* Tue Mar 04 2025 Brian Read <brianr@koozali.org> 11.0.0-62.sme

- Update .lex files to conform to standard english punctuation  [SME: 11809]

root/usr/share/smanager/lib/SrvMngr/Controller/Backup.pm

@@ -32,10 +32,10 @@ use esmith::util;
 use esmith::lockfile;
 use esmith::BlockDevices;
 use constant DEBUG => $ENV{MOJO_SMANAGER_DEBUG} || 0;
-our $cdb = esmith::ConfigDB->open   || die "Couldn't open config db";
-our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
-our $rdb = esmith::ConfigDB->open('/etc/e-smith/restore')
-    || die "Couldn't open restore db";
+#our $cdb = esmith::ConfigDB->open   || die "Couldn't open config db"; #remove as cached gives problems
+#our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
+#our $rdb = esmith::ConfigDB->open('/etc/e-smith/restore') || die "Couldn't open restore db";
+my ($cdb,$adb,$rdb);
 my $es_backup = new esmith::Backup or die "Couldn't create Backup object\n";
 my @directories = $es_backup->restore_list;
 @directories = grep { -e "/$_" } @directories;
@@ -52,6 +52,9 @@ sub main {
     my $c = shift;
     $c->app->log->info($c->log_req);
     my %bac_datas = ();
+	$cdb = esmith::ConfigDB->open   || die "Couldn't open config db";
+	$adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
+	$rdb = esmith::ConfigDB->open('/etc/e-smith/restore');
     my $title     = $c->l('bac_BACKUP_TITLE');
     my $notif;
     $bac_datas{'function'} = 'desktop_backup';
@@ -108,6 +111,9 @@ sub do_display {
     my $rt = $c->current_route;
     my ($res, $result) = '';
     my $function = $c->param('Function');
+	$cdb = esmith::ConfigDB->open   || die "Couldn't open config db";
+	$adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
+	$rdb = esmith::ConfigDB->open('/etc/e-smith/restore');
 
     if ($function =~ /^(\S+)$/) {
         $function = $1;
@@ -129,7 +135,11 @@ sub do_display {
         $c->stash(compressionlevel => $CompressionLevel, exclude => \@exclude, directories => \@directories);
 
         # streaming download in template
-        return $c->render("/backdown");
+        $c->render(template=>"backdown");
+        #sleep(30);
+        # Redirect to the front page
+		#$c->redirect_to('/backup');
+        return ""
     } ## end if ($function eq 'desktop_backup')
 
     if ($function eq 'tape_configure') {
@@ -265,6 +275,9 @@ sub do_update {
     my $c = shift;
     $c->app->log->info($c->log_req);
     my $rt       = $c->current_route;
+	$cdb = esmith::ConfigDB->open   || die "Couldn't open config db";
+	$adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
+	$rdb = esmith::ConfigDB->open('/etc/e-smith/restore');
     my $function = $c->param('Function');
     DEBUG && warn("do_update $function");
     my %bac_datas = ();
@@ -2011,4 +2024,4 @@ sub vmount {
         return (qx(/bin/mount -t nfs -o nolock,timeo=30,retrans=1,retry=0 "$host:/$share" $mountdir 2>&1));
     }
 } ## end sub vmount
-1;
+1;

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Clamav/clamav_en.lex

@@ -2,7 +2,7 @@
 'clm_LABEL_FILESYSTEM_SCAN_PERIOD' => 'Scan filesystem',
 'clm_DESC_FILESYSTEM_SCAN_PERIOD' => '<h2>General Settings</h2>
 If this option is enabled then the filesystem will be 
-scanned for viruses.A report of any found viruses will be
+scanned for viruses. A report of any found viruses will be
 emailed to the administrator.',
 'clm_LABEL_QUARANTINE' => 'Quarantine infected files',
 'clm_LABEL_CLAM_VERSIONS' => 'ClamAV and db versions',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Domains/domains_en.lex

@@ -14,26 +14,26 @@ web site for that domain.',
 i-bay as the content.',
 'dom_DOMAIN_NAME_VALIDATION_ERROR' => 'Error: unexpected or missing characters in domain name
 [_1].The domain name should contain one or more
-letters, numbers, periods and minus signs.Did not create new domain.',
+letters, numbers, periods and minus signs. Did not create new domain.',
 'dom_DOMAIN_DESCRIPTION_VALIDATION_ERROR' => 'Error: unexpected or missing characters in domain description
 [_1]. Did not create new domain.',
-'dom_DOMAIN_IN_USE_ERROR' => 'Error: domain [_1] is already in use.Did not create
+'dom_DOMAIN_IN_USE_ERROR' => 'Error: domain [_1] is already in use. Did not create
 new domain.',
-'dom_SYSTEM_DOMAIN_ERROR' => 'Error: domain [_1] is your system domain name.You
-cannot have a domain with the same name.Did not create new domain.',
+'dom_SYSTEM_DOMAIN_ERROR' => 'Error: domain [_1] is your system domain name. You
+cannot have a domain with the same name. Did not create new domain.',
 'dom_SUCCESSFULLY_CREATED' => 'Successfully created domain [_1].Your web
-server is now being restarted.The links on this page will be
+server is now being restarted. The links on this page will be
 inactive until the web server restart is complete.',
 'dom_MODIFY_TITLE' => 'Modify domain',
 'dom_NONEXISTENT_DOMAIN_ERROR' => 'Error: [_1] is not an existing domain.',
 'dom_SUCCESSFULLY_MODIFIED' => 'Successfully modified domain [_1].Your web
-server is now being restarted.The links on this page will be inactive until the web server restart is complete.',
+server is now being restarted. The links on this page will be inactive until the web server restart is complete.',
 'dom_REMOVE_TITLE' => 'Remove domain',
 'dom_REMOVE_DESCRIPTION' => 'You are about to remove the domain "[_1]" ([_2]).',
 'dom_ABOUT_TO_REMOVE' => 'Are you sure you wish to remove this domain ?',
 'dom_ERROR_WHILE_REMOVING_DOMAIN' => 'Error: internal failure while removing domain [_1].',
 'dom_SUCCESSFULLY_DELETED' => 'Successfully deleted domain [_1]. Your web server
-is now being restarted.The links on this page will be inactive
+is now being restarted. The links on this page will be inactive
 until the web server restart is complete.',
 'dom_DESC_CORPORATE_DNS_CURRENT' => 'Corporate DNS Settings',
 'dom_DOMAINS_PAGE_CORPORATE_DNS' => 'Modify corporate DNS settings',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/General/general_en.lex

@@ -128,7 +128,7 @@
 'FM_IP_NUMBER3' => '[_1] is more than 255',
 'FM_USERNAME' => 'This field must look like a valid username (3 to 8 letters and numbers)',
 'FM_PASSWORD1' => 'You must provide a password.',
-'FM_PASSWORD2' => 'The password you provided was not a good password.A good password must contain all of the following: upper case letter, lower case letter, number, non-alphanumeric character, be at least 7 characters long.',
+'FM_PASSWORD2' => 'The password you provided was not a good password. A good password must contain all of the following: upper case letter, lower case letter, number, non-alphanumeric character, be at least 7 characters long.',
 'FM_MAC_ADDRESS1' => 'You must provide a MAC address.',
 'FM_MAC_ADDRESS2' => 'The MAC address you provided was not valid.',
 'FM_ERR_UNEXPECTED_DESC' => 'Error: unexpected or missing characters in description',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Groups/groups_en.lex

@@ -4,7 +4,7 @@
 'grp_ACCOUNT_CONFLICT' => 'Error: the group "[_1]" can\'t be created because there is
 already a [_2] account of that name.',
 'grp_INVALID_GROUP_DESCRIPTION' => 'Error: unexpected or missing characters in group description',
-'grp_NO_MEMBERS' => 'Error: no members in group.Did not create new group.',
+'grp_NO_MEMBERS' => 'Error: no members in group. Did not create new group.',
 'grp_CREATED_GROUP' => 'Successfully created user group',
 'grp_DELETED_GROUP' => 'Successfully removed user group',
 'grp_MODIFIED_GROUP' => 'Successfully modifed user group',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Hostentries/hostentries_en.lex

@@ -34,17 +34,17 @@ the local network. Please enter a valid IP address in the
 format "aaa.bbb.ccc.ddd".',
 'hos_ETHERNET_ADDRESS_DESCRIPTION' => 'The ethernet address is optional and causes the DHCP server to
 statically bind the local IP address to the computer with this
-ethernet address.If specified, it must be of the form
+ethernet address. If specified, it must be of the form
 "AA:BB:CC:DD:EE:FF" and must contain only the numbers 0-9 and
 the letters A-F.',
 'hos_CREATE_LOCAL_HOST_TITLE' => 'Create a new hostname referring to a local host.',
-'hos_DIDNT_ENTER_LOCAL_IP' => 'Error: You did not specify a Local IP address.IP
+'hos_DIDNT_ENTER_LOCAL_IP' => 'Error: You did not specify a Local IP address. IP
 addresses must contain only numbers and periods and
 be in the form "aaa.bbb.ccc.ddd".Did not create hostname.',
 'hos_IP_VALIDATION_ERROR' => 'Error: IP Address [_1] is
 invalid. IP Addresses must contain only numbers and periodsand be in the form "aaa.bbb.ccc.ddd". Did not create hostname.',
 'hos_MAC_ADDRESS_VALIDATION_ERROR' => 'Error: Ethernet address [_1]
-is invalid.Ethernet addresses must be in the
+is invalid. Ethernet addresses must be in the
 form "AA:BB:CC:DD:EE:FF" and only contain the
 numbers 0-9 and the letters A-F. Did not create
 hostname.',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Pseudonyms/pseudonyms_en.lex

@@ -14,7 +14,7 @@ For example, you may wish to create a pseudonym
 "webmaster" for your "webdevelopers" group or a
 pseudonym "joe" for the user "joseph".</p>
 <p>The server automatically creates pseudonyms of the form
-firstname.lastname and firstname_lastname for every user
+firstname. lastname and firstname_lastname for every user
 on the system and a pseudonym "everyone" which contains
 all users on the system.</p>
 <p>Pseudonyms also allow you to create e-mail aliases for valid

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Remoteaccess/remoteaccess_en.lex

@@ -26,7 +26,9 @@ experienced administrators
 for remote problem diagnosis and resolution. 
 We recommend leaving this
 parameter set to "No Access"
-unless you have a specific reason to do otherwise.',
+unless you have a specific reason to do otherwise.
+Note that an "Autoblock" feature is enabled by default when public access is enabled; to disable or tune this feature, refer to the manual at https://wiki.koozali.org/AutoBlock
+',
 'rma_TITLE_FTP_ACCESS' => 'FTP Settings',
 'rma_DESC_FTP_ACCESS' => 'You can also control <b>FTP</b> access to your server. We
 recommend leaving this parameter set to \'no access\' unless you
@@ -75,11 +77,11 @@ connected to a server serial port.',
 'rma_LABEL_PPTP_ACCESS' => 'PPTP default user access',
 'rma_TITLE_TELNET_ACCESS' => 'Telnet Settings',
 'rma_DESC_TELNET_ACCESS' => 'WARNING:Telnet is currently enabled, but this feature is
-no longer supported.Telnet is inherently insecure and should only
+no longer supported. Telnet is inherently insecure and should only
 be used in circumstances where no practical alternative exists. You
 should change option to [_1] and use
 secure shell if remote access is
-required.Once disabled, telnet will no longer appear on this 
+required. Once disabled, telnet will no longer appear on this 
 screen. ',
 'rma_TITLE_IPSECRW' => 'IPSEC Client (Roadwarrior) Settings',
 'rma_DESC_IPSECRW' => 'You can allow IPSEC client access to your server, authenticated by
@@ -90,4 +92,4 @@ to the number 0 unless you require IPSEC client access.',
 can do so here.<br>Any old certificates will no longer
 authenticate against the server, so <b><i>all IPSEC clients will
 need to import a new certificate!</i></b>.',
-'rma_LABEL_IPSECRW_RESET' => 'Reset digital certificates',
+'rma_LABEL_IPSECRW_RESET' => 'Reset digital certificates',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Review/review_en.lex

@@ -2,7 +2,7 @@
 'rvw_FORM_TITLE' => 'Review configuration',
 'rvw_DESCRIPTION' => 'This report summarizes the networking, server, and domain
 parameters on this server relevant to configuring
-the client computers on your network.You may wish to print this
+the client computers on your network. You may wish to print this
 page and use it as a reference.',
 'rvw_NETWORKING_PARAMS' => 'Networking Parameters',
 'rvw_SERVER_MODE' => 'Server Mode',

root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Viewlogfiles/viewlogfiles_en.lex

@@ -4,7 +4,7 @@
 by the services running on your server.',
 'log_LOG_FILE_SELECT_DESC' => 'Choose a log file to view',
 'log_FILTER_PATTERN_DESC' => 'You may optionally specify a filter pattern to display only the
-lines from the log file which match this pattern.If you leave
+lines from the log file which match this pattern. If you leave
 this field blank, all available lines of the log file will be
 displayed. Note that this option is not used if you download the
 logfile.',

root/usr/share/smanager/themes/default/templates/backdown.html.ep

@@ -16,30 +16,41 @@
     }
 
     my $clvl = $c->stash('compressionlevel');
-    my $cmd = "/bin/tar --directory / --create @{$c->stash('directories')} --file=-"
-        . "@{$c->stash('exclude')} | /usr/bin/gzip $clvl ";
+    my $cmd = "/bin/tar --create --file=- --directory / @{$c->stash('exclude')}  "
+        . "@{$c->stash('directories')} | /usr/bin/gzip $clvl ";
 
     my $success = open my $fh, '-|', $cmd;
-    unless ($success) { return "Error dowload command."; };
- 
-  # Write chunk
-  $c->res->headers->content_type('application/x-tar');
-  $c->res->headers->content_disposition(qq/attachment; filename="smeserver.tgz"/);
-
-  my $cb;
-  $cb = sub {
-    my $c = shift;
-    my $size = 500 * 1024;
-    my $length = sysread($fh, my $buffer, $size);
-    unless ($length) {
-      close $fh;
-      undef $cb;
-      $c->finish;
-      return;
-    }
-    $c->write_chunk($buffer, $cb);
-  };
-  $c->$cb;
+    #unless ($success) { return "Error download command."; };
+    if ($success) {
+		# Try with download plugin - seems to fail to complete download and also 
+		# name of file deposited is not as required.
+		#my $output = do { local $/; <$fh> };
+		#close $fh;
+		#$c->render_file(
+			#data => $output,
+			#filename => 'output.txt',
+			#content_type => 'text/plain'
+		#);
+		# So organise it ourselves.
+		$c->res->headers->content_type('application/x-tar');
+		$c->res->headers->content_disposition(qq/attachment; filename="smeserver.tgz"/);
+		my $cb;
+		$cb = sub {
+		my $c = shift;
+		my $size = 500 * 1024;
+		my $length = sysread($fh, my $buffer, $size);
+		unless ($length) {
+		  close $fh;
+		  undef $cb;
+		  $c->finish;
+		  return;
+		}
+		$c->write_chunk($buffer, $cb);
+		};
+		$c->$cb;
+	} else {
+		$c->render(text => "Failed to execute command: $!", status => 500);
+	}
 
     # Remove the dumped tables.
     $status = system("/sbin/e-smith/signal-event", "post-backup", "desktop");
@@ -53,3 +64,4 @@
     $backup_rec->set_prop('Result', "0");
 
 %>
+1;

root/usr/share/smanager/themes/default/templates/partials/_footer.html.ep

@@ -2,7 +2,7 @@
 <HR class="sme-copyrightbar">
 <a href="https://mojolicious.org" target="_blank"><img src="images/sme-mojo-logo-white.png" style="position:relative;"></a>
 <font class="sme-copyright">
-%	if ( $c->is_logged_in ) {
+%	if ( $c->is_logged_in && $c->is_admin) {
 	SME Server <%= session 'releaseVersion' %>-<%= $c->app->VERSION %> Manager II
 	% my $mode;
 	% if (config->{mode} eq 'development'){ $mode = '-dev';} else { $mode = '';}

root/usr/share/smanager/themes/default/templates/partials/_info.html.ep

@@ -1,3 +1,4 @@
+<%     use POSIX qw(strftime); %>
 <div id="info">
     <% if (! $c->session->{PwdSet} ) { %>
 	<div class="sme-error"><h5>
@@ -13,4 +14,12 @@
         Warning: Development or debug mode enabled AND public access is offered !
         </h5></div>
     <% } %>
+    <% my $curdate = strftime '%Y%m%d', localtime; %>
+    <% if ( "$curdate"  >= "20290531" ) { %>
+	<div class="sme-error"><h5>
+      URGENT NOTICE: As per May 31st 2029, SME Server 11 is obsolete, and potentially INSECURE. NO support will be offered for any issue found with this installed version.
+      Please migrate IMMEDIATELY to Koozali SME Server 12 or higher version. Failure to upgrade may lead to the compromise of this server.
+      </br>Please, consult <a href="https://wiki.koozali.org/SME_Server:Download" target="_blank">https://wiki.koozali.org/SME_Server:Download</a> to get the latest version
+     </h5></div>
+    <% } %>
 </div>

smeserver-manager.spec

@@ -2,7 +2,7 @@ Summary: Sme server  navigation module : manager 2
 %define name smeserver-manager
 Name: %{name}
 %define version 11.0.0
-%define release 57
+%define release 62
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -143,6 +143,22 @@ true
 %defattr(-,root,root)
 
 %changelog
+* Tue Mar 04 2025 Brian Read <brianr@koozali.org> 11.0.0-62.sme
+- Update .lex files to conform to standard english punctuation  [SME: 11809]
+
+* Tue Mar 04 2025 Brian Read <brianr@koozali.org> 11.0.0-61.sme
+- Arrange for the version in the footer to be suppressed if non admin login  [SME: 12887]
+
+* Thu Feb 27 2025 Brian Read <brianr@koozali.org> 11.0.0-60.sme
+- Enhance ssh security wording to mention autoblock in remoteaccess panel  [SME: 8309]
+
+* Thu Feb 27 2025 Brian Read <brianr@koozali.org> 11.0.0-59.sme
+- Arrange for Urgent notice to be displayed if date is past Rocky 8 EOL [SME: 12918]
+
+* Tue Feb 25 2025 Brian Read <brianr@koozali.org> 11.0.0-58.sme
+- re-organise open db placement [SME: 12695]
+- Re-arrange parameters to tar to avoid warning message in logs [SME: 12943]
+
 * Fri Feb 21 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-57.sme
 - upgrade validate_password sub to use esmith::util [SME: 12937]
   and deduplicate code