-
Notifications
You must be signed in to change notification settings - Fork 0
/
Changes.txt
1605 lines (1085 loc) · 56.6 KB
/
Changes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
2019-03-31, S3QL 3.1
* Added a new `--fs-name` option to `mount.s3ql` allowing users
to specify a name for the fuse mount (This name is visible
in the first column of the system `mount` command output).
* Added support for "Onezone-IA" to the S3 backend.
* The `s3ql_oauth_client` command is working again now (it was
broken due to changes in Google's OAuth2 workflow).
* Fixed refresh of Google Storage authentication tokens (expired
tokens were resulting in crashes).
2019-02-09, S3QL 3.0
* Added a new `--systemd` option to simplify running mount.s3ql
as a systemd unit.
* Dropped the `--upstart` option - upstart seems to be unused and
unmaintained.
* Dropped support for legacy ("API key") authentication for Google
Storage. Only oauth2 is supported now. This was necessitated by
the switch to Google's native API (before S3QL was using Google's
S3 compatibility layer).
* Command line options specified in the authinfo file (in particular
--backend-options) are now parsed correctly.
* S3QL now uses python-cryptography instead of the (no longer
maintained) pycrypto module.
* The Google Storage backend now supports Application Default
Credentials (ADC). To use this, install the google.auth module
and use ``adc`` as your backend login.
* `umount.s3ql` now works correctly on systems where `ps` doesn't
accept a `-p` option (as long as /proc is available).
2018-12-28, S3QL 2.33
* Fixed a sporadic test failure in t5_cache.py.
2018-11-06, S3QL 2.32
* Fixed a potential bug in s3qlrm that would probably lead to a
filesystem crash (hasn't actually been observed though).
* Clarified installation instructions: S3QL requires the official
systemd Python module, not the (third-party) module on PyPi.
* Fixed occasional crashes with a "dugong.StateError" exception.
Thanks to Roger Gammans for extensive testing!
* mount.s3ql and fsck.s3ql got a new `--keep-cache` option. If this
is specified, locally cached data will not be removed on unmount
(or after fsck) so that it can be re-used if the file system is
mounted again on the same system without having been mounted
elsewhere.
* S3QL now considers all SSL-related errors as temporary and
automatically retries (instead of bailing out).
2018-10-08, S3QL 2.31
* Object removal now makes more use of parallelism.
2018-09-02, S3QL 2.30
* s3qladm has gained a new "recover-key" operation to restore the
file system passphrase from an offline copy.
* Error messages in a few situations have been improved.
* Re-generated C files with Cython 0.28.5 - this may fix some
compile problems under Python 3.7.
2018-07-21, S3QL 2.29
* Removal of files that have not yet been uploaded to the backend is
now faster, with less data being uploaded only to be removed
shortly after.
* Clarified NFS support in documentation.
* contrib/clone_fs.py is now working again.
2018-06-14, S3QL 2.28
* Fixed upgrade process for unencrypted filesystems (was broken in
2.27 and 2.27.1).
* mount.s3ql now checks /proc/mounts to determine if a storage url
is already mounted rather than just relying on flags in the
backend.
* Fixed a busy loop, where mount.s3ql would perform normally but
consume much more CPU than needed.
* Temporary SQLite files are now placed in --cachedir rather
than the system temp folder (typically /tmp).
2018-06-09, S3QL 2.27.1
* Fixed a test failure in tests/t1_dump.py
2018-06-09, S3QL 2.27
* The internal file system revision has changed. File systems
created with S3QL 2.27 or newer are not compatible with prior S3QL
versions.
To update an existing file system to the newest revision, use the
's3qladm upgrade' command. During the upgrade, the metadata for
all storage objects needs to be updated (so this may take a
while).
* fsck.s3ql is now able to recover blocks that were in transit
during a file system crash.
* Command line options that are common to all S3QL commands that
accept a storage URL (e.g. ``--cachedir`` or
``--backend-options``) may now also been specified in the
*authinfo2* file by omitting the two leading dashes.
* Fixed a data corruption issue when mount.s3ql is terminated
without being able to clean up (e.g. due to SIGKILL or the
computer being power cycled).
* [SECURITY] Fixed a security vulnerability in the validation of object
metadata. All past versions of S3QL are affected by a replay
attack where a malicious person in control of the backend is able
to present old versions of the filesystem metadata database as
up-to-date.
This could be used to e.g. make deleted files appear
again (though attempting to read them would result in an error),
or make newly created files appear to have vanished.
Furthermore, an attacker could freely to set the "needs-fsck"
flag, the filesystem revison number, and filesystem block
size. Manipulating the filesystem revision number would result in
most S3QL commands refusing to work, attempting to upgrade the
revision with s3qladm would likely result in errors. Manipulating
the block size would result in mount.s3ql silently presenting file
incorrect file contents (despite the files being intact in the
backend): if the block size is increased, mount.s3ql will insert
regularly spaced gaps of zero-bytes. If the blocksize is
decreased, mount.s3ql will "cut out" regularly spaced windows of
data.
2018-03-04, S3QL 2.26
* Added support for py.test 3.3.0
* Improved metadata rotation performance.
2018-01-05, S3QL 2.25
* s3qlctrl now accepts a new *dropcache* command.
* Fixed a race condition that resulted in mount.s3ql crashing with
"I/O operation on closed file". Thanks to www.imCode.com for
sponsoring this work!
2017-11-04, S3QL 2.24
* fsck.s3ql now accepts a new --force-remote parameter. It does
dangerous things, and you should probably not use it.
* When terminated by a signal (rather than by an unmount call),
mount.s3ql now terminates as quickly as possible (i.e., without
cleaning the cache), resulting in an unclean unmount.
* The Swift backend feature detection is no longer affected by the
no-ssl backend option (which is intended only for connections to
the authentication server).
* Accessing the cn-north-1 S3 storage region is now working.
2017-08-18, S3QL 2.23
* Accessing the us-east-1 S3 storage region is now working again.
* Retry for some additional SSL Errors. Unfortunately we're playing
whack-a-mole here.
* The swift backend now dynamically detects the features supported
by the backend server.
* The swift backend now supports optimized object copy and bulk
deletion (if supported by the server).
2017-06-23, S3QL 2.22
* The storage URL for Amazon S3 buckets has changed. It now includes
the bucket's region.
* Added support for AWS v4 authentication. Thanks to ibbchina.com
for sponsoring this work!
2016-10-28, S3QL 2.21
* Added workaround for an issue where S3QL crashes with an
"ssl.SSLError: [SSL: BAD_WRITE_RETRY]" exception. This problem has
to be fixed in Python, but we now work around it by closing and
re-opening the connection when it occurs.
2016-08-24, S3QL 2.20
* Fixed a problem with exporting S3QL file systems over NFS4,
where directory contents would appear in duplicate.
2016-06-27, S3QL 2.19
* Fixed a crash when running s3qlstat on an almost empty
file system.
2016-04-29, S3QL 2.18
* The `runtests.py` file has been dropped in favor of requiring
installation of py.test.
* S3QL now uses semantic versioning. This means that
backwards-incompatible versions (i.e., versions that require an
upgrade of the file system revision) will be reflected in an
increase of the major version number, i.e. the next
backwards-incompatible version will have version 3.0.
* Enabled several FUSE optimizations (most importantly, the
``big_writes`` feature) that got accidentally disabled at
some point in the past. This should result in significant
performance improvements.
Thanks to Simon Brown for the report!
* Fixed a crash with "BUG ALERT: Dirty inode was destroyed".
2016-03-08, S3QL 2.17.1
* Fixed a bug in the upgrade procedure that prevented file system
modifications when successive commands used the local metadata
cache.
* Fixed a bug in the upgrade procedure that resulted in corrupted
file [acm]times when there was no cached metadata available for
both s3qladm and the first fsck.s3ql/mount.s3ql invocation after
the upgrade.
2016-03-08, S3QL 2.17
* The internal file system revision has changed. File systems
created with S3QL 2.17 or newer are not compatible with prior S3QL
versions. To update an existing file system to the newest
revision, use the `s3qladm upgrade` command.
* Due to a bug in the FUSE kernel module
(cf. https://github.com/libfuse/libfuse/issues/23) S3QL does not
(and did not) honor the write restriction bit. This limitation is
now documented. (It is unknown if the same problem exists when
running under BSD or OS-X).
* S3QL now honors the setgid bit on directories (as opposed to just
storing them).
* The `s3qlstat` command now accepts a --raw option to inhibit
pretty-printing of sizes.
* The `s3qlctrl log` command is now working again.
* The `s3qlctrl cachesize` command is now working again.
* The s3 backend now supports the "infrequent access" storage class
(cf. https://aws.amazon.com/s3/storage-classes/)
* The 's3qlstat' command now prints more information about cache
usage, including the number of cache entries and pending object
removals.
2016-02-23, S3QL 2.16
* S3QL now supports (and requires) Python-LLFUSE 0.43 or newer
(but not never than 1.0).
* S3QL now retries when receiving a "ServiceUnavailable" error from
an S3 (or compatible) backend.
* When retrying network requests, the back-off time now includes a
random factor to avoid accidentally flooding the server with too
many simultanuous requests.
* Fixed a problem with fsck.s3ql aborting with a "ConstraintError"
in some situations.
* Fixed a problem with fsck.s3ql repeatedly renaming a file in
/lost+found because it may lack data.
* In the authinfo2 file, storage urls for the local backend may now
be specified with a trailing slash.
2015-09-18, S3QL 2.15
* Fixed a compatibility problem with recent versions of
Python-LLFUSE (0.41 and newer).
* S3QL now supports using special characters in the prefix
for S3 buckets. Previously, characters that would need to
be percent-encoded when part of an URL (like + or %) would
result in a crash.
2015-07-31, S3QL 2.14
* S3QL now longer crashes when the server sends a zero-length
response that claims to be XML.
* The default tcp-timeout has been increased from 10 seconds to 20
seconds.
* Fixed test failures when FUSE is not available, tests should now
again be skipped.
* S3QL now tracks the frequency of server errors and logs warnings
if they occur more often than 5 times per second over a period of
at least 60 seconds. Previously, retries would only be logged
if the same request has been retried more than 3 times.
* The "s3qlctrl cachesize" command is now working again (previously
it would appear to succeed, but not actually change the cache
size).
* 404 errors when retrying a delete request are now ignored - most
likely they mean that the server actually received and executed
the previous try.
* Fixed an issue with fsck.s3ql crashing when trying to create a
file with a very long name in /lost+found.
2015-01-31, S3QL 2.13
* The internal file system revision has changed. File systems
created with S3QL 2.13 or newer are not compatible with prior S3QL
versions.
To update an existing file system to the newest revision, use the
's3qladm upgrade' command. During the upgrade, all storage objects
that were created by S3QL 1.1 or earlier will be downloaded and
re-uploaded. For objects created by S3QL 1.1.2 or later, the
upgrade will only affect the storage object's metadata (so no
contents need to be transferred).
* SECURITY ADVISORY: Previous mkfs.s3ql versions used /dev/urandom
to generate the master key when creating a new encrypted file
system. However, /dev/urandom is not guaranteed to provide the
256-bits of entropy requested by S3QL. This may have allowed an
attacker to predict parts of the master key in situations where
little entropy is available (e.g. right after system boot, or if a
different program has previously drained the entropy pool).
Note that the master key is not affected when the file system
passphrase is changed. The only way to recover from a potentially
compromised master key is to create a new file system and copy
over all data.
* When creating new file systems, the master key is now generated by
reading /dev/random rather than /dev/urandom to ensure sufficient
entropy.
* The 'no-ssl' option for the swift backend is now used only when
connecting to the authentication server. Whether SSL is used when
connecting to the storage server is determined by the
authentication server.
* Fixed a crash when using the "disable-expect100" swift backend
option.
* Fixed a race condition that could lead to a "KeyError" crash
when refreshing a Google Storage OAuth2 access token.
* Fixed a race condition that could lead to a hanging mount.s3ql
process and hanging test_thread_hang() unit test.
* Updated internal metadata storage and checksum format. The old
format was difficult to secure against malicious backend data and
could have resulted in false-positive checksum mismatches with
future or different Python interpreters.
* Sizes (e.g. in the s3qlstat output) are now always reported
with three significant digits.
* Fixed a bug that caused fsck.s3ql to either abort with a
"apsw.ConstraintError" or to incorrectly consider storage
objects as missing when the connection to remote server is
interrupted while retrieving the object list.
* Storage urls without any prefix (e.g. s3://foo, but also
s3://foo/) are now using the same local cache
directory. Previously they would use different directories,
despite pointing to the same file system.
(Note that this does not affect storage urls with a prefix,
s3://foo/bar and s3://foo/bar/ refer to different locations in the
bucket, and thus correctly use different cache directories).
* Fixed a problem where mount.s3ql would crash when unmouting the
file system because it could not delete the cache directory. This
could happen when the file system was not unmounted cleanly, but
fsck.s3ql was then run on a different system (or using a different
cache directory).
* S3QL now requires at least version 3.4 of the dugong Python
module.
2014-11-09, S3QL 2.12
* The s3c backend has a new 'dumb-copy' option. If this option
is enabled, copy operations are assumed to have succeeded
as soon as the server returns a '200 OK' status, without
checking the contents of the response body.
* The swift and s3c backends have a new 'disable-expect100' to
disable support for the 'Expect: continue' header. Using this
option allows S3QL to work with storage servers without proper
HTTP 1.1 support, but may decrease performance as object data will
be transmitted to the server more than once in some circumstances.
* contrib/benchmark.py is now working again.
* The `tcp-timeout` backend option is now actually working
instead of resulting in a "TypeError".
* Fixed a problem where saving metadata would fail with
"ValueError: Can't dump NULL values".
* s3qlstat now also gives information about cache usage.
2014-09-04, S3QL 2.11.1
* By popular demand, mount.s3ql is now able to daemonize again
and also does so by default.
* Un-encrypted file systems (created with mkfs.s3ql --plain) can now
be upgraded to the newest revision.
* S3QL now automatically retries a request if a backend server
reports a 408 (Request Timeout) status code.
* The Google Storage backend now copes better with server errors
when refreshing an OAuth2 access token.
2014-08-27, S3QL 2.11
* SECURITY UPDATE (CVE-2014-0485).
A remote code execution vulnerability was fixed.
An attacker with control over the communication with the storage
backend or the ability to manipulate the data stored in the
backend was able to trigger execution of arbitrary code by
mount.s3ql, fsck.s3ql, mkfs.s3ql, s3qladm and s3ql_verify. Both
encrypted and unencrypted file systems were vulnerable.
* s3ql_verify no longer crashes when checking an empty file system.
* Fixed a crash when using Google OAuth2 and the first request after
the access token has expired is a write request.
* mount.s3ql now supports systemd-style readyness notification. To
use this feature, make sure that you have the 'systemd' module
installed for Python 3.
This feature has not been tested, if you use it or encounter
problems, please report back.
* Fixed a race condition that could cause tests/t5_failsafe.py to
fail.
* mount.s3ql no longer daemonizes on its own. With a modern init
system this should no longer be necessary, and when running
mount.s3ql from the command line the shell can be used to put the
process into background.
* There is a new --backend-options parameter that can be used to
pass backend-specific options to any S3QL command that accepts a
storage url.
* The --no-ssl and --ssl-ca-path parameters have been removed. For
those backends were these parameters make sense, you can use the
backend options of the same name instead (e.g. instead of
`--no-ssl` use `--backend-options no-ssl`).
* Several backends now accept a `tcp-timeout` option. If S3QL is
unable to communicate with the remote server for longer than this
period, the TCP/IP connection is re-established.
* The Amazon S3 backend now accepts a 'sse' option to enable server
side encryption. Both costs & benefits of S3 server side
encryption are probably very small, and this option does *not*
affect any client side encryption performed by S3QL itself.
* The Amazon S3 backend now accepts a 'rrs' option to enable reduced
redundancy storage for any newly created objects.
2014-07-28, S3QL 2.10.1
* 'setup.py install' now also installs the s3ql_verify command.
2014-07-27, S3QL 2.10
* The internal file system revision has changed. File systems
created with S3QL 2.10 or newer are not compatible with prior S3QL
versions. To update an existing file system to the newest
revision, use the 's3qladm upgrade' command.
It is strongly recommended to run the (new) s3ql_verify command
with the --data option at shortly after the upgrade. This is
necessary to ensure that the upgrade to the next (2.11) S3QL
release will run smoothly.
* The User's Guide now contains a description of the possible
failure modes of mount.s3ql.
* The --debug command line parameter now generates a bit less
output by default, and there is an additional --debug-module
parameter to activate additional messages.
* When using encryption, S3QL now checks that a storage object's
key corresponds to the data stored under it.
The lack of this check in previous versions allowed an attacker
with control over the storage server to interchange blocks within
the same file system (which would have resulted in apparent data
corruption in the file system). Targeted modification of specific
files, however, would have been very unlikely, because the
interchange of blocks had to be done blindly (with the attacker
not knowing which file any block belongs to, nor what its contents
are).
Fixes https://bitbucket.org/nikratio/s3ql/issue/52/.
* S3QL now aborts immediately instead of retrying if the server
storage server reports that the local clock is skewed.
* There is a new 's3ql_verify' command. This program retrieves and
checks every storage object to ensure that all objects are
available and have not been tampered with. In contrast to
fsck.s3ql, s3ql_verify does not trust the object list provided by
the storage server and actually attempts to download the objects
one by one.
* S3QL now requires version 3.2 or newer of the dugong module.
2014-06-28, S3QL 2.9
* Fix crash when using swift backend and server uses an
authentication URL other than /v1.0.
* Fixed two test failures when running unit tests as root.
* Fixed problems when receiving an HTTP error without a well-formed
XML body from the remote server (this may happen e.g. due to
failure in a transparent proxy or load balancer).
* S3QL now depends on the defusedxml Python module
(https://pypi.python.org/pypi/defusedxml/).
* S3QL is no longer vulnerable to DOS attacks from malicious backend
servers. Previously, a malicious server could induce S3QL to
consume arbitrary amounts of memory by recursive XML entity
expansion.
* S3QL now supports Google OAuth2 authentication. To use it, specify
'oauth2' as backend login, and a valid OAuth2 refresh token as
backend password. To obtain the refresh token, the (new)
s3ql_oauth_client command may be used.
* S3QL now requires version 3.1 or newer of the dugong module.
* In some cases, transmission errors when reading storage objects
from a backend may have been misreported as corrupted backend
objects. This has been fixed.
* S3QL no longer crashes when data corruption occurs in the first
few bytes of an LZMA compressed storage object.
* S3QL now honors the "Retry-After" HTTP header when receiving an
XML error from a storage server.
* Fixed a crash that could occur when the remote server (or some
intermediate proxy) sends a non-XML error response.
* mount.s3ql and fsck.s3ql now use different exit codes to indicate
different failure conditions.
2014-03-29, S3QL 2.8.1
* No changes in S3QL itself.
* The S3QL 2.8 tarball accidentally included a copy of the Python
dugong module. This has been fixed in the 2.8.1 release.
2014-03-13, S3QL 2.8
* Fixed various problems with using a proxy server.
* Sending SIGUSR1 to mount.s3ql now generates a stacktrace
(debugging feature).
* When passing --installed to the test runner, S3QL commands
are now loaded from $PATH instead of the packages bin/
directory.
* The runtest.py script now comes with the correct shebang
(i.e., it can now be called as "./runtests.py" instead of
"python3 runtests.py").
* S3QL now requires the python dugong module
(https://bitbucket.org/nikratio/python-dugong)
* Fixed a file system hang when all upload threads encounter
unexpected backend problems.
2013-12-16, S3QL 2.7
* Fixed another race condition that could lead to mount.s3ql
crashing with `ValueError: I/O operation on closed file`.
* S3QL no longer generates warning messages for the first two times
that it has to resend a request to the storage backend. If there
is no success after the second try, messages are emitted as before.
* S3QL now stores multiple copies of the master encryption key to
allow recovery if the backend looses the object holding the
primary copy. To take advantage of this functionality for existing
file systems, change the file system passphrase with s3qladm.
* Fixed problem with automatic cache size detection (mount.s3ql was
treating bytes as kilobytes). Thanks to [email protected] for the
patch!
* Fixed "AttributeError in LegacyDecryptDecompressFilter" crash when
reading objects written by old S3QL versions.
* Fixed a problem with umount.s3ql giving a strange error when
the mountpoint is still in use.
2013-12-03, S3QL 2.6
* Fixed a problem with mount.s3ql crashing with `KeyError` in
`collections/abc.py`.
* Fixed a problem with mount.s3ql crashing with `ValueError: I/O
operation on closed file`.
* Fixed a race condition that could lead to data corruption when
multiple processes trigger download of the same data block
simultaneously.
* Fixed a problem with S3QL crashing with "SSLEOFError" when an SSL
connection is terminated unexpectedly.
* Increased deduplication performance. Previously, block checksums
were accidentally computed without parallelism.
* Fixed a problem with mount.s3ql (incorrectly) reporting corrupted
data for compressed blocks of some specific sizes. Many thanks to
Balázs for extensive debugging of this problem.
* Specifying --debug when using syslog or file logging no longer
suppresses informational messages to stdout.
* Fixed build under MacOS X. Thanks to [email protected] for the
patch!
* mount.s3ql now autodetects a sensible defaults for the
--max-cache-entries and --cachesize options.
2013-10-19, S3QL 2.5
* Removed a race condition that resulted in a crash when a file was
deleted while the upload was in progress, and the upload was then
restarted because of a connection problem.
* Specifying bzip2 as the compression algorithm for mount.s3ql
no longer gives an error.
* Fixed another race condition that could lead to the (apparent)
vanishing of the file system metadata when the mount.s3ql is
killed at an unfortunate time.
* S3QL programs no longer create an empty file in the default log
file location if a custom log file is specified with --log.
* contrib/benchmark.py is now working again - thanks to
* If a backend returns corrupted data, mount.s3ql no longer crashes
but switches to read-only operation.
* Fixed a problem with error messages from mount.s3ql being lost,
resulting in a file system shutdown for apparently no reason.
2013-08-27, S3QL 2.4
* Attempts to upgrade a file system that is already at the newest
revision no longer render the local metadata copy unusable.
* Google storage bucket names containing dots no longer cause
problems with SSL certificate validation.
* Fixed crash when statvfs() is called on an almost empty file
system (which may happen automatically when using some desktop
environments, resulting in an immediate crash after mounting an
empty filesystem).
* There is a new "swiftks" backend for OpenStack/Swift servers that
supports keystone authentication and allows specification of the
desired storage region.
* Eliminated a race condition that could lead to mount.s3ql crashing
with a "KeyError in collections/abc.py" under some circumstances.
* Fixed a crash that could occur when trying to clean up after
receiving a connection or server error when uploading an object.
2013-07-18, S3QL 2.3
* Reading the file system passphrase from the authinfo2 file
is now working again.
* The precedence of the authinfo2 sections has been fixed to agree
with the documentation: later entries override earlier entries
rather than the other way around.
* Fixed a problem with mount.s3ql not recognizing the upgraded
revision when `s3qladm upgrade` was run with a different
--cachedir argument.
* Fixed a crash of the s3 backend when multiple objects are deleted
and the s3 connection needs to be re-established.
2013-07-12, S3QL 2.2
* Eliminated a race condition that resulted in an apparent loss of
remote metadata when the mount.s3ql process was interrupted after
renaming the remote metadata but before having completely uploaded
the local metadata.
* Attempting to run mount.s3ql with --allow-user but without having
the necessary permissions no longer results in the file system
being marked as needing fsck.
* The S3 backend now deletes multiple storage objects using one
request if possible, reducing latency, traffic and number of
requests to S3.
* S3QL is now able to detect server errors and redirections before
all data has been sent to the server. This avoids pointless data
transfers and should fix a problem with S3QL operating very slow
when operating on recently created storage buckets/containers.
* There is a new 'rackspace' backend that allows specification of
the object storage region in the storage URL. The rackspace
backend also uses a different authentication API than the swift
backend (which can still be used for Rackspace as well). When
using the 'rackspace' backend, use your regular Rackspace password
instead of the API key as the backend password.
* The mount.s3ql --compress option now allows specification of the
compression level in addition to the compression algorithm.
2013-06-14, S3QL 2.1 (beta)
* S3QL now uses SSL connections by default.
* S3QL now verifies server certificates when using SSL connections.
* There is a new --no-ssl option that now works for every backend.
* The Amazon S3 and Swift backends are now working again (regression
was introduced in 2.0-beta).
2013-05-12, S3QL 2.0 (beta)
* S3QL now requires Python 3.3 or newer.
* S3QL now requires the pycrypto third-party Python module.
* S3QL now requires at least version 0.39 of the llfuse Python
module.
* Cycling of metadata backups when using the local backend now
takes much less time.
* S3QL no longer requires the unittest2, pycryptopp and lzma
third-party Python modules.
* It is no longer required that S3QL and Python APSW be linked to
the same SQLite shared library.
* mount.s3ql: fixed crash when using --metadata-upload-interval 0.
* Instead of completely unmounting the file system (and leaving the
mount point inaccessible) when backend data is missing or
corrupted, S3QL now returns an error and switches to read-only
operation.
2013-04-09, S3QL 1.14
* Reduced CPU consumption when S3QL is idle.
* S3QL now automatically retries requests when S3 reports an
"internal error" (this functionaly got accidentally broken
in S3QL 1.13).
* Fixed a hang when using s3qlrm to delete a directory with
a very large number of sub-directories.
2013-03-03, S3QL 1.13.2
* Allow S3 bucket names starting with a number.
* Return EOPNOTSUP error on ACL operations. The previous value of
EINVAL works with FUSE, but confuses several applications.
2013-02-24, S3QL 1.13.1
* Change error code returned to applications trying to set ACL
extended attributes. The previous error code of ENOSYS had the
unintended side effect that some FUSE versions gave up trying to
get/set any extended attributes at all.
2013-02-23, S3QL 1.13
* Fixed issues when trying to access a directory at the root
of the file system that has recently been removed with s3qlrm.
(In that case the directory was no longer included in the
readdir() output, but it was still posssible to stat() it because
was still present in the kernel's dentry cache).
* When trying to connect to the backend, S3QL now also retries at
increasing intervals if DNS appears to be unavailable (i.e., if
there's currently no network at all). This means that mount.s3ql
will no longer bail out when called without a network connection
but simply retry (printing warning messages in the process).
* Work around undocumented "Timeout" reply from Google Storage and
retry instead of crashing.
* Instead of failing with a bogus "Invalid credentials or skewed system
clock" error when trying to access a bucket with an invalid DNS
name, S3QL now prints a proper error message.
(Such bucket names are still allowed when using the US Standard
regions, but generally not a good idea).
* Removed ostensible ACL support. It was found that S3QL never kept
ACLs and file permission bits synchronized as mandated by POSIX.
This is due to a bug in the FUSE library and cannot easily be
fixed in S3QL. Consequently, S3QL no longer reports ACL support
unless a FUSE version with the necessary bugfix version is
installed.
* Fixed a bug that caused malformed metadata to be written out when
using recent eglibc versions (the relevant change in eglibc
was introduced between eglibc versions 2.13 and 2.17).
2012-09-03, S3QL 1.12
* Be more verbose about how to remedy the situation when attempting
to upgrade file system needing fsck.
* Fsck now detects and fixes directory entries which do not have an
entry type stored in their mode field.
2012-05-04, S3QL 1.11.1
* Fixed crash when using S3 backend.
(Regression introduced in release 1.11).
* Increase minimum reported file system size to 1 TB, and work
around df bug so that size is reported properly.
* umount.s3ql now produces a more helpful error message if the
file system has crashed.
2012-04-29, S3QL 1.11
* S3QL no longer uses the confusing "bucket" term (which is S3
specific). The "bucket-passphrase" option in the authentication
file has been renamed to "fs-passphrase".
* Metadata about stored objects is now split into multiple fields,
so that no field is longer than 256 bytes. This makes S3QL
compatible with a wider range of storage providers.
Thanks to Stuart Wallace <[email protected]> for reporting this
issue.
* The SWIFT backend now retries if it receives 5xx error codes from
the remote server, and no longer fails when attempting to upload
data with an expired auth token. Thanks to Ken
<[email protected]> for the report and initial patch!
2012-02-24, S3QL 1.10
* The s3s, s3cs and gss backends have been removed. Use the new
--ssl option together with the s3, s3c and gs backends instead.
* S3QL no longer keeps track of consistency guarantees for the
different backends. The increasing number of different storage
providers offering different regions, redundancy and availability
levels makes this no longer feasible.
* The User's Guide contains a new section "Important Rules to Avoid
Losing Data". Reading it is strongly recommended.
2012-01-21, S3QL 1.9
* Fixed a problem with file and directory time stamps
changing with the time zone of the mount.s3ql process.
* Fixed a crash in contrib/benchmark.py and made output
(hopefully) easier to understand.
* Fixed "Too many chained redirections" bug when trying to access
a new bucket immediately after creation.
* When receiving 5xx errors from the server, S3QL now waits and
retries instead of aborting immediately.
* contrib/s3ql_upstart.conf now supports running S3QL as an
ordinary user.
* S3QL now has experimental, native support for OpenStack/SWIFT
servers. Thanks to the guys from www.bitbackup.de for providing
support and a test server!
* S3QL now has experimental proxy support and will honor the
http_proxy and https_proxy environment variables.
2011-12-06, S3QL 1.8.1
* Fixed direct updates from 1.6 to 1.8.
2011-12-05, S3QL 1.8
* Fixed "ValueError: Can't dump NULL values" crash when file system
metadata was uploaded during heavy file system activity.
* Deleting files no longer takes O(number of distinct filenames)
time (bug introduced in 1.7).
* Improved s3qlcp and directory listing performance for very large
directories.
* The --blocksize option of mkfs.s3ql has often been misunderstood,
leading people to create file systems with block sizes
significantly smaller than 1 MB.
As a matter of fact, a small S3QL block size does *not* have any
advantage over a large block size when storing lots of small
files. A small block size, however, seriously degrades performance
when storing larger files. This is because S3QL is effectively
using a dynamic block size, and the --blocksize value merely
specifies an upper limit.
To make this more clear, the --blocksize option has been renamed
to --max-obj-size. If you created your file system with a block
size of less than 1 MB, it is strongly recommended to recreate it
with a larger block size. Unfortunately, an in-place conversion of
the block size is not possible.
* mount.s3ql has a new --min-obj-size option. In the future, files
smaller than the minimum object size may be combined into groups
that are stored as single objects in the storage backend.
* Depend on python-llfuse 0.37. This fixes a problem with the file system
effectively blocking any other request while an s3qlrm, s3qllock
or s3qlcp instance is running.
* Fixed some crashes happening under heavily concurrent file system
usage.
2011-11-27, S3QL 1.7
* Extended attribute names are now de-duplicated.
* Metadata is now stored in a custom, delta-encoded binary format and
then BZIP2 compressed, resulting in a 5-fold speedup when dumping
and compressing.
* Inodes are now assigned sequentially rather than randomly, and old
inodes are not reused. This makes S3QL fully NFS compatible and
allows metadata to be stored much more efficiently, resulting in
a 4 to 8 fold decrease in compressed metadata size.
* s3qlcp now also copies extended attributes.
* s3qlcp no longer generates incorrect block reference counts when
copying a file that has identical blocks (i.e., that can be