I recently did the backup/restore and I have one hiccup to report.

A few of the account passwords did not work after backup from centos5
and restore to centos7.

Took some time to troubleshoot, but I poked around in the vpopmail
database and figured it out.  It was due to the vpopmail database
schema, which stores a 16 character password AND its hash.  It allowed
[and worked with] passwords longer than 16 characters (I'm unsure how).
But after the backup/restore, all passwords longer than 16 characters
failed.  Problem was fixed by resetting all of these passwords to new
ones with the proper length.  Luckily there were not many like this.
But for a large system, this could be a major pain.

This seems like a bug.  If the max password length is 16 characters,
then the set-password webpage should reject passwords that are too long.

Also, I'm not sure why it stores a plaintext password in addition to its
hash.  The modern standard is to store only the hash.  This is
potentially a major security problem.

-Andy


On 9/27/2018 8:57 PM, Tony White wrote:
> Eric,
>   I now have a working v6 COS qmt, thank you for you help an patience.
> Now the backup and restore...
> 
> best wishes
>   Tony White
> 
> On 28/09/18 14:43, Eric Broch wrote:
> 
>> changed now
>>
>>
>> On 9/27/2018 10:41 PM, Tony White wrote:
>>> Eric,
>>>   Yes I did run that command.
>>>
>>>   At stage 3 after manually starting qmail at the end of qt-install.
>>>
>>> Stage 3
>>>
>>> rpm -Uvh
>>> ftp://ftp.qmailtoaster.com/pub/repo/qmt/CentOS/6/current/x86_64/qmt-release-1-5.qt.el6.noarch.rpm
>>> needs to be
>>>
>>> rpm -Uvh
>>> ftp://ftp.qmailtoaster.com/pub/repo/qmt/CentOS/6/current/x86_64/qmt-release-1-6.qt.el6.noarch.rpm
>>>
>>>
>>> best wishes
>>>   Tony White
>>>
>>>  .----------------.  .----------------.  .----------------. 
>>> | .--------------. || .--------------. || .--------------. |
>>> | |  ____  ____  | || |     ______   | || |    _______   | |
>>> | | |_  _||_  _| | || |   .' ___  |  | || |   /  ___  |  | |
>>> | |   \ \  / /   | || |  / .'   \_|  | || |  |  (__ \_|  | |
>>> | |    \ \/ /    | || |  | |         | || |   '.___`-.   | |
>>> | |    _|  |_    | || |  \ `.___.'\  | || |  |`\____) |  | |
>>> | |   |______|   | || |   `._____.'  | || |  |_______.'  | |
>>> | |              | || |              | || |              | |
>>> | '--------------' || '--------------' || '--------------' |
>>>  '----------------'  '----------------'  '----------------' 
>>>
>>> http://www.ycs.com.au
>>> 4 The Crescent
>>> Yea
>>> Victoria
>>> Australia 3717
>>>
>>> Telephone No's
>>> VIC : 0418 515 717
>>>
>>> Please note: YCS records all calls to better serve you.
>>>
>>> IMPORTANT NOTICE
>>>
>>> This communication including any file attachments is intended solely for
>>> the use of the individual or entity to whom it is addressed. If you are
>>> not the intended recipient, or the person responsible for delivering
>>> this communication to the intended recipient, please immediately notify
>>> the sender by email and delete the original transmission and its
>>> contents. Any unauthorised use, dissemination, forwarding, printing or
>>> copying of this communication including file attachments is prohibited.
>>> It is your responsibility to scan this communication including any file
>>> attachments for viruses and other defects. To the extent permitted by
>>> law, Yea Computing Services and its associates will not be liable for 
>>> any loss or damage arising in any way from this communication including
>>> any file attachments.
>>> You may not disclose this information to a third party without written
>>> permission from the Author.
>>> On 28/09/18 14:14, Eric Broch wrote:
>>>>
>>>> Excellent!!! Glad to hear it.
>>>>
>>>>
>>>> On 9/27/2018 10:03 PM, Tony White wrote:
>>>>> Eric,
>>>>>   Sorry I did not intend to email offlist.
>>>>> I did a reply to sender not the list.
>>>>> Apologies.
>>>>>
>>>>> I have reset the VM to give me a blank minimal install again.
>>>>> It has just finished qt-bootstrp-2 without error.
>>>>> So far so good.
>>>>>
>>>>> cheers.
>>>>>
>>>>>
>>>>> On 28/09/18 13:53, Eric Broch wrote:
>>>>>>
>>>>>> Tony, If you communicate off list you must whitelist my address
>>>>>>
>>>>>>
>>>>>> Tony,
>>>>>>
>>>>>> I think (not sure why) you're still using the wrong bootstrap
>>>>>> scripts, my bootstrap's (below in red and green) do not use
>>>>>> 'mirrors.qmailtoaster.com' but 'mirror2.qmailtoaster.com'
>>>>>>
>>>>>> Irritatingly, this is because all the mirror maintainers dropped
>>>>>> the ball and didn't bother to let anyone know that they weren't
>>>>>> supporting QMT anymore. If this is a pre-existing machine disable
>>>>>> the qmailtoaster-current repo:
>>>>>>
>>>>>> # yum install yum-utils && yum-config-manager --disable
>>>>>> qmailtoaster-current qmailtoaster-current-nodist
>>>>>>
>>>>>> <qt-bootstrap-1>
>>>>>>
>>>>>> #!/bin/bash
>>>>>>
>>>>>> # Copyright (C) Eric Shubert <e...@datamatters.us>
>>>>>> #
>>>>>> # script to do initial bootstrap processing (disable selinux,
>>>>>> update everything)
>>>>>> ######################################################################
>>>>>> # Change Log
>>>>>> # 12/26/13 written by Eric 'shubes' <e...@shubes.net>
>>>>>> ######################################################################
>>>>>>
>>>>>> ######################################################################
>>>>>> # disable SELINUX
>>>>>> #
>>>>>> a2_disable_selinux(){
>>>>>>
>>>>>> selinux_config=/etc/selinux/config
>>>>>>
>>>>>> if [ ! -f "$selinux_config" ]; then
>>>>>>   echo "$me - $seclinux_config not found"
>>>>>>   exit 1
>>>>>> fi
>>>>>>
>>>>>> echo "$me - disabling SELINUX ..."
>>>>>> sed -i$(date +%Y%m%d) -e "s|^SELINUX=.*$|SELINUX=disabled|"
>>>>>> $selinux_config
>>>>>> }
>>>>>>
>>>>>> ######################################################################
>>>>>> # main routine begins here
>>>>>> #
>>>>>> me=${0##*/}
>>>>>> myver=v1.0
>>>>>> echo "$me - $myversion"
>>>>>>
>>>>>> a2_disable_selinux
>>>>>>
>>>>>> echo "$me - updating all packages (yum update) ..."
>>>>>> yum clean all
>>>>>> yum -y --nogpgcheck update
>>>>>>
>>>>>> echo "$me - rebooting now..."
>>>>>> shutdown -r now
>>>>>>
>>>>>> echo "$me - completed"
>>>>>> exit 0
>>>>>> </qt-bootstrap-1>
>>>>>>
>>>>>>
>>>>>> <qt-bootstrap-2>
>>>>>>
>>>>>> #!/bin/bash
>>>>>> # Copyright (C) Eric Shubert <e...@datamatters.us>
>>>>>> #
>>>>>> # script to do secondary bootstrap processing (install yum
>>>>>> priorities, QMT repo)
>>>>>> ######################################################################
>>>>>> # Change Log
>>>>>> # 12/26/13 written by Eric 'shubes' <e...@shubes.net>
>>>>>> ######################################################################
>>>>>>
>>>>>> ######################################################################
>>>>>> # main routine begins here
>>>>>> #
>>>>>> me=${0##*/}
>>>>>> myver=v1.0
>>>>>> echo "$me - $myversion"
>>>>>>
>>>>>> # install yum-priorities
>>>>>> echo "$me - installing yum-priorities (plugin) ..."
>>>>>> yum -y install yum-priorities
>>>>>>
>>>>>> # install qmailtoaster-release
>>>>>> qmt_release_pkg=qmailtoaster-release-2.0-2.qt.nodist.noarch.rpm
>>>>>> echo "$me - installing $qmt_release_pkg (repo) ..."
>>>>>> rpm -ivh
>>>>>> http://mirror2.qmailtoaster.com/current/nodist/$qmt_release_pkg
>>>>>>
>>>>>> # install qmailtoaster-util (scripts)
>>>>>> echo "$me - installing qmailtoaster-util (scripts) ..."
>>>>>> yum -y install --nogpgcheck qmailtoaster-util
>>>>>>
>>>>>> echo "$me - completed"
>>>>>> exit 0
>>>>>>
>>>>>> </qt-bootstrap-2>
>>>>>>
>>>>>>
>>>>>> On 9/27/2018 8:50 PM, Tony White wrote:
>>>>>>> Eric,
>>>>>>>   Step one failed on .org...
>>>>>>>
>>>>>>> [root@cos6-10-base ~]# curl
>>>>>>> https://www.qmailtoaster.org/qt-bootstrap-1 >qt-bootstrap-1 &&
>>>>>>> curl https://www.qmailtoaster.org/qt-bootstrap-2 >qt-bootstrap-2
>>>>>>>   % Total    % Received % Xferd  Average Speed   Time    Time    
>>>>>>> Time  Current
>>>>>>>                                  Dload  Upload   Total   Spent   
>>>>>>> Left  Speed
>>>>>>> 105  1050  105  1050    0     0    931      0  0:00:01  0:00:01
>>>>>>> --:--:--  4133
>>>>>>>   % Total    % Received % Xferd  Average Speed   Time    Time    
>>>>>>> Time  Current
>>>>>>>                                  Dload  Upload   Total   Spent   
>>>>>>> Left  Speed
>>>>>>> 100  1004  100  1004    0     0    890      0  0:00:01  0:00:01
>>>>>>> --:--:--  3968
>>>>>>> [root@cos6-10-base ~]# chmod 755 qt-bootstrap-*
>>>>>>> [root@cos6-10-base ~]# ./qt-bootstrap-1
>>>>>>> qt-bootstrap-1 -
>>>>>>> qt-bootstrap-1 - disabling SELINUX ...
>>>>>>> qt-bootstrap-1 - updating all packages (yum update) ...
>>>>>>> Loaded plugins: fastestmirror, priorities
>>>>>>> Cleaning repos: base extras qmailtoaster-current
>>>>>>> qmailtoaster-current-nodist updates
>>>>>>> Cleaning up Everything
>>>>>>> Cleaning up list of fastest mirrors
>>>>>>> Loaded plugins: fastestmirror, priorities
>>>>>>> Setting up Update Process
>>>>>>> Determining fastest mirrors
>>>>>>> Could not retrieve mirrorlist
>>>>>>> http://mirrors.qmailtoaster.com/current/CentOS/mirror.list error was
>>>>>>> 14: PYCURL ERROR 51 - "SSL: certificate subject name
>>>>>>> 'whitehorsetc.com' does not match target host name
>>>>>>> 'mirrors.qmailtoaster.com'"
>>>>>>> Error: Cannot find a valid baseurl for repo: qmailtoaster-current
>>>>>>> qt-bootstrap-1 - rebooting now...
>>>>>>> qt-bootstrap-1 - completed
>>>>>>> [root@cos6-10-base ~]#
>>>>>>> Broadcast message from root@cos6-10-base
>>>>>>>     (/dev/pts/0) at 12:49 ...
>>>>>>>
>>>>>>> The system is going down for reboot NOW!
>>>>>>>
>>>>>>> best wishes
>>>>>>>   Tony White
>>>>>>>
>>>>>>> On 28/09/18 12:37, Eric Broch wrote:
>>>>>>>>
>>>>>>>> Tony,
>>>>>>>>
>>>>>>>> It is working, but...
>>>>>>>>
>>>>>>>> I can tell by the download of
>>>>>>>> 'qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm' and the use of
>>>>>>>> 'mirrors.qmailtoaster.com' in the scripts that you're not
>>>>>>>> following the correct instructions.
>>>>>>>>
>>>>>>>> I'm not sure whether the qmailtoaster.com website (mirrored) has
>>>>>>>> completely propagated or not.
>>>>>>>>
>>>>>>>> Go to qmailtoaster.org and follow the instructions there.
>>>>>>>>
>>>>>>>> Eric
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 9/27/2018 7:56 PM, Tony White wrote:
>>>>>>>>> Hi Eric,
>>>>>>>>>   Sadly it is still not working...
>>>>>>>>> The download of the
>>>>>>>>> http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm
>>>>>>>>> file will always fail due to it kicking the connection up to
>>>>>>>>> https and not leaving it as http.
>>>>>>>>>
>>>>>>>>> Screen Dump...
>>>>>>>>> --------------------------
>>>>>>>>>
>>>>>>>>> [root@cos6-10-base ~]# sh qt-bootstrap-2
>>>>>>>>> qt-bootstrap-2 -
>>>>>>>>> qt-bootstrap-2 - installing yum-priorities (plugin) ...
>>>>>>>>> Loaded plugins: fastestmirror
>>>>>>>>> Setting up Install Process
>>>>>>>>> Loading mirror speeds from cached hostfile
>>>>>>>>>  * base: centos.mirror.digitalpacific.com.au
>>>>>>>>>  * extras: centos.mirror.digitalpacific.com.au
>>>>>>>>>  * updates: mirror.as24220.net
>>>>>>>>> Resolving Dependencies
>>>>>>>>> --> Running transaction check
>>>>>>>>> ---> Package yum-plugin-priorities.noarch 0:1.1.30-42.el6_10
>>>>>>>>> will be installed
>>>>>>>>> --> Finished Dependency Resolution
>>>>>>>>>
>>>>>>>>> Dependencies Resolved
>>>>>>>>>
>>>>>>>>> ===============================================================================================================
>>>>>>>>>  Package                           Arch              
>>>>>>>>> Version                        Repository           Size
>>>>>>>>> ===============================================================================================================
>>>>>>>>> Installing:
>>>>>>>>>  yum-plugin-priorities             noarch            
>>>>>>>>> 1.1.30-42.el6_10               updates              28 k
>>>>>>>>>
>>>>>>>>> Transaction Summary
>>>>>>>>> ===============================================================================================================
>>>>>>>>> Install       1 Package(s)
>>>>>>>>>
>>>>>>>>> Total download size: 28 k
>>>>>>>>> Installed size: 28 k
>>>>>>>>> Downloading Packages:
>>>>>>>>> yum-plugin-priorities-1.1.30-42.el6_10.noarch.rpm                     
>>>>>>>>>                  
>>>>>>>>> |  28 kB     00:00    
>>>>>>>>> Running rpm_check_debug
>>>>>>>>> Running Transaction Test
>>>>>>>>> Transaction Test Succeeded
>>>>>>>>> Running Transaction
>>>>>>>>>   Installing :
>>>>>>>>> yum-plugin-priorities-1.1.30-42.el6_10.noarch                         
>>>>>>>>>                      
>>>>>>>>> 1/1
>>>>>>>>>   Verifying  :
>>>>>>>>> yum-plugin-priorities-1.1.30-42.el6_10.noarch                         
>>>>>>>>>                      
>>>>>>>>> 1/1
>>>>>>>>>
>>>>>>>>> Installed:
>>>>>>>>>   yum-plugin-priorities.noarch
>>>>>>>>> 0:1.1.30-42.el6_10                                                    
>>>>>>>>>          
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Complete!
>>>>>>>>> qt-bootstrap-2 - installing
>>>>>>>>> qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm (repo) ...
>>>>>>>>> Retrieving
>>>>>>>>> http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm
>>>>>>>>> curl: (51) SSL: certificate subject name 'monk13.stakehouse.io'
>>>>>>>>> does not match target host name 'mirrors.qmailtoaster.com'
>>>>>>>>> error: skipping
>>>>>>>>> http://mirrors.qmailtoaster.com/current/nodist/qmailtoaster-release-2.0-1.qt.nodist.noarch.rpm
>>>>>>>>> - transfer failed
>>>>>>>>> qt-bootstrap-2 - installing qmailtoaster-util (scripts) ...
>>>>>>>>> Loaded plugins: fastestmirror, priorities
>>>>>>>>> Setting up Install Process
>>>>>>>>> Loading mirror speeds from cached hostfile
>>>>>>>>>  * base: centos.mirror.digitalpacific.com.au
>>>>>>>>>  * extras: centos.mirror.digitalpacific.com.au
>>>>>>>>>  * updates: mirror.as24220.net
>>>>>>>>> No package qmailtoaster-util available.
>>>>>>>>> Error: Nothing to do
>>>>>>>>> qt-bootstrap-2 - completed
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> best wishes
>>>>>>>>>   Tony White
>>>>>>>>>
>>>>>>>>> On 27/09/18 10:24, Eric Broch wrote:
>>>>>>>>>> List,
>>>>>>>>>>
>>>>>>>>>> There were problems with the installation of QMT on CentOS 6
>>>>>>>>>> as you'all well know since I tested last November (2017). The
>>>>>>>>>> problems existed primarily due to mirrors not being
>>>>>>>>>> maintained. I've fixed these problems...hopefully. If anyone
>>>>>>>>>> has issue please let me know so that they can be fixed.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> -- 
>>>>>>>> Eric Broch
>>>>>>>> White Horse Technical Consulting (WHTC)
>>>>>>>
>>>>>>
>>>>>> -- 
>>>>>> Eric Broch
>>>>>> White Horse Technical Consulting (WHTC)
>>>>>
>>>>
>>>> -- 
>>>> Eric Broch
>>>> White Horse Technical Consulting (WHTC)
>>>
>>
>> -- 
>> Eric Broch
>> White Horse Technical Consulting (WHTC)
> 

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to