=============================================================================== UPGRADE to Version 2.2.0-3 =============================================================================== REMARKS ======= . For more information about new features, please read the up-to-date Release Notes. . For those who are new to Linux/Unix, we recommend reading appendix A in the Cyclades ACS User's Guide. NOTE: Cyclades strongly recommends that the user has read the latest User's Guide available in Cyclades' ftp site before using this new firmware. UPGRADING OVERVIEW ================== The ACS packages may be updated from one version to another. So, if the user has an ACS running an earlier version, special care should be taken regarding configuration. The user can choose to start the configuration from scratch by simply doing: echo 0 > /proc/flash/script reboot or, the user must perform all steps from all "Upgrading from actions" with version numbers equal to or greater than the original version of his ACS. To run a new configuration and save it into flash the user must execute the following commands: signal_ras hup saveconf The command "saveconf" is equivalent to the Linux command: "tar -czf /proc/flash/script -T /etc/config_files" so, double check that all files which have been changed have their names in the file /etc/config_files. If any of the files /etc/inittab, /etc/rc.sysinit, or any user's shell script executed by /etc/rc.sysinit were changed, the ACS must be rebooted for them to take effect. Upgrading from 2.1.6 Actions ============================ - The WebUi was changed. The following actions must be taken : 1) The server.pem and the cert.pem are in /new_web/Locale directory. If the files were changed, copy the file to the new directory. 2) The file /etc/group was changed, the "admin" group and "biouser" group was inserted. If the file were not changed just replace it with the file /etc/group.save. Otherwise the administrator need to edit the file and insert the following lines: admin::104:root biouser::105: 3) The WebUi authentication is done by PAM/local. The users that can use the WebUI need to be included in the local database (/etc/passwd). Use the following command to add Admin User : #adduser -G admin Use the following command to add Regular User : #adduser The new WebUI authentication method through PAM requires the service "web" in the file "/etc/pam.conf". # # The PAM configuration file for the `web' service # web auth required pam_unix2.so web account required pam_unix2.so web password required pam_unix2.so md5 web session required pam_unix2.so 4) To configure the HTTP/HTTPS, you need to edit the file /etc/webui.conf. By default, HTTP and HTTPS are enabled. To disable HTTP service, change the line "HTTP=YES" to "HTTP=NO". To disable HTTPS service, change the line "HTTPS=YES" to "HTTPS=NO". To change the TCP ports or security level see the manual. 5) The bio users need to be a member of the new group biouser. To include the old users in this group, the administrator need to edit the file /etc/group and to add the usernames in the biouser line as in the example : biouser::105:userbio1,userbio2,userbio3 To add new users the following command must be used : #adduser -G biouser - This version allows the ssh's users to be authenticated by Kerberos TGT. The ssh_config and sshd_config files were changed. If these files were not changed just replace it with the files *.save. Otherwise the user should merge these files. - The dhcpd_cmd was changed, was included the option '-Y' to fix one bug when the ACS has NIS and DHCP configured. - The sshd was changed. The default file with the authorized keys is ~/.ssh/authorized_keys and the parameter AuthorizedKeysFile is commented in the sshd_config file. If the sshd_config file was not changed just replace it with the file sshd_config.save. Otherwise the user should merge these files. Upgrading from 2.1.5 Actions ============================ - The file /etc/TIMEZONE was changed. If there is one saved in flash it must be replaced/merged with /etc/TIMEZONE.save - The sshd program was upgraded to version 3.7.1p2 and it needs a new configuration file. If the file /etc/ssh/sshd_config was not changed just replace it with the file /etc/ssh/sshd_config.save. Otherwise the user should merge these files. - The file /etc/rc.sysinit was changed.If there is one saved in flash it must be replaced/merged with /etc/rc.sysinit.save. - The file /etc/group was changed. It was included the group "pam" and "pmusers".If the file was not changed just replace it with the file /etc/group.save. Otherwise the user need to do the following commands : #addgroup pam #addgroup pmusers #chgrp pmusers /bin/pm Upgrading from 2.1.4 Actions ============================ - The file /etc/rc.sysinit was changed. It was removed the activation of inetd. If there is one saved in flash it must be replaced/merged with /etc/rc.sysinit.save. - The file /etc/inittab was changed. The activation of the services snmpd, sshd, ntpclient, pmd, cy_buffering, and syslog-ng were removed. Their activation are done by the shell script daemon.sh. If there is one saved in flash it must be replaced/merged with /etc/inittab.save. - The file ntpclient.sh was removed. The ntpclient now is started by the shell script "daemon.sh", if it's enabled in the file /etc/ntpclient.conf - The file /etc/ntpclient.conf was changed. If there is one saved in flash it must be replaced/merged with /etc/ntpclient.save - The file /bin/build_DB_ramdisk was changed. If there is one saved in flash it must be replaced/merged with /bin/build_DB_ramdisk.save - The f_kernel and f_alerts in /etc/syslog-ng/syslog-ng.conf were changed. Please verify the change in /etc/syslog-ng/syslog-ng.save file. Upgrading from 2.1.2 Actions ============================ - The file /etc/inetd.conf was changed. If there is one saved in flash it must be replaced/merged with /etc/inetd.conf.save. - The shell script /etc/rc.sysinit was changed. If there is one saved in flash it must be merged with /etc/rc.sysinit.save. - The script shell /etc/portslave/cb_script was changed, because the path of the command chat was changed from "/bin/chat" to "/usr/local/sbin/chat". If you use callback feature, you need to change the path of the command chat in the script shell /etc/portslave/cb_script and save the changed file. - The example about snmptrap in /etc/syslog-ng/syslog-ng.conf was changed. Please verify the change in /etc/syslog-ng/syslog-ng.save file. - /etc/portslave/pslave.conf has new parameters. Merge or copy /etc/portslave/pslave.save over /etc/portslave/pslave.conf. - /etc/nsswitch.conf and /etc/pam.conf has new services. If they were changed, you should merge these files. - The shell script /bin/handle_dhcp was changed. If there is one saved in flash it must be removed from flash. - The shell script /etc/network/dhcpcd_cmd was changed. If there is one saved in flash, it must be merged with /etc/network/dhcpcd_cmd.save. - The shell script /etc/network/st_routes was changed. The parameter "metric 3" was inserted in the route add of the default route. - The file /etc/pm.cyclades was changed to be compatible with the AlterPath-PM version 1.0.8. If an older version of the AlterPath-PM is used, the user should save the /etc/pm.cyclades from the 2.1.2 version before the upgrade: >echo /etc/pm.cyclades>>/etc/config_files >saveconf Upgrading from 2.1.1 Actions ============================ - The meaning of the parameter DTR_reset in pslave.conf file was changed. Please, read the documentation to set it to the proper value. - The sshd program needs a new configuration file to fix a problem with sftp. If the file /etc/ssh/sshd_config was not changed, just replace it with the file /etc/ssh/sshd_config.save. Otherwise the user should merge these files. - The telnet program was moved from /bin to /usr/bin. If you use the protocol telnet in PortSlave, you need to change the parameter conf.telnet. - The /etc/pcmcia/isdn.opts was changed. Copy /etc/pcmcia/isdn.opts.save over /etc/pcmcia/isdn.opts and re-apply your changes, if any. Run "saveconf". - The /etc/config_files contains a list of files that are saved to flash when you run "saveconf". If you had run "saveconf" with release 2.1.1, your /etc/config_files is loaded from the flash and you will not have the latest list. Please edit /etc/config_files, add the file listed below and run "saveconf": /etc/ppp/auth-up Upgrading from 2.1.0 Actions ============================ - The web user management has changed, and because of that, the file /etc/websum.conf has changed. In order to make the web server work, the user must do the following steps: From the prompt, type #cp /etc/websum.conf.save /etc/websum.conf #saveconf #reboot After the reboot, open a browser and point to the ACS IP address. Log in as root (password = tslinux). Go to the link Web User Management->Users, change the root password and create the users, classifying according to the privilege allowed to them (root, admin, monitor or user). Go to the link Web User Management->Load/Save Web Configuration and click the "Save Configuration" button. Go to the link Administration->Load/Save Configuration and click the "Save to Flash" button. - The syslog-ng.conf file (syslog-ng configuration) was changed. This configuration allows syslog-ng to receive syslog messages from the Kernel. The user must copy /etc/syslog-ng/syslog-ng.save over /etc/syslog-ng/syslog-ng.conf and make his own changes again, if any. - The /etc/wireless.opts was changed. Copy /etc/wireless.opts.save over /etc/wireless.opts and re-apply your changes, if any. Please also change the file permission of wireless.opts by executing "chmod 600 /etc/pcmcia/wireless.opts". Run "saveconf". - The /etc/config_files contains a list of files that are saved to flash when you run "saveconf". If you had run "saveconf" with release 2.1.0, your /etc/config_files is loaded from the flash and you will not have the latest list. Please edit /etc/config_files, add the files listed below and run "saveconf": /etc/pcmcia/isdn.opts /etc/mgetty/login.config /etc/ppp/auth-up /etc/ppp/chap-secrets /etc/ppp/pap-secrets /etc/ppp/ioptions /etc/ppp/options