--- cdrom.image/README.txt 2007/07/22 22:47:02 1.19 +++ cdrom.image/README.txt 2008/10/15 21:02:16 1.21 @@ -1,166 +1,248 @@ -SME Server 7.2 Release Notes -============================ +SME Server 7.4 Release Announcement +=================================== -July 22 2007 +October 20 2008 The SME Server development team is pleased to announce the release of -SME Server 7.2. This release is based on CentOS 4.5 and all packages -have been updated to the latest releases. +SME Server 7.4. This release is based on CentOS 4.7 and all packages +have been updated to the latest releases. -This release contains many new features, all released updates for -SME Server 7.1 and fixes for many reported problems. Upgrades -will be available by CD, the Software Installer and command line. -All users should upgrade to this release. +All SME Server users should upgrade to this release. -Please report any issues with the SME Server to the bug tracker, -and only there: +The release should be obtained from your closest mirror, see +http://wiki.contribs.org/SME_Server:Download + +Bug reports and reports of potential bugs should be raised +in the bug tracker (and only there, please); http://bugs.contribs.org/ +Please Note +=========== +It may take up to 48 hours for mirrors to finish syncing, +during this time you may experience problems. + + +About SME Server +================ + +SME Server is the leading Linux distribution for small and medium +enterprises. SME Server is brought to you by SME Server, Inc. +( http://www.smeserver.org/ ), a non-profit corporation that exists to +provide marketing and legal support for SME Server. + +SME Server is freely available under the GNU General Public License +and is only possible through the efforts of the SME Server community. +However, the availability and quality of SME Server is dependent on +meeting our expenses, such as hosting costs, server hardware, etc. + +As such, we ask for a small donation to offset costs and fund further +development. + +Please visit http://www.smeserver.org/donate/ to donate. + + Thanks ------- +====== The development team would like to thank all of those involved in this release. However, this distribution cannot continue with the current level of support. More people are required to help with bug triage and verification testing. +This release contains many new features, all released updates for +SME Server 7.3 and fixes for many reported problems. Upgrades +will be available by CD, the Software Installer and command line. + + Upgrades ======== - - Always perform a backup prior to major system upgrades - - An upgrade will preserve the existing data Changes in this release ======================= -Virus/Spam Scanning +Installer +--------- +- Fix grub label to keep consistent with the SME Server brand. + +Mail system changes ------------------- -- The FuzzyOCR spamassassin plugin has been enabled to detect image spam -- An X-Virus-Checked header is now added to mail when it is virus scanned -- sa-update is now run daily to download the latest SpamAssassin rules -- The "freshclam: Update failed" mail now shows the recent history of - the freshclam update process -- The mail server now defers delivery if clamd is unavailable -- Clamd and spamassassin have been updated to the latest releases - -Other mail system changes -------------------------- -- Attempts to mail to invalid users now show "Relaying denied" - instead of "Invalid recipient" -- The qpsmtpd "terse" log plugin is now used, which results in a single - line summarising each mail -- The qplogsumm.pl tool has been added, which generates mail system - plugin statistics in /var/log/qpsmtpd/state -- The DNS blacklist plugin would occasionally return "False positive" - results for multiple overlapping requests. This has been corrected. -- It is now possible to tune the memory limit for qpsmtpd -- Disclaimer plugin added to allow footers in internal to external mails - -Disk redundancy ---------------- -- The default disk layout has changed. A hot spare drive is - automatically created if the system has more than two drives. - A new boot option "nospare" has been added if you are certain that - you do not want to create the spare. You should only use this option - if you are aware of the consequences of running without a hot spare. -- Errors from add_drive_to_raid are now displayed in the console -- Adding drives with invalid partition tables now works without a reboot -- Attempts to manually add RAID devices to systems without RAID shows an error - -Remote Access -------------- -- It is now possible to set the TCP port for SSH sessions from the - Remote Access panel. Note: Changing this port affects SSH, SFTP and SCP -- Issues with SFTP remote access have been corrected -- Users can be assigned fixed IP addresses with PPTP - db accounts setprop fredfrog PPTPIP 192.168.1.5 - signal-event remoteaccess-update -- The PPTP link timeout has been increased to better handle unreliable links -- PPTP has been upgraded to the latest release +- Introduce a web interface to configure the pseudonym "visible" property + (internal|external) +- New feature now allows a "catch all" situation where you have the ability + to redirect "@virtualdomain1.com" to user "joe". +- Fix the "Ugly" log messages (Use of uninitialized value) when spam checking + results in 0 hits. +- Emails sent to a null address like ""@domain without the username part + are now rejected. +- qplogsumm is a optional feature that should be disabled by default. +- A request that the log information is reduced with the default loglevel + setting of 6 in qpsmtpd. +- Support for sending mail to ISP via Secure SMTP +- Enable the auth plugin for local lan connections +- Migrate (remove) "ordb.net" from the RBL lists to prevent mail bouncing. +- Remove blackhole.securitysage.com as service no longer in use. +- Remove sbl-xbl.spamhaus.org from default lists and use a more improved + list in zen.spamhaus.org. + +Console +------- +- Improved validation will check password on first enter password screen + before verifying if too simple then asking to verify and proceed to + configuration of server. +- Passwords should be validated for strength on first entry rather than + waiting for the second confirmation entry. +- The console should validate passwords using the common method, + using esmith::util::validatePassword +- The last item in the server console, "Exit from server console", is removed + as it is redundant. +- Display frames in console server-manager. + When browsing server-manager through console pressing 'H' goes to + http://localhost/server-manager Backups ------- -- USB backup and restore has been added to the console on a fresh install -- The tape reminder mail can now be sent to a user other than admin - config setprop backup reminderEmail fredfrog -- Backup to desktop no longer affects the BackupType set for tape backups -- Restores of MySQL databases with binary 'blobs' up to 16MB are now - supported by default (previous was 1MB). To change the setting: - config setprop mysqld MaxAllowedPacket 20MB +- Backups now use dar which allows for daily full or incremental backup +- Removed 'restore from desktop' functionality +- The error codes from tar are now logged, in line with flexbackup, and do not + cause a backup to fail. +- A Iomeage USB REV-drive was by default mounted in /media as a cdrom device. + It is now automagically mounted as an usbdisk so it can be used as a backup + device without manual intervention. Localisation ------------ -- Swedish translations have been added -- The Spanish translations have been updated -- The online manual link now points to the manual in the chosen browser - language, if such a manual exists -- The en-au and en-nz browser languages are now supported +As part of a major update with translations we have added six new +languages and made it much easier to add other languages in the +future. + +We now support the following languages in the server-manager: Danish, +Dutch, English, French, Greek, German, Hungarian, Indonesian, Italian, +Portuguese, Slovenian, Spanish and Swedish. + +We have made major strides to assist the non-English community by +using a tool called pootle. This is a web based translation tool that +will allow new languages to be added and existing languages to be more +easily maintained. + +We have cleaned up a lot of the packages as a part of getting them to +work with pootle. Another big change as part of this upgrade is the +switch from ISO-8859-1 (Latin) charset to UTF-8 (Universal) charset, +this will allow us to support languages that don't use latin +characters (like Greek). + +Other fixes include updated translations for the existing languages. Software Installer ------------------ -- The pacific.net.au mirror has been added as a mirror location. Many - thanks to all of our mirrors. -- It is possible to limit visibility of updates to specific patterns or - repositories (see http://bugs.contribs.org/show_bug.cgi?id=2416 for details) +- smeextras repository added, it is used for building the installer and ISO +- The yum-update event now includes the yum-import-keys action to allow + users to update yum packages and configuration without rebooting, + which enables updating when there is a compatibility problem. +- Correct yum-update-dbs action to adjust yum service properly. +- The BaseURL property has been removed for repos with mirrorlists. +- The message "This system is up to date." is displayed if no updates are + available. Webmail ------- - Horde, imp, turbo and ingo have been updated to the latest versions - -Console -------- -- Further validation has been added for the Gateway IP to ensure that - it is on the same network as the External IP address +- Support the ability to save user kronolith free/busy information to the LDAP + database. +- Servers with a custom template for 110AppRegistryHorde found webmail no + longer worked. +- The name of the webmail installation is now configurable. + To use - config setprop horde Name xxxx ; signal-event email-update. Server manager -------------- -- The new session-based login to the server-manager now works correctly - on servers where port 80 is blocked -- The user-password panel now correctly enforces the user password policy -- I-bay assignment when a name appears in Domains and Hostnames and Addresses - now gives preference to the domain setting - -UPS ---- -- More template options are available to support more UPS models - (see http://bugs.contribs.org/show_bug.cgi?id=2791 for details) +- The name of the log file being viewed via the Server Manager 'View log + files' is now displayed as the first line. +- Disabling the daily update check in the server-manager did not stop the + check4updates task sending mail to the server administrator. +- Server-manager > printers > add printer - now advises users to avoid + certain names and descriptions as this causes printer state to be incorrect. +- Fix the Unknown heading in server-manager after an update. +- Fix inconsistency within the navigation.xx files which no longer adds extra + spaces and newlines in panel headers. +- The Anti-virus (ClamAV) panel text was updated to remove the word 'entire' + as this could be misleading. +- Allow server-manager to successfully create a one character user account. +- After adding a user and trying to set password via server-manager or + user-password using the ";" sign you encountered a "white screen of + death". This was due to the version of perl-Object-Persistence being used. +- Remove the last 'pleasewait' message is it’s no longer needed. +- The button to add a new user in the server-manager was missing due to a + problem with the free/busy code in usermanager causing the panel to exit. Other fixes and updates ----------------------- -- Many changes have been made in preparation for migration to CentOS5 -- We are now using the CentOS 4 php-pear modules instead of our own builds -- runit was upgraded to the latest release - - The runsvctrl command has been replaced by the much simpler 'sv' command -- The server-only firewall code now respects UDPPort configuration settings -- The "use client driver" setting in smb.conf was corrected -- An apostrophe in the last name caused aliases to be undeletable -- The hostnames description on the Hostnames and Addresses page was corrected -- Some log warnings from FormMagick were removed -- Unused openldap PID files are no longer created -- Various minor text corrections to the console -- The version number has been removed from the installer splash screen -- It is no longer possible to quit form the initial configuration wizard - before configuring the system -- The radius templates have been reorganised to simplify extension -- The templates.metadata settings can now be provided by a directory of files -- templates.metadata now provides an option to delete unwanted expansions -- The /etc/pam.d/login fragments have been corrected -- The gauge console widget now allows the --clear action to be optional -- The e-smith-service wrapper initscript filename match has been tightened -- Empty dnscache forwarder entries are ignored -- The CD no longer says "DVD" in the media check screen -- Many old dungog contribs were incompatible, untested or replaced with - SME Server 7.x features. These packages are now automatically removed - on upgrades +- Updated Samba resolves various file sharing problems +- The length of an Ibay name is now configurable via maxIbayNameLength +- The Samba "unix extensions" are turned off for Mac compatibility +- radiusd.conf allows support for additional authentication methods +- Ability to modify pseudonyms with special characters +- Prevent NameServer being set to current IP of SME Server +- Allow support for server side includes for ibays when a directory is + browsed. +- Made mtu/mru settings configurable and default to 1400 +- Increased the templating in php.ini +- Fixed timezone detection issues for certain timezones during certificate + generation +- Added support for cciss RAID controller +- Enable a new feature to allow admin to have own password not shared with + root. +- nut is now started after the network to avoid mails to the admin mailbox + about lost communication. +- e-smith-openssh contained unused template fragments were removed. +- ibays can now be set as non-browsable (hidden), but accessible via their + UNC. An ibay can be hidden by setting the Browsable property to disabled. +- Suspicious string scanning (supscan) has been disabled due + to being CPU and I/O intensive and prone to producing false positives.. +- The audittool script has been updated to also identify modified events. +- If a custom motd was used this could have been sent with the smolt data, now + only the version from e-smith-release is sent. +- The wrong URL was shown for the smolt profile, it has been updated to + http://smolt.contribs.org/ +- Patch djbdns around TCP bug: http://alkemio.org/dns_transmit-bug.html +- Change license of djbdns to "Public Domain' - + http://cr.yp.to/distributors.html +- Do not display symlinks via ftp. +- New LPRng where both inbuilt filters as well as smbprint filters work. +- Resolved false positives that were being reported by rkhunter. +- Move the clamav scan schedule to the correct crontab file for ease of use. +- Use yum installonlyn plugin to keep only the last 5 kernels. +- Change Wpad URL to match system domain to enable the Wpad feature. +- dnscache will now ignore referrals when in forwardonly mode. +- On servers with no ibays and less than two users the shadow-copy-rotate + script would fail. +- Correct the step-ticker to pool.ntp.org hosts. +- Hide normally hidden files from view when using roaming profiles. +- The dungog yum repository has been obsoleted as the packages are in + smecontribs. +- When a user is deleted from the server-manager his/her pseudonyms should not + appear in any configuration file. + General features ================ +- Based on CentOS 4.7 and all available updates + + +There are a few differnces from previous releases <=7.2 +======================================================= -- Based on CentOS 4.5 and all available updates +After installing for the very first time: +----------------------------------------- +- First night you may receive an email from cron about sa_updates. +- First night you should receive a large email saying a bunch of + groups/users were removed/added (rkhunter email notification). +- Any time you change users/groups you will receive an email the next day + about those changes (rkhunter email notification). -$Id: README.txt,v 1.18 2007/07/21 00:13:59 slords Exp $ +$Id: README.txt,v 1.20 2008/01/01 17:18:13 slords Exp $