Displaying 20 results from an estimated 1000 matches similar to: "Problems with login_log_format (possible bug?)"
2018 Nov 24
5
[Bug 1303] New: nft improperly merges intervals
https://bugzilla.netfilter.org/show_bug.cgi?id=1303
Bug ID: 1303
Summary: nft improperly merges intervals
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi Trever,
things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour:
root at ubuntu1:~# kinit user09999
user09999 at S4DOM.TEST's Password:
root at ubuntu1:~# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Principal: user09999 at S4DOM.TEST
Cache version: 4
Server: krbtgt/S4DOM.TEST at
2015 Jul 04
0
CUPS backend question - Samba 4
2015-07-04 1:04 GMT+02:00 Trever L. Adams <
trever at middleearth.sapphiresunday.org>:
> Hello,
>
> I have a DC that sits on a different subnet from the CUPS server that I
> would like to use. I would rather not install CUPS on the DC.
>
> Is it possible to change the server name away from localhost for the
> CUPS backend and have it connect to that other server to get
2020 Oct 25
0
doveadm SSL problem with recent update
Citeren "Trever L. Adams" <trever at middleearth.sapphiresunday.org>:
> With a recent update, I started seeing this:
>
> doveconf: Fatal: Error in configuration file
> /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file
> /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied
>
> 1 4 * * * vmail /usr/bin/doveadm expunge -A
2013 Jul 08
2
Crashes with 2.2.4 setup that worked perfectly with 2.2.2 (.2.3 also crashes)
I am not sure how to get the symbols necessary, however the following is
the backtrace (this is Fedora 19 latest everything):
Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of
memory
Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace:
/usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] ->
/usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] ->
2020 Oct 25
2
doveadm SSL problem with recent update
With a recent update, I started seeing this:
doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied
1 4 * * * vmail /usr/bin/doveadm expunge -A mailbox MAILBOXINQUESTION savedbefore 1w
is one of the crontab entries I am seeing this for.
Is there an option to keep doveadm
2010 Dec 28
1
LDAP binds
I am using 2.0.8. Anonymous binds are no longer supported in the
environment I am using. I need to change my userdb ldap setup to bind. I
believe the ldap server does Kerberos (or can) authentication. My users
are authenticating using Kerberos or Kerberos/PAM. This needs to stay in
place.
Can anyone suggest how I might go about changing my setup to work?
My current ldap setup is as follows (the
2018 Nov 20
1
[Bug 1302] New: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out
https://bugzilla.netfilter.org/show_bug.cgi?id=1302
Bug ID: 1302
Summary: iptables v1.8.0 (nf_tables) has a problem inverting
in-interface and maybe out
Product: iptables
Version: CVS (please indicate timestamp)
Hardware: x86_64
OS: All
Status: NEW
Severity: major
Priority:
2001 Apr 20
0
Fudging domain support - samba 2.2.0
Hi;
There is likely a supported way around this problem, but it wasn't
immediately apparent to me. So, I created the enclosed patch to fix my
problem.
What I would like to do is the following:
- run samba in "security = domain"
- not use trusted domains, but allow people to connect from other domains
- not maintain a local encrypted password file for samba, but instead use
our
2015 Jul 03
2
CUPS backend question - Samba 4
Hello,
I have a DC that sits on a different subnet from the CUPS server that I
would like to use. I would rather not install CUPS on the DC.
Is it possible to change the server name away from localhost for the
CUPS backend and have it connect to that other server to get the
printers (load printers = yes) and print to that server? Must I have a
CUPS installation on the DC?
Thank you,
Trever
2015 Jul 04
1
CUPS backend question - Samba 4
Hi,
>
> Why don't you create a Member server with cups installed?. I suppose
> that you have a gateway between both subnets, right?
>
> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
> https://wiki.samba.org/index.php/Samba_as_a_print_server
>
> With that, the cups server can authenticate the users using the DC
> server and you just need to print
2014 Mar 27
0
%{orig_user} missing in checkpassword-Script
Hi everybody,
I'm using SSL client certificates or checkpassword scripts to authenticate
our users. If a user sent a client certificate from his smartcard my
checkpasswort will ignore the password, if he does not sent a client
certificate but uses his OTP-token then my checkwassword script will check
wether the password is a correct one time password.
My problem is: the AUTH_USER variable
2014 May 03
1
%{orig_user} missing in checkpassword-Script
Dear dovecot maintainers:
I'm using SSL client certificates together with a checkpassword scripts
to authenticate our users.
My problem is: In the checkpassword script the AUTH_USER environment
variable will either contain the username that was configured in the
mailclient (if auth_ssl_username_from_cert=false) or the username
from the certificate (if auth_ssl_username_from_cert=true).
I
2016 Jun 16
2
Recipient delimiter and lmtp proxying
Hi,
I'm attempting to proxy lmtp using director to hash to the same backend
as pop3/imap. My pop3/imap users are of the form:
username
and my lmtp users are of the form:
<username at domain>
Where domain is fairly redundant but does carry some useful information.
Now, I can proxy lmtp using user=%{username} and
destuser=%{orig_user}, and this all appears to work correctly.
2019 Jul 16
3
pigeonhole question: filtering on delivered-to in case of fetchmail
So, one of the problems I am seeing is that people are trying to fake
users into revealing information by sending from an outside domain but
with an internal reply to address and claiming to be administration, IT
or what not.
I can set up something that will reject if from is outside the domain by
reply to is internal. The problem is in some setups, there are fetchmail
setups. I do not want to
2013 Aug 17
0
Proxy: %$ should contain username
for nomal operations
* login_log_format_elements = %r %m %k
* login_log_format = %$: %s
would be perfect because "proxy(h.reindl at thelounge.net)" contains the username
*but* in case of auth errors "Disconnected (auth failed, 1 attempts in 2 secs)"
does not show the username - hence currently there exists no way to avoid
username double-logging in normal
2018 Mar 26
1
destuser setting useless on LMTP proxy
I tried setting the "destuser" setting on the LMTP director as follows, to preserve the original envelope rcpt:
protocol lmtp {
auth_socket_path = director-userdb
passdb {
driver = ...
override_fields = destuser=%{orig_user}
}
}
The passdb driver would return the appropriate "user" for each alias. Suppose, for example, user1 has emails user1 at domain.tld,
2013 Sep 25
2
v2.2.6 released
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig
I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though.
* acl: If public/shared
2013 Sep 25
2
v2.2.6 released
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz
http://dovecot.org/releases/2.2/dovecot-2.2.6.tar.gz.sig
I didn't have time to look into the latest reported dsync replication bugs, but this release should have been done a long time ago already and I'm busy for next few days, so no more waiting. Things seem to be working quite well in general though.
* acl: If public/shared
2015 Aug 18
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi,
I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“:
# kinit testuser1
testuser1 at S4DOM.TEST's Password:
# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Ticket etype: arcfour-hmac-md5, kvno 1
I can create keytabs containing