NethServer 7.6 is coming


(Giacomo Sanchietti) #1

We are officially working on NethServer 7.6.1810.

NethServer 7.5.1804 should be considered in feature freeze status: only bug fixes which don’t conflict with 7.6 updates will be still released in 7.5.

By the way, to ease development work, nethbot will continue to publish RPMs on 7.5, but please be very careful before releasing anything (or merging feature branches to the master branch).

As soon as CentOS will release 7.6.1810 ISO (probably in few days), we will switch to 7.6 and no more packages will be pushed to 7.5.

Please consider to test everything on a 7.5 updated to 7.6 using CR repository:

yum --enablerepo=cr,nethserver-testing update

List of NS 7.6 modifications: https://github.com/NethServer/dev/milestone/24

/cc @dev_team


File server not installable after upgrade to 7.6
(Giacomo Sanchietti) #2

#3

can i add also cc @quality_team?
still 4 issue to test/verify, feel free to help testing :slight_smile:


(Ralf Jeckel) #4

@davidep I tested upgrade to 7.6 on a allready installed test-VM with local AD.

Some notes:
Kernel now is 3.10.0-957
Samba DC is 4.8.6
Account: Join is OK
All services expected to run are running
No errors during update.

User create, edit and delete works
(in Cockpit this doesn’t work, because it’s not possible to verify the password, but cockpit itself seems to work)

Webtop: send and receive mail works (internally from one user to another, externally not tested)
Webtop: event create, modify and delete works. A fullday event is not editable after creation with opera browser, but chrome, firefox, edge are working

OpenVPN roadwarrior: works

Fileserver installation fails: package is samba 4.7.1 but libs are installed allready on 4.8.3 (@cr)

Created some firewall objects: CDIR, hosts, ip-range, times and zones and suddenly the machine was unreachable. Reboot and signal-event interface-update didn’t help ether.
Stop shorewall helps. My fault: I created a zone “green” with the internal subnet, but I can’t delete it now. :blush: Isn’t there a validator to prevent this? OK, deleted the props in networks db, now all works again.

Further tests willbe done.

So long, now I’ll have a :beer:


(Davide Principi) #5

Thank you for testing. I think we can’t apply #bug category to this #testing report. Let me fix it…

This is for @webtop_team

Did you enable both nethserver-testing and cr repository permanently in yum.repos.d?

Lockouts must be prevented. Let me see how… /cc @giacomo


(Giacomo Sanchietti) #6

It should be fixed now :slight_smile:


(Giacomo Sanchietti) #7

Can you please describe the steps to replicate the problem?
If needed, we can add a validator as suggested by @davidep


(Ralf Jeckel) #8

It’s replicatable. Tried it on fully updated NS7.5 VM.

Go to “firewall object” “zones”
create a zone called “green” with “192.168.0.0/24” = identical to green subnet (br0)

Server is unreachable until systemctl stop shorewall


(Ralf Jeckel) #9

Hope this time I’m in the right place. :slight_smile:

Did a new test:

  • install from iso and updated to latest NS7.5.
  • enabled testing and cr repo
  • updated to NS7.6
  • installed AD
  • created a user, modified, deleted it and created it again o.k.
  • installed modules: bandwidthmonitor, firewall,dpi,mail, fail2ban,fileserver,ftp,ips,mysql,NC,vpn,pop3con,sogo,statistics,webfilter and proxy at once. No fail.
  • created, modified and deleted firewall objects of all categories o.k.
  • created, modified and deleted firewall some rules o.k.
  • webfilter is working (verified with global black list and filter) o.k.
  • IPS: activation of some rules o.k.
  • vpn roadwarrior works: login with user,pw and cert o.k.
  • NC login with created user: o.k.
  • Sogo login with created user: o.k.
  • Sogo send mail from one user to another (internal) o.k.
  • Bandwidthmonitor and Ntop: o.k.
  • Statistics: o.k.
  • create shared folder o.k.
  • access shared folder from win10 with domain\user + pw o.k.
  • access to shared guest folder without credentials o.k.
  • verified fail2ban with vpn: after 3 attemps I was banned
  • All services are running

This config is almost the same as my real one.

All in all: I didn’t have any issue. :+1: :smile:


#10

great work! :+1: tnx!


(Ralf Jeckel) #11

confirm:


(Giacomo Sanchietti) #12

Thank you @flatspin, your tests are really amazing! I also reproduced the bug, give me some time to open the issue :slight_smile:


(Markus Neuberger) #13

I updated some Nethservers (internet gateway, mail & appserver and a VPS) and it seems everything is working so far! :sunglasses:

Internet gateway (openvpn, ntop, squid, suricata):

There were some warnings:

Nov 30 15:05:59 server postfix: /usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: submission_recipient_policy
Nov 30 15:05:59 server postfix: /usr/sbin/postconf: warning: /etc/postfix/master.cf: undefined parameter: submission_client_policy
Nov 30 15:50:24 server kernel: xt_ndpi: module verification failed: signature and/or required key missing - tainting kernel
Nov 30 15:51:16 server admin-todos: [ERROR] admin-todos: /etc/nethserver/todos.d/20ad_credentials exit code 31744

Mail & Appserver & AD (dokuwiki, guacamole, mattermost, nextcloud, omd, phpldapadmin, phpmyadmin, roundcube, rspamd, sogo, samba, webtop):

Warnings:

Nov 30 13:29:28 server2 dovecot: doveconf: Warning: /etc/dovecot/dovecot.conf line 272: Global setting mail_plugins won't change the setting inside an earlier filter at /etc/dovecot/dovecot.conf line 192 (if this is intentional, avoid this warning by moving the global setting before /etc/dovecot/dovecot.conf line 192)
Nov 30 13:29:28 server2 dovecot: doveconf: Warning: service auth { client_limit=2000 } is lower than required under max. load (2400)
Nov 30 13:29:28 server2 dovecot: Warning: service auth { client_limit=2000 } is lower than required under max. load (2400)
Nov 30 14:31:59 server2 clamd: LibClamAV Warning: Detected duplicate databases /var/lib/clamav/bytecode.cvd and /var/lib/clamav/bytecode.cld, please manually remove one of them

Internet gateway is joined to server AD, clients can access samba shares, permissions are working!

VPS with nextcloud and rspamd is working.

Additionally I updated another Nethserver (my backup storage) and a test VM (with nethserver-janus) and there were no errors.


#14

it seems that centos 7.6 is available… downloading…


(Davide Principi) #15

A post was merged into an existing topic: NethServer 7.6.1810 beta


(Davide Principi) #16