freeVSD-1.4.10-1 NEWS Copyright (c) 1999-2001 Idaya Ltd. All rights reserved. This document provides a brief description of the new fetures introduced into freeVSD with each release. Version 1.4.10 - released 11 September 2001 =========================================== * Secure SSL encryption/authentication of all communication by default. * Improved installation/upgrade support. automated upgrade of existing software installations. automated diskquota installation configuration. automated iptables installation configuration. automated BIND installation configuration. * Fully virtualised Certificate Authority management. * RedHat Linux 7.1 pre-built skel. Version 1.4.9 - released 2 July 2001 ==================================== * Support for domain-based delegation of control and unlimited virtual mail accounts * mod_vd (VSD delegated domain manipulation) * mod_vuser (VSD virtual user manipulation) * Allow users to be locked/unlocked. * Add support for changing the default timezone of a virtual server. * Add support for remote administration of .htaccess files. * Includes Popauthd, POP before SMTP authentication, which allows "roaming users" access to sendmail whilst not on your local network. * Upgraded addon packages: vm-pop3d - virtual POP3 mail daemon, works alongside mod_vuser (and mod_vd) to allow virtual users. Version 1.4.8 - released 16 May 2001 ==================================== * Multiple skel support * vsd-linkvs.pl * mod_part (VSD partition specific configuration manipulation) * Improved OpenSSL support and certificate handling * mod_ca (VSD Certificate Authority manipulation) * PAM based privileges * Upgraded addon packages * New 'self-hosting' server management available. Version 1.4.7 - released 2 April 2001 ===================================== * Full mod_bind support * Sendmail bug fixes Version 1.4.6 - released 28 February 2001 ========================================= * xinetd support. * Red Hat 7.0 RPMs available. * Documentation changes: extensive documentation improvements. rewritten FAQ. * NEW vsd-refreshskel.pl script that automates skel upgrades. * Stand-alone port redirection tool, vsdredirect. * File ownership and skel generation corrections. * Hooks provided for forthcoming mod_bind support. Version 1.4.5 - released 16 November 2000 ========================================= * OpenSSL Support! - see security.txt. * Tweak various scripts so that freeVSD can install without error out-of-the-box on RedHat Linux 6.1 and 6.2. * Cleaner division of generic and os specific installation files. * Documentation changes: restructured documentation added a FAQ extend security.txt to discuss OpenSSL support * Introduced vsdredirect port redirection support as virtual web servers still listen on port 8080 - see security.txt. * Add utility scripts to assist in installation/uninstallation and establishing framework for SSL support. * Placed virtual servers /var under root ownership * Now uses a `virtuald' wrapper rather than hacking inetd. Therefore the vsd-inetd package is no longer required. * Merge /etc/httpd.conf and /etc/httpd/conf/httpd.conf in VS config. Version 1.4.4 - released 10 August 2000 ======================================= * /dev/urandom was missing from the VS and /home/httpd was being hard linked. * libvsd: Several memory leaks and stability issues were fixed. This will improve the stability of vsd-inetd and vsd where IP aliases are used on a VS. * libvsd: A non-terminating loop caused groupmod to use all available memory. * vsd: Added command line arguments. Protocol can be logged to syslog. * vsboot: Fix problems starting/stopping VSes with IP aliases. Fix the --bind option. * vsd: Safeguards and improvements to mod_sendmail and mod_apache. This should reduce the likelihood of data loss and catch many more user input errors. * vsd: Ability to manage VS IP aliases from the command line. Version 1.4.3 - released 18 July 2000 ===================================== * Split RPM binary distribution into two - one is the freeVSD binaries and the other is the third party packages. * Bug fix: Adding more than one virtual server would corrupt the IP address entries in vsd.conf. * Minor code changes to support the Alpha. * Stop setquota and quotastats failing when there is no /etc/vsd/quota. * Be more careful when creating user home directories. Don't allow them to be created anywhere. This is a security fix. * Prevent users from overriding quota restrictions by setting their quota limits below current usage. * mkdir -p was creating parent directories with root ownership. Version 1.4.2 - released 28 June 2000 ===================================== * Documentation updates. * Removed the web-based control centre. * Fixed an installation bug that caused useradd, usermod, userdel, groupadd, groupmod, groupdel, setrights and rebootvs to have the wrong file mode. Version 1.4.1 - released 21 June 2000, withdrawn 22 June 2000 ============================================================= [ Because of the large structural changes that have come about with this release, users wishing to upgrade from earlier VSD releases should perform the exercise with some caution. ] * Installation scripts have been re-written (again). Some effort has been made towards making the installation as easy as typing ./configure; make; make install Files and binaries are automatically installed into the correct place - VSD no longer references it's own source tree after installation. * Configuration scripts have been fixed to work with autoconf 2.14 rather than a CVS snapshot. * VSD can now be installed from RPMs. The third-party packages that originally needed to be hand-patched are now also distributed in binary and source RPM form. * Several bug and security fixes for the virtual server admin commands: setrights, listrights, groupadd, groupdel, groupmod, useradd, userdel and usermod. Additionally quotastats, setquota and rebootvs are new binaries that work directly in the virtual server without the need to connect to `vsd' to perform their work (this fixes a major security hole - see doc/security.txt for the reason why). * Due to the above change, vsclients is no longer required. webclients and webadmclients have now been integrated into one application, namely vsdadm. The functionality remains the same but vsdadm provides all the commands that were previously available in one binary. * libvsd installs as a standard library, libvsd.a and with a header file libvsd.h. This was required in order to build RPM binary packages of third party apps. patched for VSD. * An example site-configuration has been supplied. This adds the necessary configuration files to add a web server to the virtual server. The web server has been configured to run as user `web' and listen on ports 8080 and 8443 (see doc/security.txt for the reason why). * Documentation updates Version 1.4.0 - released 28 January 2000 ======================================== * The installation scripts have been reworked to properly create virtual servers based on RedHat Linux and make it simplier to add other distributions in the future. * Minor bugs in passwd and virtual servers with IP aliases have been fixed. * Documentation improvements * A web-based control centre is now included in this distribution. Version 1.3.2 - released 19 January 2000 ======================================== * Several errors were found in the scripts that create virtual servers * Several bugs in VSD and libvsd have been corrected. * Patches for qpopper-3.0b28 Version 1.3.1 - released 22 December 1999 ========================================= * Documentation updates * Minor bug fixes. * Add missing program `usermod'. Version 1.3.0 - released 16 December 1999 ========================================= * Support for multiple disks * Fix bug that prevented anonymous FTP * Removed DSVR specific scripts from the main distribution. * Added a set of basic cgi scripts for implementing a counter and sending mail from data input into a form. * Virtual server initialisation scripts have been made FreeBSD style. These are much simpler to configure. * New program `bevs'. Allows an unprivileged user to take on the persona of a virtual server. * freeVSD now compiles on FreeBSD, however it doesn't run yet. * New program `vsboot'. Controls the startup and shutdown of all virtual servers. * Modularised quota and virtual server control functions of the virtual server daemon. * Virtual server crontab simplified. * Scripts have been re-structured in an attempt to make them less operating system specific. * Source now released under the GNU General Public License. * Build environment simplified and streamlined. * Documentation improvements, including protocol description. Version 1.2.3 - released 18 June 1999 ===================================== * Minor bug fixess Version 1.2.2 - released 11 June 1999 ===================================== * Source tree changes. GNU libtool support removed as libvsd is no longer built as a shared library. * Support added for targetting different operating systems. * User privileges are now deleted when the user is deleted, and renamed when the user is renamed. Version 1.2.1 - released 10 June 1999 ===================================== * The chrtftp VSD user right is now implemented as a VSD privilege. This is to workaround a problem with DefaultRoot in ProFTPD that works on groups rather than users. Version 1.2.0 - released 08 June 1999 ===================================== * ProFTPD is now the standard ftp daemon for the virtual servers. This is easier to configure and can be integrated into VSD. * Added support for plug-in modules for VSD. * The first module for VSD is mod_webdns - a web based interface to name server zone files. * The source tree has been reorganised and the build environment is now through GNU autoconf, GNU automake and GNU libtool. * Upgraded procps to 2.0.2. * The skel has been relocated outside of the source tree. * The `su' command has been modified to allow the admin user of a virtual server to set user to another user on the account without entering a password. * The `killall' command now only kills processes that exist on the virtual server. If run as the `admin' user it will kill any process on the virtual server. Version 1.1.1 - released 26 May 1999 ==================================== * Prevent qpopper failing when /etc/mail/ip_allow is unwritable. * New users are initially assigned a quota of 10K to overcome the default of unlimited storage. * Many bugs have been fixed. * The users and groups of the virtual server are no longer stored in the passwd and group files of the host server. * Security fix: /etc/group and /etc/passwd are now owned root.root to stop a possible attack where the admin user could edit the root user's passwd entry and gain superuser access. Version 1.1.0 - released 12 May 1999 ==================================== * User privileges `mail', `ftp' and `login' are no longer implemented by making users members of groups `mail-users', `ftp-users' and `login-users'. Instead the file /etc/vsd/priv will store the priviledge settings, which should clear up a security problem where the `admin' user could hand edit /etc/group and make any members a member of any group. This also gets around a UNIX 32 user limit for groups. * Support for manipulating Sendmail's /etc/virtusertable has been added to vsd. * Added support for manipulating VirtualHost directives in Apache's httpd.conf. * With the help of a cron job `accounts-batch.cron' it is now possible to create and delete virtual server accounts using vsd. There is no longer the requirement to specify a starting uid as this is now calculated. * The virtual server commands `startvs' and `stopvs' have been obsoleted and are replaced by `rebootvs'. It is unlikely that a user would wish to just stop the services on his virtual server and never bother to start them again. * Accounts can be disabled and enabled through vsd. * Many security fixes in the skel have been made. * The perl5 libraries are no longer stored in the skel. This allows the admin user of a virtual server full control over what perl modules he wishes to install. * Compatibility with Microsoft Frontpage has been fixed. The frontpage files have been relocated from /home/httpd/frontpage to /home/frontpage. The Apache suexec wrapper has been modified to allow `fpexe' to run. * Basic support for GNU autoconf has been added. It currently only creates config.h. The Makefile has yet to be written. * The GLIBC gethostname hack has been superseeded by a fix to uname. This improves transparent support for virtual servers for any programs that may try and retrieve the hostname from the uname system call. As a result, the GNU `uname' program fix is no longer required. * Virtual servers now correctly shutdown when the host server is sent down for reboot. * Fixed a problem where virtual server services would not start after a system crash. * Two new scripts `make-gvm-tar.sh' and `migrate-server.awk' make it easier to convert a virtual server from Coconut's GVM to VSD. * A PHP3 web frontend to a MySQL database is packaged in /contrib. * The inetutils POP3 daemon has been replaced by the much better Qualcomm qpopper. * Apache, MySQL and PHP3 re-built for dynamic shared object support. This should produce some significant memory savings when many web servers are running. Version 1.0.0 - released 24 March 1999 ====================================== * Initial release