[BlueOnyx:02633] YUM updates available

Michael Stauber mstauber at blueonyx.it
Thu Oct 15 00:22:38 -05 2009 

Hi all,

HTML version of this message is available here: 
http://www.blueonyx.it/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=44&cntnt01origid=15&cntnt01returnid=54

The following updates for BlueOnyx were released today and are now available 
through YUM:

==========
 Package  
==========

Updating:
 base-admserv-capstone
 base-admserv-glue
 base-apache-capstone
 base-apache-glue
 base-apache-locale-da_DK
 base-apache-locale-de_DE
 base-apache-locale-en
 base-apache-locale-ja
 base-apache-ui
 base-user-capstone
 base-user-glue
 base-user-locale-da_DK
 base-user-locale-de_DE
 base-user-locale-en
 base-user-locale-ja
 base-user-ui

Transaction Summary
==========================
Install      0 Package(s)
Update      16 Package(s)
Remove       0 Package(s)

Total download size: 306 k

These package addresses the following issues:


base-admserv:
===========

Modified /etc/admserv/conf.d/ssl.conf to disable the SSLv2 protocol for the 
BlueOnyx GUI interface. This forces AdmServ to use SSLv3 or TLSv1 instead, 
which are more secure.


base-apache:
==========

Virtual Sites created on BlueOnyx use mod_rewrite for a 302 redirect 
(temporary redirect). This is not particularly search engine friendly. Hence 
the 302 redirect has been changed to a 301 redirect.

However: Only sites created or renamed after this fix was installed will have 
the new redirect behaviour.

To convert all existing sites from the old 302 redirect to the new 301 
redirect run this script (as "root") once from SSH: 
/usr/sausalito/sbin/fix_302_httpd_redirects.pl

Additionally to the above helper script the following two new helper scripts 
have been added with this patch:

/usr/sausalito/sbin/fix_web-and-email-server-aliasses.pl:

This script allows to make sure that both the GUI and the system agree again 
over the status of "Email Server Aliasses" and "Web Server Aliasses". It 
briefly removes and then resets all "Email Server Aliasses" and "Web Server 
Aliasses" of all sites, which forces that the respective config files are 
rewritten.

/usr/sausalito/sbin/set_default_php_settings.pl:

This script makes sure that all virtual sites are reset to the factory default 
PHP security settings.

Both scripts can be particularly useful after migrations, where these settings 
may sometime conflict or where they may be missing.


base-user:
========

As BlueOnyx is using flat file authentication we sometimes run into issues 
where a stale /etc/passwd.lock lockfile is left behind. This then prevents the 
GUI from adding new users. Or from changing existing users. To prevent this we 
added the cronjob /etc/cron.d/passwd_lock.cron which runs the script 
/usr/sausalito/sbin/remove_passwd_lock.sh every 15 minutes. The script will 
detect and remove stale /etc/passwd.lock files.


-- 
With best regards

Michael Stauber

More information about the Blueonyx mailing list