1 |
SME Server 8.0 Beta 6 Release Notes |
SME Server 8.0 Beta 7 Release Notes |
2 |
=================================== |
=================================== |
3 |
|
|
4 |
August 20 2010 |
DATE TBD |
5 |
|
|
6 |
The SME Server development team is pleased to announce the release of |
The SME Server development team is pleased to announce the release of |
7 |
SME Server 8.0beta6 which is based on CentOS 5.5 and will be the next |
SME Server 8.0beta7 which is based on CentOS 5.6 and will be the next |
8 |
major release of SME Server. This is the final planned Beta for SME 8. |
major release of SME Server. This is the final planned Beta for SME 8. |
9 |
|
|
10 |
Bug reports and reports of potential bugs should be raised in the bug |
Bug reports and reports of potential bugs should be raised in the bug |
15 |
*************************** |
*************************** |
16 |
Testers Please Note the following... |
Testers Please Note the following... |
17 |
|
|
18 |
1. SME Server users currently on SME Server 8.0 Beta 5 have to perform |
1. SME Server users should not upgrade production servers to this |
|
one manual step before upgrading due to the change of samba. |
|
|
See http://wiki.contribs.org/SME_Server_8#Upgrading_samba |
|
|
|
|
|
2. SME Server users should not upgrade production servers to this |
|
19 |
release but those who can are encouraged to load the beta to a |
release but those who can are encouraged to load the beta to a |
20 |
dedicated test machine and take part in the testing phase. |
dedicated test machine and take part in the testing phase. |
21 |
|
|
22 |
3. CentOS 5 has dropped support for i586 and therefore SME Server 8 |
2. CentOS 5 has dropped support for i586 and therefore SME Server 8 |
23 |
will not work on i586 hardware. [See bugzilla:2845]. i586 hardware |
will not work on i586 hardware. [See bugzilla:2845]. i586 hardware |
24 |
means processors before and including Intel Pentium, Pentium MMX; |
means processors before and including Intel Pentium, Pentium MMX; |
25 |
AMD K5, K6, K6-II, K6-III and Via C3. i686 architecture processors |
AMD K5, K6, K6-II, K6-III and Via C3. i686 architecture processors |
26 |
are Intel Pentium Pro, Pentium II, Pentium III; AMD Athlon, |
are Intel Pentium Pro, Pentium II, Pentium III; AMD Athlon, |
27 |
Athlon XP and later. |
Athlon XP and later. |
28 |
|
|
29 |
4. Upgrading from previous releases should only be done on clean |
3. Upgrading from previous releases should only be done on clean |
30 |
machines without contribs or other modifications. |
machines without contribs or other modifications. |
31 |
|
|
32 |
5. Testers are now encouraged to test upgrade paths and to start testing |
4. Testers are now encouraged to test upgrade paths and to start testing |
33 |
contribs. They are not certain to work so only try on test servers. |
contribs. They are not certain to work so only try on test servers. |
34 |
Please raise all issues found in the bug tracker. |
Please raise all issues found in the bug tracker. |
35 |
|
|
36 |
6. Some notes on SME 8 including help on upgrades can be found at |
5. Some notes on on SME 8 including help on upgrades can be found at |
37 |
http://wiki.contribs.org/SME_Server_8 |
http://wiki.contribs.org/SME_Server_8 |
38 |
|
|
39 |
7. Please note it may take up to 48 hours for mirrors to finish syncing, |
6. Please note it may take up to 48 hours for mirrors to finish syncing, |
40 |
during this time you may experience problems. |
during this time you may experience problems. |
41 |
You can download SME8.0 Beta 6 from |
You can download SME8.0 Beta 7 from |
42 |
http://mirror.contribs.org/smeserver/releases/testing/8/iso/i386/ |
http://mirror.contribs.org/smeserver/releases/testing/8/iso/i386/ |
43 |
or for other methods see http://wiki.contribs.org/SME_Server_8 |
or for other methods see http://wiki.contribs.org/SME_Server_8 |
44 |
|
|
74 |
please try to spare some time to this vital aspect of our community's |
please try to spare some time to this vital aspect of our community's |
75 |
future. |
future. |
76 |
|
|
77 |
This release, which is based on a major update of the CentOS Core, |
This release, which is based on a major update of the Centos Core, |
78 |
contains many new features. Please run Software Installer in Server |
contains many new features. Please run Software Installer in Server |
79 |
Manager regularly during testing to be sure your system reflects the |
Manager regularly during testing to be sure your system reflects the |
80 |
latest stage of development. |
latest stage of development. |
81 |
|
|
82 |
Major changes in beta 6 |
Major changes in beta 7 |
83 |
======================= |
======================= |
84 |
The policy is to stick with upstream updates unless there are compelling |
* Require authentication for all emails, including local. |
85 |
reasons not to. The number of customers unable to run the software they |
* Use ext4 instead of ext3 for filesystems (except for /boot). UNDER DISCUSSION |
86 |
want because of the Samba and PHP versions constituted a compelling |
* LDAP authentication can be enabled, but is not on by default in this version, |
87 |
reason. |
once enabled it cannot be disabled, so experiment with care. |
|
|
|
|
Samba 3x: |
|
|
The Samba packages have reverted to those provided by CentOS to simplify |
|
|
the support needed. This version of samba provides support for Windows 7 |
|
|
domain logins. http://wiki.contribs.org/SME_Server_8#Upgrading_samba |
|
|
|
|
88 |
|
|
89 |
Changes in this release |
Changes in this release |
90 |
======================= |
======================= |
91 |
|
|
92 |
This section of this README file lists all package changes carried out |
This section of this README file lists all package changes carried out |
93 |
by SME-associated developers since SME Server 8.0 Beta 5. |
by SME-associated developers since SME Server 8.0 Beta 6. |
94 |
|
|
95 |
The package changelogs often included earlier changes and changes |
The package changelogs often included earlier changes and changes |
96 |
carried out by non-SME-associated developers; these were removed to |
carried out by non-SME-associated developers; these were removed to |
97 |
shorten the list. Packages recently altered by CentOS, Redhat, and |
shorten the list. Packages recently altered by Centos, Redhat, and |
98 |
Fedora-associated developers are not included. |
Fedora-associated developers are not included. |
99 |
|
|
100 |
Backups |
Backups |
101 |
------- |
------- |
102 |
- Restoring from a Workstation Backup showed a false failure. |
- Improve how Backup to Workstation handles full remote disks. |
103 |
- Workstation Backup emails include a To: header. |
- Localise the choices for 'Select the type of share for backup destination' in |
104 |
- Workstation Backup includes the system name and also indicates failure |
the Configure Workstation Backup panel |
105 |
if applicable in the subject line of the email. |
- Improve the wording of the 'Backup or restore' server-manager panel. |
106 |
- Update backup instructions in server-manager. |
Replace term "USB disk" with "removable disk" as this is not restricted |
107 |
- The Workstation Backup panel now removes leading and trailing spaces |
to only USB disks. |
108 |
from the hostname. |
- Improve wording of workstation backup email regarding the set number. |
109 |
- Fix removal of leading slash in storage location. |
- Do not modify the workstation backup location 'SmbShare' during software update |
110 |
- The Workstation backup to USB panel no longer presents mounted disks. |
- Include disk usage in Workstation Backup email. |
111 |
- Only define Workstation Backup temporary directory once. |
- A new database property, OpenFilesLimit, allows customisation of |
112 |
- Remove relocate_samba_file and all references to /etc/smbpasswd. |
open_files_limit option in my.cnf. This can allow backups to succeed if a MySQL |
113 |
|
database has a very large number of tables. |
114 |
|
|
115 |
File Server |
File Server |
116 |
----------- |
----------- |
117 |
- Use samba3x package for windows 7 compatibility. |
- Change separator character in general Samba configuration file. |
118 |
- Remove require strong key part of regedit file. |
- Changes in Samba's "Recycle VFS exclude" syntax (for ibays). |
119 |
- Backup all the samba tdb files. |
- Create samba account during event for machine. |
120 |
- Add dependency /usr/bin/tdbbackup. |
- Keep uid/gid for computer accounts in synch for Unix/Samba/LDAP. |
121 |
|
- Fixed syntax error in create-machine-account. |
122 |
|
- Fix samba-group-mapping for users without group membership. |
123 |
|
- Fix cpu critical patch missing ' |
124 |
|
- LDAP admin password needs to be loaded in secrets.tdb |
125 |
|
|
126 |
Localisation |
Localisation |
127 |
------------ |
------------ |
128 |
- Add Chinese (Taiwan) language (zh_TW). |
- Latest localisation updates applied. |
|
- Add Hebrew language (he). |
|
|
- Fix translation of local nic string in console. |
|
|
- Other fixes include updated translations for the existing languages. |
|
129 |
|
|
130 |
Mail Server |
Mail Server |
131 |
----------- |
----------- |
132 |
- Disable by default the SMTP transparent proxy, however upgrades from |
- Require SMTP authentication by default when sending to an external address. |
133 |
sme7 will retain old default behavior where SMTP connections will be |
- Fix TLS security defaults, TLS Ciphers for qpsmtpd can be configured. |
134 |
transparently proxied. |
- Change enabled to transparent for mail proxy. |
135 |
- Implement a database key (TlsBeforeAuth) to allow SMTP |
- Enable authentication for smtp traffic and migrate if necessary. |
136 |
Authentication without TLS. The default remains to require TLS before |
- Fix pseudonym modification for "local network only" accounts. |
137 |
Auth (introduced in SME 8Beta5). |
- Add smtp auth into web interface, not just when enabled. |
138 |
- Update qpsmtpd to 0.84 |
- Fix require_resolvable_fromhost doesn't work |
139 |
- Config setting to enable SMTP to ISP Authentication Debug now uses |
- Fix qpsmtpd plugin fatal errors when incoming mail message has no headers. |
140 |
enabled/disabled for clarity. |
- Serialize configure_peers to prevent errors. |
141 |
- Fix HeloHost patch. |
- Change authentication from passwd/shadow files to the pam database. |
142 |
- Remove cron.daily jobs that are no longer needed. |
- New feature: Allow for individual configuration for the number of qmail |
143 |
- Update email addresses on domain change. |
logfiles. |
|
- Work around how qpsmtpd tags spam email. |
|
144 |
|
|
145 |
Server manager |
Server manager |
146 |
-------------- |
-------------- |
147 |
- Improve the HTML formatting of the modify quota panel. |
- Enhance IP address syntax checking in remote access panel. |
|
- Remove empty <p> tag from footer template. |
|
148 |
|
|
149 |
Webmail and Groupware |
Webmail and Groupware |
150 |
--------------------- |
--------------------- |
151 |
- Updated to Horde 3.3.8 |
- Update to Horde 3.3.11, imp 4.3.9, Ingo 1.2.5 & Turba 2.3.5 |
152 |
- Updated to imp 4.3.7 |
- Add option to verify from address in webmail if setting up additional |
153 |
- Updated to Ingo 1.2.4 |
identities. |
154 |
- Updated to Turba 2.3.4 |
- Turba searches on LDAP address book fixed. |
|
- Add the ability to have a local LDAP Group Address book. |
|
|
- Templated attributes.php to add ability to have multiple email |
|
|
values for a contact. Separate entries with a comma and a space. |
|
|
- Update to freebusy info in sources.php |
|
|
- Update to remove turbaContact info that SME is not using. |
|
155 |
|
|
156 |
Web Server |
Web Server |
157 |
---------- |
---------- |
158 |
- Default expose_php in php.ini to Off. |
- Disable SSLv2 by default. |
159 |
|
- make user 'apache' an alias for user 'www'. |
160 |
|
|
161 |
Other fixes and updates |
Other fixes and updates |
162 |
----------------------- |
----------------------- |
163 |
- Handle no network interface scenario in console. |
- Use ext4 instead of ext3 for filesystems (except for /boot) |
164 |
- Fix ldap-create errors when adding empty groups. |
- Properly handle account with accents in first- or lastname with regards to LDAP. |
165 |
- The LDAP information for admin was not being updated. |
- Only allow backup to (removable) storage media that are not read only. |
166 |
- Don't try to save ibay password to LDAP. |
- Improve error handling when trying to install without NIC. |
167 |
- Do not allow pool.ntp.org as NTP server. |
- Only remove dangling symlinks in weak-updates directories. |
168 |
- Prepare for obsoletion of magic_quotes* when we supply PHP 5.3.0+ |
- Fix create user gid parameter. |
169 |
- Fix missing space causing errors parsing the iptables rules. |
- Path for gpasswd command fixed in "init-accounts" script. |
170 |
- Migrate MirrorList properties to sme8 repos. |
- Fix template-expansion for dhclient.conf. |
171 |
- Remove BaseURL properties if migrating to sme8 repos. |
- Improve validation (error) message for remote access setup. |
172 |
- Remove yum databases and repodata if migrating to sme8 repos. |
- Change text in hostname and addresses panel for remote host (add FQDN). |
173 |
- Enable cpuspeed by default. |
- Fix hostname editing for comments with double speechmarks |
174 |
- Fix scriplet error in e-smith-service script when service is disabled. |
- Trap croak inside Net::IPv4Addr::ipv4_in_network to allow a FQDN to be inserted |
175 |
- Allow use of CNAME in remote hosts. |
in hostnames and addresses panel in lieu of an IP address. |
176 |
- Add Obsoletes for php5-cgi-{imap,ldap,mysql,pear,xmlrpc}. |
- Add validator back for ip or cname entry. |
177 |
|
- All ibay account commands as system accounts in LDAP. |
178 |
|
- Create ibay accounts as system accounts in LDAP. |
179 |
|
- Use cpu commands to manage Ibays accounts if ldap is master. |
180 |
|
- Make cpu calls critical only with ldap{Auth} is enabled. |
181 |
|
- Check slapd.conf syntax before trying to dump the database. |
182 |
|
- Simplify ldap-update call by calling ldif-fix |
183 |
|
- Change script order: ldap-update should be called after domain-group-maps. |
184 |
|
- LDAP ou field is taken from Dept not Department. |
185 |
|
- LDAP chnages: Add rfc2739.schema back in and include in config. |
186 |
|
- Use ldapmodify to load ldif, add -a if no changetype. |
187 |
|
- Remove bogus junk attribute from ldif templates. |
188 |
|
- Change startup order for ldap. |
189 |
|
- ldap should store locked passwords for expired passwords. |
190 |
|
- Correctly strip numbers from sql scripts |
191 |
|
- Enable speedier time synchronisation for suspended VMs, this can be configured |
192 |
|
by a new db key for ntpd, SupportLargeDrift. |
193 |
|
- Obsolete KeepAlive and replace by ClientAliveInterval and ClientAliveCountMax |
194 |
|
to prevent SSH sessions from being timed out by network inactivity. |
195 |
|
- New feature: Default Cipher to blowfish for ssh configuration. |
196 |
|
- Add directive "PersistentPasswd off" to proftpd configuration. |
197 |
|
- Quota panel should allow non-integers but only accept uppercase units. |
198 |
|
- Enable quotas on ext4 filesystems as well. |
199 |
|
- Add ldap as an auth type to radius |
200 |
|
- Radius should use LDAP backend (if LDAP auth is enabled). |
201 |
|
|
202 |
General features |
General features |
203 |
================ |
================ |
204 |
|
|
205 |
- Based on CentOS 5.5 and all available updates |
- Based on CentOS 5.6 and all available updates |
206 |
|
|
207 |
$Id: README.txt,v 1.7 2010/07/15 07:58:07 wellsi Exp $ |
$Id: README.txt,v 1.7 2010/07/15 07:58:07 wellsi Exp $ |
208 |
|
|