* Fri Jan 03 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-21.sme

- improve support of systemd service with instance service@instance.service [SME: 12859]
* Thu Jan 02 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-20.sme
2025-01-03 01:54:02 -05:00 · 2025-01-02 00:36:45 -05:00 · 2024-12-31 03:29:03 -05:00 · 2024-12-23 07:08:37 -05:00 · 2024-12-23 01:05:02 -05:00 · 2024-12-23 00:54:54 -05:00
20 changed files with 111 additions and 16 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
 *spec-20*
 *.tar.xz
 *.bak
+*gz
--- a/root/etc/e-smith/db/accounts/defaults/Primary/SSLRequireSSL
+++ b/root/etc/e-smith/db/accounts/defaults/Primary/SSLRequireSSL
@@ -0,0 +1 @@
+enabled
--- a/root/etc/e-smith/db/accounts/defaults/primary/type
+++ b/root/etc/e-smith/db/accounts/defaults/primary/type
@@ -1 +0,0 @@
-system
--- a/root/etc/e-smith/db/accounts/migrate/10primary
+++ b/root/etc/e-smith/db/accounts/migrate/10primary
@@ -0,0 +1,10 @@
+{
+    # Delete any pre-existing primary=system record (all lower case)
+    my $p = $DB->get('primary');
+    return unless defined $p;
+
+    my $type = $p->prop('type');
+    return unless defined $type;
+
+    $p->delete if $type eq 'system';
+}
--- a/root/etc/e-smith/events/actions/group-create-unix
+++ b/root/etc/e-smith/events/actions/group-create-unix
@@ -137,7 +137,9 @@ foreach my $member (@groupMembers)
    # new group to the list. Finally sort, join and run the usermod
    # function to update the group list for this member.

-    my $cmd = "/usr/bin/id -G -n '$member'";
+    #my $cmd = "/usr/bin/id -G -n '$member'";
+    # this will not fail in case of apache aliase before www in passwd
+    my $cmd = "/usr/bin/groups '$member' 2>/dev/null | cut -d' ' -f3- ";
    my $groups = `$cmd 2>/dev/null`; 
    if ($? != 0)
    {
--- a/root/etc/e-smith/events/actions/group-delete-unix
+++ b/root/etc/e-smith/events/actions/group-delete-unix
@@ -60,6 +60,6 @@ $result = $ldap->ldapdelgroup($groupName);
 $result && ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to delete (ldap) group $groupName.\n" );

 # delete mail spool file
-unless ($x == 255) { (if -e "/var/spool/mail/$groupName" ) {unlink("/var/spool/mail/$groupName") or ( $x = 255, warn "Failed to delete /var/spool/mail/$groupName.\n" );} }
+unless ($x == 255) { if ( -e "/var/spool/mail/$groupName" ) {unlink("/var/spool/mail/$groupName") or ( $x = 255, warn "Failed to delete /var/spool/mail/$groupName.\n" );} }

 exit ($x);
--- a/root/etc/e-smith/events/actions/group-modify-unix
+++ b/root/etc/e-smith/events/actions/group-modify-unix
@@ -131,22 +131,22 @@ foreach my $group (@groups)
 	# Get the supplementary group list for the member we are adding or
 	# deleting.
 	#my $cmd = "/usr/bin/id -G -n '$member'";
-  # this will not fail in case of apache before www in passwd
-  my $cmd = "/usr/bin/groups '$member'"; 
+	# this will not fail in case of apache before www in passwd
+	my $cmd = "/usr/bin/groups '$member' 2>/dev/null | cut -d' ' -f3- "; 
 	my $groups = `$cmd 2>/dev/null`; 
 	if ($? != 0)
 	{
 	    die "Failed to get supplementary group list for $member.\n";
 	}
-  $groups =~ s/^.*:\s+//;
+	$groups =~ s/^.*:\s+//;
 	chomp ($groups);

 	my @groupList = split (/\s+/, $groups);
 	@groupList = grep (!/^$member$/, @groupList);
 	# Apache is an alias for www
 	@groupList = map { $_ =~ s/^apache$/www/g; $_ } @groupList;
-  # www needs to be in shared
-  push(@groupList,'shared') if ( ($member eq 'www') and (! grep{$_ eq 'shared'} @groupList));
+	# www needs to be in shared
+	push(@groupList,'shared') if ( ($member eq 'www') and (! grep{$_ eq 'shared'} @groupList));

 	if ($oldMembers{$member})
 	{
--- a/root/etc/e-smith/events/actions/set-gateway-ip
+++ b/root/etc/e-smith/events/actions/set-gateway-ip
@@ -34,7 +34,7 @@
 # remote_ip = $6
 # ipparam = $7

-if [ "$7" = "diald" ]
+if [ "$7" = "diald" ] || [ "$7" = "wan" ]
 then
    exec /sbin/e-smith/config set GatewayIP "$6"
 fi
--- a/root/etc/e-smith/events/actions/systemd-default
+++ b/root/etc/e-smith/events/actions/systemd-default
@@ -54,7 +54,9 @@ if (!symlink($old_qfn, $new_qfn)) {

 # we let the dedicated systemd command tryin to do what we will do later in this script
 # as up to systemd 236 it is bugged see:
-#  https://github.com/systemd/systemd/pull/7158 and https://github.com/systemd/systemd/pull/7289
+#  https://github.com/systemd/systemd/pull/7158 : systemctl: respect [Install] section in drop-ins: should be fixed in SME 12 (239)
+#  https://github.com/systemd/systemd/issues/9477 : aliases; open
+#  https://github.com/systemd/systemd/pull/9901 allow instantiated units to be enabled via presets v240
 system("/usr/bin/systemctl  preset-all");
 # in case preset-all messed up  with our default target
 system("/usr/bin/systemctl  set-default sme-server.target");
@@ -101,10 +103,11 @@ foreach my $filen (reverse sort keys %files) {
 	    my $service=$2;
 	    my $stats=$1;
 #	    print $_ ."\n"; 
-	    #ignore service that does not exists !
+	    # ignore service that does not exists !
+	    # here we are searching for service@instance.service type
 	    my $multiple = $service;
 	    ($multiple = $service ) =~ s/([a-zA-Z0-9\-_.]+@)(.*)/$1.service/ if ( $service =~ /@/ );
-	    #print "$stats $service $multiple\n";
+	    #print "$stats $service $multiple\n" if $service ne $multiple;
 	    next unless ( -e "/usr/lib/systemd/system/$service" or -e "/etc/systemd/system/$service" or -e "/usr/lib/systemd/system/$multiple");
 	    # eliminate duplicates, this way we keep only the last entry of the lowest file as we do it in reverse order of file,
 	    # but from top to bottom of file.
@@ -117,7 +120,7 @@ foreach my $filen (reverse sort keys %files) {
 		#print "want $service \n";
            }
            else {
-                my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service*  /etc/systemd/system/$service* -rsh` ;
+                my $wanted = `grep -P '^WantedBy=.*sme-server.target' /usr/lib/systemd/system/$service*  /etc/systemd/system/$service* /usr/lib/systemd/system/$multiple* /etc/systemd/system/$multiple* -rsh` ;
                chomp $wanted;
 		$wantedBy{$service}=1 unless ( $wanted eq "");
 		#print "want $service \n" unless ( $wanted eq "") ;
--- a/root/etc/e-smith/events/actions/update-ifcfg
+++ b/root/etc/e-smith/events/actions/update-ifcfg
@@ -18,6 +18,15 @@ if (($c->get('EthernetDriver1')->value || 'unknown') eq 'dummy'){
 if (($c->get('InternalInterface')->prop('NICBonding') || 'disabled') eq 'enabled'){
  push @adapters, "bond\tbond\t10:00:01:02:03:04\tBonding virtual Interface\tbond0";
 }
+# if external VLAN is configured
+if (($c->get('ExternalInterface')->prop('VLAN') || 'disabled') ne 'disabled'){
+  my $name= ($c->get('ExternalInterface')->prop('Name') eq "ppp0") ? $c->get('pppoe')->prop('PhysicalInterface')  : $c->get('ExternalInterface')->prop('Name') ;
+  my $vlan=$c->get('ExternalInterface')->prop('VLAN');
+  $name=~ s/\.$vlan$//;
+  my ($newl) = grep ( /$name$/ , @adapters);
+  push @adapters, "$newl.$vlan";
+}
+#TODO if external virtual lan is configured

 # Expand templates for every adapters found
 foreach my $adapter (@adapters){
--- a/root/etc/e-smith/templates/etc/rc.d/init.d/masq/29PPPOEclampMSS
+++ b/root/etc/e-smith/templates/etc/rc.d/init.d/masq/29PPPOEclampMSS
@@ -0,0 +1,3 @@
+# PPPOE needs this if using kernel space with rp-pppoe.se plugin
+/sbin/iptables -t mangle -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
+
--- a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20LINUX_PLUGIN
+++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/chat-ppp0/20LINUX_PLUGIN
@@ -0,0 +1 @@
+LINUX_PLUGIN=/usr/lib64/pppd/2.4.5/rp-pppoe.so
--- a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/01setupvlan
+++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/01setupvlan
@@ -0,0 +1,10 @@
+{
+    $is_vlan = "no";
+    if ( ( exists $ExternalInterface{VLAN} && $ExternalInterface{VLAN} =~ /^\d+$/ ) && ($is_external || ( $ExternalInterface{Configuration} eq "pppoe") && $pppoe{PhysicalInterface}  eq $THIS_DEVICE ) )
+    {
+	$ifup_this_device = "yes";
+        $is_vlan = "yes";
+    }
+
+    "";
+}
--- a/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/75vlan
+++ b/root/etc/e-smith/templates/etc/sysconfig/network-scripts/ifcfg-ethX/75vlan
@@ -0,0 +1,4 @@
+{
+  return unless ($is_vlan eq  "yes");
+  $OUT = "VLAN=yes\n";
+}
--- a/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/plugin
+++ b/root/etc/e-smith/templates/var/service/wan/pppoe.pppd.conf/plugin
@@ -0,0 +1 @@
+plugin /usr/lib64/pppd/2.4.5/rp-pppoe.so
--- a/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device_more
+++ b/root/etc/e-smith/templates/var/service/wan/run.pppoe.conf/device_more
@@ -0,0 +1,2 @@
+# add pppoe module
+/sbin/modprobe pppoe
--- a/root/etc/modules-load.d/vlan.conf
+++ b/root/etc/modules-load.d/vlan.conf
@@ -0,0 +1 @@
+8021q
--- a/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
+++ b/root/usr/share/perl5/vendor_perl/esmith/console/configure.pm
@@ -559,9 +559,37 @@ ETHERNET_EXTERNAL:
        goto ETHERNET_EXTERNAL;
    }

+    goto ETHERNET_EXTERNAL_VLAN;# was SERVER_GATEWAY_DEDICATED;
+}
+#------------------------------------------------------------
+ETHERNET_EXTERNAL_VLAN:
+#------------------------------------------------------------
+{
+    ($rc, $choice) = $console->input_page
+        (
+         title  => gettext("Select External Interface VLAN"),
+         text   =>
+         gettext("Your ISP might have provided you a VLAN to use, if not leave empty."),
+         value   => $db->get_prop('ExternalInterface', 'VLAN') || ""
+        );
+
+    goto ETHERNET_EXTERNAL unless ($rc == 0);
+    # sanitize if a previous VLAN is present
+    my $extIF = $db->get_prop('ExternalInterface', 'Name');
+    $extIF =~  s/\.\d+$//;
+    if ( $choice =~ /^\d+$/ ) 
+    {
+       $db->set_prop('ExternalInterface', 'VLAN', $choice );
+       $db->set_prop('ExternalInterface', 'Name',  $extIF . ".$choice") unless $db->get_prop('ExternalInterface', 'Name') =~ /\.$choice$/; 
+    }
+    else 
+    {
+       $db->delete_prop('ExternalInterface', 'VLAN');
+       $db->set_prop('ExternalInterface', 'Name',$extIF);
+    }
+    
    goto SERVER_GATEWAY_DEDICATED;
 }
-
 #------------------------------------------------------------
 SERVER_GATEWAY_DEDICATED:
 #------------------------------------------------------------
--- a/root/var/service/wan/run.pppoe
+++ b/root/var/service/wan/run.pppoe
@@ -29,4 +29,4 @@ exec \
    /usr/local/bin/softlimit -m $PPPD_MLIMIT \
    /usr/bin/setsid \
    /usr/sbin/pppd ${extaddr:+$extaddr:} \
-    file pppoe.pppd.conf
+    file pppoe.pppd.conf ${interface}
--- a/smeserver-base.spec
+++ b/smeserver-base.spec
@@ -4,7 +4,7 @@ Summary: smeserver server and gateway - base module
 %define name smeserver-base
 Name: %{name}
 %define version 11.0.0
-%define release 15
+%define release 21
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -184,6 +184,26 @@ fi


 %changelog
+* Fri Jan 03 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-21.sme
+- improve support of  systemd service with instance service@instance.service [SME: 12859]
+
+* Thu Jan 02 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-20.sme
+- Primary default to SSL required and redirect [SME: 12858]
+- cleanup remove primary=system [SME: 8268]
+
+* Tue Dec 31 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-19.sme
+- fix www removed from shared on group creation [SME: 12848]
+
+* Mon Dec 23 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-18.sme
+- add vlan support on External Interface [SME: 12677]
+- fix typo [SME: 12763] 
+
+* Mon Dec 23 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-16.sme
+-  add kernel module support for rp-pppoe plugin [SME: 12678]
+   will allow faster fiber connexion when using multiple queue interface (RSS)
+   set-gateway-ip will propagate both wan and diald ip
+   run.pppoe call an interface
+
 * Sat Dec 21 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-15.sme
 - fix use of passwd command when ldap auth enabled [SME: 6453]
 - delete spool file only if exists to avoid error [SME: 12763]
Author	SHA1	Message	Date
Jean-Philippe Pialasse	e4b308e422	* Fri Jan 03 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-21.sme - improve support of systemd service with instance service@instance.service [SME: 12859]	2025-01-03 01:54:02 -05:00
Jean-Philippe Pialasse	5c4bf19137	* Thu Jan 02 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-20.sme - Primary default to SSL required and redirect [SME: 12858] - cleanup remove primary=system [SME: 8268]	2025-01-02 00:36:45 -05:00
Jean-Philippe Pialasse	5b938b2987	* Tue Dec 31 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-19.sme - fix www removed from shared on group creation [SME: 12848]	2024-12-31 03:29:03 -05:00
Jean-Philippe Pialasse	3e5231bf84	* Mon Dec 23 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-18.sme - add vlan support on External Interface [SME: 12677] - fix typo [SME: 12763]	2024-12-23 07:08:37 -05:00
Jean-Philippe Pialasse	6547750d1e	* Mon Dec 23 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-17.sme - add vlan support on External Interface [SME: 12677]	2024-12-23 01:05:02 -05:00
Jean-Philippe Pialasse	e3e3f2a823	* Mon Dec 23 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-16.sme - add kernel module support for rp-pppoe plugin [SME: 12678] will allow faster fiber connexion when using multiple queue interface (RSS) set-gateway-ip will propagate both wan and diald ip run.pppoe call an interface	2024-12-23 00:54:54 -05:00
				`@@ -0,0 +1 @@`
				`LINUX_PLUGIN=/usr/lib64/pppd/2.4.5/rp-pppoe.so`