+Author: Steinar H. Gunderson <sgunderson@bigfoot.com>
+Date: Wed Sep 13 22:23:23 CEST 2006
+
+ Fix -n option to mountd
+
+ The getopt_long() option string in mountd was having a spurious
+ colon after the 'n', leading to the short form of --no-tcp not
+ being usable (expecting a parameter, contrary to the long form
+ and the documentation). Fix.
+
+Author: Steinar H. Gunderson <sgunderson@bigfoot.com>
+Date: Wed Sep 13 22:19:39 CEST 2006
+
+ Document sensitive gids
+
+ The exports(8) man page already mentions that some non-root users,
+ such as bin, might be just as sensitive as root, and that root_squash
+ thus might not be as effective as one could hope for. Update the
+ documentation to also mention that this could be the case for non-root
+ groups, such as staff.
+
+Author: NeilBrown <neilb@cse.unsw.edu.au>
+Date: Mon Aug 7 16:35:03 AEST 2006
+
+ Set version to 1.0.10
+ Note: 1.0.10 should be used in preference to
+ 1.0.9 especially with kernels 2.6.18 and later
+ otherwise 'rpc.nfsd N' won't work to change the
+ number of threads after nfsd has been started.
+
+Author: NeilBrown <neilb@cse.unsw.edu.au>
+Date: Mon Aug 7 16:35:03 AEST 2006
+
+ support/nfs/nfssvc.c: if any ports are already open,
+ don't try to open any more.
+ This means that once nfsd is running
+ rpc.nfsd X
+ will just change the number of threads, not the
+ ports in use.
+
+Author: NeilBrown <neilb@cse.unsw.edu.au>
+Date: Mon Aug 7 14:01:35 AEST 2006
+
+ Remove warning if neither 'sync' or 'async' present.
+ Add warning of neither 'subtree_check' or 'no_subtree_check' present.
+
+commit 7194d7d6320736c14f40d31c3738d40f3119ead5
+Author: Kevin Coffman <kwc@citi.umich.edu>
+Date: Sat Jul 8 10:01:40 2006 +1000
+
+ Use uid/gid of -1 to indicate the export's anonuid/anongid should be used
+
+ Kernel routine nfsd_setuser() in fs/nfsd/auth.c checks for the
+ value -1 and defaults the credential's fsuid/fsgid to the
+ correct anonuid/anongid values for the given export. We should
+ be passing this value (-1) down when a name mapping cannot be found.
+ Thanks to J. Bruce Fields <bfields@fieldses.org> for the reference.
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+ Acked-by: J. Bruce Fields <bfields@fieldses.org>
+
+commit b0604c623f7a98c6061dff19988722d3ae848bd7
+Author: Kevin Coffman <kwc@citi.umich.edu>
+Date: Sat Jul 8 09:58:03 2006 +1000
+
+ Change svcgssd_LDFLAGS to match gssd_LDFLAGS
+
+commit 99414bd3eecf93f23c378d3bb3d45bc98f364abc
+Author: Neil Brown <neilb@suse.de>
+Date: Sat Jul 8 09:41:58 2006 +1000
+
+ Disable building/installing mount.nfs by default.
+
+ mount.nfs does not yet support 'user' option and some others.
+ To make it support this we need to make it setuid-root, and
+ some security isses need to be resolved before that can be done
+ safely.
+
+commit b0c3cbfee702c019dab0a22557bbf38e24dfcee1
+Author: Steve Dickson <steved@redhat.com>
+Date: Sat Jul 8 09:35:02 2006 +1000
+
+ Call nfssvc_versbits before nfssvc_setfds
+
+ nfssvc_versbits() has to be called before nfssvc_setfds()
+ for the version processing to work correctly
+
+commit 26fff911b21943f20e3937ae3f2d29a1572d2309
+Author: Neil Brown <neilb@suse.de>
+Date: Thu Jul 6 13:05:11 2006 +1000
+
+ Only use -rpath for Kerberos libs when actually needed.
+
+ Avoid usage of -rpath is generally safer, and is required by Debian policy.
+
+commit 28a7603b719f8d35bf22fd3018b610b489fec78f
+Author: Neil Brown <neilb@suse.de>
+Date: Thu Jul 6 12:28:33 2006 +1000
+
+ Use 65534 instead of -2 in svcgssd_proc.c
+
+ as this is more consistant across achitectures.
+
+commit 904de920ea4da3ad5604c417f0d784fcda83ed2a
+Author: Shankar Anand <shanand@novell.com>
+Date: Tue Jul 4 08:50:56 2006 -0600
+
+ This patch adds code to nfsstat to read /proc/net/rpc/nfsd for nfsv4 server statistics and print them.
+
+ Submitted by: Shankar Anand <shanand@novell.com>
+
+commit 2179c112b9a386ca3d51d0e19390ddfadd745030
+Author: Steinar H. Gunderson <sesse@debian.org>
+Date: Wed Jul 5 15:55:45 2006 +1000
+
+ Fix typos in various man pages.
+
+commit 3419e37500dfd19cb2c246260dbd2bc0ee4704d4
+Author: Steinar H. Gunderson <sesse@debian.org>
+Date: Wed Jul 5 15:51:30 2006 +1000
+
+ Use 65534 for anon uid/gid rather than -2
+
+ This is more consistant across platforms.
+
+commit 65735eef8a9441901245f6047edafc50f2d97c97
+Author: Greg Banks <gnb@chook.melbourne.sgi.com>
+Date: Wed Jul 5 13:37:21 2006 +1000
+
+ Update rpcdebug to know about new 2.6 debug flags. Added
+ a manpage and installed rpcdebug (in sbindir).
+
+commit 23b3a9d0284d78cb6bf96b8cd44e9a4662ff60ae
+Author: Greg Banks <gnb@chook.melbourne.sgi.com>
+Date: Wed Jul 5 12:22:45 2006 +1000
+
+ Ignore new generated files.
+
+commit 89053f3f440b629911cb994a293d5be73bb79bf9
+Author: Greg Banks <gnb@chook.melbourne.sgi.com>
+Date: Wed Jul 5 12:20:20 2006 +1000
+
+ Add rquota.h to BUILT_SOURCES so rquotad builds on the first try.
+
+commit 66f9d8251c92124e46a209c47e5c0f7d3a0c4e6e
+Author: Neil Brown <neilb@suse.de>
+Date: Wed Jul 5 11:06:09 2006 +1000
+
+ Generate rquota_xdr.c and rquota.h from rquota.x
+
+ rquota_svc.c is still by-hand as it contains alot of extras.
+ These should really be moved to rquota_server.c
+
+commit 9f5b40b7a68fe0a2648565ecbd4b08bf60287130
+Author: Neil Brown <neilb@suse.de>
+Date: Wed Jul 5 10:41:03 2006 +1000
+
+ Remove some files that old, unused, unneeded.
+
+ deleted: support/export/keys.c
+ deleted: support/include/rpcdispatch.h
+ deleted: support/include/rpcsec.h
+ deleted: support/include/version.h
+ deleted: support/include/ypupdate.h
+ deleted: support/nfs/clients.c
+ deleted: support/nfs/keytab.c
+ deleted: support/nfs/ypupdate_xdr.c
+ deleted: support/rpc/include/Makefile.am
+ deleted: tools/rpcdebug/neat_idea.c
+ deleted: utils/mountd/mount_xdr.c
+ deleted: utils/rquotad/pathnames.h
+
+commit fbb1602bbd34cbe89dd55ca6eaaa19432237db1d
+Author: Neil Brown <neilb@suse.de>
+Date: Wed Jul 5 10:30:51 2006 +1000
+
+ Avoid error creating an existing symlink
+
+ Just remove the link first.
+
+commit 0bc710a5a2b695039613a917e009dba3552ab1cc
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:33:54 2006 -0400
+
+ Don't depend on Kerberos headers when checking librpcsecgss in configure
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Older versions of MIT Kerberos are missing an OID definition, causing
+ the configure checks for librpcsecgss to fail. We shouldn't be depending
+ on their libraries during the configure.
+
+commit 5bfa10c94c44f082dc211a5fb431e2202ea9bb35
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Tue Jul 4 18:33:56 2006 +1000
+
+ Eliminate warnings from code generated by rpcgen
+
+ - unused variable 'buf'
+ - emit a declaration for `buf' on demand.
+ - unused variable 'i'
+ - declare i immediately before use
+ - unused value from IXDR_PUT_
+ - cast to (void)
+ - type-punned pointer reference
+ - cast to (void*) first :-(
+
+commit acae444246635ec2ca8990d53e685c9062d73091
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:43 2006 -0400
+
+ Handle mapping failure from get_ids.
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Temporary patch to do default mapping if we get an error while trying to
+ map a gss principal to the appropriate uid/gid. This currently returns
+ hardcoded values. This may be correct, or we may need to try and figure
+ out the correct values to match the anonuid/anongid for the export.
+
+commit 1f1b05a65ef3dc6597c7bc1e2a38f38ae95bf230
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:38 2006 -0400
+
+ Properly report errors in readline() function
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Change message priorities for errors and debug messages.
+
+commit ee664fd246d77010af13fb557407c612752a5ea8
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:33 2006 -0400
+
+ Change default buffer size increment for readline()
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ The readline routine expects much smaller messages than we are passing.
+ Change the default initial allocation and increment value from 128
+ to 2048. This saves many calls to realloc().
+
+commit 3da69ce5c4fac5677e91aa20e60750ab8de2ab97
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:27 2006 -0400
+
+ Clean up the printerr() logging function.
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Update the printerr() function to:
+
+ 1) Determine whether we'll print the message before going to all the
+ work of formatting it.
+ 2) Don't just toss away messages that are too long for the buffer.
+ Print what we can and give an indication of the truncation with
+ "..." at the end.
+ 3) Use a single buffer rather than two.
+ 4) Messages either go to syslog (with level ERR) or stderr. Don't
+ send some messages to syslog level DEBUG.
+
+commit 0b2a5b574c7ffd99aa3226d36e1d261826405625
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:21 2006 -0400
+
+ Use setfsuid() rather than seteuid() while creating contexts
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ As suggested by Olaf Kirch <okir@suse.de>, use setfsuid() rather than
+ seteuid() when creating a gss context. This prevents users from using
+ credentials that do not belong to them, while also preventing them from
+ doing things like killing, renicing, or changing the priority of the
+ gssd process while it is processing the context creation.
+
+commit 0f899e6d862994ffb437ae73e087c4a21ab59723
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:16 2006 -0400
+
+ Limit acquire_cred call to to Kerberos only
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Specify that the acquire_cred call should only be concerned with returning
+ Kerberos credentials since this is Kerberos-only functionality.
+
+commit 3829bb90e764cd72c0009cb32a8b39d0fab89d81
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:10 2006 -0400
+
+ Check that the gssapi library is usable early on.
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Do a call to determine mechanisms supported by the gssapi library early.
+ This allows us to discover early in case the gssapi library is somehow
+ misconfigured. We can bail out early and give a meaningful message
+ rather than getting errors on each attempt at a context negotiation.
+
+commit 119c3e9aafe84c0f7c2846c46ad5e6f5eeece0da
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:34:05 2006 -0400
+
+ Fix problems with 64-bit big-endian machines
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Correct the definition of mech_used in the gss context to use gss_OID_desc.
+ This fixes problems on 64-bit machines when referencing the OID.
+
+ Also updates write_buffer function to use u_int rather than size_t when
+ doing calculations.
+
+commit c3f05548d7b3d586e7eebbdde9339617e88530f3
+Author: kwc@citi.umich.edu <kwc@citi.umich.edu>
+Date: Mon Jul 3 18:33:59 2006 -0400
+
+ Define CFLAGS for gss_clnt_send_err compile
+
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Add CFLAGS to make sure we find and use the correct gssapi.h when
+ building gss_clnt_send_err
+
+commit 4e9ed06f8f8a0cd9f34a6830c0ff14344a528042
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Mon Jul 3 15:59:54 2006 +1000
+
+ Use socklen_t some more to avoid warnings.
+
+commit 6c40236820fda8960af891f41aa9d53f8bbe50a2
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Mon Jul 3 15:39:41 2006 +1000
+
+ Fix warning about pointer signedness differing.
+
+commit 3bf702b1a914b3867117b74d519c55fa68f4dc28
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Mon Jul 3 15:17:34 2006 +1000
+
+ Include the right header to get xmalloc() declaration.
+
+commit 940c7c304d4a43c00c27529cdddc7c87db6eef87
+Merge: b90d201... a503848...
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Mon Jul 3 14:21:48 2006 +1000
+
+ Merge branch 'master' of git://linux-nfs.org/nfs-utils
+
+commit b90d201551aaa712c011c3d5de900fad714a26a6
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Tue Jun 27 21:30:18 2006 +1000
+
+ Comment out unused variable.
+
+commit 33beb42d3d2cd13a82ddbbdc4275d2a048030ae3
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Tue Jun 27 21:22:59 2006 +1000
+
+ Comment out the decades-old SCCS id strings from the original Sun
+ distribution. They cause compile warnings, there is no longer any
+ reason to try to build them into the binaries, and gcc seems to be
+ eliding some of them anyway.
+
+commit 3172063ead6b99611d049a59938808a6358f48a4
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Tue Jun 27 20:55:07 2006 +1000
+
+ Detect if glibc provides socklen_t and use that instead
+ of int in those cases which generate compile warnings,
+ e.g. the last argument of recvfrom().
+
+commit a09eeb36c2c45151b9bb89f5015da0c584799716
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Tue Jun 27 20:28:02 2006 +1000
+
+ Replace the deprecated sigblock() with more modern
+ signal functions to avoid compile warnings.
+
+commit 93608a52655abf5ac23404c4b5cc05fe575a9c04
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Thu Jun 22 18:01:10 2006 +1000
+
+ Fix a number of the easier compile warnings: unused variables,
+ unused labels, constness, signedness.
+
+commit a07343ee0da4f0974a23b673ae1b0d482c7426a1
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Thu Jun 22 17:31:24 2006 +1000
+
+ Detect presence of nfs4_set_debug() in libnfsidmap and
+ don't bother calling it if it's missing.
+
+commit dcfcb677b39443b6392db3234fd50498bc158507
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Thu Jun 22 17:19:17 2006 +1000
+
+ Remove useless m4 quoting around args to PKG_CHECK_MODULES().
+
+commit 24d303ffae686192bda0a5996e8590219dcc82e7
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Thu Jun 22 17:16:19 2006 +1000
+
+ Do m4 quoting of AC_MSG_ERROR() and AC_MSG_WARN() as
+ the autoconf people intended. This avoids errors in
+ autoconf on SLES10.
+
+commit 66a699d953727d3a992cc09ed5304b83d661a737
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Thu Jun 22 16:51:44 2006 +1000
+
+ Add a .gitignore file to suppress the files generated
+ during autogen, configure and build.
+commit 49b164d978ee6266df7ba0bd335cb34337e7c381
+Author: Steve Dickson <SteveD@redhat.com>
+Date: Mon Jul 3 09:52:00 2006 +1000
+
+ Allow rpc.nfsd to suppress tcp or udp, and listen on a specific address.
+
+ -T - will suppressing listening for TCP connection.
+ -U - will suppress UDP
+ -H host - will only listen on that local address
+ -p port - will listen on that port.
+
+ This requires kernel patches which will hopefully be in 2.6.19 and possibly some
+ earlier test and vendor kernels.
+
+commit fde2ae7794047a698feeaf17963d690a1e660a80
+Author: Steve Dickson <SteveD@redhat.com>
+Date: Mon Jun 26 15:23:19 2006 +1000
+
+ Add support for suppressing different NFS versions.
+
+ e.g. -N 2
+ means that NFSv2 won't be supported, just v3 and v4 (if the kernel
+ supports them).
+
+commit 0523fd513c6baa8dbf45d1a7afea2044262aeb3d
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 23 17:10:56 2006 +1000
+
+ Further coverity related cleanups.
+
+ Greg Banks suggested some variations, particularly improved
+ use of xmalloc/xstrdup functions. Thanks.
+
+commit 2e075a16da4963f54cd556403ca9e15a68de27fd
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 23 14:38:33 2006 +1000
+
+ Fix various issues discovered by Coverity
+
+ Thanks to Michael Halcrow for finding them.
+
+commit ff42180930a444cea7f19e55e2cd2bfe6d3f108b
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 23 14:06:00 2006 +1000
+
+ Fix comment parsing (again)
+
+ Bruce Fields noticed that I broke comment parsing...
+
+ as xskip() is always called before xgettok(), that is the
+ best place to put xskipcomment and still maintain proper
+ semantics of xskip and xgettok.
+
+commit bec968578d97eabc63ae4a12bdeb2b33f40baec4
+Author: Amit Gud <agud@redhat.com>
+Date: Thu Jun 22 12:51:04 2006 -0400
+
+ Change mount configure option to --enable-mount
+
+ Change the configure option from --with-mount to --enable-mount.
+
+ Signed-off-by: Amit Gud <agud@redhat.com>
+ Signed-off-by: Steve Dickson <steved@redhat.com>
+
+commit ceeffc1f76485b4084b2c61f4ff3c40e4f51c3b8
+Author: Amit Gud <gud@eth.net>
+Date: Thu Jun 22 12:49:24 2006 -0400
+
+ Merge nfsmount.x and mount.x into mount.x
+
+
+ Merge utils/mount/nfsmount.x and support/export/mount.x into support/export/mount.x.
+
+ Signed-off-by: Amit Gud <agud@redhat.com>
+ Signed-off-by: Steve Dickson <steved@redhat.com>
+
+commit c2db41e8abb6ddc9d03a0c91c6db043fa0f85a8f
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 23 13:37:08 2006 +1000
+
+ Try to make sure that clientid used for NFSv4 is reliable.
+
+ We need to give an IP address to identify this client to the
+ server.
+ The current code does a gethostbyname of the hostname. One
+ some systems this returns 127.0.0.1 or similar, which is not useful.
+
+ Instead, use getsockname of the sock used to connect to the server
+ to confirm that the server is working. This gives the address on the
+ interface that was chosen to talk to that server, which is the
+ best address we can find (if there is a NAT in the way, it might
+ still not work, but in that case there is nothing we can do).
+
+commit 11d34d11153df198103a57291937ea9ff8b7356e
+Author: Greg Banks <gnb@melbourne.sgi.com>
+Date: Wed Jun 14 22:48:10 2006 +1000
+
+ multiple threads for mountd
+
+
+ How about the attached patch against nfs-utils tot? It
+ adds a -t option to set the number of forked workers.
+ Default is 1 thread, i.e. the old behaviour.
+
+ I've verified that showmount -e, the Ogata mount client,
+ and a real mount from Linux and IRIX boxes work with and
+ without the new option.
+
+ I've verified that you can manually kill any of the workers
+ without the portmap registration going away, that killing
+ all the workers causes the manager process to wake up and
+ unregister, and killing the manager process causes the
+ workers to be killed and portmap unregistered.
+
+ I've verified that all the workers have file descriptors
+ for the udp socket and the tcp rendezvous socket, that
+ connections are balanced across all the workers if service
+ times are sufficiently long, and that performance is
+ improved by that parallelism, at least for small numbers
+ of threads. For example, with 60 parallel MOUNT calls
+ and a testing patch to make DNS lookups take 100 milliseconds
+ time to perform all mounts (averaged over 5 runs) is:
+
+ num elapsed
+ threads time (sec)
+ ------ ----------
+ 1 13.125
+ 2 6.859
+ 3 4.836
+ 4 3.841
+ 5 3.303
+ 6 3.100
+ 7 3.078
+ 8 3.018
+
+ Greg.
+ --
+ Greg Banks, R&D Software Engineer, SGI Australian Software Group.
+ I don't speak for SGI.
+
+commit db96d056578338dd1bb0371dc84638973c187ec6
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 16 13:16:09 2006 +1000
+
+ Remove some temporary files that shouldn't be in 'git'.
+
+ deleted: compile
+ deleted: config.guess
+ deleted: config.sub
+ deleted: depcomp
+ deleted: install-sh
+ deleted: ltmain.sh
+ deleted: missing
+
+commit 82b53188aaffad0e237461f8f1274794166feb3a
+Author: Neil Brown <neilb@suse.de>
+Date: Fri Jun 16 13:09:26 2006 +1000
+
+ Add support to auto-generate nfsmount* files for new nfs.mount program
+
+commit 4e2bae795e5eaf9922f0b966ab5df64994c836a2
+Author: Amit Gud <agud@redhat.com>
+Date: Mon Jun 12 19:08:27 2006 -0400
+
+ Move NFS mount code from util-linux to nfs-utils - part 2
+
+ Adds the support functions needed for mount and umount. This
+ functionality will someday be available in the form of shared mount
+ library.
+
+ Signed-off-by: Amit Gud <agud@redhat.com>
+ Signed-off-by: Steve Dickson <steved@redhat.com>
+
+commit a0520fa1a41bd33815b331b660b4545f2723495c
+Author: Amit Gud <agud@redhat.com>
+Date: Mon Jun 12 19:06:36 2006 -0400
+
+ Move NFS mount code from util-linux to nfs-utils - part 1
+
+ Adds the mount directory and the code to mount and umount the NFS file system.
+
+ Signed-off-by: Amit Gud <agud@redhat.com>
+ Signed-off-by: Steve Dickson <steved@redhat.com>
+
+2006-06-05 NeilBrown <neilb@suse.de>
+ - Remove debian/ at request of Debian maintainer "Steinar H. Gunderson" <sesse@debian.org>
+ - fix_exportfs_with_multiple_matches.diff: Fixes a problem with exportfs -o
+ and multiple entries of the same type for the same patch that matches
+ a given client. The entire rationale and problem description can be found
+ at http://bugs.debian.org/245449 (fumihiko kakuma <kakmy@mvh.biglobe.ne.jp>)
+ - escape hashes in exports
+ Makes sure any # signs in the printed-out exports file are
+ escaped (as with quotes, spaces, etc.), so they won't be treated
+ as a comment when they're read back in again.
+ "Steinar H. Gunderson" <sesse@debian.org>
+ - Only treat '#' as starting a comment when at the start of a
+ token, otherwise '#' in filenames cannot be read.
+ NeilBrown
+ - document sync option:
+ Document the 'sync' option in the exports(5) man page -- ATM
+ only the 'async' option is documented, which is not very
+ symmetric. :-) "Steinar H. Gunderson" <sesse@debian.org>
+ - mountd state directory:
+ Let the user select (via a new parameter) the path to the NFS
+ state directory for mountd, to match the statd functionality.
+ "Steinar H. Gunderson" <sesse@debian.org>
+ - fix nhfsrun signal:
+ nhfsrun is supposed to be able to be signalled with SIGUSR1, but
+ the signal trapped is number 30, which is something else
+ entirely (SIGPWR). This patch simply changes it to say "USR1",
+ which gets it right no matter what the value is.
+ "Steinar H. Gunderson" <sesse@debian.org>
+ - Minor man page tidy up
+
+2006-04-12 NeilBrown <neilb@suse.de>
+ Remove **/Makefile.in, aclocal.m4, configure, and
+ support/include/config.h.in from source control
+ These are auto autogenerated by
+ aclocal -I aclocal ; autoheader ; automake ; autoconf
+
+2006-04-12 NeilBrown <neilb@suse.de>
+ utils/statd/rmtcall.c: use HAVE_IFADDRS_H to control compilation
+ of code using ifaddrs.h
+ configure.in: test for present of ifaddrs.h
+
+ Old glibc's don't have ifaddrs.h
+
+2006-06-12 Amit Gud <agud@redhat.com>
+ Added the mount functionality from util-linux.
+ Added --without-mount configure option.
+
+2006-04-12 NeilBrown <neilb@suse.de>
+ Set version to 1.0.8,
+ aclocal -I aclocal ; autoheader ; automake ; autoconf
+
+2006-04-10 NeilBrown <neilb@suse.de>
+ Various paranoia checks:
+ gssd_proc.c: pass max_field sizes to sscanf to avoid buffer
+ overflow
+ svcgssd_proc.c: range_check name.length, to ensure name.length+1
+ doesn't wrap
+ idmapd.c(nfsdcb): make sure at least one byte is read before
+ zeroing the last byte that was read, otherwise memory corruption
+ is possible.
+
+ Found by SuSE security audit.
+
+2006-04-10 "Kevin Coffman" <kwc@citi.umich.edu>
+ Check for sufficient version of librpcsecgss and libgssapi
+ in configure.in
+
+2006-04-10 "Kevin Coffman" <kwc@citi.umich.edu>
+ Update aclocal/tcp-wrappers.m4 to define HAVE_LIBWRAP and
+ HAVE_TCP_WRAPPERS as appropriate.
+
+2006-04-10 NeilBrown <neilb@suse.de>
+ Add checking for innetgr back to configure.in
+
+2006-04-10 kwc@citi.umich.edu
+ Update calls to gss_export_lucid_sec_context()
+
+ Change the calls to gss_export_lucid_sec_context() to match the corrected
+ interface definition in libgssapi-0.9.
+
+2006-04-10 kwc@citi.umich.edu
+ Plug memory leaks in svcgssd
+
+ Various memory leaks in the svcgssd context processing are eliminated.
+
+2006-04-10 kwc@citi.umich.edu
+ Fix memory leak of the AUTH structure on context negotiations
+
+ Free AUTH structure after completing context negotiation and sending
+ context information to the kernel.
+
+2006-04-10 kwc@citi.umich.edu
+ Fix support/include/config.h.in such as would be done be running autoheader.
+
+2006-03-28 NeilBrown <neilb@suse.de>
+ 1.0.8-pre3, aclocal/autoconf/automake
+
+2006-03-28 kwc@citi.umich.edu
+ Use PKGCONFIG to locate gssapi and rpcsecgss header files
+
+ Instead of having separate copies of the gssapi and rpcsecgss
+ header files, or depending on the Kerberos gssapi header,
+ locate the headers now installed with the libgssapi and librpcsecgss
+ libraries.
+
+ Remove local copies of the gssapi and rpcsecgss header files.
+
+ This depends on the configure_use_autotools patch.
+
+2006-03-28 kwc@citi.umich.edu
+ Add debugging to better detect negotiation of enctype not supported by kernel
+
+ Print debugging message indicating the type of encryption keys being sent
+ down to the kernel. This should make it easier to detect cases where
+ unsupported encryption types are being negotiated.
+ (really this time)
+
+2006-03-28 kwc@citi.umich.edu
+
+ Don't close and reopen all pipes on every DNOTIFY signal.
+
+ From: Vince Busam <vbusam@google.com>
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Don't unnecessarily close and re-open all pipes after every DNOTIFY
+ signal. These unnecessary closes were triggering a kernel Oops.
+ Original patch modified to correct segfault when unmounting last
+ NFSv4 mount.
+
+2006-03-28 kwc@citi.umich.edu
+ Add option to specify directory to search for credentials cache files
+
+
+ From: Vince Busam <vbusam@google.com>
+ Signed-off-by: Kevin Coffman <kwc@citi.umich.edu>
+
+ Add command line option to specify which directory should be searched
+ to find credentials caches.
+ (really this time)
+
+2006-03-28 kwc@citi.umich.edu
+ Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5
+
+ We need to get access to the internal krb5 context pointer for
+ older (pre-1.4) versions of MIT Kerberos. We get a pointer to
+ the gss glue's context. Get the right pointer before accessing
+ the context information.
+ (really this time)
+
+2006-03-28 kwc@citi.umich.edu
+
+ Remove unused groups variable from get_ids() which was causing a compiler warning.
+ (really this time)
+
+2006-03-28 kwc@citi.umich.edu
+ Update krb5 code to use glue routine lucid context functions
+
+
+
+ The gssd code should not know about the glue layer's context structure.
+ A previous patch added gss_export_lucid_sec_context() and
+ gss_free_lucid_sec_context() functions to the gssapi glue layer.
+ Use these functions rather than calling directly to the Kerberos
+ gssapi code (which requires the Kerberos context handle rather
+ than the glue's context handle).
+
+ (really this time)
+
+2006-03-28 kwc@citi.umich.edu
+
+ Separate out context handling code for MIT Kerberos and SPKM3
+ into their own file.
+ (Really this time)
+
+2006-03-28 Kevin Coffman <kwc@citi.umich.edu>
+ User-selectable idmapping cache lifetime
+
+ Read and process new configuration option, Cache-Expiration, and use
+ the value to determine how long idmapping entries are cached.
+ (Really this time)
+
+2006-03-27 NeilBrown <neilb@suse.de>
+ 1.0.8-rc3
+
+2006-03-27 kwc@citi.umich.edu
+ Add debugging to better detect negotiation of enctype not supported by kernel
+
+ Print debugging message indicating the type of encryption keys being sent
+ down to the kernel. This should make it easier to detect cases where
+ unsupported encryption types are being negotiated.
+
+2006-03-27
+ Don't close and reopen all pipes on every DNOTIFY signal.
+
+ Don't unnecessarily close and re-open all pipes after every DNOTIFY
+ signal. These unnecessary closes were triggering a kernel Oops.
+ Original patch modified to correct segfault when unmounting last
+ NFSv4 mount.
+
+2006-03-27
+ Add option to specify directory to search for credentials cache files
+
+ Add command line option to specify which directory should be searched
+ to find credentials caches.
+
+2006-03-27 kwc@citi.umich.edu
+ Must still use knowledge of the glue context for pre-1.4 versions of MIT krb5
+
+ We need to get access to the internal krb5 context pointer for
+ older (pre-1.4) versions of MIT Kerberos. We get a pointer to
+ the gss glue's context. Get the right pointer before accessing
+ the context information.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Remove unused variable causing compile warning
+
+ Remove unused groups variable from get_ids() which was causing a compiler warning.
+
+2006-03-27 kwc@citi.umich.edu
+ Update krb5 code to use glue routine lucid context functions
+
+ The gssd code should not know about the glue layer's context structure.
+ A previous patch added gss_export_lucid_sec_context() and
+ gss_free_lucid_sec_context() functions to the gssapi glue layer.
+ Use these functions rather than calling directly to the Kerberos
+ gssapi code (which requires the Kerberos context handle rather
+ than the glue's context handle).
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Separate out context handling code for MIT Kerberos and SPKM3
+ into their own file.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Consolidate gssd and svcgssd since they share much code
+
+ Remove directory svcgssd which was only created because the old
+ build system could not handle building two daemons in the same
+ directory. This eliminates build complications since gssd and
+ svcgssd also share many source files.
+
+ This patch effectively removes the utils/svcgssd directory, moving
+ all its files to the utils/gssd directory. File utils/gssd/Makefile.am
+ is modified with directions to build both gssd and svcgssd.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Use PKGCONFIG to locate gssapi and rpcsecgss header files
+
+ Instead of having separate copies of the gssapi and rpcsecgss
+ header files, or depending on the Kerberos gssapi header,
+ locate the headers now installed with the libgssapi and librpcsecgss
+ libraries.
+
+ Remove local copies of the gssapi and rpcsecgss header files.
+
+ This depends on the configure_use_autotools patch.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ User-selectable idmapping cache lifetime
+
+ Read and process new configuration option, Cache-Expiration, and use
+ the value to determine how long idmapping entries are cached.
+
+2006-03-27 Steve Dickson <steved@redhat.com>
+ Set libnfsidmap library debugging level and logging function.
+
+ This patch adds a call to the new libnfsidmap library function
+ nfs4_set_debug(), which defines the verbosity level libnfsidmap
+ should use as well as the logging function.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Don't close file descriptor until after calling event_del().
+
+ Delete event processing for a file descriptor before closing it.
+ This was causing hangs when used in combination with libevent-1.0b.
+
+2006-03-27 kwc@citi.umich.edu
+ Find krb5-config on SuSE 10
+
+ SuSE 10.0 puts krb5-config in yet another obscure location.
+ Look for it there and use it if found.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Update debian package information.
+
+2006-03-27 Kevin Coffman <kwc@citi.umich.edu>
+ Install /var/lib/nfs files using DESTDIR and add rpcsec headers to distribution
+
+ Add "$(DESTDIR)" to the paths for the "$(statedir)" files so they are
+ put in the right place when DESTDIR is defined.
+
+ Add the rpcsec header files to EXTRA_DIST list.
+
+2005-12-21 NeilBrown <neilb@suse.de>
+ *utils/rquotad/rquota_server.c: Detect and handle both old-style
+ (2.4) and new-style(2.6) quotactl.
+ *utils/gssd/gss_destroy_cred: remove dependence on "head -1" which
+ might need to be "head -n 1"
+ *utils/nhfsstone/nhfsrun: convert "tail -1" to "tail -n 1"
+
+2005-12-20 Kevin Coffman <kwc@citi.umich.edu> NeilBrown <neilb@suse.de>
+ Substantial Makefile/configure rewrite.
+ Run 'autogen.sh' to create "Makefile.in" etc.
+
+ Also add -D_FILE_OFFSET_BITS=64 to CPP_FLAGS so that mountd can
+ stat and export files larger than 2Gig.
+
+ 1.0.8-rc2 released
+
+2005-12-20 NeilBrown <neilb@suse.de>
+ support/nfs/exports.c(getexportent): is a null host name is given,
+ replace it with '*' so we have a non-empty host name for messages
+ etc.
+ utils/exportfs/exportfs.man: Correct documentation about default
+ export options.
+
+2005-12-20 Kevin Coffman <kwc@citi.umich.edu>
+ utils/gssd/gssd_proc.c(create_auth_rpc_client): Use service
+ portion of clp->servicename rather than hard-coding "nfs".
+
+2005-12-16 NeilBrown <neilb@suse.de>
+ 1.0.8-rc1 released
+
2005-12-16 Kevin Coffman <kwc@citi.umich.edu>
svcgssd needs -lnfs when using new function closeall().