FreeNAS 9.2.1.7 is now available

[jkh]

Hi folks,

Well, we said 9.2.1.6 would be the last in the 9.2.1.x series, but CVE-2014-3560 (a possible remote Samba exploit) forced us to change those plans. Come and get it from here, as usual!

While we were at it, we also added a few small performance improvements and brought over a small feature from 9.3, namely the ability to do replication on a direct link without encryption, potentially speeding up replication anywhere from 3-4X (especially over 10GbE). This is generally most useful when doing initial replication to a backup box, while they are co-located together, after which normal encryption can be used in sending the deltas.

Appended are the release notes for 9.2.1.7. We encourage all existing 9.2.1.x users to upgrade. Thanks!

- The FreeNAS Development Team

o Samba updated to 4.1.11
This addresses http://www.samba.org/samba/security/CVE-2014-3560

o Increase performance of Directory Copy from CIFS

o Add support for the None Cipher in SSH. This can be used to improve
replication performance at the expense of sending your data over the
wire in cleartext. (Think private 10Gbe interlink)

o Resolve issue with vlan interface locking that could cause a kernel
panic when creating a number of VLAN interfaces.

o Add support for compressing replication jobs with lz4

 

[SwampRabbit]

Thank you to the Dev Team for jumping on that Samba vulnerability and taking the time to add a few more additions.
It is very nice to see a quick response to a fairly high CVE like this.

By chance "Increase performance of Directory Copy from CIFS" was the fix for this "Bug #5715: Find commit to trueos that disabled sync for xattr and merge it to 9.2.1-BRANCH"?

 

[FreeNAS_Lover]

Great Work! Thankx..

 

[jlpellet]

Just FYI, on the .6 & .7 gui upgrades, it worked fine on my intel cpu machines but both froze @ 99% on my 1 AMD (A6-5400). After ~15 minutes, I refreshed the browser window & the status screen showed the older version with no reboot. Both times, on reboot, the system came up with the new version.

Thanks,
jlp

 

[Ismael Duarte]

I've tried this update twice. Both times everything went fine but, after 2 reboots I still see .6 as current version.

 

[deafen]

It looks like replication compression is turned on by default. I use replication to back up to another system (running 9.2.1.3 for logistical reasons, being upgraded today) and I'm getting errors like this:

Code:

Aug  8 12:31:01 delta autorepl.py: [tools.autorepl:427] Replication of tank@auto-20140805.1522-2w failed with /usr/local/bin/lz4c: Command not found. cannot receive: failed to read from stream Error 33 : Write error : cannot write compressed block

Obviously not a huge deal, but something that caught me off guard (and may catch others as well). So maybe a caveat that compressed replication should be turned off if you're replicating to a prior version?

 

[diedrichg]

Just FYI, on the .6 & .7 gui upgrades, it worked fine on my intel cpu machines but both froze @ 99% on my 1 AMD (A6-5400). After ~15 minutes, I refreshed the browser window & the status screen showed the older version with no reboot. Both times, on reboot, the system came up with the new version.

Thanks,
jlp

I also have an AMD desktop that I use to do the upgrades. I would always get this problem when using Firefox but as soon as I use Chrome, it works perfectly. Try Chrome.

 

[Whattteva]

Strange, I'm the other way around. Never ever had any problems with Firefox, but other browsers like Chrome chokes on me.

 

[D G]

Updated just fine for me from 9.2.1.6 using Chrome. Rebooted twice and then loaded up.

 

[jkh]

It looks like replication compression is turned on by default. I use replication to back up to another system (running 9.2.1.3 for logistical reasons, being upgraded today) and I'm getting errors like this:

Yeah, we made a small boo-boo in the database upgrade that flipped this option on by default (it can be flipped back off, or the other box can be upgraded to 9.2.1.7 as well to make the settings match again). I just put a note in http://download.freenas.org/9.2.1.7/RELEASE/Errata which covers this. Thanks!

 

[jkh]

By chance "Increase performance of Directory Copy from CIFS" was the fix for this "Bug #5715: Find commit to trueos that disabled sync for xattr and merge it to 9.2.1-BRANCH"?

Yep, that's the one!

 

[ThreeDee]

another smooth update ..Thanks!

 

[noprobs]

Slight correction. This release includes three compression options: lz4, pigz and plzip

In testing:
- LZ4 was best for very slow computers or >=Gb connection to replication array
- PLZIP was best for all connections <=1Mb and generally best for <=10Mb
- PIGZ was in the middle in all cases and occasionally led the way

Using optimal compression increased replication throughput by a factor of 1.4 to 4

Usual caveats - the benefit any user will see depends on computers either end, connection quality/bandwidth, data compressibility etc etc. I would be keen to know test results with 10Gb connectivity

I will submit the test results matrix to 9.3 docs

 

[diskdiddler]

o Add support for compressing replication jobs with lz4

What exactly does this mean?

 

[cyberjock]

What exactly does this mean?

It means the replication data stream is compressed with lz4.

 

[diskdiddler]

Ok I kinda thought it was some kind of background task you could set, to convert an existing drive from uncompressed to compressed.
I think I might skip updating until I see some big changes, I've never done an update and it feels kinda risky. Maybe a few months into 9.3 :)

 

[cyberjock]

Honestly, 9.2.1.7 will always be less risky than 9.3 because 9.2.1.7 has had 4+ months of debugging on it.

 

[diskdiddler]

Nah, one would assume with a piece of software designed specifically to store files, that 2 or 3 versions in, it'll be pretty safe.

 

[cyberjock]

I don't think you know what you are talking about to be honest.

9.2.1.7 had eight... EIGHT versions of nothing but bug fixes. 9.3.0 is going to be a serious overhaul, new kernel and all sorts of other stuff. it's going to be a single release.

So again, weight a single release versus eight bug fix releases and guess which is less risky? Yeah.. 9.2.1.7.

So no, sorry, still don't agree with whatever statement you are trying to make. I already considered the whole release cycle when I recommended 9.2.1.7 and said it is less risky. But feel free to do what you want. It's your server and your choice.

 

[diskdiddler]

Well firstly, I was stirring you, because I know how many versions the program had for 9.2.1 - I saw your frustrated posts in the forum threads for several releases before I started using it.

Secondly, to imply no version will ever be as stable as 9.2.1.7 is frankly, bloody ridiculous. How much faith do you actually have in the product you seemingly appear to support?

Thirdly, I was also facetiously implying that surely an operating system designed for storage of data, would SURELY be damn well bloody tested at least half decently by the developers.

Some of the hyperbole and paranoia you post, is a real worry.