====== 0.9.7 (2009-11-10) ------ Client changes - Support kernel 2.6.31 - Add "isr poweroff" command to delete a parcel's memory image - Add -D/--dirtometer option to launch dirtometer at resume time - Show extra parcel information in "ls -l" output (requires 0.9.7 server) - Complain if --rollback specified but parcel already checked out - Only permit "resume -d" if the parcel has been prepared with "checkout -d" - Check parcel lock at resume time unless running disconnected - Make path to user data directory configurable with "isrdir" option - Fix small leak of kernel memory at parcel suspend - Work around udev bug leading to resume failures on Fedora 12 - No longer require a reboot after initial install on some Linux distributions - Various minor fixes and cleanups ------ VMM driver changes - virtualbox: Fix failure to resume a new parcel on VirtualBox >= 3.0.2 - kvm: Use our own VNC viewer rather than SDL. RightCtrl-F will now toggle full-screen mode and RightCtrl-Q will suspend the parcel. The window's maximize and close buttons now work as expected. - kvm: Work with KVM version shipped with RHEL 5.4 - Add "none" driver that just waits for SIGINT ------ Server changes - Place default content root under --localstatedir specified to ./configure - Create content root during "make install" ------ isr_admin changes - makeparcel: Fix breakage introduced in 0.9.6 - import/export: New commands to convert a parcel from/to a flat disk image - copyparcel: Resize copied parcel when -s specified (first resume requires client >= 0.9.7) - makeparcel: Allow specifying memory image contents with -C/--cfgdir - Add -f/--force option to skip prompting in deluser, delparcel, and prune - Fix error when a user's first parcel is created by the user instead of root - Various minor fixes and cleanups ====== 0.9.6 (2009-08-21) ------ General changes - Add dependencies on libgmp and libtasn1 - Add build dependency on libtasn1's asn1Parser utility - Fix miscompilation on Fedora 11 AMD64 ------ Client changes - Add support for kernel 2.6.30 - Work around udev bug leading to resume failures on Fedora 11/Ubuntu 9.04 - No longer upload session log to the server on checkin/sync - Properly enable the initscript during postinstall on Fedora systems - Run the initscript in the standard runlevels on Debian-derived systems - Rename system config files from "openisr" to "openisr-client" - Many cleanups ------ VMM driver changes - virtualbox: Support VirtualBox 2.2 and 3.0 - virtualbox: Fix DeprecationWarning messages with Python 2.6 ------ Server changes - Add http_path config option giving path to content root in URL space - Change default content_root and http_path (see README.server) - README.server: Add additional information on web server configuration - isr_admin: Simplify getusage output ====== 0.9.5 (2009-03-20) ------ Client changes - Change license of Parcelkeeper, tools/*, and bash completions to GPLv2 - Change license of libvdisk to LGPLv2.1 - Add dependencies on GTK+, libarchive, and e2fsprogs' libuuid - Drop dependencies on OSSP UUID and OpenSSL libraries - Drop dependencies on tar, gzip, openssl, and pv programs - Support kernels 2.6.28 and 2.6.29 - Add rewritten dirtometer with more frequent updates and more information - Automatically build kernel modules when booting a new kernel - Add "make postinst"; simplify installation instructions - Suspend the parcel when the client program receives SIGINT - Nexus: fix NULL pointer dereference if encryption is disabled - Add config option for Nexus chunk cache size; raise default to 32 MB - Always disable SQLite fsync() calls; remove options controlling this - Various minor fixes and cleanups ------ VMM driver changes - kvm: Support KVM >= 80 - kvm: Support qemu 0.10 when KVM support is enabled - kvm: Properly handle systems calling the KVM binary "qemu-kvm" - kvm: Add "-cdrom auto" kvm.cfg option to autodetect host CD-ROM drive - virtualbox: Support VirtualBox 2.1 - virtualbox: Properly resume parcels with inaccessible CD/floppy images - virtualbox: Properly handle changes in VirtualBox settings format version - virtualbox: Try to be more helpful after mysterious resume failures - Various minor fixes ------ Server changes - Fix "isr_admin getusage" output - No longer ship upgrade code for 0.8-format parcels ====== 0.9.4 (2008-10-15) ------ General changes - Add support for VPATH builds - Build system cleanups - Simplify configure script command-line options - Documentation updates ------ Client changes - Add VMM agnosticism support via VMM-specific drivers - Add VMM drivers for VMware, VirtualBox, and KVM - Add support for 2.6.27 kernel - Drop support for kernels older than 2.6.18 - Add "isr uuid" command to print the UUID of a parcel - Remove obscure "-l" option to "isr stat" - No longer build kernel modules along with the client - Greatly reduce installed size on disk - Assign new parcel MAC addresses on first resume of pre-0.9.4 parcels - Depend on Python if VirtualBox driver is installed - Fix segmentation fault with VMware when SELinux is enabled - Fix rare BUG_ON() in Nexus under heavy parcel I/O - Remove VMM logs and core files from memory image directory before uploading - Save and restore dirtometer window location and settings across runs - Show parcel name in dirtometer window title if started by client - Bring bash completions up-to-date with current isr command-line options - Various minor fixes and cleanups ------ isr_admin changes - Add support for specifying default VMM driver in makeparcel - Remove VMware-specific memory image handling (done on the client now) - Generate random passwords in adduser unless default_pass is set - Remember to delete parcel data in deluser - Fail adduser if the account already exists - Force default server hostname to lower case - Remove support for /etc/openisr/skel ====== 0.9.3 (2008-08-05) ------ Client changes - Drop support for kernels older than 2.6.15 - Drop support for distributions with pre-2.6 headers in /usr/include/linux - Add support for 2.6.26 kernel - Add configuration and command-line options to disable fsync() calls - Add dirtometer (needs gtk2-perl) - Add configuration option to automatically start dirtometer at resume time - Fix openisr-config on newer distributions when installing from source - Change shared memory interface to mark chunks dirtied by previous sessions - Minor runtime performance optimizations - Improve documentation of installation requirements - Various minor fixes ------ Server changes - Fix "isr ls" when $content_root/$userid directory is not writable ====== 0.9.2 (2008-06-20) ------ Client changes - Add support for 2.6.24 and 2.6.25 kernels - Fix long delay at Parcelkeeper shutdown when hoard cache is large - Nexus now reports I/O errors to Parcelkeeper for inclusion in the parcel log - Prevent parcel checkin if I/O errors have occurred - Fix spurious "cannot rollback - no transaction active" messages - Remove dependency on syscall.ph - Fix hoard failures when hoarding during a checkin - Always print an error on "isr ls" failure - Vacuum keyring before checkin to improve access times - Various minor fixes ------ Server changes - Add basic documentation on installing and running a server - Properly check for OpenSSL and zlib in configure script - Minor fixes to isr_admin usage message ====== 0.9.1 (2008-02-12) ------ Client changes - Major hoard cache performance improvements - Performance improvements to lshoard, rmhoard, and stat subcommands - Update udev rules to make /dev/loop* and /dev/openisrctl mode 660, group "isrusers". (The group name can be overridden using the --with-group configure option.) - Add -Y/--splice checkp option for use in recovering data from a damaged local cache - Automatically run checkp at resume/checkin time if the previous resume terminated abnormally - Warn before resuming a parcel with a damaged local cache - Show total size of all VMM state, not just the memory image file, in "isr stat" - Add bash completion rules for "isr" command - Add logtype field to parcel log messages - Fix "Couldn't generate tag list" error at checkout/checkin - Fix ATTACH error at Parcelkeeper startup - Fix keyroot disclosure on multi-user client hosts with world-readable home directories - Fix symlink attacks; respect TMPDIR environment variable - Fix fcntl locking through libvdisk on 64-bit platforms - Error out, rather than displaying a password prompt, when connecting to a server we don't have authentication credentials for - Correctly notice the lack of a network connection when there are no active network interfaces - Fix "isr hoard" on clients which have never done a checkout - Miscellaneous fixes and cleanups - Packaging updates ------ Server changes - Fix checkparcel for parcels whose CHUNKSIZE is not a multiple of CHUNKSPERDIR - Fix symlink attacks - upgrade-0.9: Fix bug which could cause converted parcels to fail checkparcel validation - upgrade-0.9: Refuse to run if the source parcel is checked out - upgrade-0.9: Do not fail if the source parcel has never been checked out ------ isr_admin changes - copyparcel: Fix generation of invalid parcel.cfg files - makeparcel: Generate appropriate .vmx and .vmdk files for the new parcel. Add mandatory -m/--memsize option. - copyparcel: Prune cfg tarball and update parcel-specific parameters in .vmx file - Add delparcel command ====== 0.9 (2007-12-18) ------ Client changes - Incompatible change to hoard cache format; see http://www.coda.cs.cmu.edu/maillists/isr-list/isrlist-2007/0007.html - Fix Nexus BUG() on UP kernels - Fix deadlock with concurrent SQLite queries - "isr clean" now does a soft release of the parcel lock, making it safe to use instead of "isr discard" + "isr checkin" (which is slower). The historical behavior is available via "isr clean -f". - Add -l option to "isr stat", which shows the parcel UUID - Improve thoroughness of "isr checkhoard" and implement "isr checkhoard -c" - Improve accuracy of Parcelkeeper progress bars - Clean up SQL error logging - Update to SQLite 3.5.4 - Minor fixes and cleanups - Packaging updates ------ Server changes - Remove dependency on procmail - Merge parcel nonce file into lockfile - Fix isr_admin makeparcel on 32-bit hosts - upgrade-0.9 cfg directory whitelist/blacklist updates ====== 0.9-pre (2007-12-03) ------ Headlines - Significant server API changes. 0.9-series clients will not work with older servers, and vice versa. Parcels created for older versions of ISR will need to be converted to 0.9 format before they can be used with an 0.9 server. - The distinction between nameservers and content servers has been eliminated; each parcel is now associated with exactly one server. - The client has a new hoard cache implementation which significantly reduces the need to download data more than once, even across parcels. ------ Parcel format changes - Parcel data is now encrypted with the AES algorithm instead of Blowfish. - Replace redundant ASCII and binary keyring files with a new, SQLite-based keyring - Eliminate index.lev1 file and fold its contents into parcel.cfg - Session logs are now per-parcel rather than per-user. Actions which do not apply to a specific parcel are logged to the per-parcel log of every parcel known to the client. - Each parcel now has a UUID which uniquely identifies that parcel - The layout of the ~/.isr directory on the client has changed significantly ------ Client changes - Checkouts and hoard caches created by OpenISR 0.8.4 and earlier will not be recognized by this version. At resume time, the client will warn about any old-style checkouts, and will offer to delete old-style hoard caches to free up disk space. - Replace Vulpes with Parcelkeeper, a near-complete rewrite - Always copy disk chunks, keyrings, and memory images to the hoard cache after downloading, eliminating redundant downloads - Eliminate extra copy of memory image on the first resume after checkout, at the cost of a slower "isr discard" - Dramatically improve the performance of "isr ls" - Significantly clean up logging format for enhanced readability - Add experimental support for LZF compression - Add low-level infrastructure for VMM independence - Rename the Nexus "zap" sysfs action to "kill" to clarify the destructive nature of the action - No longer zero the Nexus "state_times" counters when the sysfs attribute is read. Writing a string to the attribute file will zero the counters. - Eliminate or reduce several logging races - Miscellaneous fixes and cleanups ------ "isr" command line - Add new hoard cache management commands: lshoard, rmhoard, checkhoard - Rename -n/--nameserver option to -s/--server - Rename -X/--noauto option to -F/--no-fullscreen - Eliminate "clean -a"; use rmhoard instead - Eliminate broken (and dangerous) "reset" command - Eliminate "-p" option, which was accepted and ignored in 0.8 - Eliminate "checkparcel" command, which was just an alias for "checkp" - Move server-side parcel validation from "checkp" to "checkp -e" - Move local cache validation from "stat -c" to "checkp" - Move hoard cache validation from "stat -c" to "checkhoard" - "checkp" and "checkhoard" will not validate the hashes of stored disk chunks unless the -c/--checkstate option is provided - Eliminate "disconnect"; use "checkout -d"/"resume -d" instead. "checkout -d" is now an alias for checkout + hoard, and "resume -d" will invoke "hoard" if the parcel is not fully hoarded. - Eliminate -x/--nocheckstate; the functionality it was bypassing is now mandatory for checkin/sync and is no longer the default in other cases. When passing -d/--disconnected to checkout and resume, you can pass -c/--checkstate to get the old "disconnect" behavior. - Allow a parcel's UUID to be used on the command line in place of its name if the parcel is currently checked out ------ Client configuration - Read per-user config file from ~/.openisrrc instead of ~/.openisr.conf - Rename "nameserver" config option to "server" - Change format of "logmask"/"console_logmask" options: instead of a bitmask, these now take a comma-separated list of log types. Currently accepted types are: none, info, error, chunk, transport, query, slow. - Add "compression" option, which specifies the compression algorithm to be used for newly written disk chunks - Add "hoard_minsize" option, which specifies the hoard cache size (in MB) below which no chunks will be garbage-collected from the cache - Add "disable_lookaside" debug option; set this to "1" to force re-downloading of the keyring and memory image at checkout ------ Significant client bugfixes - Permit a server-side checkparcel operation concurrently with other parcel operations (such as resume) - Disallow sync/checkin if we no longer hold the parcel lock - No longer allow running in disconnected mode if the local cache is fully populated but the hoard cache is not, since this could cause "isr discard" to have unexpected side effects - Properly handle simultaneous checkouts of parcels with the same userid and parcel name, but different servers ------ Server changes - Ship the server code in the source tarball; the server can be installed by passing --enable-server to configure. - Allow the server modules to be installed anywhere in the filesystem, so long as the new "isr_runserv" wrapper script is in the PATH - Add a script, upgrade-0.9.pl, which will read an ISR-3 or OpenISR 0.8 parcel and write out a new one in OpenISR 0.9 format - Improve the thoroughness of the checkparcel module - Various performance improvements ------ isr_admin changes - All isr_admin commands should now work properly - Simplify isr_admin's command-line syntax - Add "isr_admin makeparcel" command to create an empty parcel from scratch ------ Server configuration - The message-of-the-day file is now located at /etc/openisr/motd - cfg tarballs included in parcels generated with "isr_admin makeparcel" will be pre-populated from the contents of the /etc/openisr/skel directory, if it exists - Server.pm no longer contains system-specific configuration information. That data has been moved to a new config file, /etc/openisr/locksrv.conf, which contains "key = value" pairs. Default values will be chosen if locksrv.conf is missing or does not contain a particular key. - Add "content_root" config option to locksrv.conf, giving the path to the HTTP document root - Add "default_pass" config option, giving the password that will be assigned to user accounts created by isr_admin - Add "hostname" config option, giving the server hostname that should be written to parcel.cfg files generated by isr_admin ------ Significant server bugfixes - Don't create world-readable, unencrypted keyrings in the webroot - Don't set execute bits on chunk and image files during commit - Allow checkparcel on a version != 1 which has no predecessors (i.e., a parcel that has been pruned) - Don't allow a client to commit or rollback a parcel unless the client holds a valid nonce - Avoid potential data corruption if multiple clients try to upload a checkin at the same time (due to a stolen parcel lock) - Avoid exposing a parcel's keyroot to other users of the server system - Generate each new parcel with a unique keyroot - Significantly improve the entropy in generated keyroots ====== 0.8.4 (2007-11-20) - Add dependency on "pv" (http://www.ivarch.com/programs/pv.shtml) - Fix kernel crash triggerable by any local user - Fix rare deadlock on single-core, non-HT machines - Dramatically reduce Vulpes' CPU utilization - Add support for 2.6.23 kernel - Add support for running VMware on 64-bit hosts - Add AES support to Nexus - Add support for external "dirtometer" program - Add openisr-config script to build and install the OpenISR kernel modules - Show a progress bar while encoding/decoding a memory image - Various improvements to handling of parcel memory image - Improve handling of loop device unbinding at suspend time - Fix client-commit and resume failures after a VMware crash with newer versions of VMware - Fix bug which could cause a stale memory image to be used after a parcel was shut down - Print a warning on resume if the loaded Nexus module is out-of-date - Various fixes and performance improvements - Packaging updates ====== 0.8.3 (2007-07-11) - Fix deadlock under high I/O load with large guest memory image - Fix kernel oops occurring with some kernel builds (e.g. Fedora Core 5) after Nexus block device shutdown. As a side effect, Nexus is no longer unloadable on 2.6.10 and 2.6.11. - Fix hang of "isr" command on 32-bit Ubuntu 7.04 systems - Add support for kernels 2.6.21 and 2.6.22 - Improve performance of client commit phase of "isr checkin" - Automatically load the loop driver at boot - Packaging updates - Minor fixes ====== 0.8.2 (2007-04-16) - Fix memory leak in Nexus kernel module. After upgrading to 0.8.2, you should reboot your system to free up leaked memory. - Fix race condition when performing checkouts on multiple parcels at once, potentially leading to nonce mismatches at checkin - Fix loop device leak when running multiple parcels simultaneously. This could eventually cause Vulpes to refuse to start until loop devices were manually deallocated. - Compile fixes for some Linux distributions - Documentation updates ====== 0.8.1 (2007-03-15) - Improve efficiency of zlib compression/decompression - Add optimized SHA-1 implementation for x86-64 architecture - Add support for kernel 2.6.20 - Add "nexus_debug" helper program to list/show/set Nexus debug bits - Convert build system to GNU Autotools - Improve performance of "isr stat" - Improve reliability of "isr disconnect" - Allow the checkout process to be cancelled with ctrl-C during memory image download - Add support for null encryption in Nexus and its test harness - Eliminate "hostid" per-system unique identifier. Upgrades from 0.8 will retain the identifier in /etc/openisr/hostid, but it will be ignored. - Improved documentation - Minor fixes ====== 0.8 (2007-02-15) - First release of OpenISR