26 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

I try, but not working, do not create the necessary tables in mysql...

The "GRANT ALL PRIVILEGES ..." command doesn't create tables at all, it's used to verify whether we can make it allow connection from Jail. Is it OK now?

If the SQL connection from Jail is OK with above command, i will commit it into iRedMail.

perlporter wrote:

Sorry for the inconvenience ..

No bother at all, i want to make it work with Jail too. Thanks for your testing and feedback. smile

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

27 Reply by perlporter (edited by perlporter 2012-08-19 08:55:05)

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

ZhangHuangbin wrote:
perlporter wrote:

I try, but not working, do not create the necessary tables in mysql...

The "GRANT ALL PRIVILEGES ..." command doesn't create tables at all, it's used to verify whether we can make it allow connection from Jail. Is it OK now?
If the SQL connection from Jail is OK with above command, i will commit it into iRedMail.

Yes, works.... I'm testing this: (functions/mysql.sh):

ECHO_DEBUG "Initialize MySQL database."
    mysql -h${MYSQL_SERVER} -P${MYSQL_SERVER_PORT} -u${MYSQL_ROOT_USER} -p"${MYSQL_ROOT_PASSWD}" <<EOF
SOURCE ${MYSQL_INIT_SQL};
UPDATE user SET host='${MYSQL_SERVER}' WHERE user='root' and host='localhost';
FLUSH PRIVILEGES;

NOT WORK, see:

s MySQL server
< INFO > Configure Postfix (Message Transfer Agent).
< INFO > Configure Policyd (postfix policy server, version 1.8).
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
< INFO > Configure Dovecot (pop3/imap/managesieve server, version 2).
< INFO > Configure ClamAV (anti-virus toolkit).
< INFO > Configure Amavisd-new (interface between MTA and content checkers).
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
< INFO > Configure SpamAssassin (content-based spam filter).
< INFO > Configure iRedAPD (postfix policy daemon).
< INFO > Configure iRedAdmin (official web-based admin panel).
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
< INFO > Configure Awstats (logfile analyzer for mail and web server).
< INFO > Configure Roundcube webmail.
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
< INFO > Configure phpLDAPadmin (web-based LDAP management tool).
< INFO > Configure phpMyAdmin (web-based MySQL management tool).


iredmail# ping iredmail
PING iredmail (192.168.1.1): 56 data bytes
64 bytes from 192.168.1.1: icmp_seq=0 ttl=64 time=0.024 ms
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.020 ms

28 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

I use GRANT ALL command I did and I got access to 192.168.1.1, but the errors persist:

< INFO > Configure MySQL database server.
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
ERROR 1062 (23000) at line 2: Duplicate entry '192.168.1.1-root' for key 'PRIMARY'
< INFO > Configure Postfix (Message Transfer Agent).
< INFO > Configure Policyd (postfix policy server, version 1.8).
pw: login name `policyd' already exists
ERROR 1044 (42000) at line 6: Access denied for user 'root'@'192.168.1.1' to database 'policyd'
< INFO > Configure Dovecot (pop3/imap/managesieve server, version 2).
< INFO > Configure ClamAV (anti-virus toolkit).
< INFO > Configure Amavisd-new (interface between MTA and content checkers).
ERROR 1044 (42000) at line 5: Access denied for user 'root'@'192.168.1.1' to database 'amavisd'
< INFO > Configure SpamAssassin (content-based spam filter).
< INFO > Configure iRedAPD (postfix policy daemon).
< INFO > Configure iRedAdmin (official web-based admin panel).
ERROR 1044 (42000) at line 7: Access denied for user 'root'@'192.168.1.1' to database 'iredadmin'
< INFO > Configure Awstats (logfile analyzer for mail and web server).
< INFO > Configure Roundcube webmail.
ERROR 1044 (42000) at line 3: Access denied for user 'root'@'192.168.1.1' to database 'roundcubemail'
< INFO > Configure phpLDAPadmin (web-based LDAP management tool).
< INFO > Configure phpMyAdmin (web-based MySQL management tool).

29 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

Yes, works....

I committed this fix moment ago. Could you help test the latest development version with below steps:

- Check out the latest development version: hg clone https://bitbucket.org/zhb/iredmail
- Update parameter LOCAL_ADDRESS to the IP of your Jail in iRedMail/conf/global before you execute it:

export LOCAL_ADDRESS='192.168.x.x'

Here 192.168.x.x is the IP address of your Jail.

- Start iRedMail installer with below command:

# _DEBUG=YES bash iRedMail.sh

With _DEBUG=YES, it will output some more detail info, so that i can know which steps were not successfully performed.

P.S. May i ask you some questions:

- Do you test with a physical server or virtual machine (VMware, Xen, VirtualBox, ...)?
- How long did it take for a complete iRedMail install?

30 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

I'm testing...

P.S. May i ask you some questions:

- Do you test with a physical server or virtual machine (VMware, Xen, VirtualBox, ...)?

An physical server:

CPU: Intel(R) Xeon(R) CPU           E5506  @ 2.13GHz (2133.42-MHz K8-class CPU)
real memory  = 8589934592 (8192 MB)
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs


- How long did it take for a complete iRedMail install?

I usually redo the Jail iRedMail install and then again .. It takes time to download and compile programs .. I never scored .. I leave doing and go to sleep;-)

31 Reply by perlporter (edited by perlporter 2012-08-19 19:11:26)

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

Not work yet... see: (with latest version)

< INFO > Configure MySQL database server.
< DEBUG > Starting MySQL.
< DEBUG > Skip adding setting in /etc/rc.conf: mysql_enable='YES'
< DEBUG > Sleep 5 seconds for MySQL daemon initialize ...
< DEBUG > Grant access privilege from 192.168.1.1 ...
< DEBUG > Setting password for MySQL admin (root).
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
< DEBUG > Initialize MySQL database.
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
.......
< DEBUG > Create directory alias for iRedAdmin.
< DEBUG > Import iredadmin database template.
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server
.......
< DEBUG > Import MySQL database and privileges for Roundcubemail.
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server


# mysql -h 192.168.1.1 -u root -p
Enter password: XXXXXX
ERROR 1130 (HY000): Host 'iredmail' is not allowed to connect to this MySQL server

From my observations .. just missing the mysql work .. All other components are OK ..

Setup can not create the required tables;

32 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

Dear perlporter,

I'm so sorry that there's a incorrect test in my code sad.
Fixed moment ago, please try it again (and, sorry, again). Don't forget to use "_DEBUG=YES bash iRedMail.sh".

perlporter wrote:

I usually redo the Jail iRedMail install and then again .. It takes time to download and compile programs .. I never scored .. I leave doing and go to sleep;-)

You can find the time in iRedMail/.status file. It will show you how long it took to compile/install each port, and the amount time to compile/build ALL ports. For example:

export status_install_port_logwatch='DONE'  # 353 seconds, ~5 minutes

33 Reply by stevekez

  • stevekez
  • Member
  • Offline
  • Registered: 2012-07-11
  • Posts: 22

Re: iRedMail behind FreeBSD Jail

I have iRedMail working in a FreeBSD Jail.

The jail has a local IP and pf does NAT. Local mail relaying and delivery (between jails and the bare-metal server, not iredmail accounts) is still a little bit weird, but everything else went OK.

The main thing I did was edit the functions directory like so:

sed -i '' -E "s/@localhost/@'%'/g" functions/*

The above assumes you're in the iRedMail-0.8.1 installer directory.

The MySQL server is firewalled so changing the permissions wasn't an issue.

I think I edited some of the install scripts to make sure the passwords were updated for these wildcard users too:

mysql -u${MYSQL_ROOT_USER} -p"${MYSQL_ROOT_PASSWD}" >>EOF
USE mysql;
SELECT @d:=password FROM user WHERE user = "root" AND host = "localhost";
UPDATE user u SET u.password = @d WHERE user = "root";
FLUSH PRIVILEGES;
EOF

Then I had to edit postfix and possibly amavis and some others to make sure the IP of the jail (in my case the whole subnet to allow other jails access to certain services) was considered a local network and handled correctly.

I wish I could be more specific, but it was a couple of months since I did it, and apart from the above snippets, which got me through the install process successfully, the rest was done as required as part of the post-install configuration.

It looks like the discussed approach here has been a bit different, so chances are my notes aren't of much use - or might make things worse. But I thought it might still be worth sharing.

34 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

ZhangHuangbin wrote:

Dear perlporter,

I'm so sorry that there's a incorrect test in my code sad.
Fixed moment ago, please try it again (and, sorry, again). Don't forget to use "_DEBUG=YES bash iRedMail.sh".

perlporter wrote:

I usually redo the Jail iRedMail install and then again .. It takes time to download and compile programs .. I never scored .. I leave doing and go to sleep;-)

You can find the time in iRedMail/.status file. It will show you how long it took to compile/install each port, and the amount time to compile/build ALL ports. For example:

export status_install_port_logwatch='DONE'  # 353 seconds, ~5 minutes

# Total time: 4285 seconds, about 71 minutes


The error continue:


< INFO > Configure MySQL database server.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
ERROR 1142 (42000) at line 5 in file: '/root/zhb-iredmail-2394a72d3205/iRedMail/conf/mysql_init.sql': DELETE command denied to user 'root'@'iredmail' for table 'user'
< INFO > Configure Postfix (Message Transfer Agent).
< INFO > Configure Policyd (postfix policy server, version 1.8).
pw: login name `policyd' already exists
ERROR 1044 (42000) at line 1: Access denied for user 'root'@'192.168.1.1' to database 'policyd'
< INFO > Configure Dovecot (pop3/imap/managesieve server, version 2).
< INFO > Configure ClamAV (anti-virus toolkit).
< INFO > Configure Amavisd-new (interface between MTA and content checkers).
ERROR 1044 (42000) at line 2: Access denied for user 'root'@'192.168.1.1' to database 'amavisd'
< INFO > Configure SpamAssassin (content-based spam filter).
< INFO > Configure iRedAPD (postfix policy daemon).
< INFO > Configure iRedAdmin (official web-based admin panel).
ERROR 1044 (42000) at line 2: Access denied for user 'root'@'192.168.1.1' to database 'iredadmin'
ERROR 1049 (42000) at line 1: Unknown database 'iredadmin'
< INFO > Configure Awstats (logfile analyzer for mail and web server).
< INFO > Configure Roundcube webmail.
ERROR 1044 (42000) at line 2: Access denied for user 'root'@'192.168.1.1' to database 'roundcubemail'
< INFO > Configure phpLDAPadmin (web-based LDAP management tool).
< INFO > Configure phpMyAdmin (web-based MySQL management tool).

35 Reply by javon

  • javon
  • Member
  • Offline
  • Registered: 2012-05-27
  • Posts: 37

Re: iRedMail behind FreeBSD Jail

I had the same problems even if I install iRedmail on a physical FreeBSD server, not on a jail.
I just added line:
GRANT ALL PRIVILEGES ON *.* TO ROOT@'%' identified by 'somepassword';
into the file functions/mysql.sh between lines:
SOURCE ${MYSQL_INIT_SQL};
and
FLUSH PRIVILEGES;

I know that this is not really safe but there will be time to tune it up after installation process is completed smile

36 Reply by perlporter (edited by perlporter 2012-08-20 08:48:08)

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

I tried what you said and it did not work ..

See:

httpS://iredmail.ramenzoni.com.br/mail/

iredmail# mysql -h 192.168.1.1 -u root -p
Enter password: scohp00
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.5.27 Source distribution

Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
| test               |
+--------------------+
4 rows in set (0.00 sec)

37 Reply by javon (edited by javon 2012-08-20 07:50:45)

  • javon
  • Member
  • Offline
  • Registered: 2012-05-27
  • Posts: 37

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

I tried what you said and it did not work ..

It should work. I did not mention it but did you use the same password as that you have chosen for user root during config?

38 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

stevekez wrote:

It looks like the discussed approach here has been a bit different, so chances are my notes aren't of much use - or might make things worse. But I thought it might still be worth sharing.

Hi Stevekez,

We're talking about the same issue. But we want to be safer with strict permission, use 'root'@'192.168.x.x' instead of 'root'@'%' if possible.

perlporter wrote:

< INFO > Configure MySQL database server.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
ERROR 1142 (42000) at line 5 in file: '/root/zhb-iredmail-2394a72d3205/iRedMail/conf/mysql_init.sql': DELETE command denied to user 'root'@'iredmail' for table 'user'

SQL command is incorrect.

I will setup a Jail with ezjail on my laptop for testing, will let you know when i got it working. (it will take about 4 hours for one iRedMail installation, it's painful ...)
Thanks for your feedback and patience. smile

39 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

javon wrote:
perlporter wrote:

I tried what you said and it did not work ..

It should work. I did not mention it but did you use the same password as that you have chosen for user root during config?

Sure.. I'm  using the same password...

40 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

Hi perlporter,

Could you try the latest development again? It works for me here: FreeBSD 9.0-RELEASE with ezjail.

MySQL permission issue should be fixed with addition SQL command (in functions/mysql.sh):

-- Allow GRANT privilege                                                           
UPDATE user SET Grant_priv='Y' WHERE User='${MYSQL_ROOT_USER}' AND Host='${SQL_HOSTNAME}';

Below are steps:

- Check out the latest development version: hg clone https://bitbucket.org/zhb/iredmail

- Update parameter LOCAL_ADDRESS to the IP of your Jail in iRedMail/conf/global before you execute it:

export LOCAL_ADDRESS='192.168.x.x'

Here 192.168.x.x is the IP address of your Jail. As you already know, SQL_HOSTNAME will be set to 192.168.x.x automatically.

- Start iRedMail installer with below command:

# _DEBUG=YES bash iRedMail.sh

With _DEBUG=YES, it will output some more detail info, so that i can know which steps were not successfully performed.

Be careful, port security/cyrus-sasl2 may interrupt iRedMail installation, don't panic, install it manually then re-execute iRedMail.sh.

# cd /usr/ports/security/cyrus-sasl2/
# make clean
# make install clean

Here's output of installation if you're interested in:

********************************************************************
* Start iRedMail Configurations
********************************************************************
< INFO > Create SSL certification files.
< INFO > Create required system accounts: vmail, iredapd, iredadmin.
< DEBUG > Create HOME folder for vmail user.
< DEBUG > Create system user/group: vmail:vmail.
< DEBUG > Create directory to store user sieve rule files: /var/vmail/sieve.
< DEBUG > Create system user: iredadmin.
< DEBUG > Create system user: iredapd.
< INFO > Configure Apache web server and PHP.
< Backup > /usr/local/etc/apache22/httpd.conf -> httpd.conf.2012.08.21.11.58.57.
< Backup > /usr/local/etc/apache22/extra/httpd-ssl.conf -> httpd-ssl.conf.2012.08.21.11.58.57.
< DEBUG > Basic configurations.
< DEBUG > Set correct SSL Cert/Key file location.
< DEBUG > Enable modules.
< DEBUG > Configure Apache.
< DEBUG > Add setting in /etc/rc.conf: apache22_enable='YES'
< DEBUG > Add setting in /etc/rc.conf: htcacheclean_enable='NO'
< DEBUG > Disable several functions: /usr/local/etc/php.ini.
< DEBUG > Hide PHP Version in Apache from remote users requests: /usr/local/etc/php.ini.
< DEBUG > Increase 'memory_limit' to 128M: /usr/local/etc/php.ini.
< DEBUG > Increase 'upload_max_filesize', 'post_max_size' to 10/12M: /usr/local/etc/php.ini.
< DEBUG > Disable php extension: suhosin. /usr/local/etc/php.ini.
< INFO > Configure MySQL database server.
< DEBUG > Starting MySQL.
< DEBUG > Add setting in /etc/rc.conf: mysql_enable='YES'
< DEBUG > Sleep 5 seconds for MySQL daemon initialize ...
< DEBUG > Grant access privilege from 172.16.122.244 ...
< DEBUG > Initialize MySQL database.
< DEBUG > Generating SQL template for postfix virtual hosts: /root/iRedMail/conf/mysql_vmail.sql.
< DEBUG > Import postfix virtual hosts/users: /root/iRedMail/conf/mysql_vmail.sql.
< INFO > Configure Postfix (Message Transfer Agent).
< Backup > /usr/local/etc/postfix/main.cf -> main.cf.2012.08.21.11.58.57.
< Backup > /usr/local/etc/postfix/master.cf -> master.cf.2012.08.21.11.58.57.
< DEBUG > Enable chroot.
< DEBUG > Copy: /etc/{hosts,resolv.conf,localtime,services} -> /var/spool/postfix/etc/
< Backup > /etc/mail/mailer.conf -> mailer.conf.2012.08.21.11.58.57.
< DEBUG > Add setting in /etc/rc.conf: postfix_enable='YES'
< DEBUG > Add setting in /etc/rc.conf: sendmail_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: sendmail_submit_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: sendmail_outbound_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: sendmail_msp_queue_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: daily_clean_hoststat_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: daily_status_mail_rejects_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: daily_status_include_submit_mailq='NO'
< DEBUG > Add setting in /etc/rc.conf: daily_submit_queuerun='NO'
< DEBUG > Configure Postfix for MySQL lookup.
< DEBUG > Set file permission: Owner/Group -> postfix/postfix, Mode -> 0640.
< DEBUG > Configure SMTP SASL authentication.
< DEBUG > Enable TLS/SSL support in Postfix.
< INFO > Configure Policyd (postfix policy server, version 1.8).
< DEBUG > Add user and group for policyd: policyd:policyd.
< DEBUG > Initialize MySQL database of policyd.
< DEBUG > Configure policyd: /usr/local/etc/postfix-policyd-sf.conf.
< DEBUG > Setting cron job for policyd user: policyd.
< DEBUG > Add setting in /etc/rc.conf: postfix_policyd_sf_enable='YES'
< INFO > Configure Dovecot (pop3/imap/managesieve server, version 2).
< DEBUG > Configure dovecot: /usr/local/etc/dovecot/dovecot.conf.
< DEBUG > Copy sample sieve global filter rule file: /var/vmail/sieve/dovecot.sieve.sample.
< DEBUG > Create dovecot log file: /var/log/dovecot.log, /var/log/sieve.log.
< DEBUG > Enable dovecot SASL support in postfix: /usr/local/etc/postfix/main.cf.
< DEBUG > Create directory for Dovecot plugin: Expire.
< DEBUG > Setting logrotate for dovecot log file.
< DEBUG > Add setting in /etc/rc.conf: dovecot_enable='YES'
< INFO > Configure ClamAV (anti-virus toolkit).
< Backup > /usr/local/etc/clamd.conf -> clamd.conf.2012.08.21.11.58.57.
< Backup > /usr/local/etc/freshclam.conf -> freshclam.conf.2012.08.21.11.58.57.
< DEBUG > Configure ClamAV: /usr/local/etc/clamd.conf.
< DEBUG > Configure freshclam: /usr/local/etc/freshclam.conf.
< DEBUG > Add clamav user to amavid group.
< DEBUG > Add setting in /etc/rc.conf: clamav_clamd_enable='YES'
< DEBUG > Add setting in /etc/rc.conf: clamav_freshclam_enable='YES'
< INFO > Configure Amavisd-new (interface between MTA and content checkers).
< Backup > /usr/local/etc/amavisd.conf -> amavisd.conf.2012.08.21.11.58.57.
< Backup > /usr/local/etc/amavisd.conf -> amavisd.conf.2012.08.21.11.58.57.
< DEBUG > Configure amavisd-new: /usr/local/etc/amavisd.conf.
< DEBUG > Add setting in /etc/rc.conf: amavisd_enable='YES'
< DEBUG > Add setting in /etc/rc.conf: amavisd_pidfile='/var/amavis/amavisd.pid'
< DEBUG > Add setting in /etc/rc.conf: amavis_milter_enable='NO'
< DEBUG > Add setting in /etc/rc.conf: amavis_p0fanalyzer_enable='NO'
< DEBUG > Generate DKIM pem files: /var/lib/dkim/a.cn.pem.
< DEBUG > Setting cron job for vmail user to delete virus mail per month.
< DEBUG > Import Amavisd database and privileges.
< INFO > Configure SpamAssassin (content-based spam filter).
< DEBUG > Generate new configuration file: /usr/local/etc/mail/spamassassin/local.cf.
< DEBUG > Enable crontabs for SpamAssassin update.
< DEBUG > Compile SpamAssassin ruleset into native code.
< INFO > Configure iRedAPD (postfix policy daemon).
< DEBUG > Extracting: iRedAPD-1.3.8.tar.bz2 -> /opt
< DEBUG > Configure iRedAPD.
< DEBUG > Make iredapd start after system startup.
< DEBUG > Add setting in /etc/rc.conf: iredapd_enable='YES'
< INFO > Configure iRedAdmin (official web-based admin panel).
< DEBUG > Extracting: iRedAdmin-0.1.9.tar.bz2 -> /usr/local/www
< DEBUG > Set correct permission for iRedAdmin: /usr/local/www/iRedAdmin-0.1.9.
< DEBUG > Create directory alias for iRedAdmin.
< DEBUG > Import iredadmin database template.
< DEBUG > Configure iRedAdmin.
< DEBUG > Configure general settings.
< DEBUG > Configure iredadmin database related settings.
< DEBUG > Configure MySQL related settings.
< DEBUG > Configure Policyd related settings.
< DEBUG > Configure Amavisd related settings.
< INFO > Configure Awstats (logfile analyzer for mail and web server).
< DEBUG > Generate apache config file for awstats: /usr/local/etc/apache22/Includes/awstats.conf.
< DEBUG > Setup user auth for awstats: /usr/local/etc/apache22/Includes/awstats.conf.
< DEBUG > Config awstats to analyze apache web access log: /usr/local/www/awstats/cgi-bin/awstats.web.conf.
< Backup > /usr/local/www/awstats/cgi-bin/awstats.model.conf -> awstats.model.conf.2012.08.21.11.58.57.
< DEBUG > Config awstats to analyze postfix mail log: /usr/local/www/awstats/cgi-bin/awstats.smtp.conf.
< DEBUG > Setting cronjob for awstats.
< INFO > Configure Roundcube webmail.
< DEBUG > Create directory alias for Roundcubemail.
< Backup > /usr/local/www/apache22/data/index.html -> index.html.2012.08.21.11.58.57.
< DEBUG > Import MySQL database and privileges for Roundcubemail.
< DEBUG > Configure database for Roundcubemail: /usr/local/www/roundcube/config/*.
< DEBUG > Enable and config plugin: managesieve.
< DEBUG > Enable and config plugin: password.
< INFO > Configure phpMyAdmin (web-based MySQL management tool).
< DEBUG > Create directory alias for phpMyAdmin in Apache: /usr/local/etc/apache22/Includes/phpmyadmin.conf.
< DEBUG > Config phpMyAdmin: /usr/local/www/phpMyAdmin/config.inc.php.

*************************************************************************
* iRedMail-0.8.1 installation and configuration complete.
*************************************************************************

< DEBUG > Decrease sshd service start order via chkconfig.
< DEBUG > Setup backup script: /var/vmail/backup/backup_mysql.sh
< INFO > Updating SpamAssassin rules (sa-update), please wait ...
< INFO > Compiling SpamAssassin rulesets (sa-compile), please wait ...
< INFO > Updating ClamAV database (freshclam), please wait ...
ClamAV update process started at Tue Aug 21 13:32:47 2012
Downloading main.cvd [100%]
main.cvd updated (version: 54, sigs: 1044387, f-level: 60, builder: sven)
Downloading daily.cvd [100%]
daily.cvd updated (version: 15279, sigs: 258017, f-level: 63, builder: guitar)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 188, sigs: 38, f-level: 63, builder: neo)
Database updated (1302442 signatures) from database.clamav.net (IP: 200.236.31.1)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock
connect(): No such file or directory
********************************************************************
* URLs of installed web applications:
*
* - Webmail: httpS://mx.irm.org/mail/
* - Admin Panel (iRedAdmin): httpS://mx.irm.org/iredadmin/
*   + Username: postmaster@a.cn, Password: www
*

********************************************************************
* Congratulations, mail server setup complete. Please refer to tip
* file for more information:
*
*   - /root/iRedMail/iRedMail.tips
*
* And it's sent to your mail account postmaster@a.cn.
*
* Please reboot your system to enable mail services.
*
********************************************************************

Output of netstat (172.16.122.244 is the IP address of Jail):

# netstat -nal -p tcp | grep 172.16.122.244
tcp4       0      0 172.16.122.244.443     *.*                    LISTEN
tcp4       0      0 172.16.122.244.80      *.*                    LISTEN
tcp4       0      0 172.16.122.244.7777    *.*                    LISTEN
tcp4       0      0 172.16.122.244.10025   *.*                    LISTEN
tcp4       0      0 172.16.122.244.587     *.*                    LISTEN
tcp4       0      0 172.16.122.244.25      *.*                    LISTEN
tcp4       0      0 172.16.122.244.3306    172.16.122.244.43143   ESTABLISHED
tcp4       0      0 172.16.122.244.43143   172.16.122.244.3306    ESTABLISHED
tcp4       0      0 172.16.122.244.10031   *.*                    LISTEN
tcp4       0      0 172.16.122.244.9998    *.*                    LISTEN
tcp4       0      0 172.16.122.244.10024   *.*                    LISTEN
tcp4       0      0 172.16.122.244.3306    *.*                    LISTEN

41 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

ZhangHuangbin wrote:

Hi perlporter,

Could you try the latest development again? It works for me here: FreeBSD 9.0-RELEASE with ezjail.

MySQL permission issue should be fixed with addition SQL command (in functions/mysql.sh):

-- Allow GRANT privilege                                                           
UPDATE user SET Grant_priv='Y' WHERE User='${MYSQL_ROOT_USER}' AND Host='${SQL_HOSTNAME}';

Yes... I try now...

ZhangHuangbin wrote:

Below are steps:

- Check out the latest development version: hg clone https://bitbucket.org/zhb/iredmail

- Update parameter LOCAL_ADDRESS to the IP of your Jail in iRedMail/conf/global before you execute it:

export LOCAL_ADDRESS='192.168.x.x'

Here 192.168.x.x is the IP address of your Jail. As you already know, SQL_HOSTNAME will be set to 192.168.x.x automatically.

- Start iRedMail installer with below command:

# _DEBUG=YES bash iRedMail.sh

With _DEBUG=YES, it will output some more detail info, so that i can know which steps were not successfully performed.

See:
< INFO > Fetching all distfile for required packages (make fetch-recursive)
< INFO > Fetching required distfiles for port: net/openldap24-server
/root/zhb-iredmail-0ae9a1ddbe55/iRedMail/functions/packages_freebsd.sh: line 825: cd: /var/ports/net/openldap24-server: No such file or directory
make: don't know how to make fetch-recursive. Stop
< ERROR > Tarballs were not downloaded correctly, please fix it manually and then re-execute iRedMail.sh.

42 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

It detects ports tree working directory prefix from /etc/make.conf. Make sure you have correct directories set in /etc/make.conf if you're not using /usr/ports/. Or simply delete /etc/make.conf if it's generated by ezjail.

43 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

ZhangHuangbin wrote:

It detects ports tree working directory prefix from /etc/make.conf. Make sure you have correct directories set in /etc/make.conf if you're not using /usr/ports/. Or simply delete /etc/make.conf if it's generated by ezjail.

Funny, never appeared in other tests this error ...

44 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

Funny, never appeared in other tests this error ...

Yes. Committed after your last test. Removed again.

Several fixes you should apply after installation completed:

- Add @inet_acl in /usr/local/etc/amavisd.conf above the last line in amavisd.conf like below:

@inet_acl = qw(192.168.x.x);

1;  # insure a defined return

- Update /usr/local/etc/postfix/master.cf, append Jail IP in Amavisd transport like below:

192.168.x.x:10025 ...
    ...
    mynetworks=127.0.0.0/8,192.168.x.x

- Update /usr/local/etc/dovecot/dovecot.conf, don't listen on IPv6 address if you don't have one:

#listen = *, [::]
listen = *

Restarting Postfix, Amavisd, Dovecot services is required.

All mail services should work as expected with above fixes. And, of course they were committed to the source code repo (moment ago).

If your installation is not yet finished, you can abort it now, then check the latest development version, copy file .status from old iRedMail directory to the newly checked out one, update LOCAL_ADDRESS in conf/global, execute "bash iRedMail.sh" to finish rest steps.

With the latest commit, install iRedMail on FreeBSD Jail should be simple enough. Here's summary:

- Install a minimal FreeBSD. e.g. FreeBSD 9-RELEASE.
- Install ezjail with port (sysutils/ezjail).
- Create a jail. e.g. mx.domain.ltd.
- Login to Jail mx.domain.ltd, add /etc/resolv.conf (with proper DNS server(s)) if it doesn't exist.
- Make sure you have ports tree in Jail.
- Check out the latest iRedMail.
- Update parameter 'LOCAL_ADDRESS' to the IP address of Jail. e.g. LOCAL_ADDRESS='192.168.1.10'.
- Start iRedMail installer: bash iRedMail.sh.

That's all. Simple enough?

45 Reply by perlporter (edited by perlporter 2012-08-22 04:49:36)

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

It worked!

Thanks...

But,


Aug 21 17:48:38 iredmail roundcube: IMAP Error: Could not save message in Sent in /usr/local/www/roundcube/program/steps/mail/sendmail.inc on line 706 (POST /mail/ _unlock=loading1345582119287&_lang=undefined?_task=mail&_action=send)

What can it be?

46 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

Please check related log in /var/log/dovecot.log and /var/log/sieve.log.

47 Reply by perlporter (edited by perlporter 2012-08-22 20:29:46)

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

I've installed and it worked fine...

On my first installation the timezone of jail was incorrect, but it was working.
When I changed timezone to correct one, the error messages that I sent to you begin..

I've done the installation once again and now its working fine.

Should I worry about this message:

(/var/log/maillog):
Aug 22 08:44:35 iredmail roundcube: PHP Warning:  include_once(): Unable to allocate memory for pool. in /usr/local/www/roundcube/program/include/iniset.php on line 112

(/var/log/sieve.log):
Aug 22 09:23:10 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:24:15 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:24:15 lda(wendell@bacobier.com.br): Info: msgid=<1618d3d5a5126d95375c5de5a038d9e9@bacobier.com.br>: saved mail to INBOX
Aug 22 09:24:15 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:24:57 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:24:57 lda(wendell@bacobier.com.br): Info: msgid=<d1548f0e9f25c91fa1784fc1b5c775a9@bacobier.com.br>: saved mail to INBOX
Aug 22 09:24:57 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:25:31 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected
Aug 22 09:25:31 lda(wendell@bacobier.com.br): Info: msgid=<51597518373bc7a701cb817294346b5a@bacobier.com.br>: saved mail to INBOX
Aug 22 09:25:31 lda(wendell@bacobier.com.br): Error: read(/var/run/dovecot/dict) failed: Remote disconnected

(/var/log/dovecot.log):
Aug 22 09:28:51 dict: Error: Unknown dict module: mysql
Aug 22 09:28:51 dict: Error: Failed to initialize dictionary 'quotadict'

48 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

Aug 21 17:48:38 iredmail roundcube: IMAP Error: Could not save message in Sent in /usr/local/www/roundcube/program/steps/mail/sendmail.inc on line 706 (POST /mail/ _unlock=loading1345582119287&_lang=undefined?_task=mail&_action=send)

This message appears when I set a quota...
I did a test and came here, when I remove the quota, this error no longer appears

49 Reply by perlporter

  • perlporter
  • Member
  • Offline
  • Registered: 2012-05-21
  • Posts: 48

Re: iRedMail behind FreeBSD Jail

More issues:

phpldapadmin:

Warning: require(): Unable to allocate memory for pool. in /usr/local/www/phpldapadmin/htdocs/index.php on line 52

Warning: require_once(): Unable to allocate memory for pool. in /usr/local/www/phpldapadmin/lib/functions.php on line 248

Notice: Undefined variable: _SESSION in /usr/local/www/phpldapadmin/lib/page.php on line 379

Fatal error: Call to a member function getValue() on a non-object in /usr/local/www/phpldapadmin/lib/page.php on line 379

phpmyadmin:

Page blank, does not show anything ..

awstats: OK

roundcube: OK

iredadmin: OK

50 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iRedMail behind FreeBSD Jail

perlporter wrote:

Should I worry about this message:
(/var/log/maillog):
Aug 22 08:44:35 iredmail roundcube: PHP Warning:  include_once(): Unable to allocate memory for pool. in /usr/local/www/roundcube/program/include/iniset.php on line 112

Seems caused by PHP memory related settings (too small). Could you please try to increase "memory_limit" in /usr/local/etc/php.ini, restart Apache web server and try again?

perlporter wrote:

Aug 22 09:28:51 dict: Error: Unknown dict module: mysql
Aug 22 09:28:51 dict: Error: Failed to initialize dictionary 'quotadict'

Caused by incorrect port config option (compile option) defined by iRedMail.

Fixed in development version moment ago (reference: code commit log). A clean iRedMail installation will fix it for you.
You can fix it manually by re-install port "mail/dovecot2" (and probably "mail/dovecot2-pigeonhole, too). Steps:

# cd /usr/ports/mail/dovecot2/
# make config

If you choose OpenLDAP backend for iRedMail, please choose both LDAP and MYSQL in port config dialog. Then re-install mail/dovecot2.

perlporter wrote:

This message appears when I set a quota...
I did a test and came here, when I remove the quota, this error no longer appears

Still no idea why it happened, sorry.
Is there any related log in Dovecot log files (/var/log/dovecot.log and /var/log/sieve.log)? Could you turn on debug mode in Dovecot and try again? so that Dovecot will log more details in log files.

Reference:

- How to turn on debug mode in Dovecot:
  http://www.iredmail.org/wiki/index.php? … In.Dovecot