BlueOnyx 5209R BETA released

Posted by: mstauber Category: General

BlueOnyx 5209R on CentOS 7 has been released today as BETA version.

Several months of development have wrapped up today with the BETA relase of BlueOnyx 5209R on CentOS 7.

An ISO image and an Aventurin{e}/OpenVZ OS template are available at the usual download locations. A how-to for a manual install of BlueOnyx 5209R is also available.

The BlueOnyx Live Demo has also been updated to BlueOnyx 5209R.

BlueOnyx 5209R is only available as a 64-bit version, as CentOS 7 also is only available for 64-bit.

The OS contains the main daemons and services in the following versions:

  • Apache 2.4.6
  • PHP-5.4.16
  • MariaDB 5.5.40 (instead of MySQL)
  • Sendmail 8.14.7
  • Dovecot 2.2.10
  • Mailman 2.1.15
  • ProFTPd 1.3.5
  • OpenSSH 6.4p1
  • OpenSSL 1.0.1e
  • Bind 9.9.4

BlueOnyx 5209R uses the same (new) Chorizo GUI that was introduced with BlueOnyx 5207R and 5208R. However, the GUI has been extended with several new features and detail enhancements. Some of them will eventually flow back into 5207R and 5208R.

New PHP implementations:

In the past BlueOnyx supported two methods of how PHP could be activate for virtual sites:

  1. PHP (DSO - via the Apache 2 handler)
  2. suPHP

This has been extended to the following options:

  1. PHP (DSO)

    This option provides PHP through libphp5.so, which is also known as mod_php. This option is usually the fastest way to execute PHP requests. However, this option uses the apache system user to serve all PHP requests. This can create problems when PHP scripts create files and folders, as they will then be owned by apache, too.
     
  2. suPHP

    This option provides PHP through mod_suphp. It is a very flexible and secure way to serve PHP requests. If you select suPHP, then the PHP scripts will run with the UID and GID of the owner of the virtual site.

     
  3. PHP (DSO) + mod_ruid2

    This option provides PHP through libphp5.so and the Apache module mod_ruid2.so. This option is usually the fastest way to execute PHP requests in a secure fashion. The extra module mod_ruid2 will run the PHP scripts with the UID and GID of the owner of the virtual site.
     
  4. FPM/FastCGI

    This option provides PHP through PHP-FPM and mod_fcgid. This is a fast and secure way to serve PHP requests. The PHP scripts can be executed with the UID and GID of the owner of the virtual site. PHP-FPM runs as a daemon with separate pool files for each virtual site that has FPM/FastCGI active. There is also a new Active Monitor component that monitors the PHP-FPM daemon and restarts it if needed.

These modification also extend to the "Server Administrator" menu. If you create "reseller" accounts (by granting the capability "Virtual Site Management"), then you can choose which PHP implementation (if any) this reseller might use. You can grant all of them, just the secure ones or none. That is up to you.

Other than that BlueOnyx 5209R contains a lot of smaller and larger modifications and fixes which (at the end of the BETA-test) will eventually be backported to BlueOnyx 5207R/5208R as well.

The newer Apache and the newer OpenSSL implementation also allow to use slightly more secure crypto ciphers in BlueOnyx 5209R and it has already been configured to use them if connecting clients support them. Other than that BlueOnyx 5209R contains the same crypto related fixes as the older BlueOnyx versions do. Which includes the disabling of weak crypto ciphers and protocols.

Is BlueOnyx 5209R ready for production?

Short answer: Probably not yet.

It sure needs more testing. And we encourage you to help out with the testing if you can. Please report any bugs you find. Either via the built in Bugreport feature in the GUI, or by posting your findings to the BlueOnyx mailing list.

As is you can already cmuImport virtual sites and users from older BlueOnyx servers to BlueOnyx 5209R (and back).

At this time there are also not yet any commercial packages available for BlueOnyx 5209R. We are currently working on porting the packages over to BlueOnyx 5209R and they will become available by NewLinQ within the next couple of weeks.

The packages with the highest priority at this time are:

  • NewLinQ (needed for PKG installs)
  • WebApp installer
  • AV-SPAM
  • Automated Backup
  • Security Package

The WebApps are already compatible and should be available on NewLinQ once the first two items on the above list are released.

I'd like to thank all supporters and users of BlueOnyx who helped to make this happen. Enjoy the new BlueOnyx 5209R!


Return
General
Feb 4, 2015 Category: General Posted by: mstauber
Previous page: News Next page: Version info