Sales | Support:1-888-96LINUX

1.1.7-1/1.1.6-1 Release Notes

Release 1.1.7-1/1.1.6-1 includes the following changes:


Overview

This release includes the latest Centos kernel and bug fixes for CloakFS, iothrottled, and cpud's new parameters. Shorly after releasing 1.1.6-1, a memory leak causing severe load spikes was discovered. We removed the release the same day and resolved the issue. The memory leak bug was caused by our code refactoring efforts in cloakfs to support kernels 3.12 or greater. 

CloakFS

  • 1.1.7-1 memory leak fix. The leak caused severe load spikes.
  • New features: (These were available in the 1.1.5-1 release)
    • Hide system processes like root, nobody, mysql, etc. (default set to on)
    • Hide any directory or file from any user. We include scripts to hide /etc/passwd, /etc/named.conf, and /var/log, but you can use custom scripts with our parameter to hide any other directory or file. (default set to off)
    • Block users from running root suid programs. (default set to off)
    • To enable features disabled by default, follow the steps found here: Enable New CloakFS Features
  • Bug fix for resellers that own several hundred resellers. This improves lookup rule process speeds.
  • Bug fix for /etc/passwd cloaking to uncloak all application uids (make visible to the user). Faster etc_passwd_handler script.

blstat

  • 1.1.7-1 Fixed several bugs that were causing inaccuracies in the data reporting.

Kernel

Latest CentOS 6.5 Kernel: 2.6.32-431.11.2.el6

MySQL

Added MySQL versions 5.5.37 and 5.6.17

CPUD

  • 1.1.7-1 bug fix for cpud not restarting and getting stuck in D state.
  • Added new parameters for suspending cpu throttling when memory is low. This feature is helpful when cpud is throttling a lot of memory consuming program threads like MySQL. In this scenario, it's better to suspend cpu throttling and wait for some of the memory to free up before turning cpu throttling back on. The free_mem_jail_off/on _threshold memory parameters suspend cpu throttling when both memory page cache drops below the specified "off" values and then resumes jailing when both are above the "on" values. The specified values are in megabytes.

Example:
free_mem_jail_off_threshold memory=768 cache=768

free_mem_jail_on_threshold memory=1536 cache=1536

Add these parameters to /etc/betterlinux/cpud.conf.d/cpanel.conf or betterlinux.conf and restart cpud: (commenting them out will turn them off)

service cpud restart

IOTHROTTLED

Fixed a memory leak.

cPanel Configs

No changes.

Upgrading BetterLinux: 

Run this:

    yum --disableexcludes=all upgrade betterlinux\*

Then run this to regenerate configuration files:  (Warning: This overwrites existing configuration files. Move any changes you want to keep to a custom .conf file.)

    /etc/betterlinux/cpanel/bl-cphooks --init

Then reboot your system.


Changelog for BetterLinux Release 1.1.7-1/1.1.6-1

CPUD and CLOAKFS:

commit 8801332855dfd7098bad456e5cf7e099a9f6f2f1
Author: Fred Clift
Date: Mon Apr 28 10:13:13 2014 -0600

new per-user caching of more complicated passwd files for cloak_file

commit 18525a5c68ae65ad005da814e5d3d1e3d877e1fc
Author: Andrea Righi
Date: Fri Apr 25 15:54:39 2014 +0200

disable "jailing off when memory is critically low" by default

Signed-off-by: Andrea Righi

commit e4dca3adacbc30abcd076ea7756a41aaa15db446
Author: Fred Clift
Date: Thu Apr 24 17:31:27 2014 -0600

add reseller passwd file entries for passwd handler

commit 27b632f9611055b499e37afb8c8a83e39c4df9f1
Author: Fred Clift
Date: Wed Apr 23 11:27:23 2014 -0600

more specific regex for self-entry in passwd file

commit 4b9652d2cd259fd7d70e761fcd92409789d7e808
Author: Fred Clift
Date: Tue Apr 22 16:02:23 2014 -0600

new improved passwd file handler script with helper

commit 0d429f8fbd27d472daefd64851d4077da14119c2
Author: David
Date: Mon Apr 7 11:28:57 2014 -0600

Use fork/exec instead of popen() in bl_cloak.

commit 9c36d67608e5772c2d45273304689981bbc34ddb
Author: David
Date: Wed Apr 2 15:57:52 2014 -0600

Change free_mem_jail_off_threshold and free_mem_jail_on_threshold config options
to use free memory and used cache values instead of free memory and free swap.
Examples:
free_mem_jail_off_threshold memory=768 cache=768
free_mem_jail_on_threshold memory=1536 cache=1536
When free memory and used cache both fall below the free_mem_jail_off_threshold values
then jailed is turned off. It remains offuntil one or the other goes above the
free_mem_jail_on_threshold values.

commit 14007975cd2852d0590348ca216a32aa8484973c
Author: David
Date: Wed Apr 2 13:50:12 2014 -0600

Use fork/exec instead of popen() in bl_cloak.

commit 75040cf09e4fe1b2ce2236e226f77a36337aff2f
Author: David
Date: Mon Mar 31 10:50:26 2014 -0600

Remove references to cgroup-uid module.

commit 8beb30c563b6626d6c34774d760e3af2b10c2742
Author: David
Date: Fri Mar 28 14:22:16 2014 -0600

Print a warning when encountering deprecated config options.

commit 551301187fd150a300fdca9a386e113dfd3d2a5c
Author: David
Date: Wed Mar 26 13:55:31 2014 -0600

Add "require_both" option to "free_mem_jail_off_threshold" and "free_mem_jail_off_threshold_pct" config command.

commit 722c431281dbacffd7e0c44148ae94357ea5eed2
Author: David
Date: Tue Mar 25 15:59:06 2014 -0600

Fix bug in low memoyr jailing on/off code.

commit 0aea2fcac37a4083ab4354bafad87279cc1d5c79
Author: David
Date: Tue Mar 25 15:36:01 2014 -0600

Add free_mem_jail_off_threshold_pct and free_mem_jail_on_threshold_pct tunables.

commit 1a35946366dd97e94b468347b9df6825e6b1418e
Author: David
Date: Mon Mar 24 15:09:55 2014 -0600

Fix jail reduction/expansion failure log messages to indicate correctly the number of cores.

commit 759508e992dcd15366a4f4d3feeebed9b85f667c
Author: David
Date: Mon Mar 24 13:30:31 2014 -0600

syntax changes to free_mem_jail_on_threshold and free_mem_jail_off_threshold.

commit 6eb8cac2d4c0f5fda877755264ec68cd96d65e87
Author: David
Date: Fri Mar 21 15:51:46 2014 -0600

Change syntax of free_mem_jail_off_threshold and free_mem_jail_on_threshold.

IOTHROTTLED:

commit 0fdcaf48dfcfb3620daac6e707dcdfe7ab5538ca
Author: Andrea Righi
Date: Thu Apr 3 22:57:40 2014 +0200

fix format string build warning

Signed-off-by: Andrea Righi

commit 1ea25ecefb83e2bcd5f93abbfe91a11a14de6116
Author: Andrea Righi
Date: Thu Apr 3 18:40:19 2014 +0200

fix: correctly attach non-throttled PIDs to the root cgroup
Correctly attach PIDs to the root cgroup when they are not assigned to
any cgroup.

Signed-off-by: Andrea Righi

CPANEL CONFIGS:

No changes

KERNEL:

commit e2e55e5905c2c0ebd9a8049d7afcf1acb987a364
Author: Andrea Righi
Date: Thu May 1 08:57:26 2014 -0600

cloakfs: fix a bug that prevents root from seeing /proc subdirectories

Signed-off-by: Andrea Righi

commit e6c19fb46bc5c810e9190a734cfaa8803e15e298
Author: Andrea Righi
Date: Wed Apr 30 15:05:30 2014 -0600

kernel 3.12: apply cloakfs-v17
Add a cache to speed up cloak_list_loookup() even more.

Signed-off-by: Andrea Righi

commit 3a3e3532eeb30eb011f67430050f3550c6001dc3
Author: Jerry James
Date: Tue Apr 29 17:04:19 2014 -0600
 

Port our patches to the RHEL 7 beta kernel. Changes to the dedicated
and userblame modules were also necessary to support this new kernel,
due to changes in the way IPv6 addresses are handled.

Signed-off-by: Jerry James

commit 1f1557d7aa43ea242f5e50ed85dd105e9dd0c02a
Author: Andrea Righi
Date: Tue Apr 29 14:33:05 2014 -0600

centos6-2.6.32-279.22.1.el6: apply cloakfs-v17
Add a cache to speed up cloak_list_loookup() even more.

Signed-off-by: Andrea Righi

commit ec63648e7ff249483ac83374a7664440eb4f3741
Author: Andrea Righi
Date: Tue Apr 29 10:20:37 2014 -0600

cloakfs: fix: use the right pid_group notifier callback function address

Signed-off-by: Andrea Righi

commit 9d492fa5d0df4cbefbd31419f94cc9824636a2d7
Author: Andrea Righi
Date: Mon Apr 28 17:20:58 2014 -0600

klibgrp: export register/unregister_pid_group_notifier
Export register/unregister_pid_group_notifier to use them from
other modules.

Signed-off-by: Andrea Righi

commit 2436360ff8c32248d8465aa018e1f1c167e4af0d
Author: Andrea Righi
Date: Mon Apr 28 17:11:36 2014 -0600

cloakfs: fix undeclared variable bug

Signed-off-by: Andrea Righi

commit 55816fc1ffe42e33e55d145fcea42210dbe28616
Author: Jerry James
Date: Mon Apr 28 17:01:14 2014 -0600 

Cloakfs module: really, really, really fix the build bug. Really.

Signed-off-by: Jerry James

commit ce075d4b08a6cdc9cc975e012a0ab937198b6fbf
Author: Andrea Righi
Date: Mon Apr 28 16:37:57 2014 -0600

cloakfs: fix a build bug introduced with e1d3366

Signed-off-by: Andrea Righi

commit 38946afb5f782170be9b7531ef5fd2fb7f1a71fb
Author: Andrea Righi
Date: Mon Apr 28 15:39:09 2014 -0600

fix build bugs introduced with e1d336

Signed-off-by: Andrea Righi

commit e1d3366ef6fcf531e74a1e1f65f0283b437e15d5
Author: Andrea Righi
Date: Mon Apr 28 15:01:02 2014 -0600

centos6-2.6.32-431.11.2.el6: apply cloakfs-v17
Add a cache to speed up cloak_list_loookup() even more.

Signed-off-by: Andrea Righi

commit e7b82350a14144cc35d59b467ca34824554d5be9
Author: Andrea Righi
Date: Mon Apr 28 14:46:31 2014 -0600

klibgrp: pid_group notifier
Add a feature that allows to detect when groups configuration changes.
Other components can register a callback that will be executed every
time a new group is added or removed.
This is mostly used to invalidate/refresh caches inside other
klibgrp-dependant components.

Signed-off-by: Andrea Righi

commit 71693243d693c87f50acd9ad6e41bdf39efb0bce
Author: Jerry James
Date: Mon Apr 28 11:45:38 2014 -0600 

Update the 3.4, 3.10, and 3.12 patch sets to the latest versions of
those kernels, requiring minor patch adjustments.

Signed-off-by: Jerry James

commit aa79320ff2dc4d0e79d228f1ffc4e590c625206d
Author: Jerry James 
Date: Mon Apr 28 11:45:00 2014 -0600

Port cloakfs-v16.patch to the Debian kernel patch set.

Signed-off-by: Jerry James

commit 8e63be19883176d687abd993dac8d5b5533e843f
Author: Andrea Righi
Date: Mon Apr 28 07:54:52 2014 -0600

kernel 3.4: apply cloakfs-v16
Improve performance of cloak_list_lookup() and cloak_list_lookup_file().

Signed-off-by: Andrea Righi

commit 6c97332ef791e17160e913e6f9f0c85abace34f6
Author: Andrea Righi
Date: Mon Apr 28 07:44:26 2014 -0600

kernel 3.12: apply cloakfs-v16
Improve performance of cloak_list_lookup() and cloak_list_lookup_file().

Signed-off-by: Andrea Righi

commit b5bfff9a5a2948db6e03a3dd28ee6c20ee15aae5
Author: Jerry James
Date: Fri Apr 25 11:11:29 2014 -0600

Cloakfs module: more CONFIG_COMPAT fixes.

Signed-off-by: Jerry James

commit b6188e88bb70110c18d1b19883784a29db81562c
Author: Andrea Righi 
Date: Fri Apr 25 19:08:45 2014 +0200

centos6-2.6.32-279.22.1.el6: apply cloakfs-v16
Improve performance of cloak_list_lookup() and cloak_list_lookup_file().

Signed-off-by: Andrea Righi

commit 7d61322cbab7eccaf5418734ed5ab042241a9e8a
Author: Andrea Righi
Date: Fri Apr 25 19:02:10 2014 +0200

centos6-2.6.32-358.23.2.el6: apply cloakfs-v16
Improve performance of cloak_list_lookup() and cloak_list_lookup_file().

Signed-off-by: Andrea Righi

commit 038394ab27817d110a2ce1c26385deef619b2641
Author: Jerry James
Date: Fri Apr 25 10:30:11 2014 -0600

Cloakfs module: move the CONFIG_COMPAT handling from cloakfs_gpl.c to
cloakfs.h to fix a build failure on 32-bit systems.


Signed-off-by: Jerry James

commit 37762ed8876c4fdf479e5f457be7c8cf405a59ed
Author: Andrea Righi
Date: Thu Apr 24 20:18:07 2014 +0200

centos6-2.6.32-431.11.2.el6: fix another build bug introduced with 7c4e64f


Signed-off-by: Andrea Righi

commit faaccd8ad62f2ffaf5d147256a506dfaec8b6f88
Author: Andrea Righi 
Date: Thu Apr 24 20:12:36 2014 +0200

centos6-2.6.32-431.11.2.el6: fix build bug introduced with 7c4e64f

Signed-off-by: Andrea Righi

commit 7c4e64f8fd9eeb35e74248ca02c98429028c4a6d
Author: Andrea Righi
Date: Thu Apr 24 20:00:04 2014 +0200

kernel centos6-2.6.32-431.11.2.el6: add cloakfs-v16
Improve performance of cloak_list_lookup() and cloak_list_lookup_file().

Signed-off-by: Andrea Righi

commit 1708a9e0e5a85ca268967441577a467dd915113a
Author: David
Date: Fri Apr 18 11:15:45 2014 -0600

New version of cloakfs patch (cloakfs-v15.patch)>

commit 6afdfbe2ea5633177a1d70e705e49f7e8872ff06
Author: David
Date: Thu Apr 17 15:41:31 2014 -0600

New version of cloakfs patch (cloakfs-v15.patch).
With improvements to cloakfs rule lookup.

commit bf469748e4a0b526103fa89f6308a79be118072b
Author: Andrea Righi
Date: Thu Apr 17 19:32:23 2014 +0200

restore 2.6.32 patch set

Signed-off-by: Andrea Righi

commit 2b6db748b12b15eeaaf6f628989682a8111d3236
Author: Andrea Righi
Date: Thu Apr 17 19:31:15 2014 +0200

cgroup-io-throttle: fix a potential vfs_read() hang issue

Signed-off-by: Andrea Righi

commit ab00e6afb87573167e4ea1366e4109dfc734705c
Author: Andrea Righi
Date: Thu Apr 17 11:09:36 2014 +0200

kernel 3.4: cgroup-io-throttle: fix typo

Signed-off-by: Andrea Righi

commit 8c15b71c8d332b5415d48b8568b15f0d3022859d
Author: Andrea Righi
Date: Wed Apr 16 18:16:51 2014 +0200

klibgrp: bump up version string

Signed-off-by: Andrea Righi

commit 243c1327705af0c08e5f90952034e144b7f36531
Author: Andrea Righi
Date: Wed Apr 16 15:03:50 2014 +0200

klibgrp: allow to define a custom hash function with bl_hlist hashes

Signed-off-by: Andrea Righi

commit d731dff3ea250643d17556e830b7798582a50641
Author: Andrea Righi
Date: Wed Apr 16 12:51:59 2014 +0200

klibgrp: speed up grp_from_name()
Speed up performance of grp_from_name using a hash list to perform
name -> group lookups.

Signed-off-by: Andrea Righi

commit 8d58091b1460c7230811aa6d2dfb57d3e55fa3ec
Author: Andrea Righi
Date: Wed Apr 16 12:14:44 2014 +0200

klibgrp: generalize the hlist module
Generalize the hlist implemention to support hash lists of generic items
(numbers, strings, pointers, etc.).

Signed-off-by: Andrea Righi

commit 1d3bf4dfa25321333ff5efd10439ca9ba653fc5e
Author: Andrea Righi
Date: Wed Apr 16 12:00:50 2014 +0200

klibgrp: fix a memory leak bug in pid_group

Signed-off-by: Andrea Righi

commit 251e1c8be7ab0011760f67f02e70199d5feb08b0
Author: David
Date: Tue Apr 15 15:02:01 2014 -0600

Use more data in cloakfs hash, going from 4 to 8 chars.

commit 88bc874728bdacc7ee9f85aec867d0d6be3b44e8
Author: Andrea Righi
Date: Wed Apr 9 15:04:26 2014 +0200

kernel 3.x: fix cloak_file redirection
Correctly redirect accesses of cloaked files to the target files into
the bl_cloak FUSE filesystem.
Also rebase all 3.x patches to the latest longerm kernels.

Signed-off-by: Andrea Righi

commit 40a186c3fb827b4cfe51995f7137581773a4d820
Author: Andrea Righi
Date: Fri Apr 4 14:59:18 2014 +0200

byok/configs: add a .config for 3.2.56

Signed-off-by: Andrea Righi

commit 3e363575c3e322d525fee14866353a5ed373957d
Author: Andrea Righi
Date: Fri Apr 4 14:57:20 2014 +0200

BYOK: configs: add some new kernels .config

Signed-off-by: Andrea Righi

commit 165f8df66df04408ee2415364b99b2fea8cfffef
Author: Andrea Righi
Date: Fri Apr 4 13:07:27 2014 +0200

drop kernel 2.6.32.61-grsec

Signed-off-by: Andrea Righi

commit 320538a5153db1f792b9c333c1b60081f42b3f1b
Author: Andrea Righi
Date: Fri Apr 4 13:06:32 2014 +0200

cgroup-io-throttle-v6.20: correctly throttle mmap and splice I/O

Signed-off-by: Andrea Righi

commit 67f60506172e4c4912dc9b746270c92f8492f256
Author: Andrea Righi
Date: Fri Apr 4 01:35:42 2014 +0200

3.12: fix a soft lockup bug in cgroup-io-throttle-v6.20
This bug has been added in hierarcy cgroup iterations while porting the
patch to 3.12.

Fix by using proper iteration loops.

Signed-off-by: Andrea Righi

commit 877befd67f78f5321427b842aad7f9f158ecbb99
Author: Andrea Righi 
Date: Thu Apr 3 22:32:08 2014 +0200 

3.2: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi 

commit 740e18494e87897d764ed195f76326e46820ad64
Author: Andrea Righi
Date: Thu Apr 3 22:52:11 2014 +0200 

3.10: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi 

commit 1627114392f79e36e4487c26dc8561af343412c7
Author: Andrea Righi
Date: Thu Apr 3 22:21:58 2014 +0200

3.12: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi 

commit 02aad65e946d4fbccdc48db817b284af82c158b3
Author: Andrea Righi
Date: Thu Apr 3 22:13:50 2014 +0200

3.4: remove old patch cgroup-io-throttle-v6.19

Signed-off-by: Andrea Righi

commit 92f4d70721eba8954722c08a7a43cbd2e5b3cfab
Author: Andrea Righi
Date: Thu Apr 3 22:01:20 2014 +0200

3.4: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi

commit 473967c789b16a46d0c8ae3895f0453bcda58096
Author: Andrea Righi
Date: Thu Apr 3 22:09:12 2014 +0200

centos6-2.6.32-431.11.2.el6: fix a build bug

Signed-off-by: Andrea Righi

commit 6078ac67f1686554aff911bad36640f97683572a
Author: Andrea Righi
Date: Thu Apr 3 21:21:02 2014 +0200

centos6-2.6.32-279.22.1.el6: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi 

commit 5854ed4c69f3c12c87a693acf9887e8ca1844373
Author: Andrea Righi
Date: Thu Apr 3 21:12:20 2014 +0200

centos6-2.6.32-358.23.2.el6: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi

commit 2bc81ffe5850211a6db489a74e7855fdb74ed725
Author: Andrea Righi
Date: Thu Apr 3 20:58:41 2014 +0200

centos6-2.6.32-431.11.2.el6: update cgroup-io-throttle to v6.20
Push READ throttling up to VFS layer to avoid priority inversion issues.

Signed-off-by: Andrea Righi

commit 10dd1c3655eadfce30a134f3dbf2a929ffadc0cf
Author: Andrea Righi
Date: Tue Apr 1 13:22:10 2014 +0200

cloakfs: fix NULL pointer dereference with kernel 3.12
In bl_getdents() we need to use bl_filldir() to fill the
bl_getdents_callback buffer, instead of bl_fillonedir, otherwise we may
get some NULL pointer dereference bugs.
Fix by using the correct filler function.

Signed-off-by: Andrea Righi

commit 3f869a760a2e939857b667a0833b50bb52132cf5
Author: Andrea Righi
Date: Mon Mar 31 15:48:36 2014 +0200

cloakfs: fix missing include

Signed-off-by: Andrea Righi

commit 67bde50e584dc9a7345708c7f1a80f5231afd737
Author: Andrea Righi
Date: Fri Mar 28 21:10:17 2014 +0100

cloakfs: code refactoring to support kernels >= 3.12

Signed-off-by: Andrea Righi

commit fa2a1c16535ef7d68b20d6a03a36b5f1c23309c9
Author: Jerry James
Date: Fri Mar 28 08:36:34 2014 -0600

Remove CONFIG_CGROUP_UID=y from our configuration additions, now that
the cgroup-uid patch is gone.

Signed-off-by: Jerry James

commit 485418f8a06f3a78d8da39231d082f4a682884a7
Author: Jerry James
Date: Wed Mar 26 08:55:08 2014 -0600

Port our CentOS 6.5 patches to kernel-2.6.32-431.11.2.el6.

Signed-off-by: Jerry James

commit 4a6f7ec62be2ca95da577ab40b777b96a59c6f41
Author: Jerry James 
Date: Fri Mar 21 14:18:15 2014 -0600

Remove the cgroup-uid patch from the CentOS 7 patchset.

Signed-off-by: Jerry James 

commit abb8a244bffc4deb2e17d2834a7fcb55aa9f490e
Author: Jerry James
Date: Fri Mar 21 14:15:11 2014 -0600 

Update the CentOS 6.4 patchset series file to reflect the removal of
the cgroup-uid patch.

Signed-off-by: Jerry James <jamesjer@betterlinux.com.

commit 298318d7c5282ef457536b7d9907fef6d8a14fdd
Author: Jerry James
Date: Fri Mar 21 11:19:59 2014 -0600

Remove the cgroup-uid patch from the 3.2 patch set.

Signed-off-by: Jerry James

 



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article

Also Read
1.0.2-3 Release Notes (Views: 1427)
1.1.4-1 Release Notes (Views: 1612)
1.1.8-1 Release Notes (Views: 1490)
1.2.6-2 Release Notes (Views: 1256)
1.2.4-1 Release Notes (Views: 1313)

Copyright © 2011 BetterLinux.com. All rights reserved.