sorts of other stuff.
1191 Changes from the 1.3.1 release:
1192 ===============================
1194 * Added options to psf's filter names to support accounting on HPs.
1195 !!! NOTE: The location of the filters has changed, see the man
1198 * Added code from Alan Cox to support Linux.
1200 * Rewrote papd. Now handles dropped connections better.
1201 Configuration has been modernized. !!! NOTE: The format of the
1202 configuration file has changed, but NOT THE NAME.
1204 * Added Kerberos support to papd.
1206 * atalkd now removes routes on a SIGTERM. Still can't just restart
1207 it, but it's closer.
1209 * Changed atalkd and the kernel driver to remove a hack added to
1210 support sending to 0.255. Now the kernel will allow multiple open
1211 sockets with the same port, so long as the addess associated with
1212 the port is different. atalkd now opens a socket for each port on
1215 * atalkd now rewrites its configuration file. If no configuration
1216 file is given, one will be generated. Permissions on the new
1217 configuration file will be inherited from the old one. If there is
1218 no old one, permissions default to 644. Won't rewrite the file if
1219 the owner doesn't have write permission.
1221 * Removed support for the "AFS Kerberos UAM", in favor of the
1222 "AuthMan UAM". Kerberos support should now be much more
1225 * Fixed a bug in afpd which would cause incorrect group calculations
1228 * Fixed a bug in afpd which causes SimpleText and some other
1229 applications to silently fail to write. There's also a bug in
1230 MacOS, but we can't fix that.
1232 * Fixed a bad interaction with afpd and AFS which would cause file
1233 writes to not propogate between AFS clients.
1235 * !!! CHANGED the name(s) of afpd's config files. The new files are
1236 AppleVolumes.system and AppleVolumes.default. If AppleVolumes.system
1237 exists, it is always read, AppleVolumes.default is only read if the
1238 user has no AppleVolumes file. Included a flag "-u" to indicate
1239 which file has precedence. "-u" user wins, otherwise ".system"
1242 * Rewrote the AppleVolumes parsing code. Now works.
1244 * Added a filename extension mapping to afpd. User always takes
1245 precedence, regardless of the "-u" flag. Code to change the type
1246 of all Unix files contributed by Kee Hinckley <nazgul@utopia.com>.
1248 * afpd now supports both UFS and AFS volumes simultaneously. It also
1249 uses access() to attempt to calculate reasonable Mac permissions
1250 for AFS directories.
1252 * Changed reporting of file times. Files that are written from Unix
1253 now update the Mac's idea of the files modification time. Unix
1254 mtime is now reported instead of ctime.
1256 * Added support for a new UAM to afpd. This requires that client
1257 Macs have MacTCP and AuthMan installed. Should make running afpd
1260 * Removed code so that otherwise valid volumes for which the mounting
1261 user has no permission will appear in the volume selection dialog
1262 on the Mac gray-ed out.
1264 * Added code from Chris Metcalf of MIT to the AppleDouble library
1265 which improves permission inheritance.
1267 * Added code from G. Paul Ziemba of Alantec, Inc to better report
1268 errors in psf. Also changed psf to use syslog for errors that
1269 users aren't interested in.
1271 * Added information to psf's man page to better explain the
1272 interaction between psf, pap, and lpd.
1274 * Make psf/pap/psa do accounting when it's turnes on in
1277 * Changed pap's error message when there is no printer specified on
1278 the command line and no .paprc is found. Also heavily modified
1279 pap's man page to reflect changes in the "new" version of pap,
1280 including moving it from section 8 to section 1.
1282 * Fixed a byte-order bug in pap's sequence numbers. Doubt if pap has
1283 ever worked right on little endian machines!
1285 * Added a flag to pap to optionally close before receiving EOF from
1286 the printer. Off by default. psf calls pap with this option on.
1288 * Added timeouts to the nbp library calls. This means that processes
1289 won't hang when atalkd dies during boot, thus hanging your
1292 Changes from the 1.3 release:
1293 =============================
1295 * Fixed a bug in afpd which would cause APPL mappings to contain both
1296 mac and unix path names. The fixed code will handle the old
1297 (corrupted) database.
1299 * Fixed a *very* serious bug which would cause files to be corrupted
1300 when copying to afpd.
1302 * Fixed a bug in afpd which would cause replies to icon writes to
1303 contain the written icon.
1305 * Filled in the function code switch in afpd. Previously, a hacker
1306 could probably have used afpd to get unauthorized access to a
1307 machine running afpd.
1309 * Fixed a bug in the asp portion of libatalk.a which could cause the
1310 malloc()/free() database to be corrupted.
1312 * Fixed a bug in atalkd's zip query code. With this bug, only the
1313 first N % 255 nets get queried. However, since nets bigger than
1314 255 are usually pretty unstable, the unqueried for nets will
1315 eventually get done, when N drops by one.
1317 * Suppressed a spurious error ("route: No such process") in atalkd.
1319 Changes from the 1.2.1 release:
1320 ===============================
1322 * atalkd is completely rewritten for phase 2 support. atalkd.conf
1323 from previous version will not work!
1325 * afpd now has better AFS support. In particular, the configuration
1326 for AFS was made much easier; a number of Kerberos-related
1327 byte-ordering and time problems were found; clear-text passwords
1328 were added (thanks to geeb@umich.edu).
1330 * afpd now handles Unix permissions much better (thanks to
1333 * There are many, many more changes, but most are small bug fixes.
1335 Changes from the 1.2 release:
1336 =============================
1338 * The Sun support now uses loadable kernel modules (a la VDDRV)
1339 instead of binary patches. As such, it should work on any sunos
1340 greater than 4.1, and is confirmed to work under 4.1.1 and 4.1.2.
1342 * The DEC support no longer requires source. It also runs under
1343 ultrix 4.1 and 4.2. It still requires patching your kernel, but the
1344 patches are limited to those files available to binary-only sites
1345 -- primarily hooks for things like netatalk.
1347 * The etc.rc script now uses changes made to nbprgstr (see below).
1349 * aecho now takes machine names on the command line.
1351 * nbplkup now takes a command line argument specifying the number of
1352 responses to accept. It also takes its defaults from the NBPLKUP
1353 environment variable.
1355 * nbprgstr may be used to register a name at any requested port.
1357 * afpd now logs if an illegal shell is used during login, instead of
1358 silently denying service.
1360 * A bug in afpd which caused position information for the directory
1361 children of the root of a volume to be ignored has been fixed.
1363 * Several typos in afpd which would cause include files necessary to
1364 ultrix to be skipped have been fixed.
1366 * atalkd will no long propagate routes to networks whose zone
1369 * atalkd no longer dumps core if it receives a ZIP GetMyZone request
1370 from a network whose zone it doesn't know. (Since this currently
1371 can only happen from off net, it's not precisely a legal request.)
1373 * pap and papd (optionally) no longer check the connection id in PAP
1374 DATA responses. Both also maintain the function code in non-first-packet
1375 PAP DATA responses. These changes are work-arounds to deal with
1376 certain AppleTalk printer cards, notably the BridgePort LocalTalk
1377 card for HP LJIIISIs.
1379 * pap no longer sends an EOF response to each PAP SENDDATA request,
1382 * A bug in papd which would cause it to return a random value when
1383 printing the procset to a piped printer has been fixed.
1385 * A bug relating to NBP on reverse-endian machines has been fixed.
1387 * atp_rsel() from libatalk now returns a correct value even if it
1388 hasn't recieved anything yet.
1390 * atalk_addr() from libatalk no longer accepts addresses in octal
1391 format, since AppleTalk addresses can have leading zeros. Also it
1392 checks that the separator character is a '.'.
1394 * Pseudo man pages for nbplkup, nbprgstr, and nbpunrgstr, have been
1397 * The example in the psf(8) man page is now correct.
1399 * The man pages for changed commands have been updated.
1401 * The README files for various machine have been updated