--- cdrom.image/sme10/README.txt 2018/12/28 03:33:50 1.4 +++ cdrom.image/sme10/README.txt 2021/06/07 01:25:48 1.12 @@ -1,38 +1,40 @@ -Koozali SME Server 10 Alpha 4 Release Notes -===================================== +Koozali SME Server 10 Final Release Notes "Justine" +============================================ -These are draft only and are in a constat state of update. - -27 Dec 2018 +07 June 2021 The Koozali SME Server development team is pleased to announce the -release of SME Server 10 Alpha 4 which will be the next major release of -SME Server. +release of SME Server 10 Final which will be the next major release of +SME Server. Code named "Justine" This release is based on CentOS 7. CentOS 7.# has an EOL of 30 June 2024. -*************************** -Koozali SME Server users should not upgrade production servers to this -release but those who can are encouraged to load the alpha to a +********************************************************** +Koozali SME Server users should not upgrade production servers to this. +Those with test servers are encouraged to load the release to a dedicated test machine and take part in the testing phase. -*************************** +********************************************************** Some notes on Koozali SME Server 10 can be found at https://wiki.contribs.org/SME_Server_10.0_Development -SME10 Roadmap - Alpha 4 -https://wiki.contribs.org/SME10_Roadmap#SME_10_Alpha_4 +SME10 Roadmap - +https://wiki.contribs.org/SME10_Roadmap#SME_10_Final Bug reports and reports of potential bugs should be raised in the bug tracker (and only there, please); https://bugs.koozali.org/ +Copy of releaase notes may be found here: +https://lists.contribs.org/pipermail/updatesannounce/ + Download ======== You can download SME Server 10 from https://mirror.koozali.org/smeserver/releases/testing/10/ -or for other methods see https://wiki.koozali.org/SME_Server:Download +or for other methods see: +https://wiki.koozali.org/SME_Server:Download Please note it may take up to 48 hours for mirrors to finish syncing, during this time you may experience problems. @@ -71,20 +73,53 @@ Notes ===== In-place upgrades are not supported. It is necessary to backup and then restore. -(Remember, testing purpose only) -The spare handling for RAID arrays is not implemented. +Restore of a sme9 console or workstation backup is now fully supported, there +are cautions to be aware of and followed. + +Single disk install no longer creates a degraded Raid1 array, Two or more disks +will be created as a Raid1-6 array, see wiki https://wiki.contribs.org/Raid + +The spare handling for RAID arrays is now implemented. + +Support for further Raid configuration on install is now implemented - see wiki + +New Server-Manager Framework, Mojolicious, is now well on the way to full implementation + +USB installs are once again fully supported, +Note: it is important to use recommended apps to create the boot media +See: https://wiki.koozali.org/Install_From_USB + +Netinstall is once again fully supported, additional repos easily added -USB installs are now supported, see: -https://wiki.koozali.org/Install_From_USB +Install to a system supporting a UEFI BIOS is also now fully supported -Current installer is still branded CentOS. A kickstart script allows you -to go through the graphical installation process. If your disk is not -empty, you will need to use the Anaconda interface to format it and -partition it. If it is empty all is automatic. You will have to set your -root password twice: once during Anaconda installation (you could use a -lame password), a second time in the Koozali SME server configuration -process. +Console backup, and workstation backup to removable storages is now fully supported. + +Koozali templating is now fully inegrated with systemd + +An enormouse number other under the hood changes, far to numerous to list here + +The work that has gone into getting SME 10 to this stage has been enormous, an attempt to list +and detail the work that has been done in recent months would not do justice to the effort +contributed by the following, + +thank you one and all: + +Jean Phillipe Pialasse +Michel Begue +Brian Read +Catton Durbrow +Chris Sansom-Ninnes +Jean-pierre Odion +Zsolt Vasarhelyi +John Crisp +Terry Fage + +there have also been many others who have done what they can, thank you: + +The changes that have been implemented to ensure the Koozali Sme Server way is fully implemented +have been far reaching, far to many to try and list, suffice to say long live "Justine". Major changes in this release ============================= @@ -92,166 +127,438 @@ This release is based on CentOS 7.# Changes in this release ======================= -see above and below +see above and below, too much to list General features ================ -- Based on CentOS 7.6.1810 and all available updates +- Based on CentOS 7.9.2009 and all available updates Detailed changes in this release ======================= -Only the changes since SME Server 10 Alpha3 are listed, mainly -autogenerated from the changelogs. +Only the changes since SME Server 10 RC1 are listed, mainly autogenerated from the changelogs. -Packages altered by Centos, Redhat, and Fedora-associated developers are -not included. +Packages altered by Centos, Redhat, and Fedora-associated developers are not included. -Backups +The changelogs are written per package -# e-smith-backup updated from 2.6.0-11.el7.sme to 2.6.0-12.el7.sme -- added patch for workstation backup lock [SME: 9127] -- code from Stefano Zamboni +SME built or modified packages - ChangeLogs -File Server +10 June 2021 -# e-smith-samba updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme -- fix typo in /server-resources/regedit/win10samba.reg [SME: 10515] +Backups +flexbackup +- fix package version and release 1.2.1-6.4 +- new source from debian packages repos 1.2.1-6.4 +- convert initial release +- remove /usr/share/lintian directory +- add convert script to doc directory +- add debian changelog to doc directory -# samba updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-common updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-common-tools updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-python updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-client-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-client updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-winbind-krb5-locator updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-dc updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-winbind-modules updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-dc-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-winbind-clients updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# libwbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-common-libs updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# libsmbclient updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -# samba-winbind updated from 4.4.4-14.6.el7.sme to 4.6.2-12.4.el7.sme -- import 4.6.2-12 [SME: 10429] -- change gnutls-devel >= 3.4.7 to gnutls-devel to allow build -- import to SME the two last upstream releases [SME: 10326] -- resolves: #1514314 - Fix CVE-2017-14746 and CVE-2017-15275 -- resolves: #1491213 - CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 -- resolves: #1484423 - Require at least krb5 version 1.15.1 -- resolves: #1484713 - Fix password changes for users via smbpasswd -- resolves: #1484723 - Be more graceful on FSCTL_VALIDATE_NEGOTIATE_INFO - returned errors -- resolves: #1481188 - Fix 'net ads changetrustpw' -- resolves: #1459936 - Fix regression with "follow symlinks = no" -- resolves: #1461336 - Fix smbclient username parsing -- resolves: #1460937 - Fix username normalization with winbind -- resolves: #1459179 - Fix smbclient session setup printing -- related: #1277999 - Add missing patchset -- resolves: #1431986 - Fix expand_msdfs VFS module +File Server +e-smith-proftpd +- restart proftpd on ssl-update [SME: 11603] +- cleanup in /etc/rc.d [SME: 9692] +- redirect log away from message [SME: 11384] +- fix circular Conflict with proftpd [SME: 11357] +- improve protect from proftpd.service running [SME: 11106] +- protect from proftpd.service running in place of ftp.service [SME: 11106] +- remove system-preset file from usr [SME: 10958] +- SSL crt and key to self signed if path does not exist [SME: 11316] +- add Requires=runit.service [SME: 11245] +- execute systemd-reload before service adjust in events [SME: 11228] +- remove S95reset-unsavedflag [SME: 11229] +- Remove ftp from 'init.d/supervise' [SME: 11106] [SME: 11150] +- Move ftp service to systemd [SME: 11106] +- Create e-smith-proftpd-update event [SME: 11150] + +e-smith-samba +- netlogon.bat +x [SME: 11566] +- add possibility to reenable allow execute always on ibays homes or everywhere [SME: 11555] +- fix double entries for min protocol [SME: 11558] +- clean rsyslog syntax for smbd and nmbd [SME: 11422] +- fix noise in message log from nmbd and smbd redirected to dedicated logs [SME: 11349] +- allow using user-create-profiledir action with temp or package-update events [SME: 11348] +- fix log noise for smb.service [SME: 11157] +- add Restart=always [SME: 11118] +- add Restart=always [SME: 11117] +- migrate nmbd to systemd [SME: 11118] +- migrate smbd to systemd [SME: 11117] + create generik smb.service service +- create e-smith-samba-update event [SME: 11157] +- Fix mutex locking [SME: 11199] +- Fix pid directory [SME: 11198] +- Add /etc/krb5.conf as template using templates from smeserver-samba [SME: 11093] +- remove win98pwdcache.reg from server-resources [SME: 9060] +- set min server and client protocol SMB2 [SME: 10576] + add check so max always greater than min +- add port 445 if min server protocol is SMB2 or SMB3 [SME: 10963] LDAP +e-smith-ldap +- fix wrong path for templates.metadata [SME: 11595] +- use template for ssl pem [SME: 11595] +- fix ldap failing to start on initial boot [SME: 11480] +- fix wrong alias to ldap.init [SME: 11301] +- add -update event [SME: 11140] +- move ldap to systemd [SME: 11099] +- move ldap.init to systemd [SME: 11096] +- New protocol default as TLSv1.2 [SME: 10936] + New property TLSProtocolMin + Ciphers are now ordered with stronger first Localisation - -# smeserver-locale updated from 2.6.0-9.el7.sme to 2.6.0-11.el7.sme -- apply locale 2018-12-14 patch -- apply locale 2017-12-02 patch +smeserver-locale +- apply local 2021-05-12.patch [SME: 11593] +- apply local 2021-01-09.patch [SME: 11310] +- apply local 2019-12-07.patch Mail Server - -# clamav updated from 0.99.2-1.el7.sme to 0.100.2-1.el7.sme -- Update to 0.100.2 [SME: 10578] - -# e-smith-pop3 updated from 2.6.0-2.el7.sme to 2.6.0-3.el7.sme -- fix undefined fqdn for pop3 [SME: 10257] - -# qpsmtpd updated from 0.96-18.el7.sme to 0.96-19.el7.sme -- add support to force spamcheck on specific IP for fetchmail [SME: 10290] - -# smeserver-qpsmtpd updated from 2.6.0-30.el7.sme to 2.6.0-32.el7.sme -- add forcespamcheck support for fetchmail [SME: 10290] -- Log DMARC reporting in syslog instead of sending email to the admin. - Also suppress SSL connection failed warnings [SME: 10298] - -# djbdns updated from 1.05-8.el7.sme to 1.05-10.el7.sme +djbdns +- import modification from SME9 [SME: 11548] - improve short ttl cname resolution and glueless answer from akadns [SME: 8362] -- 500-cutom-dnscache-maxloop.patch: increase QUERY_MAXLEVEL 5->10 , set QUERY_MAXLOOP 160 ---import patches from openwrt and rename already applied patches ---fix security issues [SME: 10374] -- 020-dnsroots-update.patch: update list of root DNS servers -- 070-dnscache-dpos-tcp-servfail.patch: SERVFAIL rename previous patch dns_transmit-bug.patch -- 080-dnscache-cache-negatives.patch: rfc2308 ? -- 210-dnscache-strict-forwardonly.patch: rename previous patch dnscache-strict-forwardonly.patch -- 240-tinydns-alias-chain-truncation.patch: rename previous patch tinydns-alias-chain-truncation.patch -- 270-dnscache-sigpipe-fix.patch: SIGPIPE -- 300-bugfix-dnscache-dempsky-poison.patch: CVE-2009-0858 -- 310-bugfix-dnscache-merge-outgoing-requests.patch: CVE-2008-4392 -- 320-bugfix-dnscache-cache-soa-records.patch: CVE-2008-4392 -- 450-dnscache-ghost-domain-CVE-2012-1191.patch: CVE-2012-1191 http://marc.info/?l=djbdns&m=134190748729079&w=2 ---bug fixes [SME: 10374] -- 060-dnscache-big-udp-packets.patch: accept and handle longer than 512 bytes UDP packets -- 230-tinydns-data-semantic-error.patch: handle semantic error to avoid publishing false dns records ---fix issue with short ttl cname like akamaid [SME: 8362] -- 200-dnscache-cname-handling.patch: rename previous patch dnscache-cname-handling.patch -- 330-fix-dnscache-cname-handling.patch: fix dnscache cname for short ttl -- 500-cutom-dnscache-maxloop.patch: set max loop to 200 ---needed for previous patches to apply cleanly -- 030-srv-records-and-axfrget.patch: add SRV record type and axfr-get decompose SRC and PTR records (for 230-*.patch) -- 050-tinydns-mmap-leak.patch: report cdb leak -- 080-dnscache-cache-negatives.patch: rfc2308 ? -- 090-tinydns-one-second.patch: improve tinydns with 8 or more concurent connections (for 240-*.patch) -- 120-compiler-temporary-filename.patch: change tmp filename to avoid conflicts (for 230-*.patch) - -# smeserver-spamassassin updated from 2.6.0-7.el7.sme to 2.6.0-8.el7.sme -- disable auto_learn by default when enabling Bayes [SME: 8160] -- added properties UseBayesAutoLearn, BayesAutoLearnThresholdSpam and BayesAutoLearnThresholdNonSpam +- 500-cutom-dnscache-maxloop.patch: set QUERY_MAXLEVEL 5 QUERY_MAXLOOP 500 QUERY_MAXNS 16 [SME: 10300] -# e-smith-qmail updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme -- Update aliases files for every groups passed as argument [SME: 10386] +e-smith-email +- add new RAR file signatures to default mailpatterns database [SME: 11265] +- webmail is only SSL [SME: 11443] +- create -update event [SME: 11133] +- move smtp-auth-proxy to systemd [SME: 11102] +- allow creation of pseudonyms with setting of local only [SME: 3802] + +qmail +- add remote tls transport for qmail-remote [SME: 9349] +- updated release number higher than SME9 +- now TLS and EHLO are defined to allow proper compilation +- add DEBUG flag for the moment to help configuring -DDEBUG=1 + +smeserver-clamav +- fix typo and missing +x [SME: 11520] +- fix issues with non epel standard scan.conf [SME: 11520] + move clamd.conf to scan.conf + remove alias for clamtop + add a wrapper for clamdscan to force --fdpass +- ease use of clamdtop [SME: 11313] +- fix Transaction check error [SME: 11311] +- add pid folder /run/clamd/ [SME: 11103] + few improvements +- create update event [SME: 11162] +- Updated to use 0.103+ from EPEL [SME: 11194] +- Updated to use systemd for clamd [SME: 11103] +- Updated to use systemd for freshclam [SME: 11104] +- increase lower memory limit to 1GB [SME: 10833] +- fix for AllowSupplementaryGroups warning [SME: 10813] + thanks to bunkobugsy + +smeserver-dovecot +- ssl pem update via template expand in place of copy [SME: 11601] +- clean rsyslog syntax for dovecot [SME: 11422] +- add Restart=always [SME: 11101] +- fix path for event -update [SME: 11101] +- cleanup /var/service/dovecot [SME: 11101] + close logger and service from previous runit instance before starting systemd one +- add systemd drop-in expand in bootstrap-console-save, console-save, post-install, post-upgrade [SME: 11101] +- move service to systemd [SME: 11101] +- add imap idle notify interval setting [SME: 10947] +- fix typo in enabling TLSv1.2 as default [SME: 10934] +- fix typo in 35ssl template [SME: 10934] +- fix typo in createlinks [SME: 10932] +- revert property names with period in it [SME: 10934] +- add property AcceptFullEmail with enabled as default [SME: 9865] + +smeserver-qpsmtpd +- update depreacted reject_threshold to reject [SME: 11492] +- remove /usr/lib/systemd/system-preset/80-koozali-qpsmtpd.preset [SME: 10958] +- modify for clamav 0.103.0 [SME: 11210] +- roll up patches +- add Requires=runit.service (qpsmtpd & sqpsmtpd) [SME: 11245] +- fix service not enabled [SME: 11107] + remove reset-unsavedflag +- Move qpsmtpd & sqpsmtpd services to systemd [SME: 11107] +- Create smeserver-qpsmtpd-update event [SME: 11164] +- expand badrcptto_ext when needed [SME: 10638] + this avoid user, group or pseudonyms for internal purpose to be reachable + from outside +- minimum Protocol TLSv1.0 [SME: 10460] + better ciphers order. + +smeserver-spamassassin +- prevent noise in log at spamassassin call from qpsmtpd [SME: 11491] +- clean rsyslog syntax for spamd [SME: 11422] +- remove warning while trying to delete file when missing in post script [SME: 11375] +- remove spamd reference as service use spamassassin.service [SME: 11375] + migrate spamd propertie SpamLearning to spamassassin + template for /etc/sysconfig/spamassassin, revert --allow-tell option + stop spamassassin spamd and delete /etc/systemd/system/spamassassin.service link if exists +- fix typo [SME: 11361] +- fix spamd unable to load [SME: 11361] +- redirect spamd loging to spamd.log instead of message [SME: 11362] +- add requires DCC as we have built it [SME: 11065] +- fix smeserver-spamassassin-update event fix [SME: 11166] +- Start systemd migration. Remove symlinks [SME: 11224] +- remove refresh clam as this will be provided by clamav +- require spamassassin 3.4.4 + Server manager - -php -- load openssl configuration file on startup #1408301 -- gd: fix buffer over-read into uninitialized memory CVE-2017-7890 -- fix php should provide php(httpd) #1215429 -- fpm: backport PHP-FPM's clear_env option from 5.4.27 #1410010 -default value is "yes", preserving previous behaviour -- openssl: fix default_socket_timeout does not work with SSL #1378196 -- gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167 -- gd: Signed Integer Overflow gd_io.c CVE-2016-10168 +e-smith-formmagick +- fix wrong PATH which makes fail grub reconfiguration [SME: 11556] +- increase CSRF timeout from 120s to 180s [SME: 10902] + added property httpd-admin{csrfTimeout} in second to override + added hability to ovarride the Timeout from panel to panel +- add update event [SME: 11136] +- add locale for CSRF [SME: 10626] +- add CSRF patch [SME: 10626] - thank you to Daniel Berteaud Webmail and Groupware +smeserver-horde +- fix missing call to perl module emsith::php [SME: 11489] +- clean rsyslog syntax for horde [SME: 11422] +- improved php basedir, with filtering of noise for gpg [SME: 10945] +- force SSL for horde [SME: 11443] +- fix horde not honoring switch to php-fpm 5.4 [SME: 11433] +- update mail settings for the php-pool [SME: 11431] +- spamd SpamLearning property migrated to spamassassin SpamLearning [SME: 11376] +- Configuration is not up to date, hash to update [SME: 11308] +- fix wrong template path for php55, php56 and php [SME: 11255] +- fix webmail not accessible after enabling from manager [SME: 11233] +- update rsyslog syntax [SME: 11016] + move fragment so syntax is similar to message +- remove harcoded ports [SME: 10969] +- add gpg to php base dir [SME: 10945] +- workaround logging noise caused by libsasl [SME: 10943] +- log as admin and not admin@domain for cli tasks [SME: 10910] +- fix ingo imap preferences [SME: 10912] +- allow httpd-auth for calendar, tasks access using rpc.php ... [SME: 10908] +- add smeserver-horde-update event [SME: 10909] +- avoid loss of user parameter on Primary Domain change [SME: 1005] + this will also avoid the loss of parameter if we log with a different virtualhost + horde preference is now stored with the SME username without @domain +- fix bad regex to strip domain [SME: 10224] + also we can now force Primary domain to use as default email + we can strip heading string from virtualhost domain to create email + default identity email will update as long as no other identity is created for the user +- fix typo in php-fpm patch [SME: 10872] +- remove php3 references [SME: 10866] +- remove strict and warning alert from error log [SME: 10823] +- dedicated php-fpm pool for horde [SME: 10872] +- apply patches from John H. Bennett III [SME: 10717] +- cvs admin -ko on patch1 Web Server +e-smith-apache +- add possibility to force https on LAN only [SME: 11511] + usefull for VPN over port 443 +- prevent httpd to fail if modSSL defined certs does not exist [SME: 10826] + default on self generated cert +- create-update event [SME: 11123] +- move httpd-e-smith to systemd [SME: 11111] + changed sigusr1 used in events to reload as defined in the unit file +- give a logger to httpd-e-smith : journald [SME: 1416] +- set default SSLStrictSNIVHostCheck to off [SME: 8693] +- add SNI support for individual certificates per VirtualHosts [SME: 8693] +- port 80 and 443 should not be hardcoded [SME: 9192] +- e-smith-apache removing hardcoded ports [SME: 10966] +- remove php3 and php4 refs [SME: 10867] +- disable TLSv1 TLSv1.1 by default [SME: 10459] Other fixes and updates +e-smith-base +- add local domains in self signed cert alt subjects [SME: 11624] + add local hosts in self signed cert alt subjects + modSSL property to disable hosts domains addition : AddDomains AddHosts + default is enabled when empty +- fix missing export [SME: 11620] +- fix issue with adding new user to the ldap db [SME: 11607] +- always renew self signed certificate [SME: 11552] + update key / crt if not signed with the right key size + default to self signed if custom cert and key are not files or not rigth type + add perl module to help handle certificates and keys + TODO: check if both key and cert are related, if not default to self signed +- fix openssl.conf not generated when openldap field are empty [SME: 11569] +- fix missing path to systemctl for add-wants [SME: 11537] +- merge dhcpdmanager custom template fragments with core [SME: 10657] +- remove templates-custom previously owned by a contrib [SME: 11508] + they got migrated as part as normal backup restore +- fix masq failing on initial boot [SME: 11479] +- removing weekly cron for ddns update, targeted script has been removed [SME: 11470] +- revert e-smith-service file [SME: 9692] +- add systemctl wrapper [SME: 11345] +- clean rsyslog syntax for dhcpd [SME: 11422] +- cleanup /etc/rc.d and /var/service [SME: 9692] +- remove klogd references [SME: 11363] +- restore part of pptp code and move to generik vpn entry [SME: 11374] +- drop dyndns core support [SME: 11415] +- fix enabled service not started on reboot [SME: 11355] + unless a power outage, as long as you reboot, halt or shutdown systemd will + be in sync +- fix console::startup run twice [SME: 11358 ] +- improve run order in systemd-default [SME: 11356] +- fix uninitialized value during post-install [SME: 11350] +- fix user with rssh shell need to be member of rsshusers group [SME: 9155] +- add missing /sbin/e-smith/bootstrap-runlevel7 [SME: 11318] +- fix typo for isolate [SME: 11246] +- separate bootstrap-console from run level service launch [SME: 11318] +- only run isolate if sme-server.target is not active [SME: 11246] +- update system-preset usr/lib file [SME: 10958] +- fix loss of httpd basic auth [SME: 11309] +- fix services starting when they are in Wants= for sme-server.target and preset disabled [SME: 11247] +- rewrite of manageRAID.pl and add_drive_to_raid for SME10 [SME: 10918] +- added gdisk as a dependency to support GPT systems +- fix modSSL key crt and keychain files really exist [SME: 11252] +- add ldap.init as exception for preset +- fix init-accounts [SME: 9642] +- validate modSSL key crt and keychain files really exist [SME: 11252] + if not we use self generated +- drop pptpd support [SME: 11250] +- add bash-completion [SME: 11244] +- improve local service to systemd [SME: 11119] + now run rc.local file as part of the event +- move local service to systemd [SME: 11119] + make it run /etc/rc.d/rc.local + cleaning /var/service/syslog still there +- workaround drop-in install section ignored by systemctl preset [SME: 11231] + some cleanup +- remove S95reset-unsavedflag [SME: 11229] +- add exclusion for lpd [SME: 11006] +- execute systemd-reload before service adjust in events [SME: 11228] +- fix ExecStart for raidmonitor [SME: 11094] +- fix permission for /sbin/e-smith/systemd/mdmonitor-pre [SME: 11094] +- Don't ask for confirmation to save changes on first install configuration [SME: 11193] +- Fix RAID detection regex for disk redundancy screen [SME: 10918] +- add Install part of systemd unit [SME: 11100] +- move dhcpd to systemd [SME: 11100] +- get dhcpd log out of message [SME: 2408] + also configure logrotate for /var/log/dhcpd/dhcpd.log and /var/log/dhcpd/current +- reverte previous changes for service2adjust and util.pm [SME: 11177] + files are owned by e-smith-lib +- allow more systemctl controls [SME: 11177] + convert unrecognized signals from service2adjust in events for systemd + handle unsupervised services the same way supervised were in adjust-services + make service-status only log when service disabled and not fail it +- add template for /etc/systemd/system-preset/49koozali.preset [SME: 11174] + +e-smith-devtools +- netlogon.bat +x [SME: 11566] +- add update event [SME: 11126] + +e-smith-domains +- setup dns services on domain creation and other events [SME: 10115] +- avoid encoding of utf strings in domain table [SME: 11391] + this will mess with some languages +- Create e-smith-domains-update event [SME: 11128] + +e-smith-grub +- set missing locale if update-grub called by server-manager [SME: 11559] +- fix unable to boot on a non xfs root filesystem [SME: 11365] +- cleanup remove /boot/grub dir [SME: 11354] +- Add support for EFI systems [SME: 10998] +- add update event [SME: 11137] + +e-smith-lib +- update copyright dates, and make it easier to change from spec file [SME: 11570] +- partial revert of signals [SME: 11177] + signal s not passed to runit services (dnscache*, qmail, qpsmtpd...) + services handled by systemd crash if they do not have Restart=always defined +- add support for signals SIG* with systemd [SME: 11177] + fix typo for reload-or-try-restart + unsupervised services: really stop when disabled and start stopped enabled ones +- remove error when sending sighup event [SME: 11177] +- allow more systemctl controls [SME: 11177] + convert unrecognized signals from service2adjust in events for systemd + handle unsupervised services the same way supervised were in adjust-services +- create e-smith-lib-event [SME: 11141] +- add support for systemctl reload-or-restart, try-restart, enable -now [SME: 10848] + +e-smith-nutUPS +- fix start ordering nut.service [SME: 11488] +- fix ExecStartPre path for /usr/lib/tmpfiles.d/nut-run.conf [SME: 11488] +- fix ExecStartPre path for nut.service [SME: 11488] +- fix template path for monitor [SME: 9423] +- Fix preset line endings in 49-koozali.preset [SME: 11215] +- add update event to avoid reboot [SME: 11146] +- adapt nut UPS for systemd [SME: 9423] + +e-smith-packetfilter +- fix dropin file not expanded on initial installation [SME: 11528] +- fix noise on logrotate, doing a restart instead of reload [SME: 11451] +- move ulogd to systemd [SME: 11426] +- require ulogd 2 [SME: 11426] +- remove pptpd last references [SME: 11420] +- remove /usr/lib/systemd/system-preset/80-koozali-packetfilter.preset [SME: 10958] +- drop pptpd support [SME: 11251] +- launch masq using systemd unit [SME: 11089] +- create event to avoid reboot on update [SME: 11122] + +e-smith-radiusd +- remove services2adjust in bootstrap-console-save event, this put systemd in a loop [SME: 11602] +- ssl pem using template in place of copy [SME: 11602] +- radiusd needs ldap started before [SME: 11302] +- add Restart=always [SME: 11113] + change group of pem file to radiusd +- create -update event [SME: 11155] +- move radiusd to systemd {SME: 11113] + remove noise from spec file +- fix server restartting with virtual_server error [SME: 10853] + +smeserver-release +- Bump new rpm for sme 10.0 final +- Bump new rpm for sme10 release candidate 1 +- updating release number everywhere [SME: 11366] +- Bump release to 1 as buildsys believe 1.alpha5 is newer than 0.beta1 [SME: 11317] +- Bump new rpm for sme10 beta1 [SME: 11317] +- add update event [SME: 11165] +- Bump new rpm for sme10 alpha5 + +smeserver-support +- fix copyright date and make it easier to update from spec file [SME: 11568] +- fix typo and wording [SME: 11535] +- add update event [SME: 11167] +- revert update of samba using upstream CentOS repo [SME: 11196] +- obsoletes e-smith-starterwebsite [SME: 8903] + +smeserver-yum +- no reboot needed for systemd-python [SME: 11609] +- fix services stop on removal [SME: 11510] +- run navigation-conf when a panel is installed [SME: 11507] +- migrate back to normal CentOS mirrors after el6 EOL [SME: 11477] +- version 2 with + deleting yum{eolversion} if for previous release or not yet eol + better handling of conditions +- avoid reboot on removal of smeserver-* rpms [SME: 11458] +- navigation-conf when a panel is installed +- fix wrong path for rsyslog.conf [SME: 11364] +- remove noise in yum process "overriding all signals, forcing restart" [SME: 11372] +- packages installed logged both in yum.log and message [SME: 11364] +- set priority to 10 for remi-safe [SME: 11360] +- fix poor handling of service adjusting and action order [SME: 11300] + now a temp event is created + also better logging, better handling of update vs removal +- make yum dbs service fork [SME: 11243] + now smeserver.py plugin call the service + yum-modify can use the service restart + yum.service is its own service, not called by local.service +- move yum upate db service to systemd [SME: 11180] +- fix -update events not runt on package upgrade [SME: 11184] + lower noise on forced restart +- fix switch to vault BaseURL for CentOS [SME: 11227] +- add remi-safe as base repo [SME: 11179] +- smeserver-yum-update event created [SME: 11168] +- fix separate action before template, and after service [SME: 11175] + run all actions with post-upgrade as default event +- fix some templates not expanded [SME: 11121] +- fix smeserver.py not executing action because of wrong path [SME: 11047] +- fix error when key absent of a dict of smeserver plugin at clean stage [SME: 10931] +- avoid missing template error after removal of a rpm [SME: 10846] +- restart php-fpm services when needed [SME: 10873] +- applying patch [SME: 10690] +- fix NameError: global name 'yum_update_dbs' is not defined [SME: 6940] +- use yum-cron with autoupdate feature [SME: 10690] + +These are either not SME modified Packages, or are kernel mods. +clamav +libprelude +sendmail -# e-smith-base updated from 5.8.0-35.el7.sme to 5.8.0-38.el7.sme -- icleaning xinetd.conf fragment out of the package [SME: 10219] -- revert previous change - wrong package -- added post transaction rule for ntp [SME: 10190] -- thank you to Stefano Zamboni for this work - -# smeserver-yum updated from 2.6.0-16.el7.sme to 2.6.0-17.el7.sme -- add yum-plugin-post-transaction-actions as requirement [SME: 1100] - -# e-smith-devtools updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme -- ease update of e-smith-devtools on non SME builders [SME: 10536] - -# smeserver-support updated from 2.8.0-12.el7.sme to 2.8.0-15.el7.sme -- exclude libtevent,python-tevent from base and updates to avoid conflict with localy build version of samba [SME: 10573] -- add back perl(LWP::Protocol::https) support [SME: 10516] -- upstream samba packages were not all excluded [SME: 10428] - -# e-smith-ntp updated from 2.6.0-3.el7.sme to 2.6.0-4.el7.sme -- added post transaction rule for ntp [SME: 10190] -- thank you to Stefano Zamboni for this work - -# e-smith-lib updated from 2.6.0-6.el7.sme to 2.6.0-7.el7.sme -- Skip tap_soft interfaces (eg SoftEther, code from Hsing-Foo Wang) - [SME: 10445] - +The changelogs are written per package On behalf of the Koozali SME Server development team +- Compilation of release data is thanks to scripts developed by Ian Wells and substantially improved by Jean Phillipe Pialasse -On behalf of the Koozali SME Server development team +Terry Fage