[BlueOnyx:01414] Re: ?Email Alias issues (Michael Stauber)
Steve Davis
steve at zio.com
Tue Jun 16 11:18:42 -05 2009
Am I correct to surmise that the BO scripts also execute the makemap function. I notice after modifying an account in the BO interface the virtusertable.db and alias.db are updated.
No alias email is delivered, most of the time bounces. All userid email is delivered.
The virtusertable and alias files appear to have the correct format. Compiling them with hash and makemap produces no errors.
So i am coming to the conculsion that the CMU import has destroyed the sendmail process. If I cannot resolve this quickly, i may have to rebuild sendmail or the BO Server from scratch.
Unless some one has another more drastic suggestion.
----- Original Message -----
From: blueonyx-request at blueonyx.it [mailto:blueonyx-request at blueonyx.it]
To: blueonyx at blueonyx.it
Sent: Tue, 16 Jun 2009 11:04:15 -0400
Subject: [Spam?] Blueonyx Digest, Vol 6, Issue 15
Send Blueonyx mailing list submissions to
blueonyx at blueonyx.it
To subscribe or unsubscribe via the World Wide Web, visit
http://www.blueonyx.it/mailman/listinfo/blueonyx
or, via email, send a message with subject or body 'help' to
blueonyx-request at blueonyx.it
You can reach the person managing the list at
blueonyx-owner at blueonyx.it
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Blueonyx digest..."
Today's Topics:
1. [BlueOnyx:01407] YUM updates (CMU, blueonyx-yumconf,
base-apache) (Michael Stauber)
2. [BlueOnyx:01408] Re: ?Email Alias issues (Michael Stauber)
3. [BlueOnyx:01409] Re: YUM updates (CMU, blueonyx-yumconf,
base-apache) (Jeff Jones)
4. [BlueOnyx:01410] Re: YUM updates (CMU, blueonyx-yumconf,
base-apache) (Michael Stauber)
5. [BlueOnyx:01411] Re: FTP issues (Alan Kline)
6. [BlueOnyx:01412] Re: FTP issues (Steve Howes)
7. [BlueOnyx:01413] 2048 bit RSA key (Jason Humphrey)
----------------------------------------------------------------------
Message: 1
Date: Tue, 16 Jun 2009 07:24:15 +0200
From: Michael Stauber <mstauber at blueonyx.it>
Subject: [BlueOnyx:01407] YUM updates (CMU, blueonyx-yumconf,
base-apache)
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <200906160724.15658.mstauber at blueonyx.it>
Content-Type: text/plain; charset="utf-8"
Hi all,
Updates for BlueOnyx were released during the last few days and are now
available through YUM:
==========
Package
==========
Updating:
5106R-cmu
blueonyx-yumconf
base-apache-capstone
base-apache-glue
base-apache-locale-da_DK
base-apache-locale-de_DE
base-apache-locale-en
base-apache-locale-ja
base-apache-ui
Transaction Summary
============================
Install 0 Package(s)
Update 9 Package(s)
Remove 0 Package(s)
These package addresses the following issues:
5106R-CMU 2.81:
==============
This RPM installs CMU 2.81-0BX01 and should - finally - wrap up the issues
that we had with this RPM during the last two weeks.
The BlueQuartz PKG (it's really only needed on BlueQuartz - not BlueOnyx!) is
available here: http://www.blueonyx.it/index.php?page=migration-utility
Please note: Starting with version number 2.81 this PKG also installs an RPM
that ties your server into a special YUM repository for future CMU updates.
That YUM repository will only contain updated CMU versions for BlueQuartz and
nothing else.
blueonyx-yumconf:
===============
This RPM contains the BlueOnyx YUM repository config file. Starting with this
version number it also contains /etc/yum.repos.d/0_WARNING.txt, which includes
prominent warnings that discourage usage of third party YUM repositories such
as RPMforge.
base-apache:
===========
The GUI page for "Server Management" / "Network Services" / "Web" has been
updated with new features.
Screenshot available here:
http://www.blueonyx.it/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=34&cntnt01origid=59&cntnt01returnid=54
With those changes it is now possible to configure the Apache config file
/etc/httpd/conf.d/blueonyx.conf to furter define which Apache Options and
AllowOverride directives are valid for the directory /home/.sites.
Typically .htaccess files in /web directories are prohibited for security
reasons, as these can be used to re-define or override certain Apache
configurational settings. To allow .htaccess files in general one would use
the new GUI and would tick the box for "AllowOverride" / "All".
If you already modified your blueonyx.conf file by hand: Don't worry. Existing
modifications will be imported.
--
With best regards
Michael Stauber
------------------------------
Message: 2
Date: Tue, 16 Jun 2009 07:27:37 +0200
From: Michael Stauber <mstauber at blueonyx.it>
Subject: [BlueOnyx:01408] Re: ?Email Alias issues
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <200906160727.37158.mstauber at blueonyx.it>
Content-Type: text/plain; charset="utf-8"
Hi Steve,
> Now I believe the virtusertable is not the correct format and cannot be co
>mpiled correctly into virtusertable.db
>
> Any recommends on what the correct format of the virtusertable is and how t
>o compile it (Like newaliases for the alias database)
makemap hash /etc/mail/virtusertable.db < /etc/mail/virtusertable
If there are errors, it'll tell you so - and also which line they're in.
A sample entry looks like this:
alias at www.domain.com username
Please note: There are no spaces between the entries. They're separated with
one or more tabs instead.
--
With best regards
Michael Stauber
------------------------------
Message: 3
Date: Tue, 16 Jun 2009 09:43:26 +0100
From: Jeff Jones <jeffrhysjones at mac.com>
Subject: [BlueOnyx:01409] Re: YUM updates (CMU, blueonyx-yumconf,
base-apache)
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <20010AC2-7170-4008-A452-FA6B38204C7F at mac.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Great news about the .htaccess / allow override gui screen - this is
'number 2' on my wish list for BX. Fantastic work Michael!
Just the pesky permissions thing now - and after that - my life will
be complete!
(OK well perhaps not - but at least I won't get bombarded with
permission based issues from my CMS users!)
As so many people are wanting to use CMS these days - I think the
perms thing is really going to help BX take off...
Cheers again!
Jeff
On 16 Jun 2009, at 06:24, Michael Stauber wrote:
> Hi all,
>
> Updates for BlueOnyx were released during the last few days and are
> now
> available through YUM:
>
> ==========
> Package
> ==========
>
> Updating:
> 5106R-cmu
> blueonyx-yumconf
> base-apache-capstone
> base-apache-glue
> base-apache-locale-da_DK
> base-apache-locale-de_DE
> base-apache-locale-en
> base-apache-locale-ja
> base-apache-ui
>
> Transaction Summary
> ============================
> Install 0 Package(s)
> Update 9 Package(s)
> Remove 0 Package(s)
>
> These package addresses the following issues:
>
>
> 5106R-CMU 2.81:
> ==============
>
> This RPM installs CMU 2.81-0BX01 and should - finally - wrap up the
> issues
> that we had with this RPM during the last two weeks.
>
> The BlueQuartz PKG (it's really only needed on BlueQuartz - not
> BlueOnyx!) is
> available here: http://www.blueonyx.it/index.php?page=migration-
> utility
>
> Please note: Starting with version number 2.81 this PKG also
> installs an RPM
> that ties your server into a special YUM repository for future CMU
> updates.
> That YUM repository will only contain updated CMU versions for
> BlueQuartz and
> nothing else.
>
>
> blueonyx-yumconf:
> ===============
>
> This RPM contains the BlueOnyx YUM repository config file. Starting
> with this
> version number it also contains /etc/yum.repos.d/0_WARNING.txt,
> which includes
> prominent warnings that discourage usage of third party YUM
> repositories such
> as RPMforge.
>
>
> base-apache:
> ===========
>
> The GUI page for "Server Management" / "Network Services" / "Web"
> has been
> updated with new features.
>
> Screenshot available here:
>
> http://www.blueonyx.it/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=34&cntnt01origid=59&cntnt01returnid=54
>
> With those changes it is now possible to configure the Apache config
> file
> /etc/httpd/conf.d/blueonyx.conf to furter define which Apache
> Options and
> AllowOverride directives are valid for the directory /home/.sites.
>
> Typically .htaccess files in /web directories are prohibited for
> security
> reasons, as these can be used to re-define or override certain Apache
> configurational settings. To allow .htaccess files in general one
> would use
> the new GUI and would tick the box for "AllowOverride" / "All".
>
> If you already modified your blueonyx.conf file by hand: Don't
> worry. Existing
> modifications will be imported.
>
> --
> With best regards
>
> Michael Stauber
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at blueonyx.it
> http://www.blueonyx.it/mailman/listinfo/blueonyx
------------------------------
Message: 4
Date: Tue, 16 Jun 2009 10:50:19 +0200
From: Michael Stauber <mstauber at blueonyx.it>
Subject: [BlueOnyx:01410] Re: YUM updates (CMU, blueonyx-yumconf,
base-apache)
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <200906161050.19895.mstauber at blueonyx.it>
Content-Type: text/plain; charset="utf-8"
Hi Jeff,
> Just the pesky permissions thing now - and after that - my life will
> be complete!
Yeah, I had wished to have it done already and wanted to include it in this
times update of base-apache. But then CMU reared its ugly head again and kept
me busy all weekend. :o/
But it'll be comming "soon". :o)
--
With best regards
Michael Stauber
------------------------------
Message: 5
Date: Tue, 16 Jun 2009 09:36:18 -0500
From: Alan Kline <alan at snugglebunny.us>
Subject: [BlueOnyx:01411] Re: FTP issues
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <4A37ADE2.50100 at snugglebunny.us>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Thanks, Michael! The four "locale" packages were missing, as was the "ui"
package--which explains much! I reinstalled those, did the restarts that you
and Chris suggested, and FTP is now right with the world...
Where would I find a list of all of the packages that should be installed for
BX? Doing a "yum list installed" showed quite a few packages with "el5" at the
end, and I wonder how many of those should actually be "centos"...
Thanks again, Michael and Chris!
Alan
Michael Stauber wrote:
> Hi Alan,
>
>
>> Thanks, Chris...cleaned out rpmforge, and downgraded phpMyAdmin as you
>> suggested. All's well with phpMyAdmin now. But, I see that FTP is now
>> totally missing from the BX services list on both the Server Management and
>> Site Management screens. The FTP service is running, but I'm still unable
>> to connect from a remote client. SFTP is ok.
>>
>
> Yeah, like said before: RPMforge and BlueOnyx don't get along at all. It
> replaces too many RPMs that BlueOnyx depends on, which then will break things.
> Hard.
>
> If RPMforge also replaced your proftpd RPM *and* brought a different
> /etc/proftpd.conf aboard, then things may get even more tricky to repair. In
> that case check /etc/proftpd.conf and see if you find backup copies of your
> proftpd.conf. They may be named /etc/proftpd.conf.rpmsave or therelike. Make a
> copy of these before you do anything else.
>
> Then check with "rpm -qa|grep ftp|sort -u" to see what FTP related RPMs are
> present on your box.
>
> On a fully "yum updated" BlueOnyx you should see these RPM's:
>
> base-ftp-am-1.0.2-3BQ8.centos5
> base-ftp-capstone-1.2.0-77BQ22.centos5
> base-ftp-glue-1.2.0-77BQ22.centos5
> base-ftp-locale-da_DK-1.2.0-77BQ22.centos5
> base-ftp-locale-de_DE-1.2.0-77BQ22.centos5
> base-ftp-locale-en-1.2.0-77BQ22.centos5
> base-ftp-locale-ja-1.2.0-77BQ22.centos5
> base-ftp-ui-1.2.0-77BQ22.centos5
> ftp-0.17-35.el5
> proftpd-1.3.1-1BQ1
>
> If you see anything else, delete those RPM's with "rpm -e <RPM-NAME>" and then
> "yum install" the versions listed above.
>
> Once you've done that, you may have to manually restart a few services to get
> things working again:
>
> /etc/init.d/xinetd restart
> /etc/init.d/cced.init restart
> /etc/init.d/admserv restart
>
> A "good" copy of the stock BlueOnyx /etc/proftpd.conf ought to look like this:
>
> ------------------------------------------------------------------------------------------------------
> # This is the ProFTPD configuration file
> # $Id: proftpd.conf,v 1.1 2004/02/26 17:54:30 thias Exp $
>
> ServerName "ProFTPD server"
> ServerIdent on "FTP Server ready."
> ServerAdmin root at localhost
> #ServerType standalone
> ServerType inetd
> DefaultServer on
> AccessGrantMsg "User %u logged in."
> #DisplayConnect /etc/ftpissue
> #DisplayLogin /etc/ftpmotd
> #DisplayGoAway /etc/ftpgoaway
> DeferWelcome off
> RequireValidShell off
>
> # Use this to excude users from the chroot
> DefaultRoot / wheel
> DefaultRoot / admin-users
> DefaultRoot ~/../../.. site-adm
> DefaultRoot ~ !site-adm
>
> # Use pam to authenticate (default) and be authoritative
> AuthPAMConfig proftpd
> AuthOrder mod_auth_pam.c* mod_auth_unix.c
>
> # Do not perform ident nor DNS lookups (hangs when the port is filtered)
> TimesGMT off
> IdentLookups off
>
> # begin global -- do not delete
> MaxClients 100000
> IdentLookups off
> UseReverseDNS off
> # end global -- do not delete
>
> # Port 21 is the standard FTP port.
> Port 21
>
> # Umask 022 is a good standard umask to prevent new dirs and files
> # from being group and world writable.
> Umask 022
>
> # Default to show dot files in directory listings
> ListOptions "-a"
>
> # See Configuration.html for these (here are the default values)
> #MultilineRFC2228 off
> #RootLogin off
> LoginPasswordPrompt on
> MaxLoginAttempts 3
> #MaxClientsPerHost none
> #AllowForeignAddress off # For FXP
>
> # Allow to resume not only the downloads but the uploads too
> AllowRetrieveRestart on
> AllowStoreRestart on
>
> # To prevent DoS attacks, set the maximum number of child processes
> # to 30. If you need to allow more than 30 concurrent connections
> # at once, simply increase this value. Note that this ONLY works
> # in standalone mode, in inetd mode you should use an inetd server
> # that allows you to limit maximum number of processes per service
> # (such as xinetd)
> MaxInstances 20
>
> # Set the user and group that the server normally runs at.
> User nobody
> Group nobody
>
> # Disable sendfile by default since it breaks displaying the download speeds
> in
> # ftptop and ftpwho
> UseSendfile no
>
> # This is where we want to put the pid file
> ScoreboardFile /var/run/proftpd.score
>
> # Normally, we want users to do a few things.
> <Global>
> AllowOverwrite yes
> <Limit ALL SITE_CHMOD>
> AllowAll
> </Limit>
> </Global>
>
> # Define the log formats
> LogFormat default "%h %l %u %t \"%r\" %s %b"
> LogFormat auth "%v [%P] %h %t \"%r\" %s"
>
> # TLS
> <IfModule mod_tls.c>
> TLSEngine on
> TLSLog /var/log/proftpd/tls.log
> TLSRequired off
> TLSRSACertificateFile /etc/pki/dovecot/certs/dovecot.pem
> TLSRSACertificateKeyFile /etc/pki/dovecot/private/dovecot.pem
> TLSVerifyClient off
> TLSOptions NoCertRequest
> TLSRenegotiate required off
> </IfModule>
>
> # Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
> #TLSEngine on
> #TLSRequired on
> #TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem
> #TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem
> #TLSCipherSuite ALL:!ADH:!DES
> #TLSOptions NoCertRequest
> #TLSVerifyClient off
> #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300
> #TLSLog /var/log/proftpd/tls.log
>
> # SQL authentication Dynamic Shared Object (DSO) loading
> # See README.DSO and howto/DSO.html for more details.
> #<IfModule mod_dso.c>
> # LoadModule mod_sql.c
> # LoadModule mod_sql_mysql.c
> # LoadModule mod_sql_postgres.c
> #</IfModule>
>
> # A basic anonymous configuration, with an upload directory.
> #<Anonymous ~ftp>
> # User ftp
> # Group ftp
> # AccessGrantMsg "Anonymous login ok, restrictions apply."
> #
> # # We want clients to be able to login with "anonymous" as well as "ftp"
> # UserAlias anonymous ftp
> #
> # # Limit the maximum number of anonymous logins
> # MaxClients 10 "Sorry, max %m users -- try again later"
> #
> # # Put the user into /pub right after login
> # #DefaultChdir /pub
> #
> # # We want 'welcome.msg' displayed at login, '.message' displayed in
> # # each newly chdired directory and tell users to read README* files.
> # DisplayLogin /welcome.msg
> # DisplayFirstChdir .message
> # DisplayReadme README*
> #
> # # Some more cosmetic and not vital stuff
> # DirFakeUser on ftp
> # DirFakeGroup on ftp
> #
> # # Limit WRITE everywhere in the anonymous chroot
> # <Limit WRITE SITE_CHMOD>
> # DenyAll
> # </Limit>
> #
> # # An upload directory that allows storing files but not retrieving
> # # or creating directories.
> # <Directory uploads/*>
> # AllowOverwrite no
> # <Limit READ>
> # DenyAll
> # </Limit>
> #
> # <Limit STOR>
> # AllowAll
> # </Limit>
> # </Directory>
> #
> # # Don't write anonymous accesses to the system wtmp file (good idea!)
> # WtmpLog off
> #
> # # Logging for the anonymous transfers
> # ExtendedLog /var/log/proftpd/access.log WRITE,READ default
> # ExtendedLog /var/log/proftpd/auth.log AUTH auth
> #
> #</Anonymous>
>
> <VirtualHost 192.168.10.128>
> DefaultRoot / wheel
> DefaultRoot / admin-users
> DefaultRoot ~/../../.. site-adm
> DefaultRoot ~ !site-adm
> AllowOverwrite on
> DefaultChdir /web
> DisplayLogin .ftphelp
> </VirtualHost>
> ------------------------------------------------------------------------------------------------------
>
> Of course your <VirtualHost></VirtualHost> section may look different
> depending on your IP(s). Typically you have one VirtualHost container per IP.
>
>
------------------------------
Message: 6
Date: Tue, 16 Jun 2009 15:54:54 +0100
From: Steve Howes <steve at geekinter.net>
Subject: [BlueOnyx:01412] Re: FTP issues
To: BlueOnyx General Mailing List <blueonyx at blueonyx.it>
Message-ID: <FA6E8C0C-8C6B-46B4-B042-BE8BEB27BD0C at geekinter.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On 16 Jun 2009, at 15:36, Alan Kline wrote:
> Where would I find a list of all of the packages that should be
> installed for
> BX? Doing a "yum list installed" showed quite a few packages with
> "el5" at the
> end, and I wonder how many of those should actually be "centos"...
Just tried to send a full list to the list but its pending moderator
approval (long bessage). Email me directly if you want it urgently..
S
------------------------------
Message: 7
Date: Tue, 16 Jun 2009 16:03:55 +0100
From: Jason Humphrey <jasonh at bws4ict.co.uk>
Subject: [BlueOnyx:01413] 2048 bit RSA key
To: "blueonyx at blueonyx.it" <blueonyx at blueonyx.it>
Message-ID:
<78BD2DEDA27F3E44A01CFCC4B504343C7A54498E51 at COBALTEXCH.CobaltExchange.com>
Content-Type: text/plain; charset="us-ascii"
How would I create a signing request with a 2048bit RSA string? The GUI only uses 1024.
Many Thanks
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.blueonyx.it/pipermail/blueonyx/attachments/20090616/de08717e/attachment.html
------------------------------
_______________________________________________
Blueonyx mailing list
Blueonyx at blueonyx.it
http://www.blueonyx.it/mailman/listinfo/blueonyx
End of Blueonyx Digest, Vol 6, Issue 15
***************************************
More information about the Blueonyx
mailing list