NEWS

16.08.3
==========
* Perform volume mount realpath() and lstat() verfication with user privileges,
  to ensure user has access to content at container construction time
* Add shifter_realpath() to calculate user volume mount paths relative to
  alternate root (accounts for symlinks that might inadvertently (or
  intentionally) try to pull user volume mounts out of the container.
* Fix buffer overrun in volume map flag parsing code
* Clean up clang & coverity-found issues
* Improve error handling in shifter core logic
* Improve shifter imagegw logging
* Address pylint-found errors (a few minor bugs)

16.08.2
===========
* Fix slurm tests (was missing some build options) and clear up some warnings
* Fix errant xfs dependency in tests
* Force user-level sshd to get group identities from external environment
* Add additional checks to ensure bind mounts stay within approved paths and
  validate that mount points are directories better

16.08.1
===========
* Fixed bug in user volume mount flag parsing that could segfault
* Fixed bug that could cause group file filtration to assign incorrect gid,
  potentially security issue if sshd_config was modified away from shifter
  defaults
* Fixed bug that caused PATH to be searched incorrectly
* Fixed issue with user volume mounts able to traverse relative paths
  inappropriately
* Fixed bug that confused SHIFTER_VOLUME environment variable with shifter
  command line arguments
* Performance and functionality improvements in docker image conversion
* Add support for unicode filenames in images
* Support for Docker and/or unionfs whiteouts to allows files to be deleted
  in ancestral layers
* Erase possibility of download collisions in image worker
* Refactored SLURM plugin to better organize and abstract SLURM api
* Fully support SLURM extern step for shifter sshd
* Add imagegw heartbeating capability to increase robustness of image pulls
* Add image expiration capability to allow images age out or be
  administratively removed
* Allow sshd to be explicitly enabled in SLURM integration
* Allow ccm-emulation-mode to be explicity enabled in SLURM integration
* Make perNodeCache pre-unlink cache files to create no mess for administrator
  to clean up
* Only allow shifter to automatically create mount points on its tmpfs/ramfs
* Enable docker-type images to implicitly assume "latest" if no tag is 
  specified by user
* Ensure failed image pulls are fully cleaned up
* Check if the current image version is installed on the platform before pulling
* Remove old debugging functionality
* Allow /etc required files to re-try copy (fixes dvs copy issue)
* Require admin capability to autoexpire
* By default run sshd as user, add udiRoot.conf option to run with privilege
* Restrict capabilities that processes run within shifter can obtain (including
  via non-root sshd)
* Fix bug in VolumeMap flag parsing


16.04.0
===========
+  Modified repo layout to push udiRoot to top-level
+  Added RPM spec file for RHEL- and SLES-based systems
+  Added writable perNodeCache capability
+  Enabled BB support

15.12.1
===========
+  Fixed bug preventing autoshift/ccm in slurm/udiRoot integration from 
   chdir'ing to permission restricted paths on root-squashed filesystems
+  Fixed bug on some systems where the udiRoot would get recursively mounted in
   the odd situation that the udiMount point overlapped the VFS being mounted
+  Corrected udiRoot testsuite to run in automated test framework

15.12.0
===========
+  Integrate external deps (util-linux/mount, openssh, libressl) into automake
   build
+  Create /var/empty earlier in case an image already provides it (need it no
   matter what)
+  Renamed ImageGwConnect to shifterimg
+  Updated ImageGwConnect helper application to work with changes to imagegw
   output and allow user to specify image type. Add image listing support.
+  Created iniital README