headers
Jim Meyering | 19 Apr 23:20

coreutils-6.11 released

Coreutils version 6.11 has been released.  This is a stable release.

Since 6.10, there have been 200 change sets in coreutils proper and almost
300 in gnulib (most of the files in coreutils/{lib,m4} come from gnulib).

Thanks to everyone who has contributed to this release.
This time, a trio from Stanford, Cristian Cadar, Daniel Dunbar and
Dawson Engler deserve special thanks for discovering an amazing number
of bugs (usually segfault-inducing), one in each of the following tools:
pr, md5sum (also affecting sha*sum), mknod, mkfifo, mkdir, paste and ptx.

For a summary of changes and contributors, see:
  http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=shortlog;h=v6.11
or run this command from a git-cloned coreutils directory:
  git shortlog v6.10..v6.11

To summarize the gnulib-related changes, you can run this command
From a git-cloned gnulib directory:
git shortlog 16c6ed60fb53998428f510f649ee6b57fea30f35\
..2e8956774250d3f5636898fea193c5abaf041d08

Here are the compressed sources:
  ftp://ftp.gnu.org/gnu/coreutils/coreutils-6.11.tar.gz     (8.8MB)
  ftp://ftp.gnu.org/gnu/coreutils/coreutils-6.11.tar.lzma   (3.6MB)

Here are the GPG detached signatures[*]:
  ftp://ftp.gnu.org/gnu/coreutils/coreutils-6.11.tar.gz.sig
  ftp://ftp.gnu.org/gnu/coreutils/coreutils-6.11.tar.lzma.sig

For more information on LZMA compression, see <http://tukaani.org/lzma/>.
(Continue reading)

Permalink | Reply |
headers
Russ Allbery | 20 Apr 03:25
Favicon

Re: coreutils-6.11 released

Jim Meyering <jim <at> meyering.net> writes:

> Coreutils version 6.11 has been released.  This is a stable release.

[...]

> ** Improvements
>
>   id and groups work around an AFS-related bug whereby those programs
>   would print an invalid group number, when given no user-name argument.

I'm hoping that this doesn't mean that coreutils suppresses display of the
PAG group on a system running AFS, since seeing that group is valuable for
debugging.  It really is a supplemental group of the process, even though
it's created in the kernel rather than initialized from /etc/groups.  For
example:

windlord:~> id
uid=1000(eagle) gid=0(root) groups=0(root),4(adm),24(cdrom),29(audio),44(video),1000(eagle),1103312837
windlord:~> id --version
id (GNU coreutils) 6.10

that final group number is useful information.  It was always one of the
features of GNU id over, for example, the Solaris implementation that it
didn't suppress that group number, and I've used that before in programs.

Copied to the AFS list so that people are aware that a change happened in
this area, in case anyone notices differences after a coreutils upgrade.

--

--
(Continue reading)

Permalink | Reply |
Permalink | Reply |
headers
Russ Allbery | 20 Apr 20:37
Favicon

Re: coreutils-6.11 released

Jim Meyering <jim <at> meyering.net> writes:

> You can tell I don't use AFS and didn't do my homework.
> I wish you'd noticed and spoken up a month or so ago.

Unfortunately, I only follow the announcement list.  :/

> Knowing that, I expect to revert that patch -- unless someone
> can come up with a very good argument for the new behavior.
>
> Out of curiosity, how have you used it?

Usually to tell whether two shells are in different PAGs, which is useful
when hunting down problems with AFS PAM modules and the like.  Also to
tell whether a process is in a PAG at all, although with current Linux
kernels the keyring is the canonical place where that's stored.

--

-- 
Russ Allbery (rra <at> stanford.edu)             <http://www.eyrie.org/~eagle/>
Permalink | Reply |
headers
Brandon S. Allbery KF8NH | 20 Apr 21:08
Favicon

Re: Re: coreutils-6.11 released


On Apr 20, 2008, at 14:37 , Russ Allbery wrote:

> Jim Meyering <jim <at> meyering.net> writes:
>> Knowing that, I expect to revert that patch -- unless someone
>> can come up with a very good argument for the new behavior.
>>
>> Out of curiosity, how have you used it?
>
> Usually to tell whether two shells are in different PAGs, which is  
> useful
> when hunting down problems with AFS PAM modules and the like.  Also to
> tell whether a process is in a PAG at all, although with current Linux
> kernels the keyring is the canonical place where that's stored.

Putting on my sysadmin hat, I am somewhat baffled by this  
discussion.  Completely hiding unknown groups?  I would print  
numerically and return a nonzero exit status (the latter possibly  
overrideable for OpenAFS use where they are expected); hiding them  
completely isn't just a way to annoy OpenAFS users, it also hides a  
clue to a system configuration problem (namely, missing groups in the  
group database).

If someone actually needs the hiding behavior, make it an option  
(possibly invokable via an environment variable).

--

-- 
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] allbery <at> kf8nh.com
system administrator [openafs,heimdal,too many hats] allbery <at> ece.cmu.edu
electrical and computer engineering, carnegie mellon university    KF8NH
(Continue reading)

Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
headers
Adam Megacz | 22 Apr 19:10
Favicon

Re: retaining AFS-specific nameless group IDs (PAG) in `id' and `groups'


Jim Meyering <jim <at> meyering.net> writes:
> Since you guys are interested in AFS, I'm hoping one of you will
> respond to the above.

http://lists.openafs.org/pipermail/openafs-info/2008-April/029132.html

> I'll wait a few days, after which, if I don't hear anything, I'll
> just revert to the old behavior.

If "old behavior" means no special action for GIDs that might be PAGs,
I think that is the right course of action.

  - a
Permalink | Reply |
Permalink | Reply |
headers
Chas Williams (CONTRACTOR | 25 Apr 16:08

Re: Re: retaining AFS-specific nameless group IDs (PAG) in `id' and `groups'

In message <871w4waj0o.fsf <at> rho.meyering.net>,Jim Meyering writes:
>Maybe you can help (this may save you trouble in terms of
>avoided regressions later ;-):
>
>  - how can I detect (in Perl or Bourne shell) whether the
>  current system is AFS-enabled?

there is currently no single method.  at one point, afs patched the
syscall table to present the necessary ioctl but now it creates a
a special /proc entry, /proc/fs/openafs/afs_ioctl, when the syscall
table cant be patched.

>  - is there always exactly one PAG?

currently, a process can only belong to a single PAG.

and ealier someone asked (perhaps Didi <ribalba <at> gmail.com>):

> If someone can provide code to determine efficiently
> whether a nameless GID is a PAG then we can probably
> make everyone happy.  If that happens, I'll need to
> know if there's a standard or accepted mapping from
> GID to PAG group name.  Pointers to unencumbered code
> would be welcome.

with the keyring code, PAG's are no longer exposed to the user
as a number.  however, in the older group based PAG support, the
PAG id is encoded as:

	('A' << 24) + (pagCounter++ & 0xffffff));
(Continue reading)

Permalink | Reply |
Permalink | Reply |
headers
Derrick Brashear | 25 Apr 22:02

Re: Re: retaining AFS-specific nameless group IDs (PAG) in `id' and `groups'

On Fri, Apr 25, 2008 at 12:19 PM, Russ Allbery <rra <at> stanford.edu> wrote:
> "Chas Williams (CONTRACTOR)" <chas <at> cmf.nrl.navy.mil> writes:
>
>  > with the keyring code, PAG's are no longer exposed to the user
>  > as a number.
>
>  This is not entirely correct.  The PAG is still exposed to the user as a
>  supplemental group even when keyrings are in use; the code just no longer
>  relies on it existing and will recreate the group when needed.

Chas wrote that code, in fact.

In any case, it will recreate the group when it can. Obviously you
can't rely on that.
Permalink | Reply |
headers
Adam Megacz | 21 Apr 21:14

Re: Re: coreutils-6.11 released


Didi <ribalba <at> gmail.com> writes:
> the main problem is that through this the 'groups'
> command becomes utterly useless and confused quite a lot of users.
> $ groups
> users id: cannot find name for group ID 1091323188

If you would like that numeric groupid to resolve to some alphanumeric
group name, the right way to do that is to use the NSS:

  http://www.hcoop.net/~megacz/software/libnss-afs.html

> If someone can provide code to determine efficiently whether a
> nameless GID is a PAG then we can probably make everyone happy.

The code you are looking for appears in libnss-afs, but it is based on
assumptions that are only valid on a system known to be running the
OpenAFS client.

In other words, unless coreutils somehow detects the presence of the
OpenAFS client (pioctls?), it probably shouldn't be trying to guess at
what is or isn't a PAG GID the way libnss-afs does.

  - a
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |
Permalink | Reply |

Gmane