Hitachi NAS Platform 14.5.7413.01 Release Notes
About this document
This document (RN-92HNAS056-00, December 2022) provides late-breaking information about NAS Platform 14.5. It includes information that was not available at the time the technical documentation for this product was published, as well as a list of known problems and solutions.
Intended audience
This document is intended for customers and Hitachi Vantara partners who license and use NAS Platform.
Accessing product documentation
Product user documentation is available on the Hitachi Vantara Support Website: https://knowledge.hitachivantara.com/Documents. Check this site for the most current documentation, including important updates that may have been made after the release of the product.
Accessing product downloads
Product software, drivers, and firmware downloads are available on the Hitachi Vantara Support Website: https://support.hitachivantara.com/.
Log in and select Product Downloads to access the most current downloads, including important updates that may have been made after the release of the product.
About this release
This release is a minor release that adds features and resolves multiple known problems.
The specific build is server update (SU) 14.5.7413.01, and system management unit (SMU) 14.5.7413.01.
NAS operating system, which includes server update 14.5.7413.01 and SMU 14.5.7413.01, supports the following models:
· Hitachi NAS Platform 5200, 5300
· Hitachi NAS Platform 4040, 4060, 4080, 4100
The topics in this document could also be relevant to VSP F/G Series (running SVOS 7.4.0), and VSP N Series (running SVOS 7.4.1), by taking note of the NAS module version.
| Note: When upgrading to 14.5, it is advisable to refer to the corresponding release notes of each intervening version to be aware of any new features, special notes and considerations. |
Document history
| Revision | Description |
| 92HNAS056-00 | Initial release of SU version 14.5.7413.01 |
New features
This section describes the key features in version 14.5, and other recently released features. Please refer to the NAS user guides for details on using these features.
For features introduced after the initial 14.5 release, which may not be covered in the published guides, documentation amendments can be found on the Additional Notes page. This page is linked to from the main NAS Platform documentation page (https://knowledge.hitachivantara.com/Documents/Storage/NAS_Platform).
File system packing
First available in 14.5.7413.01, where HNAS 5000 series servers support file system packing but only on newly formatted file systems.
This feature reduces the amount of disk space required for storing a particular class of file system metadata (specifically inodes) and small files. The amount of saved space is included as “Reduction“ in the “df“ CLI command output, in a column previously used by, and now shared with, deduplication.
It will not be possible to mount a packed file system on any other shipping type of Hitachi NAS product or on an HNAS 5000 series running a release below 14.5. As mounting may happen automatically on boot and, in a cluster with existing file systems, downgrading may be required for other reasons, it is advised, at this time, to enable packing only for test data, for example a replica of production data. Object replication to a packed file system from an unpacked file system will allow an assessment of the saving.
To activate the feature, issue the supervisor-level CLI command "set enable-fs-packing-on-format true". This acts cluster-wide and takes immediate effect. The setting is persistent across reboots but it is recommended to "unset enable-fs-packing-on-format" after creating the desired file systems.
Native REST API
First available in 14.4.7322.05
HNAS native REST API version increased to v8, which adds the ability to manage more functional areas of the HNAS product. v7 is retained and still supported via both the legacy and native APIs - the native API should be used in preference to the legacy API.
Support for 8 node clustering for HNAS 5300
First available in 14.3.7221.03
Support has now been added for 8 node clusters on HNAS 5300.
NDMP direct-attach tape support for HNAS 5200 / 5300
First available in 14.2.7117.05
HNAS 5200/5300 now has the provision to attach tape drives, for NDMP backup.
Hitachi NAS add-ons
There are several add-ins available for use with Hitachi NAS, as noted here.
The downloads can all be found by following section "Accessing product downloads" and navigating to "Hardware Download", "NAS Platform", and then selecting "Add-ons".
The documentation can be found on the "Solutions and Best Practices" page, which is linked from the main NAS Platform documentation page (https://knowledge.hitachivantara.com/Documents/Storage/NAS_Platform).
HNAS CSI Driver for Kubernetes
Version 1.2.0 (October 2022) - works with NAS 13.3 or later
The Hitachi NAS Container Storage Interface (CSI) Driver is a software component with libraries, settings, and commands that can be used to create persistent storage for containers. It enables the stateful applications to persist and maintain data after the life cycle of the container has ended. The Hitachi NAS CSI Driver provides persistent volumes on Hitachi NAS server platforms (Hitachi NAS platform and NAS module) and is able to clone those volumes and take snapshots of them.
As the driver relies on the ability for containers/pods to access HNAS NFS exports, it can only be used on Linux based systems. This driver requires Kubernetes 1.20 or higher.
Version 1.00 (August 2020) still works, and can work with older Kubernetes versions, but contains less functionality.
Hitachi NAS Modules for Red Hat® Ansible®
Version 1.1.0 (September 2021) - works with NAS 13.5 or later
Hitachi NAS Modules for Red Hat® Ansible® allow IT and data center administrators to automate and manage some of the configuration of Hitachi NAS systems. An administrator can create playbooks together with logic and other Ansible modules to automate complex tasks. Administrators can filter, sort and group the information by piping the output from one module to another. Tasks are executed by running simple playbooks written in yaml syntax.
These modules require Ansible 2.9 or higher.
HNAS docker volume plugin
Version 1.00 (December 2019) - works with NAS 13.2 or later
The NAS server platform (Hitachi NAS platform and NAS module) can be used to provide remote storage for container images running within Docker.
As the plugin relies on the ability for containers to mount HNAS NFS exports, it can only be used on Linux-based systems.
The plugin is supported on Docker version 18 and newer and currently only on stand-alone systems, rather than clusters/docker swarm.
ELK integration for HNAS
Version 1.00 (September 2019)
The NAS server platform (Hitachi NAS platform and NAS module) can be integrated with Elasticsearch. Alert and audit logs can be collected, and then analyzed using Kibana, which helps to visualize data.
Elasticsearch is commonly referred to as the ELK stack or Elastic stack, which refers to Elasticsearch and associated components, which reliably and securely take data from any source, in any format, and search, analyze, and visualize it in real-time.
Splunk add-on for HNAS
Version 1.00 (November 2018)
The NAS server platform (Hitachi NAS platform and NAS module) can be integrated with Splunk®. Splunk can be configured to collect alert logs, audit log events, and gather statistics about the NAS server system performance.
Special notes on current NAS releases
Virus Scanning and SMB2 Lease Break Interaction
In some circumstances, SMB2 clients will ignore lease break requests. When a lease break initiated by a virus scan is ignored, SMB2 clients can experience delays in opening files.
A configuration option has been provided to avoid these delays by preventing virus scanning appliances from causing some lease breaks.
The configuration option - "allow-virus-scanner-to-break-oplocks" - should be set to "false" in the appropriate EVS security context in order to enable the newly-implemented behaviour.
Access of files on the HNAS via SMB2 from the virus scanning appliance must be limited to the virus scanner service when the HNAS has this configuration enabled.
| Note: When changing configuration options, it's often important to consider the EVS security context the change will apply to. Please review the " |
Configuring external migration targets
Not specific to this release, but reiterating the need for adequate backup planning.
| Caution: Care should be taken when configuring systems with a single migration destination for both replication source and target (known as a triangular arrangement). Such arrangements should not be considered a good solution in any disaster recovery (DR) or backup scenario, as there is only a single copy of the user data pointed to by XVLs at each end of the replication policy. |
Deduplication support for Object Replication Targets
Deduplication is supported on Object Replication target file systems, from release 13.6.
| Note: If, before 13.6.6016.05, a filesystem was created to support dedupe and it was later used as a replication target, there will be implications when upgrading to 13.6.6016.05 or later. In this case, deduplication of the replication target will start automatically without any additional action on the user's part. |
In order to avoid this happening, deduplication should be disabled, per filesystem, before upgrading and remain off after the upgrade.
NFS over UDP
If NFS over UDP is enabled, frequent warning messages are displayed on the console and in the dblog. As a workaround, disable UDP. Note that the messages will persist until the clients are remounted.
| Note: Using NFS over UDP has inherent risks and is not recommended. |
Group Augmentation changes
A change in 13.5.5527.02 changed the format of the output that create-group-table-from-active-directory.rb presented to any customized massage-commands-for-managed-servers script.
Suppose a customized massage-commands-for-managed-servers script is used to check the output against a whitelist. In that case, groups will likely be incorrectly excluded, and their old definitions will continue to be used by HNAS indefinitely. In this instance, it is best to transform the whitelist to suit the output after the upgrade.
HDRS versions
Version 4.x - VSP F/G/Nx00 platforms only.
· CentOS Stream 8 will be supported by HDRS v4.3.
· A change in 13.8 necessitates that any instances of HDRS in use must be upgraded to at least v4.x.
· Please do not upgrade the SMU software to 13.9.6628 or later on the VSP F/G/Nx00 platforms, or install a net new GEfN solution on this platform until HDRS v4.2 or later is installed.
Version 5.x - HNAS 5000 series platforms only.
· CentOS Stream 8 is not supported.
· Existing deployments must be migrated to 6.x.
· See the HDRS 6.x Release Notes for more details on migration procedure.
Version 6.x - HNAS 5000 series platforms only.
· CentOS Stream 8 is required.
· For existing deployments, see HDRS 6.x Release Notes for more details on migration procedure.
· A change in SMU version 14.4 involves a Python library update which requires HDRS 6.1.1 to complete. HDRS 6.1.1 new installs require SMU version 14.4 or greater.
· In existing HDRS installs the recommended sequence is as follows: (1) update SMU version first, then (2) update HDRS to 6.1.1. Please read the HDRS 6.1.1 Release Notes for more information.
HNAS 5000 series GEfN
GEfN
GEfN
HNAS 5200/5300 clustering
There was a restriction for HNAS 5200/5300 in version 13.9.6420 to limit the cluster size to 2 nodes.
Version 13.9.6628.07 introduces support for 4-node clusters on HNAS 5200/5300.
Version 14.3.7221.03 introduces support for 8-node clusters on HNAS 5300.
| Note: For data availability, clustering in a production environment is required. |
Script output on HNAS 5200/5300
Due to a change in operating system behaviour, on Debian 10 (Buster) based systems such as HNAS 5200/5300, some scripts' output on invocation might not be displayed on the current console. The output can still be found by reviewing the syslog or using the journalctl command.
DSA host keys for SSH access
Since 13.9.6918.02, the HNAS 3000 and 4000 series and the VSP-F/G platforms no longer allow the ssh-dss host key algorithm (i.e., use of the DSA host key).
SMU support for CentOS Stream 8
Since 13.9.6918.05, a virtual SMU can be deployed on the CentOS Stream 8 operating system. Use version 3.0 of the Hyper-V or VMware template in order to create a virtual SMU based on CentOS Stream 8.
From 14.4.7322.04 onwards, a regular warning event will be generated when using the older CentOS 6 SMU, prompting for an upgrade to CentOS Stream 8.
A standard upgrade of an earlier virtual SMU to version 13.9.6918.05 or later will not upgrade the operating system version. To upgrade an existing CentOS 6 SMU to run on CentOS Stream 8, while preserving the existing network address, it is necessary to deploy a new virtual SMU, using the CentOS Stream 8 OVA (SMU-OS-3.0.iso), and migrate the settings from the existing SMU to the new one by performing a backup and restore.
More details can be found in the Virtual SMU Administration Guide MK-92HNAS074.
| Note: Both CentOS 6.2 and CentOS Stream 8 are supported in this version. |
| Note: CentOS Stream 8 is only supported on… VSP F/G/Nx00 platforms: HDRS v4.3 onwards HNAS 5000 series platforms: HDRS v6.1.01 onwards |
Notes on installing, upgrading, and downgrading
Notes on this release include:
· NAS platform models 4040 / 4060 have cluster support for up to two nodes.
· NAS platform models 4080 / 5200 have cluster support for up to four nodes.
· NAS platform models 4100 / 5300 have cluster support for up to eight nodes.
· The NAS Manager for the SMU uses cookies and sessions to remember user selections on various pages. Therefore, open only one web browser window, or tab, to the SMU from any given workstation.
| Note: When upgrading, remember to remove any avoidances already implemented for defects that have been fixed in intermediate releases (i.e. check for the presence of, and the contents of, startup.scr file for old defects that have since been fixed.) |
Performing a rolling upgrade from older versions of HNAS
If upgrading from earlier versions of HNAS, note that there are critical steps which must be followed in a precise sequence to correctly upgrade to version 14.5. Refer to the corresponding release notes of each earlier version for details on rolling upgrades. Additionally, consult with an Hitachi Vantara representative for assistance in upgrading from earlier versions of HNAS.
| Note: For Rolling Upgrades, the latest version of any major code release will be able to roll to any version in the following major code release. As an example, a Rolling Upgrade can be performed from the latest 13.x code release to any version in the 14.x major code release without any intermediate code steps. |
| Caution: If upgrading from versions earlier than version 13.3, an additional step to version 13.6.6016.05 must be performed first, before upgrading to version 13.7.6233.01 or later. This is no longer necessary when upgrading to version 13.9.6815.02 or later. |
| Note: NVRAM mirroring will be suspended during the time that the cluster is on different models of servers. |
Please refer to FE-92HNAS050 when planning a hardware rolling upgrade from HNAS 30x0 / 4xx0 to HNAS 5200 / 5300.
| Note: When upgrading from a 4100 to a 5000 proper planning must be in place and followed, as there has been a change in capacity licensing. |
| Note: When using Hitachi Operations Center, the HNAS 5000 series cannot be on-boarded into Analyzer. This is not an HNAS product issue - HOC Analyzer will fully support the HNAS 5000 series in a future release. In the interim, please contact product support for any potential work around until HNAS 5000 series is fully supported in HOC Analyzer. |
File-based replication between different HNAS software levels
The ability to replicate between systems is determined by the version of the Software that is running on those systems. The model number of the server is not a factor for interoperability for replication purposes. If both the destination and target servers are running the same major software version (for example, 13.x), replication as "managed servers" is fully supported, but not recommended as this has repercussions when implementing HRO reporting. If the destination and target servers are running different major software versions (for example, 13.x to 14.x), one of the servers is configured as an "unmanaged" server. Replication continues to be fully supported within the constraints of replication between managed and unmanaged servers.
Object-based replication between different HNAS software levels
Object replication was first introduced in HNAS software v8.0 and has been improved with each release. For example, version 10.1 was enhanced so that objects maintained their sparseness during incremental replication. Version 11.1 can preserve file clone states during replication. To ensure interoperability, feature flags are negotiated when object replication occurs between servers running at different version levels.
Object replication between servers is supported up to one major version away. For example, object replication between version 13.x and 14.x is supported.
| Note: Object replication between servers with more than one major release difference may work (for example, between version 12.x and v14.x) – but this is not supported. |
| Note: When set to transfer XVLs as links, both source and target systems involved in the replication relationship must be running HNAS release v13.4 or later. |
Important considerations to read before installation
Please read the following sections before installing and using 14.5.
Special consideration should be taken when upgrading to the stated versions (or later) from an earlier version or planning a downgrade from the stated versions (or later) to an earlier version.
Changes in 13.0
· Support for WFS-1 is now completely removed. Before upgrading, the customer MUST migrate any WFS-1 filesystems to new WFS-2 filesystems, as WFS-1 filesystems cannot be mounted.
· NAS Storage Pools (spans) are now limited to 32 filesystems.
· 12.7.4221.07 is the lowest version of code to which a system can safely downgrade.
Changes in 13.2
· Support added for increasing the number of filesystems in a cluster must be considered when planning a downgrade to an earlier version if more than the previous default of 128 filesystems exist.
· Support for REST API v4 added while still supporting v3.
· 13.2.4527.04 introduced a new command, krb5-nfs-principal-format. If the setting is changed to (the non-default value of) "only-primary" for any EVS, this must be considered when planning a downgrade to an earlier version.
Changes in 13.5
· Support for REST API v7 was added, while still supporting v4, and deprecating v3.
The number of filesystems per span limit
By default, the number of filesystems created in any span is limited to 32.
If an existing span has more than 32 filesystems, the span and filesystems are fully supported after upgrading to 13.0 or later. However, it is impossible to create any additional filesystems on the span, until enough filesystems have been deleted to bring the total number below 32.
It is possible to increase this default value using the filesystem-create CLI command with the --exceed-safe-count option. This option must not be used when creating up to 32 filesystems. It must only be used when creating filesystems beyond the 32nd one.
| Note: This option is only available on the CLI. The NAS Manager does not permit the creation of more than 32 filesystems. |
For further information, see the File Services Administration Guide.
NFSv3 access during upgrade to 13.2 or later
When a cluster namespace (CNS) is used on an NFSv3 filesystem, a rolling upgrade to version 13.2 can cause longer transient delays for NFSv3 accesses than usual. Customers using ordinary filesystem exports or other protocols (including NFSv4) do not experience these additional delays.
| Note: This issue only affects the upgrade from a pre-13.2 release to a 13.2-or-later release. Future upgrades will not experience any additional transient delays from this issue. |
The technical issue
Typically, during a rolling upgrade, access to filesystems through NFSv3 and CNS is available while EVSs are migrated between cluster nodes so each node can be upgraded. Clients can connect to an EVS on a node running older software and access filesystems belonging to an EVS on a node running newer Software (or the other way around) because the NAS server uses a stable message format when forwarding the requests.
Software version 13.2 supports an increased number of filesystems and, to provide this feature, modifies the message formats used to support CNS in a way that is incompatible with earlier releases.
During this rolling upgrade, clients cannot access filesystems that are hosted on a node running a different version of Software to the currently connected node. As soon as the EVSs are migrated onto nodes running the same version of Software, the clients can regain access to those filesystems.
Workaround
For 2-node clusters (including NAS Modules), follow the usual upgrade procedure. After the first node has been upgraded, and while EVSs are being migrated between the nodes, there is a longer interruption to client access than usual. The interruption ends as soon as all EVSs are migrated to the upgraded node. When the second node has been upgraded, the only disruption is from normal EVS migrations.
For clusters with three or more nodes, there could be a longer period when EVSs are hosted on nodes running different software versions. For these cases, use manual migrations to move all EVSs to nodes running the same software version. This minimizes the period during which the clients cannot access all filesystems.
For details of the manual migration process, or for upgrade procedures, please contact Customer Support.
SMU, server, and cluster compatibility
These release notes highlight SMU release version 14.5.7413.01.
The version of SMU should always be equal to, or newer than, the version of the server / cluster being managed. The closest available one should be used in the rare situation where such an SMU build is not released.
Since SMU 13.9.6918.05, the following hypervisor images are supported for a virtual SMU
· Hyper-V: Virtual SMU OS 2.2 or 3.0
· VMware: Virtual SMU OS OVA 2.1, 2.2 or 3.0
· Use the 3.0 version to deploy a virtual SMU on CentOS Stream 8 instead of on CentOS 6.
| Note: In addition to the VMware player, the virtual SMU (vSMU) is also compatible with the free version of ESXi. |
| Note: VMware vSphere 6.5 and 6.7 have been set to EOS by VMware and so vSphere 7.0 is the recommended version to use |
From SMU 12.7, a virtual SMU can support up to ten (10) servers/clusters. The VM's resources must be increased for the vSMU to manage more than two (2) entities from a virtual SMU. One (1) GB memory and one (1) virtual CPU are required per entity. An entity is defined as a single node or a cluster of nodes.
Licensing
New license keys are typically firmware-version specific. Upon upgrading the firmware to this release, all previous licenses on the system will remain in force.
Licensing as it pertains to node replacements
Clustered Node Replacement: Once the NAS cluster has been built, the Cluster MAC-ID will not change regardless of which node in the cluster needs to be replaced, so there will not be any reason to request new license keys when replacing a node in a cluster.
Single Node Replacement: When a single node must be replaced, the original license keys will not be valid on the new node. Contact TBkeys to transfer the license keys to the replacement node and issue a new permanent license. Provide TBKeys with the original Node's MAC-ID and the Replacement node's MAC-ID.
To request upgrade keys
When ordering license keys for new, licensed features, note that:
· The customer will purchase new features with a sale price per standard Hitachi Vantara channel policies and procedures.
· Non-sale feature requests will be routed based on server branding until the relicensing process has been fully integrated.
· Hitachi Vantara Server Request Routing
o The emailed request shall include the following information:
- Customer Name
- MAC-ID of the HNAS Unit (the MAC-ID format is XX-XX-XX-XX-XX-XX), the serial # is not needed or acceptable to issue new keys.
- If the standard upgrade procedures have not been followed, indicate details of the current situation and if a new full set of keys is required. Also, if the server is part of a cluster, please indicate if the MAC-ID is a "Primary" server of the cluster and how many units are in the cluster.
o All permanent upgrade key requests will be handled by way of email sent to TBKeys@hitachivantara.com. Turnaround time on all requests is targeted within 24 hours. Standard working hours for this distribution list (dlist) are 8am to 5pm Pacific Standard Time. See below for emergency situations.
o Should emergency upgrade keys be required, email gsckeys@hitachivantara.com and contact the Hitachi Vantara Call Centers to escalate the request.
o An email to TBKeys@hitachivantara.com should also be sent to receive updated permanent keys.
Fixes and enhancements in version 14.5
| Note: When upgrading, remember to remove any avoidances already implemented for defects fixed in intermediate releases (i.e. check for the presence of, and the contents of,startup.scr file for old defects that have since been corrected.) |
Version 14.5.7413.01
| Issue ID | Severity | Description |
| D153197 | B | The SMU, external and embedded, has been updated to replace a component that would appear, to vulnerability scanners, to be at risk of CVE-2022-42889 "Text4shell", though the SMU code did not use it in a vulnerable way. |
| D39032 | C | Added two new configuration bits to fix a stability issue when running out of network buffers |
| D124015 | C | Fix an instability when overwhelmed by ARP packets in a network "storm" |
| D129774 | C | Fixed a stability issue which could be caused by cancelling an SMB2 lock under certain rare conditions. |
| D148384 | C | Improved resilience when unable to allocate enough memory for LDAP. |
| D151964 | C | Added two new configuration bits to fix a stability issue when running out of network buffers |
| D152619 | C | Improved Data Migrator to Cloud logging for the situations when CloudGateway is not responsive |
| D152712 | C | Deal more robustly with Fibre Channel aborts being interrupted by port logout |
| D152979 | C | Upgraded LDAP support libraries. |
| D153127 | C | ca-certificates has been upgraded on VSP-G/F models, removing 70 certificates and adding 54, including DigiCert Global Root G2 now in use by Microsoft Azure, replacing Baltimore CyberTrust Root. |
| D153167 | C | Eliminate a rare stability issue that could occur under conditions of storage connectivity trauma. |
| D153281 | C | When attempting to syslock or unsyslock a filesystem using the REST API, if the admin vnode is hosted on a different cluster node to the vnode hosting the filesystem, then the REST API call will fail. |
| D153525 | C | Return NFS4ERR_RESOURCE error in the case when there is more than one WRITE operation within a NFSv4.0 COMPOUND. |
| D83856 | D | Allows domain objects to be added to file security via windows explorer from a client machine whose domain membership is not the same as HNAS. |
| D151215 | D | Java has been updated to version 8u342-b07, addressing vulnerabilities up to and including those disclosed in https://openjdk.java.net/groups/vuln...ies/2022-07-19, which calls out CVE-2022-34169, CVE-2022-21541, CVE-2022-21540. |
| D151992 | D | Apache Tomcat upgraded to 9.0.65 on the SMU to avoid vulnerability CVE-2022-34305 |
| D152391 | D | The SMU upgrade script now uses a different method for checking for sufficient disk space, by testing /opt specifically rather than trying to identify the primary disk partition. |
| D152501 | D | Clarify that multiple references occur in a reference counted bitmap through fs packing as well as dedupe. |
| D152507 | D | Misaligned onode pointers can now have their data dumped by checkfs, rather than being treated as if their data were zeroed. |
| D152689 | D | A CentOS Stream 8 SMU should now behave like a CentOS 6 one in forwarding emails from any private network. |
| D152771 | D | Improved behavior of synchronous dedupe-queue-add cli command |
| D152772 | D | Suppress and rate limit messages of the form "NET_PHYS Received a broadcast packet that is longer than we can handle..." that may be recorded in the syslog. |
| D152815 | D | When creating a new filesystem via the REST API, both the storage pool ID or the storage pool object ID should be accepted, but the object ID was being rejected due to an incorrect length check when validating the parameter. |
| D152882 | D | The following OS vulnerabilities in the Debian Buster HNAS 5000 series have been patched: bind9-host, dnsutils, libbind9-161, libdns1104, libdns-export1104, libirs161, libisc1100, libisccc161, libisccfg163 , libisc-export1100, liblwres161 (DLA-3138-1) - Several vulnerabilities were discovered in BIND, a DNS server implementation (CVE-2022-2795, CVE-2022-38177, CVE-2022-38178) bzip2 dbus, libbz2-1.0 (DLA-3112-1) - Fixes bzdiff when using it with two compressed files & support for large files on 32 bit systems (Debian Bug reports: 944557 & 965309) dbus, libdbus-1-3 (DLA-3142-1) - Multiple vulnerabilities in D-Bus, a simple interprocess messaging system, which may result in denial of service by an authenticated user (CVE-2022-42010, CVE-2022-42011, CVE-2022-42012) isc-dhcp-client, isc-dhcp-common (DLA-3146-1) - Several vulnerabilities have been discovered in the ISC DHCP client, relay and server (CVE-2022-2928, CVE-2022-2929) libexpat1 (DLA-3119-1) - Fixes heap use-after-free vulnerability which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed (CVE-2022-40674) libglib2.0-0, libglib2.0-data (DLA-3110-1) - Fixes an information disclosure vulnerability in GLib, a general-purpose portable utility library (CVE-2021-3800) libhttp-daemon-perl (DLA-3127-1) - Due to insufficient Content-Length: handling in HTTP-header an attacker could gain privileged access to APIs or poison intermediate caches (CVE-2022-31081) libmariadb3, mariadb-common (DLA-3114-1, DLA-3114-2) - Multiple issues in the MariaDB database server (CVE-2021-46669, CVE-2022-21427, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27383, CVE-2022-27384, CVE-2022-27386, CVE-2022-27387, CVE-2022-27445, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27452, CVE-2022-27456, CVE-2022-27458, CVE-2022-32083, CVE-2022-32084, CVE-2022-32085, CVE-2022-32087, CVE-2022-32088, CVE-2022-32091, CVE-2022-38791) tzdata (DLA-3134-1) - Update includes the changes in tzdata 2022d unzip (DLA-3118-1) - Fixes to resolve potential denial of service or execution of arbitrary code (CVE-2022-0529, CVE-2022-0530) |
| D152930 | D | Add support for the FTLF8529P5BCV-QM SFP to be used with fibre-channel ports. |
| D152969 | D | Search for a hostname in a NIS netgroup is now more efficient and requires less heap memory. Also, a wildcard match for the hostname is now supported. |
| D153114 | D | Version 8 of the REST API has been increased to v8.0.1. This change adds some extra attributes to a few of the returned objects, but no new API calls. |
| D150696 | E | A divergence from the SMB2 specification in the area of lease epoch handling has been corrected. |
| D151788 | E | Minor enhancement to authentication failure message in the PAPI server log. |
| D152150 | E | Add question "Configure private network (eth1) IPv4 address? [y/n]" to smu-config SMU script. This way we can supply default values on rerun in the same way to all the other parameters. |
| D152703 | E | Improved logging when queueing dedupe jobs. |
| D152799 | E | Collect temperature and power-consumption data on HNAS 5000 systems. |
| D152822 | E | Improved the clean up done during an smu-uninstall on an embedded SMU. |
| D152825 | E | The Linux tzdata package on the CentOS Stream 8 external SMU has been updated to 2022c. |
| D152878 | E | Rotate historical power and temperature log files on HNAS 5000 systems |
| D152910 | E | Enhancements made to getdiagnostic to collect additional PSU related information where supported by appropriate hardware |
| D152980 | E | CentOS 6 SMUs deliberately get tzdata updates once again. |
New, modified, and deleted CLI commands
See the NAS man pages for details on the new commands.
New commands
None
Modified commands
check-objstore :
New --verbose option can be specified to check-objstore. If the command encounters an invalid onode in the onode tree of an object, the verbose option causes it to display all the onodes in the path from the invalid onode back to the root leaf onode.
checkfs :
"Deduped blocks" string in the output of the checkfs command has been changed to "Reduced blocks" to represent that these blocks may include deduped and/or packed blocks.
dsb :
"DedupedBlocksInUse", "DedupedBlocksInTier0" and "DedupedBlocksInTier1" strings in the output of the dsb command have been changed to "ReducedBlocksInUse", "ReducedBlocksInTier0" and "ReducedBlocksInTier1" respectively to represent that the count may include deduped and/or packed blocks.
fs-dedupe-status-get :
"Deduped data" string in the output of fs-dedupe-status-get command has been changed to "Reduction" to represent both dedupe and packing savings.
fs-packing-show :
The fs-packing-show command was promoted to a supervisor level.
hexdump :
The hexdump filter gains a --no-symbols switch to suppress the decoding of (apparent) pointers, which can be helpful, especially in combination with the existing -v and, less convincingly, -t switches, when scripting modification of the hex.
Deleted commands
None
Copyrights and licenses
© 2022 Hitachi Vantara LLC. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including copying and recording, or stored in a database or retrieval system for commercial purposes without the express written permission of Hitachi, Ltd., or Hitachi Vantara LLC (collectively "Hitachi"). Licensee may make copies of the Materials provided that any such copy is: (i) created as an essential step in utilization of the Software as licensed and is used in no other manner; or (ii) used for archival purposes. Licensee may not make any other copies of the Materials. "Materials" mean text, data, photographs, graphics, audio, video and documents.
Hitachi reserves the right to make changes to this Material at any time without notice and assumes no responsibility for its use. The Materials contain the most current information available at the time of publication.
Some of the features described in the Materials might not be currently available. Refer to the most recent product announcement for information about feature and product availability, or contact Hitachi Vantara LLC at https://support.hitachivantara.com/e...ontact-us.html.
Notice: Hitachi products and services can be ordered only under the terms and conditions of the applicable Hitachi agreements. The use of Hitachi products is governed by the terms of your agreements with Hitachi Vantara LLC.
By using this software, you agree that you are responsible for:
1) Acquiring the relevant consents as may be required under local privacy laws or otherwise from authorized employees and other individuals; and
2) Verifying that your data continues to be held, retrieved, deleted, or otherwise processed in accordance with relevant laws.
Notice on Export Controls. The technical data and technology inherent in this Document may be subject to U.S. export control laws, including the U.S. Export Administration Act and its associated regulations, and may be subject to export or import regulations in other countries. Reader agrees to comply strictly with all such regulations and acknowledges that Reader has the responsibility to obtain licenses to export, re-export, or import the Document and any Compliant Products.
Hitachi and Lumada are trademarks or registered trademarks of Hitachi, Ltd., in the United States and other countries.
AIX, AS/400e, DB2, Domino, DS6000, DS8000, Enterprise Storage Server, eServer, FICON, FlashCopy, GDPS, HyperSwap, IBM, Lotus, MVS, OS/390, PowerHA, PowerPC, RS/6000, S/390, System z9, System z10, Tivoli, z/OS, z9, z10, z13, z14, z/VM, and z/VSE are registered trademarks or trademarks of International Business Machines Corporation.
Active Directory, ActiveX, Bing, Excel, Hyper-V, Internet Explorer, the Internet Explorer logo, Microsoft, Microsoft Edge, the Microsoft corporate logo, the Microsoft Edge logo, MS-DOS, Outlook, PowerPoint, SharePoint, Silverlight, SmartScreen, SQL Server, Visual Basic, Visual C++, Visual Studio, Windows, the Windows logo, Windows Azure, Windows PowerShell, Windows Server, the Windows start button, and Windows Vista are registered trademarks or trademarks of Microsoft Corporation. Microsoft product screen shots are reprinted with permission from Microsoft Corporation.
All other trademarks, service marks, and company names in this document or website are properties of their respective owners.
Copyright and license information for third-party and open source software used in Hitachi Vantara products can be found in the product documentation, at https://www.hitachivantara.com/en-us...any/legal.html or https://knowledge.hitachivantara.com...ource_Software.