11.2-U6

October 1, 2019

iXsystems is pleased to announce the general availability of TrueNAS 11.2-U6. This bug fix release adds some operating system and ZFS fixes and addresses these security vulnerabilities:

• FreeBSD-EN-19:12.tzdata
• FreeBSD-EN-19:13.mds
• FreeBSD-SA-19:09.iconv
• FreeBSD-SA-19:10.ufs
• FreeBSD-SA-19:11.cd_ioctl
• FreeBSD-SA-19:12.telnet
• FreeBSD-SA-19:13.pts
• FreeBSD-SA-19:14.freebsd32
• FreeBSD-SA-19:15.mqueuefs
• FreeBSD-SA-19:16.bhyve
• FreeBSD-SA-19:17.fd
• FreeBSD-SA-19:18.bzip2
• FreeBSD-SA-19:19.mldv2
• FreeBSD-SA-19:20.bsnmp
• FreeBSD-SA-19:21.bhyve
• CVE-2019-10197
• CVE 2019-3829
• CVE 2019-3836

The Asigra service has been updated to DS-Operator version 14.1.0.0.

The iconik plugin has been added. More information about iconik, a getting started guide, and an offer for 300 free credits is available here.

The Amazon Cloud Drive provider has been removed from System > Cloud Credentials. See this rclone forum post about Amazon Drive for more details.

Before updating, contact iXsystems Technical Support for a pre-update health check and to answer any technical questions regarding this update. You can contact Support by calling 1-855-GREP-4-iX or emailing support@ixsystems.com.

The default ACL on new Windows datasets was changed from:

owner@:rwxpDdaARWcCos:fd:allow

group@:rwxpDdaARWcCos:fd:allow

everyone@:rxaRc:fd:allow

to:

owner@:rwxpDdaARWcCos:fd:allow

group@:rwxpDdaARWcCos:fd:allow

everyone@::fd:allow

This means that world is no longer being granted read privileges by default on newly created SMB shares. If you need to add “read” to “world” on a newly-created dataset, run the command:

setfacl -m everyone@:rxaRc:fd:allow /mnt/path/to/dataset

TrueNAS NFSv4 exports do not work in a VMWare cluster at this time. NFSv3 will need to be used as a work-around.

The hubiC cloud service has suspended creation of new accounts.

The Mega cloud service is currently broken. The new version of rclone which fixes this will be available in 11.3.

When performing an update on HA systems, the “Apply Pending Updates” button does not apply the update. Instead, select the “Check Now” option.

If the email address configured in Services > S.M.A.R.T. > Email differs from the root user email address configured in Account > Users, only the root user email address will receive an email alert when there is a S.M.A.R.T. failure. If these email addresses need to differ, the workaround is to configure System > Alert Services.

• NAS-101567 Add location of SSH keys to Guide
• NAS-101737 Fix grammatical error in Sharing section of Guide
• NAS-101801 Alert if SSH keys are inconsistent between HA controllers
• NAS-102104 Document limitations of SMB recycle bin when crossing dataset boundaries
• NAS-102226 Provide error for DropBox restricted content
• NAS-102266 Update Virtual IP and VHID descriptions in Guide
• NAS-102326 Disable NT ACL support by default in vfs_noacl
• NAS-102396 Clarify wording for hot spares in Guide
• NAS-102460 Remove BIOS IPMI section from Guide and add link to iX Library
• NAS-102505 Tighten security of default ACL in winacl reset
• NAS-102515 Update GnuTLS to 3.6.8
• NAS-102530 Disable disk and geom plugin on systems with more than 99 disks
• NAS-102531 Merge in FreeBSD EN-19:12 to 19.13 and SA-19:09 to 19:21 fixes
• NAS-102535 Backport some OS/ZFS bugfixes
• NAS-102548 Do not load stale database alerts on failover
• NAS-102582 Limit use of netcli when failover is enabled
• NAS-102693 Update Asigra service to DS-Operator version 14.1.0.0
• NAS-102827 Improve Active Directory section of Guide
• NAS-102865 Improve Replacing Disks to Grow a Pool section of Guide
• NAS-102868 Remove 50% recommendation from ZFS Primer section of Guide
• NAS-102897 Update trueview_stats.sh to increase length of network traffic polling interval
• NAS-102912 Update Time Machine section of Guide
• NAS-102919 Clarify text for “gone alert” emails when alert is cleared
• NAS-103018 Update to Samba 4.9.13 to address CVE-2019-10197

• NAS-100271 Do not display CARP IPs as Bind IP Addresses in Services
• NAS-101611 Fix HA sqlparse behavior
• NAS-101727 Fix JSON serialize errors being silently discarded
• NAS-102144 Fix bug where an empty snapshot prevented adding an iSCSI extent
• NAS-102282 Generate stub smb4.conf prior to using net command
• NAS-102451 Fix Box cloud sync provider not refreshing token
• NAS-102528 Fix traceback in failover alert
• NAS-102542 Fix LicenseStatus traceback on active controller
• NAS-102562 Fix traceback in alert system on TrueNAS HA
• NAS-102563 Only check CARP state for interfaces that are marked critical for failover
• NAS-102579 Fix alert service schemas
• NAS-102588 Do not run “update is available” alert on standby controller
• NAS-102634 Properly set permissions on recycle repositories containing macros
• NAS-102636 Disable user/group caching when requested
• NAS-102649 Provide error message instead of traceback when update fails
• NAS-102665 Workaround asyncio memory leak in py3.6
• NAS-102698 Remove unused Slack “detailed” field
• NAS-102715 Bug fix for netdata alarm script
• NAS-102741 Revert back to MTU 1500 when no interface options are set
• NAS-102789 Fix bug that prevented email alert on SMART errors
• NAS-102828 Do not run VolumeRekeyAlertSource on passive controller
• NAS-102835 Fix “mountd: unknown user: DOMAINuser” error
• NAS-102840 Do not crash on bogus ipmitool output
• NAS-102852 Do not run license alerts on standby controller
• NAS-102870 Clear out AD alerts on standby controller in unified configuration
• NAS-102874 Fix bug that prevented APIv1 from removing deleted group from /etc/groups
• NAS-102876 Do not blink LED when configuring a hot spare on ES12/ES24/ES60
• NAS-102894 Do not start NFS-related services on standby controller
• NAS-102923 Fix logic for mismatch_disks alert
• NAS-102940 Fix crash on SCSI BUSY status during disk probe
• NAS-102941 Properly restart iSCSI service on extent update
• NAS-102958 Fix traceback when there is an error exporting a pool

Tickets can be viewed at our Open Issues page.