1 |
Koozali SME Server 10 Alpha 5 Release Notes |
Koozali SME Server 10.1 Release Notes |
2 |
===================================== |
============================================ |
3 |
|
18 Aug 2022 |
|
These are draft only and are in a constant state of update. |
|
|
|
|
|
17 Jun 2020 |
|
4 |
|
|
5 |
The Koozali SME Server development team is pleased to announce the |
The Koozali SME Server development team is pleased to announce the |
6 |
release of SME Server 10 Alpha 5 which will be the next major release of |
release of SME Server 10.1 which will be an update release of SME Server. |
|
SME Server. |
|
7 |
|
|
8 |
This release is based on CentOS 7. CentOS 7.# has an EOL of 30 June 2024. |
This release is based on CentOS 7. CentOS 7.# has an EOL of |
9 |
|
30 June 2024. |
10 |
|
|
11 |
*************************** |
********************************************************** |
12 |
Koozali SME Server users should not upgrade production servers to this |
Koozali SME Server users are encouraged to update production servers |
13 |
release but those who can are encouraged to load the alpha to a |
to this release. |
14 |
dedicated test machine and take part in the testing phase. |
********************************************************** |
|
*************************** |
|
15 |
|
|
16 |
Some notes on Koozali SME Server 10 can be found at |
Additional notes on Koozali SME Server 10 can be found at |
17 |
https://wiki.contribs.org/SME_Server_10.0_Development |
https://wiki.contribs.org/SME_Server_10.0_Development |
18 |
|
|
19 |
SME10 Roadmap - Alpha 5 |
SME10 Roadmap - |
20 |
https://wiki.contribs.org/SME10_Roadmap#SME_10_Alpha_5 |
https://wiki.contribs.org/SME10_Roadmap#SME_10_Final |
21 |
|
|
22 |
Bug reports and reports of potential bugs should be raised in the bug |
Bug reports and reports of potential bugs should be raised in the bug |
23 |
tracker (and only there, please); |
tracker (and only there, please); |
24 |
|
|
25 |
https://bugs.koozali.org/ |
https://bugs.koozali.org/ |
26 |
|
|
27 |
|
Copy of releaase notes may be found here: |
28 |
|
https://lists.contribs.org/pipermail/updatesannounce/ |
29 |
|
|
30 |
Download |
Download |
31 |
======== |
======== |
32 |
You can download SME Server 10 from |
You can download SME Server 10.1 from |
33 |
https://mirror.koozali.org/smeserver/releases/testing/10/ |
https://mirror.koozali.org/smeserver/releases/10.1/ |
34 |
or for other methods see https://wiki.koozali.org/SME_Server:Download |
or for other methods see: |
35 |
|
https://wiki.koozali.org/SME_Server:Download |
36 |
|
|
37 |
Please note it may take up to 48 hours for mirrors to finish syncing, |
After release, please note it may take up to 48 hours for mirrors to |
38 |
during this time you may experience problems. |
finish syncing, during this time you may experience availability issues. |
39 |
|
|
40 |
About SME Server |
About SME Server |
41 |
================ |
================ |
42 |
SME Server is the leading Linux distribution for small and medium |
SME Server is a popular Linux distribution for small and medium |
43 |
enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
44 |
a non-profit corporation that exists to provide marketing and legal support |
a non-profit corporation that exists to provide marketing and legal support |
45 |
for SME Server. |
for SME Server. |
50 |
However, the availability and quality of SME Server is dependent on |
However, the availability and quality of SME Server is dependent on |
51 |
meeting our expenses, such as hosting costs, server hardware, etc. |
meeting our expenses, such as hosting costs, server hardware, etc. |
52 |
|
|
53 |
As such, we ask for a donation to offset costs and fund further development. |
As such, we encourage a donation to offset costs and fund further development. |
54 |
|
|
55 |
a) If you are a school, a church, a non-profit organisation or an |
a) If you are a school, a church, a non-profit organisation or an |
56 |
individual using SME Server for private purposes, we would appreciate |
individual using SME Server for private purposes, we would appreciate |
69 |
|
|
70 |
Notes |
Notes |
71 |
===== |
===== |
72 |
In-place upgrades are not supported. It is necessary to backup and then |
In-place upgrades from previous major releases are not supported. |
73 |
restore. (Remember, testing purpose only) |
It is necessary to backup and then restore. |
74 |
|
|
75 |
|
In-place point updates within a major release are supported. |
76 |
|
|
77 |
The spare handling for RAID arrays is not implemented as yet. |
Restore of a sme9 console or workstation backup is now fully supported |
78 |
|
there are cautions to be aware of and followed, see wiki and forum notes. |
79 |
|
|
80 |
New Server-Manager Framework, Mojolicious, is now well on the way to full implementation |
From the many, small and large, fixes and updates the highlights are: |
81 |
|
|
82 |
USB installs are once again fully supported |
The integration of httpd access using the to 2.4 syntax |
83 |
Note: it is important to use proposed apps to create the boot media |
#Note there will be a need to update your contribs and any custom templates |
|
See: https://wiki.koozali.org/Install_From_USB |
|
84 |
|
|
85 |
Netinstall is once again fully supported |
The improvement of syslog management with dedicated log file for all the core |
86 |
|
services (some were in systemd and some in the message log) |
87 |
|
|
88 |
Install to a system supporting a UEFI BIOS is also now fully supported |
Along with changes to the management of logfiles an improved logrotate has |
89 |
|
been implemented, this is also now configurable via db config settings ie |
90 |
|
frequency and number to retain |
91 |
|
|
92 |
The work that has gone into getting SME 10 to this stage has been enormous, an attempt to list and detail the work that has been done in recent months would not do justice to the effort contributed by the following, |
Improvement and update to user and system security via update of cvm-unix |
93 |
|
module |
94 |
|
|
95 |
thank you one and all: |
Support for @.service has now been integrated and implemented |
96 |
|
|
97 |
|
Updates and fixes to radius services have also been implemented and improved |
98 |
|
|
99 |
|
The task of implementing backup of the contribs data by the the core console |
100 |
|
backup and workstation backup has begun see: |
101 |
|
https://bugs.koozali.org/show_bug.cgi?id=11997 |
102 |
|
|
103 |
|
A large number other minor under the hood changes and upstream updates and |
104 |
|
fixes. |
105 |
|
===== |
106 |
|
|
107 |
|
The time and effort that has gone into getting SME 10.1 to release has been |
108 |
|
extensive, an attempt to list and detail the work that has been done in recent |
109 |
|
months would not do justice to the effort made, thank you one and all for your |
110 |
|
time and help. |
111 |
|
|
112 |
|
In particular thank you for the consistent efforts of: |
113 |
Jean Phillipe Pialasse |
Jean Phillipe Pialasse |
|
Michel Begue |
|
|
Brian Read |
|
|
Catton Durbrow |
|
|
Chris Sansom-Ninnes |
|
114 |
John Crisp |
John Crisp |
115 |
|
Brian Read |
116 |
|
Michel Begue |
117 |
|
Zsolt Vasarhelyi |
118 |
|
|
119 |
there have also been many others who have done what they can, thank you: |
The changes that have been implemented to ensure the Koozali Sme Server way |
120 |
|
is fully implemented have been considered and extensive. |
121 |
|
|
122 |
Major changes in this release |
Major changes in this release |
123 |
============================= |
============================= |
125 |
|
|
126 |
Changes in this release |
Changes in this release |
127 |
======================= |
======================= |
128 |
see above and below, too much to list |
see above and below |
129 |
|
|
130 |
General features |
General features |
131 |
================ |
================ |
132 |
- Based on CentOS 7.6.1810 and all available updates |
Based on CentOS 7.9.2009 and all available updates |
133 |
|
|
134 |
Detailed changes in this release |
Detailed changes in this release |
135 |
======================= |
======================= |
136 |
Only the changes since SME Server 10 Alpha3 are listed, mainly |
Only the changes since SME Server 10 final are listed, autogenerated |
137 |
autogenerated from the changelogs. |
from the changelogs. |
138 |
|
|
139 |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
Packages altered by Centos, Redhat, and Fedora-associated developers are |
140 |
not included. |
not included. |
141 |
|
|
142 |
The changelogs are written per package, and each package is assigned a group. |
The changelogs are written per package |
143 |
|
|
144 |
|
SME built or modified packages - ChangeLogs |
145 |
|
|
146 |
|
18 Aug 2022 |
147 |
|
|
148 |
Backups |
Backups |
149 |
|
|
150 |
e-smith-backup |
e-smith-backup |
151 |
- Added /etc/backup-data.d to backup paths |
- negative date (mtime, data modification time) zerodate fix [SME: 11907] |
152 |
- Added error handling to restore using pipe pattern from perform_backup |
- allow mounting smbv1 backup share [SME: 11557] |
153 |
|
- remove lock noise to cron stdout for workstation backup [SME: 11530] |
154 |
|
- fix dar restore replacing rootdir symlinks by folders [SME: 11424] |
155 |
|
- Remove duplicate gunzip call in perform_restore [SME: 11266] |
156 |
|
- Remove debug output of device names |
157 |
|
- Revert BlockDevices.pm and backup call to not filter to removable drives |
158 |
|
- Replace hal-* calls with BlockDevices [SME: 11319] |
159 |
|
- add update event [SME: 11124] |
160 |
|
- Added /etc/backup-data.d to backup paths [SME: 10245] |
161 |
|
- Added error handling to restore using pipe pattern from perform_backup [SME: 3139] |
162 |
- Made reboot optional after console restore |
- Made reboot optional after console restore |
163 |
- Fixed bootstrap restore not activating config changes |
- Fixed bootstrap restore not activating config changes [SME: 10921] |
164 |
- Manually added ext2 and ext3 to Block Device file system check where ext4 present |
- Manually added ext2 and ext3 to Block Device file system check where ext4 present |
165 |
- updated Block Device discovery to fix recovery from console |
- updated Block Device discovery to fix recovery from console [SME: 8244] |
166 |
- Credit to Catton Durbrow |
- Credit to Catton Durbrow |
167 |
|
|
168 |
|
|
169 |
File Server |
File Server |
170 |
|
|
171 |
|
e-smith-samba |
172 |
|
- samba fix typo in delete v6 profile dir win10 [SME: 11725] |
173 |
|
- samba delete v6 profile dir win10 [SME: 11725] |
174 |
|
- samba create v6 profile dir win10 [SME: 11725] |
175 |
|
- netlogon.bat +x [SME: 11566] |
176 |
|
- add possibility to reenable allow execute always on ibays homes or everywhere [SME: 11555] |
177 |
|
- fix double entries for min protocol [SME: 11558] |
178 |
|
- clean rsyslog syntax for smbd and nmbd [SME: 11422] |
179 |
|
- fix noise in message log from nmbd and smbd redirected to dedicated logs [SME: 11349] |
180 |
|
- allow using user-create-profiledir action with temp or package-update events [SME: 11348] |
181 |
|
- fix log noise for smb.service [SME: 11157] |
182 |
|
- add Restart=always [SME: 11118] |
183 |
|
- add Restart=always [SME: 11117] |
184 |
|
- migrate nmbd to systemd [SME: 11118] |
185 |
|
- migrate smbd to systemd [SME: 11117] |
186 |
|
create generik smb.service service |
187 |
|
- create e-smith-samba-update event [SME: 11157] |
188 |
|
- Fix mutex locking [SME: 11199] |
189 |
|
- Fix pid directory [SME: 11198] |
190 |
|
- Add /etc/krb5.conf as template using templates from smeserver-samba |
191 |
|
- [SME: 11093] |
192 |
|
- remove win98pwdcache.reg from server-resources [SME: 9060] |
193 |
|
- set min server and client protocol SMB2 [SME: 10576] |
194 |
|
add check so max always greater than min |
195 |
|
- add port 445 if min server protocol is SMB2 or SMB3 [SME: 10963] |
196 |
|
|
197 |
LDAP |
LDAP |
198 |
|
|
199 |
e-smith-ldap |
e-smith-ldap |
200 |
- New protocol default as TLSv1.2 |
- add support or rsshusers system group [SME: 11753] |
201 |
New property TLSProtocolMin |
- redirect syslog for ldapt to /var/log/ldap/ldap.log [SME: 11745] |
202 |
Ciphers are now ordered with stronger first |
- fix ssl-update reload instead of restart ldap [SME: 11598] |
203 |
|
- fix wrong path for templates.metadata [SME: 11595] |
204 |
|
- use template for ssl pem [SME: 11595] |
205 |
|
- fix ldap failing to start on initial boot [SME: 11480] |
206 |
|
- fix wrong alias to ldap.init [SME: 11301] |
207 |
|
- add -update event [SME: 11140] |
208 |
|
- move ldap to systemd [SME: 11099] |
209 |
|
- move ldap.init to systemd [SME: 11096] |
210 |
|
- New protocol default as TLSv1.2 [SME: 10936] |
211 |
|
New property TLSProtocolMin |
212 |
|
Ciphers are now ordered with stronger first |
213 |
|
|
214 |
Localisation |
Localisation |
215 |
|
|
216 |
|
smeserver-locale |
217 |
|
- apply local 2022-07-21.patch [SME: 12117] |
218 |
|
- apply local 2021-06-06.patch [SME: 11593] |
219 |
|
- apply local 2021-05-12.patch [SME: 11593] |
220 |
|
- apply local 2021-01-09.patch [SME: 11310] |
221 |
|
- apply local 2019-12-07.patch |
222 |
|
|
223 |
Mail Server |
Mail Server |
224 |
|
|
225 |
clamav |
e-smith-email |
226 |
- Update clamav-db as per epel last spec file |
- add quote around filename to .fetchids moving script [SME: 12131] |
227 |
to add clamav-update as provides |
- move fetchids from /run and avoid its loss on reboot [SME: 12131] |
228 |
- |
similar changes in contrib smesevrer-fetchmail |
229 |
|
- fix typo in regex [SME: 11799] |
230 |
|
- fix missing dot in regex for untainting [SME: 11799] |
231 |
|
would delete any account named with the string before the dot |
232 |
|
- untainting string correctly [SME: 11716] |
233 |
|
- fix typo for mailpattern for rar files [SME: 11690] |
234 |
|
- fix perms for /var/lock/fetchmail [SME: 11634] |
235 |
|
- make /var/lock/fetchmail dir permanent [SME: 11634] |
236 |
|
- add new RAR file signatures to default mailpatterns database [SME: 11265] |
237 |
|
- webmail is only SSL [SME: 11443] |
238 |
|
- create -update event [SME: 11133] |
239 |
|
- move smtp-auth-proxy to systemd [SME: 11102] |
240 |
|
- allow creation of pseudonyms with setting of local only [SME: 3802] |
241 |
|
|
242 |
|
e-smith-qmail |
243 |
|
- fix multiple errors with pseudonyms in template [SME: 8591] |
244 |
|
orphaned pseudonyms are associated to admin |
245 |
|
- repopulate qmail assign db and sighup qmail on group event [SME: 11934] |
246 |
|
- can set to 0 ConcurrencyLocal or ConcurrencyRemote [SME: 11645] |
247 |
|
this allows to disable of type of delivery |
248 |
|
- add Requires=runit.service [SME: 11245] |
249 |
|
- fix missing actions for systemd on upgrade event [SME: 11105] |
250 |
|
cleanup preset file |
251 |
|
- remove qmail link in init.d and whole rc.d [SME: 11105] |
252 |
|
take 3 |
253 |
|
- remove qmail link in init.d [SME: 11105] |
254 |
|
- execute systemd-reload before service adjust in events [SME: 11228] |
255 |
|
- remove S95reset-unsavedflag [SME: 11229] |
256 |
|
- remove rc7.d link [SME: 11105] |
257 |
|
- fix actions in e-smith-qmail-update [SME: 11152] |
258 |
|
- Move qmail service to systemd [SME: 11105] |
259 |
|
- Create e-smith-qmail-update event [SME: 11152] |
260 |
|
|
261 |
|
qpsmtpd |
262 |
|
- fix fetchmail patch to check local_ip [SME: 11763] |
263 |
|
- fix configuration not honoured on initial start [SME: 10387] |
264 |
|
commented out load_plugins see https://github.com/smtpd/qpsmtpd/issues/288. |
265 |
|
|
266 |
smeserver-clamav |
smeserver-clamav |
267 |
- increase lower memory limit to 1GB |
- logrotate clamd keeps logging to old log [SME: 11963] |
268 |
- fix for AllowSupplementaryGroups warning |
- remove default property ArchiveBlockEncrypted [SME: 11695] |
269 |
thanks to bunkobugsy |
- fix property name error 2.7.0-12.sme [SME: 11695] |
270 |
smeserver-dovecot |
- fix spec file error 2.7.0-11.sme [SME: 11474] |
271 |
- fix typo in enabling TLSv1.2 as default |
- rename property ArchiveBlockEncrypted to AlertEncrypted as per upstream [SME: 11695] |
272 |
- fix typo in 35ssl template |
added properties AlertBrokenExecutables AlertExceedsMax AlertOLE2Macros |
273 |
- fix typo in createlinks |
AlertPartitionIntersection AlertPhishingCloak and AlertPhishingSSLMismatch |
274 |
- revert property names with period in it |
with default no |
275 |
- add property AcceptFullEmail with enabled as default |
added property HeuristicAlerts with default yes |
276 |
|
- fix noise on centos2sme [SME: 11474] |
277 |
|
- identify from which server is freshclam error [SME: 11755] |
278 |
|
fix from Graeme Fleming |
279 |
|
- fix typo in logrotate [SME: 11608] |
280 |
|
- fix typo and missing +x [SME: 11520] |
281 |
|
- fix issues with non epel standard scan.conf [SME: 11520] |
282 |
|
move clamd.conf to scan.conf |
283 |
|
remove alias for clamtop |
284 |
|
add a wrapper for clamdscan to force --fdpass |
285 |
|
- ease use of clamdtop [SME: 11313] |
286 |
|
- fix Transaction check error [SME: 11311] |
287 |
|
- add pid folder /run/clamd/ [SME: 11103] |
288 |
|
few improvements |
289 |
|
- create update event [SME: 11162] |
290 |
|
- Updated to use 0.103+ from EPEL [SME: 11194] |
291 |
|
- Updated to use systemd for clamd [SME: 11103] |
292 |
|
- Updated to use systemd for freshclam [SME: 11104] |
293 |
|
- increase lower memory limit to 1GB [SME: 10833] |
294 |
|
- fix for AllowSupplementaryGroups warning [SME: 10813] |
295 |
|
|
296 |
smeserver-qpsmtpd |
smeserver-qpsmtpd |
297 |
- minimum Protocol TLSv1.0 |
- Print both 255 char and full length DKIM keys [SME: 11974] |
298 |
better ciphers order. |
- fix unable to set internal only pseudonym as full email [SME: 11933] |
299 |
|
- add softlimit template for qpsmtpd [SME: 11858] |
300 |
|
increase softlimit to 50000000. |
301 |
|
- fix regression Set the default helo policy to lenient [SME: 11864] |
302 |
|
- mail sent on 127.0.0.200:25 should be spam checked [SME: 10289] |
303 |
|
filtering again fetchmail originating mails |
304 |
|
- sighup on reload [SME: 11759] |
305 |
|
- fix tnef2mime FATAL PLUGIN ERROR [SME: 11648] |
306 |
|
this will be a temp fix by redefining MIME::Parser::Filer::output_path |
307 |
|
until it has been fixed upstream |
308 |
|
- update depreacted reject_threshold to reject [SME: 11492] |
309 |
|
- remove /usr/lib/systemd/system-preset/80-koozali-qpsmtpd.preset [SME: 10958] |
310 |
|
- modify for clamav 0.103.0 [SME: 11210] |
311 |
|
- roll up patches |
312 |
|
- add Requires=runit.service (qpsmtpd & sqpsmtpd) [SME: 11245] |
313 |
|
- fix service not enabled [SME: 11107] |
314 |
|
remove reset-unsavedflag |
315 |
|
- Move qpsmtpd & sqpsmtpd services to systemd [SME: 11107] |
316 |
|
- Create smeserver-qpsmtpd-update event [SME: 11164] |
317 |
|
- expand badrcptto_ext when needed [SME: 10638] |
318 |
|
this avoid user, group or pseudonyms for internal purpose to be reachable |
319 |
|
from outside |
320 |
|
- minimum Protocol TLSv1.0 [SME: 10460] |
321 |
|
better ciphers order. |
322 |
|
|
323 |
Server manager |
Server manager |
324 |
|
|
|
e-smith-formmagick |
|
|
- add locale for CSRF |
|
|
- add CSRF patch - thank you to Daniel Berteaud |
|
325 |
e-smith-manager |
e-smith-manager |
326 |
perl-CGI-FormMagick |
- update to httpd 2.4 access syntax for httpd-admin [SME: 12129] |
327 |
- add timeout |
- update to httpd 2.4 access syntax [SME: 12129] |
328 |
- update CSRF patch |
- removing reference to old log rotation action [SME: 11872] |
329 |
- add requires perl(Session::Token) |
- take 2 wrong system mode reported in bugreport [SME: 10448] |
330 |
- fix add CSRF patch - thank you to Daniel Berteaud |
- fix wrong system mode reported in bugreport [SME: 10448] |
331 |
|
- create -update event [SME: 11144] |
332 |
|
- migrate httpd-admin to systemd [SME: 11110] |
333 |
|
- removing hardcoded ports [SME: 10967] |
334 |
|
- Add a FollowSymlinks for user-password in password/cgi-bin (perl-suid) [SME: 9677] |
335 |
|
- update apache icon path [SME: 9591] |
336 |
|
- add message to indicate EOL after Jun 30 2024 fix [SME: 10170] |
337 |
|
e-smith-viewlogfiles |
338 |
|
perl-CGI-FormMagick |
339 |
|
|
340 |
Webmail and Groupware |
Webmail and Groupware |
341 |
|
|
342 |
smeserver-horde |
smeserver-horde |
343 |
- workaround logging noise caused by libsasl |
- fix invalid domain if ForcePrimaryDomain is enabled [SME: 11980] |
344 |
- log as admin and not admin@domain for cli tasks |
- fix $ldapServer is commented out if Horde ForcePrimaryDomain is disabled [SME: 11981] |
345 |
- fix ingo imap preferences |
- use httpd 2.4 access control syntax [SME: 11945] |
346 |
- allow httpd-auth for calendar, tasks access using rpc.php ... |
- fix previous patch error extra line [SME: 11694] |
347 |
- add smeserver-horde-update event |
- fix alarm noise when disabled [SME: 11694] |
348 |
- avoid loss of user parameter on Primary Domain change |
- Syntax error, unexpected '(T_STRING), expecting ')' [SME: 11738] |
349 |
this will also avoid the loss of parameter if we log with a different virtualhost |
- thanks to zsolt vasarhelyi for patch test |
350 |
horde preference is now stored with the SME username without @domain |
- Ingo filters TLS error if sieve is enabled [SME: 11628] |
351 |
- fix bad regex to strip domain |
- fix missing call to perl module emsith::php [SME: 11489] |
352 |
also we can now force Primary domain to use as default email |
- clean rsyslog syntax for horde [SME: 11422] |
353 |
we can strip heading string from virtualhost domain to create email |
- improved php basedir, with filtering of noise for gpg [SME: 10945] |
354 |
default identity email will update as long as no other identity is created for the user |
- force SSL for horde [SME: 11443] |
355 |
- fix typo in php-fpm patch |
- fix horde not honoring switch to php-fpm 5.4 [SME: 11433] |
356 |
- remove php3 references |
- update mail settings for the php-pool [SME: 11431] |
357 |
- remove strict and warning alert from error log |
- spamd SpamLearning property migrated to spamassassin SpamLearning [SME: 11376] |
358 |
- dedicated php-fpm pool for horde |
- Configuration is not up to date, hash to update [SME: 11308] |
359 |
- apply patches from John H. Bennett III |
- fix wrong template path for php55, php56 and php [SME: 11255] |
360 |
|
- fix webmail not accessible after enabling from manager [SME: 11233] |
361 |
|
- update rsyslog syntax [SME: 11016] |
362 |
|
move fragment so syntax is similar to message |
363 |
|
- remove harcoded ports [SME: 10969] |
364 |
|
- add gpg to php base dir [SME: 10945] |
365 |
|
- workaround logging noise caused by libsasl [SME: 10943] |
366 |
|
- log as admin and not admin@domain for cli tasks [SME: 10910] |
367 |
|
- fix ingo imap preferences [SME: 10912] |
368 |
|
- allow httpd-auth for calendar, tasks access using rpc.php ... [SME: 10908] |
369 |
|
- add smeserver-horde-update event [SME: 10909] |
370 |
|
- avoid loss of user parameter on Primary Domain change [SME: 1005] |
371 |
|
this will also avoid the loss of parameter if we log with a different virtualhost |
372 |
|
horde preference is now stored with the SME username without @domain |
373 |
|
- fix bad regex to strip domain [SME: 10224] |
374 |
|
also we can now force Primary domain to use as default email |
375 |
|
we can strip heading string from virtualhost domain to create email |
376 |
|
default identity email will update as long as no other identity is created for the user |
377 |
|
- fix typo in php-fpm patch [SME: 10872] |
378 |
|
- remove php3 references [SME: 10866] |
379 |
|
- remove strict and warning alert from error log [SME: 10823] |
380 |
|
- dedicated php-fpm pool for horde [SME: 10872] |
381 |
|
- apply patches from John H. Bennett III [SME: 10717] |
382 |
- cvs admin -ko on patch1 |
- cvs admin -ko on patch1 |
383 |
|
|
384 |
Web Server |
Web Server |
385 |
|
|
386 |
e-smith-apache |
e-smith-apache |
387 |
- disable TLSv1 TLSv1.1 by default |
- reverting last change [SME: 9375] |
388 |
|
- add conflict on older ibays, php, horde, proxy, manager rpms |
389 |
|
- removing mod_access_compat [SME: 9375] |
390 |
|
- convert httpd 2.2 allow,deny to Require for 2.4 [SME: 9375] |
391 |
|
- use maxsize, not size [SME: 11867] |
392 |
|
- use logrotate.d instead of event action [SME: 11867] |
393 |
|
use size to force log rotate before normal delay |
394 |
|
- add modules ldap authnz_ldap and proxy_wstunnel [SME: 11760] |
395 |
|
previously provided by webapps-common |
396 |
|
- fix httpd-e-smith failing to start on reboot in private server-gateway mode [SME: 11596] |
397 |
|
- add possibility to force https on LAN only [SME: 11511] |
398 |
|
usefull for VPN over port 443 |
399 |
|
- prevent httpd to fail if modSSL defined certs does not exist [SME: 10826] |
400 |
|
default on self generated cert |
401 |
|
- create-update event [SME: 11123] |
402 |
|
- move httpd-e-smith to systemd [SME: 11111] |
403 |
|
changed sigusr1 used in events to reload as defined in the unit file |
404 |
|
- give a logger to httpd-e-smith : journald [SME: 1416] |
405 |
|
- set default SSLStrictSNIVHostCheck to off [SME: 8693] |
406 |
|
- add SNI support for individual certificates per VirtualHosts [SME: 8693] |
407 |
|
- port 80 and 443 should not be hardcoded [SME: 9192] |
408 |
|
- e-smith-apache removing hardcoded ports [SME: 10966] |
409 |
|
- remove php3 and php4 refs [SME: 10867] |
410 |
|
- disable TLSv1 TLSv1.1 by default [SME: 10459] |
411 |
|
|
412 |
Other fixes and updates |
Other fixes and updates |
413 |
|
|
414 |
|
bglibs |
415 |
|
- initial build for SME10 [SME: 11883] |
416 |
|
patched selftests.sh to avoid net/resolve_ipv4addr.c test which fails under mock |
417 |
|
added BuildRequires glibc glibc-static glibc-devel mtools autoconf |
418 |
|
commented out files for devel /usr/local/bglibs/lib/*.lib and /usr/local/bglibs/lib/*/*.a |
419 |
|
as they fails. |
420 |
|
|
421 |
|
cvm |
422 |
|
- build cvm 0.97 for SME10 [SME: 11315] |
423 |
|
|
424 |
|
e-smith-LPRng |
425 |
|
- untainting port cleanly [SME: 12106] |
426 |
|
- remove /usr/lib/systemd/system-preset/80-koozali-LPRng.preset [SME: 10958] |
427 |
|
- Add 'Requires:runit.service' [SME: 11245] |
428 |
|
- Add a fragment for lpd in 49-koozali.preset [SME: 11006] |
429 |
|
- Remove init.d/supervise/lpd link [SME: 11006] |
430 |
|
- keep runit service for systemd [SME: 11006] |
431 |
|
- fix update event name [SME: 11007] |
432 |
|
- from service to systemd [SME: 11006] |
433 |
|
- add lpd-update event [SME: 11007] |
434 |
|
|
435 |
e-smith-base |
e-smith-base |
436 |
- wildcard self-signed certificate |
- no new self signed cert when adding/removing non self hosts [SME: 12130] |
437 |
|
- fix /dev/log not being recreated [SME: 12073] |
438 |
|
- add rsshusers group to ldap and update it [SME: 11956] |
439 |
|
- fix symlinks preventing log rotation [SME: 11950] |
440 |
|
- remove immark module to reduce messages log activity [SME: 11813] |
441 |
|
- fix logs not rotated before 100M (size maxsize) [SME: 10484] |
442 |
|
- reduce systemd noise in messages [SME: 11813] |
443 |
|
- fix dhcp address not propagated [SME: 11930] |
444 |
|
- make rsyslog listen journald which listen /dev/log [SME: 11813] |
445 |
|
template for /etc/systemd/journald.conf |
446 |
|
- properly configure /etc/logrotate.conf [SME: 10484] |
447 |
|
template for /etc/logrotate.conf |
448 |
|
use of size to limit max size of file and rotate earlier |
449 |
|
- drop e-smith logrotate actions creating dangling links [SME: 946] |
450 |
|
- make journald log permanent by creating /var/log/journal [SME: 11795] |
451 |
|
- allow group-modify-unix on update event [SME: 11766] |
452 |
|
- fix typo in last patch [SME: 11722] |
453 |
|
- add support for systemd service with instance service@instance.service [SME: 11722] |
454 |
|
- add local domains in self signed cert alt subjects [SME: 11624] |
455 |
|
add local hosts in self signed cert alt subjects |
456 |
|
modSSL property to disable hosts domains addition : AddDomains AddHosts |
457 |
|
default is enabled when empty |
458 |
|
- fix missing export [SME: 11620] |
459 |
|
- fix issue with adding new user to the ldap db [SME: 11607] |
460 |
|
- always renew self signed certificate [SME: 11552] |
461 |
|
update key / crt if not signed with the right key size |
462 |
|
default to self signed if custom cert and key are not files or not rigth type |
463 |
|
add perl module to help handle certificates and keys |
464 |
|
TODO: check if both key and cert are related, if not default to self signed |
465 |
|
- fix openssl.conf not generated when openldap field are empty [SME: 11569] |
466 |
|
- fix missing path to systemctl for add-wants [SME: 11537] |
467 |
|
- merge dhcpdmanager custom template fragments with core [SME: 10657] |
468 |
|
- remove templates-custom previously owned by a contrib [SME: 11508] |
469 |
|
they got migrated as part as normal backup restore |
470 |
|
- fix masq failing on initial boot [SME: 11479] |
471 |
|
- removing weekly cron for ddns update, targeted script has been removed [SME: 11470] |
472 |
|
- revert e-smith-service file [SME: 9692] |
473 |
|
- add systemctl wrapper [SME: 11345] |
474 |
|
- clean rsyslog syntax for dhcpd [SME: 11422] |
475 |
|
- cleanup /etc/rc.d and /var/service [SME: 9692] |
476 |
|
- remove klogd references [SME: 11363] |
477 |
|
- restore part of pptp code and move to generik vpn entry [SME: 11374] |
478 |
|
- drop dyndns core support [SME: 11415] |
479 |
|
- fix enabled service not started on reboot [SME: 11355] |
480 |
|
unless a power outage, as long as you reboot, halt or shutdown systemd will |
481 |
|
be in sync |
482 |
|
- fix console::startup run twice [SME: 11358 ] |
483 |
|
- improve run order in systemd-default [SME: 11356] |
484 |
|
- fix uninitialized value during post-install [SME: 11350] |
485 |
|
- fix user with rssh shell need to be member of rsshusers group [SME: 9155] |
486 |
|
- add missing /sbin/e-smith/bootstrap-runlevel7 [SME: 11318] |
487 |
|
- fix typo for isolate [SME: 11246] |
488 |
|
- separate bootstrap-console from run level service launch [SME: 11318] |
489 |
|
- only run isolate if sme-server.target is not active [SME: 11246] |
490 |
|
- update system-preset usr/lib file [SME: 10958] |
491 |
|
- fix loss of httpd basic auth [SME: 11309] |
492 |
|
- fix services starting when they are in Wants= for sme-server.target and preset disabled [SME: 11247] |
493 |
|
- rewrite of manageRAID.pl and add_drive_to_raid for SME10 [SME: 10918] |
494 |
|
- added gdisk as a dependency to support GPT systems |
495 |
|
- fix modSSL key crt and keychain files really exist [SME: 11252] |
496 |
|
- add ldap.init as exception for preset |
497 |
|
- fix init-accounts [SME: 9642] |
498 |
|
- validate modSSL key crt and keychain files really exist [SME: 11252] |
499 |
|
if not we use self generated |
500 |
|
- drop pptpd support [SME: 11250] |
501 |
|
- add bash-completion [SME: 11244] |
502 |
|
- improve local service to systemd [SME: 11119] |
503 |
|
now run rc.local file as part of the event |
504 |
|
|
505 |
|
e-smith-cvm-unix-local |
506 |
|
- fix error compressing log still in use by delaying it [SME: 11968] |
507 |
|
- reverting to release 7 state [SME: 11885] |
508 |
|
- Add yum action to restart post install [SME: 11885] |
509 |
|
- bump requirement for cvm [SME: 11885] |
510 |
|
removing daemontools requirement |
511 |
|
- expand rsyslog.conf [SME: 11807] |
512 |
|
- redirect and rotate log for cvm-unix [SME: 11807] |
513 |
|
fix cvm-pre script permission |
514 |
|
- fix service stopping restarting on crash [SME: 11792] |
515 |
|
- fix typo [SME: 11314] |
516 |
|
- migrate to systemd [SME: 11314] |
517 |
|
- add update event [SME: 11125] |
518 |
|
|
519 |
|
e-smith-devtools |
520 |
|
- remove duplication with Dar backup [SME: 11993] |
521 |
|
- ease backup include and exclude of contribs [SME: 11993] |
522 |
|
- netlogon.bat +x [SME: 11566] |
523 |
|
- add update event [SME: 11126] |
524 |
|
|
525 |
e-smith-ibays |
e-smith-ibays |
526 |
- revert patch, wrong rpm |
- add missing elements to e-smith-ibays-update event to activate changes [SME: 11774] |
527 |
- add support for php-fpm |
- fix AH01797: client denied by server conf [SME: 11774] |
528 |
e-smith-lib |
use new require syntax for httpd 2.4 |
529 |
- add support for systemctl reload-or-restart, try-restart, enable -now |
- fix patch for SSLRequireSSL [SME: 8150] |
530 |
e-smith-ntp |
- force https if auth or dav are enabled [SME: 11407] |
531 |
- revert last change |
- merge SSL and SSLRequireSSL properties [SME: 8150] |
532 |
on sme10 systemd has ntpd disabled by default |
now SSLRequireSSL will force SSL to the html ibay directory and redirect to https |
533 |
e-smith-openssh |
- update php properties and folders [SME: 11412] |
534 |
- add Whitelist to AutoBlock using property sshd ValidFrom |
- remove last bit of atalk [SME: 668] |
535 |
- update client ciphers to use |
- add update event [SME: 11139] |
536 |
- add ciphers, macs and KexAlgorithms for server |
- remove hardcoded ports [SME: 10968] |
537 |
rssh |
- remove php3 reference [SME: 10869] |
538 |
smeserver-release |
- fix apache failing if ibay has dynamic content enabled and phpmodule is disabled [SME: 10871] |
539 |
- Bump new rpm for sme10 alpha5 |
- revert patch, wrong rpm [SME: 10871] |
540 |
smeserver-support |
- add support for php-fpm [SME: 10871] |
541 |
- obsoletes e-smith-starterwebsite |
|
542 |
smeserver-yum |
e-smith-lib-compspec |
543 |
- avoid missing template error after removal of a rpm |
- fix last dot erased on completion [SME: 11368] |
544 |
- restart php-fpm services when needed |
- error on incorect cmd input [SME: 4661] |
545 |
- applying patch |
- allow easy access to templates.metadata to expand desired files [SME: 11312] |
546 |
- fix NameError: global name 'yum_update_dbs' is not defined |
- add update event [SME: 11142] |
|
- use yum-cron with autoupdate feature |
|
547 |
|
|
548 |
|
e-smith-ntp |
549 |
|
- dedicated log and logrotate [SME: 12115] |
550 |
|
thanks to bunkobugsy for this patch |
551 |
|
- untainting fields [SME: 12107] |
552 |
|
- fix ntpd crashing with panic_stop [SME: 11298] |
553 |
|
- update override.conf to 50koozali.conf [SME: 11008] |
554 |
|
- adding missing folder /usr/lib/systemd/system/ntpd.service.d [SME: 11008] |
555 |
|
- fix typo in path for new driftfile [SME: 8881] |
556 |
|
- fix systemd-preset fragment [SME: 11008] |
557 |
|
add +x to ExecStartPRe script |
558 |
|
- improve systemd integration [SME: 11008] |
559 |
|
- change driftfile path [SME: 8881] |
560 |
|
- from service to systemd [SME: 11008] |
561 |
|
- add ntpd-update event [SME: 11009] |
562 |
|
- revert last change [SME: 10190] |
563 |
|
on sme10 systemd has ntpd disabled by default |
564 |
|
- revert last change [SME: 10190] |
565 |
|
on sme10 systemd has ntpd disabled by default |
566 |
|
|
567 |
|
e-smith-nutUPS |
568 |
|
- Misspelling in /usr/lib/systemd/system/nut.service file [SME: 11633] |
569 |
|
- fix start ordering nut.service [SME: 11488] |
570 |
|
- fix ExecStartPre path for /usr/lib/tmpfiles.d/nut-run.conf [SME: 11488] |
571 |
|
- fix ExecStartPre path for nut.service [SME: 11488] |
572 |
|
- fix template path for monitor [SME: 9423] |
573 |
|
- Fix preset line endings in 49-koozali.preset [SME: 11215] |
574 |
|
- add update event to avoid reboot [SME: 11146] |
575 |
|
- adapt nut UPS for systemd [SME: 9423] |
576 |
|
|
577 |
|
e-smith-packetfilter |
578 |
|
- restrict VPN networks to their interface [SME: 11640] |
579 |
|
remove remoteVPNSubnet property added VPNif property |
580 |
|
- fix dropin file not expanded on initial installation [SME: 11528] |
581 |
|
- fix noise on logrotate, doing a restart instead of reload [SME: 11451] |
582 |
|
- move ulogd to systemd [SME: 11426] |
583 |
|
- require ulogd 2 [SME: 11426] |
584 |
|
- remove pptpd last references [SME: 11420] |
585 |
|
- remove /usr/lib/systemd/system-preset/80-koozali-packetfilter.preset [SME: 10958] |
586 |
|
- drop pptpd support [SME: 11251] |
587 |
|
- launch masq using systemd unit [SME: 11089] |
588 |
|
- create event to avoid reboot on update [SME: 11122] |
589 |
|
|
590 |
|
e-smith-proxy |
591 |
|
- use httpd 2.4 access control syntax [SME: 11944] |
592 |
|
- fix squid starting before network [SME: 11713] |
593 |
|
also dropin file not expanded on install fixed |
594 |
|
- cleanup in /etc/rc.d and /var/service/squid [SME: 9692] |
595 |
|
|
596 |
|
e-smith-radiusd |
597 |
|
- redirect daemon log to its own file [SME: 11947] |
598 |
|
- workaround upstream missing definition of /var/run/radiusd/tmp [SME: 11859] |
599 |
|
- fix startup informational message Duplicate Auth-Type 'REJECT' [SME: 11736] |
600 |
|
- patch was blank, populate and apply [SME: 11736] |
601 |
|
- fix startup informational message Duplicate Auth-Type 'REJECT' [SME: 11736] |
602 |
|
- add db property PAP-auth [SME: 11735] |
603 |
|
- add/fix PAP-auth patch [SME: 11735] |
604 |
|
- fix WAP-auth patch [SME: 11718] |
605 |
|
- fix LDAP-auth patch [SME: 11719] |
606 |
|
- fix ssl template metadata patch [SME: 11680] |
607 |
|
- remove services2adjust in bootstrap-console-save event, this put systemd in a loop [SME: 11602] |
608 |
|
- ssl pem using template in place of copy [SME: 11602] |
609 |
|
- radiusd needs ldap started before [SME: 11302] |
610 |
|
- add Restart=always [SME: 11113] |
611 |
|
change group of pem file to radiusd |
612 |
|
- create -update event [SME: 11155] |
613 |
|
- move radiusd to systemd {SME: 11113] |
614 |
|
remove noise from spec file |
615 |
|
- fix server restartting with virtual_server error [SME: 10853] |
616 |
|
|
617 |
|
smeserver-audittools |
618 |
|
- display yum repo as seen by yum and db [SME: 10880] |
619 |
|
- add remi-safe in list of newrpms [SME: 11932] |
620 |
|
- fix temp event displayed by events audittool [SME: 11674] |
621 |
|
- fix links to different rpm rported as modified [SME: 11673] |
622 |
|
- add update event [SME: 11161] |
623 |
|
|
624 |
On behalf of the Koozali SME Server development team |
smeserver-yum |
625 |
- Compilation of release data is thanks to scripts developed by Ian Wells and |
- bump version number |
626 |
substantially improved by Jean Phillipe Pialasse |
- no reboot for dbus-glib [SME: 12091] |
627 |
|
- rephrase contrib update message [SME: 11543] |
628 |
|
- move mysqld to mariadb in smeserver plugin [SME: 11921] |
629 |
|
- remove force AutoInstallUpdates to disabled [SME: 11961] |
630 |
|
- fix rotate yum.log as not standard location [SME: 11951] |
631 |
|
- remove yum_update_dbs from messages log [SME: 11952] |
632 |
|
- restart cvm-unix on cvm or bglibs update [SME: 11886] |
633 |
|
- remove pop3 and pop3s services from plugin [SME: 11808] |
634 |
|
- fix restarting spamd instead of spamassassin [SME: 11803] |
635 |
|
- Re-word-reboot-required-message.patch [SME: 11790] |
636 |
|
- fix wrong qpsmtpd handling [SME: 11768] |
637 |
|
- add elrepo GPG key [SME: 11625] |
638 |
|
- no reboot needed for systemd-python [SME: 11609] |
639 |
|
- fix services stop on removal [SME: 11510] |
640 |
|
- run navigation-conf when a panel is installed [SME: 11507] |
641 |
|
- migrate back to normal CentOS mirrors after el6 EOL [SME: 11477] |
642 |
|
- version 2 with |
643 |
|
deleting yum{eolversion} if for previous release or not yet eol |
644 |
|
better handling of conditions |
645 |
|
- avoid reboot on removal of smeserver-* rpms [SME: 11458] |
646 |
|
- navigation-conf when a panel is installed |
647 |
|
- fix wrong path for rsyslog.conf [SME: 11364] |
648 |
|
- remove noise in yum process "overriding all signals, forcing restart" [SME: 11372] |
649 |
|
- packages installed logged both in yum.log and message [SME: 11364] |
650 |
|
- set priority to 10 for remi-safe [SME: 11360] |
651 |
|
- fix poor handling of service adjusting and action order [SME: 11300] |
652 |
|
now a temp event is created |
653 |
|
also better logging, better handling of update vs removal |
654 |
|
- make yum dbs service fork [SME: 11243] |
655 |
|
now smeserver.py plugin call the service |
656 |
|
yum-modify can use the service restart |
657 |
|
yum.service is its own service, not called by local.service |
658 |
|
- move yum upate db service to systemd [SME: 11180] |
659 |
|
- fix -update events not runt on package upgrade [SME: 11184] |
660 |
|
lower noise on forced restart |
661 |
|
- fix switch to vault BaseURL for CentOS [SME: 11227] |
662 |
|
- add remi-safe as base repo [SME: 11179] |
663 |
|
- smeserver-yum-update event created [SME: 11168] |
664 |
|
- fix separate action before template, and after service [SME: 11175] |
665 |
|
run all actions with post-upgrade as default event |
666 |
|
- fix some templates not expanded [SME: 11121] |
667 |
|
- fix smeserver.py not executing action because of wrong path [SME: 11047] |
668 |
|
- fix error when key absent of a dict of smeserver plugin at clean stage [SME: 10931] |
669 |
|
- avoid missing template error after removal of a rpm [SME: 10846] |
670 |
|
- restart php-fpm services when needed [SME: 10873] |
671 |
|
- applying patch [SME: 10690] |
672 |
|
- fix NameError: global name 'yum_update_dbs' is not defined [SME: 6940] |
673 |
|
- use yum-cron with autoupdate feature [SME: 10690] |
674 |
|
|
675 |
|
The changelogs are written per package On behalf of the Koozali SME Server development team |
676 |
|
- Compilation of release data is thanks to scripts developed by |
677 |
|
Ian Wells and substantially improved by Jean Phillipe Pialasse |