Displaying 20 results from an estimated 25 matches for "sapphiresunday".
2018 Nov 24
5
[Bug 1303] New: nft improperly merges intervals
...ls
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter: trever at middleearth.sapphiresunday.org
Please consider the following rules:
oifname "ppp0" ip saddr { 10.0.0.0/23, 10.1.1.0/24 } counter packets 76
bytes 4704 masquerade
oifname "ppp0" ip saddr 10.1.1.0/25 counter packets 0 bytes 0
masquerade
oifname "ppp0" ip saddr 10.0.1.0/24...
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
...oss-checked this with our windows AD (same client) and I get an AES only ticket/key:
<...>
Ticket etype: aes256-cts-hmac-sha1-96, kvno 2
Ticket length: 2278
<...>
Any other ideas?
Bye,
Marcel
-----Ursprüngliche Nachricht-----
Von: Trever L. Adams [mailto:trever at middleearth.sapphiresunday.org]
Gesendet: Mittwoch, 19. August 2015 05:55
An: Ritter, Marcel (RRZE) <marcel.ritter at fau.de>; samba at lists.samba.org
Betreff: Re: [Samba] Samba 4 DC - no AES kerberos tickets - only arcfour
On 08/18/2015 02:28 PM, Ritter, Marcel (RRZE) wrote:
> Hi,
>
> I’ve been running a s...
2020 Oct 25
2
doveadm SSL problem with recent update
With a recent update, I started seeing this:
doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied
1 4 * * * vmail /usr/bin/doveadm expunge -A mailbox MAILBOXINQUESTION savedbefore 1w
is one of the crontab entries I am seeing this for.
Is there an option to keep doveadm
2020 Oct 25
0
doveadm SSL problem with recent update
Citeren "Trever L. Adams" <trever at middleearth.sapphiresunday.org>:
> With a recent update, I started seeing this:
>
> doveconf: Fatal: Error in configuration file
> /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file
> /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied
>
> 1 4 * * * vmail /usr/bin/...
2015 Jul 04
0
CUPS backend question - Samba 4
2015-07-04 1:04 GMT+02:00 Trever L. Adams <
trever at middleearth.sapphiresunday.org>:
> Hello,
>
> I have a DC that sits on a different subnet from the CUPS server that I
> would like to use. I would rather not install CUPS on the DC.
>
> Is it possible to change the server name away from localhost for the
> CUPS backend and have it connect to that oth...
2010 Dec 28
1
LDAP binds
...ng Kerberos or Kerberos/PAM. This needs to stay in
place.
Can anyone suggest how I might go about changing my setup to work?
My current ldap setup is as follows (the directories, user id, etc are
set statically in the configuration elsewhere):
tls = yes
hosts = MAILSERVER
base = dc=middleearth,dc=sapphiresunday,dc=org
ldap_version = 3
user_attrs = userPrincipalName=user
user_filter =
(&(objectClass=person)(|(mail=%u)(sAMAccountName=%u)(userPrincipalName=%u)))
# For using doveadm -A:
iterate_attrs = userPrincipalName=user
iterate_filter = (objectClass=person)
Thank you,
Trever Adams
--
"Seize t...
2013 Jul 08
2
Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes)
I am not sure how to get the symbols necessary, however the following is
the backtrace (this is Fedora 19 latest everything):
Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of
memory
Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace:
/usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] ->
/usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] ->
2018 Nov 20
1
[Bug 1302] New: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out
...Version: CVS (please indicate timestamp)
Hardware: x86_64
OS: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
Assignee: netfilter-buglog at lists.netfilter.org
Reporter: trever at middleearth.sapphiresunday.org
>From a script that works with plain iptables:
iptables -A INPUT -i \!ppp0 -p udp --destination-port 53 -j ACCEPT
# iptables-nft -A INPUT -i \!ppp0 -p tcp --destination-port 53 -j ACCEPT
does not work!
In part it yields:
iifname "!ppp0" ip protocol tcp counter packets 0 bytes...
2015 Jul 03
2
CUPS backend question - Samba 4
Hello,
I have a DC that sits on a different subnet from the CUPS server that I
would like to use. I would rather not install CUPS on the DC.
Is it possible to change the server name away from localhost for the
CUPS backend and have it connect to that other server to get the
printers (load printers = yes) and print to that server? Must I have a
CUPS installation on the DC?
Thank you,
Trever
2015 Jul 04
1
CUPS backend question - Samba 4
Hi,
>
> Why don't you create a Member server with cups installed?. I suppose
> that you have a gateway between both subnets, right?
>
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> https://wiki.samba.org/index.php/Samba_as_a_print_server
>
> With that, the cups server can authenticate the users using the DC
> server and you just need to print
2015 Aug 18
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi,
I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“:
# kinit testuser1
testuser1 at S4DOM.TEST's Password:
# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Ticket etype: arcfour-hmac-md5, kvno 1
I can create keytabs containing
2019 Jul 16
3
pigeonhole question: filtering on delivered-to in case of fetchmail
...from outside our
system to give Reply-To into our system!";
??? ?? ??? ??? ? ?? stop;
??? ??? }
??? }
}
Please, not the <% =@name -%> is just that this is from a puppet module
I use to maintain these systems. It is the domain name for the mail
system. An example would be .*@middleearth.sapphiresunday.org here.
Thank you for any help in figuring this out.
The reason I want a reject in the case of non-fetchmail email is to let
users know if they try to do it (as many have multiple email accounts)
and may try it. But in fetchmail cases, no need to leak to the outside
world that users are doing f...
2017 Oct 03
0
Postfix + saslauthd SASL With Kerberos (FreeIPA) unable to send mail
On 10/02/2017 07:00 PM, Anvar Kuchkartaev wrote:
> Hello I just finished setting up FreeIPA with Dovecot + Postfix + Saslauthd. I can easily access to mails using imap via dovecot with gssapi authentication and postfix also delivering mails very well. But I cannot send email from postfix using gssapi authentication (plain and login authentication working fine) because saslauthd is not
2019 Jan 25
1
Discard mail with from date older than xxxx
On 1/24/19 10:07 AM, Per Jessen wrote:
>
> Sorry, I misunderstood.
>
> I rely on spamassasssin to deal with spam.
>
>
> /Per
>
>
You still led me to the correct solution. I use dspam. Occassionally
some odd spams get through. Usually they are using this date trick (not
that it fools dspam). The problem is the content is novel. So, I am
using this to catch what cannot be
2015 Jul 14
2
krbtgt user not showing aes types
I have found source4/scripting/devel/chgtdcpass for adding the aes types
to machines. I know you have to change the password of normal users.
How do you fix this for krbtgt? Can you just change the password? Is
there a recommended method?
Thank you for any help,
Trever
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type:
2015 Aug 19
0
Samba 4 DC - no AES kerberos tickets - only arcfour
On 08/18/2015 02:28 PM, Ritter, Marcel (RRZE) wrote:
> Hi,
>
> I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“:
>
> # kinit testuser1
> testuser1 at S4DOM.TEST's Password:
>
> # klist -v
> Credentials cache:
2015 Aug 19
0
Samba 4 DC - no AES kerberos tickets - only arcfour
On 08/19/2015 12:02 AM, Ritter, Marcel (RRZE) wrote:
> Hi Trever,
>
> things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour:
>
> root at ubuntu1:~# kinit user09999
> user09999 at S4DOM.TEST's Password:
> root at ubuntu1:~# klist -v
> Credentials cache: FILE:/tmp/krb5cc_0
>
2013 May 14
1
dovecot 2.0 -> 2.1 sieve problem
I had a completely working setup before. I upgraded, now I get:
Error: 7LUaNYqHklG6EAAApwKjnA: sieve: execution of script (null) failed,
but implicit keep was successful
sieve = /home/vmail/%Ld/%Ln/.dovecot.sieve
sieve_dir = /home/vmail/%Ld/%Ln/sieve (this was ~/sieve)
I am not quite sure what is going on. Is anyone else seeing this? Any
idea on what has changed? (I am not readily seeing it in
2014 May 01
0
Problems with login_log_format (possible bug?)
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
session=<%{session}>
These are the defaults, at least on a Fedora system.
According to http://wiki2.dovecot.org/Variables, this should record for
user at REALM when seeing the following
Apr 30 18:08:40 TeaSet dovecot: auth: Debug:
auth(user,...,<JhKid0v4bAAKAQG6>): username
2019 Jul 17
0
pigeonhole question: filtering on delivered-to in case of fetchmail
> On 15 Jul 2019, at 18:11, Trever L. Adams via dovecot <dovecot at dovecot.org <https://dovecot.org/mailman/listinfo/dovecot>> wrote:
> >/So, one of the problems I am seeing is that people are trying to fake />/users into revealing information by sending from an outside domain but />/with an internal reply to address and claiming to be administration, IT />/or what