* Wed Jul 20 2016 Gabor Horvath - Support eRAD platform 6.8 (RHEL/CentOS 6.8) * Wed Apr 06 2016 Gabor Horvath - Added: Enable ssh based backup account. - Added: Sudoers config to allow chmoding ~var/mysql directory. - Added: New global yum directives. - Removed: requirment for nscd. * Wed Oct 21 2015 Gabor Horvath - Support for RHEL/CentOS 6.7 * Wed Sep 16 2015 Gabor Horvath - Added: Changes in MYSQLD_MODE=SYSTEM mode require platform support in /etc/sysconfig/mysqld, sudoers and medsrv/mysql usergroup membership (both ways). These should allwo to use the mysql datadir under medsrv hom by a system mysqld. * Mon Sep 14 2015 Gabor Horvath - Added: Denyhosts allowed-hosts (shoudl) contain all eRAD IP ranges. * Wed Apr 15 2015 Gabor Horvath - Fixed: CBT#2299: Selinux was not disabled, boot paramers are now added with EFI boot. * Tue Apr 14 2015 Gabor Horvath - Support medsrvinit -first|-upgrade parameters. - Fixed: Upper case value of 'OSPRODUCT' broke dependency: 'erad-base-RHEL-support' is right. * Wed Mar 04 2015 Gabor Horvath - Added trigger scripts, when 32 bit mysql lib, or mysql server is installed/uninstalled. Handle added my.cnf, remove when not installed. * Wed Feb 25 2015 Gabor Horvath - Added: mysqld localconf script and include to generate system my.cnf and logrotate config. * Thu Feb 19 2015 Gabor Horvath - Added: sudo entries to run some system mysql tools and have access to mysql config * Mon Feb 09 2015 Gabor Horvath - Add Medsrv's ImageMagick lib path to ld.so.conf database (Support dynamic build) - Remove ImageMagick from default packages, put it into dontinstall group. * Thu Jan 15 2015 Gabor Horvath - Fixed: Store SMTP Auth data in private file - Fixed: SMTP Password input box - Fixed: Yum cache cleaned up durint chrooted postinstall, install stopped on erad-keys install. * Wed Dec 17 2014 Gabor Horvath - More relevant package summary and description. - Added: manual dependecy for sfdisk - Fixed: access to medsrv logfiles using sudoers rules for siteadmin(menu) - Added: 10 min timeout for each menu level, in siteadmin shell. - Added: IP and bind info to virtual host list, Allow to bypass, when it' the only one - in siteadmin shell. - Added: Currently logged in shell users, in siteadmin shell. - Fixed: Use default auth.keys file (backup, siteadmin, siteman), when editing it (in siteadmin shell). - Fixed: Run in chrooted/postinstall environment, without error messages. - Fixed: Siteadmin logfile access to medsrv logfiles. * Fri Dec 12 2014 Gabor Horvath - Move 32-bit dependencies to medsrv-tools. - Revert back build arch to noarch. - Fixed: AcceptEnv was not removed from sshd_config. * Wed Dec 10 2014 Gabor Horvath - Support multiple Linux distros (preferably rebuilds like CentOS), while rely on erad-release about supported platform. - Added: Handle backup and sitedmin user the same way: enable/disable, lock/unlock password and edit ssh rsa keylist. - Added: Allow to add user keys to siteadmin shell. - Changed: Dependency chain between erad-release, erad-keys, erad-base and medsrv-tools. - Fixed: %post and %preun handles updates (which is not remove old+install new). - Added: allow to run postinstall (aka: service erad-base start) without running services (in chrooted install environment). - Sshd_parser code from erad-keys moved to sshauth include. - Removed: ssh RSA key management, erad-keys handles this. * Wed Dec 03 2014 Gabor Horvath - Fixed: MEDSRV log file are not readable to medsrv. - Fixed: Disabled rate limit (unix socket and global) in syslog.conf. - Fixed: UMASK must be before any logfile definition in syslog.conf (global setting). - Fixed: Bind UDP listener to localhost in syslog.conf - Added to syslog.conf: Async writting, but flush every 3 seconds, use 64K buffer. - Fixed: Debug_log must be consitently disabled or enabled (commented out or not) in syslog.conf. - Fixed: Exclude all local facilities from /var/log/messages in syslog.conf. - Fixed: SSHD config parser handled muliple Match blocks. - Renamed eimsiteadminmenu to siteadmin * Wed Nov 26 2014 Gabor Horvath - Changed the path of all files, and all reference in files: replace imagemed-base to erad-base. - Changed the path of /usr/lib/erad-base/scripts to /usr/libexec/ in all files, and all reference in files. * Tue Nov 18 2014 Gabor Horvath - Do post install configs from rpm %postin scriptlet, instead of service script. * Mon Nov 03 2014 Gabor Horvath - Changed: do not force any system character set * Fri Oct 10 2014 Gabor Horvath - Changed: Use single symlink to mark mirror, localconf shuld handle this. - Fixed: Siteadmin RSA key list edit. Use dialog inputbox (not joe). - Changed: Use one symlink to mark a mirror. Split mirrorlist into 3 subdirs, use postfix on these subdirs. - Fixed: Run meduser syslog on 'post-medsrv-init' event, so owner of var and var/log dirs are not root. Changed: Use dialog --editbox in 'localconf' to edit authorized_keys, instead of joe. * Wed Oct 08 2014 Gabor Horvath - Fixed: SSH authorized keys were not added/removed after siteman cron job. - Changed: Complete rewrite of event handling (like. medinit, medsrv init, post install config) - Fixed: Add SSH RSA keys whenever it makes sense. - Changed: Add rsyslog, ldconfig conf entries before medsrvinit (where components exist). - Changed. Add updatesdb, ldconfig after medinit. It does not hurt. - Added: Apply ntp config on a daily basis. - Rewrite sitemanreg to use a single form to collect all data (instead of navigating into menus), while not esposing passwords. - Handle offline registration as a kind of siteman server. - Added: SMTP auth config to sendmail localconf script and localconf TUI itself. - Added: Scale dialog based tui apps based on terminal size (on startup). Scale size half the growth. - Fixed: Get rid of settings which does not work in RHEL 6. - Fixed: RPM repository manager in localconf tool handles repos and package groups properly. - Added to siteadminmenu (a tui app): secure root and logfile browser and tail widget. - Added to siteadminmenu: status display only result of implemented components. Use colorcode as well. * Mon Sep 29 2014 Gabor Horvath - Added i686 library dependencies for MEDSRV. - Change arch to i686 to work with isa macro. * Fri Sep 19 2014 Gabor Horvath - Cleanup old 3ES, 4ES, eimupdate etc codes. - Fixed: main comps group name changed to 'eradserver' - Fixed: manifest creation did not works properly (when changing files). - Use more meaningful, less redundant and matching version numbering (with base and repo rpms). - Fixed: sendmail localconf script runs after registration script. - Changed: dtopin confg files use same name template to be recognized more easily. - Fixed: various validation works, generates new temp configs and diffs with original. - Run updatedb and sshauth during prepare_meduser_env (aka medinit), because it does not harm. - Fixed: sendmail validation cleaned up and more foolproof. - Fixed: Missing oper_info syslog facility name, failing logging completely, when medsrv env is not complete. Does not fix later. - Fixed: order running various config steps (aka imagemed-base start). - Changed: HU support domain has changed to eradpacs.hu, sincs we have domain and wildcard cert. * Fri Jul 25 2014 Gabor Horvath - Adjust build environment and package content for RHEL/CentOS 6.5 * Wed Apr 16 2014 Gabor Horvath - Define package dependencies here, instead of meta package * Mon Apr 14 2014 Gabor Horvath - Rename base package name - Add Obsolate: directive to help with upgrade. * Mon Nov 19 2012 Balazs Bacskai - Fixed: Fixed the output of repo check, to fit check mk requirements for local checks. one line per check * Thu Nov 15 2012 Gabor Horvath - Added: graphviz include and localconf script to fix CBT#786 * Wed Nov 14 2012 Gabor Horvath - Fixed: Various sudoers configuration. - Added: Support to run nagios and check_mk_agent as root, by siteman user. - Added: Siteman shell wrapper to run check_mk_agent. * Mon Nov 12 2012 Gabor Horvath - Fix: Sudoers parser/fixer did duplicate lines - Added: New command to siteman shell: check_mk_warp. - Added: Allow to run check_mk_agent as root by siteman user - Fix: stop check_mk daemon. * Fri Nov 09 2012 Gabor Horvath - Fix ssl request generating fail - Fix sitemanreg offlineserver bug. - Change: Allow async logfile commit. - Change: Use descriptive request URI (utilizing PATH_INFO) for better siteman logging. - Removed: Query enable_mailing from siteman server. - Fix: use of operantion+function handler. * Thu Mar 01 2012 Gabor Horvath - Fixed: Ntpd sysconfig should not have "-L" parameter, this prevents time sync completeley. - Fixed: Sshd config parse leaves backup config with PID as postfix. - Added: Disable gssapi auth. - Added: More failsafe sshd config parse. * Fri Feb 10 2012 Gabor Horvath - Fixed: Duplicate offline entry in "Register to..." submenu. * Tue Feb 07 2012 Gabor Horvath - Fixed: repository mirror change * Fri Jan 27 2012 Gabor Horvath - Fixed: event handling, revert to event names with dash, convert to underscore in "call_method". - Fixed: event handling, work without asroot patch - Fixed: event handling, meduser events did not get username. - Fixed: sitemanreg should display "hostname", hot the FQDN. - Fixed: have an offline siteman server, use this name in server_tag. - Fixed: use URLs in support server data, in monitor_site field. - Fixed: checklist runner script displays results better. - Fixed: handle offline registration and email sending. - Fixed: checklist: smp_kernel check handles PAE, - Fixed: siteman register script does not use saved server_id value, but gets it from sitemanreg, this allows empty override. * Tue Jan 24 2012 Gabor Horvath - Added: support nagios plugin calls over siteman shell. - Added: openmanage related nagios plugins and dependencies to repository * Tue Jan 17 2012 Gabor Horvath - Change: complete rewrite of event handler script. Removed perl code. - Fixed: handling of medsrv events. - Fixed: subsys lockfile should be created on medsrv rc start using event handler, but done by imagemed-base code. * Tue Nov 22 2011 Gabor Horvath - Added: run imagemed-base on next reboot, including first boot - Removed: handle eimlocalconf symlink * Mon Apr 18 2011 Gabor Horvath - Fixed: get_meduser_env (in medsrv include) does not collect variables requested - Fixed: configure_syslog_meduser (in syslog include) does laod collected variables * Mon Feb 21 2011 Gabor Horvath - Tuned to work with RHEL 5.5 - Removed: apg binary, depend on 3rd party package - Fixed: sitemanreg will do re-registration properly * Thu Nov 13 2008 Gabor Horvath - Added: cheklist script: test server environment, update, siteman and other server access. - Removed: eimupdate script: yum does the job from now on. * Mon Oct 20 2008 Gabor Horvath - Have siteman shell on X console login - Added features to localconf: Time sync config, X startup, Site admin, RPM functions, Server environment - Fix: do OS confing during install from CD (chrooted environment, but not normal runlevel) - Fix: ld.so conf has medsrv's mysql in libpath - Fix: medsrv related OS config, especially query from running medsrv - Fix: fine-tune service startup configuration. - Added: OS config scripts handle development servers and cluster members (TODO). - Fix: disable ssh protocol 1. * Fri Jan 18 2008 Gabor Horvath - Fixed: sitemanreg creates private files only, only authinfo must be private. medsrvinit now can read SUPPORT_DOMAIN value. * Thu Aug 30 2007 Gabor Horvath - Removed: eimcleanup. It's depredicated. - Fixed siteadmin shell (/usr/bin/eimsiteadminmenu), MEDSRV status looks better. - Fixed siteman shell: Some commands were binaries (resolved symlinks),replaced with wrappers. Partinfo use /etc/fstab and resolvs LABEL= and UUID= entries. * Fri Aug 10 2007 Gabor Horvath - eimupdate: Removed: Run "service imagemed-base start" after the update. - sitemanreg: Fixed: Handle difference between 3ES and 4ES - sitemanreg: Added: Registration with custom server ID. - Added: Siteman shell: custom account using restricted zsh. Wrapper commands to run commands as meduser and root. - Fixed: support postinstall config (chrooted environment, no daemon restarts). - Changed: SSL certification is validated more precisely. * Wed Jun 27 2007 Gabor Horvath - Bootloader config added to post-rpm-inst event. - post-rpm-inst event ("service imagemed-base start" command) run by %postin script, since eimupdate is replaced. - All bash includes are aware of current runlevel. postinstall scripts may run without actual services running. - Fix OS release specific configurations: audit, bootloader, service, xconfig. * Wed Jun 13 2007 Gabor Horvath - Added xconfig library and localconf script. Set runlevel by detecting the presence of X, fix X fontdir files etc... * Mon May 14 2007 Gabor Horvath - Replaced eimsmrsh with a customized restricted bash - Changed: siteman home directory and files distributed, not created * Thu Dec 14 2006 Gabor Horvath - Fixed eimupdate: checking packagaes failed due to changes in sed. Fixed sed filters. - Added localconf meduser events: pre-medsrv-stop post-medsrv-stop - Run ldconfig before medsrv init. - Fixed updatedb script parsing * Thu Dec 07 2006 Gabor Horvath - Fixed eimupdate: handle alphanumeric release tags. - Added siteman user: part of siteman framework. - Fixed ld.so.conf parsing. - Fixed serialzation: don't detect commands by pid. - Fixed sudoers parsing: handle siteman and medsrv entries properly, disable password prompt. - Fixed updatedb bug (prune dirs were ignored separated by whitespace. Daemon runs fow hours. * Fri May 26 2006 Gabor Horvath - Added localconf feature: ACPI Poweroff, Authorized-only shutdown. - Fixed: BTS bug #8355 "MEDSRV syslog entries are not created" - Fixed: BTS bug #8354 "cron.hourly generates mail" - Added: Install authorized keys for siteadmin. * Thu Apr 27 2006 Gabor Horvath - Fixed ssh authorized keys handling: don't remove unknown keys, remove revoked keys - Fixed siteman register: Send external IPs. * Fri Apr 21 2006 Gabor Horvath - Fix network settings: added bash include and localconf scripts. * Fri Mar 31 2006 Gabor Horvath - Fixed: /dev/stderr: Permission denied * Fri Feb 10 2006 Gabor Horvath - Added localconf TUI script to change server parameters like mail relay, bind address etc. - Fixed local config scripts. - New setenv.prp is generated from setenv.sh. Useful in java. - Added Site Manager registration tool & TUI. - Heavily altered Makefile: map directories, create released in a better way. - Added rpm file and directory lists: separated list for each type of file and directory. Generate RPM specfile from those lists. - Added: apg (Automated Password generator) useful to create passwords & hashes. - Changed in specfile: Siteadmin initiator is not created in %postin script anymore. From now on this is done by local config scripts. - Fixed eimcleanup: handle multiple OS releases, use groups file from release directory. - Fixed eimsiteadminmenu: remember last menu entry. - imagemed-base service script will call localconf_wrapper to do the job - instead of using bash libraries and doing itself. - Fixed 'get_meduser_env' function and caller functions: load specified variables from medsrv's setenv.sh only. - Do chmod in 'prepare_meduser_env' (called from medinit) more specificly:: skip potentially large directories. - Fixed 'image' (maintance) user creatin and group assignment. - Use 'assorted' config files to store collected infos: This makes saved data by TUI tools not conflict. - Added/fixed: offline state in local conf files: offline server does not contact Site Manager. - Added mail subsystem override capability: prevent Site Manager to declare if mail subsystem is allowed or not. - Fixed: sendmail config script handles offline state override value. - Create pbserver-* aliases and redirect to /dev/null if server is mail subsystem is disabled. - Fixed: do not disable vmware-monitor service in 'imagemed-base' service script. - Fixed: openssl server certification (request/issue/placement). - Changed: support company is renamed to support server. - Fixed: flip-flops in syslog config scripts. - Fixed perl 'common' library: resolv references in 'load_setenv' func. - Fixed 'localconf_event' script: split multiple values in localconf script's 'run_as' definition. - Added to 'localconf_event' script: able to disable stderr/stdout from localconf scripts, usage info, parse parameters using 'Getopt::Long' module. - New localconf events: post-rpm-inst, post-server-reg, post-siteman-configure, pre-siteman-configure, post-siteman-query. - Fine tune output of localconf scripts and wrapper. - Extend functionality of SiteMan client: query mail subsystem state, send mail config, send ssl certificate request, query ssl certificate. - Changed in SiteMan client: Temporary disabled verifying HMAC-SHA1 signatures in HTTP headers. - Send registration request over HTTP POST (instead of GET). - SiteMan client is able to register offline, send som configuration data. - Fixed medsrv startup script creation. * Tue Dec 20 2005 Gabor Horvath - Fixed: eimupdate did not handled OS releases * Mon Dec 19 2005 Gabor Horvath - Added sslcert localconf script (was missing) to handle certificate requests. * Tue Dec 13 2005 Gabor Horvath - Init scripts are reorganized: split to libraries, and scripts - Capability to configure, validate, check status of components - Added script to allow event-like runing. - Scripts, specfile, makefile are moved to imagemed-base project. - Added Site Manager client libraries and scripts. * Thu Feb 03 2005 Gabor Horvath - Removed /etc/imagemed-base marker (moved to eimrh-release) - Removed version numbers from source tar.gz file * Mon May 10 2004 Gabor Horvath - Update to Red Hat Enterprise Linux AS 3 - Enabled siteadmin feature - Siteadmin can log in via ssh - Ctrl+Alt+Del is disabled - Handling both cups and LPRng as printing system - Enabled automount dor cdrom and floppy. * Fri Dec 12 2003 Gabor Horvath - Update to Red hat 9.0 - Disabled siteadmin feature * Thu Dec 11 2003 Gabor Horvath - Disabled siteadmin feature * Wed Sep 17 2003 Gabor Horvath - Added v2 eimupdate, eimcleanup scripts - Added eimsiteadminmenu script and configuration - Updated init script with enhanced configuration procedures * Thu Jul 24 2003 Gabor Horvath - Added RSA public keys and install code from medinit (again ;-) * Fri Jul 11 2003 Gabor Horvath - Renamed script + minor fix: autoupdate to eimupdate - Renamed script: rpmcleanup to eimcleanup - Fixed dependecies - Using chkconfig * Mon Feb 24 2003 Gabor Horvath - Removed RSA public keys (moved to medinit package) - Renamed autoupdate and rpmcleanup scripts * Fri Oct 25 2002 Gabor Horvath <@imagemedical.com> - Added new RSA public keys - Update to Red Hat 7.3 - Package renamed to imagemed-base - Added sysinfo.sh,autoupdate.sh,rpmcleanup.pl script - Removed dumpsettings script * Thu Jun 14 2001 Gabor Horvath - Added dumpsettings script - Added administrator public key * Tue Nov 28 2000 Gabor Horvath - Initial release