EFA 4 beta

Testing of eFa 4
Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 20 Jan 2019 23:32

Hi there,

Shawn and Henk, if needed i can send PM user Access to server for testing

Using the build

Code: Select all

Jan 20 23:29:01 mx2 sqlgrey: 2019/01/20-23:29:01 sqlgrey (type Net::Server::Multiplex) starting! pid(13895)
Jan 20 23:29:01 mx2 sqlgrey: Resolved [localhost]:2501 to [127.0.0.1]:2501, IPv4
Jan 20 23:29:01 mx2 sqlgrey: Resolved [localhost]:2501 to [::1]:2501, IPv6Jan 20 23:29:01 mx2 sqlgrey: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 20 23:29:01 mx2 sqlgrey: Binding to TCP port 2501 on host ::1 with IPv6
Jan 20 23:29:01 mx2 sqlgrey: 2019/01/20-23:29:01 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]#012  at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Jan 20 23:29:01 mx2 sqlgrey: 2019/01/20-23:29:01 Server closing!
Jan 20 23:29:01 mx2 postfix/pickup[11926]: 43jW8s4Rdsz1FCWk: uid=0 from=<root>
Jan 20 23:29:01 mx2 postfix/cleanup[11928]: 43jW8s4Rdsz1FCWk: message-id=<43jW8s4Rdsz1FCWk@mx2.domain.tld>
Jan 20 23:29:01 mx2 postfix/qmgr[4396]: 43jW8s4Rdsz1FCWk: from=<root@domain.tld>, size=817, nrcpt=1 (queue active)
Jan 20 23:29:02 mx2 postfix/smtp[11930]: 43jW8s4Rdsz1FCWk: to=<root@domain.tld>, orig_to=<root>, relay=email.server.tld[x.x.x.x]:25, delay=0.47, delays=0.02/0/0.35/0.1, dsn=2.0.0, status=sent (250 OK id=1glMWR-0000Ey-OO)
Jan 20 23:29:02 mx2 postfix/qmgr[4396]: 43jW8s4Rdsz1FCWk: removed
Jan 20 23:29:10 mx2 postfix/postqueue[13918]: fatal: Connect to the Postfix showq service: Permission denied
Last edited by Alleyviper on 21 Jan 2019 00:37, edited 2 times in total.

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 20 Jan 2019 23:34

Probably related to the failed postfix package...will update devbuild.sh shortly.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 20 Jan 2019 23:37

Hi Shawn,

Devbuild.sh had the error. Using normal wget build.sh testing sticks the error

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 20 Jan 2019 23:37

Alleyviper wrote:
20 Jan 2019 23:04
Hi there,

Using devbuild.sh, at the end of the installation

Complete!
error: failed to stat /root/v4/rpmbuild/SPECS/postfix_eFa-3.3.0.spec: No such file or directory
[root@mx2 scripts]#
@Alleyviper, are you performing a git clone of the master branch, and are you doing it while you are in the /root home?
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 20 Jan 2019 23:41

Alleyviper wrote:
20 Jan 2019 23:32
Jan 20 23:29:01 mx2 sqlgrey: 2019/01/20-23:29:01 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]#012 at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Do you have ipv6 disabled in your instance, and if so, do you have ::1 in your /etc/hosts?
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

henk
Posts: 379
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: EFA 4 beta

Post by henk » 20 Jan 2019 23:51

I tested the kickstart again. :violin:
2019-01-20 22_59_50-sanspam_afa on T610.private.lan.png
2019-01-20 22_59_50-sanspam_afa on T610.private.lan.png (27.33 KiB) Viewed 977 times
Nice to monitor the install with Alt+Tab
2019-01-20 23_20_16-sanspam_afa on T610.private.lan.png
2019-01-20 23_20_16-sanspam_afa on T610.private.lan.png (123.28 KiB) Viewed 977 times
No issues, just 1 typo at the end
...
Created symlink from /etc/systemd/system/multi-user.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.
Warning: ALREADY_ENABLED: smtp
success
Warning: ALREADY_ENABLED: ssh
success
success
Warning: ALREADY_ENABLED: 443:tcp
success
Warning: ALREADY_ENABLED: 587:tcp
success
success
/usr/sbin/eFa-Commit: line 1036: /var/log/yum/yum/yum.log: No such file or directory
Configuration complete, preparing to reboot in 60 seconds.

I did not enable IPV6 and enabled recursion.

I did enable rootacces in ssh just for the install to be able to login with ssh. (/etc/ssh/sshd_config)

Code: Select all

ls -l   /etc/sysconfig/network-scripts/ifcfg-*
-rw-------. 1 root root 420 Jan 20 23:41 /etc/sysconfig/network-scripts/ifcfg-eth0
-rw-r--r--. 1 root root 408 Jan 20 23:40 /etc/sysconfig/network-scripts/ifcfg-eth0.bak
-rw-r--r--. 1 root root 254 Aug 24 12:23 /etc/sysconfig/network-scripts/ifcfg-lo

Code: Select all

cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=vg_00/lv_root rd.lvm.lv=vg_00/lv_swap biosdevname=0 net.ifnames=0 rhgb quiet"
GRUB_DISABLE_RECOVERY="true"


No issue login to Gui. :clap: :clap: :dance: :dance:

Todo
maillog
....
Jan 20 23:44:04 spam sqlgrey: Couldn't unlink "/var/run/sqlgrey.pid" [Permission denied]
Jan 20 23:44:04 spam sqlgrey: Process Backgrounded
Jan 20 23:44:04 spam sqlgrey: 2019/01/20-23:44:04 sqlgrey (type Net::Server::Multiplex) starting! pid(6563)
Jan 20 23:44:04 spam sqlgrey: Resolved [localhost]:2501 to [::1]:2501, IPv6
Jan 20 23:44:04 spam sqlgrey: Resolved [localhost]:2501 to [127.0.0.1]:2501, IPv4
Jan 20 23:44:04 spam sqlgrey: Binding to TCP port 2501 on host ::1 with IPv6
Jan 20 23:44:04 spam sqlgrey: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 20 23:44:04 spam sqlgrey: Setting gid to "989 989"
Jan 20 23:44:04 spam sqlgrey: Setting uid to "992"
Jan 20 23:44:05 spam root[6695]: Starting MSMilter
Jan 20 23:44:07 spam MSMilter[7292]: MSMilter Daemon starting...
Jan 20 23:44:07 spam MSMilter[7292]: Reading configuration file /etc/MailScanner/MailScanner.conf
Jan 20 23:44:07 spam MSMilter[7292]: Reading configuration file /etc/MailScanner/conf.d/README
Jan 20 23:44:07 spam MSMilter[7292]: Could not read directory /var/spool/MailScanner/incoming/Locks
Jan 20 23:44:07 spam MSMilter[7292]: Error in configuration file line 3142, directory /var/spool/MailScanner/incoming/Locks for lockfiledir does not exist (or is not readable)
Jan 20 23:44:07 spam MSMilter[7292]: Read 868 hostnames from the phishing whitelist

Jan 20 23:44:45 sspam postfix/master[6069]: reload -- version 3.3.0, configuration /etc/postfix
Jan 20 23:44:46 sspam postfix/sendmail[6615]: fatal: root(0): No recipient addresses found in message header
Jan 20 23:44:47 sspam MailScanner[12422]: Connected to Processing Attempts Database

(host 172.17.1.16[172.17.1.16] said: 550 5.1.1 <root@xx.lan>: Recipient address rejected: User unknown in virtual mailbox table (in reply to RCPT TO command))
Jan 21 00:07:56 spam postfix/qmgr[12716]: 43jVhX19Mqzdlwm: removed



P.S.

You can close issue https://github.com/E-F-A/v4/issues/3 "Temporary dcc files never gets purged #3"

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 00:19

Hi Henk,

IPV6 disabled and DNS recursion ON


On /etc/hosts

Code: Select all

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
x.x.x.x   mx2.domain.tld   mx2

Code: Select all

Complete!
s@mx2 ~]$ sudo tail -f /var/log/maillog
Jan 20 23:53:54 mx2 postfix/smtpd[17963]: disconnect from unknown[185.234.216.213] ehlo=1 auth=0/1 mail=0/1 qu                                                                                                                               it=1 commands=2/4
Jan 20 23:57:14 mx2 postfix/anvil[17964]: statistics: max connection rate 1/60s for (smtp:185.234.216.213) at                                                                                                                                Jan 20 23:53:54
Jan 20 23:57:14 mx2 postfix/anvil[17964]: statistics: max connection count 1 for (smtp:185.234.216.213) at Jan                                                                                                                                20 23:53:54
Jan 20 23:57:14 mx2 postfix/anvil[17964]: statistics: max cache size 1 at Jan 20 23:53:54
Jan 21 00:00:00 mx2 dccifd[4477]: 1.3.163 detected 0 spam, ignored for 0, rejected for 0, and discarded for 0                                                                                                                                targets among 0 total messages for 4 targets since 01/20/19 22:26:44
Jan 21 00:12:56 mx2 postfix/pickup[14295]: 43jX7X70Trz1FCYJ: uid=0 from=<root>
Jan 21 00:12:57 mx2 postfix/cleanup[21115]: 43jX7X70Trz1FCYJ: message-id=<43jX7X70Trz1FCYJ@mx2.domain.tld>
Jan 21 00:12:57 mx2 postfix/qmgr[14294]: 43jX7X70Trz1FCYJ: from=<root@domain.tld>, size=917, nrcpt=1 (queue ac                                                                                                                               tive)
Jan 21 00:12:57 mx2 postfix/smtp[21117]: 43jX7X70Trz1FCYJ: to=<root@domain.tld>, orig_to=<root>, relay=email-server.domain.tld.                                                                                                                              [x.x.x.x]:25, delay=0.62, delays=0.05/0.02/0.46/0.09, dsn=2.0.0, status=sent (250 OK id=1glNCx-                                                                                                                               00012e-5N)
Jan 21 00:12:57 mx2 postfix/qmgr[14294]: 43jX7X70Trz1FCYJ: removed
Jan 21 00:20:22 mx2 postfix/postqueue[22526]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:25 mx2 postfix/postqueue[22541]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:27 mx2 postfix/postqueue[22558]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:58 mx2 postfix/postqueue[22593]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:21:29 mx2 postfix/postqueue[22745]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:21:59 mx2 postfix/postqueue[22778]: fatal: Connect to the Postfix showq service: Permission denied

Code: Select all

@mx2 ~]$ sudo cat /var/log/maillog | grep denied
Jan 20 23:27:14 mx2 MailScanner[13710]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:14 mx2 MailScanner[13710]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:19 mx2 MailScanner[13720]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:19 mx2 MailScanner[13720]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:24 mx2 MailScanner[13727]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:24 mx2 MailScanner[13727]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:29 mx2 MailScanner[13735]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:27:29 mx2 MailScanner[13735]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:28:07 mx2 postfix/postqueue[13848]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:28:38 mx2 postfix/postqueue[13868]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:29:10 mx2 postfix/postqueue[13918]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:29:41 mx2 postfix/postqueue[13935]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:29:46 mx2 postfix/postqueue[13949]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:29:48 mx2 postfix/postqueue[13963]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:30:19 mx2 postfix/postqueue[14011]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:30:50 mx2 postfix/postqueue[14025]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:31:05 mx2 MSMilter[14260]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:31:05 mx2 MSMilter[14260]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:32:03 mx2 MSMilter[14478]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:32:03 mx2 MSMilter[14478]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:33:03 mx2 MSMilter[14631]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:33:03 mx2 MSMilter[14631]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:34:03 mx2 MSMilter[14782]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLBlacklist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:34:03 mx2 MSMilter[14782]: Could not use Custom Function code MailScanner::CustomConfig::InitSQLWhitelist, it could not be "eval"ed. Make sure the module is correct with perl -wc (Error: DBI connect('database=mailscanner;host=localhost','mailwatch',...) failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied") at /usr/share/MailScanner/perl/custom/MailWatch.pm line 97.
Jan 20 23:34:21 mx2 postfix/postqueue[14821]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:34:54 mx2 postfix/postqueue[14858]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:35:26 mx2 postfix/postqueue[14997]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:35:58 mx2 postfix/postqueue[15016]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:36:29 mx2 postfix/postqueue[15165]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:37:01 mx2 postfix/postqueue[15184]: fatal: Connect to the Postfix showq service: Permission denied
Jan 20 23:37:32 mx2 postfix/postqueue[15325]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:22 mx2 postfix/postqueue[22526]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:25 mx2 postfix/postqueue[22541]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:27 mx2 postfix/postqueue[22558]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:20:58 mx2 postfix/postqueue[22593]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:21:29 mx2 postfix/postqueue[22745]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:21:59 mx2 postfix/postqueue[22778]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:22:30 mx2 postfix/postqueue[22930]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:23:01 mx2 postfix/postqueue[22964]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:23:32 mx2 postfix/postqueue[23114]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:24:04 mx2 postfix/postqueue[23270]: fatal: Connect to the Postfix showq service: Permission denied
Jan 21 00:24:34 mx2 postfix/postqueue[23312]: fatal: Connect to the Postfix showq service: Permission denied
[@mx2 ~]$

Attachments
top.PNG
top.PNG (56.52 KiB) Viewed 970 times
web.PNG
web.PNG (45.25 KiB) Viewed 974 times

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 00:39

@Alleyviper, are you performing a git clone of the master branch, and are you doing it while you are in the /root home?
Yes Shawn, first I tried the git clone and just cloned it from root home. then I´ve tried the normal build with all the issues reported on previous post.

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 21 Jan 2019 00:50

@Alleyviper

I'm not sure why devbuild.sh isn't working for you except that the git clone must reside exactly in /root/v4/. It is failing because your spec files are not located at /root/v4/rpmbuild/SPECS/

As for test building, did you happen to log the entire build process?

Code: Select all

logsave build.log ./build.bash testing
If not, I need you to do that so I can see why your build is failing hard.
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 02:04

Hi Shawn,

Installation in progress. I will update this post with the log


1) Centos 7 Version (I cannot change it - Available by cloud provider)

Code: Select all

[root@vm ~]# cat /etc/*elease
CentOS Linux release 7.6.1810 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"

CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"

CentOS Linux release 7.6.1810 (Core)
CentOS Linux release 7.6.1810 (Core)
[root@vm ~]#

2) Logged in as root and performed the installation as follows

Code: Select all

wget https://dl.efa-project.org/build/4/build.bash
chmod +x build.bash
sudo logsave build.log ./build.bash testing
3) Here goes the build log

Code: Select all

https://drive.google.com/file/d/1YZpndg11SU95aSe__ENCIyv9vdpMJIbY/view?usp=sharing

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 21 Jan 2019 03:10

@Alleyviper

Your issue appears to be that SELinux is disabled. This is causing a bunch of problems during the build because SELinux policies aren't getting applied.

Can you enable it before building and try again?
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 03:23

@Alleyviper

Your issue appears to be that SELinux is disabled. This is causing a bunch of problems during the build because SELinux policies aren't getting applied.

Can you enable it before building and try again?
Hi Shawn,

For sure, on it. :) In a few I will return with feedback

One question: SELinux in what mode - Permissive or Enforcing?

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 21 Jan 2019 03:37

permissive is fine
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 03:55

1) Checked SELINUX Status

Code: Select all

[root@vm ~]# getenforce
Disabled
[root@vm1 ~]# sestatus
SELinux status:                 disabled
[root@vm ~]#
2) Changed SELINUX=disabled to SELINUX=permissive

Code: Select all

vi /etc/sysconfig/selinux

Code: Select all

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

3) Rebooted the system and rechecked SELINUX Status

Code: Select all

[root@vm ~]# getenforce
Permissive
[root@vm ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31
[root@vm ~]#
4) Launched new build and saved the log.

Code: Select all

wget https://dl.efa-project.org/build/4/build.bash
chmod +x build.bash
sudo logsave build.log ./build.bash testing
5) Waiting.... :whistle: (In a few I will provide more feedback)

6) Almost there

7) It´s working :violin:
Attachments
ok.PNG
ok.PNG (54.4 KiB) Viewed 941 times
conf.PNG
conf.PNG (35.43 KiB) Viewed 944 times

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 04:21

Hi Shawn,

Is this normal on Greylist?

Code: Select all

Error in the query: Table 'sqlgrey.connect' doesn't exist
Thanks for the help by the way

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 21 Jan 2019 04:28

Try restarting sqlgrey and see if that helps.

Code: Select all

sudo systemctl restart sqlgrey
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 04:36

Try restarting sqlgrey and see if that helps.
CODE: SELECT ALL

sudo systemctl restart sqlgrey
Yep, something is not right:

Code: Select all

[users@mx2 ~]$ sudo systemctl restart sqlgrey
Job for sqlgrey.service failed because a configured resource limit was exceeded. See "systemctl status sqlgrey.service" and "journalctl -xe" for details.
[cloudns@mx2 ~]$

Code: Select all

[user@mx2 ~]$ sudo systemctl status sqlgrey
● sqlgrey.service - SQLgrey Postfix Grey-listing Policy service
   Loaded: loaded (/usr/lib/systemd/system/sqlgrey.service; enabled; vendor preset: disabled)
   Active: failed (Result: resources) since Mon 2019-01-21 04:31:35 WET; 1min 22s ago
  Process: 17094 ExecStart=/usr/sbin/sqlgrey -d (code=exited, status=0/SUCCESS)
 Main PID: 16905 (code=exited, status=1/FAILURE)

Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Resolved [localhost]:2501 to [::1]:2501, IPv6
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Binding to TCP port 2501 on host ::1 with IPv6
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: 2019/01/21-04:31:35 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]
                                                 at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: 2019/01/21-04:31:35 Server closing!
Jan 21 04:31:35 mx2.domain.tld systemd[1]: PID file /var/run/sqlgrey.pid not readable (yet?) after start.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: sqlgrey.service never wrote its PID file. Failing.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: Failed to start SQLgrey Postfix Grey-listing Policy service.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: Unit sqlgrey.service entered failed state.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: sqlgrey.service failed.
[user@mx2 ~]$

Code: Select all

[user@mx2 ~]$ systemctl status sqlgrey.service
● sqlgrey.service - SQLgrey Postfix Grey-listing Policy service
   Loaded: loaded (/usr/lib/systemd/system/sqlgrey.service; enabled; vendor preset: disabled)
   Active: failed (Result: resources) since Mon 2019-01-21 04:31:35 WET; 3min 2s ago
  Process: 17094 ExecStart=/usr/sbin/sqlgrey -d (code=exited, status=0/SUCCESS)
 Main PID: 16905 (code=exited, status=1/FAILURE)

Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Resolved [localhost]:2501 to [::1]:2501, IPv6
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: Binding to TCP port 2501 on host ::1 with IPv6
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: 2019/01/21-04:31:35 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]
                                                 at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Jan 21 04:31:35 mx2.domain.tld sqlgrey[17095]: 2019/01/21-04:31:35 Server closing!
Jan 21 04:31:35 mx2.domain.tld systemd[1]: PID file /var/run/sqlgrey.pid not readable (yet?) after start.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: sqlgrey.service never wrote its PID file. Failing.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: Failed to start SQLgrey Postfix Grey-listing Policy service.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: Unit sqlgrey.service entered failed state.
Jan 21 04:31:35 mx2.domain.tld systemd[1]: sqlgrey.service failed.
[user@mx2 ~]$
</code]

Maillog

[code]
[user@mx2 ~]$ sudo tail -f /var/log/maillog
Jan 21 04:30:47 mx2 sqlgrey: 2019/01/21-04:30:47 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]#012  at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Jan 21 04:30:47 mx2 sqlgrey: 2019/01/21-04:30:47 Server closing!
Jan 21 04:31:35 mx2 sqlgrey: Process Backgrounded
Jan 21 04:31:35 mx2 sqlgrey: 2019/01/21-04:31:35 sqlgrey (type Net::Server::Multiplex) starting! pid(17095)
Jan 21 04:31:35 mx2 sqlgrey: Resolved [localhost]:2501 to [127.0.0.1]:2501, IPv4
Jan 21 04:31:35 mx2 sqlgrey: Resolved [localhost]:2501 to [::1]:2501, IPv6
Jan 21 04:31:35 mx2 sqlgrey: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 21 04:31:35 mx2 sqlgrey: Binding to TCP port 2501 on host ::1 with IPv6
Jan 21 04:31:35 mx2 sqlgrey: 2019/01/21-04:31:35 Can't connect to TCP port 2501 on ::1 [Cannot assign requested address]#012  at line 68 in file /usr/share/perl5/vendor_perl/Net/Server/Proto/TCP.pm
Jan 21 04:31:35 mx2 sqlgrey: 2019/01/21-04:31:35 Server closing!

User avatar
shawniverson
Posts: 2785
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: EFA 4 beta

Post by shawniverson » 21 Jan 2019 04:40

Looks like it trying to bind to ::1 and it cannot, probably because ipv6 is disabled in the instance.

Edit /etc/sqlgrey/sqlgrey.conf and add the following line:

Code: Select all

inet = 127.0.0.1:2501
Then start sqlgrey again.

Code: Select all

sudo systemctl start sqlgrey
Version eFa 4.0.0 RC3 now available in testing repo. Come join us in advancing eFa!

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 04:52

1) Edited the file on:

Code: Select all

## Socket
# On which socket do SQLgrey wait for queries
# use the following if you need to bind on a public IP address
# inet = <public_ip>:2501
# to bind on a UNIX socket, use the following:
# unix = /path/to/socket
# default :
# inet = 2501    # bind to localhost:2501
To

Code: Select all

## Socket
# On which socket do SQLgrey wait for queries
# use the following if you need to bind on a public IP address
# inet = <public_ip>:2501
# to bind on a UNIX socket, use the following:
# unix = /path/to/socket
# default :
inet = 127.0.0.1:2501    # bind to localhost:2501
2) Checked ok

Code: Select all

[user@mx2 ~]$ sudo systemctl start sqlgrey
[user@mx2 ~]$ sudo systemctl status sqlgrey
● sqlgrey.service - SQLgrey Postfix Grey-listing Policy service
   Loaded: loaded (/usr/lib/systemd/system/sqlgrey.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2019-01-21 04:52:37 WET; 14s ago
  Process: 20081 ExecStart=/usr/sbin/sqlgrey -d (code=exited, status=0/SUCCESS)
 Main PID: 20082 (sqlgrey)
   CGroup: /system.slice/sqlgrey.service
           └─20082 /usr/bin/perl -w /usr/sbin/sqlgrey -d

Jan 21 04:52:37 mx2.domain.tld systemd[1]: Starting SQLgrey Postfix Grey-listing Policy service...
Jan 21 04:52:37 mx2.domain.tld  sqlgrey[20082]: Process Backgrounded
Jan 21 04:52:37 mx2.domain.tld  sqlgrey[20082]: 2019/01/21-04:52:37 sqlgrey (type Net::Server::Multiplex) starting! pid(20082)
Jan 21 04:52:37 mx2.domain.tld  sqlgrey[20082]: Binding to TCP port 2501 on host 127.0.0.1 with IPv4
Jan 21 04:52:37 mx2.domain.tld  sqlgrey[20082]: Setting gid to "990 990"
Jan 21 04:52:37 mx2.domain.tld  sqlgrey[20082]: Setting uid to "993"
Jan 21 04:52:37 mx2.domain.tld  systemd[1]: Started SQLgrey Postfix Grey-listing Policy service.
[user@mx2 ~]$
3) On Mailwatch sqlgrey is working now.
Attachments
oksqlgrey.PNG
oksqlgrey.PNG (18.28 KiB) Viewed 918 times

Alleyviper
Posts: 68
Joined: 16 Oct 2018 05:55
Location: Portugal

Re: EFA 4 beta

Post by Alleyviper » 21 Jan 2019 05:10

Hi Shawn,

1) I confirm that SeLinux was disabled by default on clean Centos 7 on cloud provider - Need to have a check on that on the build;
2) I confirm that on EFAinit (web) I´ve selected "no" for IPV6 - Need to have some check on the build to change the inet if this selection is made;
3) I´ve changed mx priority for testing EFa4 and verify/var/log/mailog and emails are getting in :D
4) SQLgrey is working too

Code: Select all

Jan 21 05:07:13 mx2 postfix/smtpd[22827]: connect from mail-wm1-f52.google.com[209.85.128.52]
Jan 21 05:07:13 mx2 postfix/smtpd[22827]: Anonymous TLS connection established from mail-wm1-f52.google.com[209.85.128.52]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jan 21 05:07:14 mx2 sqlgrey: grey: new: 209.85.128(209.85.128.52), emails@gmail.com -> email@domain.tld
Jan 21 05:07:14 mx2 postfix/smtpd[22827]: NOQUEUE: reject: RCPT from mail-wm1-f52.google.com[209.85.128.52]: 451 4.7.1 <email@domain.tld>: Recipient address rejected: Greylisted for 5 minutes; from=<email@gmail.com> to=<email@domain.tld> proto=ESMTP helo=<mail-wm1-f52.google.com>
Jan 21 05:07:14 mx2 postfix/smtpd[22827]: disconnect from mail-wm1-f52.google.com[209.85.128.52] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/7
Attachments
websqllog.PNG
websqllog.PNG (17.1 KiB) Viewed 914 times

jamerson
Posts: 120
Joined: 19 Aug 2017 18:57
Location: kaaskop

Re: EFA 4 beta

Post by jamerson » 21 Jan 2019 14:54

I Dont know what happens but i am missing the button Greylist after today
Emails are arriving no problem, just the button is disapeared.
i've tried to restart the

Code: Select all

sudo systemctl start sqlgrey
and even restart but nothing helps.
Attachments
Schermafbeelding 2019-01-21 om 15.11.28.png
Schermafbeelding 2019-01-21 om 15.11.28.png (26.36 KiB) Viewed 906 times
Version eFa 4.0.0 RC1 now available in testing repo. Come join us in advancing eFa!

henk
Posts: 379
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: EFA 4 beta

Post by henk » 21 Jan 2019 16:30

As we live in different time-zones and some of us need to sleep sometimes, except Shawn.., I did some changes to disable IPV6 today. :)

Unbound is just an example, so you need to modify the ip addresses/network/ Domain mask where used :!:
I still need to check the rpc ipv6, if its needed or not. EFA is up and running (Without IPV6)

disable ipv6 centos7 EFA

REMARK: I use the conventional naming on the interfaces aka eth(x) and not the ens(X) du the net.ifnames=0 boot kernel parameter
do not disable ipv6 in the boot options !!!
reboot when ready !!!

first check ipv6

Code: Select all

netstat -tunlp
ip addr show | grep net6
ifconfig -a | grep inet6
Chrony

Code: Select all

/etc/sysconfig/chronyd
# Command-line options for chronyd
#OPTIONS=""
OPTIONS="-4"

Code: Select all

systemctl restart chronyd

Code: Select all

ntpdate
/etc/sysconfig/ntpdate
# Options for ntpdate
#OPTIONS="-p 2"
OPTIONS="-4 -p 2"

network

Code: Select all

/etc/sysconfig/network
# Created by anaconda and henk
NETWORKING_IPV6=no
IPV6INIT=no
IPV6_AUTOCONF=no
DHCPV6=no
IPV6FORWARDING=no

interface

Code: Select all

/etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by parse-kickstart
IPV6INIT=no
IPV6_AUTOCONF=no
BOOTPROTO="none"
DEVICE=eth0
ONBOOT=yes
UUID=blalalala
TYPE=Ethernet
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
NAME="eth0"
IPADDR="172.16.1.15"
NETMASK="255.255.0.0"
GATEWAY="172.16.1.1"
DNS1="127.0.0.1"
#DNS2="::1"
ZONE=public

Disable ipv6

Code: Select all

vi /etc/sysctl.d/disableipv6.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6= 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
net.ipv6.conf.all.accept_ra = 0
net.ipv6.conf.all.accept_redirects = 0

Code: Select all

sysctl -p

Code: Select all

sudo systemctl restart networking
set mailscanner to 443

Code: Select all

/var/www/html/mailscanner/.htaccess
Options -Indexes
Listen 0.0.0.0:443


Stil need to check if there are more ports or service needed and how to add dhcp bacula-client pop3 pop3s ntp :?:

Code: Select all

firewall-cmd --get-active-zones
public
interfaces: eth0

Code: Select all

firewall-cmd --get-default-zone
public

Code: Select all

firewall-cmd --get-services
RH-Satellite-6 amanda-client amanda-k5-client bacula bacula-client bgp bitcoin bitcoin-rpc bitcoin-testnet bitcoin-testnet-rpc ceph ceph-mon cfengine condor-collector ctdb dhcp dhcpv6 dhcpv6-client dns docker-registry docker-swarm dropbox-lansync elasticsearch freeipa-ldap freeipa-ldaps freeipa-replication freeipa-trust ftp ganglia-client ganglia-master git gre high-availability http https imap imaps ipp ipp-client ipsec irc ircs iscsi-target jenkins kadmin kerberos kibana klogin kpasswd kprop kshell ldap ldaps libvirt libvirt-tls managesieve mdns minidlna mongodb mosh mountd ms-wbt mssql murmur mysql nfs nfs3 nmea-0183 nrpe ntp openvpn ovirt-imageio ovirt-storageconsole ovirt-vmconsole pmcd pmproxy pmwebapi pmwebapis pop3 pop3s postgresql privoxy proxy-dhcp ptp pulseaudio puppetmaster quassel radius redis rpc-bind rsh rsyncd samba samba-client sane sip sips smtp smtp-submission smtps snmp snmptrap spideroak-lansync squid ssh syncthing syncthing-gui synergy syslog syslog-tls telnet tftp tftp-client tinc tor-socks transmission-client upnp-client vdsm vnc-server wbem-https xmpp-bosh xmpp-client xmpp-local xmpp-server zabbix-agent zabbix-server

Code: Select all

 firewall-cmd --zone=public --list-ports
443/tcp 587/tcp 80/tcp

Code: Select all

firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: ssh dhcpv6-client http smtp
ports: 443/tcp 587/tcp 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Sellinux

Code: Select all

getenforce
Enforcing

Code: Select all

sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31

SSH

Code: Select all

/etc/ssh/ssh_config
# ssh_config(5) man page.
AddressFamily inet
# Host

Code: Select all

/etc/ssh/sshd_config
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
AddressFamily inet
ListenAddress 0.0.0.0

Code: Select all

/etc/httpd/conf/httpd.conf
#Listen 12.34.56.78:80
#Listen 80
Listen 0.0.0.0:80

Add Servertokens OS Signaure and TraceEnable to ssl conf

Code: Select all

/etc/httpd/conf.d/ssl.conf
#
# When we also provide SSL we have to listen to the
# standard HTTPS port in addition.
#
Listen 443 https
ServerTokens OS
ServerSignature On
TraceEnable Off

SQLGREY

Code: Select all

/etc/sqlgrey/sqlgrey.conf
## Socket
# On which socket do SQLgrey wait for queries
# use the following if you need to bind on a public IP address
# inet = <public_ip>:2501
# to bind on a UNIX socket, use the following:
# unix = /path/to/socket
# default :
# inet = 2501 # bind to localhost:2501
inet = 127.0.0.1:2501

Code: Select all

sudo systemctl start sqlgrey
Postfix

Code: Select all

/etc/postfix/main.cf
inet_interfaces = $myhostname, localhost
# Enable IPv4, and IPv6 if supported
#inet_protocols = ipv4, ipv6
inet_protocols = ipv4

relayhost = [FQDN mail server]
#mynetworks = 127.0.0.0/8 [::1]/128
mynetworks = 127.0.0.0/8, 172.16.0.0/16

Code: Select all

/etc/postfix/transport
###### START eFa ADDED DOMAINS ######
private.lan smtp:[<<fqdn mail server>>]

Code: Select all

postmap /etc/postfix/transport

Code: Select all

/etc/postfix/header_checks
HEADER_CHECKS(5)
/^Received:\ from\ sansspam.private.lan\ \(localhost\ \[127.0.0.1/ IGNORE
#/^Received:\ from\ sansspam.private.lan\ \(localhost\ \[::1/ IGNORE

Code: Select all

/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
#::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.1.15 sansspam.private.lan sansspam

dovecot

Code: Select all

/etc/dovecot/dovecot.conf
Decide what protocols to use.
# Protocols we want to be serving.!!!
#protocols = imap pop3 lmtp
protocols = pop3

# A comma separated list of IPs or hosts where to listen in for connections.
# "*" listens in all IPv4 interfaces, "::" listens in all IPv6 interfaces.
# If you want to specify non-default ports or anything more complex,
# edit conf.d/master.conf.
#listen = *, ::
listen = *


unbound

Code: Select all

/etc/unbound/conf.d/unbound.conf
# The server clause sets the main parameters.
server:
interface: 127.0.0.1
outgoing-interface: 172.16.1.15
do-ip4: yes
do-ip6: no
cache-min-ttl: 900
hide-identity: yes
hide-version: yes

private-domain: "private.lan."
private-address: 172.16.0.0/16

domain-insecure: "private.lan."

# control which clients are allowed to make (recursive) queries
access-control: 127.0.0.0/8 allow

# (this now fails on all GoDaddy customer domains, so disabled)
use-caps-for-id: no
local-zone: "17.172.in-addr.arpa." transparent

remote-control:
control-interface: 127.0.0.1

# Stub and Forward zones
forward-zone:
name: "private.lan"
forward-addr: 172.16.1.17 # SAMBA AD
forward-first: yes

forward-zone:
name: "17.172.in-addr.arpa."
forward-addr: 172.16.1.17 # SAMBA AD
forward-first: yes

Code: Select all

/etc/unbound/conf.d/forwarders.conf
forward-zone:
name: "."
forward-addr: 172.16.1.1
forward-first: yes


RPC? Need to check
[root@sansspam NetworkManager]# systemctl cat rpcbind.socket
# /usr/lib/systemd/system/rpcbind.socket
[Unit]
Description=RPCbind Server Activation Socket

[Socket]
ListenStream=/var/run/rpcbind.sock

# RPC netconfig can't handle ipv6/ipv4 dual sockets
BindIPv6Only=ipv6-only
ListenStream=0.0.0.0:111
ListenDatagram=0.0.0.0:111
ListenStream=[::]:111
ListenDatagram=[::]:111

[Install]
WantedBy=sockets.target

systemctl reboot

jkissane
Posts: 7
Joined: 14 Dec 2018 10:32

Re: EFA 4 beta

Post by jkissane » 21 Jan 2019 17:34

Just tried an install of this into a fresh VM using the kickstart file, the install went ok although looks like it shut itself down rather than rebooting when it finished (wasn't watching it sorry). After I powered it on again, it went through the initial setup and looks to be alive & well. I was able to log in via both ssh & the web interface.

henk
Posts: 379
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: EFA 4 beta

Post by henk » 21 Jan 2019 18:15

:clap: :clap: :clap: :clap: :clap: :clap:
Total download size: 1.2 M
Is this ok [y/d/N]: y
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/2): eFa-4.0.0-5.eFa.el7.x86_64.rpm | 99 kB 00:00:00
(2/2): MailWatch-1.2.12-3.eFa.el7.x86_64.rpm | 1.1 MB 00:00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 2.1 MB/s | 1.2 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Updating : 1:MailWatch-1.2.12-3.eFa.el7.x86_64 1/4
Updating : 1:eFa-4.0.0-5.eFa.el7.x86_64 2/4

Preparing to update eFa...
checkmodule: loading policy configuration from /var/eFa/lib/selinux/eFa.te
checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 19) to /var/eFa/lib/selinux/eFa.mod
Update completed successfully!
Cleanup : 1:eFa-4.0.0-4.eFa.el7.x86_64 3/4
Cleanup : 1:MailWatch-1.2.12-2.eFa.el7.x86_64 4/4
Verifying : 1:MailWatch-1.2.12-3.eFa.el7.x86_64 1/4
Verifying : 1:eFa-4.0.0-5.eFa.el7.x86_64 2/4
Verifying : 1:eFa-4.0.0-4.eFa.el7.x86_64 3/4
Verifying : 1:MailWatch-1.2.12-2.eFa.el7.x86_64 4/4

Updated:
MailWatch.x86_64 1:1.2.12-3.eFa.el7 eFa.x86_64 1:4.0.0-5.eFa.el7

Complete!

henk
Posts: 379
Joined: 14 Dec 2015 22:16
Location: Netherlands
Contact:

Re: EFA 4 beta

Post by henk » 21 Jan 2019 20:38

jamerson wrote:
21 Jan 2019 14:54
I Dont know what happens but i am missing the button Greylist after today
Emails are arriving no problem, just the button is disapeared.
i've tried to restart the

Code: Select all

sudo systemctl start sqlgrey
and even restart but nothing helps.
I have the same issue, no errors whatsover. Did you also run yum update today?

Post Reply