Re: [toaster] stunnel 3 and pop3ds problem
Hi All, after the openssl ciphers /var/qmail/control/tlsclientciphers openssl ciphers /var/qmail/control/tlsserverciphers openssl s_client -connect localhost:995 gives # openssl s_client -connect localhost:995 CONNECTED(0003) write:errno=104 --- and log says 2007-05-23 14:33:39.248758500 tcpserver: status: 1/40 2007-05-23 14:33:39.248764500 tcpserver: pid 8194 from 127.0.0.1 2007-05-23 14:33:39.248765500 tcpserver: ok 8194 0:127.0.0.1:995 :127.0.0.1::59463 2007-05-23 14:33:39.261458500 2007.05.23 14:33:39 LOG5[8194:3083019968]: Using 'qmail-popup' as tcpwrapper service name 2007-05-23 14:33:39.266370500 2007.05.23 14:33:39 LOG5[8194:3083019968]: Could not load DH parameters from /var/qmail/control/servercert.pem 2007-05-23 14:33:39.266416500 2007.05.23 14:33:39 LOG4[8194:3083019968]: Diffie-Hellman initialization failed 2007-05-23 14:33:39.266855500 2007.05.23 14:33:39 LOG3[8194:3083019968]: Error reading certificate file: /var/qmail/control/servercert.pem 2007-05-23 14:33:39.266996500 2007.05.23 14:33:39 LOG3[8194:3083019968]: SSL_CTX_use_certificate_chain_file: error:0906D06C:PEM routines:PEM_read_bio:no start line 2007-05-23 14:33:39.267413500 tcpserver: end 8194 status 256 2007-05-23 14:33:39.267415500 tcpserver: status: 0/40 any help is welcome,, YC Abel wrote: On Mon, 21 May 2007, Yalcin Cekic wrote: see: http://shupp.org/toaster/?page=test __Abel.
[toaster] Need advice/instructions for toaster update
Hi All, I'm still running our system as set up with toaster 0.8.8 (without TMDA). Since I didn't want to run the old SpamAssassin and ClamAV any longer I updated to the current versions. Now I really would like to update the entire system to the current toaster release (v0.9.2). I know, others have asked the very same question here on the list already: What is the best procedure for upgrading the toaster? And yes, I DID read the answer(s): just install those (software/options) that have features you want/need. Well, maybe thats basically it, but I can't believe that it's THAT easy. Aren't there special things to consider when you upgrade a runnning system? I don't mean such simple things like not to create already existing users/groups or symlinks anew, but those which aren't so obvious - at least not for everybody. To make clear what I'm talking about (from my point of view) here some of my updating experiences: Example 1: I did an update from SpamAssassin 3.1.7 to 3.2.0 via CPAN. Since this version requires module Net::DNS I had to install that first. But what about the optional modules like Mail::Domainkeys or Mail::DKIM? Are any of these required for the current toaster? Example 2: After making ClamAV i did a simscanmk -g to update the cdb and got an error that libclamav.so.2 couldn't be found. Since I didn't know if this error was related to (old) simscan I updated simscan as well, but got the same error. A reboot fixed that. Maybe I should have removed /usr/local/lib/*clam* before compiling/making ClamAV and I wouldn't have to reboot the system? Example 3: Making ClamAV from source doesn't overwrite the existing usr/local/etc/clamd.conf. In my case this led to clamd producing errors in the log: ERROR: Can't open/parse the config file /usr/local/etc/clamd.conf ERROR: Parse error at line 39: Option LogClean requires boolean argument. Copying the new clamd.conf manually fixed the problem (Option changed from LogClean to LogClean yes) The conclusion is that updating by following the toaster like with a fresh install just doesn't do it. I would really appreciate if somebody with more knowledge than a bonehead like me would describe the whole updating process in more detail. Regards, Guenter
Re: [toaster] Need advice/instructions for toaster update
Günter Palm wrote: Hi All, I know, others have asked the very same question here on the list already: What is the best procedure for upgrading the toaster? And yes, I DID read the answer(s): just install those (software/options) that have features you want/need. Well, maybe thats basically it, but I can't believe that it's THAT easy. Aren't there special things to consider when you upgrade a runnning system? I don't mean such simple things like not to create already existing users/groups or symlinks anew, but those which aren't so obvious - at least not for everybody. It's that easy IF you remember that upgrading vpopmail requires upgrading/recompiling things that use vpopmail.so (courier and qmail with the chkuser patch come to mind). Also, always read the UPGRADE document for the program you are upgrading. To make clear what I'm talking about (from my point of view) here some of my updating experiences: Example 1: I did an update from SpamAssassin 3.1.7 to 3.2.0 via CPAN. Since this version requires module Net::DNS I had to install that first. But what about the optional modules like Mail::Domainkeys or Mail::DKIM? Are any of these required for the current toaster? Nice to have Mail::DKIM but not needed for SA or the toaster. Example 2: After making ClamAV i did a simscanmk -g to update the cdb and got an error that libclamav.so.2 couldn't be found. Since I didn't know if this error was related to (old) simscan I updated simscan as well, but got the same error. A reboot fixed that. Maybe I should have removed /usr/local/lib/*clam* before compiling/making ClamAV and I wouldn't have to reboot the system? The latest clamav requires you to manually run ldconfig after installing. ldconfig also runs at boot time. Example 3: Making ClamAV from source doesn't overwrite the existing usr/local/etc/clamd.conf. In my case this led to clamd producing errors in the log: ERROR: Can't open/parse the config file /usr/local/etc/clamd.conf ERROR: Parse error at line 39: Option LogClean requires boolean argument. Copying the new clamd.conf manually fixed the problem (Option changed from LogClean to LogClean yes) No, reading the UPGRADE document in the clamav source tree would have alerted you to this before hand. There were major changes to .conf files between 0.88 and 0.90. Always read the UPGRADE document if it exists. The conclusion is that updating by following the toaster like with a fresh install just doesn't do it. Correct. I guess someone with a wack of free time could write an UPGRADE document for the toaster but most of us already do read it for the individual packages we are upgrading. Regards, Rick