You are here

sysadmin

Mollom: The configured Mollom API keys are invalid.

When configuring Mollom for Drupal, you may get the message

The configured Mollom API keys are invalid.

even though your keys are correct.

The problem is most likely that your server's clock is out of sync. An error of more than a couple of minutes will result in this error. 

Tags: 

Ports upgrade broke my mail server

A day or two ago I upgraded the ports in my jails. This stopped postfix from accepting mail. The problem was that postgrey, which listens for postfix on tcp/10023 stopped running. It produced an error about not being able to bind to ::1. I got it back running again by altering the flags in the startup script (/usr/local/etc/rc.d/postfix) from:

postgrey_flags=${postgrey_flags:-"--pidfile=${postgrey_pidfile}  --inet=10023 -d --user=postgrey --group=postgrey --dbdir=/var/db/postgrey  --x-greylist-header=${postgrey_greylist_header}"}

to

postgrey_flags=${postgrey_flags:-"--pidfile=${postgrey_pidfile}  --inet=127.0.0.1:10023 -d --user=postgrey --group=postgrey --dbdir=/var/db/postgrey  --x-greylist-header=${postgrey_greylist_header}"}

This forces binding to the IPv4 port only.

How freebsd-update broke my jails

I usually perform a binary update of my jails using

#freebsd-update fetch install #freebsd-update -d /usr/jails/basejail fetch install

This has worked for years. After doing it yesterday I was unable to login to any of my jails and pretty much everything broke. For example logging in using ssh gave logged the error: /bin/sh permission denied

After spending the day on it I have discovered that the upgrade process changed permissions on /usr/jails/basejail to 700. Changing it to 755 fixed everything.

How to enable password changing on remote host in roundcube on FreeBSD

Roundcube

Roundcube comes with a password change module, through it's disabled by default. Configuring it to change passwords on another server's passwd database is another matter. The instructions only cover using chpasswd on a Linux server to update the local password database.

On the mail server:

  • adduser roundcube, set a shell and create a home directory.
  • visudo, adding roundcube ALL = NOPASSWD: /usr/sbin/pw

On the web server:

  • chpass www, assigning a shell to allow logins.
  • su www, impersonate www.
  • ssh-keygen -t rsa, create an RSA private/public key pair.
  • scp /home/www/.ssh/id_rsa.pub roundcube@<em>remotehost</em>/~/.ssh/authorized_keys, copying the public key to the mail server to allow passwordless logins.

The chpasswd driver (/www/roundcube/plugins/password/drivers/chpasswd.php will require modification.

function password_save($currpass, $newpass) { 
    $cmd = rcmail::get_instance()-&gt;config-&gt;get('password_chpasswd_cmd'); 
    $username = $_SESSION['username']; 
    $handle = popen($cmd, "w"); 
 
    fwrite($handle, "$newpass
"); 
    if (pclose($handle) == 0) { return PASSWORD_SUCCESS; }     
    else { 
        raise_error(array( 'code' =&gt; 600, 'type' =&gt; 'php', 'file' =&gt; __FILE__, 'line' =&gt; __LINE__, 'message' =&gt; "Password plugin: Unable to execute $cmd" ), true, false); 
    } 
    return PASSWORD_ERROR; 
}

And so will this line in /www/roundcube/plugins/password/config.inc.php

// chpasswd Driver options 
// --------------------- 
// Command to use 
$rcmail_config['password_chpasswd_cmd'] = "ssh roundcube@mailhost sudo pw usermod -n {$_SESSION['username']} -h 0 2&gt; /dev/null";

Pages

Simple Copyright Policy: If you want to reproduce anything on this site, get my permission first.