[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted debian-edu-config 1.448 (source all)

Hash: SHA1

Format: 1.8
Date: Sat, 21 Jan 2012 20:31:28 +0100
Source: debian-edu-config
Binary: debian-edu-config debian-edu-config-gosa-netgroups
Architecture: source all
Version: 1.448
Distribution: unstable
Urgency: low
Maintainer: Debian Edu Developers <debian-edu@lists.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
 debian-edu-config - Configuration files for Skolelinux systems
 debian-edu-config-gosa-netgroups - netgroups plugin for GOsa²
Closes: 653912 655516 656752
 debian-edu-config (1.448) unstable; urgency=low
   [ Petter Reinholdtsen ]
   * Add forgotten script /usr/share/debian-edu-config/tools/pxe-
     add firmware to the binary package.  Make script more robust.
     Thanks to Wolfgang Schweer for discovering the problems and
     proposing fixes.
   * Move the code inserted by cfengine into the network-manager
     dispatcher.d hook into its own file, to avoid upgrade problem.
     The code is used to update the hostname from DNS.  Add code in
     postinst to remove the now obsolete conffile
     /etc/cfengine/debian-edu/cf.network-manager during upgrades.
   * Move pre-pkgsel and finish-install code to adjust tasksel and set
     up network from debian-edu-install to debian-edu-config, to make
     it easier to change the network configuration, avoid problems with
     updating the PXE installation and bringing all related
     configuration into the debian-edu-config package.  Add breaks
     debian-edu-install (<< 1.521) to ensure a new version of the
     debian-edu-install package is used.
   * Make sure finish-install script do not exit too early if the
     entropy gathering job has exited early.
   * Change default gateway from to and update
     DNS A and PTR records to reflect this.
   * Add GOsa netdevices object for the default gateway to make it
     easier to change its DNS entry from GOsa.
   * Enable our menu overrides on standalone installations by adding
     MENUREORDER=true in /etc/debian-edu/config.
   * Extend the dynamic DHCP range on the thin client network from 200-
     253 to 20-243, to handle more thin clients without any
   * Remove redundant and non-changable loopbacknet ipNetwork from
     LDAP.  It is already in /etc/network, and hardwired in the
   * Add empty directory /etc/skel/.local/share in package as a
     workaround for kdelibs bug #655243.
   * Get rid of hardcoded IP addresses in CUPS configuration.  Use @LOCAL
     instead of and tjener instead of, to make it
     easier to change IP setup.
   * Extend the dynamic DHCP range on the backbone network from to  (aka,
     to handle more clients without any changes to the configuration.
     This allow around 4k clients to get IP addresses out of the box.
   * Add new netgroup cups-queue-autoreenable-hosts used to re-enable
     stopped CUPS print queues every hour for the members of that
     group.  Uses new tool cups-queue-autoreenable.  Make tjener a
     member by default.
   * Add new netgroup cups-queue-autoflush-hosts used to get CUPS
     servers to flush the queue every night.  Uses new tool
     cups-queue-autoflush to call 'cancel -a'.  Enable this on the
     Main-server by default.
   * Purge network-manager in the LTSP chroot, now that bug
     #592479 is fixed.
   * Updated sitesummary2ldapdhcp:
     - Use the new LDAP subtree for DHCP objects.  Report error and
       continue when failing to create DHCP object.  Teach it to create
       GOsa server objects for new hosts.
     - Adjust it to search for its LDAP administrator objects instead
       of hardcoding the DN, and allow any admin user to be used.
     - Change it to only update by default, and to add new server
       objects when -a is used.
   * Add nb translation for the gosa-netgroups module.
   * Network blocking / exam mode:
     - Rewrite debian-edu-update-netblock to set new rules using
       iptables-restore to do this as an atomic operation to get it
       working on LTSP clients.
     - Add netgroup netblock-hosts in LDAP to list machines that should
       activate the network blocking and file group nonetblk used by
       debian-edu-update-netblock to exclude selected users from
       network blocking.
     - Add cron job to consult LDAP every 5 minutes to see if network
       blocking should be enabled or not.
     - Add /sbin to PATH in debian-edu-update-netblock to get the
       script working from cron.
     - Allow system users nslcd, openldap, xrdp, www-data, avahi,
       dovecot, statd and daemon full Internet access also when network
       blocking is in effect, to make sure system services keep working
       as they should.
   * Add --previous to msgmerge call in www/Makefile to keep previous
     strings when updating tranlations.  Patch from David Prévot.
   * Rewrite build rule for the welcome page to use po4a
     (Closes: #655516).  Patch from David Prévot.
   * Remove obsolete script /usr/share/debian-edu-config/tools/ldap-users.pl.
   * Make sure all sambaSIDs are bootstrapped using $SAMBASID and fix
     typo causing duplicate sambaSid.
   * Add backup testsuite test to detect bug #626884.
   * Remove closing of file descriptors when starting bind from
     ldap-debian-edu-install which was introduced to try to solve the
     problem before we understood the entropy hang.
   * Adjust www/index.html.en to become valid XHTML.  Patch from
     David Prévot.
   * Migrate 'localadmin' user from /etc/passwd to the first LDAP user.
     Make first LDAP user a member of the teachers group to enable the
     KDE menu overrides.  If user-setup-udeb ask for information on the
     first user on the Main-Server installs, use this information when
     setting it up the first LDAP user instead of using 'localadmin' as
     the username.
   * Add new pwdchange.desktop KDE menu option for networked profiles
     to make it easier for users to figure out where to change the
     password (Closes: #653912).  Include many translations for the
     password changing menu entry using patch from Wolfgang Schweer.
   * Add workaround for #656309 in libpam-krb5 by replacing
     /usr/share/pam-configs/krb5 with our own version, to get passwd
     and all tools using it to change the kerberos password.  Using PAM
     to change the password do not change the LDAP and Samba passwords,
     and should in general be avoided.  Call 'pam-auth-update
     --package' after updating /usr/share/pam-configs/ to activate the
   * Remove the ldap-auth group intended to force users to authenticate
     using Kerberos.  It is not used yet, and probably can't be used
     for its intended purpose for Squeeze as GOsa uses LDAP bind to
     authenticate users.
   * Remove now obsolete traces of super-admin user.
   [ Mike Gabriel ]
   * Additionally to the README.unused-ldifs file all LDAP bootstrap files
     that are not used in D-E squeeze anymore are marked as obsolete in their
     file header.
   * Remove obsolete ldif files (files not LDAP-bootstrapped anymore on main
     server installation) during package upgrades.
   * Add global GOsa² ACL to LDAP's BaseDN that disables
     to manipulate gotoMode, userPassword and faiState via
     GOsa². Consequences: (a) The Mode and the Actions drop-down
     menus become inactive (read-only) for server systems. (b) Setting
     of root accounts on server's gets disabled. (c) FAI is not in use
     on a D-E network by default. All three functionalities
     are broken with the D-E version of GOsa² (2.6.11), so it is better
     to disable those options.
   * A host within a netgroup should always be represented by two
     nisNetgroupTriple values, one for (<hostname>,,), one for
     (<fqdn>,,), as different netgroup clients handle these differently.
     The GOsa² netgroups plugin also supports this. Fixing this for the
     netgroups in LDAP bootstrap.
   * Add main-server (aka tjener) to fsautoresize-hosts netgroup during
     LDAP bootstrap to enable automatic LVM file system resizing by
   * Set minimum password length to 5 characters (GOsa², Kerberos via
     policy).  For Samba the default is 5, libpam-krb5 also uses 5 by
   * Replace super-admin DN by administrative group DN gosa-admins.
     Add initial user to this gosa-admins group.
   * Add Kerberos policy ,,hosts'' on main server installation.
   * Add gosa-create-host script as possible post-create hook for
     GOsa² system creation (not activated in GOsa² yet).
   * Translation updates:
     - Updates for Italian debconf templates from Claudio Carboncini.
     - Updates for French web page from David Prévot.
     - Updates for Russian web page from Yuri Kozlov (Closes: #656752).
 be4f27b3c20ed1729d338c018b0033c07ccb4bf4 1447 debian-edu-config_1.448.dsc
 4835cbe78413ed6fe7d63da8295d37f10030ece2 492738 debian-edu-config_1.448.tar.gz
 7d7d1eb2a785901bcae4053662f192ca84ed1475 381242 debian-edu-config_1.448_all.deb
 cf62174fa5f6048c16482a834ba41293ddac8dc8 109180 debian-edu-config-gosa-netgroups_1.448_all.deb
 6dfc38ab449b3efed917614cda257acf209e8aadc05bb64a17a60272eec974d4 1447 debian-edu-config_1.448.dsc
 0283eb9175ae98a2acd4116132cc38b2b6c07a5e9fb726693a80551a8d92632a 492738 debian-edu-config_1.448.tar.gz
 492cad00306f1e21dff61dbee333b905569247bd21eb7733b08557a73bf61141 381242 debian-edu-config_1.448_all.deb
 eaa7f45707fdac27d7b6b7e1be33f1542f3044598e7b1090648c353a1fc9a0f9 109180 debian-edu-config-gosa-netgroups_1.448_all.deb
 85c3388216ffb8528549ebfa631109f8 1447 misc extra debian-edu-config_1.448.dsc
 592947589813cd81f72c743ba3f35a5a 492738 misc extra debian-edu-config_1.448.tar.gz
 778e379660e8c6c1b7aaace3cedc01a8 381242 misc extra debian-edu-config_1.448_all.deb
 9854ed08db59e2f32c9f81a36fe1198c 109180 misc extra debian-edu-config-gosa-netgroups_1.448_all.deb

Version: GnuPG v1.4.10 (GNU/Linux)


  to main/d/debian-edu-config/debian-edu-config-gosa-netgroups_1.448_all.deb
  to main/d/debian-edu-config/debian-edu-config_1.448.dsc
  to main/d/debian-edu-config/debian-edu-config_1.448.tar.gz
  to main/d/debian-edu-config/debian-edu-config_1.448_all.deb

Reply to: