News

Zentyal 3.2 Changelog

antivirus

  • Adapt firewall rules to new accept chains
  • Added LogHelper for storing AV DB updates in the DB
  • Disable outdated script hook as it is not shown in the UI
  • Enhanced way of getting signatures form logs: alternative log line supported and dates checked

asterisk

  • Moved to Contrib Repository (see details)

bwmonitor

  • Interfaces model now has a checkbox to enable/disable all
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Logrotate preserves interface log file
  • Adapted to improvement of EBox::Module::Service::isRunning method
  • Better integration with captive portal; cannot disable interfaces used by it
  • BWUsage recover for invalid IPs (or IPv6 addresses)
  • Adapted to new Model management framework
  • Create tables with MyISAM engine by default
  • Fixed retrieval of IP addressess in SQL queries
  • Fix bug in report when there is no data to report
  • Adapted to new MySQL logs backend
  • Do not show invalid edit action in BWUsage model
  • Replaced autotools with zbuildtools
  • Usage table allows no-host IP addresses
  • Add logrotate file
  • Fixed bandwidth quota measure for some cases
  • Use BIGINT in SQL table to avoid overflow errors
  • Better control of generated upstart and configuration files

ca

  • Allow any wildcard level in DNS field of subject alternative name
  • Adapted to new CSS styles
  • Adapted to updatedRowNotify call with no changes in values
  • Do not show service certificates for removed modules
  • Allow wildcard domain in DNS alternative name
  • Adapted keys and cert downloader to the new utf8 fixes
  • Better error control in subject alternatives, correct subject alternative type case in the CGI
  • Delete service certificates with old format on initialSetup()
  • Added and used serviceId field for service certificates
  • Unallow certificate fields with only blank characters, specific error for country codes of more than two characters

captiveportal

  • Allow login when accessing an HTTPS page
  • Improved reload icon
  • User add-on adapted to right panel view
  • Use MAC address in object exception
  • Fixed bug in exceptions firewall rules
  • Adapt firewall rules to new accept chains
  • Adapted user addon to multi-OU tree view
  • Removed no longer necessary jQuery noConflict()
  • Updated to use the new API to retrieve groups and users.
  • Updated to use the new security group concept.
  • Make user authorizarion compatible with external AD mode
  • Ported JS code to jQuery
  • Adapted to the new EBox::CGI::Run
  • Fixed bug which could generate invalid iptable rules when captive portal listens in more than one interface
  • Capture exceptions are now compatible with http proxy transparent mode
  • Capture exceptions are applied to input to the server itself
  • Client popup made more compatible with different browsers
  • Removed superfluos firewall rules removal, better management of firewall lock
  • Added ‘Continue to destination’ link
  • Remove conntrac kstate when adding/removing user rules
  • More frequent polling for more responsive captive daemon
  • Fixed Log4perl configuration and initialization. Log directory permissions made more restrictive.
  • Adapted to the new utf8 fixes
  • Removed superfluos calls to utf8::decode
  • Restart module on package install
  • Warning and disable action if authotization group is removed

common

  • Exception stacktraces are now properly logged or shown in the interface according to the debug and dump_exceptions confkeys
  • Add new exception InvalidArgument
  • EBox::Validate::checkEmailAddress does not ignore any longer white spaces at the begin and end of the address
  • Always show proper language name for english locales
  • Removed dependencies on prototype and scriptaculous javascript libraries
  • Removed deprecated configuration key override_user_modification
  • Remove «use GD» workaround in EBox::init()
  • Added a function to get the destination address of a Point-to-Point interface.
  • Added isRangeOverlappingWithRange, isValidRange and isIPInRange functions to EBox::Validate for better handling of IP ranges.
  • Use silentRoot in EBox:FileSystem::dirIsEmpty to avoid log exception error
  • EBox::NetWrappers::_ifaceShowAddress now works for peer-to-peer addresses
  • Added EBox::Validate::checkRegex function
  • Added EBox::FileSystem::mountPointIsMounted function
  • EBox::Sudo now writes correctly commands file with utf8 characters
  • Get default language from /etc/default/locale
  • Configure Log4perl to use utf8
  • Do not try to log default locale message when logger is not initialized
  • Added «use utf8» to Gettext needed for the language string literals
  • Decode utf8 strings from gettext
  • Removed unnecessary utf8::decode calls in exceptions
  • Fixed EBox::Gettext for undef and empty strings
  • Added EBox::setLocaleEnvironment method
  • Use default ‘C’ locale when locale configuration file is empty
  • Added Yoruba language
  • Added EBox::Sudo::system as equivalent to system() with root permissions
  • Removed forced setting of LANG variables which made progress indicator fail when using any language different to English

core

  • Simplified CSS and improved styles and icons
  • Enable module dependencies automatically in Module Status page
  • Allow to reorder table rows using drag & drop
  • Do not crash if /etc/timezone does not exist
  • Clean /var/lib/zentyal/tmp at the first moments of boot instead of when running zentyal start, this fixes problems with leftover locks that affect dhclient hooks
  • Fixed wrong case in some class names for the save changes button
  • Fixed autoscroll in dashboard widgets
  • No autoscroll is done when overflow happens. This makes sortable work in chromium
  • Set audit after logs when enabling in first install
  • Avoid getting unsaved changes by using readonly instance in manage-logs
  • Initial setup for webadmin is now executed in postinst
  • Fixed webadmin port migration
  • Use DATETIME type in date column for consolidation tables
  • Summarised reports shows graphs again
  • Events summarised report has breadcrumbs now
  • Base EBox::Logs::Composite::SummarizedReport to let summarised reports have common breadcrumbs
  • Fixed in-place boolean edit with non-basic types different to Union
  • Removed some warnings in error.log
  • Fixed confirmation dialogs warning style
  • Fixed configure widgets width and drop behavior
  • Always set as changed without checking RO value, this fixes some situations in which the save changes button was not enabled
  • Added datetime time formatter to JS graphs which show dates in X axis and date and time in the tracker
  • Fixed bug sending parameters in Zentyal.Tabs prototype
  • Fixed side-effect in Model::Manager::_modelHasMultipleInstances() that tried to load composite as model by mistake, the bug was at least present sometimes when trying to generate the configuration report
  • Throw internal exception in valueByName if elementByName is undef
  • Restore configuration backup from file now works again after JS framework change
  • Set proper title in dialogs when loading in an existent one
  • Always log Perl errors that are not Zentyal exceptions
  • Move package icons from software to core as required for the menu
  • Use dpkg –clear-avail to avoid incoherent updates information
  • Show printableModelName in DataTables when precondition fails
  • Fixed number of decimals in Disk Usage when unit is MB
  • Copyright footer is now at the bottom of the menu
  • Fix bytes formatter in graphs
  • Allow to define permanentMessage directly on models
  • Show placeholder in dashboard widgets drag&drop
  • Fixed crash reloading dashboard after configure widgets
  • Only apply redirect port fix on administration port
  • Fixed wrong behavior of software updates in dashboard widget
  • Always show proper language name for english locales
  • Fixed wrong redirects when using a non-default admin port
  • Remove unnecessary and problematic desktop services code
  • Changed some code to not trigger some unnecesary warnings
  • No-committed changes does not appear in configuration changes log table
  • Added autoFilter property to method tableInfo
  • Modules can now be marked for restart after save changes via post_save_modules redis key of the global module
  • Make all dashboards div of the same height to ease drag and drop
  • Don’t allow invalid email in create report CGI
  • DBEngineFactory is now a singleton
  • EBox::Util::Random mentions /dev/urandom in its error messages to ease troubleshooting
  • Assure that type’s references to its row are not lost in the edit form template methods
  • Added form.js
  • Added better 502 error page for nginx with redirect when apache is ready
  • Always call udpateRowNotify in row update, even when the new values are the same than old ones
  • Fixed bad call to EBox::CGI::Run::urlToClass in EBox::CGi::Base
  • Added icons for top-level menu entries and module status page
  • Fixed bad arguments in CGI::Controller::Composite call to SUPER::new()
  • More flexible EBox::CGI::run for inheritance
  • Fixed encoding of parameters in confirmation dialogs
  • Check backup integrity by listing the tar file, throw InvalidData exception if the tar is corrupted
  • Do not use hidden form fields for generating confirmation dialog JS
  • Fixed log bugs: use correct RO mode in loggerd, fixed behaviour when all log helpers are disabled, enable logs correctly when added by first time to configure logs table
  • Fixed bad interpolation in JS code in booleanInPlaceViewer.mas
  • WizardPage CGIs can now return JSON replies as response
  • unconfigure-module script disables also the module
  • Restart firewall module when a firewall observer module is stopped/started using zentyal init.d script
  • Added temporary stopped state to a Service module to know if a module is stopped but enabled
  • Redirect to / from /ebox using remote access to avoid blank page
  • Removed no longer necessary jQuery noConflict()
  • Added combobox.js
  • Added EBox::Model::Base as base for DataTable and the new TreeView
  • Adapted EBox::CGI::Run for the new TreeView models
  • Fixed DataTable row removal from the UI with 100% volatile models with ‘ids’ method overriden.
  • Increased webadmin default timeout.
  • Don’t allow to move read-only rows
  • Better prefix for user configuration redis keys
  • Hide disabled carousel buttons, fix modal template
  • Fixed modal dialog template
  • Mark save changes button as changed when moving rows
  • Remove unused parameter in Zentyal.DataTable.changeRow
  • Enhanced UI styles: dialogs, progress bars, carousel, colors and images
  • Rows of tables can now be moved using drag & drop
  • Added logout dialog with option of discarding changes
  • Remember page size options per users, added ‘View all’ page size option
  • Added storage of options per user
  • Adapted CGIs to new modal dialogs
  • Ported graphs from flotr.js to flot.js
  • Ported JS code to jQuery and jQuery-ui
  • Removed Modalbox.js, table_orderer.js and carousel.js
  • Left menu keyword search is now case insensitive
  • Make manage administrators table resilent against invalid users
  • Remove deprecated backup domains related from logs module
  • Added EBox::Types::URI type
  • Added saveReload method to use reload instead of restart to reduce service downtime. Use with care and programatically
  • Added findValueMultipleFields() to DataTable and refactor _find() to allow search by multiple fields
  • Fixed disk usage report for logs component
  • Do not dump unnecessary .bak files to /var/lib/zentyal/conf
  • Restart all the core daemons instead of only apache after logrotate
  • Fixed graph template so it could be feed with data using decimal comma, it will convert it to a JS array without problems
  • Added a way to retrieve all Models inside a Composite and its children.
  • Increased the size limit for file uploads.
  • Implemented a way to include configuration files for Nginx so the SOAP services are able to use Nginx for SSL.
  • Improved the message shown when there are no changes pending to save on logout.
  • Use the X-Forwarded-Proto header for redirects construction.
  • Added nginx as the public HTTP server of Zentyal.
  • Renamed ‘Apache’ module to ‘WebAdmin’ module. If you need to restart the web administration you must use ‘service zentyal webadmin restart’.
  • CGIs are now EBox::Module::CGI::* instead of EBox::CGI::Module::*
  • Daemons are now disabled when configuring a module, so Zentyal can manage them directly instead of being autostarted by the system
  • EBox::Model::DataForm::formSubmitted called even where there is no previous row
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Depend on mysql-server metapackage instead of mysql-server-5.5
  • Check against inexistent path in EBox::Util::SHM::subkeys
  • Silent diff in EBox::Types::File::isEqualTo
  • Print correctly UTF8 characters from configuration backup description
  • When host name is changed, update /etc/hostname
  • Proper link to remote in configuration backup page
  • Removed full restore option for restore-backup tool and EBox:Backup relevant methods
  • Use EBox::Module::Base::writeConfFileNoCheck to write apache configuration file
  • Log events after dispatching them in the EventDaemon and catch exception to avoid crashes when mysql is already stopped
  • Emit events on zentyal start and stop
  • Refactor some events-related code
  • Changed MB_widedialog CSS class to use all width available in the screen
  • Pass model instance when invoking EBox::Types::Select populate function
  • Improve dynamic editable property detection for framework types
  • Override _validateReferer method in Desktop services CGI
  • Don’t abort configuration backup when we get a error retrieving the partition table information
  • In EBox:Model::Row, refactored elementExists and elementByName to make them to have similiar code structure
  • Improvement in test help classes and added test fakes for EBox::Model::Manager and EBox::Util::SHMLock
  • Prevented unuseful warning in EBox::Model::DataTable::setDirectory when the old directory is undef
  • Fixed unit tests under EBox/Model/t, backup configuration tests and some others
  • Remove unused method EBox::Auth::alreadyLogged()
  • Apache::setRestrictedResource updates properly if already exists
  • Global and Module::Config allow to set redis instance to ease testing
  • Now EBox::GlobalImpl::lastModificationTime also checks modification time of configuration files
  • Rows in events models are now synced before running EventDaemon
  • Better way of checking if event daemon is needed
  • Allow numeric zero as search filter
  • When filtering rows don’t match agains link urls or hidden values
  • Avoid CA file check when removing it from Apache module
  • Silent removeCA and removeInclude exceptions when removing non-existant element
  • Fixed rollback operation in redis config backend
  • Desktop services CGI now only returns JSON responses
  • Update total ticks dynamically in progress indicator if ticks overflow
  • Added some missing timezones to EBox::Types::TimeZone
  • Add a new method to DBEngine ‘checkForColumn’ to retrieve columns definition from a given table
  • Reload models info in model manager if new modules are installed
  • Make sure that halt/reboot button can be clicked only once
  • Cleaner way of disabling dependant modules when the parent is disabled, avoiding unnecessary calls to enableService each time the module status page is loaded.
  • Show confirmation dialog when trying to change host or domain if zentyal-samba is installed and provisioned
  • Modified data table controller so edit boolean in place reuses the code of regular edits, avoiding getting incorrect read-only values from cache
  • Allow search filters with a leading ‘*’
  • Better error reporting when choosing a bad search filter
  • External exceptions from _print method are caught correctly in CGIs
  • EBox::CGI::run now supports correct handling of APR::Error
  • Fixed dashboard check updates ajax requests in Chrome
  • Fixed errors with zero digits components in time type
  • Better warning if size file is missing in a backup when restoring it
  • Fixed table cache behaviour on cache miss in logs module
  • Fix wrong button label when deleting rows in ‘datainuse’ template
  • Removed unused method EBox::Model::DataTable::_tailoredOrder
  • Added force default mode and permission to writeConfFileNoCheck(), writeFile() and derivatives
  • Fixed bug in EBox:::Logs::CGI::Index with internationalized parameter names
  • DataTables with sortedBy are now orderer alphabetically with proper case treatment
  • Display messages in model even when there are not elements and table body is not shown
  • Improve change-hostname script, delete all references to current name
  • Faster dashboard loading with asynchronous check of software updates
  • Workaround for when the progress id parameter has been lost
  • Fixed problems calling upstart coomands from cron jobs with wrong PATH
  • Decode CGI unsafeParams as utf8
  • Avoid double encoding when printing JSON response in EBox::CGI::Base
  • Remove warning in EBox::Menu::Folder when currentfolder is not defined
  • Avoid flickering loading pages when switching between menu entries
  • Incorrect regular expression in logs search page are correctly handled
  • Fix input badly hidden in the logs screen
  • reloadTable from DataTable now remove cached fields as well
  • Fixed unsafe characters error when getting title of progress indicator in progress dialog
  • Added use utf8 to dashboard template to fix look of closable messages
  • Adapted file downloads to the new utf8 fixes
  • Write backup files in raw mode to avoid utf8 problems
  • Print always utf8 in STDOUT on all CGIs
  • Decode CGI params of values entered at the interface as utf8
  • Proper encode/decode of utf8 with also pretty JSON
  • Fixed utf8 decoding in date shown at dashboard
  • Removed old workarounds for utf8 problems
  • Added new recoveryEnabled() helper method to Module::Base
  • Added recoveryDomainName() method to SyncProvider interface
  • Show specific slides when installing a commercial edition
  • Redirect to proper CGI after login in disaster recovery mode
  • Removed old debconf workaround for first stage installation
  • Log redis start message as debug instead of info to avoid flood
  • Use unsafeParam in EBox::CGI::Base::paramsAsHash
  • EBox::Module::Service does not raise exception and logs nothing when using init.d status
  • Fixed glitch in backup CGI which sometimes showed the modal dialog with a incorrect template
  • Use path for default name in SyncFolders::Folder
  • Do not restrict characters in data table searchs
  • Fixed refresh of the table and temporal control states in customActionClicked callback
  • Modified modalbox-zentyal.js to accept wideDialog parameter
  • Fixed sendInPlaceBooleanValue method from table-helper.js; it aborted because bad parameters of Ajax.Updater
  • Fixed bug that made that the lock was shared between owners
  • Some fixes in the function to add the rule for desktops services to the firewall
  • Delete obsolete EBox::CGI::MenuCSS package
  • Add new EBox::Module::Service::Observer to notify modules about changes in the service status
  • Administration accounts management reflects the changes in system accounts in ids() or row() method call
  • Some fixes in the RAID event watcher
  • foreignModelInstance returns undef if foreignModel is undef. This happens when a module has been uninstalled and it is referenced in other installed module (events)
  • loggerd shows loaded LogHelpers when in debug mode
  • Added additional info to events from RAID watcher
  • Use sudo to remove temporal files/diectories in backup, avoiding permissions errors
  • Added exception for cloud-prof module to events dependencies
  • Skip keys deleted in cache in Redis::_keys()
  • Fixed events modules dependencies to depend on any module which provides watchers or dispatchers
  • Always call enableActions before enableService when configuring modules
  • Added needsSaveAfterConfig state to service modules
  • Better exceptions logging in EBox::CGI::Run
  • Fixed ‘element not exists’ error when enabling a log watcher
  • Scroll up when showing modal dialog
  • Added fqdnChanged methods to SysInfo::Observer
  • Fixed SSL configuration conflicts betwen SOAPClient and RESTClient
  • Template ajax/simpleModalDialog.mas can now accept text
  • Used poweroff instead of halt to assure that system is powered off after halt
  • Fixed log audit database insert error when halting or rebooting
  • Added time-based closable notification messages
  • Adapted to new EBox::setLocaleEnvironment method
  • EBox::Type::File now allows ebox user to own files in directories which are not writable by him
  • Removed cron daily invocation of deprecated report scripts
  • Fixed invokation of tar for backup of model files
  • New observer for sysinfo module to notify modules implementing the SysInfo::Observer interface when the host name or host domain is changed by the user, before and after the change takes effect
  • Stop and start apache after language change to force environment reload
  • Reload page after language change
  • EBox::Module::Service::isRunning() skips daemons whose precondition fail
  • Fixed undefined reference in DataTable controller for log audit
  • Added and used serviceId field for service certificates
  • Fixed SQL quoting of column names in unbuffered inserts and consolidation
  • Fixed bug which prevented highlight of selected item in menu
  • Fixed base class of event dispatcher to be compatible with the changes dispatcher configuration table
  • Fixed event daemon to use dumped variables
  • Fixed need of double-click when closing menu items in some cases
  • Fixed logs consolidation to avoid high CPU usage
  • In view log table: correctly align previous and first page buttons
  • Improve host name and domain validation.
  • Forbidden the use of a qualified hostname in change hostname form
  • Update samba hostname-dependent fields when hostname is changed
  • Confirmation dialog when the local domain is changed and with a warning if local domain which ends in .local
  • The synchronization of redis cache refuses with log message to set undefined values
  • Fixed wrong sql statement which cause unwanted logs purge
  • DataForm does not check for uniqueness of its fields, as it only contains a single row
  • In ConfigureLogs, restored printable names for log domains
  • Fixed dashboard update error on modules widget, counter-graph widget and widget without sections
  • Better way to fix non-root warnings during boot without interfering on manual restart commands in the shell
  • Properly set default language as the first element of the Select to avoid its loss on the first apache restart
  • Removed forced setting of LANG variables in mod_perl which made progress indicator fail when using any language different to English
  • Removed some frequent undef warnings
  • Added executeOnBrothers method to EBox::Model::Component
  • Fixed repetition of ‘add’ and ‘number change’ events in RAID watcher
  • Fixed incorrect display of edit button in tables without editField action
  • Cache MySQL password to avoid reading it all the time
  • Fixed request came from non-root user warnings during boot
  • Send info event in Runit watcher only if the service was down MAX_DOWN_PERIODS

dhcp

  • Removed integration with ltsp module
  • Better warnings for fixed addresses objects with same member name or mac
  • Adapted to updatedRowNotify call with no changes in values
  • Implemented _daemonsToDisable()
  • Moved initRange and endRange methods to the network module to be shared.
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Allow access to /etc/ldap/ldap.conf on apparmor profile
  • Fix generation of reverse zones, the host part of the addresses was not removed
  • Fixed bug which used all addresses available in a interface to generate DNS reverse zone instead of the configured ranges
  • Always write ddns keys file when saving changes
  • Do not append trailing dot to key names
  • Adapted to changes in EBox::LogHelper::_convertTimestamp
  • Do not run daemon and show message when configuration does not provide addresses for interfaces
  • Ignore virtual interfaces
  • Keys shared with bind are now stored under /etc/dhcp/ddns-keys
  • Fixed problem in Options model which DNS domain syncRow call
  • Fixed problems in DynamicDNS models
  • Add dhcpd to the bind group if DynamicDNS is enabled
  • Use isc-dhcp-server upstart script
  • Added modeldepends to yaml schema
  • Adapted reverse zones to reverse ip fix in Net::IP
  • Removed deprecated calls to EBox::Model::Manager::model with wildcards
  • Remove old workarounds in viewCustomizers no longer necessary with foreign in yaml schema
  • Use a regular model instead of a select composite which is going to be deprecated
  • Adapted to new Model management framework
  • Use new services API
  • Create tables with MyISAM engine by default
  • Packaging fixes for precise
  • Recover from excepcion when parsing leases file
  • Modifications in the Thin Client options to allow an easy configuration of Zentyal LTSP
  • Service descriptions are now translatable and added printableNames
  • Adapted to new MySQL logs backend
  • Use apparmor local profile instead of overwritting the shipped one
  • Replace dhcp3-server with new isc-dhcp-server name
  • Implemented gatewayDelete method from NetworkObserver
  • Set always five subdomains to reverse zones to avoid problems with some networks like 10.0.0.0/24
  • Fixed problem with cache of dhcp leases widget. Now it updates correctly
  • Lowercase the members in fixed address prior to substituing characters to become host in a valid domain name

dns

  • Use the new samba module state flag isProvisioning to set the samba flag on DomainTable rows
  • Do not try to update the zone while samba is provisioning the domain
  • Adapted to new CSS styles
  • Remove the setting desktop service in _preSetConf and initial-setup
  • Added sortlist support
  • Adapted to updatedRowNotify call with no changes in values
  • Adapt firewall rules to new accept chains
  • Set transparent DNS cache firewall rules unless the module is temporary stopped
  • Set transparent DNS cache firewall rules in Firewall Helper
  • Implemented _daemonsToDisable()
  • Fixed bind9 dependency to allow to install it with higher versions
  • Do not try to add duplicated interface addresses
  • Fix intnets config key parsing and validation
  • Fixed apparmor errors trying to access /dev/urandom
  • Guard against interfaces with unset address
  • Dynamic domains are now properly detected on _reverseData()
  • Rename domain if exists when changing it in System -> General
  • Remove depends on users and samba to avoid deep recursion
  • Use API to retrieve foreign model value
  • Improve management of DNS zones stored in samba LDAP
  • Improve data generation for reverse zones.
  • Only allow AXFR from internal networks
  • Query samba module for zones stored in LDB. Those ones will override the zones defined in the UI.
  • Changes required by the bundled version of samba4.
  • Add paths to apparmor profile
  • Change DLZ library path
  • Fixed bread crumbs for hostnames table
  • Service zentyal-desktop-api is now added in initial-setup
  • Better exception message when service not exists in /etc/services
  • Fix apparmor profile to allow SDLZ driver to read session key
  • Bump bind9 deps to new upstream version
  • Add the ‘zentyal-desktop-api’ SRV entry to the domain of the host
  • Add ‘zentyal-desktop-api’ to /etc/services in the _setConf
  • Add method getTsigKeys to allow DHCP module write the ddns keys
  • Do not add trailing dot to key names
  • Update samba domain using TSIG keys, avoiding TSIG GSSAPI. Allow updates even if samba daemon is stopped
  • Depend on Zentyal patched version of bind to allow samba DLZ domain to be updated using TSIG keys
  • Remove dependence on libcrypt-openssl-random-perl and add on libdigest-hmac-perl
  • Change TSIG key generation algorithm to be compatible with bind generated keys
  • Add config key to disable automatic reverse zone generation. Useful when samba4 is installed and reverse zones are managed by other DC, replicated and loaded by DLZ plugin.
  • Fixed bug which left PTRs unwritten in reverse file zones
  • Allow to add host without IP addresses in addHost() method from domain table
  • Implement SysInfo::Observer to check that the new host name is not defined in any domain, and update the hostname in the defined domains
  • Fixed host name ip addition when it was more than one host in the domain

ebackup

  • Exclude / by default for coherency with the rest of modules like firewall or proxy, and also allow now to include /
  • Do not show default excludes like /dev or /proc on the interface, they now can be customized in /etc/zentyal/ebackup.conf
  • Fixed SCP method setting HOME environment in duplicity-wrapper
  • Ported JS code to jQuery
  • Removed code for deprecated cloud method and backup domains
  • Remove unused Size and Message Types
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Added preCheckTarget hook
  • Using EBox::FileSystem::mountPointIsMounted when checking if file system backup target is mounted
  • Avoid double utf8 encode when escaping file for commands, this is neccesary after improved utf8 support in EBox::Sudo
  • Make status and file cache work with utf8 characters
  • duplicity-wrapper uses C locale to avoid locale problems
  • Removed superfluous module lock in backup-tool
  • Removed independent implementation of lock and unlock methods
  • Fix small syntax error
  • Removed dependency on events module
  • Fixed code error when checking mount points of file target
  • Fixed ‘inexistent watcher’ error in backup-tool
  • Set default niceness of backup process to 10
  • Added python-paramiko dependency which is needed for ssh backend
  • Removed Zentyal Cloud method
  • Fixed precondition in bakcup files lists, restore logs and restore backup models
  • Move mostly report code to remoteservices
  • Fixed executable permissions on update-status script
  • Fixed RemoteStatus model precondition when setup is not complete
  • Fixed wrong call to value() in backup-tool
  • Adapted to new Model management framework
  • Adapted Message and Size types to new framework
  • Send additional info in backup events
  • Initial collection status done in background
  • Fixed bug with expiration of file list cache
  • Improved precondition message for restore logs model
  • Added backup target checks: mounted and size
  • Create tables with MyISAM engine by default
  • Do not show Zentyal Cloud option if custom_prefix is defined
  • Added selectable priority by config file to scheduled backup
  • Do not check for disasterAddon if not subscribed
  • Fixed date parsing in restore-tool and configuration cloud backup
  • Adapted messages in the UI for new editions
  • File selections by backup domain are restricted to includes
  • Includes from backup domains can be moved in the list; the model validates if the includes and excludes configuration is coherent with the backup domains
  • Refactored restoreFile method to ease testing of file quoting
  • Added force user, password and server credentials for storage server
  • If unconfigured it refuses to generate a cache of the files in the backup
  • Added exception for symmetric key errors. Retry symmetric key in restore-tool
  • Added checking of passwd and shadow files in restore-tool, warn the user if they have changed
  • Fixed bug with different time zones and files on the cloud
  • No restore-tool messages stop the restore process after all parameters have been asked
  • restore-tool: Added restore-all options and more force command line options. Fixed bug in symmetric-password command line option. Final message shows administrative interface localhost URL
  • restore-tool: fixed dialog when credentials are incorrect; better exclusion of problematic files to restore
  • Exception in permanent message of remote restore screen is now managed
  • Defaults in excludes and includes list are not longer added when deleting all the rows
  • Fixed logrotate configuration
  • Assure that backup-tool get all updated includes/excludes from a read-only version
  • Fixed encoding problems when restoring files
  • Better quoting of duplicity command arguments
  • Backup domain selections are added to list in the correct order
  • Fixed bug when the new and old sizes of the selections are the same
  • Backup event is also disabled when module is disabled

firewall

  • New icons and style for Packet Filter section
  • Use common prefix (zentyal-firewall) for logging redirections, snat, drop and log rules
  • Use DATETIME type in date column for consolidation tables
  • Summarised report has breadcrumbs now
  • Use (i|f|o)accept chains in user’s defined firewall rules to be able to analyse the traffic
  • Moved warnings inside of models instead of Packet Filter frontpage
  • Delete iintservs and fobjects unused chains
  • Hide from External to Internal section by default to avoid confusion with Port Forwarding unless show_ext_to_int_rules confkey is enabled
  • Set iaccept, faccept and oaccept chains instead of ACCEPT target to be able to analyse traffic using IPS
  • Add restartOnTemporaryStop attribute to firewall helper to indicate to core if firewall must be restart on temporary stop events
  • Set file location for redirect rule logging
  • Use zentyal-firewall prefix in redirects log
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Changed order for the ! character when adding an inverse rule
  • Added preInput(), preOutput() and preForward() to FirewallHelper

ftp

  • Remove deprecated backup domain methods
  • Added incoming directory for anonymous user uploads
  • Adapted FTP authorization to changes in users authorization
  • Added and used serviceId field for service certificates
  • FTP moved from Infrastructure to Office
  • Fixed bug which always forced SSL when SSL was enabled
  • Removed user chroot options until vsftpd allows it again
  • Adapted to new Model management framework
  • Service name is now translatable
  • Fixed template bug when writting chroot_local_users option
  • Welcome banner is now translatable

ips

  • New module that replaces ids

ipsec

  • Added support for IPsec/L2TP
  • Stability fixes with default configuration.
  • Postrouting rules have no oaccept chain, use ACCEPT target
  • Adapt L2TP firewall rules to new accept chains
  • Adapt firewall rules to new accept chains
  • Updated to use the new security group concept.
  • Fixed the connection validation form so the enable / disable checkbox works.
  • Block the connection enabling if the tunnel configuration does not pass validation.
  • Fixed bug in Users model when zentyal-samba is not installed
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Disabled connection names with spaces
  • Removed inappropiate local subnet checks
  • Adapted to changes in EBox::LogHelper::_convertTimestamp
  • Added lsof as dependency as it is needed for ‘ipsec verify’
  • IPsec is now under Infrastructure instead of UTM
  • Added checks to local and remote subnets addresses
  • Added any IP to remote address options
  • Adapted to new Model management framework
  • Added loghelper support

jabber

  • Clear database if domain is changed
  • Do not show disabled accounts in shared roster groups
  • Use hostDomain instead of fqdn as default domain
  • No longer implement SysInfo observer as jabber domain may be differnt
  • Adapted user add-on to right panel view
  • Fixed some code typos in jabber-ldap script
  • Updated to use renamed method EBox::Ldap::connection.
  • Adapted user addon to multi-OU tree view.
  • Added incompatiblity with external AD authentication mode.
  • Added and used serviceId field for service certificates
  • Improved help
  • Added STUN and Proxy configuration
  • Updated ejabberd.cfg.mas
  • Added shared_roster and VCard LDAP modules configuration
  • Added integration with Zarafa Webapp
  • Added script for clearing mnesia database
  • Adapted to new Model management framework
  • Now binding against LDAP to be able to access the accounts objects
  • Added printableName to jabber service

ltsp

  • Moved to Contrib Repository (see details)

mail

  • Summarised report has breadcrumbs now
  • Minor enhancements to some note texts
  • Use DATETIME type in date column for consolidation tables
  • Fixed typo in external account user corner model
  • Adapted to new CSS styles
  • Fixed bug which allowed to use incorrect external addresses in fetchmail accounts
  • Fixed typo in master.cf when mail filter is enabled
  • Adapt group and users addon to right panel view
  • mail-ldap init script dies on LDAP add error
  • Added new userCorner method to external accounts model
  • Updated to use renamed method EBox::Ldap::connection.
  • Adapt firewall rules to new accept chains
  • Adapted user addon to multi-OU tree view
  • Removed no longer necessary jQuery noConflict()
  • Search the whole LDAP tree looking for groups and users.
  • Added incompatiblity with external AD authentication mode
  • Removed deprecated backup domain methods
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Regenerate kerberos key tab in LDAP reprovision
  • Banner display mail name instead of host name
  • Added module particular facilities for slave setup
  • Added a ebox.postgrey upstart config file in package to avoid errors before we generate it in the _setConf
  • Fixed bug triggered when removing all users from a virtual domain
  • Do not try to manage postgrey daemon if module is unconfigured
  • Fixed error in json response trigered by widget size
  • Added libsasl2-modules dependency because it seems that is not always installed
  • Fixed user object misuse in EBox::Mail::FetchmailLdap::removeExternalAccount
  • Adapted to changes in EBox::LogHelper::_convertTimestamp
  • Fixed error in dashboard widget
  • Adapted to improvement of EBox::Module::Service::isRunning method
  • Added LDAP indexes for mail and dc attributes
  • Added and used serviceId field for service certificates
  • Fixed bread crumbs in mail dispatcher configuration model
  • Fixed edition of external accounts
  • Workaround until postgrey «do not stop» bug is fixed upstream
  • Use executeOnBrothers method to resolve error with component directories on vdomain aliases model
  • Move report code to remoteservices
  • Convert to lowercase the domain part in the user LDAP filter, required to retrieve the correct mailbox path when using kerberos auth
  • Fix gssapi hostname for kerberos authentication
  • Fix LDAP filters
  • Switch to LDAP bind authentication when kerberos is not used
  • Fixed dovecot user password authentication
  • Fixed disable_dns_lookups key in master.cf
  • Dont use Zarafa for ham/spam acccounts
  • Allow syntax to specify smarthost without MX lookup
  • Fixed dovecot-ldap.conf.mas
  • Added modeldepends to yaml schema
  • External alias can have address on a vdomain alias
  • Added Zarafa multitenancy support
  • Added user addon for retrieval mail from external accounts
  • Added fetch all mail option to retrieval mail from external accounts
  • Adapted to new Model management framework
  • Always run postmap
  • Authenticated sender have to use a mail address which they own
  • Using old sieve directories as home mail directories
  • Enable GSSAPI/Kerberos authentication
  • Create tables with MyISAM engine by default
  • Removed mda option for fetchmail accounts with zarafa destination
  • Image in initial configuration wizard is shown again
  • New translatable printableNames for mail services
  • Adapted to new users implementation
  • Adapted to dovecot 2.0
  • Postfix now binds to LDAP
  • Adapted to new MySQL logs backend
  • Mailfilter learn accounts are excluded from Zarafa transport
  • Remove precondition if there are no objects as now they can be added in-line with the new dialog
  • Remove Zarafa dependent configuration when it is disabled
  • Fetchmail configuration takes in account Zarafa
  • Fixed usercorner row id error when adding a new external account
  • Fixed mail directory backup in account creation, now it can be made more than once
  • Use EBox::Validate::checkEmailAddress for checking email instead of a custom flaky re
  • Fixed regresion in mailname message in SMTPOptions model

mailfilter

  • Use DATETIME type in date column for consolidation tables
  • Summarised report has breadcrumbs now
  • Adapted mailfilter-ldap script to the new users API
  • Adapted to updatedRowNotify call with no changes in values
  • Removed dkim_verification obsolete option from the local conf
  • Adapt firewall rules to new accept chains
  • Updated to use the new User API.
  • Added incompatiblity with external AD authentication mode
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Fixed spam/ham mail account check to not fail if the user does not exists. This avoids a dashboard error.
  • Fixed LDAP reprovision to recreate ham and spam users
  • Added dependencies and fixes needed for better sa tests
  • Dont run spamd daemon
  • Adapted learnspamd to changes in user module API
  • Reworked log helper to remove POP proxy and adapt to changes in base class
  • Removed POP proxy logs from log table, fixed bug which make summarized smtp filter report page to be blank
  • Fixed bad filter error at EBox::Mailfilter::VDomainsLdap::_hasAccount
  • Fixed wrong retrieval of VDomains model
  • Fixed virtual domain policies tab
  • Move report code to remoteservices
  • Fixed LDAP url in amavisd.conf
  • VDomains model renamed to VDomainsFilter
  • Mailfilter is now under Communications instead of UTM
  • Disabled POP3 Proxy
  • Ham/Spam accounts adapted to changes in EBox::MailUserLdap methods
  • Added modeldepends to yaml schema
  • Adapted to new Model management framework
  • Create tables with MyISAM engine by default
  • Clarify some policy option names
  • Mail module is force to reload when mailfilter module is enabled or disabled
  • Disabled POP3 proxy to avoid installation problems
  • Adapted messages in the UI for new editions
  • New printableName for POP Transparent proxy service
  • Adapted to new users implementation
  • Service names are now translatable
  • Adapted to new MySQL logs backend
  • Use MySQL instead of PostgreSQL for spamassassin database
  • Added methods to get learn accounts for a domain
  • Fixed typo in code which prevented the creation of spam and ham users

monitor

  • Load measure manager on runtime to avoid unneccesary system calls
  • Set proper resolution in last week period
  • Remove truncating as we use now proper resolutions
  • Set proper resolution (1 point by hour) and time type (datetime) to last week period
  • Removed no longer necessary jQuery noConflict()
  • Ported JS to jQuery and flot
  • Fixed graph template so it could be feed with data using decimal comma, it will convert it to a JS array without problems
  • Fixed bad bread crumb in threshold configuration model
  • Remove bad links as well while unregistering
  • Fix keep of monitor history after unregistering
  • Avoided infinite recursion incidents when instantiating new measure objects
  • Fixed measure display when multiple type instances are shown in the same graph (for instance, Df).
  • Fixed RRD links also when RRD link on subscription fails and you have an extra directory
  • Fixed RRD directories on changes of hostname. More resilient subscription links to RRDs
  • Reviewed registration strings
  • Fix link removal while stopping the service to avoid the creation of sporious directories
  • Added support for last week graphs
  • Fixed URL in breadcrumbs
  • Adapted to new Model management framework
  • Perl plugin configuration for collectd 4.10 series
  • Set proper permissions in postinst for monitor events
  • Added additional info to events from monitor
  • Do not monitorize NFS mounts disk spaces
  • Added message about remote monitoring services
  • Use 2 decimals in event messages
  • Formatting int values to show only 2 decimals, if required
  • Show the list of top 10 processes when launching the CPU or system load alert
  • Show duration of the event in the message, if available
  • Bugfix: Notification configuration file is written regardless of its owner and permissions
  • Show the measure name in threshold configuration title
  • Updated RRD directory path when hostname is changed
  • Bugfix: Use stringify instead of error when an error in retrieving all measures data happened
  • Include format.js only in the main page instead of every graph
  • Boost performance using RRDs bindings for perl instead of rrdtool
  • Give support for having a graph per type instance
  • Does not show an error in logs when collectd is notifying for a value is missing for a period of time but a debug message

network

  • Guard against undefined rows getting auto value in GatewayTable
  • Fix addition of gateways in initial configuration wizard
  • Adapted to new CSS styles
  • Use upstart for ddclient daemon management
  • Clearer messages for gateway not reachable condition
  • Fixed bug which unallowed to disable the proxy server
  • Increase regenGateways() timeout from 60 to 180 seconds
  • Add zentyal-users to package breaks control to avoid errors with bad users version
  • Warning in initial configuration wizard when trying to set as external the interface used to access the administration interface
  • To fix dhclient erratic behaviour, we always restart the dhcp interfaces
  • Corrected typo in message on tab multigw when only one gw is present
  • Better check for ipv6 presence before disabling it
  • Removed no longer necessary jQuery noConflict()
  • Adapted DNS resolver model to authorization mode changes in users and squid module
  • Ported JS code to jQuery
  • Do not add /32 mask to default route when deleting routes
  • Updated to reflect the Apache -> WebAdmin rename.
  • Added netInitRange and netEndRange methods from the dhcp module to be shared between modules.
  • Added localGatewayIP method to get the Zentyal’s IP address that may be used as the gateway of the given IP.
  • Added externalIpAddresses method to retrieve the list of IP addresses that are external.
  • PPPoE set iface script is more robust against locks
  • Adapted to use of ifaceByAddress, removed IPAddressExists
  • Don’t allow to use a local address as gateway address
  • Added ifaceByAddress method
  • Guard against previous version of squid without authenticationMode method
  • Improve addition of localhost as primary resolver when DNS module is enabled.
  • Remove localhost as primary resolver when squid module is configured to authenticate against external server
  • Log warn instead of error when iface has not address in _multigwRoutes()
  • Fixed error replacing nameserver when importing resolv.conf
  • Remove leftover PPP provider files
  • Remove attached vlans when a interface is not longer trunk
  • Do not try to disable rp_filter for vlan interfaces
  • Virtual interfaces on a bridge interface are not considered bridges themselves
  • Use EBox::Module::Base::writeConfFile to generate interfaces file
  • Only disable IPv6 in enableActions if IPv6 is available
  • Bridged interfaces added to ‘auto’ directive in /etc/networks/interfaces to avoid network startup problems
  • Dont allow to set a local address as network proxy
  • Fixed error in json response trigered by widget size
  • Don’t check for IPaddr in the same subnet on interfaces that belong to the same bridge
  • Disable IPv6 on enable actions to avoid problems with samba4
  • Added more coherence checks to static routes table
  • Allow to set broadcast address in wakeonlan tool
  • Fixed unproper use of last inside try
  • Added domain option to /etc/resolv.conf
  • Supersede DHCP offered nameservers, domain name and search domain if these values are already configured in Zentyal
  • Fixed gateways setup in wizard
  • Fixed bug in Gateways watcher which inhibited the call to regen failover notifier method in modules which are network observers
  • Vlanes and vifaces are now ordered by name in interface page
  • Fixed error disabling reverse path for virtual interfaces
  • Expanded allowed character set in interface PPPoE password
  • Reviewed registration strings
  • Fixed treatment for wake on lan objects in template, now there is no crash in Network Tools when entering an empty host
  • Fixed bug which made impossible to remove bridged interfaces
  • Management of CHAP secrets file recovers from removal of Zentyal marks
  • Add two methods to NetworkObserver interface to notify observers about address changes on dhcp interfaces
  • Forbid interfaces alias with ‘:’ character
  • Assign ip address 127.0.1.1/8 to loopback interface in module restart and remove the post-up hook from /etc/network/interfaces file.
  • Removed some warnings when external is undefined
  • Added modeldepends to yaml schema
  • New libossp-uuid-perl dependency
  • Zentyal Cloud DynDNS updates are now done outside the VPN and using the credentials obtained when the server is subscribed
  • Interface is now auto-detected when adding gateways
  • New table to allow disabling of traffic balance for some gateways
  • Fixed typo which made EBox::Network::ifaceAddress return empty addresses for virtual interfaces
  • Fixed validation of gateway names
  • Removed undefined value warning in setIfaceStatic()
  • Using EBox::Object::Members to generate multigw iptables rules
  • Restricted gateway names to be sane with dyndns and fixed dyndns configuration with old incorrect gateway names
  • Disabled dnspark until ddclient upstream fix a bug with this provideer
  • Multigw rules more robust when no-static interfaces are down
  • Removed redis transaction workarounds in _setConf
  • Fixed unconfigured gateway removal, raise exception if the route addition command fails
  • Remove all gateway based routes before adding the configured one and raise exception if the route addition command fails
  • Fix deadlock in preSetConf when DHCP is used
  • Moved bandwidth test to remoteservices
  • internalIpAddresses() does not throw exception if there are no ifaces
  • ifaceExternalChanged() is now called when static or PPP interfaces changes from external to internal
  • Remove no longer necessary ad-hoc vifacesConf cache
  • Adapted to new Model management framework
  • Reimplemented Ifaces/Vifaces/VLANs storage according to new conf backend
  • Added vnet to the ignored interfaces list
  • Send additional info in Gateways watcher
  • Added clone action to multi gw and wan failover tables
  • Added EBox::Network::internalIpAddresses()
  • Added regenGatewaysFailover() to NetworkObserver so modules can implement actions to be done after failover regenerates routing tables
  • Fixed calculation of fail ratio
  • Assure that we have always one gateway marked as default
  • Restart traffic shaping on postinst to avoid rule loss on upgrades
  • Regenerate traffic shaping rules after failover event
  • EBox::Network::setNameservers does not fail if the same server is already in the list
  • Fixed calls to storeSelectedDefaultGateway with undef argument
  • EBox::Network::importInterfacesFile skips gateway adition instead of aborting if already exists one
  • Insert fwmark ip rules before from ones
  • Remove no longer necessary mark rules when having several interfaces
  • Pre-create failover and check-ip chains on network start to always ensure that rules are inserted in the proper position
  • Remove obsolete import of EBox::Order
  • Do not add gateways to /etc/network/interfaces to avoid conflicts
  • Create tables with MyISAM engine by default
  • Fixed path of dhclient.conf
  • Fixed path of dhclient hooks
  • Not allowed to attach static interfaces to a network which has already another interface atached
  • Fixed restore of default gateway in failover event
  • Packaging fixes for precise
  • Adapted messages in the UI for new editions
  • Use printableName instead of name to select services
  • Fixed executable permissions in ppp hooks and external-ip.pl
  • Bridge interfaces are correctly removed; fixed _hasChanged method
  • Menu entry Diagnostic Tools in Network renamed to Tools
  • Added proxySettings to return the proxy settings to other modules
  • Added new ip rules to avoid connection problems on multigateway & UDP
  • Virtual interfaces called ‘0’ does not longer raise error
  • Cache vifacesConf() result to improve performance
  • Added gatewayDelete method to NetworkObserver and use it to check gateway removal in gateway table
  • Allow to disable traffic balance with no_balance_$gwname config keys
  • Fixed bridged interfaces change when the bridge is not configured
  • Do not mark traffic to default gateway if it is disabled
  • Fixed bug setting ip route rules with PPPoE interfaces
  • External IP address getter now works even in an unpolite situation

ntp

  • Implemented _daemonsToDisable()
  • Samba clients can now sync clock with ntp
  • NTP port is open to internal networks by default
  • Use more than 3 NTP servers if specified
  • enable-module script does not fail if ntp if-up script or dhclient hook does not exist
  • Adapted to new Model management framework
  • Use new services API
  • Packaging fixes for precise

nut

  • Removed unnecessary override of initialSetup
  • Integrate better in maintenance left menu
  • Fixed parsing errors of UPS settings and variables
  • Improved parsing of UPS variables
  • Removed wrong empty string translation

objects

  • Add ‘userMac’ option to EBox::Objects::Members::iptablesSrcParams
  • addObject method take ipaddr as default member type
  • Added EBox::Object::Members class. ObjectAddresses are always with mask, before, addresses from a range were without it
  • Adapted to new Model management framework
  • Added clone options
  • Disallow /32 addresses ending in zero
  • Added the posibility to create readOnly objects
  • addObject method now returns the object id
  • Packaging fixes for precise

openvpn

  • Upgraded OpenVPN installer for Windows to 2.3.2
  • Adapted to updatedRowNotify call with no changes in values
  • Adapt firewall rules to new accept chains
  • Updated to reflect the Apache -> WebAdmin rename.
  • Added advertised routes option to the clients
  • Added option that allows server tunnels to reject any route from the clients
  • Client to client connection option is always enforced for tunnel servers
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Create correctly advertised network objects for interfaces with more than one address in the same network
  • Better filename for tunnel client bundle
  • Zebra daemon debug controlled by global debug setting
  • Allow again client-to-client connection in tunnel mode
  • ripd debug output controlled by debug key
  • Modified daemon management to use methods from EBox::Module::Service
  • Daemon configuration files are created, as expected, in _setConf method
  • LogHelper does not sees longer ‘X509NAME OK’ verification status as unknown
  • Added float option to clients to allow server IP/port changes
  • Fixed LogHelper Client connection initiated regexp
  • Fixed certificates check in client configuration form
  • Adapted to changes in EBox::LogObserver::_convertTimestamp
  • Fixed client configuration model to allow its edition without changing certificate files
  • Move report code to remoteservices
  • Dont create servers which its name maps to a invalid certificate
  • Fixed error in template for server’s client bundle
  • VPN is now under Infrastructure instead of UTM
  • Add PID file to make compatible with init.d script to check the current daemon status
  • Use MSS fix by configuration file option in order not to affect all servers
  • Adapted to changes in DataForm, these changes caused problems creating new servers
  • Added modeldepends to yaml schema
  • Reimplemented old behavior of client configuration directory creation for compability with other modules
  • Fixed error when backing up servers with no configuration file present
  • Added redirect gateway option to the server
  • Configuration file reside under daemon directory
  • ipp files are now in server own directory
  • Client now drop prvilegies after initialization
  • Different model for upload client bundles for clients
  • Added client config directory option to servers
  • Daemons can use a TUN interface
  • Using cloud DDNS address as defautl for client bundle
  • Added connection strategy option to client bundle
  • Unavailable options are hidden in download client bundle form
  • Added push dhcp-options to server: dns, searchdomain and wins
  • Configuration files in windows bundle now use typical window’s line termination
  • Adapted to new Model management framework
  • Take into account the VPN internal client renaming
  • Site-to-site VPN is now supported on all editions
  • Refresh interface info cache with an apache restart to make the widgets return updated interface information
  • Fixed regresion that allowed bad server names
  • Fixed checks for used ports in other modules
  • Create tables with MyISAM engine by default
  • Advertised networks are now defined by objects instead of by manually specified networks
  • Packaging fixes for precise
  • Added checks for small business subscription
  • Give support to use general proxy in OpenVPN clients
  • Adapted to new MySQL logs backend
  • Delete client and server upstart files on module purge
  • Don’t allow any server to use the same network than another server or any interface

pptp

  • Moved to Contrib Repository (see details)

printers

  • Skip internal users in printer permissions
  • Adapt firewall rules to new accept chains
  • Updated to use the new security group concept.
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Modified printers are updated in the printers table
  • Print correctly utf8 characters in printer’s name, location and description
  • Change cups daemon type from init.d to upstart
  • Changes required by new samba4 bundled package
  • Fixed LogHelper, log events with unknown printer or user
  • Move report code to remoteservices
  • Add precondition to printers model to check that samba s3fs fileserver is used.
  • New model to manage printer permissions
  • Adapted to new Model management framework
  • Make CUPS listen also in virtual interfaces
  • Create tables with MyISAM engine by default
  • Disable enable-module actions until fixed
  • Packaging fixes for precise
  • Service name is now translatable
  • Adapted to new MySQL logs backend
  • Fixed bug which inserted log lines with printer and/or user NULL

radius

  • Updated to use the new security group concept.
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Adapted to changes in EBox::LogHelper::_convertTimestamp
  • Fixed log helper after migration to MySQL
  • Added and used serviceId field for service certificates
  • Adapted group membership checking to changes in users
  • Adapted to new Model management framework
  • Create tables with MyISAM engine by default
  • Adapted to new users implementation
  • Fixed random_file in eap.conf to work in precise
  • Adapted to new MySQL logs backend

remoteservices

  • Handle connection errors in setAdminPort
  • Set to debug level several dev oriented notifications
  • Better error if we cannot register due to lack of free space
  • Fix links to see latest reports or its documentation on Reports tab
  • Set proper URL to reach Zentyal Remote dashboard from dashboard
  • Adapt backups list to new UI
  • Adapt remote backup to new UI CSS
  • Adapted to updatedRowNotify call with no changes in values
  • Fixed wrong jQuery interpolation in Subscription form
  • Retry making the configuration backup if the conf backup process produced a corrupted backup
  • Send the checksum of the conf backup when pushing to check its integrity on server side
  • Explicitly set firewall version dependency in control file
  • Adapt firewall rules to new accept chains
  • Display web remote access support settings
  • Save logs module when creating VPN client to start logging its log
  • Save software module after setting QA updates configuration
  • Small correction on a link that were still pointing to Cloud
  • Support running runnerd without being registered programatically
  • Give support to custom proxied redirections to provide local HTTP servers from Zentyal Remote using /etc/zentyal/remoteservices_redirections.yaml
  • Removed no longer necessary jQuery noConflict()
  • Fixed wizard to show again errors
  • maxUsers method does not take maxCloudUsers into account
  • Ported JS code to jQuery
  • Remove deprecated backup domain report in ebackup reporter
  • Custom QA archive can be set at qa_updates_archive configuration key
  • Custom QA repository can be set at qa_updates_repo configuration key
  • RESTClient can now set the URI endpoint programatically
  • Added pullStatus SOAP server method to get the job result via polling
  • Cloud-prof installation is now smoothly as it is tried at first and during 10 times during 5 minutes
  • Migrated SOAP services to use Nginx for SSL.
  • Updated to reflect the Apache -> WebAdmin rename.
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Changed location of remote backup metainfo files to preserve cache after reboot
  • Implemented maxUsers() and maxCloudUsers() methods
  • Default control panel URL points to remote.zentyal.com now
  • Consolidate and send report data using a new daemon zentyal.reporterd
  • Randomise when reload-bundle and subs-level are sent
  • Use cache to retrieve latest configuration backup date in dashboard
  • Added setSecurityUpdatesLastTime method to abstract how to set the latest performed security update
  • Get capabilities for files and users sync from the API
  • Be very strict with the server name while subscribing. Only [A-Za-z0-9-]* are accepted
  • Restore configuration without subscription now works smoothly
  • Proper CA file deletion when unsubscribing
  • Try to remove include and CA when unsubscribing separately
  • Change to debug remote support no conf message
  • Force mode when writing QA apt ocnfiguration file
  • Remove filesync upstart file as it is not longer maintained by this package
  • Force mode when writing QA apt configuration file
  • Avoid exception in subscription info table when a no subscribed server use no-ascii character set
  • Silenting _getSubscriptionDetails internal exception
  • Fix typo in execute bundle which avoids correct installation of cloud-prof when registration is done
  • Include edition in MOTD and remove upgrade announcement
  • Adding extra component to the qa sources list
  • Do not try to execute periodic cron jobs if already running
  • Avoid usage of private attributes in Subscription model parent class
  • Avoid warning when checking commAddOn
  • Write zfilesync conf only when needed
  • Start zfilesync also when disaster recovery is available
  • Rename from disasterRecoveryAddOn to disasterRecoveryAvailable
  • Implement zarafaAddOn method for getting zarafa details
  • Implement client-side of new add-on framework
  • Fixed utf8 problems in RESTClient
  • Added auto-subscribe script
  • Fix reporter-consolidate cron entry
  • Change QA archive to the new one
  • Make sure only one run-pending-ops process is launched at the same time
  • Fix reload bundle checks with communication add-on
  • Restore process can skip backed up credentials when it is sure the current credentials are up to date for the same server
  • Fix restore/backup procedure for the module
  • More resilient reporting operations to reporter errors
  • Fix stupid bug in desktop subscription service
  • Handle desktop subscription limit error status
  • Return the cloud domain along with the credentials to the desktops upon subscription
  • Clearer message is shown when your server is not capable for any available edition
  • Remove unnecessary field for mail reporting
  • Send data to db when reporting is logging only in UTF8
  • Decode JSON only if data is defined in REST Result
  • Enable report sending
  • Do not calculate share size whose directory does not exist
  • Fix subscription process when firewall has been enabled but not saved
  • Read REST responses with a correct encoding
  • Fixed SSL configuration conflicts betwen SOAPClient and RESTClient
  • Launch filesync only if available
  • Remove QA updates if not subscribed
  • Set file sync conf only if subscribed
  • Fixed remote cloud sync hostname
  • Added automatic-conf-backup strict
  • Make required changes for new communications add-on (mailfilter in community * jabber and asterisk in comm add-on)
  • Updated REST journaling behavior
  • Configure file sync daemon
  • Some fixes in text in the models
  • Added check for users sync service
  • Get remote support user uid from users module if it is installed
  • Fixed error in check connection button moving _checkUDPEchoService() to EBox::RemoteSevices::Base
  • Give support to trial edition in info boxes
  • Launch inventory agent just after subscribing to get information in remote as soon as possible
  • Add pciutils and dmidecode as dependencies to include PCI and Bios information for inventory
  • Fix OCS inventory cron file execution permissions
  • Changed subscription_basic style to avoid overlapping separator line
  • Use perl code in initial setup to avoid lock issues
  • Fixed non-translatable strings in registration wizard
  • Do not show help button text when registered
  • Check if you are registered in wizard at first
  • Add hostname as default value for server name in Wizard
  • Check the three diferent result api may return in wizard
  • Check agreement is done when doing the wizard
  • Don’t abort subscription, backup or restore by clicking outside of popup window
  • Dynamic DNS now works without bundle

samba

  • Do not automatically start service in LDB.pm
  • Improve samba daemon startup wait condition
  • Improve GPO code to be more robust.
  • Only set share permissions when there is really a permission change instead of doing it on every samba restart.
  • Fix provisioning flag management on error
  • Wait until all the samba services are ready before trying to connect
  • Removed useless and problematic enforceServiceState override
  • Antivirus daemon unlinks the cache file before creating new one
  • Fix user accounts not enabled when created by s4sync
  • Wait for RID pool allocation after join domain as DC
  • Remove no longer needed workaround for DNS SPN
  • Add samba as a DomainDnsZones and ForestDnsZones replica holder when joining as additional DC (samba bug #9200)
  • Fixes for LDAP-LDB OUs synchronization
  • Force restart of DNS module while provisioning to reload zones from LDB
  • Block until samba LDAP task is listening when restarting module
  • New state flag ‘provisioning’
  • Added ‘All users’ option to ACL group permissions
  • Fix precondition on GPOScripts model
  • Added EBox::LDB::securityGroups to get the list of security groups from Samba.
  • Requested SLAPD to add an index on the msdsObjectGUID field.
  • Added support to set permissions recursively.
  • Moved the code that sets the share permissions to EBox::Samba to execute it on EBox::Module::Service::_postServiceHook hook so we are sure samba is already started with the new configuration.
  • Shares are created even if no permissions are assigned nor is a guest shared. Administrators will always have permissions now, so the share should exist.
  • Fixed zentyal group memberships sync with Samba to handle all supported members and to sync on group creation, not just on group update.
  • Improved the way we sync group memberships from Samba to Zentyal so we are able to sync nested groups if they are not yet created at that point.
  • Allowed nested groups sync with OpenLDAP and reused as much as possible code from EBox::Users::Group from EBox::Samba::Group.
  • Do nothing with shares that are disabled.
  • Fixed s4sync when checking for OUs updates.
  • Ignore system ACLs for samba shares, use libsamba-perl library instead.
  • Disabled custom auth methods for guests, so Kerberos authentication works. This should be reverted once Guest support is fixed on Samba 4.
  • Synced all members of Zentyal Groups, not just users, when provisioning with Samba.
  • Stop creating special users or groups on provision time, s4sync will do it for us.
  • Services principals are copied to Samba before Groups, so we can keep memberships intact.
  • Mark internal users and groups properly when creating them in LDAP
  • Filter internal users and groups in ACLs selectors
  • Fixed bad usage of OpenLDAP when it should be using LDB.
  • Force a trace back printing when an LDB connection is not possible.
  • Handled mail field sync for Group, User and Contact.
  • Use new libsamba-perl for GPOs
  • Fixed mail and given name sync for Contacts.
  • Stop s4sync while dumping configuration backup
  • Ignore Asterisk Queues OU in s4sync
  • Added hiddenSid() method
  • Change default description to Zentyal Server instead of File Server
  • Don’t put duplicate bridge interfaces in smb.conf
  • Added isInAdvancedViewOnly and renamed setViewInAdvancedOnly to setInAdvancedViewOnly to match the attribute name.
  • Allowed the syncronization of Users, Groups and Contacts tagged as to be shown only on the Advanced view.
  • Allowed sync of users without kerberos credentials (Guest account).
  • Linked Kerberos accounts from Samba with their copy in OpenLDAP.
  • Removed sync_disabled_users key. We sync all users now.
  • Removed the useraddon to enable or disable file sharing per user, you can now enable or disable a user directly.
  • Used text strings to reference userAccountControl flags instead of plain numbers.
  • Syncronized account disabled / enabled between OpenLDAP and Samba.
  • Removed deprecated objectClass objects not required anymore because Windows breaks when creating objects with those unused objectClass.
  • When we are going to start a reprovision, we set the provision flag to false and reset the LDB connection to clear any cached value.
  • Handle the case where ou=Groups exist in OpenLDAP and a Windows AD, so we map both on provision time instead of breaking.
  • Fixed wrong call to _linkWithUsersObject in Provision
  • DNS is now properly restarted after provision
  • Fix Samba provisioning when joining an existing Windows server.
  • Fixed s4sync to ignore all sub-OUs for a set of OUs so those tree branches are not synced with samba or deleted from OpenLDAP by mistake.
  • The Administrator user should be hidden.
  • Adapted user-addon to right panel view
  • (u|g)idNumber is now generated by Samba directly by default.
  • Adapted to updatedRowNotify call with no changes in values
  • Added objectByObjectGUID to retrieve an LDB object from its LDAP replica.
  • Added _linkWithUsersEntry && _linkWithUsersObject and called for every Samba object created from the users module, so we have a direct link between objects.
  • All LDBObject based objects will have the objectGUID field availble.
  • Removed unused method EBox::LDB::existsDN.
  • Updated EBox::LDB class to use the new EBox::LDAPBase to share code.
  • Updated s4sync to handle OUs and contacts sync.
  • Removed configuration key ‘treat_contacts_as_users’. We handle now Contacts and distribution groups natively.
  • EBox::Samba::LdbObject inherites from EBox::Users::LdapObject to reuse as much code as possible.
  • Added a special case to map ‘Domain Admins’ DN from OpenLDAP to LDB.
  • Don’t allow a share with file system root as path
  • Adapt firewall rules to new accept chains
  • Add config key to skip writting homeDirectory and homeDrive attribute
  • Do not store in samba_access table 4 records each 10s when antivirus daemon is not running
  • Adapted user addon to multi-OU tree view
  • Ignored SIDs are now synced to LDAP, but hidden on the interface according to the regexps in /etc/zentyal/sids-to-hide.regex
  • Do not try to start nmbd if smb.conf is not written
  • Use krb5 keys on new users when plain password not available
  • Removed EBox::Samba::Group::usersNotIn() method. It was not used neither valid for samba groups
  • New EBox::Samba::computers() to get all objects with computer class
  • Implemented security group and distribution group concept from AD
  • Added incompatiblity with external AD authentication mode
  • Fix SIDs to ignore list, add missing end of line character in regular expressions
  • NetBIOS computer name is now updated before reprovision and after hostname change
  • Removed deprecated backup domains implementation
  • Fix id mapping for users and groups added by the s4sync daemon
  • Fix hostname change when having Samba installed: was trying to create again Administrator user, now we just update the credentials, ignore existing groups
  • Fixed wrong setting of state in EBox::Samba::Provision
  • Replace /home/samba/.provisioned file with a key in redis state
  • New join_vista_with_guest_shares option in /etc/zentyal/samba.conf to allow join of Windows Vista machines if guest shares are enabled
  • New sync_disabled_users option in /etc/zentyal/samba.conf to sync users with a disabled account in s4sync
  • New s4sync-groups.ignore file to avoid sync internal groups to LDAP
  • Allow to set «disable_fullaudit» config key in /etc/zentyal/samba.conf to fully disable recording of samba VFS operations in the system log
  • Added Pre-Depends on samba4 to avoid problems with upgrades
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Hide sync with cloud options in shares list if remoteservices is not installed
  • Setup filesystem now writes a valid fstab file even if the filesystem does not have any mount option
  • Clearer error messages when EBox::LDB::safeConnect fails
  • Raise exception if during the provision either the domain administrator user or the domain administrator group are incorrectly mapped
  • Adapted firewallCaptivePortalExceptions method to API change
  • Mark kerberos principal users as internal to be properly filtered
  • Delete .provisioned file when purging zentyal-samba
  • Avoid not numeric warning in hash size comparation during provision
  • Allow user names composed only of digits
  • Do not add firewall rules to loopback interface
  • Better check for the incompatibility of Samba with master/slave
  • Samba can now be reprovisioned if the hostname or domain changes
  • Depend on users module to fix save changes order during reprovision
  • Set roaming profile and home drive for new created users if server is first DC
  • Default value of sync option in SambaShares is now 0
  • Improve management of DNS zones stored in samba LDAP
  • Add classes to decode DNS data from samba LDAP
  • Use less costly LDB operations when adding or removing members from a group
  • Added EBox:Samba::LDBObject::deleteValues method
  • Fix wrong URL on provision message
  • Better error messages when the environment checks for provision fail
  • Forbid provision if the server is replicating users either master or slave
  • Samba daemon is now managed with init.d to avoid unexpected fork problems
  • Reduce dns resolver timeout on provision checks when joining a domain
  • Let zentyal manage all samba dependant daemons. Automatic start/stop is disabled now
  • Add script to transfer FSMO roles to local server, useful to migrate from Windows to Zentyal
  • New FSMO management module
  • Import sysvol maintaining ACLs
  • Fixed configuration backup problems, stopping the daemon is no longer needed when backing up and ACLs and dns partitions hard links are recreated when restoring.
  • Remove deprecated code related to printers module
  • Remove unnecessary pidfiles declarations for upstart daemons
  • Improve provision procedure
  • Use clamd socket instead of shared library for antivirus, this is faster and reduces memory consumption
  • Do not create quarantine share if antivirus is not enabled
  • Empty text files are created now when a virus is found on a share
  • Modified ‘size’ field in samba_disk_usage and samba_disk_usage_report tables from INT to BIGINT
  • New advanced ‘unmanaged_acls’ option in /etc/zentyal/samba.conf to disable overwriting of ACLs when saving changes
  • Notify cloud-prof when installed when changes happen in SyncShares and SambaShares models
  • shareByFilename method now also returns the path and type of the share
  • Fix shareByFilename method
  • Update Loghelper to the new log formats
  • Remove duplicated slash in samba shares and profiles paths
  • Fixed EBox::Samba::LdbObject::get in list context
  • Decode utf8 data in LdbObject::get() to avoid encoding problems
  • Restored backupDomains implementation
  • Explicit set of folder name as default value implementation has changed
  • Check in group pre-addition whether it already exists as built-in
  • Added existsDN method to EBox::LDB
  • Grant rx access on privileged ldap socket to allow user corner to update user passwords
  • Improve domain join process updating the joined domain DNS server
  • Set kerberos keys when importing users from samba to zentyal
  • Fix ACLs for system type shares
  • Fix bug in enforceServiceState causing samba to restart twice while saving changes
  • Set pid file path for nmbd daemon
  • Set bootDepends in yaml file
  • Adapted to changes in EBox::LogHelper::_convertTimestamp
  • Use proper constant in userShares method used by remoteservices module
  • Sync passwords to samba also when using kerberos keys
  • Fix bug importing service principals when it is not yet created in LDAP
  • Roaming profiles and drive letter options cannot be set when joining to an existing domain to avoid overwritting per-user settings
  • Use the new LdapUserBase interface methods preAddUser and preAddGroup to create the user in samba before in zentyal LDAP. The uidNumber or gidNumber of the Zentyal user is infered from the RID to guarantee unique value in the domain
  • Infer user’s uidNumber and group’s gidNumber from RID when this is attribute is not present while synchronizing users. This guarantees the same value for users and groups in all domain controllers
  • Implement new preAdd(User|Group)Failed and add(User|Group)Failed to remove the object from samba database if something goes wrong
  • Do not add disabled accounts to Zentyal in s4sync
  • Enabled optional signed SMB protocol in smb.conf
  • Delete users and groups from shares ACL when these are deleted
  • Refuse to delete system critical objects
  • Added syncFolders information method to allow file syncing
  • Implement SysInfo::Observer to disallow host or domain name changes if module is configured and update the required fields if it is not
  • Import sysvol after joining a domain, and add an upstart job to sync it each 5 to 10 minutes (one way).
  • Map root account to domain administrator account
  • Reset sysvol ACLs after provision
  • Fix netlogon share wrong path
  • During domain join precedure, wait a couple of seconds for samba to start
  • Add configkey ‘treat_contacts_as_users’ to import distribution groups containing contacts. The mail account name is used to locate an user with that name and add it to the group.
  • Improvements synchronizing group members.
  • The ‘users’ method of EBox::Samba::Group has been renamed to ‘members’ and also returns nested groups
  • Do not import users and groups after join a domain. The s4sync script will do the job
  • Search for users and groups to synchronize outside CN=Users
  • Add more SID’s to the list of users and groups to avoid synchronize from samba
  • Improve GeneralSettings fields validation
  • Remove duplicated disabled module warning on recycle bin and antivirus modules
  • Added method to GeneralSettings to update hostname-dependent fields
  • Tolerate domains ended in .local
  • Fix samba group members not imported to Zentyal in groups added by the synchronizer
  • Fix s4sync not starting on boot
  • Restore DNS setup on domain join failure
  • Add a line to /etc/fstab to increase the size of /var/lock to 50MB. Samba stores there some tdb files (for example to track connections), so if this fs goes out of space connections can be dropped.
  • Stop daemon before restoring backup and start when finished
  • Throw exceptions in checkEnvironment also during first install, otherwise the module is not disabled if DNS is not properly configured.

services

  • Added ICMP service by default
  • Fixed bug in iptables arguments for TCP/UDP ports in EBox::Services::serviceIptablesArgs
  • Create HTTPS service by default to help firewall configuration on non-transparent HTTP proxy scenarios
  • Updated to reflect the Apache -> WebAdmin rename.
  • Removed override of unused method EBox::Model::DataTable::_tailoredOrder
  • Remove unique in printableName to avoid problems with i18n
  • Forbid to user to create equivalents to any tcp/udp,tcp,udp services
  • Added serviceIptablesArgs method
  • Adapted to new Model management framework
  • setService method does not fail if the existent service has not any configuration
  • Added clone action to service configuration table
  • Packaging fixes for precise
  • Now name is just an internal id, it is optional and hidden and defaults to printableName in case of services manually added by the user
  • Better printableNames for default services
  • Service names are now translatable

software

  • Updated slides texts and images
  • Move package icons from software to core as required for the menu
  • Adapted to new CSS styles
  • Reset checkboxes in advanced packages section; this is need for some browsers which autocompletes input by position
  • Set proper permissions to preferences file when QA updates are not exclusive
  • Restart fully the webadmin module after installation, this forces the regeneration of css files
  • Removed no longer necessary jQuery noConflict()
  • Ported JS code to jQuery, extracted lot of it to .js file
  • Updated to reflect the Apache -> WebAdmin rename.
  • Package icon for the new IPS module
  • Fixed wrong management of preferences files
  • Improved description of enable automatic updates string
  • Force mode when restoring apt preferences file from cloud
  • Added workaround for launchpad bug 994509, which manifests showing duplicate packages in the updates list
  • Hide enable automatic updates form when it cannot be used
  • Errors when getting packages dependencies are displayed, this fixes the empty dialog on error problem
  • Fixed basic mode boxes behavior when adding/removing individual packages
  • Fixed behavior of select/deselect all buttons in Zentyal components

squid

  • Include domains with final slash as filtered when required
  • Ignore 407 requests when auth is required in log helper
  • Disable load_url_list by default to reduce CPU and memory usage
  • Use DATETIME type in date column for consolidation tables
  • Summarised report has breadcrumbs now
  • Mark logs as changed when an access rule is added, updated or deleted
  • Fix duplicated entries generated by the LogHelper
  • Prerouting rules have no iaccept chain, use ACCEPT target
  • Adapted to updatedRowNotify call with no changes in values
  • Fix parse of the dansguardian log in the LogHelper
  • Make LogHelper extract data from internal and external log files
  • Adapt firewall rules to new accept chains
  • Show correct group names in the Access Rules menu when using Users Group
  • Handle domains that are actually IP addresses in the LogHelper
  • Set transparent HTTP proxy firewall rules unless the module is temporary stopped
  • Added support for multiple Organizational Units
  • Updated to use the new security group concept
  • Adapted squid to new user module interface for external AD authorization
  • Use external squid log file to retrieve HTTP proxy requests
  • Added Auth and Cache Exceptions for non-transparent mode which allow to bypass Squid * Dansguardian auth
  • Added CUPS and ftp to SSL_ports
  • Squid time ACLs have independient ids, this fixes several issues with combinations of time, dates and long acls
  • Do not repeat Squid ACL declarations
  • Changed HTTP keytab permission in order to avoid krb5_kt_add_entry errors
  • Implemented _daemonsToDisable()
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Change the kerberos service from squid to http. Zarafa and Squid must share the service principal.
  • Disable DC reverse DNS lookup for msktutil commands
  • Explicitly set the DC for msktutil command when updating the keytab
  • Regenerate Kerberos keytab on LDAP reprovision
  • Fixed bug which returned the list of users of a profile inside another list
  • Avoid to request authorization again when ‘deny unknown domain’ option is set in filter profile
  • Access rules for the same source can have different time periods if they dont overlap
  • Reload dansguardian configuration in log rotation instead of restarting the full module
  • Overwrite squid3 logrotate file to take care of the squid-external daemon
  • Fixed SNMP acl
  • Removed redundant cache_log line from squid-external configuration
  • Fixed error triggered when creating a delay pool without an object
  • Make sure in categorized lists model that list archives are not backed up
  • Migrate old directories with blank names and their asociated configuration values
  • Better escape of whitespace in ACL names
  • Replace blanks for categorized lists directories to workaround squid bug
  • Fixed bug which allowed bad long names for ACL for ‘all’ object
  • Set visible_hostname to host ‘(instance)FQDN’. The standard value ‘localhost’ causes access denied under certain circumstances
  • Ignore access rules for empty objects
  • Ignore access rules for empty groups
  • Mark module as changed if addition/removal of users modify ACLs
  • Force all connections to pass through squid-external or deny access
  • Allow access to the proxy for clients which are not in local networks
  • Don’t allow to set kerberos and transparent proxy at the same time
  • Changed ownership of categorized list files to ebox to allow download
  • Removed no-configured files when saving changes after restoring a backup
  • Added configuration key to load regexes url lists from categorized lists or not
  • Adapted domains files to squid object to be able to use dstdomain ACLs with thems
  • Added explicit error when a squid configuration file is invalid when debug is enabled
  • Limited object ACLs to ten addresses per line
  • When creating user ACLs put only ten users per line to avoid reaching maximun configuration file line length
  • Use lowercase user names in configuration file, otherwise authorization fails
  • Use of reserved character in generated ACl names to avoid name clashes
  • Protection for ACL from profiles with too long names
  • Added validation of categorized list structure
  • Changed paths for categorized lists files so they are all under /var/lib/zentyal/files/squid
  • Work arounded the removal of archive files until the framework takes care again of them
  • Fixed categories list removal of extracted files
  • Moved a lot of the filter functionality to squid. In DG remains: filter by text analysys, antivirus and block ip
  • Adapted to improvement of EBox::Module::Service::isRunning method
  • Moved most of the filter functionality to squid. In DG remains: filter by text content analysys, antivirus and IP block
  • Fix kerberos authentication when filter profile applied. As dansguardian does not support kerberos auth, now there are two squid instances, one on the front of dansguardian to perform the authentication and one in the back to cache contents
  • Added memory cache of seen list directories to DomainFilterCategories
  • Categories from bigblacklist are now accepted

trafficshaping

  • Fixed recursive bug that tried to add two times the same
  • Added support to priorize ACK, SYN, FIN and RST small packages
  • Fixed row synchronization with interface changes in Interfaces rates model
  • Do not create builder or reset chains for non set or trunk interfaces
  • Fixed bug in checking rules when they are re-enabled
  • Use full path for notifier of notifyActions. More restrictive notifyForeignModelAction(). Moved this method from parent to subclass
  • Added modeldepends to yaml schema
  • Use Clone::Fast instead of Clone
  • Disabled rules for ppp and non set interfaces
  • iptables range option used in commands upon object range members
  • Added all interfaces option in rule select interface option
  • Separate rules in internal (download) and external (upload)
  • Use regular models instead of a dynamic select composite
  • Adapted to new Model management framework
  • Implement new EBox::NetworkObserver::regenGatewaysFailover()
  • Fixed duplicate rows in interfaces rates page
  • Use printableName instead of name to select services

usercorner

  • Delete unused constants
  • Fixed error message
  • Connect as the LDAP root user in read only mode to retrieve users DN
  • Added incompatiblity with external AD authentication mode
  • Fixed undefined variable warning when installing the package for first time
  • Create user journal directory in correct path. Migrate old versions with incorrect path
  • Write to usercorner log with ut8f encoding
  • Log correctly request authorization IP, init logger on loading of user-corner
  • Restricted permissions in log directories
  • Adapted to the new utf8 fixes
  • Removed suprefluos calls to utf8::decode
  • Added and used serviceId field for service certificates
  • User corner is now allowed on slaves, except for password change
  • Updated deprecated master/slave API calls
  • Modification of listen port from the UI works again
  • Fixed auth with SID filenames which contain spaces or other confusing characters
  • Adapted to new Model management framework
  • New translatable printableName for usercorner service
  • Fixed logrotate configuration

users

  • New TreeView to manage users, groups and OUs
  • Added support for external AD authorization
  • Fix typo in setSecurityGroup when no GID is set yet
  • Show group in slave as read-only
  • Show in a slave when the user is not a member of any group
  • Check email address for a group is done
  • Add group dialog can now set the e-mail
  • Fixed wrong calls to isSystem() in master-slave after API changes
  • Readded memberUid to the fields to index for SLAPD.
  • Ignored members that are not valid perl objects to avoid undef entries on EBox::Users::Group::members method.
  • Rewrites to share more code with samba module.
  • Added ‘mail’ field on zentyalDistributionGroup schema.
  • Added E-Mail field for Users and Groups when managing them from the UI.
  • Changed E-Mail field to optional for Contacts.
  • Updated master-slave sync to use the new User and Group fields.
  • Look for ssl.cert instead of ssl.pem in Slave::soapClient()
  • Changed description field to be always input text instead of textarea.
  • Warn instead of throw exception if home directory already exists
  • Forbid deletion of Domain Admins group
  • Forbid deletion of Users, Groups and Computers OUs
  • Filter also internal users and groups in membership comboboxes
  • Hide Samba objects that should be shown only on Advance view mode
  • Added support for disabled accounts
  • Removed deprecated configuration file keys related with external AD
  • The Administrator user is hidden now using the samba module functionality to hide SIDs instead of hardcoded in the code.
  • Remove needReload notification for group addons
  • When a new system user is created with uid 0 we also create its home. This is required by Samba for the Administrator account.
  • Added Net::LDAPBase::existsDN method
  • Better error control on reprovision, do not clear the reprovision flg on error
  • Fixed code typo in slave setup
  • Added new userCorner method to password model
  • Usercorner uses the ldap_ro credentials to retrieve user DNs.
  • preAdd callbacks get a second argument noting the parent when this new object will be created.
  • All LdapObject based objects will have the ‘entryUUID’ field available.
  • Created an EBox::LDAPBase class to share code with the Samba’s EBox::LDB one.
  • Reimplemented EBox::Users::Group::members to retrieve the members of the group directly instead of searching for the objects that are set as members of the group.
  • Added foldable user and group add-ons to dialogs
  • Replaced package breaks parameter with depends statement
  • Fixed error in the baseName() method for an Ldap Object
  • Fixed bug which make delete group dialog to show errors when there was warnings
  • Added a way to use Net::LDAP mock object for unit testing.
  • Fixed cloud sync setup when user number is unlimited
  • Fixed error in server master form when checking if controls are editable
  • Added a way to retrieve a group by its dn.
  • Configuration key multiple_ous removed as this is now enabled by default
  • Added support for Contacts handling.
  • Fixed maximum users check when not using cloud sync
  • Remove deprecated backup domain methods
  • Fixed password change in user corner when using samba
  • Changed reload action to force-reload for nscd init.d daemon
  • Fixed error message when trying to add a user above the edition maximum
  • Migrated SOAP services to use Nginx for SSL.
  • Updated to reflect the Apache -> WebAdmin rename.
  • Added Pre-Depends on slapd to avoid problems with upgrades
  • Check for already existent service principals before create them. Required because squid and zarafa share the HTTP SPN
  • Migration to remove leftover need_reprovision key in redis ro
  • Assure that we don’t have a phantom need_reprovision key in read-only tree
  • Check for maximum number of users depending on the edition
  • More frequent polling in EBox::Ldap::safeConnect() and more explicit error when it fails
  • Always mark as changed if it needs LDAP reprovision
  • Fixed member removal operation for groups
  • Tentative workaround against home directory chown bug
  • Slave setup refactored to reuse common code with reprovision
  • Reprovision LDAP for all LDAP based modules
  • Don’t try to update samba password in user corner when samba is not configured
  • Add operation arguments on LDAP error whenever is possible
  • EBox::Users::User::create() allows now an internal attribute
  • Users marked as internal are not displayed on the interface
  • New realUsers() method to filter only non-internal ones
  • Search in user table now is standard instead of filter only for uid
  • A bit more explicit text for EBox::Exceptions::LDAP
  • Reload nscd also when creating new groups
  • Fixed typo in exception class name in EBox::Ldap
  • Do not loop through the group members when adding/removing members
  • Added EBox::Exceptions::LDAP
  • Allow unsafe characters in commentary field
  • Better check for the incompatibility of Samba with master/slave
  • Fix modules extending LdapUserBase not notified modifying groups
  • Allow domain name change in System -> General reprovisioning LDAP db
  • Depend on dns module to fix save changes order during reprovision
  • Use less costly LDAP operations when adding or removing members from a group
  • Added EBox:Users::LdapObject::deleteValues method
  • Faster custom row id filter for Users model
  • Forbid user synchronization with other zentyals if samba is provisioned
  • Display users groups in slave mode
  • Avoided hang when the local host is wrongly used as master slave
  • Ldap modules should do a slaveSetup when slave mode enabled
  • Stop heimdal daemons on enableActions
  • Fixed alphabetical order in listing of users and groups
  • Filter in users table no longer matches LDAP dn
  • Recover better of no-usercorner journal error in slave-sync
  • Added read-only rootDn and password to LDAP settings screen
  • Don’t allow empty first name in CGIs for user creation/modification. Otherwise you can get LDAP errors.
  • Operator typo fix in EBox::UsersAndGroup::User::_checkQuota
  • Fixed LdapObject::get() for list context
  • Decode utf8 attributes from LDAP at LdapObject::get()
  • Removed unused method _utf8Attrs
  • Include /home as disk usage facility
  • Fix enable quotas without rebooting when module is enabled.
  • Users and groups cannot longer share names because it is incompatible with AD accounts
  • Use upstart to manage heimdal daemons
  • Increase the maximum UID number to avoid problems with samba integration
  • Fixed bug in group creation which on error could call a method in a undefined value
  • Do not stop openldap daemon when dumping database
  • Generate kerberos AES keys to be compatible with active directory in W2k8 or higher functional levels
  • Fixed user quota edition in slave server
  • Update user password also in samba ldap when changed from user corner
  • Update ‘cn’ attribute in cloud-sync
  • Set userPassword attribute when setting kerberos keys for user
  • Fixed delGroup operation on cloud slave
  • Include exception message when there is an error notifying a slave
  • Fix enable quotas without rebooting when module is enabled
  • Delete syncjournal files when slave is removed
  • Fixed reinstall script to stop samba module, otherwise new slapd cannot start because the port is taken
  • Sync password changes made from cloud to any slave
  • When syncing, do not update ldap of unchanged entries
  • New methods on LdapUserBase (preAddUser, preAddUserFailed, preAddGroup and preAddGroupFailed) to notify observers
  • Setup Cloud slave on first save changes
  • Synchronize uidNumber in master-slave
  • Check master’s REALM when adding a new slave
  • Fixed some errors on RESTClient after API change
  • Updated REST journaling behavior
  • Do not show unavailable options in master select
  • Added new EBox::Users::newUserUidNumber() function
  • Added check to assure that a no-ldap user has the same uid than a new user
  • Implement SysInfo::Observer to disallow host domain changes after the kerberos realm has been initialized, and to update the LDAP base DN if module is not yet configured
  • Added LDAP index for ou attribute
  • Always write slave-sync script
  • Increase default quota value to 500MB
  • Added clearCache() to LdapObject and force reload of krb5Keys
  • Do not allow user corner password change on slaves
  • Do not notify samba about users created while restoring backup. Samba will restore its users from its own LDB backup.

webmail

  • Disable roundcube spellchecker which is not working and already provided by the browsers
  • When using virtual host the webmail interface is available at the virtual host root
  • Use full path for notifier of notifyActions. More restrictive notifyForeignModelAction()
  • Fixed syntax of notifyactions in yaml schema
  • Adapted to new Model management framework
  • Store roundcube database in MySQL instead of PostgreSQL

virt

  • Moved to Contrib Repository (see details)

webserver

  • Adapted to the new user API.
  • Added GUI warning when enabling user dirs, telling about the need of creating the public_html dir and giving permissions to www-data
  • Remove deprecated backup domains methods
  • Updated to reflect the Apache -> WebAdmin rename.
  • Removed no longer required explicit disabling of apache2 init script as it is now managed by the framework
  • More error checking when creating virtual host directories
  • Fixed bug when checking hostname aliases on creation of a virtual host
  • When dumping config the no existence of configuration directories generates a warning instead of a error
  • Fixed error when creating directories for virtual host for hostname
  • Add DNS records for virtual hosts but without IP addresses
  • Virtual host for hostname overrides default settings
  • Added and used serviceId field for service certificates
  • Disabled temporarily dns host record creation until DNS/kerberos system allows it again
  • Configuration backup restore no longer crashes
  • Web Server moved from Infrastructure to Office
  • Module recovers from missign webserver service
  • Backup and restore of vhosts custom configuration directories
  • Avoid ‘port in use’ error when setting port for first time to its default value
  • Users public HTML directory adapted to changes in LDAP
  • Adapted to changes in DNS module
  • Adapted to new Model management framework
  • When creating virtual host DNS records use configured domains first
  • New translatable printableName for the webserver service
  • Also check alias names when creating a new virtual host
  • Adapted to new DNS method addAlias
  • Renaming of virtual hosts disallowed
  • Fixed certificate path in vhosts

zarafa

  • Disable Single Sign-On on webapp as it is not working and undocumented
  • Make Single Sign-On work on webaccess using only a virtual host
  • Fix zarafa add-on JS to show proper values
  • Use zentyalDistributionGroup instead of posixGroup
  • Revert to uidNumber and gidNumber instead of entryUUID
  • The Zarafa’s internal OUs should not be replicated to Samba
  • Adapter user add-ons to right panel view
  • Moved ZarafaCompany objects root into ou=zarafa from ou=Users because Samba doesn’t allow ou creations under CN=Users.
  • Updated to use renamed method EBox::Ldap::connection
  • Adapted user addon to multi-OU tree view
  • Updated zarafa-contact LDAP schema so we don’t require uidNumber
  • Use EntryUUID field as unique ID for users, contacts and groups
  • Added incompatiblity with external AD authentication mode
  • Added Pre-Depends on mysql-server to avoid problems with upgrades
  • Change the kerberos service from zarafa to http. Zarafa and Squid must share the service principal
  • Regenerate Kerberos keytab on LDAP reprovision
  • Fixed bug that orphaned store when a account was disabled
  • Fix stats method for Zarafa 7.1
  • Added and used serviceId field for service certificates
  • Fixed notifyForeignModelAction on removal of mail virtual domains
To stay updated join our newsletter