Author Topic: Kamilion's Ebox Tweaks  (Read 22103 times)

Kamilion

  • Zen Monk
  • **
  • Posts: 82
  • Karma: +2/-0
  • NASA System Administrator
    • View Profile
Re: Setting up Firefox Desktop mode in a better way for eBox 1.4
« Reply #15 on: March 12, 2010, 08:28:53 pm »
Setting up Firefox Desktop mode in a better way for eBox 1.4

The 1.4-1 installer that has been just released includes all these suggestions by default. Thank you very much for your contribution!

Make sure you document the firefox startup stuff's hardcoded port of 443; otherwise users are gonna get a nasty surprise when they change the port from the web-interface and come back to the desktop view and scratch their heads wondering why it's now "page not found".

If possible, you should set up some mason templates for ebox-firefox to change the menu/xsession when the port's changed.

Also -- when you get around to ebox-software on lucid, it should offer to add-apt-repository ppa:ebox/1.5 if it's not already in the sources list (no should be a valid answer here too!). If the basic 1.5 packages get upstreamed before lucid's release like 1.3.5 did for karmic, make sure ebox-software is one of those upstreamed basic packages with this feature, so it's truly trivial to tell someone "install lucid-server then apt-get install ebox-software && enjoy_ebox" and have them result with an up-to-date ebox every time without jumping through the ubuntu SRU hoops.

If you're intending on getting the 1.4-era packages upstream before LTS hits, now's the time to get ebox-software working like this, so no matter what, ebox is easily installable right from lucid.
« Last Edit: March 12, 2010, 08:40:31 pm by Kamilion »
"Never feel stupid for asking questions, feel stupid for ignoring answers."
"You're arrogant for thinking you can, ignorant for thinking you cannot."
"Asking questions is important,
because that's when intuition gets converted into inspiration."

Kamilion

  • Zen Monk
  • **
  • Posts: 82
  • Karma: +2/-0
  • NASA System Administrator
    • View Profile
Fun with SSL
« Reply #16 on: June 17, 2010, 01:54:05 am »
So, I got a SSL wildcart certificate for my primary domain not too long ago.

Getting ebox's certificates replaced wasn't too hard.

After chatting with bencer on IRC; I was told that if you *do not enable* "Services Certificates" that you should just be able to replace the .pem files in various locations with the proper keys without eBox replacing them on you with CA-generated certificates.

Messing around for a few hours, I got it all working, and here's how I did it.

OpenSSL isn't picky about what it finds in certificate files -- it's only looking for what it's interested in.
So, now knowing this, one can keep both the certificate and private key in a single .pem file.

What worked for me:
Code: [Select]
openssl x509 -in startssl.cert -text > header.pem && cat header.pem startssl.key > combined.pem
Alternatively, appending:
Code: [Select]
openssl x509 -in startssl.cert -text > combined.pem && cat startssl.key >> combined.pem


This will generate a .PEM file with a plaintext header (which is ignored) followed by the Certificate file, followed by the Private key file.

You can now use this combined.pem file to replace any of the eBox service certificates.

These files are stored in the following places: (owner.group, perms)

SMTP (postfix): /etc/postfix/sasl/postfix.pem (root.root, 0400)
IMAP (dovecot): /etc/dovecot/ssl/dovecot.pem (root.root, 0400)
POP3 (dovecot): /etc/dovecot/ssl/dovecot.pem (root.root, 0400)
XMPP (jabberd2): /etc/jabberd2/ebox.pem (jabber.jabber, 0644)
User Corner (apache2): /var/lib/ebox-usercorner/ssl/ssl.pem (ebox-usercorner.ebox-usercorner, 0400)
eBox Frontend (apache2): /var/lib/ebox/conf/ssl/ssl.pem (ebox.ebox, 0600)

Simply replacing these files and making sure the permissions matched the originals worked for me.

Of course, your milage may vary.

No mason templates were harmed in the making of this post.
« Last Edit: June 17, 2010, 02:07:44 am by Kamilion »
"Never feel stupid for asking questions, feel stupid for ignoring answers."
"You're arrogant for thinking you can, ignorant for thinking you cannot."
"Asking questions is important,
because that's when intuition gets converted into inspiration."

Kamilion

  • Zen Monk
  • **
  • Posts: 82
  • Karma: +2/-0
  • NASA System Administrator
    • View Profile
Getting rid of that darn Mason Error
« Reply #17 on: August 06, 2010, 09:49:52 pm »
HAVE YOU SEEN ME?

Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/HTML/Mason/Component/Subcomponent.pm line 34.

MISSING CHILD; CALL 1-800-FOR-DEBIAN

How to bury this error in 1.4 and 1.5...

Code: [Select]
wget http://ftp.us.debian.org/debian/pool/main/libl/liblog-any-perl/liblog-any-perl_0.11-1_all.deb
dpkg -i liblog-any-perl_0.11-1_all.deb
wget http://ftp.us.debian.org/debian/pool/main/libh/libhtml-mason-perl/libhtml-mason-perl_1.44-1_all.deb
dpkg -i libhtml-mason-perl_1.44-1_all.deb

Looks like this is the debian bug report that triggered this fix in march 2010:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=436507

Someone should try to get 1.44 synced from debian with a SRU request, ubuntu's 1.42 still seems to show errors.

Problems? Revert your package to the ubuntu version.
Code: [Select]
(hardy) wget http://mirrors.kernel.org/ubuntu/pool/universe/libh/libhtml-mason-perl/libhtml-mason-perl_1.36-2_all.deb
(lucid) wget http://mirrors.kernel.org/ubuntu/pool/universe/libh/libhtml-mason-perl/libhtml-mason-perl_1.42-1_all.deb
"Never feel stupid for asking questions, feel stupid for ignoring answers."
"You're arrogant for thinking you can, ignorant for thinking you cannot."
"Asking questions is important,
because that's when intuition gets converted into inspiration."

Kamilion

  • Zen Monk
  • **
  • Posts: 82
  • Karma: +2/-0
  • NASA System Administrator
    • View Profile
Decapitation with NoMachine 3.4
« Reply #18 on: September 11, 2010, 12:54:09 am »
Fun with Headless Zentyal!

Code: [Select]
apt-get install python-software-properties
add-apt-repository ppa:freenx-team
apt-get update
apt-get install freenx-server

Then set up your nxclient like this:
"Never feel stupid for asking questions, feel stupid for ignoring answers."
"You're arrogant for thinking you can, ignorant for thinking you cannot."
"Asking questions is important,
because that's when intuition gets converted into inspiration."

J. A. Calvo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1986
  • Karma: +67/-3
    • View Profile
    • http://blogs.zentyal.org/jacalvo
Re: Getting rid of that darn Mason Error
« Reply #19 on: June 08, 2011, 01:44:57 pm »
HAVE YOU SEEN ME?

Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/HTML/Mason/Component/Subcomponent.pm line 34.

MISSING CHILD; CALL 1-800-FOR-DEBIAN

How to bury this error in 1.4 and 1.5...

Hi Kamilion,

First of all, thanks for your feedback and sorry for the late reply!

I'm afraid that those versions that you refer fix a bug but does not remove all the Subcomponent.pm warning.

The Zentyal team already reported this in the mason list and the patch was never accepted:

http://www.mail-archive.com/mason-users@lists.sourceforge.net/msg02246.html

Now, we have backported libhtml-mason-perl from maverick to lucid and applied the patch by ourselves, and it is available in the official zentyal/2.1 ppa. So Zentyal 2.2 will no longer have this annoying warnings!

For anyone wanting to try these packages in Zentyal 2.0:

Code: [Select]
wget http://launchpad.net/~zentyal/+archive/2.1/+files/liblog-any-perl_0.11-1%2Bzentyal1_all.deb
wget http://launchpad.net/~zentyal/+archive/2.1/+files/libhtml-mason-perl_1.44-1%2Bzentyal1_all.deb
sudo dpkg -i liblog-any-perl_0.11-1+zentyal1_all.deb
sudo dpkg -i libhtml-mason-perl_1.44-1+zentyal1_all.deb

For those with a Zentyal 2.1 installed you only need to sudo apt-get update && sudo apt-get install libhtml-mason-perl
Zentyal Server Lead Developer

innocenti_jr

  • Zen Monk
  • **
  • Posts: 98
  • Karma: +9/-0
    • View Profile
Re: Getting rid of that darn Mason Error
« Reply #20 on: June 08, 2011, 03:22:35 pm »
For those with a Zentyal 2.1 installed you only need to sudo apt-get update && sudo apt-get install libhtml-mason-perl
Thanks for addressing this.
I just installed it and if something terrible happens, I'll post again. ;)

Cheers - Oliver
"The problem with quotes on the Internet is that it is hard to verify their authenticity." - Abraham Lincoln