BaruwaOS 6.7 released

September 10, 2015 at 01:00 PM | categories: Baruwa, Releases, 2.0.9, Baruwa Enterprise, BaruwaOS, BaruwaOS 6.7, Baruwa 2.0

Today we are issuing update -- BaruwaOS 6.7, this update tracks the upstream OS release 6.7. Packages updated in the upstream have been rolled into BaruwaOS 6.7. The release also includes Baruwa package release 2.0.9.

Features Roundup

The notable changes in this release are as follows.

Baruwa 2.0.9

This is an Enhancement and Bugfix release and contains the following changes:

  • Implemented local scanner settings cache to allow the scanner to continue scanning mail while the backend or database server is not available
  • Added dynamically generated trusted_networks spamassassin configuration built from the relays added under organizations. This will ensure relayed messages are not checked on DNSBL's. Improving outbound functionality.
  • Made improvements to yum plugin to run only when managed packages are changed
  • Implemented filesystem based data loss prevention which could happen when SQLite database is locked for writing
  • Spec and module updated to ensure proper permissions on restoredb directory
  • Added functionality to prevent duplicates being restored from backup db
  • Implemented user friendly error logging for perl modules
  • Added timeout lock release function
  • Use timeout locks release instead of sleep
  • Modified run as root user
  • Made local settings updates cluster aware
  • Improved default policy extraction
  • Added the version and copyright to templates
  • Improved authentication backend roburstness
  • Disabled the ability for domain admins to add lists to all
  • FIX: Quarantine reports not sent on clustered setup due to missing logo
  • FIX: Syntax error in quarantine reports cmd
  • FIX: Catch indexerror exception in bulk operations
  • FIX: Regression in the lists module display
  • FIX: Authentication settings typos
  • FIX: Rendering of release page without javascript
  • FIX: Regression causing message processing to fail
  • FIX: Removed duplication of preferences in sa-lint
  • FIX: SQLalchemny non unicode param warning
  • FIX: Only send one block notification on blocking an abusive client
  • FIX: Error generated when delta index is run prior to full indexing.
  • FIX: paster prune-database was not honouring config options
  • FIX: Typo in upgrade documentation

Baruwa-Setup 0.0.3

This is an Enhancement and Bugfix release and contains the following changes:

  • Ensure mail queue hostnames updated in the database when hostname is changed
  • Implemented the timezone module which allows user to change timezone
  • Implemented the yum module which sends notifications about available updates
  • Improved the validation of user inputs
  • Improved the password change process
  • Added support for seamless renaming of the hosts
  • Added checks to ensure users cannot provide an IP address as the system hostname
  • FIX: Some valid email and usernames were rejected
  • FIX: Mail TLS certs not set in some edge cases
  • FIX: Keyerror exception with generic timezones
  • FIX: Catch ValueError in run_cmd
  • FIX: Don't overwrite TLS settings when importing from a manifest file if the manifest has custom TLS certificates and keys configured
  • FIX: Handle exception generated when IP address in the manifest file is not allocated to the host on which the manifest is being imported
  • FIX: Prevent exception when importing manifest where time is not set as double figures by generating the correct format during export
  • FIX: Validate DB usernames
  • FIX: Mailq NRPE plugin was not setup for standalone profiles

Baruwa-Puppet 2.0.9

This is an Enhancement and Bugfix release and contains the following changes:

  • Added support for trusted_networks
  • Improved the MTA lookup files generation
  • Removed the file-wrapper
  • Enabled SMTP TLSv1.2
  • Implemented scanner local settings
  • Optimized Augeas configuration updates.
  • Implemented timezone management module.
  • Added a cronjob to sync time daily
  • Improved the MTA banner to pass checks by websites such as mxtool
  • Ensured Bind empty-zones-enable is enabled
  • Implemented the yum module to send updates notifications
  • Updated profile file to include PG env variables
  • Improved scanner configuration
  • Improved sphinx configuration
  • Set stricter permissions on backup db
  • Made improvements to rabbitmq configuration to support changing hostnames
  • Improved Message Sniffer configuration and setup
  • Cleaned up whitespaces in configuration templates
  • FIX: Made baruwa user creation check more accurate
  • FIX: Removed log lines duplication when log to syslog is configured for MTA
  • FIX: Dependency issue on backend servers
  • FIX: Ensure that initial index is created.
  • FIX: Improved the CDB files existance tests.
  • FIX: Ensure non standard DB port settings work
  • FIX: Ensure non standard DB name settings work
  • FIX: RabbitMQ dependency issue
  • FIX: Made initial indexing error non fatal
  • FIX: Use CDB for TLS exempted hosts
  • FIX: Ensure TXrep clean up works in clustered setups as well
  • FIX: Include all the directories under /etc/puppet/modules/
  • FIX: rpm package directory ownership

MailScanner 4.85.5-9

This is an Enhancement and Bugfix release and contains the following changes:

  • Removed /etc/mail/spamassassin/ as it is a duplicate of /etc/mail/spamassassin/
  • Include and use the Baruwa Dynamically generated trusted_networks config
  • Set internal_networks to !0/0
  • Removed the file wrapper
  • Made cleanup script support non standard db user
  • Added database port setting to allow txrep cleanup script to work with a non standard port configuration
  • Added the restoredb directory
  • Use local SQLite cache database for SQL settings which enables scanning to continue even when the database server is not available
  • Added new Local DB DSN settings
  • FIX: Updated SA post rules path for Spamassassin 3.4.1
  • FIX: Txrep cleanup not working on clustered setups

Exim 4.84.12

This is an Enhancement and Bugfix release and contains the following changes:

  • Cleaned up unused patches
  • Removed unused configuration files
  • Make proxy protocol errors temp errors
  • Built with gnutls 3.3.15
  • Backport various patches from upstream

Spamassassin 3.4.1-3

This is an Enhancement and Bugfix release and contains the following changes:

  • Removed spamd as well as spamassassin service as they are not used on BaruwaOS

GnuTLS 3.3.16-1

This is an Enhancement release which tracks the current stable upstream releases and was added to provide the latest TLS protocols such as TLSv1.2 for the MTA.

Compat-GnuTLS 2.8.5-1

This is an Enhancement release and was added to allow applications linked to the older GNUTLS_2_10, GNUTLS_2_8, GNUTLS_1_6, GNUTLS_1_4 API to continue functioning.

Uwsgi 1.4.10

This is an Enhancement release which tracks the upstream LTS releases.

Packages updated

The full list of packages updated in this release is as follows.

Upstream changelogs

The change logs for the upstream packages can be found in the upstream's release notes.


The new ISO images are available to download at


Baruwa Enterprise Edition > 2.0.7 users can update using the baruwa-setup command, please read the changelog as well as the updating sections of the documentation prior to updating.

Users Baruwa Enterprise Edition versions < 2.0.7 should first convert to BaruwaOS, the process will upgrade them to the latest version as well. Please refer to the 2.0.7 section of the upgrade documentation for the process to follow to convert to BaruwaOS.