26

Re: iRedmail on Ubuntu 24.04 LTS

Hi folks

Just to let you know, I have spent the weekend testing a direct upgrade to 24.04 from 22.04, my old mail server has been through a few different versions of Ubuntu Server.

Upgrading from 22.04 to 24.04 on a clone of the Production went pretty well, Only thing i will mention is direct upgrade from 22.04 isn't currently supported until 24.04.1 is released.

Do you want me to post the upgrade step by step?

Regards

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

27

Re: iRedmail on Ubuntu 24.04 LTS

jackb wrote:

Do you want me to post the upgrade step by step?

Yes, please share it in a new forum topic.

28

Re: iRedmail on Ubuntu 24.04 LTS

ZhangHuangbin wrote:
jackb wrote:

Do you want me to post the upgrade step by step?

Yes, please share it in a new forum topic.

I have posted the Upgrade stage to 22.04, If you see anything that need's to be changed let me know smile

https://forum.iredmail.org/topic20565-d … guide.html

29

Re: iRedmail on Ubuntu 24.04 LTS

Thanks for sharing. smile

30

Re: iRedmail on Ubuntu 24.04 LTS

ZhangHuangbin wrote:

Thanks for sharing. smile

You are welcome big_smile

31 (edited by alss Yesterday 13:55:12)

Re: iRedmail on Ubuntu 24.04 LTS

Hi iRedmail team,

Doing some tests in Ubuntu 24.04 using CIS Benchmark Level 1 hardened image. I recommend everyone to delay the upgrade after 24.04.2 for production environments if you have specific security compliance requirements, there is no announcement for USG(Ubuntu Security Guide) support in this version yet.

In a clean OS and iRedmail install be warned about this bug if you are using AppArmor, php8.3-fpm install will fail due to a missing permission in the profile to allow a notify to systemd:

You can find the DENIED in audit logs, the following actions will solve the problem before install:

To fix it just add this line to /etc/apparmor.d/local/php-fpm

owner /run/systemd/notify w,

And restart AppArmor

systemctl restart apparmor.service

This will solve the problem, going to create an Ubuntu bug.
UPDATE:
Found six month old bug:
Ubuntu Launchpad Bug #2061113

More updates as soon as I get more results from tests.

Best regards

32 (edited by alss Yesterday 10:14:13)

Re: iRedmail on Ubuntu 24.04 LTS

More on AppArmor profiles, Ubuntu 24.04 and iRedmail php8.3-fpm,

Or we match the log location in the php8.3-fpm to AppArmor profile:

# the main log file
/var/log/php*-fpm.log rw,

Or the fix is to modify /etc/apparmor.d/local/php-fpm:

# Allow notify to systemd
owner /run/systemd/notify w,

# Allow logs located in /var/log/php-fpm/ dir
/var/log/php-fpm/*.log rw,

Maybe would be good idea to create specific topic related to iRedmail Security Compliance using AppArmor on Debian based distributions and Selinux on RHEL flavors, plus CIS Benchmarks.

Best regards