The modules that composed KUSANAGI had been updated. The new versions are as follows.

Use the following command to update modules.

# yum update

In this time update ,/etc/httpd/conf.d/http.conf and ssl.conf including mod_ssl package in Apache2 will rename be _http.conf and _ssl.conf
This ensures that the settings described in this file will be set as default.

There is not have any problem with excluding yum update but when install kusanagi-httpd with yum install,
depends to mod_ssl package installation, ssl.conf may automatically generated

In this case, use the following command to manually rename the file name.

# mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/_ssl.conf

KUSANAGI version upgrade details 8.0.2-2

The bug fix of KUSANAGI 8.0.2-1 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.2-2

# yum update

KUSANAGI 8.0.2-2 bug fixes

1. Failure to register SSL certificate in CT log server
2. Failure in DB registration or deletion

1. Failure to register SSL certificate in CT log server

We found out registration failed due to the service log server which provided by Google have been stopped even since KUSANAGI-8.0.1-1 have correspondence of transparency of SSL certificate.
In this case, some browsers such as Safari was function abnormally with using Let’s Encrypt SSL certificate.

KUSANGI-8.0.2-2

1. Modification in CT log server
   The registration will modify to ct.googleapis.com/pilot、icarus、rocketeer、skydiver when ct.googleapis.com/aviator log service stopped
2. Failure in processing registration into CT log server
   Error messages will show up to login to next log server when failed to register into CT log server. Empty SCT file will be delete after failed to register CT log server again.
3. Make CT do not turn on when acquiring Let’s Encrypt SSL certificate
   Make CT do not turn on when acquiring Let’s Encrypt SSL certificate with kusanagi provision/ssl
4. New option to prevent registration to log server when CT enabled

   Automatically registered the SSL certificate in the CT log server with kusanagi ssl --ct on, even commercial SSL certificate already registered in CT. Therefore, when specified with --noregister either --noregister option will stop the registration to log server
   Example)

   kusanagi ssl --ct on --no-register profile name

2.Failure in DB registration or deletion

There was a issue in DB deletion has been failed with kusanagi remove that DB which obtained a symbol included DB name.
This bug has been fixed in this time update.

The modules that composed KUSANAGI had been updated. The new versions are as follows.

Use the following command to update modules.

# yum update

KUSANAGI version upgrade details 8.0.2-1

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.

# yum update

KUSANAGI 8.0.2-1 Bug Fixes

1. Error detection in rootkit check tool

1. Error detection in rootkit check tool

Detected some issues with using chkrootkit,rkhunter tools,
RH-Sharpe’s Rootkit which located in /usr/bin/wp including kusanagi-wp-cli have been detected
As a result, it’s determine as error detection from the following.

1. chkrootkitandrkhunter
   「RH-Sharpe’s Rootkit」will check only whether the designated file exists, but does not check the contents.
2. The RPM which created by us is same as checksum which placed in /usr/bin/wp
3. Virus is not detected when checking /usr/bin/wp included kusanagi wp-cli with Virus Check tool

This erroneous detection will occur in the future if we continue with using “RH – Sharpe’s Rootkit” old rootkit, it’s difficult to notify multiple rootkit detection tool developers , as solution we changed the path to /usr/local/bin/wp.
After this update , it’s confirmed that rootkit is not detected withchkrootkiteitherrkhunter.

Please notice the following after update done

1. When using the wp command as the root user, change alias of the wp command which set with .bashrc and use /usr/local/bin/wp.
   After executing yum update, please login again to make sure the alias of the new wp command is valid.
2. Make sure to include /usr/local/bin when using wp commands as kusanagi user.

The modules that composed KUSANAGI had been updated. The new versions are as follows.

Use the following command to update modules.

# yum update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

Use the following command to update modules.

# yum update

KUSANAGI version upgrade details 8.0.1-2

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.

# yum update

KUSANAGI 8.0.1-1 Bug Fixes

1. Apache configuration when kusanagi provision/setting specifies FQDN with www
2. Kusanagi Package update issue

1. Apache configuration when kusanagi provision/setting specifies FQDN with www

If specifies www.example.com either example.com as FQDN with kusanagi provision/setting both will be set as VirtualHost, but we defined the second FQDN is not set as ServerAlias instead ServerName in Apache configuration.
In this patch, correctly set the second FQDN as ServerAlias ​​issue has been solved in this case.

2. Kusanagi Package update issue

There was a issue that yum update freezes when updating kusanagi package. In this patch , this issue has been solved.

KUSANAGI version upgrade details 8.0.1-1

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-1

# yum update

New features in KUSANAGI 8.0.1-1

1. SSL Certificate Transparency is available(Only For NGINX)
2. New feature for DH settings on SSL settings in Apache2
3. Certbot-auto renew is available

1. SSL Certificate Transparency is available(Only For NGINX)

Certificate Transparency is a new technology to enhance the reliability of SSL / TLS proposed by Google.
Now RFC6962 is attracting attention as a new technology to prevent erroneous issuance of certificates.
Kusanagi-nginx previously supported CT, but you can enable / disable it with the option of kusanagi ssl command
kusanagi ssl --ct [on|off]

Creates a Signed Certificate Timestamp (SCT) from the SSL certificate on the configuration file, registers it on the Google site with the certificate, and enables CT with NGINX settings after run kusanagi ssl --ct on
Also, when acquiring SSL certificate of Let’s Encrypt with kusanagi provision / ssl --email, CT will be automatically on.

2. New features DH settings for Apache2 SSL settings

The DH (Diffie-Hellman) key exchange setting was set up previously in NGINX and now it’s also available to setup in Apache 2.
This setup will allow you to exchange encryption keys more securely.

3. Certbot-auto renew is available

Updates of SSL certificates acquired with Let’s Encrypt are registered in crontab for each profile and executed once every two months.
Therefore, there was a issue that the SSL certificate expires when updating the SSL certificate fails.
You can automatically update certificates those expire for SSL certificates obtained from Let’s Encrypt with certbot-auto renew option.

KUSANAGI 8.0.1-1 Bug Fixes

1. Description error in Apache configuration file when setting ssl
2. Active hsts will cause http response tab malfunction(Only For NGINX)
3. Drupal8 error detect
4. Failure in autorenewal with kusanagi provision/ssl --email
5. Compete KUSANAGI Plugin between WP Site Manager
6. Specified php7 have been ignored during the process kusanagi init
7. Japanese Messages Errors

1. Description error in Apache configuration file when setting ssl

There was a problem with appending to Apache 2 configuration file when kusanagi provision/ssl --email option was specified

2. Active hsts will cause http response tab malfunction(Only For NGINX)

http response header will disappear while kusanagi ssl --hsts is active

3. Drupal8 error detect

Develop version either beta version will install while process of Drupal8 deploy with kusanagi provision --drupal8 command.

4. Failure in autorenewal with kusanagi provision/ssl --email

Autorenewal Let’s Encrypt SSL certificate cron settings was failed to auto renew when used kusanagi provision/ssl --email to get SSL certication.

5. Compete KUSANAGI Plugin between WP Site Manager

Installed WP Site Manager Plugin at same time will be influence by WP Site Manager (default installed by standard KUSANAGI installation).
However, bcache will malfunction by WP Site Manager Plugin installed.
The issues will be solve by this time KUSANAGI Plugin update with using the following command:

# kusanagi target profile
 # kusanagi update plugin

6. Specified php7 have been ignored during the process kusanagi init

php-fpm service won’t have any effective even chose php5 as option while kusanagi init running interactively.
This error won’t happen when --php5 option is choose during kusanagi init.

7. Japanese messages error

Fixed the kusanagi commands messages errors while kusanagi OS language setup in japansese.

The modules that composed KUSANAGI had been updated. The new versions are as follows.

Use the following command to update modules.

# yum update

The modules that compose KUSANAGI have been updated. The new versions are as follows:

Use the following command to update modules:
# yum update