- RTP ports used for voice and video communication can span a wide range
of ports. Some servers seem to restrict the range. However, repro
does not seem to do that. So, open up the full range.
- Update action to not configure jwchat anymore.
- Update action to not disable jwchat apache configuration. Since the
package is no longer installed, this could cause failures.
- Update action to no refer to jwchat in comments.
- Update jwchat-plinth Apache configuration to not include jwchat
anymore. Keep this file name for now instead of renaming it to
jsxc-plinth as this would introduce additional complexity with little
benefit.
- Install package libjs-jsxc instead of jwchat during xmpp setup.
- Create jsxc front page shortcut instead of for jwchat.
- Perform diagnostics on /http-bind/ URL needed for jwchat instead of
/jwchat.
- Update links that launch XMPP web client.
The wget command to push the current IP via update URL will download the
update URL document without deleting the HTML document afterwards. This
will cause the script to flood "/root/" folder.
Implement killing the publish process from within the action. Don't let
the killing be too generic to avoid potential security issues. Kill
process only if it appears as expected.
Older format was:
uid ssh://host
Newer format is:
uid [ something] ssh://host
I believe this change happened due to migration from gpg to gpg2. Adopt
our code to handle both cases.
Monkeysphere was using MD5 fingerprints (without the 'MD5:' prefix).
They seem to have switched to 'SHA256' recently and started prepending
the hash with the string 'SHA256:'. Make the module work with this
change and hopefully for future hash algorithm fixes.
- Use a parser generated data type exposed by ruamel.yaml library to get
the necessary double-quoted strings that we want in the output file.
- Simplify reading and writing to a YAML file.
- Fix incorrect dependency of ruamel.yaml Debian package. The correct
one is python3-ruamel.yaml.
nscd monitors files in /etc and invalidates the cache automatically when
they change. However, for other mechanisms it recommends issuing a
manual flush in its manual page. Flush nscd passwd and group database
caches after all user operations (not just rename operation, just to be
sure).
Current check whether the package manager is busy and getting the
unattended upgrades log requires root. This will not allow Plinth to
run as non-root. Fix this by moving the operations to actions script.
Due to permission restrictions on the configuration file (due to stored
password), it is not possible to read it as plinth user. Read it using
sudo instead.
- Make the default snapshot detection slightly more robust and refactor.
- Expand description to explain automatic snapshotting, etc.
- Show description even after setup.
- Show default snapshot as a bootstrap label.
- Message explaing how rollback can be undone.
- Minor updates to delete/rollback confirmation messages.
- Minor style refactoring
- Create and list filesystem snapshots. Hide "current" snapshot.
- Allow deleting snapshots, except for default subvolume.
- Allow rollback to a snapshot.
Preseeding settings with debconf won't have any effect if the packages
are already installed. Instead, provide an override database to
dpkg-reconfigure.
- Fix code style.
- Keep description and util functions at module level.
- Add license notice to forms file.
- Internationalize and make choice descriptions more informative.
- Allow users to run regular relays. In addition to that users will be
able to turn them into bridge relays. Like before, by default,
relaying is enabled and the relay type bridge relay.
- Show obfs3/4 transport ports as needing firewall port forwarding only
if bridge relay is enabled.
- Remove pluggable transports configuration from configuration when
bridge rely is disabled.
- Improve description message for relays and bridge relays.
- Do stricter matches when editing configuration file. Earlier
mechanism would match comments etc.
- Move action methods to module core from views.
- During first boot, notify users that console login is restricted and
that they can changed that from security settings.
- Recommend enabling conosle login restrictions. Add message about why
console restrictions are important.
- Show title in security module.
