Line 1: |
Line 1: |
− | ==SME Server 8.1Beta1 Release Notes== | + | <blockquote style="background-color: #EEFFD9; border: solid thin grey; padding: 7px 7px 7px 7px;box-shadow: 3px 3px 3px #888888;"> |
| + | <center> |
| + | <span style="font-size:150%;">Announcing '''Koozali SME Server 8 series is discontinued'''</span><br> |
| + | The Koozali SME Server development team is announcing the discontinuation of the Koozali SME Server 8.x series as per <br>'''March 31, 2017'''.<br> |
| + | Please see [https://forums.contribs.org/index.php/topic,52058.0.html this post] for more information.</center></blockquote> |
| | | |
− | 30 September 2013
| + | ==SME Server 8.1 Release Notes== |
| + | |
| + | 28 February 2014 |
| | | |
| The SME Server development team is pleased to announce the release of | | The SME Server development team is pleased to announce the release of |
− | SME Server 8.1 Beta 1 which is based on CentOS 5.9 | + | SME Server 8.1 Release Candidate 1 which is based on CentOS 5.10 |
| | | |
| Bug reports and reports of potential bugs should be raised in the bug | | Bug reports and reports of potential bugs should be raised in the bug |
Line 12: |
Line 18: |
| | | |
| {{Donate}} | | {{Donate}} |
| + | |
| + | ===Download=== |
| + | <center> |
| + | {{currentreleases}} |
| + | </center> |
| | | |
| | | |
| ===About SME Server=== | | ===About SME Server=== |
| SME Server is the leading Linux distribution for small and medium | | SME Server is the leading Linux distribution for small and medium |
− | enterprises. | + | enterprises. SME Server is brought to you by Koozali Foundation, Inc., |
| + | a non-profit corporation that exists to provide marketing and legal support |
| + | for SME Server. |
| | | |
| SME Server is freely available under the GNU General Public License and | | SME Server is freely available under the GNU General Public License and |
Line 23: |
Line 36: |
| meeting our expenses, such as hosting costs, server hardware, etc. | | meeting our expenses, such as hosting costs, server hardware, etc. |
| | | |
− | As such, we ask for a small donation to offset costs and fund further | + | As such, we ask for a donation to offset costs and fund further development. |
| + | a) If you are a school, a church, a non-profit organisation or an individual |
| + | using SME Server for private purposes, we would appreciate you to contribute |
| + | within your means toward the costs associated with hosting, maintenance and |
| development. | | development. |
| + | b) If you are a company or an integrator and you are deploying SME Server in |
| + | the course of your work to generate revenue, we expect you to make a donation |
| + | commensurate with the level of revenue you generate and the number of servers |
| + | your have in the field. Please, help the project |
| | | |
− | Please visit http://wiki.contribs.org/Donate to donate.
| + | Koozali Inc is happy to supply an invoice for any donations received, |
| + | simply email treasurer@koozali.org |
| | | |
| ===Thanks and a plea for help=== | | ===Thanks and a plea for help=== |
| The development team would like to thank all of those who have involved | | The development team would like to thank all of those who have involved |
− | themselves with this release. | + | themselves with this release. |
| + | |
| + | ===Notes=== |
| + | {{Note box|It may take up to 48 hours for mirrors to finish syncing, during this time you may experience problems. You can download SME Server 8.1 from |
| + | http://mirror.contribs.org/smeserver/releases/8.1/iso/}} |
| + | |
| + | {{Note box|msg=Some notes on SME Server 8 including help on upgrades can be found at http://wiki.contribs.org/SME_Server_8. Additional information on 8.1 will be added. }} |
| + | |
| + | |
| + | {{Note box|msg=Version 8.0 of SME Server is based on CentOS 5. CentOS 5 does not support i586 architecture and as such SME server 8 is not compatible with i586 architecture. See [[Bugzilla:4740]] and [[Bugzilla:6671]]}} |
| | | |
| + | {{Note box|msg=Hardware that may include an internal tape drive may experience a Installer fail immediately after cd check or skipping cd check, see [[Bugzilla:6996]] and try install again after disconnecting tape drive. }} |
| | | |
− | ===Notes===
| |
− | {{Note box|It may take up to 48 hours for mirrors to finish syncing, during this time you may experience problems. You can download SME8.1 from
| |
− | http://mirror.contribs.org/smeserver/releases/testing/8/iso/}}
| |
| | | |
− | {{Note box|Some notes on SME 8 including help on upgrades can be found at http://wiki.contribs.org/SME_Server_8. Additional information on 8.1 will be added.}} | + | {{Note box|msg=Before performing an upgrade to SME 8 from version 7.xx you need to fully update the installation of version 7.xx before attempting the upgrade. See also [[Bugzilla: 6732]] and [[Bugzilla: 7056]]}} |
| + | |
| + | ===Changes After Beta 4=== |
| + | |
| + | There are no major changes. |
| + | |
| + | Update with ca-bundle.crt from SME 9. |
| + | |
| + | ===Changes from Beta 3=== |
| + | |
| + | Set sme-server as the default workgroup and domain name for new installations. |
| + | |
| + | Remove insecure SSL ciphers. |
| + | |
| + | Due to SMTP servers not handling SMTP Auth well only present one auth method at a time, in order, to NET::SMTP. |
| + | |
| + | Allow webmail access to be selected for only the local network. |
| + | |
| + | Provide the ability to force https per ibay. |
| + | |
| + | ===Changes from Beta 2=== |
| + | |
| + | Update to CentOS 5.10 |
| + | |
| + | Update footer copyright and renew full copyright text. |
| + | |
| + | Latest version of Dar, 2.4.11, for workstation backup. |
| + | |
| + | Workstation Backup, fix selective restore by requesting array of results |
| + | from CGI.pm |
| + | |
| + | Workstation Backup, new method to show files being restored is needed |
| + | when using dar 2.4 |
| + | |
| + | ===Changes from Beta 1=== |
| + | |
| + | nodmraid is now the default install option as many issues have been seen with dmraid. |
| + | |
| + | Installer warning updated to clarify all attached disks will be reformatted. |
| + | |
| + | SME Server changes to initscripts included. |
| + | |
| + | Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
| | | |
− | See [[Bugzilla:4740]] and [[Bugzilla:6671]]
| + | Updated to latest Antivirus, ClamAV, 0.98. |
− | {{Note box|Version 8.0 of SME Server is based on CentOS 5. CentOS 5 does not suppoort i586 architecture and as such SME server 8 is not compatible with i586 architecture. }}
| |
| | | |
− | {{Note box|Hardware that may include an internal tape drive may experience a Installer fail immediately after cd check or skipping cd check, see [[Bugzilla 6996]] and try install again after disconnecting tape drive. }}
| + | Added donation text and graphic to login page and server-manager. |
| | | |
− | See [[Bugzilla: 6732]] and [[Bugzilla: 7056]]
| + | Modules necessary to implement .htaccess have now been loaded by default. |
− | {{Note box|Before performing an upgrade to SME 8 from version 7.xx you need to fully update the installation of version 7.xx before attempting the upgrade.}}
| |
| | | |
| ===Changes in this release=== | | ===Changes in this release=== |
Line 53: |
Line 121: |
| | | |
| ====Backups==== | | ====Backups==== |
− | - Workstation Backup allows the day of the week to be specified on which a full backup occurs. This now works correctly for all days of the week. | + | - Latest version of Dar, 2.4.11, for workstation backup. |
− | - To increase reliability of backups to a Microsoft Vista drive, a one second delay was added to the backup. | + | |
| + | - Workstation Backup allows the day of the week to be specified on which a full backup occurs. This now works correctly for all days of the week. |
| + | |
| + | - To increase reliability of backups to a Microsoft Vista drive, a one second delay was added to the backup. This issue is not seen on the newer Microsoft OS. |
| + | |
| - Allow user setting of compression level for Desktop and Console Backups. | | - Allow user setting of compression level for Desktop and Console Backups. |
| For example: config setprop backupconsole CompressionLevel -6 | | For example: config setprop backupconsole CompressionLevel -6 |
| The default is -6, where -1 is fastest and -9 is optimal compression. | | The default is -6, where -1 is fastest and -9 is optimal compression. |
− | - In the console, under item 8, refer to removable media instead of USB device. | + | |
− | - After a restore from the console the post-upgrade event was not being performed. | + | - In the console, under item 8, refer to removable media instead of USB device. |
| + | |
| + | - After a restore from the console the post-upgrade event was not being performed. |
| + | |
| - Add an option to use Wake on LAN before starting Workstation Backup. | | - Add an option to use Wake on LAN before starting Workstation Backup. |
− | - Workstation Backup, report cifs mount errors. | + | |
− | - Workstation Backup, be compatible with destinations that include spaces.
| + | - Workstation Backup, report cifs mount errors. |
| + | |
| - Workstation Backup, remove temporary directory on success . | | - Workstation Backup, remove temporary directory on success . |
− | - Workstation Backup, add a choice to delete old backup before or after backup. | + | |
| + | - Workstation Backup, add a choice to delete old backup before or after backup. |
| + | |
| + | - Workstation Backup, ensure that the pathname passed to dar_manager is quoted to allow backup destinations with spaces, eg some USB drives. |
| + | |
| + | - Workstation Backup, count backup sets from 1 and delete the obsolete set0 when it goes out of scope. |
| + | |
| + | - Workstation Backup, do not fail backup for mtime/ctime mismatch |
| + | |
| + | - Workstation Backup, fix selective restore by requesting array of results from CGI.pm |
| + | |
| + | - Workstation Backup, new method to show files being restored is needed when using dar 2.4 |
| + | |
| + | - Don't remove the apache group during restore. |
| + | |
| + | - Workstation Backup, suppress ctime error message on incremental backups. |
| + | |
| + | - Workstation Backup, selective restore of deleted files. |
| + | |
| | | |
| ====File Server==== | | ====File Server==== |
− | - Add support for Windows 8 domain joining & user login with a new registry file. | + | - Replace vfs_shadow_copy with vfs_shadow_copy2 for shadow snapshots. |
| + | |
| + | - Add support for Windows 8 domain joining & user login with a new registry file. |
| /server-resources/regedit/win8samba.reg | | /server-resources/regedit/win8samba.reg |
− | - New optional samba property smb{WideLinks}, valid values are 'no' or 'yes'. The current samba default is 'no'. | + | |
| + | - New optional samba property smb{WideLinks}, valid values are 'no' or 'yes'. The current samba default is 'no'. |
| see http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#WIDELINKS | | see http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#WIDELINKS |
− | For example to enable samba Wide Links | + | For example to enable samba Wide Links |
| # config setprop smb WideLinks yes | | # config setprop smb WideLinks yes |
− | - Add windows network performance enhancements registry file that can help Windows slow logons. | + | |
| + | - Add windows network performance enhancements registry file that can help Windows slow logons. |
| /server-resources/regedit/windows_samba_performance.reg | | /server-resources/regedit/windows_samba_performance.reg |
− | - Two new optional samba properties smb{ServerMaxProtocol} & smb{ClientMaxProtocol}. | + | |
| + | - Two new optional samba properties smb{ServerMaxProtocol} & smb{ClientMaxProtocol}. |
| For example: # config setprop smb ServerMaxProtocol NT1 | | For example: # config setprop smb ServerMaxProtocol NT1 |
− | - Remove the samba_audit specific logrotate configuration which was causing an email to be sent to the admin every night. | + | |
− | - Enable smb auditing per ibay, it is disabled by default. | + | - Remove the samba_audit specific logrotate configuration which was causing an email to be sent to the admin every night. |
− | Auditing is enabled via
| + | |
| + | - Enable smb auditing per ibay, it is disabled by default. Auditing is enabled via |
| # db accounts setprop ibayname Audit enabled | | # db accounts setprop ibayname Audit enabled |
| # signal-event ibay-modify ibayname | | # signal-event ibay-modify ibayname |
| + | |
| - Prevent emailing about the normal, weekly, checks of RAID arrays | | - Prevent emailing about the normal, weekly, checks of RAID arrays |
| + | |
| - Update ServerName (Samba netbios name) when SystemName is updated | | - Update ServerName (Samba netbios name) when SystemName is updated |
− | - Workaround a deficiency in the proftpd package where it does not handle long lines correctly in its configuration file. This caused FTP to fail when large numbers of local networks were configured. | + | |
− | - Ensure Deny from all is on its own line in 15LimitLOGIN | + | - Workaround a deficiency in the proftpd package where it does not handle long lines correctly in its configuration file. This caused FTP to fail when large numbers of local networks were configured. |
| + | |
| + | - Ensure Deny from all is on its own line in 15LimitLOGIN |
| + | |
| + | - Update default ServerName in 30smbServerName, and change default Workgroup and Domain to sme-server |
| | | |
| | | |
| ====LDAP (Optional in SME 8.1, and considered experimental)==== | | ====LDAP (Optional in SME 8.1, and considered experimental)==== |
| - Fix init-account script when LDAP auth is enabled. | | - Fix init-account script when LDAP auth is enabled. |
| + | |
| - Fix group creation/modification when LDAP auth is enabled. | | - Fix group creation/modification when LDAP auth is enabled. |
| + | |
| - The ldap.init script which starts just after the ldap service waits for slapd to be to available. The logic to check if slapd is ready was corrected. | | - The ldap.init script which starts just after the ldap service waits for slapd to be to available. The logic to check if slapd is ready was corrected. |
| + | |
| - Add missing dependency on openldap-servers. | | - Add missing dependency on openldap-servers. |
| + | |
| - The ldap log files can take significant space on servers with a lot of users. This update will ensure old BDB log files are removed. | | - The ldap log files can take significant space on servers with a lot of users. This update will ensure old BDB log files are removed. |
| | | |
Line 101: |
Line 211: |
| | | |
| ====Mail Server==== | | ====Mail Server==== |
| + | - Updated to latest Antivirus, ClamAV, 0.98.1 |
| + | |
| - Fetchmail multidrop mode follows TCPPort setting. | | - Fetchmail multidrop mode follows TCPPort setting. |
| + | |
| - Avoid use of unitialised variables in smtp migrate fragments. | | - Avoid use of unitialised variables in smtp migrate fragments. |
| + | |
| - Allow smtp_auth_proxy to use port 587 with STARTTLS. | | - Allow smtp_auth_proxy to use port 587 with STARTTLS. |
− | - Due to SMTP servers not handling SMTP Auth well enable the use of a blacklist to remove the troublesome methods. | + | |
| + | - Due to SMTP servers not handling SMTP Auth well enable the use of a blacklist to remove the troublesome methods. |
| For example to remove CRAM-MD5: | | For example to remove CRAM-MD5: |
| # db configuration setprop smtp-auth-proxy Blacklist CRAM-MD5 | | # db configuration setprop smtp-auth-proxy Blacklist CRAM-MD5 |
Line 111: |
Line 226: |
| # db configuration setprop smtp-auth-proxy Blacklist "CRAM-MD5 DIGEST-MD5" | | # db configuration setprop smtp-auth-proxy Blacklist "CRAM-MD5 DIGEST-MD5" |
| # sv t /service/smtp-auth-proxy | | # sv t /service/smtp-auth-proxy |
− | - imap-relocate-maildirs action was removed.It was no longer necessary and was sometimes very slow. | + | |
− | - The soft memory limits for pop3 and pop3s were increased. Two new optional database properties pop3{MemLimit} and pop3s{MemLimit} | + | - imap-relocate-maildirs action was removed. It was no longer necessary and was sometimes very slow. |
| + | |
| + | - The soft memory limits for pop3 and pop3s were increased. Two new optional database properties pop3{MemLimit} and pop3s{MemLimit} |
| For example to increase the memory limit | | For example to increase the memory limit |
| # config setprop pop3s MemLimit 50000000 | | # config setprop pop3s MemLimit 50000000 |
Line 118: |
Line 235: |
| # config setprop pop3 MemLimit 50000000 | | # config setprop pop3 MemLimit 50000000 |
| # expand-template /var/service/pop3/env/MEMLIMIT | | # expand-template /var/service/pop3/env/MEMLIMIT |
− | - New optional qmail property qmail{ConcurrencyLocal} and default for /var/qmail/control/concurrencylocal changed to 20. | + | |
| + | - New optional qmail property qmail{ConcurrencyLocal} and default for /var/qmail/control/concurrencylocal changed to 20. |
| For example to decrease the local concurrecny limit | | For example to decrease the local concurrecny limit |
| # config setprop qmail ConcurrencyLocal 6 | | # config setprop qmail ConcurrencyLocal 6 |
| + | |
| - Modify domain style pseudonym pointing to user with dot in name. | | - Modify domain style pseudonym pointing to user with dot in name. |
| + | |
| - Accept messages with no body and no trailing \n after headers. | | - Accept messages with no body and no trailing \n after headers. |
− | - Prevent email delivery failure with required updates for perl-Net-DNS and qpsmtpd. | + | |
− | - New optional spamassassin property spamassassin{MaxMessageSize} to allow for spamassassin qpsmtpd's plugin size limit to be changed. | + | - Prevent email delivery failure with required updates for perl-Net-DNS and qpsmtpd. |
| + | |
| + | - New optional spamassassin property spamassassin{MaxMessageSize} to allow for spamassassin qpsmtpd's plugin size limit to be changed. |
| For example to also scan larger files | | For example to also scan larger files |
| # config setprop spamassassin MaxMessageSize 1500000 | | # config setprop spamassassin MaxMessageSize 1500000 |
− | - Make CipherSuite secure by default and tls ciphers defaults to disallow SSLv2. | + | |
| + | - Make CipherSuite secure by default and tls ciphers defaults to disallow SSLv2. |
| + | |
| - Fix how qpsmtpd tags spam email. | | - Fix how qpsmtpd tags spam email. |
− | - Add template to extend the functionality of SSL verified certificate to IMAP and SSMTP transactions | + | |
| + | - Add template to extend the functionality of SSL verified certificate to IMAP and SSMTP transactions |
| + | |
| - Update ClamAV to release 0.97.8. | | - Update ClamAV to release 0.97.8. |
| + | |
| - Load TextCat plugin if ok_languages is enabled. | | - Load TextCat plugin if ok_languages is enabled. |
| + | |
| + | - Removed the databytes file from qpsmtpd config to honor the maximum message size settings. See http://wiki.contribs.org/Email#Set_max_email_size |
| + | |
| + | - Include /usr/bin/refreshclam |
| + | |
| + | - Remove workarounds for how qpsmtpd tags spam email. |
| + | |
| + | - Remove insecure SSL ciphers. |
| + | |
| + | - Add keepalive option for tcpsvd for imap and imaps services. |
| + | |
| + | - Use stunnel-tls instead of sslio to wrap imaps service. |
| | | |
| | | |
| ====Server manager==== | | ====Server manager==== |
− | - Do not load mod_ssl for httpd-admin as it is not needed and creates log noise. | + | - Added donation text and graphic to login page and server-manager. |
− | - If the browser used to access the server-manager used lower case for %escapes a blank screen would be shown. The server manager URL processing is now case-insensitive for %escapes. | + | |
| + | - Update footer copyright and renew full copyright text. |
| + | |
| + | - Do not load mod_ssl for httpd-admin as it is not needed and creates log noise. |
| + | |
| + | - If the browser used to access the server-manager used lower case for %escapes a blank screen would be shown. The server manager URL processing is now case-insensitive for %escapes. |
| + | |
| - Fix more uninitialized warnings in log (httpd/admin_error_log) from HTML.pm. | | - Fix more uninitialized warnings in log (httpd/admin_error_log) from HTML.pm. |
− | - Remove log noise (httpd/admin-error-log) when accessing the Create Starter Web panel in server-manager | + | |
| + | - Remove log noise (httpd/admin-error-log) when accessing the Create Starter Web panel in server-manager. |
| | | |
| | | |
| ====Webmail and Groupware==== | | ====Webmail and Groupware==== |
| - If IMAP is disabled in the server manager email panel, IMAP will now listen to the loopback interface to allow webmail to function. | | - If IMAP is disabled in the server manager email panel, IMAP will now listen to the loopback interface to allow webmail to function. |
| + | |
| - Webmail no longer uses SSL over loopback interface. | | - Webmail no longer uses SSL over loopback interface. |
| + | |
| + | - Allow webmail access to be selected for only the local network. |
| | | |
| | | |
| ====Web Server==== | | ====Web Server==== |
| + | - Modules necessary to implement .htaccess have now been loaded by default. |
| + | |
| - Disable index listing of Apache icons folder. | | - Disable index listing of Apache icons folder. |
| + | |
| - PHP's magic_quotes are deprecated so should no longer be used. The php.ini will now have "magic_quotes Off" instead of fully removing it as the default is ON. | | - PHP's magic_quotes are deprecated so should no longer be used. The php.ini will now have "magic_quotes Off" instead of fully removing it as the default is ON. |
| + | |
| - Change wording of Software Update button. | | - Change wording of Software Update button. |
| + | |
| + | - Remove insecure SSL ciphers. |
| | | |
| | | |
| ====Other fixes and updates==== | | ====Other fixes and updates==== |
| - Remove old System Name from the Hosts DB | | - Remove old System Name from the Hosts DB |
− | - Fix warning in /var/log/messages by correctly initialising the relevant variable. The warning related to the HW Address of a NIC. | + | |
− | - user-modify-unix script could take many minutes, it has now been optimised to take only seconds | + | - Fix warning in /var/log/messages by correctly initialising the relevant variable. The warning related to the HW Address of a NIC. |
| + | |
| + | - user-modify-unix script could take many minutes, it has now been optimised to take only seconds |
| + | |
| - The memory limit for pppoe was increased to 100Mb. | | - The memory limit for pppoe was increased to 100Mb. |
− | - On upgrading from SME Server 7 to SME Server 8 an email could be sent to the admin everyday due to a modified /etc/updatedb.conf file. This update ensures the correct /etc/updatedb.conf file. | + | |
− | - Updated SME root server template as D-root changed its IPv4 address on the 3rd of January. | + | - On upgrading from SME Server 7 to SME Server 8 an email could be sent to the admin everyday due to a modified /etc/updatedb.conf file. This update ensures the correct /etc/updatedb.conf file. |
− | - The console would crash when no value is entered as static gateway in servergateway(-private) mode. Improved error-checking in isValidIP() prevents this. | + | |
− | - Use file locking to make sure that only one copy of the masq script is running at any particular time. | + | - Updated SME root server template as D-root changed its IPv4 address on the 3rd of January 2013. |
| + | |
| + | - The console would crash when no value is entered as static gateway in servergateway(-private) mode. Improved error-checking in isValidIP() prevents this. |
| + | |
| + | - Use file locking to make sure that only one copy of the masq script is running at any particular time. |
| + | |
| - Add python-hashlib so we can read newer repodata signatures. | | - Add python-hashlib so we can read newer repodata signatures. |
− | - Point mirrorlist to mirrorlist.contribs.org | + | |
− | - Increase memory limit for ntpd . | + | - Point mirrorlist to mirrorlist.contribs.org |
| + | |
| + | - Increase memory limit for ntpd. |
| + | |
| + | - Add an audit for groups. |
| + | |
| + | - Set sme-server as the default workgroup and domain name for new installations. |
| + | |
| + | - Provide the ability to force https per ibay. |
| + | |
| + | - Prevent server being used in NTP amplification attacks. |
| + | |
| + | - Modify template to allow Squid proxy https access to ports other than 443,563 |
| + | |
| + | - Add logcheck to help analyse errors in the log files. |
| + | |
| + | - Refer to removable media not CDROM in console restore. |
| + | |
| + | - Remove old images. |
| + | |
| + | - Update with ca-bundle.crt from SME 9 |
| + | |
| | | |
| ===General features=== | | ===General features=== |
| | | |
| | | |
− | - Based on CentOS 5.9 and all available updates | + | - Based on CentOS 5.10 and all available updates |
| + | |
| + | [[Category:SME Server Releases]] |
| + | [[Category:Release Note]] |