Try out Nethserver 7 beta1

I begin the tests, again:

POP3 proxy: enabled
- Antivirus: disabled
- Antispam: enabled
Services: clamd@squidclamav - Enabled, Running
p3scan - Enabled, Running

I can receive emails (Mozilla Thunderbird, POP3, port 110):

Log viewer: /var/log/messages:

Aug 7 15:04:19 dc-ad freshclam[3139]: ClamAV update process started at Sun Aug 7 15:04:19 2016
Aug 7 15:04:19 dc-ad freshclam[3139]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
Aug 7 15:04:20 dc-ad freshclam[3139]: Downloading daily-22041.cdiff [100%]
Aug 7 15:04:21 dc-ad freshclam[3139]: Downloading daily-22042.cdiff [100%]
Aug 7 15:04:21 dc-ad freshclam[3139]: Downloading daily-22043.cdiff [100%]
Aug 7 15:04:21 dc-ad freshclam[3139]: Downloading daily-22044.cdiff [100%]
Aug 7 15:04:26 dc-ad freshclam[3139]: daily.cld updated (version: 22044, sigs: 488532, f-level: 63, builder: neo)
Aug 7 15:04:26 dc-ad freshclam[3139]: bytecode.cvd is up to date (version: 283, sigs: 53, f-level: 63, builder: neo)
Aug 7 15:04:32 dc-ad freshclam[3139]: Database updated (4707375 signatures) from database.clamav.net (IP: 195.30.97.3)
Aug 7 15:04:33 dc-ad systemd: Removed slice user-0.slice.
Aug 7 15:04:33 dc-ad systemd: Stopping user-0.slice.
Aug 7 15:04:33 dc-ad clamd: Reading databases from /var/lib/clamav
Aug 7 15:04:33 dc-ad clamd: Reading databases from /var/lib/squidclamav
Aug 7 15:04:33 dc-ad clamd[1351]: Reading databases from /var/lib/squidclamav
Aug 7 15:04:35 dc-ad kernel: perf interrupt took too long (2503 > 2500), lowering kernel.perf_event_max_sample_rate to 50000
Aug 7 15:04:47 dc-ad clamd: Database correctly reloaded (4868719 signatures)
Aug 7 15:04:47 dc-ad clamd[1351]: Database correctly reloaded (4868719 signatures)
Aug 7 15:04:47 dc-ad clamd: Database correctly reloaded (4868719 signatures)

Aug 7 15:35:25 dc-ad clamd: SelfCheck: Database status OK.
Aug 7 15:35:25 dc-ad clamd[1351]: SelfCheck: Database status OK.
Aug 7 15:37:45 dc-ad p3scan[3894]: POP3 Connection from 192.168.1.11:54387
Aug 7 15:37:45 dc-ad p3scan[3894]: Real-server address is 91.195.62.2:110
Aug 7 15:37:45 dc-ad p3scan[3894]: Ignoring servers TOP capability…
Aug 7 15:37:45 dc-ad p3scan[3894]: Ignoring servers PIPELINING capability…
Aug 7 15:37:50 dc-ad p3scan[3894]: Session done (Clean Exit). Mails: 1 Bytes: 1716

POP3 proxy: enabled
- Antivirus: enabled
- Antispam: enabled
Services: clamd@squidclamav - Enabled, Running
p3scan - Enabled, Running

I cannot receive emails (Mozilla Thunderbird, POP3, port 110):

Log viewer: /var/log/messages:

Aug 7 15:43:31 dc-ad /sbin/e-smith/db[4335]:
/var/lib/nethserver/db/configuration: OLD
p3scan=service|SSLScan|enabled|SpamScan|enabled|TCPPort|8110|Template|/etc/p3scan/p3scan-en.mail|VirusScan|disabled|access||status|enabled
Aug 7 15:43:31 dc-ad /sbin/e-smith/db[4335]:
/var/lib/nethserver/db/configuration: NEW
p3scan=service|SSLScan|enabled|SpamScan|enabled|TCPPort|8110|Template|/etc/p3scan/p3scan-en.mail|VirusScan|enabled|access||status|enabled
Aug 7 15:43:31 dc-ad dbus-daemon: dbus[643]: [system] Activating via
systemd: service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:43:31 dc-ad dbus[643]: [system] Activating via systemd:
service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:43:32 dc-ad systemd: Starting Time & Date Service…
Aug 7 15:43:32 dc-ad dbus-daemon: dbus[643]: [system] Successfully
activated service ‘org.freedesktop.timedate1’
Aug 7 15:43:32 dc-ad dbus[643]: [system] Successfully activated service
‘org.freedesktop.timedate1’
Aug 7 15:43:32 dc-ad systemd: Started Time & Date Service.
Aug 7 15:43:33 dc-ad esmith::event[4339]: Event:
nethserver-p3scan-update
Aug 7 15:43:33 dc-ad esmith::event[4339]: Migrating existing database
configuration
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
certificates
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
networks
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
accounts
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
routes
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
hosts
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
proxypass
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
fwrules
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
fwservices
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
portforward
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
tc
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
dhcp
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
contentfilter
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
vhosts
Aug 7 15:43:34 dc-ad esmith::event[4339]: Migrating existing database
domains
Aug 7 15:43:34 dc-ad esmith::event[4339]: Action:
/etc/e-smith/events/nethserver-p3scan-update/S00initialize-default-databases
SUCCESS [1.334358]
Aug 7 15:43:34 dc-ad esmith::event[4339]: expanding
/etc/p3scan/p3scan.conf
Aug 7 15:43:35 dc-ad esmith::event[4339]: Action:
/etc/e-smith/events/actions/generic_template_expand SUCCESS [0.385739]
Aug 7 15:43:35 dc-ad esmith::event[4342]: Event:
nethserver-firewall-base-save nethserver-p3scan-update
Aug 7 15:43:35 dc-ad esmith::event[4342]: Action:
/etc/e-smith/events/nethserver-firewall-base-save/S02providers-cleanup
SUCCESS [0.370819]
Aug 7 15:43:35 dc-ad esmith::event[4342]: expanding /etc/collectd.conf
Aug 7 15:43:35 dc-ad esmith::event[4342]: expanding /etc/hosts
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding /etc/lsm/lsm.conf
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/actions
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/hosts
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/interfaces
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/maclist
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/mangle
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding /etc/shorewall/masq
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding /etc/shorewall/nat
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/policy
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/providers
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/rtrules
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/rules
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/shorewall.conf
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/stoppedrules
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/tcinterfaces
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/tcpri
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/tunnels
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/shorewall/zones
Aug 7 15:43:36 dc-ad esmith::event[4342]: expanding
/etc/collectd.d/ping.conf
Aug 7 15:43:37 dc-ad esmith::event[4342]: expanding
/var/www/html/wpad.dat
Aug 7 15:43:37 dc-ad esmith::event[4342]: Action:
/etc/e-smith/events/actions/generic_template_expand SUCCESS [1.507194]
Aug 7 15:43:37 dc-ad systemd: Reloading.
Aug 7 15:43:39 dc-ad systemd: Configuration file
/usr/lib/systemd/system/auditd.service is marked world-inaccessible.
This has no effect as configuration data is accessible via APIs without
restrictions. Proceeding anyway.
Aug 7 15:43:41 dc-ad kernel: ipt_ULOG: ULOG: fail to register logger.
Aug 7 15:43:42 dc-ad kernel: ipt_ULOG: ULOG: fail to register logger.
Aug 7 15:43:43 dc-ad kernel: ipt_ULOG: ULOG: fail to register logger.
Aug 7 15:43:43 dc-ad logger: Shorewall reloaded
Aug 7 15:43:43 dc-ad esmith::event[4342]: [NOTICE] Shorewall restart
Aug 7 15:43:43 dc-ad esmith::event[4342]: Action:
/etc/e-smith/events/nethserver-firewall-base-save/S89nethserver-shorewall-restart
SUCCESS [6.659116]
Aug 7 15:43:44 dc-ad systemd: Reloading.
Aug 7 15:43:44 dc-ad systemd: Configuration file
/usr/lib/systemd/system/auditd.service is marked world-inaccessible.
This has no effect as configuration data is accessible via APIs without
restrictions. Proceeding anyway.
Aug 7 15:43:44 dc-ad esmith::event[4342]: [INFO] lsm is disabled:
skipped
Aug 7 15:43:44 dc-ad esmith::event[4342]: [INFO]
Aug 7 15:43:44 dc-ad systemd: Reloading.
Aug 7 15:43:44 dc-ad systemd: Configuration file
/usr/lib/systemd/system/auditd.service is marked world-inaccessible.
This has no effect as configuration data is accessible via APIs without
restrictions. Proceeding anyway.
Aug 7 15:43:44 dc-ad esmith::event[4342]: [INFO] service collectd
restart
Aug 7 15:43:44 dc-ad systemd: Stopping Collectd statistics daemon…
Aug 7 15:43:44 dc-ad collectd[1043]: Exiting normally.
Aug 7 15:43:44 dc-ad collectd[1043]: collectd: Stopping 5 read threads.
Aug 7 15:43:45 dc-ad collectd[1043]: rrdtool plugin: Shutting down the
queue thread. This may take a while.
Aug 7 15:43:45 dc-ad collectd[1043]: ping plugin: Shutting down thread.
Aug 7 15:43:45 dc-ad collectd[1043]: collectd: Stopping 5 write
threads.
Aug 7 15:43:45 dc-ad esmith::event[4342]: [INFO] collectd restart
Aug 7 15:43:45 dc-ad systemd: Started Collectd statistics daemon.
Aug 7 15:43:45 dc-ad systemd: Starting Collectd statistics daemon…
Aug 7 15:43:45 dc-ad esmith::event[4342]: Action:
/etc/e-smith/events/actions/adjust-services SUCCESS [1.689144]
Aug 7 15:43:45 dc-ad esmith::event[4342]: Event:
nethserver-firewall-base-save SUCCESS
Aug 7 15:43:45 dc-ad esmith::event[4339]: Action:
/etc/e-smith/events/nethserver-p3scan-update/S20firewall-adjust SUCCESS
[10.365141]
Aug 7 15:43:45 dc-ad systemd: Reloading.
Aug 7 15:43:45 dc-ad systemd: Configuration file
/usr/lib/systemd/system/auditd.service is marked world-inaccessible.
This has no effect as configuration data is accessible via APIs without
restrictions. Proceeding anyway.
Aug 7 15:43:45 dc-ad collectd[4830]: Initialization complete, entering
read-loop.
Aug 7 15:43:45 dc-ad esmith::event[4339]: [INFO] service p3scan restart
Aug 7 15:43:45 dc-ad systemd: Stopping p3scan proxy…
Aug 7 15:43:45 dc-ad p3scan[1100]: signalled, doing cleanup
Aug 7 15:43:45 dc-ad p3scan[1100]: P3Scan terminates now
Aug 7 15:43:45 dc-ad systemd: Starting p3scan proxy…
Aug 7 15:43:46 dc-ad p3scan[4869]: P3Scan Version 2.3.2
Aug 7 15:43:46 dc-ad p3scan[4869]: Selected scannertype: basic (Basic
file invocation scanner)
Aug 7 15:43:46 dc-ad p3scan[4869]: Listen now on 0.0.0.0:8110
Aug 7 15:43:46 dc-ad systemd: PID file /var/run/p3scan/p3scan.pid not
readable (yet?) after start.
Aug 7 15:43:46 dc-ad esmith::event[4339]: [INFO] p3scan restart
Aug 7 15:43:46 dc-ad systemd: Started p3scan proxy.
Aug 7 15:43:46 dc-ad esmith::event[4339]: Action:
/etc/e-smith/events/actions/adjust-services SUCCESS [0.651876]
Aug 7 15:43:46 dc-ad esmith::event[4339]: Event:
nethserver-p3scan-update SUCCESS
Aug 7 15:43:46 dc-ad p3scan[4870]: Changing uid (we are root)
Aug 7 15:43:46 dc-ad p3scan[4870]: Running as user: amavis
: amavis
Aug 7 15:44:48 dc-ad clamd: SelfCheck: Database status OK.

Aug 7 15:48:14 dc-ad p3scan[5268]: POP3 Connection from
192.168.1.11:54451
Aug 7 15:48:14 dc-ad p3scan[5268]: Real-server address is
91.195.62.2:110
Aug 7 15:48:14 dc-ad p3scan[5268]: Ignoring servers TOP capability…
Aug 7 15:48:14 dc-ad p3scan[5268]: Ignoring servers PIPELINING
capability…
Aug 7 15:48:14 dc-ad p3scan[5268]: Session done (Clean Exit). Mails: 0
Bytes: 0
Aug 7 15:49:17 dc-ad p3scan[5354]: POP3 Connection from
192.168.1.11:54456
Aug 7 15:49:17 dc-ad p3scan[5354]: Real-server address is
91.195.62.2:110
Aug 7 15:49:17 dc-ad p3scan[5354]: Ignoring servers TOP capability…
Aug 7 15:49:17 dc-ad p3scan[5354]: Ignoring servers PIPELINING
capability…
Aug 7 15:49:17 dc-ad p3scan[5354]: WARNING: Your scanner returned
neither 0, a viruscode, nor a good viruscode, but 2
Aug 7 15:49:17 dc-ad p3scan[5354]: ERR: We can’t say if it is a virus!
So we have to give the client the mail! You should check your
configuration/system
Aug 7 15:49:17 dc-ad p3scan[5354]: ERR: Scanner returned unexpected
error code. You should check your configuration/system.
Aug 7 15:49:17 dc-ad p3scan[5354]: ERR: Exiting now…
Aug 7 15:49:17 dc-ad p3scan: ERR: Scanner returned unexpected error
code. You should check your configuration/system.
Aug 7 15:49:18 dc-ad kernel: p3scan[5354]: segfault at 241 ip
00007fa33099eab4 sp 00007ffc03356080 error 4 in
libc-2.17.so[7fa330956000+1b7000]
Aug 7 15:49:18 dc-ad p3scan[4870]: ERR: Attention: child with pid 5354
died with abnormal termsignal (11)! This is probably a bug. Please
report to the author. numprocs is now 0
Aug 7 15:50:03 dc-ad dbus-daemon: dbus[643]: [system] Activating via
systemd: service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:50:03 dc-ad dbus[643]: [system] Activating via systemd:
service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:50:03 dc-ad systemd: Starting Time & Date Service…
Aug 7 15:50:03 dc-ad dbus-daemon: dbus[643]: [system] Successfully
activated service ‘org.freedesktop.timedate1’
Aug 7 15:50:03 dc-ad dbus[643]: [system] Successfully activated service
‘org.freedesktop.timedate1’
Aug 7 15:50:03 dc-ad systemd: Started Time & Date Service.
Aug 7 15:52:21 dc-ad dbus-daemon: dbus[643]: [system] Activating via
systemd: service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:52:21 dc-ad dbus[643]: [system] Activating via systemd:
service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 15:52:21 dc-ad systemd: Starting Time & Date Service…
Aug 7 15:52:21 dc-ad dbus-daemon: dbus[643]: [system] Successfully
activated service ‘org.freedesktop.timedate1’
Aug 7 15:52:21 dc-ad dbus[643]: [system] Successfully activated service
‘org.freedesktop.timedate1’
Aug 7 15:52:21 dc-ad systemd: Started Time & Date Service.
Service.
Aug 7 15:53:14 dc-ad p3scan[4870]: P3Scan terminates now
Aug 7 15:53:24 dc-ad systemd: Removed slice user-0.slice.
Aug 7 15:53:24 dc-ad systemd: Stopping user-0.slice.
Aug 7 15:54:48 dc-ad clamd: SelfCheck: Database modification detected. Forcing reload.
Aug 7 15:54:49 dc-ad clamd: Reading databases from /var/lib/clamav
Aug 7 15:55:05 dc-ad clamd: Database correctly reloaded (4868738 signatures)
Aug 7 15:55:53 dc-ad clamd: SelfCheck: Database modification detected. Forcing reload.
Aug 7 15:55:53 dc-ad clamd[1351]: SelfCheck: Database modification detected. Forcing reload.
Aug 7 15:55:54 dc-ad clamd: Reading databases from /var/lib/squidclamav
Aug 7 15:55:54 dc-ad clamd[1351]: Reading databases from /var/lib/squidclamav
Aug 7 15:56:07 dc-ad clamd: Database correctly reloaded (4868738 signatures)
Aug 7 15:56:07 dc-ad clamd[1351]: Database correctly reloaded (4868738 signatures)

In this moment, Aug 7 15:56:07:

Services: clamd@squidclamav - Enabled, Running
p3scan - Enabled, Stopped

Starting the p3scan service, manually:

Aug 7 16:00:48 dc-ad control-service: p3scan start
Aug 7 16:00:48 dc-ad systemd: Starting p3scan proxy…
Aug 7 16:00:48 dc-ad p3scan[6202]: P3Scan Version 2.3.2
Aug 7 16:00:48 dc-ad p3scan[6202]: Selected scannertype: basic (Basic
file invocation scanner)
Aug 7 16:00:48 dc-ad p3scan[6202]: Listen now on 0.0.0.0:8110
Aug 7 16:00:48 dc-ad systemd: PID file /var/run/p3scan/p3scan.pid not
readable (yet?) after start.
Aug 7 16:00:48 dc-ad systemd: Started p3scan proxy.
Aug 7 16:00:48 dc-ad dbus-daemon: dbus[643]: [system] Activating via
systemd: service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 16:00:48 dc-ad dbus[643]: [system] Activating via systemd:
service name=‘org.freedesktop.timedate1’
unit=‘dbus-org.freedesktop.timedate1.service’
Aug 7 16:00:48 dc-ad systemd: Starting Time & Date Service…
Aug 7 16:00:48 dc-ad p3scan[6203]: Changing uid (we are root)
Aug 7 16:00:48 dc-ad p3scan[6203]: Running as user: amavis

EDIT:

Thunderbird schedule send and receive:

Aug 7 16:03:14 dc-ad p3scan[6534]: POP3 Connection from
192.168.1.11:54567
Aug 7 16:03:14 dc-ad p3scan[6534]: Real-server address is
91.195.62.2:110
Aug 7 16:03:14 dc-ad p3scan[6534]: Ignoring servers TOP capability…
Aug 7 16:03:14 dc-ad p3scan[6534]: Ignoring servers PIPELINING
capability…
Aug 7 16:03:14 dc-ad p3scan[6534]: WARNING: Your scanner returned
neither 0, a viruscode, nor a good viruscode, but 2
Aug 7 16:03:14 dc-ad p3scan[6534]: ERR: We can’t say if it is a virus!
So we have to give the client the mail! You should check your
configuration/system
Aug 7 16:03:14 dc-ad p3scan[6534]: ERR: Scanner returned unexpected
error code. You should check your configuration/system.
Aug 7 16:03:14 dc-ad p3scan[6534]: ERR: Exiting now…
Aug 7 16:03:14 dc-ad p3scan: ERR: Scanner returned unexpected error
code. You should check your configuration/system.
Aug 7 16:03:14 dc-ad p3scan[6203]: ERR: Attention: child with pid 6534
died with abnormal termsignal (11)! This is probably a bug. Please
report to the author. numprocs is now 0
Aug 7 16:03:14 dc-ad kernel: p3scan[6534]: segfault at 241 ip
00007f871b872ab4 sp 00007fff7abb9ac0 error 4 in
libc-2.17.so[7f871b82a000+1b7000]
Aug 7 16:04:30 dc-ad p3scan[6203]: P3Scan terminates now
Aug 7 16:05:06 dc-ad clamd: SelfCheck: Database status OK.

In this moment, Aug 7 16:05:06:

Services: clamd@squidclamav - Enabled, Running
p3scan - Enabled, Stopped

EDIT 2:

After I have disabled Antivirus from POP3 proxy, everything it’s OK: I can receive emails, the p3scan service automatically Running.

1 Like

I’ve been playing with NS7 and just wanted to point out a couple of issues I’ve been finding (not sure if they are by design or not :slight_smile: )

I’ve installed NS7 on a KVM machine running latest CentOS 7.1 from the repository.

  • when I try to access the control pannel via http by typing in the browser neth.mydomain.com:980 instead of the full address, the redirect takes me to the ipadress of the server, instead of the dns address;

  • I’ve unable to install the Pop3 proxy package as well as the Samba Active directory - both give me yum cache errors; I’m aware of the other threads here regarding both issues;

  • when rebooting the service, there is no connectivity message as in NS 6.8, informing the user when the reboot and reconnect ion has been completed; I quite liked that small feature :slight_smile:

  • when creating a user through the control panel, and ticking the box to allow ssh access, does not seem to work at the moment as I haven’t been able to connect through ssh as expected.

  • when creating a Letsencrypt certificate with more than a domain (for example: “neth.mydomain.com mydomain.com” it gives an output where the certifciate issuer is stated as “Fake LE Intermediate X1” and the certificate does not work.

  • don’t seem to be able to delete previously issued certificates (such as the error one above); If we want/have to issue several certificates for different domains and subdomains (as we have to do it one by one) they will rapidly accumulate;

Thanks.

The login username has to contain the domain part, i.e. in my case I use:
ssh filippo.carletti@nethesis.it@nethserver

2 Likes

Yep, confirmed! Thanks for that, I wouldn’t have gotten there by myself!

edit: is there a way to disable the root login in the control pannel? it just makes me uncomfortable to have the root password expose like that.

edit2: another interesting bug i think i found in SOGo is when answering to an email above the quoted text when in the settings it is selected to answer bellow the quoted message - this makes SOGo crash, though I’m certain is nothing to do with NS.

1 Like

i still have the problem with shared folder and openldap (nethserver-directory)
while it seems ok with AD(nethserver-dc)
can anyone confirm it?

1 Like

Hello @StreetGuru maybe pop a long and take a look at under the Development section. SOGo repositories soon to be only for paid support customers

In my opinion, (Sorry but Im tending to go with @alefattorini) and I stopped using Sogo and went with webtop.

And I wont look back. Sorry SoGO, Its now a NoGO…

clinton

Yeah, I’ve seen that thread. I’m using NS 6.8 with the new SOGo 3 and I’m mostly using it exactly for that functionality. Personally, I would prefer as many alternatives as possible and let the users decide which to use. SOGo’s move is in part understandable, and as many point out, it remains an opensource project. I’m sure alternative repos for SOGo will quickly pop-up as it was so widely used on a community level.

2 Likes

I fired up a fresh install in a vm today, used unattended install, updated, rebooted, then installed samba-dc… config failed, unable to create a user. lost the gui error msgs.

(Mon Aug 15 10:27:41:657958 2016) [sssd] [confdb_init_db] (0x0020): Permission check on config file failed. (Mon Aug 15 10:27:41:658044 2016) [sssd] [load_configuration] (0x0010): ConfDB initialization has failed [Operation not permitted] (Mon Aug 15 10:27:41:658131 2016) [sssd] [main] (0x0020): Cannot read config file /etc/sssd/sssd.conf. Please check that the file is accessible only by the owner and owned by root.root.

[root@network sssd]# ls -al total 12 drwx--x--x. 2 sssd sssd 22 Aug 15 10:24 . drwxr-xr-x. 91 root root 8192 Aug 15 10:24 .. -rw-r--r-- 1 root root 0 Aug 15 10:24 sssd.conf

Anything you guys want me to check before I trash this vm and start from scratch again?

1 Like

IIRC it should work that way!

Authentication on Samba shares is available only together with nethserver-dc.

The error message does not help me. Thanks for your test! Please let me know if the problem occurs again!

thank you for the clarification.
it is also written on manual :blush: (sorry for haven’t checked it before… )
so, from a “tester” view it’s all ok, but from a “user point of view” i don’t understand… it’s not a little bit “limiting”?

what happen if i use as external auth ldap or AD?

I agree this may sound like a limitation, a limitation of the OpenLDAP provider we didn’t have on ns6 at the expense of a lot of code. I recall the Samba account database is another account database to keep synchronized with the Unix one (LDAP rfc2307 schema). Very complex setup.

On ns7 there’s just one account DB, being either Samba or OpenLDAP, either local or remote. This saves a lot of code and configuration efforts.

But… we can’t have Samba authentication without a Samba user database.

There should be no big differences between local and remote accounts DB. The only limitation I see on remote account DB is you cannot modify it.

1 Like

Unable to delete user.

I deleted a user in ns7b samba dc w/ nextcloud and the user won’t go away.
I’ve been trying since last week, server has been rebooted during these attempts.

`
Aug 22 09:53:05 server7c esmith::event[19438]: Event: user-delete admin@ad.stan.local
Aug 22 09:53:05 server7c esmith::event[19438]: Failed to get machine PTY: No such file or directory
Aug 22 09:53:05 server7c esmith::event[19438]:
Aug 22 09:53:05 server7c esmith::event[19438]: Action: /etc/e-smith/events/user-delete/S40nethserver-dc-user-delete SUCCESS [0.028353]
Aug 22 09:53:06 server7c esmith::event[19438]: Action: /etc/e-smith/events/user-delete/S90nethserver-sssd-clear-cache SUCCESS [0.541055]
Aug 22 09:53:06 server7c esmith::event[19438]: Event: user-delete SUCCESS
Aug 22 09:53:12 server7c admin-todos: Failed to get machine PTY: No such file or directory

Aug 22 10:02:27 server7c httpd: [NOTICE] NethServer\Tool\ChangePassword: root is changing password to SomeoneElse (admin@ad.stan.local). Members of the adm group have no restriction (score = 1.00)
Aug 22 10:02:29 server7c esmith::event[19845]: Event: password-modify admin@ad.stan.local /tmp/ng-KefpLo
Aug 22 10:02:29 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.012727]
Aug 22 10:02:30 server7c esmith::event[19845]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword admin
Aug 22 10:02:33 server7c esmith::event[19845]: New Password:
Aug 22 10:02:34 server7c esmith::event[19845]: Changed password OK
Aug 22 10:02:34 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set SUCCESS [4.736549]
Aug 22 10:02:37 server7c esmith::event[19845]: Enabled user 'admin’
Aug 22 10:02:37 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock SUCCESS [2.45827]
Aug 22 10:02:37 server7c esmith::event[19845]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.640001]
Aug 22 10:02:37 server7c esmith::event[19845]: Event: password-modify SUCCESS`

1 Like

Any interest in setting up ns to serve as an ntp server and administered from the gui?

Now I can’t create a user.

Aug 22 10:11:26 server7c esmith::event[20018]: Event: user-create bob bob /usr/libexec/openssh/sftp-server
Aug 22 10:11:26 server7c esmith::event[20018]: Failed to get machine PTY: No such file or directory
Aug 22 10:11:26 server7c esmith::event[20018]: 
Aug 22 10:11:26 server7c esmith::event[20018]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.063924]
Aug 22 10:11:26 server7c esmith::event[20018]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.31831]
Aug 22 10:11:26 server7c esmith::event[20018]: Event: user-create SUCCESS
Aug 22 10:11:27 server7c esmith::event[20032]: Event: password-policy-update bob yes
Aug 22 10:11:27 server7c esmith::event[20032]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.084168]
Aug 22 10:11:27 server7c esmith::event[20032]: Failed to get machine PTY: No such file or directory
Aug 22 10:11:27 server7c esmith::event[20032]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.098384]
Aug 22 10:11:27 server7c esmith::event[20032]: Event: password-policy-update SUCCESS
Aug 22 10:11:28 server7c esmith::event[20042]: Event: password-modify bob@ad.stan.local /tmp/ng-aJILrK
Aug 22 10:11:28 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.001725]
Aug 22 10:11:28 server7c esmith::event[20042]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword bob
Aug 22 10:11:29 server7c esmith::event[20042]: New Password:
Aug 22 10:11:29 server7c esmith::event[20042]: ERROR: Failed to set password for user 'bob': Unable to find user "bob"
Aug 22 10:11:30 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set FAILED: 2 [2.807022]
Aug 22 10:11:31 server7c esmith::event[20042]: ERROR: Failed to enable user 'bob': Unable to find account where '(&(objectClass=user)(sAMAccountName=bob))'
Aug 22 10:11:31 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock FAILED: 2 [0.71775]
Aug 22 10:11:31 server7c esmith::event[20042]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.093477]
Aug 22 10:11:31 server7c esmith::event[20042]: Event: password-modify FAILED

Rebooted… still failed.

Aug 22 10:18:10 server7c esmith::event[2139]: Event: user-create tom tom /usr/libexec/openssh/sftp-server
Aug 22 10:18:10 server7c esmith::event[2139]: Failed to get machine PTY: No such file or directory
Aug 22 10:18:10 server7c esmith::event[2139]: 
Aug 22 10:18:10 server7c esmith::event[2139]: Action: /etc/e-smith/events/user-create/S40nethserver-dc-user-create SUCCESS [0.023673]
Aug 22 10:18:10 server7c chronyd[592]: Source 69.41.163.31 replaced with 108.61.194.85
Aug 22 10:18:10 server7c esmith::event[2139]: Action: /etc/e-smith/events/user-create/S90nethserver-sssd-clear-cache SUCCESS [0.213979]
Aug 22 10:18:10 server7c esmith::event[2139]: Event: user-create SUCCESS
Aug 22 10:18:11 server7c esmith::event[2154]: Event: password-policy-update tom yes
Aug 22 10:18:11 server7c esmith::event[2154]: Action: /etc/e-smith/events/password-policy-update/S10nethserver-sssd-clear-cache SUCCESS [0.073909]
Aug 22 10:18:11 server7c esmith::event[2154]: Failed to get machine PTY: No such file or directory
Aug 22 10:18:11 server7c esmith::event[2154]: Action: /etc/e-smith/events/password-policy-update/S30nethserver-dc-password-policy SUCCESS [0.099588]
Aug 22 10:18:11 server7c esmith::event[2154]: Event: password-policy-update SUCCESS
Aug 22 10:18:11 server7c esmith::event[2164]: Event: password-modify tom@ad.stan.local /tmp/ng-4kDbrT
Aug 22 10:18:11 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S25password-set SUCCESS [0.001939]
Aug 22 10:18:11 server7c esmith::event[2164]: spawn /usr/bin/systemd-run -M nsdc -q -t /usr/bin/samba-tool user setpassword tom
Aug 22 10:18:12 server7c esmith::event[2164]: New Password:
Aug 22 10:18:12 server7c esmith::event[2164]: ERROR: Failed to set password for user 'tom': Unable to find user "tom"
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S30nethserver-dc-password-set FAILED: 2 [1.107705]
Aug 22 10:18:12 server7c esmith::event[2164]: ERROR: Failed to enable user 'tom': Unable to find account where '(&(objectClass=user)(sAMAccountName=tom))'
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S40nethserver-dc-user-unlock FAILED: 2 [0.393614]
Aug 22 10:18:12 server7c esmith::event[2164]: Action: /etc/e-smith/events/password-modify/S90password-cleanup SUCCESS [0.127978]
Aug 22 10:18:12 server7c esmith::event[2164]: Event: password-modify FAILED

Thanks for notice my blog post and reblogging it. I joined the Nethserver community and I hope I can contribute.

2 Likes

Hei Jeff, happy to see you here! Thanks for accepting my invite.
As I already said you, help us to improve the product and our documentation. We’re all ears.

Let’s tell us something about you, if you don’t mind.

2 Likes

A post was merged into an existing topic: Weekly welcome to new members - 22 Aug 16

2 posts were split to a new topic: Missing Samba home directory