diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 0e6a3721..f7d03a31 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,3 +1,9 @@ +v 3.3.11 - Oct 26, 2015 +- Updated MySql version +- Added new repository for MySql +- Minor fix for redis cache in debian jessie +- Security Fix in location.conf + v 3.3.10 - Oct 19, 2015 - Fix #630 - Fix #631 diff --git a/ee/cli/plugins/stack.py b/ee/cli/plugins/stack.py index 64da1941..d99fbf18 100644 --- a/ee/cli/plugins/stack.py +++ b/ee/cli/plugins/stack.py @@ -104,25 +104,25 @@ class EEStackController(CementBaseController): if set(EEVariables.ee_mysql).issubset(set(apt_packages)): Log.info(self, "Adding repository for MySQL, please wait...") - mysql_pref = ("Package: *\nPin: origin mirror.aarnet.edu.au" + mysql_pref = ("Package: *\nPin: origin sfo1.mirrors.digitalocean.com" "\nPin-Priority: 1000\n") with open('/etc/apt/preferences.d/' 'MariaDB.pref', 'w') as mysql_pref_file: mysql_pref_file.write(mysql_pref) - if EEVariables.ee_platform_codename != 'jessie': - EERepo.add(self, repo_url=EEVariables.ee_mysql_repo) - Log.debug(self, 'Adding key for {0}' - .format(EEVariables.ee_mysql_repo)) - EERepo.add_key(self, '0xcbcb082a1bb943db', + # if EEVariables.ee_platform_codename != 'jessie': + EERepo.add(self, repo_url=EEVariables.ee_mysql_repo) + Log.debug(self, 'Adding key for {0}' + .format(EEVariables.ee_mysql_repo)) + EERepo.add_key(self, '0xcbcb082a1bb943db', keyserver="keyserver.ubuntu.com") chars = ''.join(random.sample(string.ascii_letters, 8)) Log.debug(self, "Pre-seeding MySQL") - Log.debug(self, "echo \"mariadb-server-10.0 " + Log.debug(self, "echo \"mariadb-server-10.1 " "mysql-server/root_password " "password \" | " "debconf-set-selections") try: - EEShellExec.cmd_exec(self, "echo \"mariadb-server-10.0 " + EEShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " "mysql-server/root_password " "password {chars}\" | " "debconf-set-selections" @@ -131,12 +131,12 @@ class EEStackController(CementBaseController): except CommandExecutionError as e: Log.error("Failed to initialize MySQL package") - Log.debug(self, "echo \"mariadb-server-10.0 " + Log.debug(self, "echo \"mariadb-server-10.1 " "mysql-server/root_password_again " "password \" | " "debconf-set-selections") try: - EEShellExec.cmd_exec(self, "echo \"mariadb-server-10.0 " + EEShellExec.cmd_exec(self, "echo \"mariadb-server-10.1 " "mysql-server/root_password_again " "password {chars}\" | " "debconf-set-selections" @@ -1226,8 +1226,9 @@ class EEStackController(CementBaseController): raise SiteError("Unable to import Anemometer database") EEMysql.execute(self, 'grant select on *.* to \'anemometer\'' - '@\'{0}\''.format(self.app.config.get('mysql', - 'grant-host'))) + '@\'{0}\' IDENTIFIED' + ' BY \'{1}\''.format(self.app.config.get('mysql', + 'grant-host'),chars)) Log.debug(self, "grant all on slow-query-log.*" " to anemometer@root_user IDENTIFIED BY password ") EEMysql.execute(self, 'grant all on slow_query_log.* to' @@ -1235,7 +1236,7 @@ class EEStackController(CementBaseController): ' BY \'{1}\''.format(self.app.config.get( 'mysql', 'grant-host'), chars), - errormsg="cannot grant privillages", log=False) + errormsg="cannot grant priviledges", log=False) # Custom Anemometer configuration Log.debug(self, "configration Anemometer") @@ -1817,24 +1818,20 @@ class EEStackController(CementBaseController): if EEVariables.ee_ram < 512: Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" .format(int(EEVariables.ee_ram*1024*1024*0.1))) - EEFileUtils.searchreplace(self, "/etc/redis/redis.conf", - "# maxmemory ", - "maxmemory {0}".format(int(EEVariables.ee_ram*1024*1024*0.1))) + EEShellExec.cmd_exec(self, "sed -i 's/# maxmemory /maxmemory {0}/' /etc/redis/redis.conf" + .format(int(EEVariables.ee_ram*1024*1024*0.1))) Log.debug(self, "Setting maxmemory-policy variable to volatile-lru in redis.conf") - EEFileUtils.searchreplace(self, "/etc/redis/redis.conf", - "# maxmemory-policy volatile-lru", - "maxmemory-policy volatile-lru") + EEShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy volatile-lru/' " + "/etc/redis/redis.conf") EEService.restart_service(self, 'redis-server') else: Log.debug(self, "Setting maxmemory variable to {0} in redis.conf" .format(int(EEVariables.ee_ram*1024*1024*0.2))) - EEFileUtils.searchreplace(self, "/etc/redis/redis.conf", - "# maxmemory ", - "maxmemory {0}".format(int(EEVariables.ee_ram*1024*1024*0.2))) + EEShellExec.cmd_exec(self, "sed -i 's/# maxmemory /maxmemory {0}/' /etc/redis/redis.conf" + .format(int(EEVariables.ee_ram*1024*1024*0.2))) Log.debug(self, "Setting maxmemory-policy variable to volatile-lru in redis.conf") - EEFileUtils.searchreplace(self, "/etc/redis/redis.conf", - "# maxmemory-policy volatile-lru", - "maxmemory-policy volatile-lru") + EEShellExec.cmd_exec(self, "sed -i 's/# maxmemory-policy.*/maxmemory-policy volatile-lru/' " + "/etc/redis/redis.conf") EEService.restart_service(self, 'redis-server') if disp_msg: if len(self.msg): diff --git a/ee/cli/plugins/stack_migrate.py b/ee/cli/plugins/stack_migrate.py index 17a15123..e57e7941 100644 --- a/ee/cli/plugins/stack_migrate.py +++ b/ee/cli/plugins/stack_migrate.py @@ -33,7 +33,7 @@ class EEStackMigrateController(CementBaseController): # Add MariaDB repo Log.info(self, "Adding repository for MariaDB, please wait...") - mysql_pref = ("Package: *\nPin: origin mirror.aarnet.edu.au" + mysql_pref = ("Package: *\nPin: origin sfo1.mirrors.digitalocean.com" "\nPin-Priority: 1000\n") with open('/etc/apt/preferences.d/' 'MariaDB.pref', 'w') as mysql_pref_file: diff --git a/ee/cli/templates/locations.mustache b/ee/cli/templates/locations.mustache index 21e18f82..b9d9fc63 100644 --- a/ee/cli/templates/locations.mustache +++ b/ee/cli/templates/locations.mustache @@ -34,7 +34,7 @@ location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ log_not_found off; } # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) -if ($request_uri ~* "^.+(readme|license|example)\.(txt|html)$") { +if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") { return 403; } # Status pages diff --git a/ee/core/variables.py b/ee/core/variables.py index 14957ee2..8ffa4c41 100644 --- a/ee/core/variables.py +++ b/ee/core/variables.py @@ -12,7 +12,7 @@ class EEVariables(): """Intialization of core variables""" # EasyEngine version - ee_version = "3.3.10" + ee_version = "3.3.11" # EasyEngine packages versions @@ -120,12 +120,12 @@ class EEVariables(): # MySQL repo and packages if ee_platform_distro == 'ubuntu': - ee_mysql_repo = ("deb http://mirror.aarnet.edu.au/pub/MariaDB/repo/" - "10.0/ubuntu {codename} main" + ee_mysql_repo = ("deb http://sfo1.mirrors.digitalocean.com/mariadb/repo/" + "10.1/ubuntu {codename} main" .format(codename=ee_platform_codename)) elif ee_platform_distro == 'debian': - ee_mysql_repo = ("deb http://mirror.aarnet.edu.au/pub/MariaDB/repo/" - "10.0/debian {codename} main" + ee_mysql_repo = ("deb http://sfo1.mirrors.digitalocean.com/mariadb/repo/" + "10.1/debian {codename} main" .format(codename=ee_platform_codename)) ee_mysql = ["mariadb-server", "percona-toolkit"] diff --git a/install b/install index beb6e436..9ea5aa54 100644 --- a/install +++ b/install @@ -48,7 +48,7 @@ fi # Define variables for later use ee_branch=$1 readonly ee_version_old="2.2.3" -readonly ee_version_new="3.3.10" +readonly ee_version_new="3.3.11" readonly ee_log_dir=/var/log/ee/ readonly ee_install_log=/var/log/ee/install.log readonly ee_linux_distro=$(lsb_release -i | awk '{print $3}') @@ -454,6 +454,14 @@ function ee_update_latest() fi fi + #Fix Security Issue. commit #c64f28e + if [ -f /etc/nginx/common/locations.conf ]; then + grep -0 '$request_uri ~\* \"^.+(readme|license|example)\\.(txt|html)$\"' /etc/nginx/common/locations.conf &>> /dev/null + if [ $? -eq 0 ]; then + sed -i 's/$request_uri ~\* \"^.+(readme|license|example)\\.(txt|html)$\"/$uri ~\* \"^.+(readme|license|example)\\.(txt|html)$\"/g' /etc/nginx/common/locations.conf &>> /dev/null + fi + fi + # Fix for 3.3.2 renamed nginx.conf nginx -V 2>&1 &>>/dev/null if [[ $? -eq 0 ]]; then diff --git a/setup.py b/setup.py index 82950194..932a94b7 100644 --- a/setup.py +++ b/setup.py @@ -54,7 +54,7 @@ except Exception as e: os.system("git config --global user.email {0}".format(ee_email)) setup(name='ee', - version='3.3.10', + version='3.3.11', description=long_description, long_description=long_description, classifiers=[],