Index: openafs/doc/html/QuickStartUnix/auqbg005.htm
diff -c openafs/doc/html/QuickStartUnix/auqbg005.htm:1.2 openafs/doc/html/QuickStartUnix/auqbg005.htm:1.2.44.1
*** openafs/doc/html/QuickStartUnix/auqbg005.htm:1.2 Wed Aug 29 13:12:35 2001
--- openafs/doc/html/QuickStartUnix/auqbg005.htm Sun Jun 22 23:41:32 2008
***************
*** 597,608 ****
</PRE>
<P><LI>Copy the AFS kernel module to the local <B>/usr/sys/BINARY</B>
directory.
! <P>If the machine's kernel supports NFS server functionality:
<PRE>
# <B>cp bin/libafs.o /usr/sys/BINARY/afs.mod</B>
</PRE>
! <P>If the machine's kernel does not support NFS server
! functionality:
<PRE>
# <B>cp bin/libafs.nonfs.o /usr/sys/BINARY/afs.mod</B>
--- 597,609 ----
</PRE>
<P><LI>Copy the AFS kernel module to the local <B>/usr/sys/BINARY</B>
directory.
! <P>If the machine's kernel supports NFS server functionality and is to be
! used as an NFS translator:
<PRE>
# <B>cp bin/libafs.o /usr/sys/BINARY/afs.mod</B>
</PRE>
! <P>If the machine's kernel does not support NFS server functionality
! or is not to be used as an NFS translator:
<PRE>
# <B>cp bin/libafs.nonfs.o /usr/sys/BINARY/afs.mod</B>
***************
*** 823,834 ****
</PRE>
<P><LI>Copy the AFS kernel module to the local <B>/usr/conf/lib</B>
directory.
! <P>If the machine's kernel supports NFS server functionality:
<PRE>
# <B>cp bin/libafs.a /usr/conf/lib</B>
</PRE>
! <P>If the machine's kernel does not support NFS server functionality,
! change the file's name as you copy it:
<PRE>
# <B>cp bin/libafs.nonfs.a /usr/conf/lib/libafs.a</B>
--- 824,837 ----
</PRE>
<P><LI>Copy the AFS kernel module to the local <B>/usr/conf/lib</B>
directory.
! <P>If the machine's kernel supports NFS server functionality and is to be
! used as an NFS translator:
<PRE>
# <B>cp bin/libafs.a /usr/conf/lib</B>
</PRE>
! <P>If the machine's kernel does not support NFS server functionality
! or is not to be used as an NFS translator, change the file's name as
! you copy it:
<PRE>
# <B>cp bin/libafs.nonfs.a /usr/conf/lib/libafs.a</B>
***************
*** 1205,1222 ****
<B>IP</B><VAR>xx</VAR> portion of the library file name must match the value
previously returned by the <B>uname -m</B> command. Also choose the
file appropriate to whether the machine's kernel supports NFS server
! functionality (NFS must be supported for the machine to act as an NFS/AFS
Translator). Single- and multiprocessor machines use the same library
file.
<P>(You can choose to copy all of the kernel library files into the <B>
/usr/vice/etc/sgiload</B> directory, but they require a significant amount
of space.)
! <P>If the machine's kernel supports NFS server functionality:
<PRE>
# <B>cp -p usr/vice/etc/sgiload/libafs.IP</B><VAR>xx</VAR><B>.o /usr/vice/etc/sgiload</B>
</PRE>
! <P>If the machine's kernel does not support NFS server
! functionality:
<PRE>
# <B>cp -p usr/vice/etc/sgiload/libafs.IP</B><VAR>xx</VAR><B>.nonfs.o</B> \
<B>/usr/vice/etc/sgiload</B>
--- 1208,1227 ----
<B>IP</B><VAR>xx</VAR> portion of the library file name must match the value
previously returned by the <B>uname -m</B> command. Also choose the
file appropriate to whether the machine's kernel supports NFS server
! functionality and is to be used as an NFS translator (NFS must be
! supported for the machine to act as an NFS/AFS
Translator). Single- and multiprocessor machines use the same library
file.
<P>(You can choose to copy all of the kernel library files into the <B>
/usr/vice/etc/sgiload</B> directory, but they require a significant amount
of space.)
! <P>If the machine's kernel supports NFS server functionality and is to be
! used as an NFS translator:
<PRE>
# <B>cp -p usr/vice/etc/sgiload/libafs.IP</B><VAR>xx</VAR><B>.o /usr/vice/etc/sgiload</B>
</PRE>
! <P>If the machine's kernel does not support NFS server functionality
! or is not to be used as an NFS translator:
<PRE>
# <B>cp -p usr/vice/etc/sgiload/libafs.IP</B><VAR>xx</VAR><B>.nonfs.o</B> \
<B>/usr/vice/etc/sgiload</B>
***************
*** 1266,1280 ****
<B>/var/sysgen/boot/afs.a</B>; the <B>IP</B><VAR>xx</VAR>
portion of the library file name must match the value previously returned by
the <B>uname -m</B> command. Also choose the file appropriate to
! whether the machine's kernel supports NFS server functionality (NFS must
! be supported for the machine to act as an NFS/AFS Translator). Single-
and multiprocessor machines use the same library file.
! <P>If the machine's kernel supports NFS server functionality:
<PRE>
# <B>cp -p bin/libafs.IP</B><VAR>xx</VAR><B>.a /var/sysgen/boot/afs.a</B>
</PRE>
! <P>If the machine's kernel does not support NFS server
! functionality:
<PRE>
# <B>cp -p bin/libafs.IP</B><VAR>xx</VAR><B>.nonfs.a /var/sysgen/boot/afs.a</B>
--- 1271,1287 ----
<B>/var/sysgen/boot/afs.a</B>; the <B>IP</B><VAR>xx</VAR>
portion of the library file name must match the value previously returned by
the <B>uname -m</B> command. Also choose the file appropriate to
! whether the machine's kernel supports NFS server functionality and is
! to be used as an NFS translator (NFS must be supported for the machine
! to act as an NFS/AFS Translator). Single-
and multiprocessor machines use the same library file.
! <P>If the machine's kernel supports NFS server functionality and is to be
! used as an NFS translator:
<PRE>
# <B>cp -p bin/libafs.IP</B><VAR>xx</VAR><B>.a /var/sysgen/boot/afs.a</B>
</PRE>
! <P>If the machine's kernel does not support NFS server functionality
! or is not to be used as an NFS translator:
<PRE>
# <B>cp -p bin/libafs.IP</B><VAR>xx</VAR><B>.nonfs.a /var/sysgen/boot/afs.a</B>
***************
*** 1686,1711 ****
<P><LI>Copy the appropriate AFS kernel library file to the local file
<B>/kernel/fs/afs</B>.
<P>If the machine is running Solaris 2.6 or the 32-bit version of
! Solaris 7, its kernel supports NFS server functionality, and the
! <B>nfsd</B> process is running:
<PRE>
# <B>cp -p modload/libafs.o /kernel/fs/afs</B>
</PRE>
<P>If the machine is running Solaris 2.6 or the 32-bit version of
! Solaris 7, and its kernel does not support NFS server functionality or the
! <B>nfsd</B> process is not running:
<PRE>
# <B>cp -p modload/libafs.nonfs.o /kernel/fs/afs</B>
</PRE>
<P>If the machine is running the 64-bit version of Solaris 7, its kernel
! supports NFS server functionality, and the <B>nfsd</B> process is
running:
<PRE>
# <B>cp -p modload/libafs64.o /kernel/fs/sparcv9/afs</B>
</PRE>
<P>If the machine is running the 64-bit version of Solaris 7, and its
! kernel does not support NFS server functionality or the <B>nfsd</B>
! process is not running:
<PRE>
# <B>cp -p modload/libafs64.nonfs.o /kernel/fs/sparcv9/afs</B>
--- 1693,1717 ----
<P><LI>Copy the appropriate AFS kernel library file to the local file
<B>/kernel/fs/afs</B>.
<P>If the machine is running Solaris 2.6 or the 32-bit version of
! Solaris 7, its kernel supports NFS server functionality and is to be
! used as an NFS translator, and the <B>nfsd</B> process is running:
<PRE>
# <B>cp -p modload/libafs.o /kernel/fs/afs</B>
</PRE>
<P>If the machine is running Solaris 2.6 or the 32-bit version of
! Solaris 7, and its kernel does not support NFS server functionality, is
! not to be used as an NFS translator, or the <B>nfsd</B> process is not running:
<PRE>
# <B>cp -p modload/libafs.nonfs.o /kernel/fs/afs</B>
</PRE>
<P>If the machine is running the 64-bit version of Solaris 7, its kernel
! supports NFS server functionality and is to be used as an NFS translator, and the <B>nfsd</B> process is
running:
<PRE>
# <B>cp -p modload/libafs64.o /kernel/fs/sparcv9/afs</B>
</PRE>
<P>If the machine is running the 64-bit version of Solaris 7, and its
! kernel does not support NFS server functionality, is not to be used as an NFS translator or the <B>nfsd</B> process is not running:
<PRE>
# <B>cp -p modload/libafs64.nonfs.o /kernel/fs/sparcv9/afs</B>
Index: openafs/doc/man-pages/README
diff -c openafs/doc/man-pages/README:1.8.2.18 openafs/doc/man-pages/README:1.8.2.18.2.1
*** openafs/doc/man-pages/README:1.8.2.18 Tue Apr 1 02:57:18 2008
--- openafs/doc/man-pages/README Sun Jun 8 23:45:49 2008
***************
*** 201,206 ****
--- 201,207 ----
* The following installed commands have no man pages:
+ compile_et.afs
copyauth
fs cscpolicy
fs memdump
***************
*** 208,220 ****
--- 209,227 ----
fs rxstatpeer
fs rxstatproc
fs setcbaddr
+ klog.krb
+ krb.conf
+ pagsh.krb
restorevol
rmtsysd
+ tokens.krb
vldb_convert
vos clone
vos setfields
vsys
+ * Add -noresolve to the documentation of all the vos commands.
+
* klog.krb, pagsh.krb, and tokens.krb need to be listed as alternative
names in the NAME line of the non-.krb man pages, links should be
installed on man page installation, and the behavior of pagsh.krb
Index: openafs/doc/man-pages/pod1/aklog.pod
diff -c openafs/doc/man-pages/pod1/aklog.pod:1.1.4.4 openafs/doc/man-pages/pod1/aklog.pod:1.1.4.4.4.1
*** openafs/doc/man-pages/pod1/aklog.pod:1.1.4.4 Thu Nov 9 19:01:26 2006
--- openafs/doc/man-pages/pod1/aklog.pod Sun Jun 8 23:45:50 2008
***************
*** 20,38 ****
=head1 DESCRIPTION
The B<aklog> program authenticates to a cell in AFS by obtaining AFS
! tokens. If B<aklog> is invoked with no command-line arguments, it will
! obtain tokens for the workstation's local cell. It may be invoked with an
! arbitrary number of cells and pathnames to obtain tokens for multiple
! cells. B<aklog> knows how to expand cell name abbreviations, so cells can
! be referred to by enough letters to make the cell name unique among the
! cells the workstation knows about.
B<aklog> obtains tokens by obtaining a Kerberos service ticket for the AFS
service and then storing it as a token. By default, it obtains that
! ticket from the realm corresponding to that cell (the upcase version of
the cell name), but a different realm for a particular cell can be
specified with B<-k>. B<-k> cannot be used in B<-path> mode (see below).
When using B<aklog>, be aware that AFS uses the Kerberos v4 principal
naming format, not the Kerberos v5 format, when referring to principals in
PTS ACLs, F<UserList>, and similar locations. AFS will internally map
--- 20,48 ----
=head1 DESCRIPTION
The B<aklog> program authenticates to a cell in AFS by obtaining AFS
! tokens using a Kerberos 5 ticket. If B<aklog> is invoked with no
! command-line arguments, it will obtain tokens for the workstation's local
! cell. It may be invoked with an arbitrary number of cells and pathnames
! to obtain tokens for multiple cells. B<aklog> knows how to expand cell
! name abbreviations, so cells can be referred to by enough letters to make
! the cell name unique among the cells the workstation knows about.
B<aklog> obtains tokens by obtaining a Kerberos service ticket for the AFS
service and then storing it as a token. By default, it obtains that
! ticket from the realm corresponding to that cell (the uppercase version of
the cell name), but a different realm for a particular cell can be
specified with B<-k>. B<-k> cannot be used in B<-path> mode (see below).
+ When a Kerberos 5 cross-realm trust is used, B<aklog> looks up the AFS ID
+ corresponding to the name (Kerberos principal) of the person invoking the
+ command, and if the user doesn't exist and the
+ system:authuser@FOREIGN.REALM PTS group exists, then it attempts automatic
+ registration of the user with the foreign cell. The user is then added to
+ the system:authuser@FOREIGN.REALM PTS group if registration is successful.
+ Automatic registration in the foreign cell will fail if the group quota
+ for the system:authuser@FOREIGN.REALM group is less than one. Each
+ automatic registration decrements the group quota by one.
+
When using B<aklog>, be aware that AFS uses the Kerberos v4 principal
naming format, not the Kerberos v5 format, when referring to principals in
PTS ACLs, F<UserList>, and similar locations. AFS will internally map
***************
*** 75,85 ****
=item B<-hosts>
! Prints all the server addresses which may act as a single point of
! failure in accessing the specified directory path. Each element of the
! path is examined, and as new volumes are traversed, if they are not
! replicated, the server's IP address containing the volume will be
! displayed. The output is of the form:
host: <ip-address>
--- 85,95 ----
=item B<-hosts>
! Prints all the server addresses which may act as a single point of failure
! in accessing the specified directory path. Each element of the path is
! examined, and as new volumes are traversed, if they are not replicated,
! the server's IP address containing the volume will be displayed. The
! output is of the form:
host: <ip-address>
***************
*** 106,116 ****
=item B<-noprdb>
Ordinarily, B<aklog> looks up the AFS ID corresponding to the name of the
! person invoking the command, and if the user doesn't exist and the cell is
! a foreign one, attempts automatic registration of the user with the remote
! cell. Specifying this flag turns off this functionality. This may be
! desirable if the protection database is unavailable for some reason and
! tokens are desired anyway, or if one wants to disable user registration.
=item B<-path> <I<pathname>>, B<-p> <I<pathname>>
--- 116,128 ----
=item B<-noprdb>
Ordinarily, B<aklog> looks up the AFS ID corresponding to the name of the
! person invoking the command, and if the user doesn't exist, the cell is a
! foreign one, the system:authuser@FOREIGN.REALM PTS group exists, and has a
! positive group quota, then it attempts automatic registration of the user
! with the foreign cell. Specifying this flag turns off this functionality.
! This may be desirable if the protection database is unavailable for some
! reason and tokens are desired anyway, or if one wants to disable user
! registration.
=item B<-path> <I<pathname>>, B<-p> <I<pathname>>
Index: openafs/doc/man-pages/pod1/pts_examine.pod
diff -c openafs/doc/man-pages/pod1/pts_examine.pod:1.4.2.2 openafs/doc/man-pages/pod1/pts_examine.pod:1.4.2.2.2.1
*** openafs/doc/man-pages/pod1/pts_examine.pod:1.4.2.2 Mon Feb 4 12:53:44 2008
--- openafs/doc/man-pages/pod1/pts_examine.pod Sun Jun 8 23:45:51 2008
***************
*** 9,24 ****
B<pts examine> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
! [B<-force>] [B<-help>]
B<pts e> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-h>]
B<pts check> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-h>]
B<pts che> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-h>]
=for html
</div>
--- 9,24 ----
B<pts examine> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
! [B<-force>] [B<-auth>] [B<-help>]
B<pts e> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
B<pts check> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
B<pts che> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
! [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
=for html
</div>
***************
*** 63,68 ****
--- 63,73 ----
Enables the command to continue executing as far as possible when errors
or other problems occur, rather than halting execution at the first error.
+ =item B<-auth>
+
+ Run using the user's current authentication. This is the default unless
+ the B<-noauth> or B<-localauth> options are used.
+
=item B<-help>
Prints the online help for this command. All other valid options are
***************
*** 203,209 ****
The default privacy flags for group entries are C<S-M-->, meaning that all
users can display the entry and the members of the group, but only the
entry owner and members of the system:administrators group can perform
! other functions.
=item group quota
--- 208,216 ----
The default privacy flags for group entries are C<S-M-->, meaning that all
users can display the entry and the members of the group, but only the
entry owner and members of the system:administrators group can perform
! other functions. The defaults for the privacy flags may be changed by
! running B<ptserver> with the B<-default_access> option. See L<ptserver(8)>
! for more discussion of the B<-default_access> option.
=item group quota
***************
*** 211,218 ****
createuser> command sets it to 20 for both users and machines, but it has
no meaningful interpretation for a machine, because it is not possible to
authenticate as a machine. Similarly, it has no meaning in group entries
! and the B<pts creategroup> command sets it to 0 (zero); do not change this
! value.
=back
--- 218,232 ----
createuser> command sets it to 20 for both users and machines, but it has
no meaningful interpretation for a machine, because it is not possible to
authenticate as a machine. Similarly, it has no meaning in group entries
! that only deal with the local cell and the B<pts creategroup> command sets
! it to 0 (zero); do not change this value.
!
! When using cross-realm authentication, a special group of the form
! system:authuser@FOREIGN.REALM is created by an administrator and used. If
! the group quota for this special group is greater than zero, then aklog
! will automatically register foreign users in the local PTS database, add
! the foreign user to the system:authuser@FOREIGN.REALM, and decrement the
! group quota by one.
=back
Index: openafs/doc/man-pages/pod8/ptserver.pod
diff -c openafs/doc/man-pages/pod8/ptserver.pod:1.3.2.2 openafs/doc/man-pages/pod8/ptserver.pod:1.3.2.2.2.1
*** openafs/doc/man-pages/pod8/ptserver.pod:1.3.2.2 Wed Apr 2 15:51:53 2008
--- openafs/doc/man-pages/pod8/ptserver.pod Sun Jun 8 23:45:54 2008
***************
*** 7,15 ****
=for html
<div class="synopsis">
! B<ptserver> S<<< [B<-database> <I<db path>>] >>> S<<< [B<-p> <I<number of threads>>] >>>
! [B<-rebuildDB>] [B<-enable_peer_stats>] [B<-enable_process_stats>]
! [B<-allow-dotted-principal>] [B<-rxbind>] [B<-help>]
=for html
</div>
--- 7,20 ----
=for html
<div class="synopsis">
! B<ptserver> S<<< [B<-database> | B<-db> <I<db path>>] >>> S<<< [B<-p> <I<number of threads>>] >>>
! [B<-rebuildDB>] S<<< [B<-groupdepth> <I<# of nested groups>>] >>>
! S<<< [B<-default_access> <I<user access mask>> <I<group access mask>>] >>>
! [B<-restricted>] [B<-enable_peer_stats>]
! [B<-enable_process_stats>] [B<-allow-dotted-principal>]
! [B<-rxbind>] S<<< [B<-auditlog> <I<file path>>] >>>
! S<<< [B<-syslog>[=<I<FACILITY>>]] >>> S<<< [B<-rxmaxmtu> <I<bytes>>] >>>
! [B<-help>]
=for html
</div>
***************
*** 48,53 ****
--- 53,66 ----
=back
+ When using Kerberos 5, cross-realm authentication is possible. If the
+ special pts group system:authuser@FOREIGN.REALM exists and its group quota
+ is greater than zero, B<aklog> will automatically create an entry for the
+ foreign user in the local PTS database and add the foreign user to the
+ system:authuser@FOREIGN.REALM PTS group. Each time a foreign user is
+ created in the local PTS database, the group quota for the
+ system:authuser@FOREIGN.REALM PTS group is decremented by one.
+
This command does not use the syntax conventions of the AFS command
suites. Provide the command name and all option names in full.
***************
*** 55,61 ****
=over 4
! =item B<-database> <I<db path>>
Specifies the pathname of an alternate directory in which the Protection
Database files reside. Provide the complete pathname, ending in the base
--- 68,74 ----
=over 4
! =item B<-database> <I<db path>>, B<-db> <I<db path>>
Specifies the pathname of an alternate directory in which the Protection
Database files reside. Provide the complete pathname, ending in the base
***************
*** 75,80 ****
--- 88,111 ----
initialization. Use this argument only in consultation with AFS
Development or Product Support.
+ =item B<-groupdepth> <I<# of nested groups>>, B<-depth> <I<# of nested groups>>
+
+ Specifies the group depth for nested groups when B<ptserver> is compiled
+ with the SUPERGROUPS option enabled. The default depth for nested groups
+ is 5. This option may be shortened to B<-depth>.
+
+ =item B<-default_access> <I<user access>> <I<group access>>
+
+ Specifies the default user and group privacy flags to apply to each
+ entry. Provide a string of five characters, one for each of the
+ permissions. See L<pts_examine(1)> or L<pts_setfields(1)> for more
+ information on the flags.
+
+ =item B<-restricted>
+
+ Run the PT Server in restricted mode. While in restricted mode, only
+ members of the system:administrators PTS group may make any PTS changes.
+
=item B<-enable_peer_stats>
Activates the collection of Rx statistics and allocates memory for their
***************
*** 94,110 ****
=item B<-allow-dotted-principal>
By default, the RXKAD security layer will disallow access by Kerberos
! principals with a dot in the first component of their name. This is to avoid
! the confusion where principals user/admin and user.admin are both mapped to the
! user.admin PTS entry. Sites whose Kerberos realms don't have these collisions
! between principal names may disable this check by starting the server
! with this option.
=item B<-rxbind>
Bind the Rx socket to the primary interface only. (If not specified, the
Rx socket will listen on all interfaces.)
=item B<-help>
Prints the online help for this command. All other valid options are
--- 125,156 ----
=item B<-allow-dotted-principal>
By default, the RXKAD security layer will disallow access by Kerberos
! principals with a dot in the first component of their name. This is to
! avoid the confusion where principals user/admin and user.admin are both
! mapped to the user.admin PTS entry. Sites whose Kerberos realms don't have
! these collisions between principal names may disable this check by
! starting the server with this option.
=item B<-rxbind>
Bind the Rx socket to the primary interface only. (If not specified, the
Rx socket will listen on all interfaces.)
+ =item B<-syslog>[=<I<syslog facility>>]
+
+ Specifies that logging output should go to syslog instead of the normal
+ log file. B<-syslog>=I<FACILITY> can be used to specify to which facility
+ the log message should be sent. Logging message sent to syslog are tagged
+ with the string "ptserver".
+
+ =item B<-auditlog> <I<file path>>
+
+ Specifies the full pathname for the B<AuditLog> file.
+
+ =item B<-rxmaxmtu> <I<bytes>>
+
+ Sets the maximum transmission unit for the RX protocol.
+
=item B<-help>
Prints the online help for this command. All other valid options are
Index: openafs/doc/txt/winnotes/afs-changes-since-1.2.txt
diff -c openafs/doc/txt/winnotes/afs-changes-since-1.2.txt:1.72.2.51 openafs/doc/txt/winnotes/afs-changes-since-1.2.txt:1.72.2.51.2.2
*** openafs/doc/txt/winnotes/afs-changes-since-1.2.txt:1.72.2.51 Mon Apr 21 11:51:28 2008
--- openafs/doc/txt/winnotes/afs-changes-since-1.2.txt Mon Jun 23 00:02:23 2008
***************
*** 1,3 ****
--- 1,64 ----
+ Since 1.5.36 [1.5.39 released 23 June 2008]
+ * There were no 1.5.37 or 1.5.38 releases for Windows
+
+ * Use Visual Studio version of vsprintf() instead of
+ home grown version that resulted in linking conflicts
+
+ * Prevent buserver, ptserver and fileserver from crashing
+ due to non-portable strftime() format strings.
+
+ * Prevent server crashes caused by rx_InitMorePackets()
+ being called prior to allocation of all of the required
+ synchronization objects.
+
+ * Fixed a memory leak in the internal B+ tree directory.
+ For objects with non-8.3 names, the 'longname' memory
+ allocation would be leaked during object deletion or
+ tree destruction.
+
+ * Fixed a memory leak in the background daemon cm_CheckServer()
+ routine. The memory allocated to store the server list
+ was not freed.
+
+ * Obtain a missing lock around a call to cm_RemoveSCacheFromHashTable().
+
+ * Correct an abstraction layer violation. cm_scache_t objects
+ should be marked deleted in cm_Unlink() and cm_RemoveDir() and not
+ in smb_CloseFID(). Cleanup of deleted cm_scache_t objects should be
+ performed in cm_ReleaseSCache() when the reference count hits zero.
+
+ * Prototype cm_AdjustScacheLRU() and re-implement it using osi_QAddH().
+
+ * Do not reference 'smb_logp' in cm_vnodeops.c. Use 'afsd_logp'
+ instead.
+
+ * Ensure that scache object 'nextp' pointers are set to NULL
+ when the objects are removed from the hash table linked list.
+
+ * If a dirty buffer cannot be written to the file server because
+ of an access denied error, mark the error in the cm_buf_t
+ structure so that it can be dealt with instead of retrying
+ forever.
+
+ Since 1.5.35
+ * Update CellServDB file to GCO Public 23 Apr 2008
+
+ * Fix a cm_buf_t reference count leak when attempts to write
+ dirty buffers to the file server from within cm_IncrSyncer()
+ fail.
+
+ * Prevent udebug from crashing.
+
+ * Activate RX Idle Timeouts. If the file server is busy for more
+ then 30 seconds, attempt to failover to another server without
+ marking the busy server down.
+
+ * Another VNOVNODE issue fixed. When writing a dirty buffer
+ to the file server, if VNOVNODE is received, mark all buffers
+ as invalid without further attempts to contact the file server.
+
+ * Improved performance on high latency links.
+
Since 1.5.34
* Fix a bug preventing the re-initialization of the Freelance
root.cell contents when a change is made.