turnkey-core-17.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian 11.1/Bullseye.
* Configuration console (confconsole):
- Minor packaging changes for Debian Bullseye.
- Fix warnings on Confconsole when upgrading to Python3.9 - resolved by
swapping identity check for equality check - closes #1634.
- Remove dhparams generation - part of #1653.
* Firstboot Initialization (inithooks):
- Minor packaging changes for Debian Bullseye.
- Bugfix typo in firstboot.d/15regen-sslcert.
- Update the init-fence default html.
- Update simplehttpd.py cyphers.
- Remove dhparams generation - part of #1653.
- Code refactor to provide inithook_lib.
[ Stefan Davis ]
* Web management console (webmin):
- Upgraded webmin to v1.982.
[ Jeremy Davis ]
- Include webmin-firewall6 (firewall UI for IPv6) by default.
[ Richard van Dijk ]
- Update individual Webmin stunnel config to support IPv6 - part of #1658.
[ Richard van Dijk ]
* Web shell (shellinabox):
- Update individual Webshell stunnel config to support IPv6 - part of
#1658.
[ Richard van Dijk ]
* Backup (tklbam):
- Change default NTPSERVER to one that also supports IPv6 - part of #1658.
[ Richard van Dijk ]
- Build specific py2 dependencies previously provided by Debian for
Bullseye base (TKLBAM still py2).
* Security hardening & improvements:
- Generate and use new TurnKey Bullseye keys.
- Provide predefined dh_params (via 'turnkey-make-ssl-cert' where
relevant) as per RFC7919 - part of #1653.
- Enable TLS by default for use with Postfix.
- Servers which include Apache|LigHHTTPd|Nginx now have HSTS and OCSP
stapling configuration (not fully enabled by default - as requires valid
SSL/TLS cert).
* Misc bugfixes & feature implementations:
- Remove redundant autologin, singleuser_shell & ssh_emptypw scripts from
default common overlay.
- Cleanup/tweak MOTD.
- Update vim default conf path (for new version of vim in Bullseye).
- Move Nginx & LigHTTPd apps from FastCGI to PHP-FPM (apps with
Nginx/LigHTTPd only) - closes #1589.
- Include Nginx libmodsecurity module (apps with Nginx only) - clsoes
#1657.
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 02 Dec 2021 15:20:28 +1100
turnkey-core-16.1 (1) turnkey; urgency=low
* Upgraded base distribution to Debian 10.8/Buster.
* Configuration console (confconsole):
- Improvements to networking robustness and error reporting - allow setting
up of previously unconfigured or even to some extent misconfigured
networking - closes #1457.
[ Stefan Davis & Jeremy Davis ]
- Catch socket.gaierror in Mail Relaying - closes #1472.
[ Stefan Davis ]
- Fixed Confconsole stacktrace - closes #1478.
[ Stefan Davis ]
- Support copy/paste in Confconsole - closes #1545.
- Option to change default auto secupdates issue resolution - closes
#1536.
- Include confconsole plugin to allow configuration of confconsole
autostart - closes #1561.
- Fix Let's Encrypt staging server URL in config - closes #1497.
- (Apps with MySQL/MariaDB only) Confconsole perf and info schema install
option - closes #1429.
* Firstboot Initialization (inithooks):
- Add option to turnkey-init to launch full confconsole when finished.
- Improve customization re password complexity and blacklisted chars.
- Improve help text and remove buggy code causing issues in LXC
containers - closes #1451.
- Only launch Confconsole at end of run on non-headless builds.
- Provide systemd service file for turnkey-init-fence.
* Web management console (webmin):
- Updated Webmin to v1.970.
- Improved service to make more robust (particularly within LXC) - closes
#1480.
- Set iptables-legacy as default so webmin-firewall works as expected -
closes #1488.
- (Apps with MySQL/MariaDB/webmin-mysql only) Default MySQL user 'adminer'
(when 'webmin-mysql' module installed) - closes #1529.
* Hub Domains client (hubdns):
- Fixed server DNS mapping not updated on IP change - closes #1508.
* Misc bugfixes & feature implementations:
- Add alert for RUN_FIRSTBOOT in MOTD - closes #1129.
- Fix MOTD/turnkey-sysinfo if no network interfaces discovered - closes
#1461.
- Make root:root & 755 ownership/permissions of /usr/local default -
closes #1440.
- Improve 'stunnel4@.service' systemd service template to resolve issues -
closes #1513.
- Provide (optional) 'eth1' interface configured as "hotplug" - closes
#1492.
- (LAMP/LAPP based apps) Only install composer on apps that explicitly
use it, or where it makes sense (e.g. LAMP & LAPP will include it) -
closes #1563.
- (Apps with Composer only) Provide turnkey-composer wrapper script so
it's easy to not run composer as root - closes #1539.
- (Apps with Composer only) Automatically clear Composer cache and
shallow clone composer installed deps - closes #1541.
- (Apps with PHP only) Remove deprecated opcache.fast_shutdown option from
config - closes #1538.
- (Apps with Adminer only) Give grant privileges to adminer MySQL/MariaDB
user- closes #1496.
-- Jeremy Davis <jeremy@turnkeylinux.org> Fri, 12 Feb 2021 15:12:49 +1100
turnkey-core-16.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian 10.3/Buster.
* TurnKey Backup and Migration (tklbam):
- Fix paths with spaces not working in overrides - closes #1403.
[ Stefan Davis ]
- Package and dependencies rebuilt against Debian 10.3/Buster.
[ Jeremy Davis ]
* Configuration console (confconsole):
- Migrate code to python3, use default Debian dialog & python3-dialog
packages (no longer packaging our own forks).
- LE plugin: Completely refactor add-water.
- Networking: Add warning when changing ip inside an ssh session.
[ Stefan Davis ]
- No longer run as separate service (launched at first boot by inithooks).
- LE plugin: Improve Dehydrated cron job - closes #912.
- LE plugin: Backup domains.txt if it exists so can be manually restored
if desired. Part of #1365.
- LE plugin: Ensure that ACME v2 API endpoint is used everywhere. Part of
#1365.
- DH params plugin: New plugin for v16.0; update/improve Diffie-Hellman
parameters bit size. Closes #575. Part of #1432.
- Mail relay plugin: Allow unauthenticated SMTP relay. Closes #844.
- Mail relay plugin: Refactoring, improved error handling. Closes #1434.
[ Jeremy Davis ]
- All plugins updated to python3 and update python-dialog/dialog usage.
- Hostname plugin: Do some validation and bugfix implementation. Closes
#845.
[ Stefan Davis & Jeremy Davis ]
* Firstboot Initialization (inithooks):
- Migrate code to python3.
[ Stefan Davis ]
- Migrate TLS/SSL inithooks from common/overlay into inithooks package.
- Leverage (refactored/extended) turnkey-make-ssl-cert script to also
generate Diffie-Hellman parameters. Part of #1432.
- Option to launch full Confconsole on completion (defaults to minimal).
- Fix error message when password complexity = 4 in dialog_wrapper
(previous message was misleading).
- Add support for blacklisted characters when setting password via
dialog_wrapper.
[ Jeremy Davis ]
* Web management console (webmin):
- Upgraded webmin to v1.941
- Developed improved systemd webmin.service file.
- Individual Webmin stunnel config - easier to disable/enable Webmin &
Webshell independently.
[ Jeremy Davis ]
* Web shell (shellinabox):
- Individual Webshell stunnel config - easier to disable/enable Webmin &
Webshell independently.
[ Jeremy Davis ]
* Installer (di-live):
- Migrate code to python3.
- Update Debian Installer source components (from Debian d-i source).
Closes #412.
- Leverage Debian Live Tools for running live and installing (no longer
requires casper and busybox-initramfs).
- Other major refactoring.
[ Jeremy Davis ]
* Live environment:
- Leverage Debian default live environment (casper and alternate busybox
package no longer required; built on default Debian packages; live-tools
& live-boot). Closes #942.
[ Jeremy Davis ]
* Miscellaneous:
- ssh-server: Relax SSH config slightly to reduce issues with fail2ban -
closes #1398.
- hubtools: Fix hub-list-backups - closes #1173.
- turnkey-make-ssl-cert: support (re)generation of Diffie-Hellman
parameters. Part of #1432.
-- Jeremy Davis <jeremy@turnkeylinux.org> Tue, 07 Apr 2020 18:44:24 +1000
turnkey-core-15.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian 9.4/Stretch.
* TurnKey Backup and Migration (tklbam):
- package and dependencies are now reproducible (security)
[ Chris Lamb ]
- backup update fix - new dependency for Stretch; gnupg (closes #962)
[ Ken Robinson ]
- restore update fix - ensure patches are applied to tklbam-squid source
code (TurnKey squid fork) (closes #970)
[ Ken Robinson (troubleshooting) & Chris Lamb (fix) ]
* Installer (di-live):
- package is now reproducible (security)
[ Chris Lamb ]
- fix di-live failing to install from live system (closes #1041)
[ Stefan Davis ]
* Live environment (casper):
- package is now reproducible (security)
[ Chris Lamb ]
- update to support overlayFS (default layering filesystem in stretch)
[ Stefan Davis ]
* Configuration console (confconsole):
- general:
- package is now reproducible (security)
[ Chris Lamb ]
- Networking:
- fix for static IP not sticking (since upgrade to stretch base)
(closes #952)
- Let's Encrypt plugin:
- install 'dehydrated' (ACME client) from Debian main repo (previously
installed from jessie-backports)
- significant refactoring of plugin
- support for multiple domains (closes #843)
- fix for updated ACME ToS; including dynamically discovered latest ToS;
inc dialog display of url for current ToS (closes #976)
- update dialog and readme for Debian Stretch (closes #1061)
[ Stefan Davis ]
* Firstboot Initialization (inithooks):
- Updates for headless builds especially LXC/Proxmox & Xen:
- include specific inithooks-lxc.service file - initialization systemd
service that works reliably inside an LXC container (and doesn't effect
other builds) (closes #1071)
- include specific inithooks-xen.service file - initialization systemd
service that works reliably with the Xen console (and doesn't effect
other builds)
- force non-interactive dpkg-reconfigure of openssh-server (closes #1085)
- updated initfence index page to note that webshell not available
(closes #1087)
- fix edge case bug where turnkey-sudoadmin would incorrectly adjust
services.txt (closes #1124)
* Web management console (webmin):
- upgraded webmin to v1.881
- package is reproducible (no changes required) (security)
- resolve stretch related install problem (closes #920)
[ Ken Robinson ]
- new default theme, uses upstream default; 'Authentic' (closes #781)
- TurnKey theme customizations; TurnKey logos, default to show TKLBAM
module on login
- remove webmin-file (java based filemanager) module (closes #965)
- remove webmin-texteditor module (upstream)
- include webmin-fail2ban module
- add convenience symlinks to useful Webmin logs (in /var/log/webmin)
- reconfigure webmin-raid & webmin-lvm modules during build (workaround
for #1091)
* TurnKey AMQ (tklamq) - only applies to Hub builds:
- python-carrot deprecated, move to dependency on python-kombu
* Web shell (shellinabox):
- install v2.20 direct from Debian main repo (no longer maintaining our
own fork) (closes #918)
- version from Debian displays ncurses dialog properly (closes #317)
- white on black default webshell (aka shellinabox) theme (closes #1060)
* Security hardening:
[ John Carver ]
- default config mods for:
- postfix
- ssh
- kernel sysctl variables
- inc easy option to override (via /etc/sysctl.conf)
* Optimized builds (buildtasks):
- VM builds (OVA & VMDK):
- include open-vm-tools-dkms & linux-headers-amd64 in base builds (closes
#1001)
[ Stefan Davis ]
* Miscellaneous:
- update to support overlayFS (default layering filesystem in stretch)
- default to systemd init system for all builds
- use traditional network interface names, e.g. 'eth0' (disable stretch
default of "Predictable Network Interface Names")
- 'dpkg-vendor --query Vendor' now returns 'TurnKey` (closes #196)
- include fail2ban in all appliances (closes #630 & #991)
- MVP uses default Debian conf, protects SSH only
- use http://deb.debian.org as Debian url in sources.list - as
recommended by Debian (closes #927)
- upstream fix for MOTD not being updated dynamically (closes #1024)
[ Stefan Davis ]
-- Jeremy Davis <jeremy@turnkeylinux.org> Tue, 19 Jun 2018 12:35:59 +1000
turnkey-core-14.2 (1) turnkey; urgency=low
* Upgraded base distribution to Debian Jessie 8.7.
* Webmin (web based administration):
- Update to 1.831 (includes fix for [#493]).
* Confconsole (configuration console - console based admin):
- significant refactoring to support "Advanced" plugins [#369].
- Included new plugins:
- Region Config >> Locales/Keyboard/Tzdata [#14, #38, #746,
#770, #771].
- Proxy Settings >> Apt proxy [#203].
- System Settings >> Set hostname [#180, #450, #765, #795].
- Mail relay - SMTP email relay config [#482].
- Let's Encrypt SSL certs (via Dehydrated) [#546, #766, #767].
- includes install of dehydrated (from jessie-backports).
* Inithooks (firstboot initialization):
- make secalerts more robust [#532].
- password complexity requirements explicitly stated [#556].
* di-live (TurnKey installer):
- resolved LVM install bug [#782].
- di-live - reordered install options so install to LVM is
default [#791].
* TKLBAM (backup and migration tool):
- various bugfixes and improvements.
* miscellaneous:
- tweaked turnkey-make-ssl-cert for improved code styling and
functionality.
- fixed Monit configuration [#603].
- update default apt URLs to httpredir.debian.org [#742].
- removed core package from all builds (except core) [#762].
- improved default vim-tiny config [#763].
-- Jeremy Davis <jeremy@turnkeylinux.org> Wed, 29 Mar 2017 12:41:10 +1100
turnkey-core-14.1 (1) turnkey; urgency=low
* Installed all Debian security updates.
* Installed updated packages from TurnKey repo
- Webmin - Update to 1.780 [#496].
- Webmin - Install new HTML5 file manager.
- Confconsole - now handles bridged LXC net config.
- Inithooks - email regex now less demanding [#155].
- Inithooks - ssh message on root login attempt (under sudoadmin)
to a TKL EC2 instance like Debian does [#541].
- Inithooks - improved container fence firstboot console output [#570].
* turnkey-make-ssl-cert now leaks the least amount of info possible
[#572].
-- Jeremy Davis <jeremy@turnkeylinux.org> Thu, 25 Feb 2016 00:28:44 +1100
turnkey-core-14.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian Jessie 8.1.
* TurnKey Backup and Migration (tklbam):
- No longer requires TurnKey Hub or even a network connection.
- Ability to force a profile.
- Increased robustness of MySQL backup/restore.
- Improved logging (output in realtime, exceptions, rotation).
- Usability improvements (more verbose, self-documenting).
- Improved --debug behavior.
- Multiple bugfixes and improvements
https://github.com/turnkeylinux/tklbam/blob/master/docs/RelNotes-1.4.txt
* Web management console (webmin):
- Upgraded webmin to 1.760.
- Served behind stunnel4 for improved SSL.
* Web shell (shellinabox):
- Served behind stunnel4 for improved SSL.
- Bugfix: only one line displayed on mobile device (i.e. ipad).
* Initialization hooks (inithooks):
- Kernel upgrade on firstboot will trigger a reboot.
- TurnKey initialization fence HTTPS encryption warning explanation.
- Improved SSH key regeneration.
- Added system notifications and critical security alerts hook.
- Added turnkey-sudoadmin (configure system to use sudo admin user).
- Added hostname configuration hook.
- Added autogrow filesystem hook.
- Added IP configuration hook.
- Added support for systemd.
* Configuration console (confconsole):
- Added support for systemd.
* Installer (di-live):
- Updated to support Debian 8.0, version bump to 0.9.5.
- Upgraded partitioner with latest d-i upstream code.
- Removed alignment tags which are not interpreted by debconf.
- Updated build-depends and recommends.
- Added support for systemd.
* Miscellaneous
- monit: added cpu/ram/swap/disk alerts.
- systemd: set as default init system.
- ssl/ssh: lots of security improvements.
- openssh-server: configured to permit root login with password.
- vim-tiny: set as alternative for vim instead of symlink.
- sources.list: updated cdn.debian.net to http.debian.net.
- udhcpc: added support for /32 IPv4 subnets.
- bashrc: added missing aliases for color terms.
- iso-hybrid: ISO images are pre-processed for USB flash booting.
- gfxboot: updated to support newer syslinux version.
- busybox-initramfs: custom built enabling initramfs support.
-- Alon Swartz <alon@turnkeylinux.org> Thu, 27 Aug 2015 18:32:27 +0300
turnkey-core-13.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian Wheezy 7.2.
* TurnKey Backup and Migration (tklbam):
- Added PostgreSQL database support.
- Added MySQL support for views and triggers.
- Added --raw-upload and --dump options to backup.
- Added --raw-download and --simulate options to restore.
- Added "inspect" state to hooks mechanism.
- Multiple backup and restore bugfixes and improvements.
https://github.com/turnkeylinux/tklbam/blob/master/docs/RelNotes-1.3.txt
* Web management console (webmin):
- Upgraded webmin to 1.630.
- New version includes new BSDfdisk modules.
* Bugfixes and tweaks:
- busybox-initramfs: custom built enabling initramfs support.
- resolvconf: set resolver timeout to 1 second (useful when offline).
-- Alon Swartz <alon@turnkeylinux.org> Thu, 10 Oct 2013 13:56:25 +0300
turnkey-core-12.1 (1) turnkey; urgency=low
* Upgraded base distribution to Debian Squeeze 6.0.7.
* Available in both 32-bit (i386) and 64-bit (amd64) architectures.
* TurnKey Backup and Migration (tklbam):
- Fixed MySQL deserialization code (duplicated last element in row if > 1MB).
- Fixed keypacket AES cipher initialization required as of python-crypto 2.6.
- Added jitter to tklbam-backup cron job.
- Refactored to use pycurl-wrapper's new API class.
* TurnKey Configuration Console (confconsole):
- Fixed multiple network interface support (LP#1045320).
- Added support for --usage (no advanced menu options).
- Replaced kbd recommendation with console-tools | console-utilities.
* TurnKey Initialization Hooks (inithooks):
- Implemented turnkey-init-fence for headless deployments.
- Re-implemented turnkey-init in Python.
- Display confconsole usage as last screen of turnkey-init.
- Improved hooks sub-execution and handling of CTRL-C.
- Imported common hooks from overlay into package.
- Limit paragraph width for better UX.
- Replaced kbd dependency with console-tools | console-utilities.
* Web management console (webmin):
- Upgraded webmin to 1.620.
- New version includes new ISCSI modules and a gray theme.
* Web shell (shellinabox):
- Support new keycodes (dash, underscore) used by firefox 15+ (LP#1104164).
- Install available options as is without renaming or enabling.
- Enable default options (white-on-black, color) postinst.
- Fixed broken packaging of stray option styling files.
- Fixed colors to support dialog interfaces.
* TurnKey Python Library (turnkey-pylib):
- Multiple improvements to Parallelize and Command modules.
- Added 20 new modules.
* Bugfixes and tweaks:
- packages: added curl (generically useful).
- packages: acpi-support-base (handle acpi events - LP#101194).
- apt: replaced auto-apt-archive with Debian's CDN mirror network.
- apt: updated trusted.gpg.d/$release to $distro.
- apt: removed ubuntu trusted key.
- bash: improved bashrc whitespace support (LP#932388).
- bash: added useful git aliases (see ~/.bashrc.d/git).
- di-live: updated architecture config and bootloader depends.
- di-live: replaced kbd recommendation with console-tools | console-utilities.
- busybox-initramfs: custom built enabling initramfs support.
- casper: updated path_id execution per udev changes.
- sshd: disabled dns checks (if resolution fails will prevent logins).
- motd: tweaked configuration to support upcoming Wheezy release.
- pycurl-wrapper: added timeout support, created new API class.
- hubdns: increased jitter, refactored to use pycurl-wrapper's API class.
* Latest versions of all packages will be installed during build.
-- Alon Swartz <alon@turnkeylinux.org> Wed, 03 Apr 2013 08:00:00 +0200
turnkey-core-12.0 (1) turnkey; urgency=low
* Upgraded base distribution to Debian Squeeze 6.0.5.
- Support for dependency based boot sequence (insserv).
- Default ISO Kernel 2.6-686 (TKL Core Lenny was 486).
* TKLBAM (backup and migration):
- Upgraded to latest version of TKLBAM (see changelog for details, below
are some of the highlights).
- Added embedded squid download cache support.
- Added backup resume functionality.
- Added support for multipart parallel uploads to S3.
- Upgraded duplicity and python-boto.
- Multipart parallel S3 uploads.
- Fixed root cause of MySQL max packet issue (bugfix).
* Installer (di-live):
- Upgraded di-live to latest version compatible with Squeeze.
- Misc bugfixes and tweaks.
* Boot (bootsplash and grub):
- Upgraded bootsplash generation to be compatible with Squeeze.
- Removed bootsplash unused panel options and extraneous files.
- Tweaked grub default timeouts (hidden_timeout=0, timeout=3).
* Locale:
- Set default locale to en_US.UTF-8 (was en_GB).
- Updated locale configuration for compatibility with Squeeze.
- Includes localepurge (pre-configured and initialized).
* Web management console (webmin):
- Upgraded webmin to 1.590 and default theme.
- Disabled inline webmin upgrades (managed by APT).
- Moved history logging to /var/webmin (incorrect use of /etc).
* Web shell (shellinabox):
- Upgraded shellinabox to 2.14.
* Bugfixes and tweaks:
- Fixed LSB compatibility (di-live, inithooks, confconsole) [LP#700399].
- Added support for spaces in bashrc promptpath [LP#932388].
- Replaced APT trusted.db with trusted.gpg.d/$distro.
- Added bashmarks (super useful bash bookmarking).
- Removal of log files generated during build.
- inithooks: Improved headless deployment (REDIRECT_OUTPUT directive).
- etckeeper: Uninitialization post build and firstboot (turnkey-init).
- resolvconf: Removed upstart hack (not relevant on Squeeze).
- confconsole: Miscellaneous bugfixes and refactoring.
- install-security-updates: Wrapper script for convenience.
-- Alon Swartz <alon@turnkeylinux.org> Wed, 01 Aug 2012 08:00:00 +0200
turnkey-core-11.3 (1) turnkey; urgency=low
* Installed security updates.
* Enabled etckeeper garbage collection by default.
* Upgraded to latest inithooks version (adhoc re-initialization via turnkey-init)
-- Alon Swartz <alon@turnkeylinux.org> Mon, 05 Dec 2011 10:48:44 +0000
turnkey-core-11.2 (1) turnkey; urgency=low
* Installed security updates.
* Added HubDNS package and firstboot configuration.
-- Alon Swartz <alon@turnkeylinux.org> Fri, 15 Jul 2011 07:47:08 +0000
turnkey-core-11.1 (1) turnkey; urgency=low
* Upgraded base distribution to Ubuntu 10.04.1 LTS.
* No more chimeras (mixing of packages from Debian/ubuntu).
* Installer (di-live):
- Added LVM support, with guided partitioning supported in di-live,
and webmin module for convenience.
- Guided partitioning of root volume will default to 90% of volume
group to support LVM snapshots out of the box.
- Moved appliance secret regeneration, configuration, setting of
passwords to inithooks to run on firstboot.
- Installation media will be ejected and a message displayed to
remove media after successful installation.
- Warning messages will be logged instead of inline (caused a bad
user experience).
- Upgraded di-live to latest version compatible with Lucid.
* Initialization Hooks (inithooks):
- Setting of passwords and configuration is now done on firstboot.
- Application specific configuration (passwords, email, domain) is
now supported putting an end to default settings.
- This supports all build targets such as VM builds, and most run
in live-mode (convenience, consistent user-experience).
- Includes auto-apt-archive to configure the closest APT package
archive, determined via the TurnKey Hub GeoIP service.
- All relevant inithooks can be preseeded, refer to:
https://www.turnkeylinux.org/docs/inithooks
* Configuration Console (confconsole):
- /etc/confconsole/usage.txt has been replaced with services.txt
- The usage screen is now updated dynamically for simpler management
and customization.
* Updated bootsplash menu:
- Install to hard disk - default, moved to first option.
- Live system -> Try without installing (Live CD demo mode).
- Removed Boot from first hard disk.
* Display system info in motd, as well non-persistent mode warning (motd).
* NTP configured with recommended pool servers and to cope with large time
drifts.
* Setting of LANG in /etc/default/locale.
* Packages:
- Includes TKLBAM (TurnKey Backup and Migration) + new Webmin module.
- Includes etckeeper initialized on firstboot (using git-core).
- Includes logrotate for automatic log rotation.
- Configured APT to not install recommends by default.
- Upgraded webmin to 1.520 and default theme.
- Upgraded shellinabox to 2.10, set default theme to white-on-black.
- Customized bashrc and bashrc.d scripts.
- Includes bash-completion (very useful addition for cli).
- Includes iproute (ipv6 provisoning).
- Includes acpid (support hypervisor reboot/power down signals).
- Replaces host with bind9-host (deprecated).
- Replaces sysklogd and klogd with rsyslog (inline with Ubuntu).
- Grub2 (grub-pc) pre-configuration (verbose, timeout, console).
-- Alon Swartz <alon@turnkeylinux.org> Sun, 19 Dec 2010 15:01:05 +0200
turnkey-core-2009.10 (2) hardy; urgency=low
* Installed all security updates (see manifest for package versions).
* Install security updates on firstboot (except when running live).
* Trick webmin into not checking for upgrades (managed by apt).
* Included latest version of inithooks and updated scripts.
* Included wget as per common request.
-- Alon Swartz <alon@turnkeylinux.org> Mon, 29 Mar 2010 09:02:11 +0200
turnkey-core-2009.10 (1) hardy; urgency=low
* Upgraded base distribution to Ubuntu 8.04.3 LTS.
* Added shell-in-a-box to provide web shell access (listening on port
12320 - uses SSL).
* Added inithooks to execute firstboot/everyboot scripts, for example
regenerating cryptographic keys on live boot:
- SSH keys.
- Default SSL certificate (used by Webmin, Apache, Lighttpd).
* Upgraded Webmin to 1.490 and default theme.
- Disabled Webmin scheduled updates (managed by APT)
* New versions of confconsole and di-live include many improvements and
bugfixes (see their respective release notes for details).
* Implemented APT pinning downgrade workaround (LP#315175).
* Added a few generically useful packages (unzip: LP#356099, ethtool).
* Added IPv6 configuration to /etc/hosts.
-- Alon Swartz <alon@turnkeylinux.org> Tue, 29 Sep 2009 15:39:41 +0200
turnkey-core-2009.02 (1) hardy; urgency=low
* initial public release of the TurnKey Linux "core": it's the basic
appliance on top of which all TurnKey Linux appliances are now built.
* upgraded base distribution to Ubuntu 8.04.2 LTS
* added many generically useful webmin modules:
- network
- firewall configuration (with example configuration)
- network configuration
- system
- configure time, date and timezone
- configure users and groups
- manage software packages
- change passwords
- system logs
- tools
- text editor
- shell commands
- simple file upload/download
- file manager (needs support for Java in browser)
- custom commands
* changed webmin port from 10000 to 12321 (more distinct, easier to type)
* regenerate cryptographic keys during installation
- SSH keys
- default SSL certificate (used by webmin, Apache, lighttpd)
* configured sshd to permit an empty password in demo/live mode
* improved package management configuration
- enabled Ubuntu's Universe component by default (convenience)
- cron-apt configured to:
- correctly handle modified conffiles when auto-upgrading (won't hang)
- only auto-upgrade packages from the security components
- update the cache for all components
- share sources with other interfaces to apt (e.g., apt-get)
- log to syslog instead of mailing root
* new versions of confconsole and di-live include many improvements and
bugfixes (see their respective release notes for details)
* changed default console font to improve readability of console dialogs
* added a few generically useful packages (iptables, ntp, nano)
* updated /etc/network/interfaces to support multiple network interface cards
* replaced metalog with sysklogd/klogd
* optimized footprint (rebuilt from bare essentials)
* added the release package that holds this changelog
-- Alon Swartz <alon@turnkeylinux.org> Thu, 29 Jan 2009 14:31:46 +0200