Tuesday, December 11, 2012

mbox files larger 2GB

Using the mbox format for a mailserver can be a problem when much mails
stored in one folder.
The maximal folder size of a mbox is 2GB. For the linux filesystem it is no problem to store larger files, but thunderbird or other programms cannot access to this files.

In this situation are two ways to solve the problem.
The first is the quick and dirty way:
split the file with the linux "split" command and loose the mail where the file is splittet. Then you repair the second part and now you can access to both files.

The better way ist the programm archmbox.
After installing it with aptitude you can split the mailbox cleanly into severel parts, sortet after date. This program is the only i know at the moment that
access a file larger 2gb.

Saturday, December 8, 2012

Using radicale as caldav calendarserver

Here i show how to install a calendarserver with radicale.
The advanteage is that the calender are normal .ics files that could be used directly (over a smb mount).
So at the local network you work with .ics files, with mobile phones you can connect to a caldav server.

For installation i have to modified the sources.list of debian squeeze. (aptpinning)
I replace sequeeze with testing and install the package:
aptitude install radicale

Security
For activating the password option you have to edit this file:
/etc/radicale/config

Here you can link to a password file that has the same construction as .htaccess .
Htpasswd filename htpasswd_filename = /etc/radicale/users 
#Htpasswd encryption method 
# Value: plain | sha1 | crypt htpasswd_encryption = sha1

Storage of the calendar The .ics files are stored here:
 /var/lib/radicale/collections

You can change the place at the config file.
With the first use of the caldav service the file is created.
Otherwise you can copy a .ics file directly tho the directory.
/var/lib/radicale/collections

Using the calendarserver with lightning

For using the calendarserver and caldav with thunderbird you need the lightning plugin.

After installing you add a new calender and chose "network" and then "caldav". The url for the calender looks like this:
http://username:userpassword@serverip:port/calendars/users/username/calendar

Here must the username and userpassword before the ip and at the path be changed.

Installing caldav server on debian

My goal was to install a caldav server, that i can connect from iphone and from local clients like evolution or lightning.
First solution was installing the calendarserver from debian.
I used aptitude to install the packages:
aptitude install calendarserver

The configuration files are here: /etc/caldavd For creating a user you must add this lines to the
/etc/caldavd/accounts.xml  

username userpassword username 

 Global configurations are here:
 /etc/caldavd/caldavd.plist

This points i modified:
The calenderport i changed to 777 for security  
BindHTTPPorts 777

SSL
i don't want to use  
SSLPort 0

At last i have to restart the server:
/etc/init.d/calendarserver restart

Get a copy of every mail that pass the postfix mailserver

For backup i want to get a copy of every mail that pass the postfix. Simply add this line to the main.cf:
always_bcc = myemailadress

Maildelivery problem with postfix at some domains

At the Postfix mailserver i have this problem: eMails are not delivered to every target domain.
As example web.de was not send, gmx.de send without problems.
After searching the problem is a exchange host in the mail chain, and the target mailserver has a wrong option.

He cannot recognize the mime version.
 I added this to my main.cf and solved so the probmem:

smtp_discard_ehlo_keywords = 8bitmime 
smtpd_discard_ehlo_keywords = 8bitmime

Tuesday, March 13, 2012

Problem with squirrelmail attachments

After installing and configurationg squirrelmail,
it works fine.
But forwarding emails with attachment dont work.
Sendind with attachments makes no error, but no attachment is sent
with the mail.

Problem: the /attach directory for squirrelmail dont exist.
After creating everything works fine.

Wednesday, March 7, 2012

hama wlan 150

Hama wlan 150 usb stick could not connect to wlan network.
Network found, but password not accepted.

Solved this way:
Edit
/etc/modprobe.d/blacklist.conf
and add this:
blacklist rt2800usb

With this i add the rt2800usb kernel modul to the blacklist of modules, that are not loaded.
After a reboot the wlan stick works fine.

Monday, February 20, 2012

Debian 5 freeze at notebook during boot

At some notebooks Debian 5 (Lenny) freeze during boot.
Last notification on the screen is: Setting System Clock

In this case there is a error with the clock-driver.
Solution:
Modify these two files:
/etc/init.d/hwclockfirst.sh
/etc/init.d/hwklock.sh

The files must contain this string:
HWCLOCKPARS="--directisa"

Load cycle bug at notebook hdd

All Debian versions i know hat a load-cycle bug in
the hdd driver. This means: When the kernel found a notebook
he activates the hdd power saving.
The hdd go into sleep every 60 seconds and is quickly waked up.
In this case, the s.m.a.r.t. load cycles increase the load-cycle-count
very quick. After a short time the hdd will fail!

You can test it with the smartmontools:
smartctl -a /dev/hda | grep Load_Cycle_Count

Here you can see the value. If it grows fast you can change
turn it off with hdparm:
hdparm -B 254 /dev/hda

I addes it to /etc/rc.local so that it is startet every boot.

Shop i work at the moment

could take a look at what i working at the moment:
www.leds-sparen-strom.de

Tuesday, January 17, 2012

Restricting webserver access

Solution for restricting webserver access from the internet, but clients from local net
can work normal. Adding this to the .htaccess file from apache:


order deny,allow
allow from 10.10.10.10
allow from 10.10.10.11
deny from all
Satisfy Any
AuthName "Please login"
AuthType Basic
AuthUserFile /var/passwordfile
Require user username


This solution guarant access from clients with the ip ..10 and ..11 and
all other clients become a prompt for login.
In this way, i add all local clients to the list, and access with port-forwarding the server.
All other must know username and password.

Debian startup scripts

There are three interestings places for starting programms automaticaly.
First place is the
/etc/rc.local
This script runs at every start of the computer. Here i store things that should run
only when booting like mounting samba shares (other place for mounting is the fttab).

Secound place is the
/home/user/.profile
This script runs on a login shell, when you first login on a (virtual) terminal.
If you start a terminal from gnome, it won't run.

Third place is the
/home/user/.bashrc
This file runs every bash you start. Running a terminal from gnome or kde will
execute this file too.


For completition i show the last script
/home/user/.bash_logout
This scripts run, when leaving a loginshell. At debian default it only clears the screen
for privacy when logging out.


Of course there are more places for starting programmes, but i hope this short overview is helpfull.

Friday, January 6, 2012

Mail after ssh login

Very secure, i run this short script and after each ssh login i get a email to an privat email-account, who was logged in from which ip-address.
If the server would be hacked, the mails goes out so quickly, that the person who breaks in has no chance to stop it.
Even if he removed every sign of his break in, the mails is out!

echo 'Login on' `hostname` `date` `who` | mail -s "Login on `hostname` `who | awk '{print $5}'`" my@email.org

I added the line to my .bashrc file.

Thursday, January 5, 2012

Change a database field to md5 hash

Change all entrys of a fild in a database table to md5 hash,
this sql string works fine:
UPDATE tablename SET fieldname = MD5(fieldname)

Useful for a table with adresses, where the password should be converted.

Asterisk crashes after out of memory

My asterisk server crashes after severeal days with a out of memory problem.
For some day it works fine, then without a cause the server crashes.

Till now i have no idea why. Before the system halted, the oom killer starts to free memory,
but it dont work correctly.

Here a part of the log:

Dec 30 14:59:48 iptam kernel: 12195 pages shared
Dec 30 14:59:48 iptam kernel: 0 pages swap cached
Dec 30 14:59:48 iptam kernel: 2 pages dirty
Dec 30 14:59:48 iptam kernel: 0 pages writeback
Dec 30 14:59:48 iptam kernel: 2204 pages mapped
Dec 30 14:59:48 iptam kernel: 216133 pages slab
Dec 30 14:59:48 iptam kernel: 143 pages pagetables
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7330 (apache2) score 876 or a child
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7330 (apache2) score 876 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7330 (apache2)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7332 (apache2) score 876 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7332 (apache2)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7076 (qmgr) score 303 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7076 (qmgr)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7191 (ntpd) score 251 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7191 (ntpd)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7080 (smbd) score 89 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7086 (smbd)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7314 (faxgetty) score 76 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7314 (faxgetty)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7315 (faxgetty) score 75 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7315 (faxgetty)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7316 (faxgetty) score 75 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7316 (faxgetty)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7317 (faxgetty) score 75 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7317 (faxgetty)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 6993 (faxq) score 74 or a child
Dec 30 14:59:48 iptam kernel: Killed process 6993 (faxq)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 3554 (smbd) score 73 or a child
Dec 30 14:59:48 iptam kernel: Killed process 3554 (smbd)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 6995 (hfaxd) score 68 or a child
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 6995 (hfaxd) score 68 or a child
Dec 30 14:59:48 iptam kernel: Killed process 6995 (hfaxd)
Dec 30 14:59:48 iptam kernel: Out of memory: kill process 7282 (apache2) score 54 or a child
Dec 30 14:59:48 iptam kernel: Killed process 7282 (apache2)
Dec 30 14:59:48 iptam kernel: hfcmulti_rx: CRC-error
Dec 30 14:59:48 iptam smbd[7080]: Unable to open printcap file /etc/printcap for read!
Dec 30 14:59:48 iptam smbd[7080]: [2011/12/30 14:59:48, 0] printing/pcap.c:pcap_cache_reload(159)
Dec 30 14:59:48 iptam smbd[7080]: Unable to open printcap file /etc/printcap for read!
Dec 30 14:59:49 iptam FaxGetty[31739]: OPEN /dev/ttyIAX03 HylaFAX (tm) Version 4.3.1
Dec 30 14:59:49 iptam FaxGetty[31738]: OPEN /dev/ttyIAX02 HylaFAX (tm) Version 4.3.1
Dec 30 14:59:49 iptam FaxGetty[31737]: OPEN /dev/ttyIAX01 HylaFAX (tm) Version 4.3.1
Dec 30 14:59:49 iptam FaxGetty[31736]: OPEN /dev/ttyIAX00 HylaFAX (tm) Version 4.3.1
Dec 30 14:59:58 iptam FaxGetty[31739]: MODEM WWW.SOFT-SWITCH.ORG spandsp/
Dec 30 14:59:58 iptam FaxGetty[31736]: MODEM WWW.SOFT-SWITCH.ORG spandsp/
Dec 30 14:59:58 iptam FaxGetty[31738]: MODEM WWW.SOFT-SWITCH.ORG spandsp/
Dec 30 14:59:58 iptam FaxGetty[31737]: MODEM WWW.SOFT-SWITCH.ORG spandsp/
Dec 30 15:00:19 iptam kernel: hfcmulti_rx: CRC-error
Dec 30 15:01:12 iptam kernel: hfcmulti_rx: CRC-error
Dec 30 15:01:22 iptam kernel: hfcmulti_rx: CRC-error
Dec 30 15:03:41 iptam smbd[9372]: [2011/12/30 15:03:41, 0] printing/pcap.c:pcap_cache_reload(159)
Dec 30 15:03:41 iptam smbd[9372]: Unable to open printcap file /etc/printcap for read!
Dec 30 15:03:41 iptam smbd[9372]: [2011/12/30 15:03:41, 0] printing/pcap.c:pcap_cache_reload(159)
Dec 30 15:03:41 iptam smbd[9372]: Unable to open printcap file /etc/printcap for read!
Dec 30 15:05:24 iptam kernel: hfcmulti_rx: CRC-error
Jan 1 15:09:49 iptam syslogd 1.4.1#18: restart.

Creating own repository

I am interested in creating an own repository.

On the web-server i need in the simplest way 3 files:

Packages.gz
Release
Release.gpg

Create a directory, and store the .deb file there.
Then i run apt-ftparchive:
apt-ftparchive packages . > Packages

and compress it with gzip:
gzip -9 Packages

Then creating release file with:
apt-ftparchive release . > Release

Now i sign the Release file with gpg:
gpg -u mail@domain.com --output Release.gpg -ba Release

The three files i store at a webserver and now i can add this line to:
deb http://yourserver.de ./


German tutorial is here: http://bit.ly/ACUJR5