Line 1: |
Line 1: |
| ==SME Server 9.0 Beta 4 Release Notes== | | ==SME Server 9.0 Beta 4 Release Notes== |
| | | |
− | 28 February 2014
| + | 11th April 2014 |
| | | |
| The SME Server development team is pleased to announce the release of | | The SME Server development team is pleased to announce the release of |
− | SME Server 8.1 Release Candidate 1 which is based on CentOS 5.10 | + | SME Server 9.0 Beta 4 which is based on CentOS 6.5. |
| + | |
| + | This is the final planned Beta of SME Server 9.0. |
| + | This version has the latest openssl to avoid the heartbleed issue. |
| | | |
| Bug reports and reports of potential bugs should be raised in the bug | | Bug reports and reports of potential bugs should be raised in the bug |
Line 13: |
Line 16: |
| {{Donate}} | | {{Donate}} |
| | | |
| + | |
| + | ===Download=== |
| + | You can download SME Server 9.0 Beta 4 from |
| + | http://mirror.contribs.org/smeserver/releases/testing/9.0beta4/iso/x86_64/ |
| + | or for other methods see http://wiki.contribs.org/SME_Server:Download |
| + | Please note it may take up to 48 hours for mirrors to finish syncing, |
| + | during this time you may experience problems. |
| | | |
| ===About SME Server=== | | ===About SME Server=== |
| SME Server is the leading Linux distribution for small and medium | | SME Server is the leading Linux distribution for small and medium |
− | enterprises. SME Server is brought to you by Koozali Foundation, Inc., | + | enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
− | a non-profit corporation that exists to provide marketing and legal support | + | a non-profit corporation that exists to provide marketing and legal support |
| for SME Server. | | for SME Server. |
| | | |
Line 38: |
Line 48: |
| simply email treasurer@koozali.org | | simply email treasurer@koozali.org |
| | | |
− | ===Thanks and a plea for help=== | + | |
| + | ===Thanks=== |
| The development team would like to thank all of those who have involved | | The development team would like to thank all of those who have involved |
| themselves with this release. | | themselves with this release. |
| + | |
| | | |
| ===Notes=== | | ===Notes=== |
− | {{Note box|It may take up to 48 hours for mirrors to finish syncing, during this time you may experience problems. You can download SME Server 8.1 from | + | {{Note box|msg=In-place upgrades are not supported. It is necessary to backup and then restore.}} |
− | http://mirror.contribs.org/smeserver/releases/8.1/iso/}}
| + | |
| + | |
| + | ===Changes from Beta 3=== |
| + | The installer has been substantially modified in Beta 3. |
| + | The remaining relevant patches from SME Server 8 have been ported. |
| + | Note: The spare handling for RAID arrays is not implemented. |
| + | Workstation Backup has had many minor changes, see below for details. |
| | | |
− | {{Note box|msg=Some notes on SME Server 8 including help on upgrades can be found at http://wiki.contribs.org/SME_Server_8. Additional information on 8.1 will be added. }}
| + | A new feature has been introduced to block SSH login attempts, |
| + | http://wiki.contribs.org/AutoBlock |
| + | It is set by default to reject SSH connections when there have been 3 |
| + | or more requests in the previous 15 minutes. |
| + | See the link above to tune the defaults, or to disable: |
| + | db configuration setprop sshd AutoBlock enabled |
| + | signal-event remoteaccess-update |
| | | |
| | | |
− | {{Note box|msg=Version 8.0 of SME Server is based on CentOS 5. CentOS 5 does not support i586 architecture and as such SME server 8 is not compatible with i586 architecture. See [[Bugzilla:4740]] and [[Bugzilla:6671]]}}
| + | ===Changes from Beta 2=== |
| + | The installer has been substantially modified in Beta 2. |
| + | It now creates the degraded RAID1 array with a single disk install. |
| + | Some, but not all, install options are now supported. |
| | | |
− | {{Note box|msg=Hardware that may include an internal tape drive may experience a Installer fail immediately after cd check or skipping cd check, see [[Bugzilla:6996]] and try install again after disconnecting tape drive. }}
| + | The base has been updated to CentOS 6.5 |
| | | |
| + | The network interface code has been reworked to remove all hardcoding |
| + | relating to eth0 and eth1. |
| | | |
− | {{Note box|msg=Before performing an upgrade to SME 8 from version 7.xx you need to fully update the installation of version 7.xx before attempting the upgrade. See also [[Bugzilla: 6732]] and [[Bugzilla: 7056]]}}
| |
| | | |
− | ===Changes After Beta 4=== | + | ===Changes in this release=== |
| + | This section will be further updated in a later release |
| + | Currently this only shows changes since SME Server 9.0 Alpha 3 and it is |
| + | autogenerated from the changelogs. A more human readable version will be |
| + | written. |
| | | |
− | There are no major changes.
| |
| | | |
− | Update with ca-bundle.crt from SME 9.
| + | Packages altered by Centos, Redhat, and Fedora-associated developers are |
| + | not included. |
| | | |
− | ===Changes from Beta 3===
| |
| | | |
− | Set sme-server as the default workgroup and domain name for new installations.
| + | ====Backups==== |
| + | - Workstation Backup, do not exclude dar files by default |
| + | in line with console backup. |
| | | |
− | Remove insecure SSL ciphers.
| + | - Workstation Backup, fix selective restore by requesting array |
| + | of results from CGI.pm. |
| | | |
− | Due to SMTP servers not handling SMTP Auth well only present one auth method at a time, in order, to NET::SMTP.
| + | - Workstation Backup, new method to show files being restored is needed |
| + | when using dar 2.4. |
| | | |
− | Allow webmail access to be selected for only the local network.
| + | - Simplify the workstation backup report. |
| | | |
− | Provide the ability to force https per ibay.
| + | - Workstation Backup, count backup sets from 1. |
| | | |
− | ===Changes from Beta 2===
| + | - Update the text in the Backup panel. |
| | | |
− | Update to CentOS 5.10
| + | - Allow more time for cifs mounts before reporting errors. |
| | | |
− | Update footer copyright and renew full copyright text.
| + | - Dar updated to 2.4.10. |
| | | |
− | Latest version of Dar, 2.4.11, for workstation backup.
| + | - Workstation Backup, add a choice to delete old backup before or after |
| + | backup. |
| | | |
− | Workstation Backup, fix selective restore by requesting array of results | + | - Workstation Backup, remove temporary directory on success. |
− | from CGI.pm
| |
| | | |
− | Workstation Backup, new method to show files being restored is needed
| + | - Refactor directory tree creation and removal. |
− | when using dar 2.4
| |
| | | |
− | ===Changes from Beta 1===
| + | - Workstation Backup, inconsistent formatting of host share name in messages. |
| | | |
− | nodmraid is now the default install option as many issues have been seen with dmraid.
| + | - Workstation Backup, more reliable catalog creation. |
| | | |
− | Installer warning updated to clarify all attached disks will be reformatted.
| + | - Workstation Backup, report cifs mount errors. |
| | | |
− | SME Server changes to initscripts included.
| + | - Workstation Backup, do not access /proc/mounts |
| | | |
− | Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots.
| + | - Incremental backup fix. |
| | | |
− | Updated to latest Antivirus, ClamAV, 0.98.
| + | - Workstation Backup, allow spaces in the backup destination. |
| + | Includes fix for disk usage broken with spaces. |
| | | |
− | Added donation text and graphic to login page and server-manager.
| + | - Desktop Backup, allow user setting of compression level. |
| | | |
− | Modules necessary to implement .htaccess have now been loaded by default.
| + | - Use Wake on LAN before starting Backup with DAR. |
| | | |
− | ===Changes in this release===
| + | - NFS syntax is deprecated for CIFS mount. |
− | Packages altered by Centos, Redhat, and Fedora-associated developers are
| |
− | not included.
| |
| | | |
| + | - Require cifs-utils and use UNC paths for cifs mount. |
| | | |
− | ====Backups====
| + | - Improve text in console backup for success and failure. |
− | - Latest version of Dar, 2.4.11, for workstation backup. | |
| | | |
− | - Workstation Backup allows the day of the week to be specified on which a full backup occurs. This now works correctly for all days of the week. | + | - Console USB Backup, allow user setting of compression level. |
| + | Compression level of the console backup is now -6 by default. |
| | | |
− | - To increase reliability of backups to a Microsoft Vista drive, a one second delay was added to the backup. This issue is not seen on the newer Microsoft OS. | + | - Patch to exclude trying to backup aquota.* files so that backups to tape |
| + | will succeed. |
| | | |
− | - Allow user setting of compression level for Desktop and Console Backups. | + | - Update to the latest version of console restore. |
− | For example: config setprop backupconsole CompressionLevel -6
| |
− | The default is -6, where -1 is fastest and -9 is optimal compression.
| |
| | | |
− | - In the console, under item 8, refer to removable media instead of USB device. | + | - Boostrap console should only offer restore if no password set. |
| | | |
− | - After a restore from the console the post-upgrade event was not being performed. | + | - Delete items from dar catalog in descending order |
| | | |
− | - Add an option to use Wake on LAN before starting Workstation Backup. | + | - Minor non-functional updates based on PerlCritic and review comments |
| | | |
− | - Workstation Backup, report cifs mount errors. | + | - Move console backup to e-smith-backup |
| | | |
− | - Workstation Backup, remove temporary directory on success . | + | - Workstation Backup, selective restore of deleted files |
| | | |
− | - Workstation Backup, add a choice to delete old backup before or after backup. | + | - Remove migrate fragment 30vfstype |
| | | |
− | - Workstation Backup, ensure that the pathname passed to dar_manager is quoted to allow backup destinations with spaces, eg some USB drives. | + | - Workstation Backup, Don't delete old sets, only empty them. |
| | | |
− | - Workstation Backup, count backup sets from 1 and delete the obsolete set0 when it goes out of scope. | + | - Workstation Backup, Mail and WOL now subroutines |
| | | |
− | - Workstation Backup, do not fail backup for mtime/ctime mismatch | + | - Workstation Backup, remove the need for a temporary directory, updated. |
| | | |
− | - Workstation Backup, fix selective restore by requesting array of results from CGI.pm | + | - Workstation Backup, backupname includes seconds. |
| | | |
− | - Workstation Backup, new method to show files being restored is needed when using dar 2.4 | + | - Simplification of the time routines. |
| | | |
− | - Don't remove the apache group during restore. | + | - Workstation Backup, remove the need for a temporary directory. |
| | | |
− | - Workstation Backup, suppress ctime error message on incremental backups. | + | - Allow configuration of workstation backup if no removable disk present |
| | | |
− | - Workstation Backup, selective restore of deleted files. | + | - Create simplified function for updating the DarCatalog |
| | | |
| | | |
| ====File Server==== | | ====File Server==== |
| + | - Also remove the empty template-begin file in pam.d/proftpd templates. |
| + | |
| + | - Remove unused pam templates. |
| + | |
| - Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. | | - Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
| | | |
− | - Add support for Windows 8 domain joining & user login with a new registry file. | + | - Add template for wide links. |
− | /server-resources/regedit/win8samba.reg
| |
| | | |
− | - New optional samba property smb{WideLinks}, valid values are 'no' or 'yes'. The current samba default is 'no'. | + | - Add templates for max protocol. |
− | see http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#WIDELINKS
| |
− | For example to enable samba Wide Links
| |
− | # config setprop smb WideLinks yes
| |
| | | |
− | - Add windows network performance enhancements registry file that can help Windows slow logons. | + | - Add support for Windows 8 domain joining & user login. |
− | /server-resources/regedit/windows_samba_performance.reg
| |
| | | |
− | - Two new optional samba properties smb{ServerMaxProtocol} & smb{ClientMaxProtocol}. | + | - Add windows network performance enhancements registry file. |
− | For example: # config setprop smb ServerMaxProtocol NT1
| |
| | | |
− | - Remove the samba_audit specific logrotate configuration which was causing an email to be sent to the admin every night. | + | - Update default ServerName in 30smbServerName |
| | | |
− | - Enable smb auditing per ibay, it is disabled by default. Auditing is enabled via | + | - Add ability to configure waiting for network Win7 registry option. |
− | # db accounts setprop ibayname Audit enabled
| |
− | # signal-event ibay-modify ibayname
| |
| | | |
− | - Prevent emailing about the normal, weekly, checks of RAID arrays | + | - Change default Workgroup and Domain to sme-server. |
| | | |
− | - Update ServerName (Samba netbios name) when SystemName is updated | + | - Fix mod_sftp/mod_sftp_pam invalid pool allocation during kbdint |
| + | authentication. |
| | | |
− | - Workaround a deficiency in the proftpd package where it does not handle long lines correctly in its configuration file. This caused FTP to fail when large numbers of local networks were configured. | + | - Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
| | | |
− | - Ensure Deny from all is on its own line in 15LimitLOGIN | + | - Remove 20smb as migrating from pre-SME7 is not supported |
| | | |
− | - Update default ServerName in 30smbServerName, and change default Workgroup and Domain to sme-server
| |
| | | |
| + | ====LDAP (Optional in SME 9.0, and considered experimental)==== |
| + | - Adjust slapd ACL to change dn.subtree to dn.children. |
| | | |
− | ====LDAP (Optional in SME 8.1, and considered experimental)====
| |
− | - Fix init-account script when LDAP auth is enabled.
| |
| | | |
− | - Fix group creation/modification when LDAP auth is enabled. | + | ====Localisation==== |
| + | - Latest translations included. |
| | | |
− | - The ldap.init script which starts just after the ldap service waits for slapd to be to available. The logic to check if slapd is ready was corrected.
| |
| | | |
− | - Add missing dependency on openldap-servers. | + | ====Mail Server==== |
| + | - Only present one auth method at a time, in order, to NET::SMTP. |
| | | |
− | - The ldap log files can take significant space on servers with a lot of users. This update will ensure old BDB log files are removed. | + | - Remove limit properties from the imaps DB entry. |
| | | |
| + | - Apply process limits to dovecot. |
| | | |
− | ====Localisation====
| + | - Include /usr/bin/refreshclam |
− | - Latest translations included. | |
| | | |
| + | - Allow webmail-only-local-network. |
| | | |
− | ====Mail Server====
| + | - Fix handling of messages with no body and no trailing \n after |
− | - Updated to latest Antivirus, ClamAV, 0.98.1
| + | headers (eq was used in attempted assignment). |
| | | |
| - Fetchmail multidrop mode follows TCPPort setting. | | - Fetchmail multidrop mode follows TCPPort setting. |
| + | |
| + | - Always enable imap, listen on loopback is disabled. |
| | | |
| - Avoid use of unitialised variables in smtp migrate fragments. | | - Avoid use of unitialised variables in smtp migrate fragments. |
| | | |
− | - Allow smtp_auth_proxy to use port 587 with STARTTLS. | + | - Simplify qmail concurrency templates. |
| + | |
| + | - Modify domain style pseudonym pointing to user with dot in name. |
| | | |
− | - Due to SMTP servers not handling SMTP Auth well enable the use of a blacklist to remove the troublesome methods. | + | - Accept messages with no body and no trailing \n after headers. |
− | For example to remove CRAM-MD5:
| |
− | # db configuration setprop smtp-auth-proxy Blacklist CRAM-MD5
| |
− | # sv t /service/smtp-auth-proxy
| |
− | More than one method can be removed:
| |
− | # db configuration setprop smtp-auth-proxy Blacklist "CRAM-MD5 DIGEST-MD5"
| |
− | # sv t /service/smtp-auth-proxy
| |
| | | |
− | - imap-relocate-maildirs action was removed. It was no longer necessary and was sometimes very slow. | + | - Fix Net::DNS update breaks qpsmtpd. |
| | | |
− | - The soft memory limits for pop3 and pop3s were increased. Two new optional database properties pop3{MemLimit} and pop3s{MemLimit} | + | - allows the spamassassin plugin to read the size limit from its |
− | For example to increase the memory limit
| + | arguments |
− | # config setprop pop3s MemLimit 50000000 | |
− | # expand-template /var/service/pop3s/env/MEMLIMIT
| |
− | # config setprop pop3 MemLimit 50000000
| |
− | # expand-template /var/service/pop3/env/MEMLIMIT
| |
| | | |
− | - New optional qmail property qmail{ConcurrencyLocal} and default for /var/qmail/control/concurrencylocal changed to 20. | + | - Move clamscan scheduling to complete before 99-raid-check. |
− | For example to decrease the local concurrecny limit
| |
− | # config setprop qmail ConcurrencyLocal 6
| |
| | | |
− | - Modify domain style pseudonym pointing to user with dot in name. | + | - Listen on loopback if disabled. |
| | | |
− | - Accept messages with no body and no trailing \n after headers. | + | - Fix permissions on imapd.pem as it's used by pop3s. |
| | | |
− | - Prevent email delivery failure with required updates for perl-Net-DNS and qpsmtpd. | + | - Do not obsolete bglibs, it's required for cvm. |
| | | |
− | - New optional spamassassin property spamassassin{MaxMessageSize} to allow for spamassassin qpsmtpd's plugin size limit to be changed. | + | - Allow plaintext (unless explicitly disabled). |
− | For example to also scan larger files
| |
− | # config setprop spamassassin MaxMessageSize 1500000
| |
| | | |
− | - Make CipherSuite secure by default and tls ciphers defaults to disallow SSLv2. | + | - Do not obsolete cvm, it's still needed for qpsmtpd. |
| | | |
− | - Fix how qpsmtpd tags spam email. | + | - Fix size_limit initialization. |
| | | |
− | - Add template to extend the functionality of SSL verified certificate to IMAP and SSMTP transactions | + | - reads MaxMessageSize prop of spamassassin and adds it |
| + | to the arguments of the plugin if defined. |
| | | |
− | - Update ClamAV to release 0.97.8. | + | - Requires e-smith-cvm-unix-local. |
| | | |
| - Load TextCat plugin if ok_languages is enabled. | | - Load TextCat plugin if ok_languages is enabled. |
| | | |
− | - Removed the databytes file from qpsmtpd config to honor the maximum message size settings. See http://wiki.contribs.org/Email#Set_max_email_size | + | - Fix how qpsmtpd tags spam email. |
| + | |
| + | - Remove Packager and Vendor from spec file. |
| + | |
| + | - Revert last change. |
| + | |
| + | - Sources are local, do not download them. |
| | | |
− | - Include /usr/bin/refreshclam | + | - Updates to release 0.98.1 |
| | | |
− | - Remove workarounds for how qpsmtpd tags spam email. | + | - Handle exceptions during attempted SASL auth. Add more debug tracing. |
| | | |
− | - Remove insecure SSL ciphers. | + | - Remove DENYSOFT on SPF softfail |
| | | |
− | - Add keepalive option for tcpsvd for imap and imaps services. | + | - Remove insecure ciphers |
| | | |
− | - Use stunnel-tls instead of sslio to wrap imaps service. | + | - Remove workarounds for how qpsmtpd tags spam email |
| | | |
| + | - Fix whitespace in 10required_score |
| | | |
| ====Server manager==== | | ====Server manager==== |
− | - Added donation text and graphic to login page and server-manager. | + | - Renew donation text in server-manager. |
| + | |
| + | - Do not load mod_ssl. |
| + | |
| + | - Remove log noise from Create starter web site panel. |
| + | |
| + | - Add security fix for CVE-2013-4113. |
| + | |
| + | - Renew donation text and graphic in server-manager. |
| | | |
| - Update footer copyright and renew full copyright text. | | - Update footer copyright and renew full copyright text. |
| | | |
− | - Do not load mod_ssl for httpd-admin as it is not needed and creates log noise. | + | - Change wording of Software Update button. |
| + | |
| + | - Roll new stream to remove obsolete images |
| | | |
− | - If the browser used to access the server-manager used lower case for %escapes a blank screen would be shown. The server manager URL processing is now case-insensitive for %escapes. | + | - Remove references to obsolete images, by Stephane de Labrusse |
| | | |
− | - Fix more uninitialized warnings in log (httpd/admin_error_log) from HTML.pm. | + | - Fix new starter website. |
| | | |
− | - Remove log noise (httpd/admin-error-log) when accessing the Create Starter Web panel in server-manager. | + | - Update location of Primary index.html. |
| | | |
| | | |
| ====Webmail and Groupware==== | | ====Webmail and Groupware==== |
− | - If IMAP is disabled in the server manager email panel, IMAP will now listen to the loopback interface to allow webmail to function. | + | - Allow webmail-only-local-network. |
| | | |
− | - Webmail no longer uses SSL over loopback interface. | + | - Don't use SSL over loopback. |
| | | |
− | - Allow webmail access to be selected for only the local network. | + | - Replace last change with a default value for horde access |
| + | |
| + | - Ensure initialisation of variables in webmail-only-local-network. |
| | | |
| | | |
| ====Web Server==== | | ====Web Server==== |
− | - Modules necessary to implement .htaccess have now been loaded by default. | + | - Force magic_quotes Off. |
| | | |
− | - Disable index listing of Apache icons folder. | + | - Remove insecure ciphers |
| | | |
− | - PHP's magic_quotes are deprecated so should no longer be used. The php.ini will now have "magic_quotes Off" instead of fully removing it as the default is ON.
| |
| | | |
− | - Change wording of Software Update button. | + | ====Other fixes and updates==== |
| + | - Add ssh-autoblock for external interface. |
| | | |
− | - Remove insecure SSL ciphers. | + | - Do not hardcode NIC names to eth0 and eth1. |
| | | |
| + | - Return nic names in probeAdapters so we can drop HWAddress. |
| | | |
− | ====Other fixes and updates====
| + | - Remove HWAddress prop from interfaces. |
− | - Remove old System Name from the Hosts DB | |
| | | |
− | - Fix warning in /var/log/messages by correctly initialising the relevant variable. The warning related to the HW Address of a NIC. | + | - Remove the "swap interface" feature. |
| | | |
− | - user-modify-unix script could take many minutes, it has now been optimised to take only seconds | + | - Remove obsolete VLAN code. |
| | | |
− | - The memory limit for pppoe was increased to 100Mb. | + | - Load the bonding module if NIC bonding is enabled. |
| | | |
− | - On upgrading from SME Server 7 to SME Server 8 an email could be sent to the admin everyday due to a modified /etc/updatedb.conf file. This update ensures the correct /etc/updatedb.conf file. | + | - Define the udev-post service in the DB. |
| | | |
− | - Updated SME root server template as D-root changed its IPv4 address on the 3rd of January 2013. | + | - Provide the ability to restrict ibay access to http. |
| | | |
− | - The console would crash when no value is entered as static gateway in servergateway(-private) mode. Improved error-checking in isValidIP() prevents this. | + | - Restart rsyslog in logrotate event. |
| | | |
− | - Use file locking to make sure that only one copy of the masq script is running at any particular time. | + | - Set smb ServerName if unset. |
| | | |
− | - Add python-hashlib so we can read newer repodata signatures. | + | - Don't reload init in bootstrap-console-save and console-save. |
| | | |
− | - Point mirrorlist to mirrorlist.contribs.org | + | - Fix add_new_disk_to_raid1. |
| | | |
− | - Increase memory limit for ntpd. | + | - Provide the ability to force https per ibay. |
| | | |
| - Add an audit for groups. | | - Add an audit for groups. |
| | | |
− | - Set sme-server as the default workgroup and domain name for new installations. | + | - Update the full names of users added in %pre. |
| + | |
| + | - Fix uid and gid to be the same for the users added in %pre. |
| + | |
| + | - Changed Prereq to Requires(pre) as Prereq is deprecated. |
| + | |
| + | - Patch to correct issue with not being able to access a password protected |
| + | ibay. |
| + | |
| + | - Update ServerName (Samba netbios name) when SystemName is updated. |
| + | |
| + | - Remove old System Name from the Hosts DB. |
| + | |
| + | - Fix group creation when LDAP auth is enabled. |
| + | |
| + | - Disable IPv6 on a default install. |
| + | |
| + | - Continue escaping control chars in rsyslog, just replace LF with space. |
| + | |
| + | - Use UTF-8 in the console. |
| + | |
| + | - Remove redundant parts of init-accounts. |
| + | |
| + | - Add_template_to_ssl.pem, codes by JP Pialasse. |
| + | |
| + | - Require diald. |
| + | |
| + | - Removal of rc.e-smith now functionality is in e-smith-service. |
| + | |
| + | - Replacement of rc.e-smith by moving code into e-smith-service. |
| + | |
| + | - Fix the way '.' works in bash. |
| + | |
| + | - rename /etc/ldap.conf to /etc/pam_ldap.conf (and same for .secret). |
| + | |
| + | - Always define InternalInterface NICBonding. |
| + | |
| + | - In the console refer to removable media instead of USB disk. |
| + | |
| + | - Fix a few more syslog => rsyslog items. |
| + | |
| + | - Remove modprobe stuff. |
| + | |
| + | - Don't be as agressive on rate limiting. |
| + | |
| + | - Change syslog templates to rsyslog. |
| + | |
| + | - Ensure existing_hwaddr is always initialized. |
| + | |
| + | - Change System Name from mitel-networks-server to sme-server. |
| + | |
| + | - Patch to remove symlink to Primary ibay from /home/e-smith/files/primary. |
| + | |
| + | - Patch to correct issue with not being able to access a password protected |
| + | ibay. |
| + | |
| + | - Correctly display accented letters in the console. |
| + | |
| + | - Add e-smith as a Requires(pre) and remove adding users in %pre. |
| + | |
| + | - Fix uid and gid to be the same in create-system-user. |
| + | |
| + | - Ignore mysql.event table. |
| + | |
| + | - Use --single-transaction in mysql-dump-tables. |
| + | |
| + | - Use mysql_upgrade instead of fix_privilege_tables. |
| + | |
| + | - Increase memory limit for ntp. |
| + | |
| + | - Make rsyslog listen to our socket. |
| + | |
| + | - Remove rc.quota_create. |
| + | |
| + | - the config file is radiusclient.conf, not radiusclient-ng.conf. |
| + | |
| + | - Add templates for radiusclient-ng.conf file to remove binaddr |
| + | directive. |
| + | |
| + | - Add directive to options.pptpd so that radius plugin can find the |
| + | radiusclient configuration file.. |
| + | |
| + | - Fix permissions of /etc/radiusclient-ng/servers. |
| + | |
| + | - Add hack for running rc7.d script during runlevel 4. |
| + | |
| + | - Apply SME Server config file changes to pwauth. |
| + | |
| + | - Fix libgomp obsoletes to not obsolete el6 version. |
| + | |
| + | - Change order of mail options in check4updates. |
| + | |
| + | - Fix parsing issues with "manage RAID" menu option in the console. |
| + | |
| + | - Remove SSH v1 legacy support. |
| + | |
| + | - Support nolvm boot option. |
| + | |
| + | - Create degraded RAID1 array with single disk install. |
| + | |
| + | - nodmraid is the default for SME 9.0 installs. |
| + | |
| + | - Give more time to the grub menu. |
| + | |
| + | - Update installer hard drive warning. |
| + | |
| + | - Customize confirmation dialogs during fresh install. |
| + | |
| + | - Run installer in 'text' mode. |
| + | |
| + | - Roll new stream to really remove obsolete images |
| + | |
| + | - Roll new stream to remove obsolete images |
| + | |
| + | - Move console backup to e-smith-backup |
| + | |
| + | - Remove support.pl from e-smith-base and move to smeserver-support |
| + | |
| + | - Console restore should reboot |
| | | |
− | - Provide the ability to force https per ibay. | + | - Boostrap console should only offer restore if no password set |
| + | |
| + | - Add restore backup as a console item for freshly installed servers |
| + | |
| + | - Non-code changes to perform_restore.pm |
| + | |
| + | - Refer to removable media not CDROM in console restore |
| + | |
| + | - Remove insecure SSL ciphers |
| + | |
| + | - Add more PHP options to ibays only by db commands |
| + | |
| + | - Add SSLRequireSSL to ibays when SSL is set to enabled |
| + | |
| + | - Force https per ibay should not be the default for existing ibays |
| + | |
| + | - Add textbox() to console.pm, getLicenseFile to util.pm |
| + | |
| + | - Update frame header and footer |
| + | |
| + | - Use mysql_upgrade in 00_restore_dumped_dbs, by Terje Edseth |
| + | |
| + | - Use mysql_upgrade --force due to upgrade to MySQL 5.1 |
| | | |
| - Prevent server being used in NTP amplification attacks. | | - Prevent server being used in NTP amplification attacks. |
| | | |
− | - Modify template to allow Squid proxy https access to ports other than 443,563 | + | - Modify template to allow Squid proxy https access to ports other than |
| + | 443,563 using db command |
| | | |
− | - Add logcheck to help analyse errors in the log files. | + | - Add -n 1 to the dmesg line in rc.sysinit to prevent unwanted messages |
| + | appearing on the console |
| | | |
− | - Refer to removable media not CDROM in console restore. | + | - Correct offest in runlevel7 patch to avoid .orig file |
| | | |
− | - Remove old images. | + | - Remove CentOS Branding patch |
| | | |
− | - Update with ca-bundle.crt from SME 9 | + | - Add logcheck to help analyse errors in the log files |
| | | |
| + | - Roll new stream to remove obsolete images |
| | | |
− | ===General features===
| + | - Move support.pl from e-smith-base to smeserver-support |
| + | |
| + | - The console license page now uses dialog's textbox. |
| + | |
| + | - Ensure console is run with taint checking. |
| | | |
| | | |
− | - Based on CentOS 5.10 and all available updates | + | ===General features=== |
| + | - Based on CentOS 6.5 and all available updates |