In the past weeks, I have been working on a deployment of Dynamics NAV 2018. This is quite a change for me, to work again on a Windows machine, and with closed source software. Fortunately, there are already some resources on the web, eg. Powershell scripts by Waldo: https://github.com/waldo1001/Cloud.Ready.Software.PowerShell/tree/master/PSScripts

Today, I want to publish some basic Batch scripts that help our team to start our development environment. In our setup, we have a normal unprivileged Windows user. But we need a privileged user for access to the Dynamics NAV Server. Lets assume that the privileged user has a suffix called -p for privileged.

startDynamicsNAVClient.bat

This script will just start the Dynamics NAV 2018 client, running as the privileged user.

@echo off
runas /user:"MYDOMAIN\%USERNAME%-p" "C:\Program Files (x86)\Microsoft Dynamics NAV\110\RoleTailored Client\Microsoft.Dynamics.Nav.Client.exe -settings:\\files\ERP\RTCCONFIG\DEV110_NST01_V103.config"

startDynamicsNAVIDE.bat

This script will start the Dynamics NAV IDE, which we use mainly for the Object Designer. We need the parameter generatesymbolreference, so that the symbols will be generated when we compile the C/AL code, so that the symbols are available for AL development in VS Code.

It seems we have some issue with localization, some users need Ja (german culture), others need Yes as the value for generatesymbolreference.

@echo off
REM runs the Dynamics NAV IDE (Object Designer)
REM some users have to use generatesymbolreference=Ja others need generatesymbolreference=Yes
REM we try to determine the language settings by the variable HomePath: Users vs Benutzer
set "generatesymbolreference=Ja"
if "%ProgramFiles%" equ "C:\Program Files" (SET /A generatesymbolreference=Yes)
runas /user:"MYDOMAIN\%USERNAME%-p" "C:\Program Files (x86)\Microsoft Dynamics NAV\110\RoleTailored Client\finsql.exe generatesymbolreference=%generatesymbolreference%"

startDynamicsNAVShell.bat

This script starts a PowerShell with the right startup parameters, so that some specific modules will be preloaded for development of Dynamics NAV. This seems to be quite tricky, to start PowerShell with another user. So we call the Batch script again as the different user, in order to be able to start PowerShell as that user.

@echo off
REM start the DynamicsNAV Development PowerShell
SET mypath=%~dp0
echo %mypath%
IF "%USERNAME:~-2%" neq "-p" (
  runas /user:"MYDOMAIN\%USERNAME%-p" "%mypath%\startDynamicsNAVShell.bat"
) else (
  cd C:\Users\%USERNAME%\DEV
  C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe  -NoExit -ExecutionPolicy RemoteSigned " & ' C:\Program Files (x86)\Microsoft Dynamics NAV\110\RoleTailored Client\NavModelTools.ps1 ' "
)

startVSCode.bat

Last, but not least: we start VSCode as a different user.

@echo off
start runas /user:"MYDOMAIN\%USERNAME%-p" "C:\Program Files\Microsoft VS Code\Code.exe"
Tags: , ,
Posted in Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

Because of these changes, the following packages have been rebuilt as well: kolab-freebusy, iRony

Tags: ,
Posted in Hosting, Software Development | Comments Closed

This is an updated version of the post from July 2015: https://www.pokorra.de/2015/07/submitting-patches-to-kolab-via-phabricator/

For a description of phabricator, see the post from July 2015.

Here are the updated instructions for using arcanist with CentOS7:

yum install git vim php-cli python-pep8
# this does not work because of contradicting dependancies:
# wget https://obs.kolabsys.com/repositories/Tools/CentOS_7/Tools.repo -O /etc/yum.repos.d/kolab-tools.repo
# yum install arcanist
git clone https://github.com/phacility/libphutil.git
git clone https://github.com/phacility/arcanist.git
export PATH=$PATH:/root/arcanist/bin/
arc set-config default https://git.kolab.org
arc install-certificate 
# go to https://git.kolab.org/conduit/login/ and copy the token and paste it to arc

Now get the repository you want to work with, eg. pykolab:

export PATH=$PATH:/root/arcanist/bin/
git clone https://git.kolab.org/diffusion/P/pykolab.git
cd pykolab
# do your changes
# vi pykolab/auth/ldap/__init__.py
git commit -a
arc diff            # Creates a new revision out of ALL unpushed commits on
                    # this branch.

Now you have a new Differential revision, in my example at: https://git.kolab.org/D559

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Today, one of our customers at TBits.net noticed that when composing an e-mail in Roundcube, there is a spell checker button at the top. But only for English, and when there was text in the e-mail, and he clicked on the spell check button, he got the message: “An error was encountered on the server. Please try again later.”

I found the cause in the Roundcube log file, in /var/log/roundcubemail/errors:

PHP Error: Spell check engine error: Pspell extension not available in /usr/share/roundcubemail/program/steps/utils/spell.inc on line 50

So I installed the required packages:

yum install php-pspell aspell-de
systemctl restart httpd

Now this works for English. It seems for German and other languages, there are no packages readily available in the repositories.
I checked https://apps.fedoraproject.org/packages/aspell-de, there are packages for Fedora, but not for EPEL.

So you go to https://ftp.gnu.org/gnu/aspell/dict/0index.html#0.60 and download the dictionary for your language, and install it like this on your Kolab server:

tar xjf aspell6-de-20030222-1.tar.bz2
cd aspell6-de-20030222-1
./configure
make
make install

Now do a reload in Roundcube, and now you can check your spelling even in German!

 

Update: It was suggested by Luca Berra from Italy, to use enchant and hunspell instead of pspell/aspell.

For a discussion of hunspell vs aspell, see http://penguindreams.org/blog/aspell-and-hunspell-a-tale-of-two-spell-checkers/

Luca gave me these instructions:

yum install php-enchant hunspell-it
 
vi /etc/roundcubemail/config.inc.php
    $config['spellcheck_engine'] = 'enchant';

I have not tested this. Thanks to Luca for this suggestion!

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Various updated packages in Kolab 16   November 17th, 2017

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

Because of these changes, the following packages have been rebuilt as well: php-sabre-dav, kolab-syncroton, kolab-freebusy, iRony, pykolab, kolab-utils, libkolab.

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

Today, the roundcubemail package has been updated from version 1.3.0.41 to 1.3.3. This fixes a security issue, described in https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10. Also see the release notes https://roundcube.net/news/2017/09/04/update-1.3.1-released and https://roundcube.net/news/2017/10/31/update-1.3.2-released for new changes.
Because of this, the packages iRony, kolab-freebusy and kolab-syncroton have been rebuilt as well.

In the past days, erlang-eimap has been updated with a patch for untagged commands. Because of that, guam has also been rebuilt. For details see https://obs.kolabsys.com/package/rdiff/Kolab:16/erlang-eimap?linkrev=base&rev=8

Tags: , ,
Posted in Hosting, Software Development | Comments Closed

Ansible with su instead of sudo   October 13th, 2017

At TBits.net, we have decided to use Ansible for setting up our servers.

The most documented way of installing something on a machine via Ansible is using sudo: you create a normal user (eg. called deploy), that you can use with SSH to login to the machine, and if that user has sudo permissions (eg. part of the group wheel in CentOS), then you can install software with root privileges.

The call is quite easy:

ansible-playbook myplaybook.yaml --user=deploy --ask-become-pass

Now we wanted to limit access only to users who have the actual password for root.

Finally, this worked on the command line:

ansible-playbook myplaybook.yaml --user=deploy --become --become-method=su --ask-become-pass

Now, I wanted to specify these parameters in my ansible.cfg file. It took me a while to find out how to do this. I found https://github.com/ansible/ansible/blob/devel/lib/ansible/config/base.yml which was helpful.

[defaults]
remote_user=deploy
 
[privilege_escalation]
become = true
become_method = su
become_ask_pass = true

Two pitfalls that are solved by this:

  • You need to specify the become settings in section privilege_escalation, not just in defaults.
  • The command line parameter ask-become-pass becomes become_ask_pass in the config file.

This works with Ansible 2.3.2 on CentOS 7.4.

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past weeks, the kolab-autoconf package has been updated from version 0.1 to 0.2. This affects Debian/Ubuntu and RHEL/CentOS.

For details see:

Tags: ,
Posted in Hosting, Software Development | Comments Closed

A customer of TBits.net asked about notifications: you set up a filter in Roundcube, and you will be notified whenever an email arrives, and the notification is sent to an email address that you check more regularly. It is not like forwarding the message, but the notification does not contain the message itself, to force you to use Roundcube and keep the contents of the email secure on our mail server. This scenario applies to people working for a company or charity and not checking mails regularly, but wanting to be informed on their private email accounts at GMail or Hotmail or whereever. This way data protection is enforced, but still people know about their new emails.

It took me a while to find this page: https://www.cyrusimap.org/imap/reference/manpages/configs/imapd.conf.html which mentions:

sievenotifier:
Notifyd(8) method to use for “SIEVE” notifications. If not set, “SIEVE” notifications are disabled.

See also https://www.cyrusimap.org/imap/reference/manpages/systemcommands/notifyd.html

So you set in /etc/imapd.conf:

sievenotifier: mailto

And I assume you have in your /etc/cyrus.conf:

notify      cmd="notifyd"   listen="/var/lib/imap/socket/notify"    proto="udp" prefork=1

The notification email will look like this:

Subject: [SIEVE] New mail notification
From:    Mail Sieve Subsystem
Body:
  your customized text defined in the filter
 
  Action(s) taken:

These strings are hard coded unfortunately. I am wondering if I should patch them out in our own build of Cyrus…

Here is the code:

https://github.com/cyrusimap/cyrus-imapd/blob/master/sieve/script.c#L666

strcpy(actions_string,"Action(s) taken:\n");

https://github.com/cyrusimap/cyrus-imapd/blob/master/notifyd/notify_mailto.c#L121

fprintf(sm, "From: Mail Sieve Subsystem <%s>\r\n", config_getstring(IMAPOPT_POSTMASTER));
fprintf(sm, "To: <%s>\r\n", options[0]);
fprintf(sm, "Subject: [%s] New mail notification\r\n", class);
Tags:
Posted in Software Development | Comments Closed