NethServer 7.4.1708 beta 1 released

giacomo · September 21, 2017, 9:48am

We are proud to announce a new NethServer release.

NethServer 7.4.1708 beta1 is here, just 7 days after CentOS 7.4 release thanks to the amazing work of this wonderful community!

What is the Beta release?

The Beta release contains all the features of NethServer 7.4.1708 in a form that anyone can help test. This testing, guided by the NethServer team, helps us target and identify bugs.

This release is still not ready for production servers!

NethServer 7.4.1708 changes from 7.3.1611

Squid has been patched for a smoother web navigation experience when using SSL transparent proxy
Ntopng 3 replaces bandwithd, the Server Manager has a new “top talkers” page which tracks hosts network usage
Suricata can be configured with multiple categories rules
EveBox can report traffic anomalies detected by Suricata
Patched version of sssd-libwbclient package which fixes upstream bug on shared folders access
Nextcloud 12.0.3
Web antivirus based on ICAP instead of ECAP
Web filters: ufdbGuard updated to 1.33.4, small UI improvements on web
WebTop4 has been removed
Diagtools: added speedtest (thanks @stephdl!)
ufdbGuard upadted to release 1.33.4
Many updates from upstream:
- https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html
- https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7

Download or upgrade

Please take some time to download and try out the Beta and make sure the things that are important to you are working. If you find a bug, please report it. This is a great opportunity for non-programmers to contribute back to NethServer.

NethServer 7.4.1708 ISO
[MD5] (https://sourceforge.net/projects/nethserver/files/nethserver-7.4.1708-beta1-x86_64.iso.md5/download) - 700a18410817b1c2a5f7d383c0941b9a
SHA1 - 9f11bb4ba63bca8df2de0234d8af3ec5fef68a3e

New installations

Download the ISO
Install on a VM on a physical machine

Please test it with hardware RAID and UEFI bios.

How to upgrade

Make sure to have a fully updated 7.3 system:
```
  yum clean all && yum update
```

Install the new nethserver-release package:

  yum install http://packages.nethserver.org/nethserver/7.4.1708/updates/x86_64/Packages/nethserver-release-7-3.1.ge457d21.ns7.noarch.rpm

Update remaining packages:
```
  yum clean all && yum update
```

Andy_Wismer · September 21, 2017, 10:12am

Hi
Will test this out tonight, at least on a VM, on Hardware. I don’t have spare UEFI BIOS machines besides my Mac to test out UEFI. But can test RAID1 on Hardware, rest on KVM Virtualisation (ProxMox 5x).

Great work!

Andy

m.traeumner · September 21, 2017, 12:39pm

I’m installing it at this time at my “playground”. I’ll test next days.

m.traeumner · September 21, 2017, 12:40pm

With refind you can test it at your mac.

flatspin · September 21, 2017, 2:34pm

Downloaded and installed. Installation was fast and smooth. Update after first installation worked fine. No Errors or issues so far.

Installed an a VM on Proxmox 5. Will install some modules the next days an report.

Have a nice day guys and thanks for your wonderfull work @dev_team.

Andy_Wismer · September 21, 2017, 6:57pm

Hi

Just finished installing NethServer-Beta on a ProxMox 5 virtual environment under KVM. Using the prescribed VirtIO/SCSI/Net stuff went very smooth and fast. Running on an old Testserver (HP Proliant ML110 G6 with 16 GB RAM, ProxMox NAS Storage used for Virtual-HDs, connected with Gigabit, no Other Networks involved). NethServer was allocated 4 GB RAM and 50 GB HD space. Despite that, it’s fast!

Updating after first installation right now, after that a couple of modules suitable for testing.

Amoung others: Authentification Module AD, FileServer, NextCloud, Backup, eMail, RoundCube and Engl./German language.

The Windows7 I plan to use to test domain / samba is still installing / updating. To be expected…

Later I’ll also perform some tests with RAID1 on a HP PC set as server with 2 disks, just for testing.

Infos coming…

Andy

Andy_Wismer · September 21, 2017, 7:11pm

NethServer-Beta test on ProxMox 5:

Account provider:

Installed Modules (so far):

Andy_Wismer · September 21, 2017, 7:30pm

@m.traeumner

I’m quite aware of the possibilities of my Mac.
But I DO plan on using a clone of the parallels Windows I have running on it, as well as the parallels Ubuntu (and others) for testing and documenting my NethServer trials. Although I could use some text based mail client like mutt or whatever directly on Nethserver, adding in screenshots become a real PITA. And I need the Mac to Admin the Web-Interface, so no rebooting during these trials…

One Reason: The Nethserver Beta is running on ProxMox, so is the virtual Windows I plan to use for testing. That’s not quite conclusive in my opinion, it’s like sending yourself a mail to test mail functionality. If your Mail client thinks it’s smart, it will just move outbox back to inbox, bypassing any involved mailserver like Exchange, Nethserver or whatever. But still people do it…

I do want to turn off my primary DHCP and DNS Servers, to test this…

As Italians know well, Rome wasn’t built in a day - actually, like ANY living city, it’s still been built. Only a “dead” City is ever “finished” - ask the early Vesuvians…
All of us here, in some way or other are keeping this a LIVE Project, and that’s great!

Best Regards to a great community & Devs!
Andy

Jclendineng · September 22, 2017, 12:41am

YES! Some squid enhancements. Ill throw on transparent SSL and see if that fixed the issues that were present!!! Awesome.

m.traeumner · September 22, 2017, 8:20am

I’ve updated my system to 7.4.1708 beta1 in a virtual machine (qemu). I use samba active directory. Login with AD-users to horde and to webtop is working fine. No other problems till now.

Andy_Wismer · September 22, 2017, 10:17am

My Windows 7 Test workstation finally updated itself to the latest Version. Rebooted and manually adapted the Network instead of using DHCP. My normal Nethserver is doing DHCP, not the Test-Server yet.

Cool is the fact using VirtIO-Network you get 10 GB/S !!! (At least inside the ProxMox, my ProxMox has only Gigabit LAN!)

So: Testing the Samba AD:

Entering the “Domain Admin” credentials (From the NethServer-Beta)…
And looking good!

Checking groups / permissions:
I created a “normal” User. On the network normal permissions, but on the local machine I want the user to have local Administrator permissions AND of course RemoteDesktop…

-> Feature Wish
Why not have some “Standard” groups, for those who choose AD?
Like remotedesktopusers, domain users, printer admins…
For those using Windows clients, it could help.

Rebooted the PC and testing direct Domain Logins:

RDP as the “normal” User (RDP Settings on my Mac):

And… Login / Permissions from AD perfect!

One small issue I noticed:
The DNS Alias for the AD should be automatically activated (and filled in) as soon as AD is activated!
Actually - even without AD, the server should have it’s defined name entered in as soon as the DNS server is activated. Can Nethserver handle reverse lookups correctly? Even itself? DNSmask can handle that, afaik…
The required info is already there:

additionally, after setting up AD the domain name and DNS is “fixed”, so why not use that info.

These entries I had to do manually:

One of the key requirements of a working AD is DNS working correctly (to be more precise, a working Name to IP resolution is required, but also to tell clients eg which server is the master.).

Printing and other Stuff not yet tested, I will also test Squid performance using the Nethserver, but I’ll wait until I set up the clone my hardware Win7 box.

That way, I’ll actually have three Win7 clients using the Test NethServer, one in Hardware, one on ProxMox and one on Parallels (Mac).

NextCloud using AD:

I can also confirm that NextCloud works well as far as LDAP/AD Integration is concerned:
The image shows the NethServer Admin (Not the NextCloud admin!) with permissions as Admin of NextCloud. The defined groups (eg nextcloud-users) also work as expected!

Small “complain”:
This isn’t optimal:

This would be a more appropriate setting:
env EDITOR=nano crontab -u apache -e
*/15 * * * * /opt/rh/rh-php56/root/usr/bin/php -f /usr/share/nextcloud/cron.php
CTRL x y

So far, all looks good!

@giacomo and all involved in packaging, testing…

Great Work!!!

Andy

mrmarkuz · September 22, 2017, 8:00pm

Hello friends,

I fired up a VMWare Workstation VM with the new NethServer release 7.4.1708 (beta1).

Setup AD and installed some software and updates

Joined a Win 10 machine, worked like a charm.

There was an error message in Software center and a problem with Webtop but I don’t think it is related to the new image because the problems were there in 7.3 too. The beta is working properly

dnutan · September 23, 2017, 11:30am

After clean install and First Config Wizard:

ERROR in /etc/e-smith/db/fwrules/migrate//issue5234.ns7: Program fragment delivered error <<Can't call method "get_all" on an undefined value at /etc/e-smith/db/fwrules/migrate//issue5234.ns7 line 33.>> at template line 1
ERROR: Template processing failed for /: 1 fragment generated errors
at /usr/share/perl5/vendor_perl/esmith/DB.pm line 459.

pagaille · September 25, 2017, 2:20am

Tried to update my home server to 7.4 and it failed at the transaction check on ntop related files.

    Resolving Dependencies
--> Running transaction check
---> Package nethserver-ntopng.noarch 0:1.4.1-1.ns7 will be updated
---> Package nethserver-ntopng.noarch 0:1.4.1-1.17.gf592d3b.ns7 will be an update
--> Processing Dependency: ntopng-pcap >= 3 for package: nethserver-ntopng-1.4.1-1.17.gf592d3b.ns7.noarch
---> Package ntopng-data.noarch 0:2.4.160712-1303 will be updated
---> Package ntopng-data.noarch 0:3.1.170812-3152.el7.centos will be an update
--> Running transaction check
---> Package ntopng-pcap.x86_64 0:3.1.170812-3152.el7.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===========================================================================================================================================================================
 Package                                  Arch                          Version                                            Repository                                 Size
===========================================================================================================================================================================
Updating:
 nethserver-ntopng                        noarch                        1.4.1-1.17.gf592d3b.ns7                            nethserver-updates                         31 k
 ntopng-data                              noarch                        3.1.170812-3152.el7.centos                         nethserver-updates                         24 M
Installing for dependencies:
 ntopng-pcap                              x86_64                        3.1.170812-3152.el7.centos                         nethserver-updates                        5.6 M

Transaction Summary
===========================================================================================================================================================================
Install             ( 1 Dependent package)
Upgrade  2 Packages

Total download size: 29 M
Is this ok [y/d/N]: y
Downloading packages:
nethserver-updates/7/x86_64/prestodelta                                                                                                             |  938 B  00:00:00     
Delta RPMs reduced 31 k of updates to 16 k (46% saved)
(1/3): nethserver-ntopng-1.4.1-1.ns7_1.4.1-1.17.gf592d3b.ns7.noarch.drpm                                                                            |  16 kB  00:00:00     
(2/3): ntopng-pcap-3.1.170812-3152.el7.centos.x86_64.rpm                                                                                            | 5.6 MB  00:00:02     
(3/3): ntopng-data-3.1.170812-3152.el7.centos.noarch.rpm                                                                                            |  24 MB  00:00:09     
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                      3.1 MB/s |  29 MB  00:00:09     
Running transaction check
Running transaction test


Transaction check error:
  file /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat from install of ntopng-data-3.1.170812-3152.el7.centos.noarch conflicts with file from package ntopng-2.4.160712-1303.x86_64
  file /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat from install of ntopng-data-3.1.170812-3152.el7.centos.noarch conflicts with file from package ntopng-2.4.160712-1303.x86_64

(…) long list of similar entries here

  file /usr/share/ntopng/scripts/lua/user_stats.lua from install of ntopng-pcap-3.1.170812-3152.el7.centos.x86_64 conflicts with file from package ntopng-2.4.160712-1303.x86_64
  file /usr/share/ntopng/scripts/lua/vlan_details.lua from install of ntopng-pcap-3.1.170812-3152.el7.centos.x86_64 conflicts with file from package ntopng-2.4.160712-1303.x86_64
  file /usr/share/ntopng/scripts/lua/vlan_stats.lua from install of ntopng-pcap-3.1.170812-3152.el7.centos.x86_64 conflicts with file from package ntopng-2.4.160712-1303.x86_64
  file /etc/systemd/system/ntopng.service from install of nethserver-ntopng-1.4.1-1.17.gf592d3b.ns7.noarch conflicts with file from package ntopng-2.4.160712-1303.x86_64

Error Summary
-------------

giacomo · September 25, 2017, 7:26am

Thanks, it’s just a cosmetic bug, I will fix it.

You need to remove ntopng before upgrading:

yum remove ntopng

I will document it.

Edit: just published a RPM which obsoletes also ntopng, so there is no need to remove the package before update.

pagaille · September 25, 2017, 6:47pm

Thanks, worked. However ntopng wasn’t available from the UI. I had to install it again from the Software center to get it back.

EDIT

Also noticed that the app seems to start (in degraded mode : CSS missing, nothing work) even if it is in disabled state in the configuration section, quite misleading.

pagaille · September 27, 2017, 7:26pm

The configuration page of the Account Providers says “An update to the Domain Controller package is available”. However no update is provided through the software center nor yum update.

davidep · September 27, 2017, 7:41pm

The Domain Controller runs in a separate system, a Linux container, so it is updated separately and software center does not see its updates.

I think this information is missing in the admin manual /cc @docs_team

The Samba project releases regularly bug fixes. We could apply bug fixes to DC automatically and require the admin upgrade action only for minor release steps (ie 4.6 -> 4.7)