New TurnKey LXC version (15.1)

Changes:

  • Enhancements
    • now compatible with confconsole (still requires upcoming confconsole update to be complete)
    • updated documentation
      [ John Carver aka Dude4Linux ]
  • Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance.

Links

New TurnKey LXC version (15.0)

Changes:

  • Update lxc to newest debian/stretch (2.0.7)
  • Added several enhancements
    • configure containers to use apt-cacher-ng by default
    • make dns resolution more robust by not relying on upstream dhcp
    • apply sysvinit updates only for legacy v14.x apps
    • revised iptables rules for better security
    • version resolver downloads latest version by default Stefan Davis
    • cleans unused packages from apt cache
    • purges config files from removed packages
    • removes ntp server config; containers get time from host
    • adds system hardening for legacy appliances
    • indicate patching stunnel only when actually patching
    • keep legacy /etc/network/interfaces
    • add hostname to dhcp interfaces so dnsmasq works properly
    • make it easier to override system hardening
    • allow cli to override version_resolver
    • updated inithooks.conf examples and docs
    • removed support for squeeze (now obsolete)
  • Note: Please refer to turnkey-core's changelog for changes common to all appliances. Here we only describe changes specific to this appliance.

Links

New TurnKey LXC version (14.2)

Changes:

  • Updates for TurnKey GNU/Linux 14.2
    • latest upstream version of LXC
    • defaults to version 14.2 containers
    • always checks for new upstream versions and updates cache
    • download signature first and update only when it has changed
    • flag obsolete versions, 13.0 and 14.0, which have been removed from the TurnKey mirrors
    • issue local, unicast MAC addresses instead of global addresses
    • patch containers for stunnel timeout
  • Security
    • verify gpg signatures using sha512sum
    • handle old .sig and new .hash signatures

Links