[Kolab-devel] Solaris 10 Sparc Kolab V2.2.1 Installation Successful Notes/Comments/Info/Wiki/Horde

Gunnar Wrobel wrobel at pardus.de
Fri Apr 17 06:11:19 CEST 2009


Quoting ComCept Soliva <soliva at comcept.ch>:

> Hello
>
> finally I got Kolab2 V2.2.1 Final up and running. I posted the overall
> documentation in Wiki:
>
> http://wiki.kolab.org/index.php/Solaris with the link:
>
> http://www.comcept.ch/kolab2/solaris_10_kolab2_2.2.1_install.txt
>
> Regarding the overall installation some notes/info/questions:
>
> http://www.mail-archive.com/openpkg-users@openpkg.org/msg03468.html This
> issue regarding not useable TLS/SSL libraries is based on the check how this
> is determed. I used newest openssl-0.9.8k-20090326.src.rpm openpkg package
> as apache-2.2.11-20090201.src.rpm and with the new apache package it works.
> To cover the compilation from beginning I manipulated 00INDEX.rdf.
>
> https://www.intevation.de/roundup/kolab/issue2924 . For this I received a
> link and a comment "Please try install-kolab.sh from CVS HEAD".
> http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/server/install-kolab.s
> h . I tested and it seems to work without error but this is not included
> within the final release and because of this I documented in this way that
> the -maxdepth/-mindepth has to be completly removed from the
> install-kolab.sh.
>
> https://www.intevation.de/roundup/kolab/issue1809 .This issue I'm only able
> to solve if I include in the .spec file "--enabled-shared=yes" after the
> compilation fails as to install the package manually. As a pity I was not
> able to build in this option in 00INDEX.rdf which would be nice. Any hints
> appriciated how this can be performed.
>
> https://www.intevation.de/roundup/kolab/issue3315 . This issue still exists
> and is still the case for following packages:
>
> PEAR-Horde-Channel	"install: pear.horde.org.xml was not found
> anywhere!"
>
> PEAR-PHPUnit-Channel	"install: pear.phpunit.de.xml was not found
> anywhere!"

As far as I can see the problematic option -p has been removed from  
the spec file. So is there an additional problem? Can you add a  
comment about it in the bug? Thanks!

>
>
> Workaround for external authentication has to be still implemented and is
> based on behaviour of Solairs
> http://www.postfix.org/SMTPD_POLICY_README.html
>
>
> After Installation "and correct generating the cert" following appears in
> the apache log:
>
> [warn] RSA server certificate CommonName (CN) `kolab2.mydomain.ch' does NOT
> match server name!?
> [notice] Digest: generating secret for digest authentication ...
> [notice] Digest: done
> [notice] Apache/2.2.11 (OpenPKG/CURRENT) mod_ssl/2.2.11 OpenSSL/0.9.8k
> PHP/5.2.8 configured -- resuming normal operations
>
> This is based how you configure httpd.conf.template. Solaris 10 does not
> like within a Zone that to localhost is pointed and it seems that in this
> way the host name can not be anymore correct defined. I changed to IP and
> the warning dissapeared:
>
> 	Listen xxx.xxx.xxx.xxx:80
> 	Listen xxx.xxx.xxx.xxx:443
>
>
>
> Finally I tested everything and also looked through the logs. From functions
> point of view all is working now issues found but there are some questions
> from my site which would be intressting to be verified or commented on your
> site:
>
> Even all works I have in the logs for impad following:
>
>
> ==> /kolab/var/imapd/log/cyr_db.log <==
> Apr 13 09:40:16 sphaere <warning> ctl_cyrusdb[19070]: DBERROR db4: no
> absolute path for the current directory: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: error listing
> log files: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: archive
> /kolab/var/imapd/db: cyrusdb error
> Apr 13 09:40:16 sphaere <warning> ctl_cyrusdb[19070]: DBERROR db4: no
> absolute path for the current directory: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: error listing
> log files: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: archive
> /kolab/var/imapd/db: cyrusdb error
> Apr 13 09:40:16 sphaere <warning> ctl_cyrusdb[19070]: DBERROR db4: no
> absolute path for the current directory: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: error listing
> log files: Permission denied
> Apr 13 09:40:16 sphaere <error> ctl_cyrusdb[19070]: DBERROR: archive
> /kolab/var/imapd/db: cyrusdb error
> Apr 13 09:40:16 sphaere <notice> ctl_cyrusdb[19070]: done checkpointing
> cyrus databases
>
> I do not know where this log entries are coming from....I checked the log
> permisssion and if I set to 777 (which is of course not visible) the error
> does not disappear. The warning regarding DB4 I was also not able to
> identify...can you give me some hints specially regarding DB4 which seems to
> be configured with a local path instead of absolut one?!
>
>
> Regarding Horde following questions/notes
>
>
> I configured  /kolab/etc/kolab/templates/slapd.conf.template in and
> activated:
> include /kolab/etc/openldap/schema/horde.schema as defined in
> /kolab/var/kolab/www/horde/config/conf.php "$conf['auth']['admins'] =
> array('user at mydomain.ch');" . In this way I'm able to manipulate Horde from
> this defined user but this seems not be the right way? What are here the
> rules specially because I saw that in the template dir a lot of horde stuff
> appears. I saw that under the global config of Horde the Tab Kolab appears
> but the fields are used with example stuff. I changed and after applying the
> Konfig everything failed and I had to roll-back. At the moment I do not
> understand the system here used meaning is it visible to manipulate horde
> over web?

Correct. It is not possible to use the Horde configuration system via  
the web with the kolab-webadmin. I'm still in favor of simply removing  
the complete admin section of the horde installation for Kolab.  
Currently we just disabled it by setting "$conf['auth']['admins'] =  
array();" so that there are no admin users. But of course it is easy  
for people to find out how to add admins there, not knowing that they  
might kill their Horde installation this way.

The problem is that the Horde configuration is a rather complex topic  
as you have many options. Some of these options are simply required  
for Kolab to work and should not be changed.

Hm, though actually it might not be hard to change that. We could just  
remove the critical config variables, write them via templates and  
offer the web admin for all the rest.

I'll have to think about it :) ->  
https://www.intevation.de/roundup/kolab/issue3564

Cheers,

Gunnar

>
> Even horde seems to work for a normal user I have a lot of funny stuff
> within the log like:
>
> Apr 13 09:54:32 HORDE [debug] [horde] IMAP errors: SECURITY PROBLEM:
> insecure server advertised AUTH=PLAIN SECURITY PROBLEM: insecure server
> advertised AUTH=PLAIN [pid 17129 on line 175 of
> "/opt/kolab/var/kolab/www/client/imp/lib/IMAP.php"]
>
> [13-Apr-2009 09:58:34] PHP Notice:  Unknown: SECURITY PROBLEM: insecure
> server advertised AUTH=PLAIN (errflg=1) in Unknown on line 0
>
> Apr 13 09:54:30 HORDE [debug] [kronolith] Hook _horde_hook_share_init in
> application horde not called. [pid 17129 on line 1683 of
> "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:30 HORDE [debug] [kronolith] Hook
> _prefs_change_hook_display_remote_cals in application horde not called. [pid
> 17129 on line 1683 of "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:30 HORDE [debug] [kronolith] Hook
> _prefs_change_hook_display_external_cals in application horde not called.
> [pid 17129 on line 1683 of "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:30 HORDE [debug] [kronolith] Hook
> _prefs_change_hook_display_cals in application horde not called. [pid 17129
> on line 1683 of "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:31 HORDE [debug] [nag] Hook _horde_hook_share_init in
> application horde not called. [pid 17129 on line 1683 of
> "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:31 HORDE [debug] [nag] Hook
> _prefs_change_hook_display_tasklists in application horde not called. [pid
> 17129 on line 1683 of "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:31 HORDE [debug] [mnemo] Hook _horde_hook_share_init in
> application horde not called. [pid 17129 on line 1683 of
> "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
> Apr 13 09:54:31 HORDE [debug] [mnemo] Hook
> _prefs_change_hook_display_notepads in application horde not called. [pid
> 17129 on line 1683 of "/opt/kolab/var/kolab/www/client/lib/Horde.php"]
>
>
> Apr 13 09:54:32 HORDE [debug] [horde] Max memory usage: 14942208 bytes [pid
> 17129 on line 339 of
> "/opt/kolab/var/kolab/www/client/lib/Horde/Registry.php"]
>
> What I have also to say is that Horde is very slow...any ideas to speed up.
> My server has 4 CPUS and 4 GB Memory as is using the fast ZFS Filesystem!?
> Also that Horde cache's within tmp is not a good idea meaning if I
> understood all correct this cache files will nobody clean up correct?

There should still be a number of possibilities to speed it up. It is  
currently not yet using an optimal configuration set. I hope to be  
able to dig deeper into that soon.

Thanks for you feedback!

Cheers,

Gunnar

>
> I hope this gives you a overview and would be nice to have some feedback
> regarding the comments/notes/info etc.
>
> Mit freundlichen Grüssen
>
> Andrea Soliva
>
> Mail: soliva at comcept.ch
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel
>



-- 
____ http://www.pardus.de _________________ http://gunnarwrobel.de _

E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                         Bundesstrasse 29
Fax    : +49 721 1513 52322                        D-20146 Hamburg
--------------------------------------------------------------------
    >> Mail at ease - Rent a kolab groupware server at p at rdus <<
--------------------------------------------------------------------


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.kolab.org/pipermail/devel/attachments/20090417/4b4d7d05/attachment.sig>


More information about the devel mailing list