Homepage of Timotheus Pokorra

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

• kolab-freebusy: https://obs.kolabsys.com/request/show/2183, Repack of tagged version
• guam: https://obs.kolabsys.com/package/rdiff/Kolab:16/guam?linkrev=base&rev=20, Allow empty lines in commands

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

• roundcubemail-plugins-kolab: https://obs.kolabsys.com/request/show/2176, Update from version 3.3.4 to 3.3.5
• kolab-syncroton: https://obs.kolabsys.com/request/show/2168, Update from 2.3.7 to 2.3.8

Because of these changes, the following packages have been rebuilt as well: kolab-freebusy, iRony

This is an updated version of the post from July 2015: https://www.pokorra.de/2015/07/submitting-patches-to-kolab-via-phabricator/

For a description of phabricator, see the post from July 2015.

Here are the updated instructions for using arcanist with CentOS7:

yum install git vim php-cli python-pep8
# this does not work because of contradicting dependancies:
# wget https://obs.kolabsys.com/repositories/Tools/CentOS_7/Tools.repo -O /etc/yum.repos.d/kolab-tools.repo
# yum install arcanist
git clone https://github.com/phacility/libphutil.git
git clone https://github.com/phacility/arcanist.git
export PATH=$PATH:/root/arcanist/bin/
arc set-config default https://git.kolab.org
arc install-certificate 
# go to https://git.kolab.org/conduit/login/ and copy the token and paste it to arc

Now get the repository you want to work with, eg. pykolab:

export PATH=$PATH:/root/arcanist/bin/
git clone https://git.kolab.org/diffusion/P/pykolab.git
cd pykolab
# do your changes
# vi pykolab/auth/ldap/__init__.py
git commit -a
arc diff            # Creates a new revision out of ALL unpushed commits on
                    # this branch.

Now you have a new Differential revision, in my example at: https://git.kolab.org/D559

Today, one of our customers at TBits.net noticed that when composing an e-mail in Roundcube, there is a spell checker button at the top. But only for English, and when there was text in the e-mail, and he clicked on the spell check button, he got the message: “An error was encountered on the server. Please try again later.”

I found the cause in the Roundcube log file, in /var/log/roundcubemail/errors:

PHP Error: Spell check engine error: Pspell extension not available in /usr/share/roundcubemail/program/steps/utils/spell.inc on line 50

So I installed the required packages:

yum install php-pspell aspell-de
systemctl restart httpd

Now this works for English. It seems for German and other languages, there are no packages readily available in the repositories.
I checked https://apps.fedoraproject.org/packages/aspell-de, there are packages for Fedora, but not for EPEL.

So you go to https://ftp.gnu.org/gnu/aspell/dict/0index.html#0.60 and download the dictionary for your language, and install it like this on your Kolab server:

tar xjf aspell6-de-20030222-1.tar.bz2
cd aspell6-de-20030222-1
./configure
make
make install

Now do a reload in Roundcube, and now you can check your spelling even in German!

Update: It was suggested by Luca Berra from Italy, to use enchant and hunspell instead of pspell/aspell.

For a discussion of hunspell vs aspell, see http://penguindreams.org/blog/aspell-and-hunspell-a-tale-of-two-spell-checkers/

Luca gave me these instructions:

yum install php-enchant hunspell-it
 
vi /etc/roundcubemail/config.inc.php
    $config['spellcheck_engine'] = 'enchant';

I have not tested this. Thanks to Luca for this suggestion!

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

• cyrus-imapd: https://obs.kolabsys.com/request/show/2144, “Prevent unreadable/unwriteable /dev/null from getting in the way”
• kolab-autoconf: https://obs.kolabsys.com/request/show/2143, “Check in version 1.3”
• kolab: https://obs.kolabsys.com/request/show/2121, “Omit the dependency on kolab-utils”
• libcalendaring: https://obs.kolabsys.com/request/show/2120, “Correct shebangs”
• php-sabre-vobject: https://obs.kolabsys.com/request/show/2159, “Avoid unintentional RRULE modifications upon SNOOZE”
• roundcubemail-plugins-kolab: https://obs.kolabsys.com/request/show/2141, “Correct symlink, move existing file out of the way; Release of version 3.3.4; Fix Etc/UTC timezone”
• roundcubemail: https://obs.kolabsys.com/request/show/2158, “Stop dropping columns, Set temp_dir to /tmp”

Because of these changes, the following packages have been rebuilt as well: php-sabre-dav, kolab-syncroton, kolab-freebusy, iRony, pykolab, kolab-utils, libkolab.

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

Today, the roundcubemail package has been updated from version 1.3.0.41 to 1.3.3. This fixes a security issue, described in https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10. Also see the release notes https://roundcube.net/news/2017/09/04/update-1.3.1-released and https://roundcube.net/news/2017/10/31/update-1.3.2-released for new changes.
Because of this, the packages iRony, kolab-freebusy and kolab-syncroton have been rebuilt as well.

In the past days, erlang-eimap has been updated with a patch for untagged commands. Because of that, guam has also been rebuilt. For details see https://obs.kolabsys.com/package/rdiff/Kolab:16/erlang-eimap?linkrev=base&rev=8

At TBits.net, we have decided to use Ansible for setting up our servers.

The most documented way of installing something on a machine via Ansible is using sudo: you create a normal user (eg. called deploy), that you can use with SSH to login to the machine, and if that user has sudo permissions (eg. part of the group wheel in CentOS), then you can install software with root privileges.

The call is quite easy:

ansible-playbook myplaybook.yaml --user=deploy --ask-become-pass

Now we wanted to limit access only to users who have the actual password for root.

Finally, this worked on the command line:

ansible-playbook myplaybook.yaml --user=deploy --become --become-method=su --ask-become-pass

Now, I wanted to specify these parameters in my ansible.cfg file. It took me a while to find out how to do this. I found https://github.com/ansible/ansible/blob/devel/lib/ansible/config/base.yml which was helpful.

[defaults]
remote_user=deploy
 
[privilege_escalation]
become = true
become_method = su
become_ask_pass = true

Two pitfalls that are solved by this:

• You need to specify the become settings in section privilege_escalation, not just in defaults.
• The command line parameter ask-become-pass becomes become_ask_pass in the config file.

This works with Ansible 2.3.2 on CentOS 7.4.

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past weeks, the kolab-autoconf package has been updated from version 0.1 to 0.2. This affects Debian/Ubuntu and RHEL/CentOS.

For details see:

• kolab-autoconf in OBS and the related submit request

A customer of TBits.net asked about notifications: you set up a filter in Roundcube, and you will be notified whenever an email arrives, and the notification is sent to an email address that you check more regularly. It is not like forwarding the message, but the notification does not contain the message itself, to force you to use Roundcube and keep the contents of the email secure on our mail server. This scenario applies to people working for a company or charity and not checking mails regularly, but wanting to be informed on their private email accounts at GMail or Hotmail or whereever. This way data protection is enforced, but still people know about their new emails.

It took me a while to find this page: https://www.cyrusimap.org/imap/reference/manpages/configs/imapd.conf.html which mentions:

sievenotifier:
Notifyd(8) method to use for “SIEVE” notifications. If not set, “SIEVE” notifications are disabled.

See also https://www.cyrusimap.org/imap/reference/manpages/systemcommands/notifyd.html

So you set in /etc/imapd.conf:

sievenotifier: mailto

And I assume you have in your /etc/cyrus.conf:

notify      cmd="notifyd"   listen="/var/lib/imap/socket/notify"    proto="udp" prefork=1

The notification email will look like this:

Subject: [SIEVE] New mail notification
From:    Mail Sieve Subsystem
Body:
  your customized text defined in the filter
 
  Action(s) taken:

These strings are hard coded unfortunately. I am wondering if I should patch them out in our own build of Cyrus…

Here is the code:

https://github.com/cyrusimap/cyrus-imapd/blob/master/sieve/script.c#L666

strcpy(actions_string,"Action(s) taken:\n");

https://github.com/cyrusimap/cyrus-imapd/blob/master/notifyd/notify_mailto.c#L121

fprintf(sm, "From: Mail Sieve Subsystem <%s>\r\n", config_getstring(IMAPOPT_POSTMASTER));
fprintf(sm, "To: <%s>\r\n", options[0]);
fprintf(sm, "Subject: [%s] New mail notification\r\n", class);

Recently I was in the situation where I needed to manage users in Kolab from PHP.

There is an API for the Kolab Webadmin, and it is documented here: https://docs.kolab.org/architecture-and-design/kolab-wap-api.html

There is also a PHP class, that I could have used: https://cgit.kolab.org/webadmin/tree/lib/kolab_client_api.php. But for some reason, I am using CURL.

It took me some time to figure out how to do the GET or POST calls for connecting to the API and call user.info, user.delete, user.add and users.list.

Therefore, I have created a small PHP class, that shows how to do that.

You can find it here: https://github.com/TBits/KolabScripts/tree/KolabWinterfell/kolab-webadmin-api-client

There is also a test.config.php and a test.php to show the usage of that class.

During development, I sometimes got the message: “Internal error”. This is from the class kolab_api_controller, eg. https://cgit.kolab.org/webadmin/tree/lib/kolab_api_controller.php#n181

Actually, it would help if that error was logged to /var/log/kolab-webadmin/errors with some detail:

else {
    Log::error("API controller: Internal Error, ".$service . "_" . $method. " Post: " .print_r($postdata,true). " Get: ".print_r($_GET,true));
    $this->output->error("Internal error", 500);
}