Bug#606215: [PATCH] Initscript for gunicorn_django
Package: gunicorn Version: 0.10.0-1 I'm attaching in this message an initscript to manage gunicorn_django environments. I currently run gunicorn_django in my servers and manage differents environtments/projects using this single initscript and the respective configuration files. The initscript have a default configuration file[1] and each django project should have an additional configuration file[2]. The default configuration have the default parameters and they can/should be overwrriten in the specific configuration files of the django project. I don't know if it's the best approach or if we should use a directory /etc/gunicorn_django.d/django-project-config and I would be glad if you could point a better way. I'm currently using this initiscript in my production environment and it have been working very well. [1]. /etc/default/gunicorn_django [2]. /etc/default/gunicorn_django-myprojectname A more complete version of the code (with some documentation and usage examples) are available in my github page[3]. [3]. https://github.com/afurlan/debian-gunicorn_django -- Atenciosamente, Arthur Furlan (afurlan) afur...@afurlan.org http://blog.afurlan.org Public GPG KeyID: 27D81084 #!/bin/bash ### BEGIN INIT INFO # Provides: gunicorn_django # Required-Start:$local_fs $syslog # Required-Stop: $syslog $local_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Start and stop your gunicorn_django processes # Description: Start and stop your gunicorn_django processes ### END INIT INFO # Author: Arthur Furlan afur...@afurlan.org PATH=/sbin:/usr/sbin:/bin:/usr/bin DESC=generic gunicorn_django initscript NAME=gunicorn_django DAEMON=/usr/bin/gunicorn_django PIDFILE=/var/run/$NAME.pid SCRIPTNAME=/etc/init.d/$NAME # Exit if the package is not installed [ -x $DAEMON ] || exit 0 # Read global configuration variable file if it is present [ -r /etc/default/$NAME ] . /etc/default/$NAME # Load the VERBOSE setting and other rcS variables . /lib/init/vars.sh # Define LSB log_* functions. # Depend on lsb-base (= 3.0-6) to ensure that this file is present. . /lib/lsb/init-functions _do_start_project() { NAME=$ORIG_NAME-$1 PIDFILE=/var/run/$NAME.pid # Read project configuration variable file if it is present [ -r /etc/default/$NAME ] . /etc/default/$NAME # Return # 0 if daemon has been started # 1 if daemon was already running # 2 if daemon could not be started start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -d $ROOTDIR --test /dev/null || return 1 start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -d $ROOTDIR --background --make-pidfile --chuid $RUN_AS --startas $DAEMON -- $DAEMON_ARGS || return 2 } _do_stop_project() { NAME=$ORIG_NAME-$1 PIDFILE=/var/run/$NAME.pid # Read project configuration variable file if it is present [ -r /etc/default/$NAME ] . /etc/default/$NAME # Return # 0 if daemon has been stopped # 1 if daemon was already stopped # 2 if daemon could not be stopped # other if a failure occurred start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE /dev/null # --name $DAEMON RETVAL=$? [ $RETVAL = 2 ] return 2 # Wait for children to finish too if this is a daemon that forks # and if the daemon is only ever run from this initscript. # If the above conditions are not satisfied then add some other code # that waits for the process to drop all resources that could be # needed by services started subsequently. A last resort is to # sleep for some time. start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON [ $? = 2 ] return 2 # Many daemons don't delete their pidfiles when they exit. rm -f $PIDFILE return $RETVAL } do_start() { ORIG_NAME=$NAME # Start specific projects if specified if [ $# -gt 1 ]; then for PROJECT in $(echo $@ | cut -d ' ' -f 2-); do _do_start_project $PROJECT done # ... or start all available projects else for c in /etc/default/gunicorn_django*; do [ $c == /etc/default/$NAME ] continue PROJECT=$(echo $c | cut -d '-' -f 2) _do_start_project $PROJECT done fi } do_stop() { ORIG_NAME=$NAME # Start specific projects if specified if [ $# -gt 1 ]; then for PROJECT in $(echo $@ | cut -d ' ' -f 2-); do _do_stop_project $PROJECT done # ... or start all available projects else for c in /etc/default/gunicorn_django*; do [ $c == /etc/default/$NAME ] continue PROJECT=$(echo $c | cut -d '-' -f 2) _do_stop_project $PROJECT done fi } case $1 in start) [ $VERBOSE != no ] log_daemon_msg Starting $DESC $NAME do_start $@ case $? in 0|1) [ $VERBOSE
Bug#554627: [PATCH] Add the server hostname in the mail subject
Package: unattended-upgrades Version: 0.25.1debian1-0.1 Severity: wishlist I have unattended-upgrades installed over several machines and every time a package is updated, I receive lots of emails with the subject unattended-upgrades result and I have to check the from header to know what server of mine was updated. I think it would be great (and easier to check from what server this message from) if the hostname was added in the mail subject. I'm adding to this message a patch that adds the hostname to mail subject and makes it looks like unattended-upgrades result for HOSTNAME. -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com --- unattended-upgrade 2009-11-05 15:56:21.0 -0200 +++ unattended-upgrade-patched 2009-11-05 15:56:34.0 -0200 @@ -6,7 +6,7 @@ # Released under the GPL import apt_pkg, apt_inst -import sys, os, string, datetime +import sys, os, string, datetime, socket from optparse import OptionParser from subprocess import Popen, PIPE @@ -258,8 +258,8 @@ if email != : logging.debug(Sending mail with '%s' to '%s' % (logfile_dpkg, email)) mail = subprocess.Popen([mail, - -s,unattended-upgrades result,email], -stdin=subprocess.PIPE) + -s,unattended-upgrades result for + socket.gethostname(), + email], stdin=subprocess.PIPE) s = Unattended upgrade returned: %s\n\n % (res != pm.ResultFailed) s += open(logfile_dpkg).read() mail.stdin.write(s)
Bug#536237: Enable specific domain configuration in SquirrelMail
Package: squirrelmail Version: 2:1.4.15-4+lenny2 Severity: wishlist I usually have various domains in a same mailserver and I use to have a webmail.domain-name.org DNS entry for each of them. I also use to configure all these DNS entries in a same Apache's VirtualHost (using ServerAlias) and then I can access the same instance of SquirrelMail, under different server names (webmail.example1.org, webmail.example2.org, etc.), but sharing the same configuration and same VirtualHost in Apache. In this scenario, I usually need to add specific domain configurations in SquirrelMail like changing the $org_name, $org_title, $org_logo, $plugins, etc. and to be able to do that I needed to patch the default /etc/squirrelmail/config.php to load a new configuration file, based on the PHP's variable $_SERVER['SERVER_NAME']. This is a very useful feature for me and that I think could be added in the SquirrelMail default package. I'm running Debian GNU/Linux 5.0 (Lenny) and Kernel 2.6.26-2-686. -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com --- config.php 2009-07-08 09:38:07.0 -0300 +++ config-patched.php 2009-07-08 09:39:46.0 -0300 @@ -219,3 +219,7 @@ $config_location_base = ''; @include SM_PATH . 'config/config_local.php'; + +// specific domain configurations +$config_domain = SM_PATH . config/config_local-{$_SERVER['SERVER_NAME']}.php; +...@include $config_domain;
Bug#535168: The aide package should run the command aideinit during its installation
Package: aide Version: 0.13.1-10 When you install the aide package, the installer doesn't run the command aideinit and your first report causes a fatal error with the following message: Fatal error: The AIDE database does not exist! This may mean you haven't created it, or it may mean that someone has removed it. I think it's a good idea to run this command by default once it's is needed to generate the reports and the user is able to change this default configuration using the command update-aide.conf. -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#535178: Login page redirecting logged users to their Inbox pages
Package: atmailopen Version: 1.03+dfsg+svn93-5 Severity: minor If you are logged in the atmailopen and back to the index page (by hitting the Back button in the browser or just by cleaning the URL), you're sent to the login page again (aka index.php). Once you already are logged in, I think the system should detect it and redirect you to your Inbox page because there's no need to the user authenticate again. I attached at this message a patch in the index.php page that enables this feature. I'm currently running this patch in one of my atmailopen instances. -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com --- index.php 2009-06-30 10:25:04.0 -0300 +++ index.php-patched 2009-06-30 10:23:53.0 -0300 @@ -8,13 +8,15 @@ // | http://opensource.org/licenses/apache2.0.php | // ++ -require_once('header.php'); - // Check for system installation if (!file_exists('libs/Atmail/Config.php')) redirectToInstaller(); +require_once('header.php'); +require_once('GetMail.php'); +require_once('Session.php'); require_once('Global.php'); +session_start(); // Check again for system installation, just in case Config.php // was manually created @@ -39,6 +41,7 @@ $var['browser'] = ns; $atmail = new AtmailGlobal(); +$auth = $atmail-getAuthObj(); $var['func'] = $_REQUEST['func']; $var['version'] = $pref['version']; @@ -52,12 +55,6 @@ // a blank SessionID. Delete the Session for the DB too if ( $var['func'] == logout ) { - require_once('Session.php'); - - session_start(); - - $auth = $atmail-getAuthObj(); - // Find the users current settings, if to delete the trash on logout //$atmail-cookie_read($auth); //$auth-getuser(); @@ -131,6 +128,15 @@ $auth-destroy_session(); +} else { +/* if there's no error and the user is logged in, redirect him to its inbox */ +if (!empty($_REQUEST['error'])) { +$auth-destroy_session(); + $auth-SessionID = null; +} else if (!empty($auth-SessionID)) { +header('location: parse.php?file=html/LANG/simple/showmail_interface.htmlajax=1'); + exit; +} } $var['Ajax'] = '1';
Bug#518515: Adittional information
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I confirm the problem involving the libjs-jquery and drupal5. The bug seems to be related to an incompatibillity between the versions of the drupal5 and libjs-jquery in the testing and unstable releases. The drupal5 of the releases testing and unstable doesn't work with the libjs-jquery of their respective relesases. The version of the drupal5 in the releases testing and unstable is 5.17-1 and the version of the libjs-jquery of these releases is 1.3.2-2. It means that there is an incompatibility between the drupal 5.17-1 and libjs-jquery 1.3.2-2. To fix the problem, I downgraded the libjs-jquery to the version of the etch-backports (version 1.2.6-2) and the fields back work again. - -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkoNDesACgkQHiIxAB175NyXjACcC3H7R26cXsBO4xO5fNCI8nf/ BvQAoKbE0LX7uwgsANkCJDpKv3L7Bi6a =Y4+7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528787: Problems to download attachment files with special characters in the name
Package: squirrelmail Version: 2:1.4.9a-2 Severity: normal I'm getting trouble in Firefox/Iceweasel to read and download attachment files that use special characters like á, à, é, è, ç, etc. in its name. When I click to download them I got an error page in these browsers but it (strangely) works fine in the Internet Explorer. My encoding settings are defined as below: ... $squirrelmail_default_language = 'pt_BR'; $default_charset = 'iso-8859-1'; $lossy_encoding= true; ... I tried to debug the code and I fixed the problem by sending the filename encoded as quoted printable if the the user isn't using a browser of the Internet Explorer's family. I couldn't find a quoted_printable_encode function in the original code so I create a new one and added it in a separated file named /functions/quoted_printable.php. To fix the problem I called the new method at some specific places the the /functions/mime.php. I'm sending the mime.php patch and the file containing the quoted_printable_encode function. I don't know if this is the best way to solve the problem but it worked for me. :) -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com attachment: quoted_printable.php --- mime.php2009-05-15 11:53:19.0 -0300 +++ mime-patched.php2009-05-15 12:35:10.0 -0300 @@ -15,6 +15,7 @@ /** The typical includes... */ require_once(SM_PATH . 'functions/imap.php'); require_once(SM_PATH . 'functions/attachment_common.php'); +require_once(SM_PATH . 'functions/quoted_printable.php'); /* -- */ /* MIME DECODING */ @@ -2392,6 +2393,11 @@ //set the inline header for IE, we'll add the attachment header later if we need it header (Content-Disposition: inline; filename=$filename); +} else { +// Returns the $filename encoded as quoted printable because if the +// filename contains special characters, they'll break the open/download +// feature for some browsers (Firefox/Iceweasel) and encodings. + $filename = quoted_printable_encode($filename); } if (!$force) {
Bug#527597: Atmail doesn't flush some user session from the database
On Sat, May 9, 2009 at 11:23 AM, Giuseppe Iuculano giuse...@iuculano.it wrote: Hi Arthur, Hi Giuseppe, Arthur Furlan ha scritto: I fixed these issues adding a new method in the Auth class (see Auth.php.patch) that destroys the any session for an user, both in php *and* database. To fix the issue [1] I added a call of this new method Thank you for your bug report, I've committed your patch. However I will ask upstream to try to patch atmailopen and do not store clear password in the database. It would be great! While I was debugging atmailopen I could see some pieces of commented code[1] that looked to me they are trying (or had tried) to do it. The password is handled in a lot of different places of the code (mainly in the file [1]) and it makes this patch a little more difficult than the others. [1]. /usr/share/atmailopen/libs/Atmail/Auth.php:36 -- Atenciosamente, Arthur Furlan arthur.fur...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527597: Atmail doesn't flush some user session from the database
Package: atmailopen Version: 1.03+dfsg+svn93-4 Severity: grave I'm getting trouble with atmailopen because at the first time the use log in the system, his session is created and stored in the UserSession table of the database. Once the user session is stored in the database, it's *not* updated anymore and this behaviour causes serious disadvantages (and some of them IMHO are bugs) like the following: * Keep the cleartext password stored in the database forever. It's a critical security issue. [1] * Causes a bug of users that cannot log in anymore because their passwords were changed in the server and differ from the passwords that are currently stored in their old user sessions on the UserSession table of local database. [2] I fixed these issues adding a new method in the Auth class (see Auth.php.patch) that destroys the any session for an user, both in php *and* database. To fix the issue [1] I added a call of this new method at the logout process on the file index.php (see index.php.patch). To fix the issue [2] I added a call of this new method at the parse.php (see parse.php.patch) to cleanup old sessions of user everrytime he accesses to log in page. I'm running Debian GNU/Linux 5.0 (Lenny) and Kernel 2.6.26-2-686. -- Regards, Arthur Furlan arthur.fur...@gmail.com --- Auth.php 2009-05-07 15:36:19.0 -0300 +++ Auth-patched.php 2009-05-07 15:36:03.0 -0300 @@ -1,5 +1,4 @@ ?php - require_once('header.php'); require_once('SQL.php'); @@ -658,6 +657,41 @@ return false; } + /** + * Changed by Arthur Furlan arthur.fur...@gmail.com on 2009-05-07 + * + * + * Completely destroys the user session by removing the record in the + * UserSession table of the database and destroying the php session. + * + * At the first time an user log in the system, his session is created + * and stored in the UserSession table of the database. Once the user + * session is stored in the database, it's not updated anymore and this + * behaviour has some serious disadvantages like following: + * + * 1. Keep the cleartext password stored in the database forever, + * + * 2. Causes a bug of users that cannot log in anymore because + * their passwords were changed in the server and differ from the + * passwords that are currently stored in old user sessions on the + * UserSession table of local database. + * + * This method should be called in the specific parts of the system to + * fix the behaviours listed above. + */ + function destroy_session() { + global $atmail; + + // destroys the user session in the database + $query = 'DELETE FROM UserSession WHERE Account = ?'; + $data = array({$this-userna...@{$this-pop3host}); + $atmail-db-sqldo($query, $data); + + // destroys the user session in the php + session_regenerate_id(true); + session_unset(); + session_destroy(); + } function get_username() { --- index.php 2009-05-07 15:38:25.0 -0300 +++ index-pachted.php 2009-05-07 15:42:12.0 -0300 @@ -120,7 +120,16 @@ } - session_destroy(); + /** + * Changed by Arthur Furlan arthur.fur...@gmail.com on 2009-05-07 + * + * + * Completely destroys the user session (in both php and database). + * + * It prevents of keeping the cleartext password stored in the database + * forever (IMO i'ts a serious security issue). + */ + $auth-destroy_session(); } $var['Ajax'] = '1'; --- parse.php 2009-05-07 15:44:16.0 -0300 +++ parse-patched.php 2009-05-07 15:44:06.0 -0300 @@ -28,6 +28,19 @@ // No auth necessary to display login page if ($filename == 'html/login-light.html') { echo $atmail-parse('html/login-light.html'); + +/** + * Changed by Arthur Furlan on 2009-05-07 + * + * + * If there is an old user session on the database, destroy it completely. + * + * The line below fixes the bug of users that cannot log in anymore because + * their passwords were changed in the server and differ from the passwords + * that are currently stored in old sessions of the local database. + */ +$atmail-getAuthObj()-destroy_session(); + $atmail-end(); }
Bug#527394: Authenticating in SMTP using the POP3 username and password
Package: atmailopen Version: 1.03+dfsg+svn93-4 Severity: wishlist The atmailopen has the feature of send message using authenticated SMTP but it has only options to use a general username and password to authenticate. Once you have authenticated in pop/imap using your own username and password, I think you should have the option to use these same data (username and password) to authenticate in SMTP. I need to use that in my mailservers and then I patched the atmailopen code to support this feature. $ diff sendmail.php sendmail-pacthed.php 62d61 118a118,130 /** * Changed by Arthur Furlan arthur.fur...@gmail.com on 2009-04-27 * * Enable SMTP authentication using the POP username and password. */ if ($pref['smtpauth_use_pop3user'] == true) { $pref['smtpauth_username'] = $atmail-username; if ($pref['mailserver_auth']) $pref['smtpauth_username'] .= '@' . $atmail-pop3host; $pref['smtpauth_password'] = $auth-password; } $ diff Config.php Config-patched.php 44a45 'smtpauth_use_pop3user' = true, I'm running Debian GNU/Linux 5.0 (Lenny) and Kernel 2.6.26-2-686. -- Regards, Arthur Furlan arthur.fur...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527394: Adding the patch using the diff -u instead of diff command
Adding the patch using the diff -u instead of diff command. $ diff -u sendmail.php sendmail-pacthed.php --- sendmail.php2009-05-07 11:19:43.0 -0300 +++ sendmail-pacthed.php2009-05-07 12:05:11.0 -0300 @@ -59,7 +59,6 @@ // Create a new log object $log = new Log(array('Account' = $atmail-usern...@$atmail-pop3host)); - $num = $log-logcheck('SendMail', $_SERVER['REMOTE_ADDR'], {$atmail-userna...@{$atmail-pop3host}); if ( $num $pref['filter_max_msgs'] $pref['filter_max_msgs'] 1 ) @@ -116,6 +115,19 @@ $var['msgbox'] = 'Sent'; +/** + * Changed by Arthur Furlan arthur.fur...@gmail.com on 2009-04-27 + * + * Enable SMTP authentication using the POP username and password. + */ +if ($pref['smtpauth_use_pop3user'] == true) { + $pref['smtpauth_username'] = $atmail-username; + if ($pref['mailserver_auth']) + $pref['smtpauth_username'] .= '@' . $atmail-pop3host; + $pref['smtpauth_password'] = $auth-password; +} + // Build the message to send . Add the headers, message body and UIDL $sendmsg = new SendMsg(array( 'Account' = $atmail-usern...@$atmail-pop3host, $ diff -u Config.php Config-patched.php --- Config.php 2009-05-07 11:24:05.0 -0300 +++ Config-patched.php 2009-05-07 11:23:56.0 -0300 @@ -42,6 +42,7 @@ 'filter_spf_support' = '1', 'smtpauth_password' = '', 'smtpauth_username' = '', + 'smtpauth_use_pop3user' = true, 'pop3imap_authdaemons' = '5', 'login_rememberme' = 1, 'allowed_domains' = '', -- Regards, Arthur Furlan arthur.fur...@gmail.com -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#499418: New configuration of apache2.conf on lenny causes a syntax error
Package: apache2 Version: 2.2.9 I installed apache2 in a fresh install of Debian Lenny BETA2 and I got the following errors: mx:~# apache2 -t apache2: bad user name ${APACHE_RUN_USER} mx:~# apache2 -M apache2: bad user name ${APACHE_RUN_USER} Changing all the variables on apache2.conf to its respective values on /etc/apache2/envvars the problem is solved mx:/etc/apache2# diff apache2.conf apache2.conf.orig 66c66 PidFile /var/run/apache2.pid --- PidFile ${APACHE_PID_FILE} 127,128c127,128 User www-data Group www-data --- User ${APACHE_RUN_USER} Group ${APACHE_RUN_GROUP} mx:~# apache2 -t Syntax OK mx:~# apache2 -M Loaded Modules: core_module (static) log_config_module (static) logio_module (static) mpm_prefork_module (static) http_module (static) so_module (static) alias_module (shared) auth_basic_module (shared) authn_file_module (shared) authz_default_module (shared) authz_groupfile_module (shared) authz_host_module (shared) authz_user_module (shared) autoindex_module (shared) cgi_module (shared) deflate_module (shared) dir_module (shared) env_module (shared) mime_module (shared) negotiation_module (shared) php5_module (shared) setenvif_module (shared) status_module (shared) Syntax OK I'm using Debian Lenny BETA2 and kernel 2.6.26-1-486 -- Arthur Furlan [EMAIL PROTECTED]