0 votes
Tonight (10/09/19-11/09/19) the following updated packages are being released:

  • app-software-updates - a double update. The first is because of the 7.6 upgrade issue where we saw a chicken-and-egg situation with some updates. If there is an app-base update it will be applied first (with its dependencies) and a further update then run. There is also an update to allow automatic updates to work correctly when behind an upstream proxy. Unfortunately for affected users, they won't see the update until they do a manual update as the automatic updates don't work.
  • yum-marketplace-plugin - again, the marketplace was not functioning correctly when behind a proxy. This was a community led fix.
  • ibVPN * - this is an old update which got overlooked a long time ago. I don't know what the update is.
  • app-attack-detector - This is a potentially destructive update for people who have made manual changes, so I'll reply to this thread with more details.

All packages released into the Community last week are being pushed into Business and Home.

* = the package is also being released to Business at the same time.

Packages available for testing

  • app-network - probably not worth testing as there is a pending merge request which may cover some iof the issues found. Also you currently need to have at least two unconfigured interfaces before you can create a bridge interface in the first place. To permanently enable the Add Bridge button, you can change line 74 in /usr/clearos/apps/network/views/ifaces.php to:
    if ($available_interface_count >= 0)
    This is a separate issue.
  • nextcloud - update to 16.x. Details in this thread.

Packages available for testing can be installed with:
yum update --enablerepo=clearos-updates-testing {package-name}

Packages being worked on:

  • app-storage
  • app-network - part way through code merge
  • nextcloud - upstream to 16. See forum thread New version of NextCloud (16.0.4)
  • app-kopano - to prepare for upstream 8.7.5. See forum thread Update Webapp and Z-push
  • app-wordpress - remove dependency on wget; update versions of WP available for download
Tuesday, September 10 2019, 08:30 PM
Share this post:
Responses (3)
  • Accepted Answer

    Friday, September 13 2019, 07:09 AM - #Permalink
    0 votes
    App-storage has some of the features, but it is not fully baked. It can format disks and mount them. I think it can do bind-mounts. It is confusing for USB devices - disks are treated one way and USB pen drives another. Also some of the text is confusing. I can't remember the other issues, but it is usable for some functions.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, September 13 2019, 02:33 AM - #Permalink
    0 votes
    I wonder what is being done to the app-storage, I mean, seems to me that in a non virtualized server, it is one of the most crucial tools. I'd love to manage mount points with it. One disk for general apache, maybe an ssd for an specific site, another HD for one flexshare, another to email, another for backups, etc etc etc.

    I think storage/mount points touches so many different parts of the systems that it should be a priority.

    I'm wondering how I would easily manage a email server. Right now it's all by hand.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, September 10 2019, 08:32 PM - #Permalink
    0 votes
    Attack Detector update

    Retrospectively, the ClearOS implementation of app-attack-detector/fail2ban (f2b) could have been done differently to avoid problems caused by an upstream update. Unfortunately there is an upstream update to fail2ban-10.4 in the pipeline but I am not sure when it will hit.

    F2b has a hierarchical file structure with all basic settings in a miriad of conf files. These days, in f2b, the recommendation is to not make any edits to the conf files but to a .local file. As an example, "Jails" are defined in a jail.conf. If you want to change any settings such as enabling the jail, the ideal way is to create a jail.local file and put the changed settings there.

    Unfortunately the ClearOS implementation updates a couple of parameters in the jail.conf file. The rpm system, when it sees an updated config file, leaves it alone and instead creates an rpmnew file. This time round, in the upcoming f2b update, there are some critical updates to jail.conf which must be implemented or one or more of the ClearOS jails will fail.

    The Attack Detector update will back out two ClearOS changes made to jail.conf and move them to jail.local (creating it if it does not exist). It will also move any change made to ignoreip and reset it to default. If a jail.conf.rpmnew exists it will move jail.conf to jail.conf.rpmold and replace it with jail.conf.rpmnew. The idea behind this is that no one should be making changes to jail.conf but should put their changes in jail.local.

    The down side of this is that anyone with a jail.conf.rpmnew file and who have made an edit to their jail.conf file, apart from to the ignoreip parameter, will lose their changes as they end up being moved to a jail.conf.rpmold file. These users are very strongly recommended to copy their changes from the jail.conf.rpmold file to a jail.local file and not to jail.conf or they will have a problem with the f2b 10.4 update.
    The reply is currently minimized Show
Your Reply