Various updated packages in Kolab 16   November 17th, 2017

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the following packages have been updated:

Because of these changes, the following packages have been rebuilt as well: php-sabre-dav, kolab-syncroton, kolab-freebusy, iRony, pykolab, kolab-utils, libkolab.

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

Today, the roundcubemail package has been updated from version 1.3.0.41 to 1.3.3. This fixes a security issue, described in https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10. Also see the release notes https://roundcube.net/news/2017/09/04/update-1.3.1-released and https://roundcube.net/news/2017/10/31/update-1.3.2-released for new changes.
Because of this, the packages iRony, kolab-freebusy and kolab-syncroton have been rebuilt as well.

In the past days, erlang-eimap has been updated with a patch for untagged commands. Because of that, guam has also been rebuilt. For details see https://obs.kolabsys.com/package/rdiff/Kolab:16/erlang-eimap?linkrev=base&rev=8

Tags: , ,
Posted in Hosting, Software Development | Comments Closed

Ansible with su instead of sudo   October 13th, 2017

At TBits.net, we have decided to use Ansible for setting up our servers.

The most documented way of installing something on a machine via Ansible is using sudo: you create a normal user (eg. called deploy), that you can use with SSH to login to the machine, and if that user has sudo permissions (eg. part of the group wheel in CentOS), then you can install software with root privileges.

The call is quite easy:

ansible-playbook myplaybook.yaml --user=deploy --ask-become-pass

Now we wanted to limit access only to users who have the actual password for root.

Finally, this worked on the command line:

ansible-playbook myplaybook.yaml --user=deploy --become --become-method=su --ask-become-pass

Now, I wanted to specify these parameters in my ansible.cfg file. It took me a while to find out how to do this. I found https://github.com/ansible/ansible/blob/devel/lib/ansible/config/base.yml which was helpful.

[defaults]
remote_user=deploy
 
[privilege_escalation]
become = true
become_method = su
become_ask_pass = true

Two pitfalls that are solved by this:

  • You need to specify the become settings in section privilege_escalation, not just in defaults.
  • The command line parameter ask-become-pass becomes become_ask_pass in the config file.

This works with Ansible 2.3.2 on CentOS 7.4.

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past weeks, the kolab-autoconf package has been updated from version 0.1 to 0.2. This affects Debian/Ubuntu and RHEL/CentOS.

For details see:

Tags: ,
Posted in Hosting, Software Development | Comments Closed

A customer of TBits.net asked about notifications: you set up a filter in Roundcube, and you will be notified whenever an email arrives, and the notification is sent to an email address that you check more regularly. It is not like forwarding the message, but the notification does not contain the message itself, to force you to use Roundcube and keep the contents of the email secure on our mail server. This scenario applies to people working for a company or charity and not checking mails regularly, but wanting to be informed on their private email accounts at GMail or Hotmail or whereever. This way data protection is enforced, but still people know about their new emails.

It took me a while to find this page: https://www.cyrusimap.org/imap/reference/manpages/configs/imapd.conf.html which mentions:

sievenotifier:
Notifyd(8) method to use for “SIEVE” notifications. If not set, “SIEVE” notifications are disabled.

See also https://www.cyrusimap.org/imap/reference/manpages/systemcommands/notifyd.html

So you set in /etc/imapd.conf:

sievenotifier: mailto

And I assume you have in your /etc/cyrus.conf:

notify      cmd="notifyd"   listen="/var/lib/imap/socket/notify"    proto="udp" prefork=1

The notification email will look like this:

Subject: [SIEVE] New mail notification
From:    Mail Sieve Subsystem
Body:
  your customized text defined in the filter
 
  Action(s) taken:

These strings are hard coded unfortunately. I am wondering if I should patch them out in our own build of Cyrus…

Here is the code:

https://github.com/cyrusimap/cyrus-imapd/blob/master/sieve/script.c#L666

strcpy(actions_string,"Action(s) taken:\n");

https://github.com/cyrusimap/cyrus-imapd/blob/master/notifyd/notify_mailto.c#L121

fprintf(sm, "From: Mail Sieve Subsystem <%s>\r\n", config_getstring(IMAPOPT_POSTMASTER));
fprintf(sm, "To: <%s>\r\n", options[0]);
fprintf(sm, "Subject: [%s] New mail notification\r\n", class);
Tags:
Posted in Software Development | Comments Closed

Recently I was in the situation where I needed to manage users in Kolab from PHP.

There is an API for the Kolab Webadmin, and it is documented here: https://docs.kolab.org/architecture-and-design/kolab-wap-api.html

There is also a PHP class, that I could have used: https://cgit.kolab.org/webadmin/tree/lib/kolab_client_api.php. But for some reason, I am using CURL.

It took me some time to figure out how to do the GET or POST calls for connecting to the API and call user.info, user.delete, user.add and users.list.

Therefore, I have created a small PHP class, that shows how to do that.

You can find it here: https://github.com/TBits/KolabScripts/tree/KolabWinterfell/kolab-webadmin-api-client

There is also a test.config.php and a test.php to show the usage of that class.

During development, I sometimes got the message: “Internal error”. This is from the class kolab_api_controller, eg. https://cgit.kolab.org/webadmin/tree/lib/kolab_api_controller.php#n181

Actually, it would help if that error was logged to /var/log/kolab-webadmin/errors with some detail:

else {
    Log::error("API controller: Internal Error, ".$service . "_" . $method. " Post: " .print_r($postdata,true). " Get: ".print_r($_GET,true));
    $this->output->error("Internal error", 500);
}
Tags: ,
Posted in Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the roundcubemail-plugin-contextmenu package has been updated from version 2.1.1 to 2.3. This affects Debian/Ubuntu and RHEL/CentOS.

For details see:

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the erlang package has been built for Debian Jessie for Plesk, so that version 18.3.4 will be available there. It only affects Debian Jessie packages for Plesk. Guam has been rebuilt due to this.

For details see:

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

In the past days, the package roundcubemail has been updated from 1.2 to version 1.3. It affects both RHEL/CentOS and Debian/Ubuntu. Other packages have been rebuilt due to this upgrade:

Here is a link to the Roundcube Mail 1.3 Release notes: Roundcube Webmail 1.3.0 released.

Tags: ,
Posted in Hosting, Software Development | Comments Closed

Here comes a quick overview on recent updates to Kolab 16 packages.

Please note: I am only using public information. I have no background knowledge about the releases.

I did not report on Updates for Kolab 16 for quite a while. But now that we are finally on a production server with Kolab 16 for TBits.net, I have the intention to report again if anything relevant to the RPM packages changed.

In the past days, the package kolab-syncroton has been updated and rebuilt. It affects both RHEL/CentOS and Debian/Ubuntu.

  • kolab-syncroton: Patch setAttendeeStatus for increased Outlook compatibility
Tags: ,
Posted in Hosting, Software Development | Comments Closed