[Wapt] [Announce] WAPT release 1.3.8

Denis Cardon dcardon at tranquil.it
Fri Nov 4 14:13:18 CET 2016 

============FRANÇAIS============

Bonjour à tous,

L'équipe de Tranquil IT Systems a le plaisir de vous proposer la release 
WAPT 1.3.8. C'est une version mineure qui intègre un grand nombre 
d'améliorations techniques, sécuritaires et ergonomiques à Wapt, ainsi 
que deux correctifs de sécurité (cf. changelog ci-dessous). Désormais 
les distributions Redhat7 et CentOS7 sont également supportées par Wapt, 
avec SELinux activé.

La procédure de mise à jour est décrite ici: 
https://dev.tranquil.it/scenari/guide_update/co/MAJ_infra_Wapt.html

Si vous avez des questions lors de la mise à jour, vous pouvez trouver 
de l'aide sur le forum https://forum.tranquil.it/ ou sur la mailing 
liste https://lists.tranquil.it/listinfo/wapt

Nous en profitons pour vous annoncer que Simon FONTENEAU du blog 
wapt.lesfourmisduweb.org a rejoint Tranquil IT Systems, notamment pour 
travailler sur WAPT et les prestations que nous pouvons vous proposer 
(formations, support, déploiement, etc.).

Cordialement,

L'équipe TIS

============ENGLISH============

Hello friends of WAPT

The Tranquil IT Systems team is pleased to announce WAPT 1.3.8. It is a 
minor update that includes several technical improvements is security 
and ergonomy, as well as 2 security fixes (see changelog below). Now, 
Wapt works with RedHat7 and CentOS7 with SELinux enabled.

Upgrade procedure can be found here (French only for the moment) 
https://dev.tranquil.it/scenari/guide_update/co/MAJ_infra_Wapt.html

If you have questions during upgrade, you are welcome to use the forum 
https://forum.tranquil.it/ or the mailing list 
https://lists.tranquil.it/listinfo/wapt. It is mostly French but English 
speaker are welcome too.

We take this opportunity to announce that Simon FONTENEAU from the 
wapt.lesfourmisduweb.org blog has joined the TIS team, to work on WAPT 
and the services the company can offer (training, support, deployment).

Cheers.

The Tranquil IT Systems team



=Changelog=


      Security :


  * [SECURITY] Fix inheritance of rights on wapt root folder for Windows
    10 during setup when installed in c:\wapt
      o On Windows 10, cacls.exe does not work and does not remove
        "Authenticated Users" from c:\wapt. cacls.exe has been replaced
        by icacls.exe.
  * On pre-wapt 1.3.7 systems, you can fix this by running the following
    command, or upgrade to wapt 1.3.8 (you may check
    http://dev.tranquil.it/wiki/WAPT_-_probl%C3%A8me_fr%C3%A9quent#Corriger_les_probl.C3.A8me_de_droits_sous_Windows_10)
    :
    icacls.exe  c:\wapt  /inheritance:r
    This can be achieved with a GPO, or a wapt package
  * Note : in next versions of Wapt, the default install path of wapt
    will be changed from root folder c:\wapt to a more standard c:\
    Program FIles\wapt.
  * By default, waptsetup.exe / waptsetup-tis.exe don't distribute
    certificates to avoid to deploy directly packages from Tranquil IT
    Systems. waptagent.exe by default distributes the certificates that
    are installed on the mangement desktop creating the waptagent.


      Core changes

  *   The database structure has changed between 1.3.8 and 1.3.8.2 to
    includes additional attributes from packages : signer,
    signer_fingerprint, locale, and maturity. Signer and
    signer_fingerprint are populated when signing the package to
    identify the origin.
    This means local wapt database is upgraded when first starting wapt
    1.3.8.2 and this is not backward compatible.
  * Installers have a limited set of options, the most common use of
    Wapt is priviledged.
  * [ADD] 3 new parameters for the waptexit policy behaviour :
    'hiberboot_enabled','max_gpo_script_wait','pre_shutdown_timeout'
    recommended settings for waptexit / shutdown policy
                 #       hiberboot_enabled = 0
                 #       max_gpo_script_wait = 180
                 #       pre_shutdown_timeout = 180
    These parameters are not set by default and should be added to
    wapt-get.inin [global] section if needed
  * [UPD] Use user's waptconsole.ini configuration file instead of
    wapt-get.ini for the commands targeted to package development
    ('sources','make-template',
    'make-host-template','make-group-template','build-package','sign-package','build-upload','duplicate','edit','edit-host','upload-package','update-packages'.
    This avoids the need to write these parameters in wapt-get.ini on
    the development workstation. These parameters are not shared across
    multiple users on same machine. One use case is to allow multiple
    profiles (key, upload location) depending on the maturity of package
    (development, test, production...)


      Setuphelpers


  * [ADD] helper functions dir_is_empty, file_is_locked,
    service_restart  and WindowsVersions class
  * [UPD] Added referer and user_agent in "wget" and "wgets"
  * [UPD] run function : define stdin as PIPE to avoid lockup process
    waiting for input or error like unable to duplicate handle when
    using for example powershell
  * [UPD] Version class : try to compare version using at least
    Version.members_count
  * [FIX] encoding fixes for registry functions, fix encoding for
    registry_setstring key name
  * [FIX] install_exe_if_needed : don't check uninstall_key or
    min_version if not provided
  * [FIX] install_exe_if_needed and install_msi_if_needed version check
    if --force
  * [UPD] Check version and uninstall key after install with
    install_msi_if_needed and install_exe_if_needed
  * [UPD] inventory includes informations from WMI.Win32_OperatingSystem
  * [ADD] get_disk_free_space helper function
  * [UPD] check free disk space when downloading with wget. check http
    status before.
  * [UPD] Version class : Version('7')<Version('7.1') should return True


      wapt-get


  * [ADD] 2 commands to get server SSL certificate and activate the
    certificate checking when using https with waptserver
  * {FIX] get_sources to allow svn checkout of a new ppackage project
  * [FIX] wapt-get register problems with some BIOS with bitmaps
  * [UPD] Check uninstall key after package install if uninstallkey is
    provided
  * [FIX] added compatibility OS in manifest file for wapt-get and
    waptconsole version windows
  * [FIX] erroneous error messages for wapt-get session-setup console
  * [UPD] add "pattern" parameter to all_files function
  * [FIX] Install Date incorrectly registered by
    setuphelpers.register_uninstall
  * [ADD] user_local_appdata function
  * [ADD] add the signer CN and signer_fingerprint to control file when
    building package
  * [ADD]add control attributes min_wapt_version to trigger an exception
    if Package requires a minimum level of libraries. The version is
    checked againts setuphelpers.py 's __version__ attribute.
  * [ADD] authorized_certificates attribute is sent to wapt server. It
    contains the list of host's signer certificates distributed on the host
  * [FIX] When signing, check if wapt zip file has already a signature
    file. (python zipfile can not replace the file inline)
  *


      waptservice


  * {ADD] Show all versions checkbox in Available packages page
  * [UPD] Skin updated
  * {ADD] filter searchbox for avalable packages


      waptconsole


  * [ADD]Add NOT checkbox for keywords search in waptconsole to search
    for hosts NOT having a specific package or software...
  * [FIX] fix integer limit for grid display of package size, use int64
    for size of packages in waptconsole.
  * [UPD] don't list packages of section "restricted" in local
    webservice available packages list
  * [UPD] CommonName attribute should be populated now, so that signer
    identity is not None in package control file.
  * [ADD] signer's identity column in packages grid
  * [FIX] escape quotes in package's description
  * [ADD] Check waptagent.exe version against waptsetup-tis version at
    waptconsole startup.
  * [UPD] try to display a progress dialog at waptconsole startup
  * [FIX] company not set when building customized waptagent.exe
  * [ADD] initialize organization in waptagent.exe build with CN from
    certificate.


      waptexit


  * [UPD] some text introduction changes


      waptray :


  * [NEW] Limit trayicon balloon popup when Windows version is above
    Windows 7  or if notify_user=0 in wapt-get.ini


      waptserver


  * [UPD] Use broadcast address on interface for wakeonlan call
  * [FIX] remove the check of wapt server password which prevent the
    proper registration of waptserver on Windows.
  * [UPD] when upgrading, reuse existing waptserver ini file if already
    exists, don't overwrite server_uuid and ask for password reset if it
    already exists


      waptdeploy/waptupgrade


  * [FIX] waptdeploy not working on WinXP removed
    DisableWow64FileSystemRedir on runtask.
  * [FIX] waptupgrade : Missing quotes for system account on Windows XP


      Libraries


  * [ADD] BeautifulSoup for wapt packages auto updates tasks
  * [UPD] winsys library update to '1.0b1'




-- 
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tranquil.it/pipermail/wapt/attachments/20161104/c3160c4d/attachment.html>

More information about the WAPT mailing list