| 1 |
SME Server 7.4 Release Announcement |
SME Server 7.5.1 Release Announcement |
| 2 |
=================================== |
=================================== |
| 3 |
|
|
| 4 |
November 21 2008 |
June 27 2010 |
| 5 |
|
|
| 6 |
The SME Server development team is pleased to announce the release of |
The SME Server development team is pleased to announce the release of |
| 7 |
SME Server 7.4. This release is based on CentOS 4.7. Other major changes |
SME Server 7.5.1 This is a patch release for SME 7.5 to resolve |
| 8 |
in this release are the use dar for backups and the change to UTF-8 |
problems seen by some VPN users, and other minor fixes. |
|
along with translation into 6 additional languages. |
|
|
|
|
|
|
|
|
All SME Server users should upgrade to this release. |
|
| 9 |
|
|
| 10 |
The release should be obtained from your closest mirror, see |
The release should be obtained from your closest mirror, see |
| 11 |
http://wiki.contribs.org/SME_Server:Download |
http://wiki.contribs.org/SME_Server:Download |
| 12 |
|
|
| 13 |
Bug reports and reports of potential bugs should be raised |
Bug reports and reports of potential bugs should be raised in the bug |
| 14 |
in the bug tracker (and only there, please); |
tracker (and only there, please); |
| 15 |
|
|
| 16 |
http://bugs.contribs.org/ |
http://bugs.contribs.org/ |
| 17 |
|
|
| 18 |
|
|
| 19 |
Please Note |
Please Note |
| 20 |
=========== |
=========== |
| 21 |
It may take up to 48 hours for mirrors to finish syncing, |
It may take up to 48 hours for mirrors to finish syncing, during this |
| 22 |
during this time you may experience problems. |
time you may experience problems. |
| 23 |
|
|
| 24 |
|
|
| 25 |
About SME Server |
About SME Server |
| 28 |
SME Server is the leading Linux distribution for small and medium |
SME Server is the leading Linux distribution for small and medium |
| 29 |
enterprises. |
enterprises. |
| 30 |
|
|
| 31 |
SME Server is freely available under the GNU General Public License |
SME Server is freely available under the GNU General Public License and |
| 32 |
and is only possible through the efforts of the SME Server community. |
is only possible through the efforts of the SME Server community. |
| 33 |
However, the availability and quality of SME Server is dependent on |
However, the availability and quality of SME Server is dependent on |
| 34 |
meeting our expenses, such as hosting costs, server hardware, etc. |
meeting our expenses, such as hosting costs, server hardware, etc. |
| 35 |
|
|
| 36 |
|
This release is based on CentOS 4.8. |
| 37 |
|
|
| 38 |
|
|
| 39 |
Thanks |
Thanks |
| 40 |
====== |
====== |
| 41 |
The development team would like to thank all of those involved in |
The development team would like to thank all of those involved in this |
| 42 |
this release. However, this distribution cannot continue with the |
release. More people are required to help with bug triage and |
| 43 |
current level of support. More people are required to help with |
verification testing. |
|
bug triage and verification testing. |
|
|
|
|
|
|
|
|
This release contains many new features, all released updates for |
|
|
SME Server 7.3 and fixes for many reported problems. Upgrades |
|
|
will be available by CD, the Software Installer and command line. |
|
| 44 |
|
|
| 45 |
|
|
| 46 |
Upgrades |
Upgrades |
| 47 |
======== |
======== |
| 48 |
|
Upgrades are available by CD, the Software Installer and command line. |
| 49 |
- Always perform a backup prior to major system upgrades |
- Always perform a backup prior to major system upgrades |
| 50 |
- An upgrade will preserve the existing data |
- An upgrade will preserve the existing data |
| 51 |
|
|
| 53 |
Changes in this release |
Changes in this release |
| 54 |
======================= |
======================= |
| 55 |
|
|
|
Installer |
|
|
--------- |
|
|
- Fix grub label to keep consistent with the SME Server brand. |
|
|
|
|
|
Mail system changes |
|
|
------------------- |
|
|
- Introduce a web interface to configure the pseudonym "visible" property |
|
|
(internal|external) |
|
|
- New feature now allows a "catch all" situation where you have the ability |
|
|
to redirect "@virtualdomain1.com" to user "joe". |
|
|
- Fix the "Ugly" log messages (Use of uninitialized value) when spam checking |
|
|
results in 0 hits. |
|
|
- Emails sent to a null address like ""@domain without the username part |
|
|
are now rejected. |
|
|
- qplogsumm is a optional feature that should be disabled by default. |
|
|
- A request that the log information is reduced with the default loglevel |
|
|
setting of 6 in qpsmtpd. |
|
|
- Support for sending mail to ISP via Secure SMTP |
|
|
- Enable the auth plugin for local lan connections |
|
|
- Migrate (remove) "ordb.net" from the RBL lists to prevent mail bouncing. |
|
|
- Remove blackhole.securitysage.com as service no longer in use. |
|
|
- Remove sbl-xbl.spamhaus.org from default lists and use a more improved |
|
|
list in zen.spamhaus.org. |
|
|
|
|
|
Console |
|
|
------- |
|
|
- Improved validation will check password on first enter password screen |
|
|
before verifying if too simple then asking to verify and proceed to |
|
|
configuration of server. |
|
|
- Passwords should be validated for strength on first entry rather than |
|
|
waiting for the second confirmation entry. |
|
|
- The console should validate passwords using the common method, |
|
|
using esmith::util::validatePassword |
|
|
- The last item in the server console, "Exit from server console", is removed |
|
|
as it is redundant. |
|
|
- Display frames in console server-manager. |
|
|
When browsing server-manager through console pressing 'H' goes to |
|
|
http://localhost/server-manager |
|
|
|
|
| 56 |
Backups |
Backups |
| 57 |
------- |
------- |
| 58 |
- Backups now use dar which enables a backup to consist of more than 2GB |
- Restoring from a Workstation Backup showed a false failure. |
| 59 |
of data to a workstation in any of the following supported methods: |
- The Workstation Backup panel now removes leading and trailing spaces |
| 60 |
cifs, nfs or local usb disk. It also gives the option to set how many |
from the hostname. |
|
rotating backups are required and allows to split size of backup |
|
|
to DVD size. |
|
|
- Removed 'restore from desktop' functionality |
|
|
- The error codes from tar are now logged, in line with flexbackup, and do not |
|
|
cause a backup to fail. |
|
|
- A Iomeage USB REV-drive was by default mounted in /media as a cdrom device. |
|
|
It is now automagically mounted as an usbdisk so it can be used as a backup |
|
|
device without manual intervention. |
|
|
- Set dar compression to default to gzip |
|
|
- dar backup to be less verbose in panel |
|
|
- Correct mounting for usb disks |
|
|
- no compression for ogg media files |
|
|
- Make dar use defined list of directories to backup |
|
|
- Remove obsolete smbfs backup method |
|
|
|
|
| 61 |
|
|
| 62 |
Localisation |
Localisation |
| 63 |
------------ |
------------ |
| 64 |
As part of a major update with translations we have added six new |
- Latest translation updates. |
| 65 |
languages and made it much easier to add other languages in the |
- Fix translation of local nic string in console. |
|
future. |
|
|
|
|
|
We now support the following languages in the server-manager: Danish, |
|
|
Dutch, English, French, Greek, German, Hungarian, Indonesian, Italian, |
|
|
Portuguese, Slovenian, Spanish and Swedish. |
|
|
|
|
|
We have made major strides to assist the non-English community by |
|
|
using a tool called pootle. This is a web based translation tool that |
|
|
will allow new languages to be added and existing languages to be more |
|
|
easily maintained. |
|
|
|
|
|
We have cleaned up a lot of the packages as a part of getting them to |
|
|
work with pootle. Another big change as part of this upgrade is the |
|
|
switch from ISO-8859-1 (Latin) charset to UTF-8 (Universal) charset, |
|
|
this will allow us to support languages that don't use latin |
|
|
characters (like Greek). |
|
|
|
|
|
Other fixes include updated translations for the existing languages. |
|
|
|
|
|
Software Installer |
|
|
------------------ |
|
|
- smeextras repository added, it is used for building the installer and ISO |
|
|
- The yum-update event now includes the yum-import-keys action to allow |
|
|
users to update yum packages and configuration without rebooting, |
|
|
which enables updating when there is a compatibility problem. |
|
|
- Correct yum-update-dbs action to adjust yum service properly. |
|
|
- The BaseURL property has been removed for repos with mirrorlists. |
|
|
- The message "This system is up to date." is displayed if no updates are |
|
|
available. |
|
| 66 |
|
|
| 67 |
Webmail |
Mail Server |
| 68 |
------- |
----------- |
| 69 |
- Horde, imp, turbo and ingo have been updated to the latest versions |
- Implement a database key (TlsBeforeAuth) to allow SMTP |
| 70 |
- Support the ability to save user kronolith free/busy information to the LDAP |
Authentication without TLS. The default remains to require TLS before |
| 71 |
database. |
Auth (introduced in SME 7.5). |
|
- Servers with a custom template for 110AppRegistryHorde found webmail no |
|
|
longer worked. |
|
|
- The name of the webmail installation is now configurable. |
|
|
To use - config setprop horde Name xxxx ; signal-event email-update. |
|
| 72 |
|
|
| 73 |
Server manager |
Server manager |
| 74 |
-------------- |
-------------- |
| 75 |
- The name of the log file being viewed via the Server Manager 'View log |
- Add option to limit port forwarding by source ip address. |
| 76 |
files' is now displayed as the first line. |
- Enable port forwards to localhost if mode is serveronly. |
| 77 |
- Disabling the daily update check in the server-manager did not stop the |
- Text description added for each Port Forwarding. |
|
check4updates task sending mail to the server administrator. |
|
|
- Server-manager > printers > add printer - now advises users to avoid |
|
|
certain names and descriptions as this causes printer state to be incorrect. |
|
|
- Fix the Unknown heading in server-manager after an update. |
|
|
- Fix inconsistency within the navigation.xx files which no longer adds extra |
|
|
spaces and newlines in panel headers. |
|
|
- The Anti-virus (ClamAV) panel text was updated to remove the word 'entire' |
|
|
as this could be misleading. |
|
|
- Allow server-manager to successfully create a one character user account. |
|
|
- After adding a user and trying to set password via server-manager or |
|
|
user-password using the ";" sign you encountered a "white screen of |
|
|
death". This was due to the version of perl-Object-Persistence being used. |
|
|
- Remove the last 'pleasewait' message as it is no longer needed. |
|
|
- The button to add a new user in the server-manager was missing due to a |
|
|
problem with the free/busy code in usermanager causing the panel to exit. |
|
| 78 |
|
|
| 79 |
Other fixes and updates |
Other fixes and updates |
| 80 |
----------------------- |
----------------------- |
| 81 |
- Updated Samba resolves various file sharing problems |
- VPN failed for some users due to incorrect kernel module. |
| 82 |
- The length of an Ibay name is now configurable via maxIbayNameLength |
- Error in postuninstall script prevented kmod packages from being |
| 83 |
- The Samba "unix extensions" are turned off for Mac compatibility |
removed during upgrade. |
| 84 |
- radiusd.conf allows support for additional authentication methods |
- /etc/cron.daily/freshclam was replaced by a dummy file as freshclam |
| 85 |
- Ability to modify pseudonyms with special characters |
does not need to be run daily as it is run as a supervised process. |
|
- Prevent NameServer being set to current IP of SME Server |
|
|
- Allow support for server side includes for ibays when a directory is |
|
|
browsed. |
|
|
- Made mtu/mru settings configurable. |
|
|
- Increased the templating in php.ini |
|
|
- Fixed timezone detection issues for certain timezones during certificate |
|
|
generation |
|
|
- Added support for cciss RAID controller |
|
|
- Enable a new feature to allow admin to have own password not shared with |
|
|
root. |
|
|
- nut is now started after the network to avoid mails to the admin mailbox |
|
|
about lost communication. |
|
|
- e-smith-openssh contained unused template fragments were removed. |
|
|
- ibays can now be set as non-browsable (hidden), but accessible via their |
|
|
UNC. An ibay can be hidden by setting the Browsable property to disabled. |
|
|
- Suspicious string scanning (supscan) has been disabled due |
|
|
to being CPU and I/O intensive and prone to producing false positives.. |
|
|
- The audittool script has been updated to also identify modified events. |
|
|
- If a custom motd was used this could have been sent with the smolt data, now |
|
|
only the version from e-smith-release is sent. |
|
|
- The wrong URL was shown for the smolt profile, it has been updated to |
|
|
http://smolt.contribs.org/ |
|
|
- Patch djbdns around TCP bug: http://alkemio.org/dns_transmit-bug.html |
|
|
- Change license of djbdns to "Public Domain' - |
|
|
http://cr.yp.to/distributors.html |
|
|
- Do not display symlinks via ftp. |
|
|
- New LPRng where both inbuilt filters as well as smbprint filters work. |
|
|
- Resolved false positives that were being reported by rkhunter. |
|
|
- Move the clamav scan schedule to the correct crontab file for ease of use. |
|
|
- Use yum installonlyn plugin to keep only the last 5 kernels. |
|
|
- Change Wpad URL to match system domain to enable the Wpad feature. |
|
|
- dnscache will now ignore referrals when in forwardonly mode. |
|
|
- On servers with no ibays and less than two users the shadow-copy-rotate |
|
|
script would fail. |
|
|
- Correct the step-ticker to pool.ntp.org hosts. |
|
|
- Hide normally hidden files from view when using roaming profiles. |
|
|
- The dungog yum repository has been obsoleted as the packages are in |
|
|
smecontribs. |
|
|
- When a user is deleted from the server-manager his/her pseudonyms should not |
|
|
appear in any configuration file. |
|
| 86 |
|
|
| 87 |
|
Changes from SME 7.4 to SME 7.5 |
| 88 |
|
=============================== |
| 89 |
|
|
| 90 |
General features |
Backups |
| 91 |
================ |
------- |
| 92 |
- Based on CentOS 4.7 and all available updates |
- The backup service has been made more robust: |
| 93 |
|
Allow many backups in the same day. |
| 94 |
|
Prevent launching a restore if all needed backups are not available. |
| 95 |
|
Do not allow a restore from a partial backup. |
| 96 |
|
- Some valid passwords would fail due to how the backup directory was |
| 97 |
|
mounted, the use of a credentials file for mount.cifs now avoids this |
| 98 |
|
limitation. |
| 99 |
|
- The e-mail now correctly identifies incremental and full backups. |
| 100 |
|
- Make Workstation Backup 'full backup allowed on' setting stick across |
| 101 |
|
revisits of the Configure page when set to 'Sunday'. |
| 102 |
|
- Workstation Backup emails now include a To: header. |
| 103 |
|
|
| 104 |
|
File Server |
| 105 |
|
----------- |
| 106 |
|
- A patch was added to support multiple samba roles, the change is |
| 107 |
|
transparent. However installing smeserver-adv-samba allows the user to |
| 108 |
|
take advantage of additional server roles as detailed in |
| 109 |
|
http://wiki.contribs.org/Advanced_Samba |
| 110 |
|
|
| 111 |
|
Localisation |
| 112 |
|
------------ |
| 113 |
|
- As part of a major update with translations we have added seven new |
| 114 |
|
languages: |
| 115 |
|
Thai, Polish, Romanian, Estonian, Chinese, Norwegian (Bokmal), |
| 116 |
|
Russian. |
| 117 |
|
- Other fixes include updated translations for the existing languages. |
| 118 |
|
|
| 119 |
|
Mail Server |
| 120 |
|
----------- |
| 121 |
|
- Transport Layer Security (TLS) authentication capability has been |
| 122 |
|
added for incoming smtp ehlo requests. |
| 123 |
|
- SMTP Authentication requires TLS before Auth to increase security. |
| 124 |
|
- Implement correctly the subject line SPAM tagging functionality. |
| 125 |
|
- The syntax of the smtproutes and SMTPSmartHost templates have been |
| 126 |
|
updated to avoid MX lookups |
| 127 |
|
- Incoming mail could be incorrectly rejected by qpsmtpd plugin |
| 128 |
|
require_resolvable_fromhost. |
| 129 |
|
- Update to qpsmtpd 0.83 |
| 130 |
|
- Update to ClamAV 0.96.1 |
| 131 |
|
- Increase MemLimit to 600M for clamav-0.96 |
| 132 |
|
- Remove spamassassin jobs from cron.daily that are no longer needed. |
| 133 |
|
- HeuristicScanPrecedence is a new option in clamav 0.94. |
| 134 |
|
See http://wiki.contribs.org/Email#Heuristic_Scan |
| 135 |
|
- Rotate Virus scanning log files |
| 136 |
|
- Remove the external preloaded library, qmail-workaround, which was |
| 137 |
|
needed for qmail loopback connections if a domain MX resolves to |
| 138 |
|
0.0.0.0. This has now been replaced by a patch to qmail itself. |
| 139 |
|
- Use HeloHost (if present) for SMTP auth proxy |
| 140 |
|
|
| 141 |
There are a few differences from previous releases <=7.2 |
Server manager |
| 142 |
======================================================== |
-------------- |
| 143 |
|
- The reconfigure warning is displayed in subsequent browser sessions of |
| 144 |
|
the server-manager when the server is updated from the Command Line, |
| 145 |
|
or after a reboot, if a full reconfiguration has not been performed. |
| 146 |
|
- Allow to select "check for updates" daily, weekly or monthly in the |
| 147 |
|
Software Installer. Check for updates can also be disabled. |
| 148 |
|
- Fix yum warnings about "another instance is running" when running a |
| 149 |
|
second instance of yum from another terminal. |
| 150 |
|
- Improve the HTML formatting of the modify quota panel to work in IE8. |
| 151 |
|
|
| 152 |
|
Webmail and Groupware |
| 153 |
|
--------------------- |
| 154 |
|
- Horde, imp, turba and ingo have been updated to the latest versions |
| 155 |
|
- Patch to make sure username is always saved in lowercase to horde db's |
| 156 |
|
- Allow FQDN and non-FQDN access to webmail. |
| 157 |
|
- The spell checker in Horde Mail has been enabled for HTML composition. |
| 158 |
|
- Obsolete smeserver-trean < 0.1-8 as it makes the sidebar menu of the |
| 159 |
|
webmail interface disappear. |
| 160 |
|
|
| 161 |
|
Web Server |
| 162 |
|
---------- |
| 163 |
|
- Implement a database key (SSLv2) which allows to disable certificates |
| 164 |
|
signed with SSLv2, enabled by default to keep current behaviour. |
| 165 |
|
- Add support for more MIME Types to Apache: |
| 166 |
|
Openoffice 1.x, Openoffice 2.x |
| 167 |
|
Microsoft Office 2007 |
| 168 |
|
XML |
| 169 |
|
- SSL Certificates will now use a SHA1 |
| 170 |
|
- SSL Certificates will now use a 2048 bits key size |
| 171 |
|
|
| 172 |
After installing for the very first time: |
Other fixes and updates |
| 173 |
----------------------------------------- |
----------------------- |
| 174 |
- First night you may receive an email from cron about sa_updates. |
- From June 2009 smeserver-rkhunter was removed from smeos and made a |
| 175 |
- First night you should receive a large email saying a bunch of |
contrib. |
| 176 |
groups/users were removed/added (rkhunter email notification). |
- Do not allow re-allocation of deleted Windows user profiles. |
| 177 |
- Any time you change users/groups you will receive an email the next day |
- Template sshd login grace time |
| 178 |
about those changes (rkhunter email notification). |
- Correct the configuration of smartd to monitor hard disk status, but |
| 179 |
|
default to disabled. |
| 180 |
|
- Display the boot time menu by default by removing the hiddenmenu entry |
| 181 |
|
from the default grub.conf to be in line with the documentation. |
| 182 |
|
- Enable error logging for MySQL. |
| 183 |
|
- When user or group names with a "." in the names exist, |
| 184 |
|
running /sbin/e-smith/audittools/aliases will show more than the |
| 185 |
|
expected list. |
| 186 |
|
- Improve the quality of the mirrors by using a network mirror-list. The |
| 187 |
|
list is automatically generated hourly based on the status of the |
| 188 |
|
current mirrors. By using these mirror-lists it is ensured that people |
| 189 |
|
are directed to an updated mirror. When a mirror is added or removed |
| 190 |
|
the change will be available quickly and automatically. It also |
| 191 |
|
centralizes control of the mirror lists. |
| 192 |
|
- Add yum-protect-packages support to prevent removal of needed |
| 193 |
|
packages. This stops accidental removal of core SME Server packages. |
| 194 |
|
- Introduced (weak) kernel modules which are independent of kernel |
| 195 |
|
version. This means there is no need to update/rebuild kmods for each |
| 196 |
|
kernel update. |
| 197 |
|
- Fix for VPN access failed with buffer too small errors. |
| 198 |
|
- Require /sbin/mdassemble so mkinitrd works correctly. |
| 199 |
|
- Reduce drive size requirements from 5G to 1.5G |
| 200 |
|
|
| 201 |
$Id: README.txt,v 1.27 2008/11/17 23:15:15 slords Exp $ |
$Id: README.txt,v 1.9 2010/05/24 21:17:17 wellsi Exp $ |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch
