Difference between revisions of "SME9DEV user feedback"

From SME Server
Jump to navigationJump to search
Line 14: Line 14:
 
  [Fri Jan 25 22:59:23 2013] [error] [client 127.0.0.1] Can't locate object method "host" via package "URI::_generic" at /etc/e-smith/web/common/cgi-bin/login line 162., referer: https://192.168.7.154/server-common/cgi-bin/login?redirect=1&back=http%253a%252f%252f192.168.7.154%252fserver-manager%252f
 
  [Fri Jan 25 22:59:23 2013] [error] [client 127.0.0.1] Can't locate object method "host" via package "URI::_generic" at /etc/e-smith/web/common/cgi-bin/login line 162., referer: https://192.168.7.154/server-common/cgi-bin/login?redirect=1&back=http%253a%252f%252f192.168.7.154%252fserver-manager%252f
  
* If we try to access the server-manager again, it's working (as we already have our cookie). It's just the redirection after the login which is broken. The problem seems to be that the URL is not encoded in the same way in the back variable. To fix this, we need to update to regexp which detects if the parameter needs to be url unencoded in /etc/e-smith/web/common/login, line 116:
+
* If we try to access the server-manager again, it's working (as we already have our cookie). It's just the redirection after the login which is broken. The problem seems to be that the URL is not encoded in the same way in the back variable. It seems that the back parameter is double encoded. We can update the regexp which detects if the parameter needs to be url unencoded in /etc/e-smith/web/common/login, line 116:
 
<pre>
 
<pre>
 
$back = uri_unescape($back) if $back && $back =~ m/^https?%3A%2F%2F/;
 
$back = uri_unescape($back) if $back && $back =~ m/^https?%3A%2F%2F/;
Line 22: Line 22:
 
$back = uri_unescape($back) if $back && $back =~ m/^https?%(25)?3A%(25)?2F%(25)?2F/i;
 
$back = uri_unescape($back) if $back && $back =~ m/^https?%(25)?3A%(25)?2F%(25)?2F/i;
 
</pre>
 
</pre>
 +
 +
Or find why the param is double encoded
  
 
* The only two panels which doesn't work (well, I'v not tested all the funcitonnalities) are Quotas and Backups. Both dies with the following error:
 
* The only two panels which doesn't work (well, I'v not tested all the funcitonnalities) are Quotas and Backups. Both dies with the following error:

Revision as of 21:58, 27 January 2013

Information.png Tip:
This page contains bits and pieces of user feedback regarding the development (and testing) of the next SME Server release based on CentOS6.
See SME_on_CentOS_6. Your feedback would be appreciated too, so please share you feedback on this page. Thanks!. Please note that all the below is unstructured user feedback. Your findings that require developers attention should be logged in our Bug Tracker


You can find our Bug Tracker here

HTTPD / server-manager

yum install mod_ssl
yum install perl-suidperl
  • after fixing those two issues, we get a blank page after login on the server-manager, logs (admin_error_log) print the following error:
[Fri Jan 25 22:59:23 2013] [error] [client 127.0.0.1] Can't locate object method "host" via package "URI::_generic" at /etc/e-smith/web/common/cgi-bin/login line 162., referer: https://192.168.7.154/server-common/cgi-bin/login?redirect=1&back=http%253a%252f%252f192.168.7.154%252fserver-manager%252f
  • If we try to access the server-manager again, it's working (as we already have our cookie). It's just the redirection after the login which is broken. The problem seems to be that the URL is not encoded in the same way in the back variable. It seems that the back parameter is double encoded. We can update the regexp which detects if the parameter needs to be url unencoded in /etc/e-smith/web/common/login, line 116:
$back = uri_unescape($back) if $back && $back =~ m/^https?%3A%2F%2F/;

needs to become:

$back = uri_unescape($back) if $back && $back =~ m/^https?%(25)?3A%(25)?2F%(25)?2F/i;

Or find why the param is double encoded

  • The only two panels which doesn't work (well, I'v not tested all the funcitonnalities) are Quotas and Backups. Both dies with the following error:
[Sun Jan 27 19:53:29 2013] [error] [client 127.0.0.1] Can't locate Quota.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /etc/e-smith/web/panels/manager/cgi-bin/backup line 3035., referer: https://sme9.domain.tld/server-manager/navigation

There is a perl-Quotas rpm installed but it's compiled for el5, so the path are not correct. We need a rebuilt rpm for perl-Quota

Squid

squid doesn't start, and the following errors are printed in /var/log/messages

2013/01/25 22:17:35| WARNING: -D command-line option is obsolete.
2013/01/25 22:17:35| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'.
2013/01/25 22:17:35| SECURITY NOTICE: Overriding config setting. Using 'all' instead.
2013/01/25 22:17:35| WARNING: (B) '::/0' is a subnetwork of (A) '::/0'
2013/01/25 22:17:35| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable
2013/01/25 22:17:35| WARNING: You should probably remove '::/0' from the ACL named 'all'
2013/01/25 22:17:35| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2013/01/25 22:17:35| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2013/01/25 22:17:35| WARNING: For now we will assume you meant to write /24
2013/01/25 22:17:35| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2013/01/25 22:17:35| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2013/01/25 22:17:35| WARNING: For now we will assume you meant to write /24
2013/01/25 22:17:35| ERROR: Directive 'extension_methods' is obsolete.

So several problems here:

  • We need to remove the -D arg from /var/services/squid/run
  • We need to remove the file /etc/e-smith/templates/etc/squid/squid.conf/20ACL00all (which just contains acl all src 0.0.0.0/0.0.0.0 and is not needed anymore)
  • we need to convert acl in CIDR notation (for now, they are retrieved using esmith::NetworksDB::local_access_spec, which doesn't support cidr)
  • we need to remove /etc/e-smith/templates/etc/squid/squid.conf/35extension_methods (extensionmethods is not supported anymore as it was not usefull anymore)

clamav

  • user created during clamd installation is now clam (used to be clamav), templates for /etc/clamd.conf and /etc/freshclam.conf need to be adjusted
  • DatabaseDirectory is now /var/lib/clamav (used to be /var/clamav), templates for /etc/clamd.conf and /etc/freshclam.conf need to be adjusted
  • LocalSocket should now be /var/run/clamav/clamd.socket (use to be /var/clamav/clamd.socket), templates for /etc/clamd.conf need to be adjusted
  • Permissions on /var/spool/qpsmtpd/ (provided by smeserver-qpsmtpd) should also be adjusted (clam instead of clamav group)

qpsmtpd

Doesn't start. See Bug #7223: qpsmtp does not start

@400000005102ec023094f554 Can't locate Qpsmtpd/TcpServer.pm in @INC (@INC contains: lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/qpsmtpd-forkserver line 13.
@400000005102ec023094fd24 BEGIN failed--compilation aborted at /usr/bin/qpsmtpd-forkserver line 13
  • We should rebuild qpsmtpd with a simple spec file change to use /usr/share/perl5/vendor_perl instead of /usr/lib/perl5/site_perl

radius

Radiusd doesn't start with this error

radiusd: Error: No log destination specified
  • To fix this error, we need to add ”-l stdout” as argument to radiusd in /var/service/radiusd/run

After that, the following error occures:

@400000005103145934920bc4 Sat Jan 26 00:25:03 2013 : Info: Starting - reading configuration files ...
@400000005103145937a239c4 Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[115]: Failed to link to module 'rlm_ldap': file not found 
@400000005103145937a2c27c Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[177]: Failed to load module "ldap".
@400000005103145937a2fd14 Sat Jan 26 00:25:03 2013 : Error: /etc/raddb/radiusd.conf[177]: Failed to parse "ldap" entry.
@400000005103145937a39954 Sat Jan 26 00:25:03 2013 : Error: Failed to load virtual server <default>
  • To fix this, we have to install freeradius-ldap, which is now in its own package (freeradius-ldap should be added as required by e-smith-radiusd)


syslog

upstart/sysvinit

  • in EL6, SysVinit is replaced with upstart, and upstart doesn't support rc7 runlevel. One option is to move to rc4 as default runlevel.

Bug #7217: SysVinit -> upstart Bug #7227: rc7 -> rc4l

LDAP

  • openldap-servers is not installed (missing a Requires: openldap-servers in e-smith-ldap's spec file)
  • we need to add -f /etc/openldap/slapd.conf arg when launching slapd (in /var/service/ldap/run), or it will try to convert this file the the new slapd.d style
  • schema file /etc/openldap/schema/redhat/autofs.schema is missing. In EL5, it was provided by openldap-servers. I don't think this schema is used so it may just need to be removed from the config file
  • slapd fails to start with this error:
/etc/openldap/slapd.conf: line 27: unknown directive <schemacheck> outside backend info and database definitions

console

iptables

  • Starting the masq script (/etc/init.d/masq start) throw several warnings:
[root@sme9 ~]# /etc/init.d/masq restart

Shutting down IP masquerade and firewall rules:         Done!

Enabling IP masquerading: WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
done
[root@sme9 ~]# 
  • We need to migrate settings in /etc/modprobe.conf into /etc/modprobe.d/
  • masq templates need to be adjusted to use extrapositioned negation

ntp

  • the ntp daemon doesn't start, and prints this error in its log (/var/log/ntpd/current)
@40000000510573140c2615a4 27 Jan 19:33:46 ntpdate[22096]: step time server 213.251.172.92 offset -0.002228 sec
@40000000510573140c43658c ntpd: error while loading shared libraries: libc.so.6: failed to map segment from shared object: Cannot allocate memory

The problem is the memory limit which is too low. The default is set to 12000000 (db configuration getprop ntpd MemLimit). Rising this value fixes the issue (we need to find the best value here, Ive tried 22000000)

various

  • manually running expand-templates has no effect (but the command exit with success). Templates expanded in signal-event are working