ANNOUNCE: cifs-utils release 5.6 is ready for download
Jeff Layton
jlayton at samba.org
Thu Jul 26 08:55:40 MDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Time for another cifs-utils release!
Highlights:
* binaries are now built by default with PIE and RELRO support for
better protection against exploits
* better debugging and warnings for cifs.upcall and cifscreds
* better integration with systemd by having mount.cifs use
systemd-ask-password if it's appropriate and available
webpage: https://wiki.samba.org/index.php/LinuxCIFS_utils
tarball: ftp://ftp.samba.org/pub/linux-cifs/cifs-utils/
git: git://git.samba.org/cifs-utils.git
gitweb: http://git.samba.org/?p=cifs-utils.git;a=summary
Detailed list of changes since 5.5:
commit df561d40947e0b520deb48e1a4749afe9787949a
Author: Jeff Layton <jlayton at samba.org>
Date: Fri Jun 1 13:56:21 2012 -0400
autoconf: set version to 5.5.1 for interim builds
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 74edf24d9780900f3ce15d2403c6e331b031d454
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Jun 14 10:59:18 2012 -0400
automake: revert -Werror by default
I think in hindsight, that adding -Werror by default was a mistake.
cifs-utils is built in a wide range of environments and tools, and it's
very difficult to eliminate all of the possible warnings.
Let's go ahead and remove it and reduce the steady trickle of patches
that are simply to silence obscure warnings.
Cc: Suresh Jayaraman <sjayaraman at suse.com>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 0eb3daa4b17ee64b464594f1a5d413ecb364957c
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Jun 14 10:59:18 2012 -0400
mount.cifs: set rc to 0 in libcap toggle_dac_capability
Thus spake Jochen:
The mount.cifs program from the cifs-utils package 5.5 did not work on
my Linux system. It just exited without an error message and did not
mount anything.
[...]
I think, when this variable rc is now used in this function, it has also
to be properly initialized there.
Reported-by: Jochen Roderburg <roderburg at uni-koeln.de>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit b7bea5254443cb121b0cf03a64b123b85d7f9fbb
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Jun 14 11:05:43 2012 -0400
cifs.upcall: more debug logging for krb5 upcalls
While helping to track down a configuration problem, I found this
little bit of extra debug logging to be helpful. Might as well
make it part of the stock binary.
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit a8611e25d44211cd57a91dce4fe7d7a7ad7534d4
Author: Jeff Layton <jlayton at samba.org>
Date: Fri Jul 6 11:48:18 2012 -0400
replace: remove bzero() redefinition from replace.h
I borrowed replace.h from samba when I split off the package, and we
have a ton of definitions in there that we don't really need. This is
one of them and it causes a warning when we build on RHEL5.
Reported-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 233e17db8ef7edba1fea660e076a03a56b0117d2
Author: Jeff Layton <jlayton at samba.org>
Date: Mon Jul 9 14:12:33 2012 -0400
autoconf: add --enable-pie and --enable-relro
-pie and -fpie enable the building of position-independent executables,
and -Wl,-z,relro turns on read-only relocation support in gcc. These
options are important for security purposes to guard against possible
buffer overflows that lead to exploits.
Follow the example of samba here and enable these by default, but add
configure options that allow people to turn them off at build-time if
necessary.
We may also want to eventually add checks to ensure that the compiler
and linker understand these options, but I'll wait until we have some
evidence that it's needed before I expend the effort.
Reported-by: Andreas Schneider <asn at samba.org>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit ced19dedc0fa7b36087b8eaeef6a6a9dc76aa55e
Author: Andreas Schneider <asn at cryptomilk.org>
Date: Mon Jul 9 22:21:04 2012 -0400
autoconf: Fix building with autoconf version older than 2.60.
AC_PROG_SED is only avaliable in recent autoconf versions.
Use AC_CHECK_PROG instead if AC_PROG_SED is not present.
Signed-off-by: Andreas Schneider <asn at cryptomilk.org>
commit 4e264031d0da7d3f2a287337e86b623e814f5c56
Author: Ankit Jain <jankit at suse.de>
Date: Wed Jul 18 06:47:07 2012 -0400
mount.cifs: Use systemd's mechanism for getting password, if present.
If systemd is running and /bin/systemd-ask-password if available,
then use that else fallback on getpass(..).
And add a --enable-systemd configure option, which defaults to yes.
Signed-off-by: Ankit Jain <jankit at suse.com>
commit 877701f3cc23df3cb2a293c060bdbf05a87bff6a
Author: Luk Claes <luk at debian.org>
Date: Thu Jul 19 09:27:01 2012 -0400
mount.cifs: Use errno instead of having unknown error
When access() fails, use errno for a sensible error message.
Signed-off-by: Luk Claes <luk at debian.org>
commit c44d290f3b5f221e7617bdb409bb8e44ceafef3e
Author: Jeff Layton <jlayton at samba.org>
Date: Fri Jul 20 10:30:50 2012 -0400
cifscreds: add a check and warnings for session keyring problems
Many distros do not call into pam_keyinit to set up the session keyring
properly at login time. When cifscreds add is used in such a session,
the kernel will spawn a new session keyring in which to install the
credentials. That keyring will then go away once the cifscreds process
exits.
Check for this situation by looking to see if the session and
user-session keyrings are the same. Throw a warning if so, and add some
verbiage to the cifscreds manpage that explains the issue. Also, if
the session keyring can't be queried for any reason, then cause the
program to error out.
Acked-by: David Howells <dhowells at redhat.com>
Reported-by: Milan Knížek <knizek.confy at gmail.com>
Signed-off-by: Jeff Layton <jlayton at samba.org>
commit 9449c2ac7419ef45fc08f7d4a654c100ee26fa17
Author: Jeff Layton <jlayton at samba.org>
Date: Thu Jul 26 10:41:24 2012 -0400
autoconf: set version to 5.6
Signed-off-by: Jeff Layton <jlayton at samba.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
iQIcBAEBAgAGBQJQEVp8AAoJEAAOaEEZVoIVMmcP/jbcysz6rrxOPpdMgGzgttIl
YeBY/vpcmDE/lR68WK+NjeC26AkcNAyYcuMw9HzwtGxdo8Ni1ygRYB69BwdHkuLq
aeRwdDgJ5A7JzQCQmCj5HDrHyucuDrr5PZIcfokh4OZ0ivED1IUqS1lDruVZwn73
r5JWJ96gX9XNj7uP/fLfWu2QrOL/+YGhefMmKk2ja7BuA36AuP5G2d/h9nniAOza
fHPrmtKwp6wcGKDyzyIIsc0qwL+rvcAs2kc4h5Bt+Go0IJhlwyDccU90vBNoynhP
OaiRyf7H0NjcNIeqAMknqaJWapAWr4XssiPHUXXAeXXkcZsoF3jAbhQDiYpda2bv
I1Zi/7N+qHLU18ygjfEPqimXPmelX9Nj4aK9+7G6rMJUTSPprmu5ScEHJLsoqfR6
THfmBPlqgZsenHx36THL2IXSkAT/T5nPxAkwOAsUeJPSu/9spBdBnpcnPUUfOda2
BmNJ5GSf3Ytz1fWO1PY+BjzN3p4Y5KV9HhifeyIPuI/0BE9jW65Y6mG4Fn7BKxEF
P97jMZORdSd9IxWYAwuDXKo53Qi162vYFypHtxIfbNvc5tmDQP1zcrU6hCpKLBha
JY1lNDOeNH+hEBa4J+vCzBu5WY8YzMH3p5vZrveicn2LydSsyxpqtgasYFD1h/hj
bPWmTZBqPCW/CI+Iy9q+
=FkTM
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list