similar to: doveadm SSL problem with recent update

Citeren "Trever L. Adams" <trever at middleearth.sapphiresunday.org>: > With a recent update, I started seeing this: > > doveconf: Fatal: Error in configuration file > /etc/dovecot/conf.d/10-ssl.conf line 14: ssl_cert: Can't open file > /etc/letsencrypt/live/SERVER/fullchain.pem: Permission denied > > 1 4 * * * vmail /usr/bin/doveadm expunge -A

https://bugzilla.netfilter.org/show_bug.cgi?id=1303 Bug ID: 1303 Summary: nft improperly merges intervals Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: critical Priority: P5 Component: nft Assignee: pablo at netfilter.org

Hi Trever, things improved after resetting user/machine passwords, however only the session key is using aes256 now, the ticket itself is still arcfour: root at ubuntu1:~# kinit user09999 user09999 at S4DOM.TEST's Password: root at ubuntu1:~# klist -v Credentials cache: FILE:/tmp/krb5cc_0 Principal: user09999 at S4DOM.TEST Cache version: 4 Server: krbtgt/S4DOM.TEST at

I am not sure how to get the symbols necessary, however the following is the backtrace (this is Fedora 19 latest everything): Jul 8 03:23:02 MX dovecot: auth: Fatal: block_alloc(2147483648): Out of memory Jul 8 03:23:02 MX dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x5f437) [0x7f97a952f437] -> /usr/lib64/dovecot/libdovecot.so.0(+0x5f4fe) [0x7f97a952f4fe] ->

Hello, I have a DC that sits on a different subnet from the CUPS server that I would like to use. I would rather not install CUPS on the DC. Is it possible to change the server name away from localhost for the CUPS backend and have it connect to that other server to get the printers (load printers = yes) and print to that server? Must I have a CUPS installation on the DC? Thank you, Trever

Hi, > > Why don't you create a Member server with cups installed?. I suppose > that you have a gateway between both subnets, right? > > https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server > https://wiki.samba.org/index.php/Samba_as_a_print_server > > With that, the cups server can authenticate the users using the DC > server and you just need to print

Hi, I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“: # kinit testuser1 testuser1 at S4DOM.TEST's Password: # klist -v Credentials cache: FILE:/tmp/krb5cc_0 Ticket etype: arcfour-hmac-md5, kvno 1 I can create keytabs containing

I am using 2.0.8. Anonymous binds are no longer supported in the environment I am using. I need to change my userdb ldap setup to bind. I believe the ldap server does Kerberos (or can) authentication. My users are authenticating using Kerberos or Kerberos/PAM. This needs to stay in place. Can anyone suggest how I might go about changing my setup to work? My current ldap setup is as follows (the

https://bugzilla.netfilter.org/show_bug.cgi?id=1302 Bug ID: 1302 Summary: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out Product: iptables Version: CVS (please indicate timestamp) Hardware: x86_64 OS: All Status: NEW Severity: major Priority:

So, one of the problems I am seeing is that people are trying to fake users into revealing information by sending from an outside domain but with an internal reply to address and claiming to be administration, IT or what not. I can set up something that will reject if from is outside the domain by reply to is internal. The problem is in some setups, there are fetchmail setups. I do not want to

Hello Everyone, I saw the text about the change and needing to define an inbox namespace. Everything seems to work fine except doveadm. I get the following from a cronjob that has worked well for years now. doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox doesn't exist: TRASH doveadm(account at example.com): Error: Syncing mailbox TRASH failed: Mailbox

2015-07-04 1:04 GMT+02:00 Trever L. Adams < trever at middleearth.sapphiresunday.org>: > Hello, > > I have a DC that sits on a different subnet from the CUPS server that I > would like to use. I would rather not install CUPS on the DC. > > Is it possible to change the server name away from localhost for the > CUPS backend and have it connect to that other server to get

On 1/24/19 12:15 AM, Per Jessen wrote: > Trever L. Adams wrote: > >> I know that sieve doesn't do math. The file would be created >> externally. >> >> Based on examples in section 4.4 of >> https://tools.ietf.org/html/rfc5260#section-4 >> >> I figured something like this would work. >> >> if date :value "le" :originalzone

On 04/25/2011 09:12 AM, Trever L. Adams wrote: > > As I look at the code in the hg reference above, I think there is a bug. > If HOME should be preserved as first, and some of these others may be > critical to proper operation, they should be preserved automatically, no > matter what the configuration says. This seems to be contrary to the > code and to the top of the page

I have found source4/scripting/devel/chgtdcpass for adding the aes types to machines. I know you have to change the password of normal users. How do you fix this for krbtgt? Can you just change the password? Is there a recommended method? Thank you for any help, Trever -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type:

This is a continuation of a problem I have been having. Samba 4 has recently changed to require binds. I need LDAP to verify users exist. I am using Kerberos (GSSAPI) as the passdb. Samba can handle GSSAPI/Kerberos SASL binds. I have the following in my dovecot-ldap setup for userdb: dn = smtp/mailhost.example.org at EXAMPLE.ORG sasl_bind = yes sasl_mech = GSSAPI sasl_realm = EXAMPLE.ORG

Hello All, I am in the United States where we have e-discovery rules. Some organizations have to retain data for a certain amount of time, others are required to have a data retention policy. This means that while it should probably be possible for a user to "delete" an email so they do not see it. The server needs to store it, possibly in a tree that mirrors the folder setup of

I know that sieve doesn't do math. The file would be created externally. Based on examples in section 4.4 of https://tools.ietf.org/html/rfc5260#section-4 I figured something like this would work. if date :value "le" :originalzone "date" "date" "2018-10-25" { ??????? fileinto "SPAM"; ??????? stop; } However, I get the following. spam: line

The dovecot instance set up with auth_realms and auth_default_realm variables and it is working well. In saslauthd configurations setting same variables giving configuration parsing error (I think it is not right way to configure kerberos realm in saslauthd). However testsaslauthd working without any problems even if I don't specify realm parameter from command line. On 03/10/17 06:17,

Thanks to Timo, I have solved all but one of my problems. For back ground, I am using Samba4 as an AD. I have the userdb working from LDAP just fine and kerberos authenetication for dovecot's IMAP server working fine. The problem is using dovecot's SASL with postfix. I also have plain/login working in imap and smtp. Both use pam_krb5 through pam to authenticate clients that don't have