Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1] 2
1
Installation and Upgrades / 3.5: Mail forwarding loop
« on: November 15, 2014, 12:04:01 am »
I'm trying to set up a way to receive mail for my domain but not have the hassle of trying to do the spam/virus detection myself. I also need all the mail to be delivered to the Zentyal server, where individual users can grab it using their favourite mail client.
What I tried to do is use the Mail Hosting of my domain registry. This allows me to create as many mailboxes as I need for my domain. I then configured the External Retrieval Service to pull the mail, via POP, from the registry server and put it into each user's mailbox.
Unfortunately this causes the mail to be bounced:
I have set up Zentyal as part of my domain: mydomain.net. The user joeblow has an account on Zentyal. The mail hosting is set up to receive the mail for joeblow@mydomain.net, and store it in a mailbox named "joeblow@mydomain.net", which is where I pull it from.
Is this a legitimate mail loop, as I'm pulling from a POP server, which is not part of mydomain.net, and asking it to be put to a local user, not relayed on via SMTP.
Is there any way this can be set up.
Cheers.
What I tried to do is use the Mail Hosting of my domain registry. This allows me to create as many mailboxes as I need for my domain. I then configured the External Retrieval Service to pull the mail, via POP, from the registry server and put it into each user's mailbox.
Unfortunately this causes the mail to be bounced:
Code: [Select]
Nov 13 22:30:27 zentyal postfix/pipe[30454]: 8DB711FFF5: to=<joeblow@mydomain.net>, relay=dovecot, delay=0.14, delays=0.09/0.01/0/0.04, dsn=5.4.6, status=bounced (mail forwarding loop for joeblow@mydomain.net)I have set up Zentyal as part of my domain: mydomain.net. The user joeblow has an account on Zentyal. The mail hosting is set up to receive the mail for joeblow@mydomain.net, and store it in a mailbox named "joeblow@mydomain.net", which is where I pull it from.
Is this a legitimate mail loop, as I'm pulling from a POP server, which is not part of mydomain.net, and asking it to be put to a local user, not relayed on via SMTP.
Is there any way this can be set up.
Cheers.
2
Installation and Upgrades / 3.5: Error restarting service mail
« on: November 14, 2014, 11:09:17 pm »
Hitting the Restart button for "External retrieval service" throws a "Error restarting service Mail. See /var/log/zentyal/zentyal.log for more information" box.
Looking at the log, I see:
Cheers.
Looking at the log, I see:
Code: [Select]
2014/11/14 14:01:08 INFO> Service.pm:997 EBox::Module::Service::restartService - Restarting service for module: mail
2014/11/14 14:01:10 ERROR> LDAP.pm:196 EBox::Module::LDAP::_connectToSchemaMaster - Error binding to schama master LDAP: An error occurred in C<Net::LDAP>
2014/11/14 14:01:10 ERROR> Service.pm:1001 EBox::Module::Service::restartService - Error restarting service: Error binding to schama master LDAP: An error occurred in C<Net::LDAP>
2014/11/14 14:01:10 ERROR> Service.pm:1003 EBox::Module::Service::restartService - Error binding to schama master LDAP: An error occurred in C<Net::LDAP>
2014/11/14 14:01:10 ERROR> RestartService.pm:61 EBox::SysInfo::CGI::RestartService::_process - Restart of Mail from dashboard failed: Error binding to schama master LDAP: An error occurred in C<Net::LDAP>
Any ideas anyone.Cheers.
3
Installation and Upgrades / 3.5 Abandoned in Less Than a Week After 4.0
« on: November 06, 2014, 03:46:14 pm »4
Installation and Upgrades / Cannot Re-Load perl Module Following Error - Trying to fix Samba share on XFS
« on: October 21, 2014, 07:50:16 am »
OK, so I find a couple of issues in the SambaShares.pm module which stops me creating any shares on my test server, where I'm trying out 3.5.
Basically when creating a new share, the code verifies that the "acl" option has been provided on the mount command for the filesystem where the share is. Well, initially this failed because all my shares are on an aufs mount spread across 4 drives. This I could understand, as aufs doesn't support extended attributes.
So, I switched to an mhddfs pool, which by using ls and get/setfacl I could see does support "acl". However the Create Shares panel still complains. Trying to create a share on a single drive of the pool also failed, despite it being an xfs filesystem which supports "acl" without any special options.
Turns out that the SambaShares.pm module only looks for mounts that have "acl" specified, or are the btrfs filesystem. So, even though my perl is a little rusty, I thought I could fix this.
Well, adding an exception for "xfs" for fairly straightforward, as it was a cut/paste from the btrfs code. After doing this, it tested great. I was able to create a share on an xfs filesystem.
Moving on to supporting mhddfs is where my woes began.
After my first update, the Create Shares panel wouldn't load because of an error loading the perl modules (Excuse the abbreviated messages and typos. This is on a different server without cut/paste available):
WARN> zentyal.psgi:43: main Bareword found where operator expected at ... ... ... SambaShares.pm
ERROR> Manager.pm:270 Error loading ... SambaShares.pm ...syntax error at ...
Now, this I can understand, because, yes, there was an error. However, from this point on I cannot get past the panel error screen because every time I now get the following:
ERROR> Manager.pm:270 ... Error loading ... SambaShares.pm ... Attempt to reload ... SambaShares.pm aborted.
Now, whatever I try, including replacing the module with the original again gives the "aborted" message. Obviously, at this point re-booting the server clears the error.
But how do I clear this without a re-boot, as having to re-boot after each change to the perl module is obviously not going to fly.
Cheers.
Basically when creating a new share, the code verifies that the "acl" option has been provided on the mount command for the filesystem where the share is. Well, initially this failed because all my shares are on an aufs mount spread across 4 drives. This I could understand, as aufs doesn't support extended attributes.
So, I switched to an mhddfs pool, which by using ls and get/setfacl I could see does support "acl". However the Create Shares panel still complains. Trying to create a share on a single drive of the pool also failed, despite it being an xfs filesystem which supports "acl" without any special options.
Turns out that the SambaShares.pm module only looks for mounts that have "acl" specified, or are the btrfs filesystem. So, even though my perl is a little rusty, I thought I could fix this.
Well, adding an exception for "xfs" for fairly straightforward, as it was a cut/paste from the btrfs code. After doing this, it tested great. I was able to create a share on an xfs filesystem.
Moving on to supporting mhddfs is where my woes began.
After my first update, the Create Shares panel wouldn't load because of an error loading the perl modules (Excuse the abbreviated messages and typos. This is on a different server without cut/paste available):
WARN> zentyal.psgi:43: main Bareword found where operator expected at ... ... ... SambaShares.pm
ERROR> Manager.pm:270 Error loading ... SambaShares.pm ...syntax error at ...
Now, this I can understand, because, yes, there was an error. However, from this point on I cannot get past the panel error screen because every time I now get the following:
ERROR> Manager.pm:270 ... Error loading ... SambaShares.pm ... Attempt to reload ... SambaShares.pm aborted.
Now, whatever I try, including replacing the module with the original again gives the "aborted" message. Obviously, at this point re-booting the server clears the error.
But how do I clear this without a re-boot, as having to re-boot after each change to the perl module is obviously not going to fly.
Cheers.
5
Installation and Upgrades / No "Enable PAM" = User Cannot Change Password
« on: August 07, 2014, 09:38:47 pm »
Unless the "Enable PAM" option is selected, a user no longer has the ability to change their own password. You cannot log on to the account from a terminal, nor through SSH.
Using Zentyal's admin account and sudo it is possible to log on as that user, but an attempt to change the password fails with:
An unintended result of stripping out User Corner, perhaps.
***** Update *****
Setting Enable PAM allows the user to log in to a terminal session and use SSH, but changing the password is still not possible:
Cheers.
Using Zentyal's admin account and sudo it is possible to log on as that user, but an attempt to change the password fails with:
Code: [Select]
passwd: Authentication token manipulation error
passwd: password unchangedTrying to change the password from Zentyal's admin account with "passwd <user> yields the same failure.An unintended result of stripping out User Corner, perhaps.
***** Update *****
Setting Enable PAM allows the user to log in to a terminal session and use SSH, but changing the password is still not possible:
Code: [Select]
eddie@zentyal-beta:~$ passwd
Current Password:
Password change failed. Server message: Old password not accepted.
passwd: Authentication token manipulation error
passwd: password unchangedCheers.
6
Installation and Upgrades / External Mail is Back, Kinda, BUT ...
« on: July 26, 2014, 08:11:25 pm »
After the latest upgrades, it looks like External Mail retrieval has re-appeared, 
but still without User Corner, so it can only be configured via the Users and Computers panel, which is fine by me as I only use it for a handful of accounts anyway.
But, I notice in the 4.0 roadmap that even more modules are going away, including WebService. I came to Zentyal as a replacement for pfSense because it gave me the ability to run all the services I wanted, like a web server, ftp server, vpn, DHCP, DNS, file sharing, all on the server that also was my firewall, hence replacing 2, or was it 3, servers with one. Now it appears that all the services that drew me to Zentyal are being slowly removed. OK, I know that it's not the best idea to run a bunch of stuff alongside the firewall, but for a home user, or even a very small business, it makes sense.
So, to me anyway, it seems that Zentyal's roadmap is taking them along a different path, than I'm sure a lot of folks who've been using it for a while, want it to go down. Maybe time to look into alternatives, as for a home user, I have no need for an Exchange Server.
Cheers.
but still without User Corner, so it can only be configured via the Users and Computers panel, which is fine by me as I only use it for a handful of accounts anyway.But, I notice in the 4.0 roadmap that even more modules are going away, including WebService. I came to Zentyal as a replacement for pfSense because it gave me the ability to run all the services I wanted, like a web server, ftp server, vpn, DHCP, DNS, file sharing, all on the server that also was my firewall, hence replacing 2, or was it 3, servers with one. Now it appears that all the services that drew me to Zentyal are being slowly removed. OK, I know that it's not the best idea to run a bunch of stuff alongside the firewall, but for a home user, or even a very small business, it makes sense.
So, to me anyway, it seems that Zentyal's roadmap is taking them along a different path, than I'm sure a lot of folks who've been using it for a while, want it to go down. Maybe time to look into alternatives, as for a home user, I have no need for an Exchange Server.
Cheers.
7
Installation and Upgrades / Changing File Sharing Domain Name Never Ends
« on: October 09, 2013, 09:21:10 pm »
After a change of the NetBIOS domain name for File Sharing, pressing Save initiates the changes, but they never end. The pop-up remains at 2 of 3 operations performed for ever.
I've also included the portion of /var/log/zentyal/zentyal.log for this. No other logs appear to have anything written to them.
Cheers.
I've also included the portion of /var/log/zentyal/zentyal.log for this. No other logs appear to have anything written to them.
Cheers.
8
Installation and Upgrades / Cannot Restore Backup Configuration
« on: October 01, 2013, 09:48:40 pm »
I'm not sure if this is a supported way of upgrading, but for testing 3.2 I installed a new copy under VMWare and tried to restore a configuration backup from my live 3.0 version which is fully up to date. The restore comes up with the confirmation pop-up asking if this is what I want to restore, but there is no OK button to continue.
Cheers.
Cheers.
9
Installation and Upgrades / Is there a hook for route table
« on: September 04, 2013, 03:58:34 am »
Hi,
I've added a hook at /etc/zentyal/hooks/firewall.postservice to update the iptables nat table for my outbound OpenVPN connection. I also use it to update the route table to force only certain IPs down that path, but have noticed that under some conditions (still to be determined) Zentyal will reset the route table back to the default.
Is there a similar hook I can use to update the route table each time Zentyal touches it.
Cheers.
I've added a hook at /etc/zentyal/hooks/firewall.postservice to update the iptables nat table for my outbound OpenVPN connection. I also use it to update the route table to force only certain IPs down that path, but have noticed that under some conditions (still to be determined) Zentyal will reset the route table back to the default.
Is there a similar hook I can use to update the route table each time Zentyal touches it.
Cheers.
10
Installation and Upgrades / [SOLVED]Traffic from internal LAN cannot route via OpenVPN client
« on: July 23, 2013, 01:26:27 am »
I've set up the OpenVPN Client on my Zentyal system and by creating my own config file have been able to successfully connect to the server.
It took me a while to realise that I needed to add my own route to the Kernel IP Routing Table to allow the traffic to flow via the tun0 interface instead of eth0. The route I added only sends a certain IP range through the tunnel. The rest is routed out to the internet normally. The last line being the one I needed to add:
Now, the only issue is, I can only do this from the Zentyal server itself. If I try routing anything to the 212.58.240.0 range from a machine in the internal LAN, then it just times out connecting. I've tried browsing, traceroute, ping, telnet, etc. and it's always the same. Zentyal server = success. Machine on LAN = fail.
I initially thought it might be the firewall, but if it is nothing shows in the logs. Also, the firewall is port based, not IP, so I don't really see it being that.
Any ideas of why my internal traffic is failing to be routed at all.
Also, I'm a little confused how the routing works anyway in an standard Zentyal system, as there is no "default" entry in the routing table to send the packets to my ISP gateway.
BTW This is a fully up to date 3.0 system.
Cheers.
It took me a while to realise that I needed to add my own route to the Kernel IP Routing Table to allow the traffic to flow via the tun0 interface instead of eth0. The route I added only sends a certain IP range through the tunnel. The rest is routed out to the internet normally. The last line being the one I needed to add:
Code: [Select]
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.10.0 10.10.10.177 255.255.255.0 UG 0 0 0 tun0
10.10.10.177 * 255.255.255.255 UH 0 0 0 tun0
142.129.208.0 * 255.255.240.0 U 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.160.0 * 255.255.255.0 U 0 0 0 tap1
212.58.240.0 * 255.255.240.0 U 0 0 0 tun0
Now, from the Zentyal server itself, this is working perfectly. If I traceroute to the 212.58.240.0 range, I see it going via the 10.10.10.0 hop. If I traceroute any other address, then it goes straight to my ISP.Now, the only issue is, I can only do this from the Zentyal server itself. If I try routing anything to the 212.58.240.0 range from a machine in the internal LAN, then it just times out connecting. I've tried browsing, traceroute, ping, telnet, etc. and it's always the same. Zentyal server = success. Machine on LAN = fail.
I initially thought it might be the firewall, but if it is nothing shows in the logs. Also, the firewall is port based, not IP, so I don't really see it being that.
Any ideas of why my internal traffic is failing to be routed at all.
Also, I'm a little confused how the routing works anyway in an standard Zentyal system, as there is no "default" entry in the routing table to send the packets to my ISP gateway.
BTW This is a fully up to date 3.0 system.
Cheers.
11
Installation and Upgrades / suricata Eats CPU
« on: July 13, 2013, 01:39:28 am »
Here's a quick screen shot after about 90 minutes of running. During the whole period, Zentyal was just idle, nothing going on. It's sorted on Time.
During the period, suricata was always around 10% -> 13%.
On the IDS/IPS panel there a no interfaces selected, so I wouldn't expect this to be running.
Zentyal 3.1-1 beta with all the latest updates applied. Core version: 3.1.5.
Cheers.
During the period, suricata was always around 10% -> 13%.
On the IDS/IPS panel there a no interfaces selected, so I wouldn't expect this to be running.
Zentyal 3.1-1 beta with all the latest updates applied. Core version: 3.1.5.
Cheers.
12
Installation and Upgrades / Cannot Update UPS Settings
« on: June 06, 2013, 08:31:07 pm »
I'm trying to configure and test the UPS functions introduced into Zentyal and noticed an issue regarding the settings.
I cannot update any of the settings. They all report back a "Missing argument: Value" error. Screen shot attached.
This is a TrippLite UPS and is connected with the Smart2200RMXL2U (USB, newer models): usbhid-ups driver.
Cheers.
I cannot update any of the settings. They all report back a "Missing argument: Value" error. Screen shot attached.
This is a TrippLite UPS and is connected with the Smart2200RMXL2U (USB, newer models): usbhid-ups driver.
Cheers.
13
Installation and Upgrades / Unable to get pop3 certificate
« on: May 22, 2013, 10:05:15 pm »
Now that Zentyal doesn't allow clear text sign on for pop3, I thought it was about time I used the secure version, even though it's a completely internal network, instead of hacking the dovecot configuration.
I created a CA. Added the POP server as a service. But whenever I try to connect from a Thunderbird client, I get the pop-up window to add a security exception, but it says that there is no information available about the certificate and so leaves the Confirm button greyed out, which means I can't add this.
The error I see in syslog is:
I do see the certificates in the /etc/dovecot/ssl directory, and on a cursory glance appears to be OK, but I'm not an SSL expert.
What further information do I need to supply to investigate this.
Cheers.
I created a CA. Added the POP server as a service. But whenever I try to connect from a Thunderbird client, I get the pop-up window to add a security exception, but it says that there is no information available about the certificate and so leaves the Confirm button greyed out, which means I can't add this.
The error I see in syslog is:
Code: [Select]
May 22 12:59:10 Zentyal dovecot: pop3-login: Disconnected (no auth attempts): rip=192.168.0.2, lip=192.168.0.254, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
Any ideas what's wrong here and why I can't import this certificate. I also tried to import manually, using <My Hostname>:995 but that gives exactly the same error.I do see the certificates in the /etc/dovecot/ssl directory, and on a cursory glance appears to be OK, but I'm not an SSL expert.
What further information do I need to supply to investigate this.
Cheers.
14
Installation and Upgrades / Samba Issues and Cannot Login to any Users
« on: May 10, 2013, 04:21:12 am »
After reinstalling my 3.0-2 system cleanly, I configured it to match my old installation. During the configuration I encountered 2 issues and I'm not sure if they're related as they both have to do with users.
Trying to start or re-start File Sharing throws an error: "user name Administrator already exists".
The second issue is that I cannot log in to any of the users I defined. They all fail with: Authentication failure.
From my Winblows 7 machine, I can see all the advertised shares, but can only navigate to sysvol. All the others fail with: The network path was not found.
Looking at the logs, I can't see anything that might pinpoint what is going on here.
Cheers.
Trying to start or re-start File Sharing throws an error: "user name Administrator already exists".
The second issue is that I cannot log in to any of the users I defined. They all fail with: Authentication failure.
From my Winblows 7 machine, I can see all the advertised shares, but can only navigate to sysvol. All the others fail with: The network path was not found.
Looking at the logs, I can't see anything that might pinpoint what is going on here.
Cheers.
15
Installation and Upgrades / Configuration Fails After Clean 3.0-2 Install
« on: May 09, 2013, 02:33:07 am »
I'm getting the exact same sympton as reported here:
What is needed for this problem.
Cheers,
Eddie
Code: [Select]
zentyal@Zentyal-3:~$ sudo dpkg --configure -a
[sudo] password for zentyal:
Setting up zentyal-firewall (3.0.3) ...
root command /bin/cat /var/lib/zentyal/conf/zentyal-mysql.passwd failed.
Error output: /bin/cat: /var/lib/zentyal/conf/zentyal-mysql.passwd: No such file or directory
Command output: .
Exit value: 1dpkg: error processing zentyal-firewall (--configure):
subprocess installed post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of zentyal-dhcp:
zentyal-dhcp depends on zentyal-firewall; however:
Package zentyal-firewall is not configured yet.
etc. etc. etc.The fix referred to in that post appears to be for a different issue.What is needed for this problem.
Cheers,
Eddie
Pages: [1] 2