NethServer v7-alpha2

[quote=“davidep, post:35, topic:2444”]
I guess you’re downloding ntopng packages from Index of /centos-stable/7, right?[/quote]
yes, sorry i forgot to copy the link…

great… and be patient

i imagine… the problem is me, it seems not correct
could you check if the PR to merge, is ok? tnx

I’m working on nethserver-fetchmail how can I avoid that someone starts to work on my same package?
What about create a issue, with task label? So everyone can check status and assignee? /cc @dz00te

I think we have not enough concurrence. Don’t worry I’d rather write a note on this thread and open an issue for technical problems (not organizational problems).

Updated the wiki page.

Some packages require claiming the ownership of some e-smith DB.

On a freshly installed NethServer 7 i get a lot of log lines from lsm:

# grep -E '(ERROR|FAIL)' /var/log/messages 
[...]
Jan  5 11:36:39 vm5 systemd: lsm.service: main process exited, code=exited, status=1/FAILURE
Jan  5 11:36:40 vm5 systemd: lsm.service: main process exited, code=exited, status=1/FAILURE
Jan  5 11:47:47 vm5 systemd: lsm.service: main process exited, code=exited, status=1/FAILURE

AFAIK lsm is required for multi-wan on firewall installations. I know those log lines are not a real problem, but… What do you think about moving lsm out of the nethserver-firewall-base package? It could come from another nethserver-firewall-base subpackage, like ui (or ui itself)… @filippo_carletti, @giacomo?

could you please download ntopng files and put them in testing repo?
ntopng-2.2.151211-693.x86_64.rpm
ntopng-data-2.2.151211-693.noarch.rpm
pfring-6.2.0-411.x86_64.rpm
pfring-dkms-6.2.0-411.noarch.rpm

I’ve made a first pr for ntopng for ns7, but not fully functional at the moment
beyond the various rpm from ntopng to make it start, i think:

• hiredis should be installed
• create an empty file (at least?): /etc/ntopng/ntopng.start
• change the file /etc/redis-ntopng.conf (remember daemonize = no and others config on vm=)
  redis and systemd / Networking, Server, and Protection / Arch Linux Forums
• copied and modified file for redis-ntopng on systemd:
  $ cp /usr/lib/systemd/system/redis.service /usr/lib/systemd/system/redis-ntopng.service
  linux-rhel7-run-multiple-redis-instances.md · GitHub

it’s a work for @giacomo or could i try to fix it ?

I’m on it, stay tuned… Done!

I bet he will be happy to find your fix when he comes back

I’ve an issue with unbound (@filippo_carletti). On startup it fails with

error: unknown keyword 'max-udp-size'

On ns7 we have an official package from CentOS, unbound-1.4.20-26.el7.x86_64 which is older than the one from EPEL on ns6, unbound-1.5.1-1.el6.x86_64.

Problems also with mysqld from mariadb-server package. The service is now named mariadb

Just started to fix it:

Uploaded the RPM to base:
nethserver-mysql-1.0.7-1.8.g3097946.ns7.noarch.rpm

LSM can stay within the firewall base package. Actual configuration will start the daemon only if needed. I guess we made some mistakes during the port to systemd.
For now we will copy the starting logic from upstart to systemd config file.

I will check your pull request on monday

As far as I know, we do not use this option, try to remove it. Probably we can safely go with the old release.

@giacomo, @filippo_carletti: I commented the max-udp-size line and now the error is

Jan 12 14:02:50 vm5 unbound-checkconf: /var/lib/unbound/root.anchor: No such file or directory
Jan 12 14:02:50 vm5 unbound-checkconf: [1452607370] unbound-checkconf[11260:0] fatal error: auto-trust-anchor-file: "/var/lib/unbound/root.anchor" does not exist

Any idea?

tnx for test and the updated list on wiki (well, it’s not nice like my ascii table but it’s functional )
just a note, those packages was already rebuilded:
nethserver-ibays
nethserver-phonehome
nethserver-postgresql
nethserver-redis
but if you recheck them it’s better

We tried to share work dividing the list of packages among us, but I will be more than happy if someone wants to add his/her name to the list and take some packages.
We choose packages we are more familiar with, trying to balance the amount of work.
But we know that some packages can reveal harder to fix.

I’ve checked:

• nethserver-phonehome
• nethserver-redis
• nethserver-postgresql

All works good, great job!

I will live nethserver-ibays to @davidep since the work involves samba and httpd packages.

The list of work-in-progress packages is here: http://wiki.nethserver.org/doku.php?id=developer:nethserver_7_packages

Now it’s more clear, thank you!
There are still many unassigned packages! Come on folks

No, even assigned packages can be stolen from a list. I’ll be happy if someone steals from mine.

EDIT: I filed a pull request.

You need a small patch:

--- /tmp/40unbound_conf	2015-12-22 18:01:06.000000000 +0100
+++ /etc/e-smith/templates/etc/unbound/unbound.conf/40unbound_conf	2016-01-15 15:51:14.077015653 +0100
@@ -106,11 +106,6 @@
 	# is set with msg-buffer-size). 1480 can solve fragmentation (timeouts).
 	# edns-buffer-size: 4096
 
-	# Maximum UDP response size (not applied to TCP response).
-	# Suggested values are 512 to 4096. Default is 4096. 65536 disables it.
-	# 3072 causes +dnssec any isc.org queries to need TC=1. Helps mitigating DDOS
-	max-udp-size: 3072
-
 	# buffer size for handling DNS data. No messages larger than this
 	# size can be sent or received, by UDP or TCP. In bytes.
 	# msg-buffer-size: 65552
@@ -377,7 +372,7 @@
 	#
 	# trusted-keys-file: /etc/unbound/rootkey.bind
 	trusted-keys-file: /etc/unbound/keys.d/*.key
-	auto-trust-anchor-file: "/var/lib/unbound/root.anchor"
+	auto-trust-anchor-file: "/var/lib/unbound/root.key"
 
 	# Ignore chain of trust. Domain is treated as insecure.
 	# domain-insecure: "example.com"

well… in this case… can i steal to you and to @alefattorini nethserver-fetchmail? you know, i like that package

Yes, go ahead NP