HI all
New to running Citadel but it was always my favorite BBS software back in the late 80s/early 90s.
I have a docker installation running and things seem to be working well for the most part.
I am having an issue when I attempt to upload either a login or logout logo.
I get the following (this example is for the logout, the login is the same except images/hello):
Cannot open images/uimg 1: No such file or directory
There is no "images" directory in my citadel-data directory. I tried making files/images and that didn't help.
Any pointers would be great .
Thanks!
Is there a resource or recommended starting point for
integrating Citadel and Keycloak?
I'm afraid I don't know anything about Keycloak. What is it?
its an identity management thing. Opensource.
I'm afraid I don't know anything about Keycloak. What is it?
Here's an example of a message from Aide.
New user account <nobody> has been created, from host 185.171.202.9.rev.dyjix.eu [185.171.202.9].
This is baffling. If you have self-service account creation turned off, there should be no way to do this.
Unless ... you are using host system authentication, or LDAP authentication, instead of Citadel's self-contained authentication? Are the names of the accounts (such as "nobody") the names of accounts from your host system or LDAP authentication source, and never some unknown name?
Because if that's the case, then it's possible that our shithead intruders are trying names that are likely to exist (nobody, www, sshd, uucp, mail, news, etc) and they do exist so Citadel creates matching accounts ... but unless the intruder knows the password, it will only create the account, but they won't actually be able to log in.
Is it possible that this is what's happening?
I think you may have the answer - I just switched my system to self-contained, and it has also fixed my problem of not being able to log in with one of my user names.
Dear All,
It is giving the following problem to me.
When I write a email with webmail I have a limited number o caracteres that I can input in the subject field. Less that 70, I suppose.
I am using last version (1004) in Centos 9.
Thanks,
Luis Gonçalves.
I think you may have the answer - I just switched my system to self-contained, and it has also fixed my problem of not being able to log in with one of my user names.
I am so relieved to hear that! To be clear, here's how Citadel sets up accounts when you're running it in host-integrated mode or LDAP mode:
Any time a user account is looked up, regardless of whether the login succeeds or fails, if that account exists in the authentication source (host or LDAP) a corresponding account is created in Citadel. That's because Citadel assumes the account is legitimate, because it exists on the host or in LDAP. So if someone tries to access that account, it comes into existence whether it's needed or not. But fear not: the intruder won't be able to actually access the account unless the correct password is issued.
Now if you're using self-contained authentication, Citadel relies solely on itself for account and password management. And if you've disabled self-service account creation, you should never see new accounts appear unless they were created by an administrator.
Thanks for your help.
Thank you for being here to be part of developing a solution, and thank you for using Citadel!
When I write a email with webmail I have a limited number o caracteres that I can input in the subject field. Less that 70, I suppose.
How many characters do you need? We might be able to get it up to a few hundred, but not much more than that.
How much the RFC permits? There is not a maximum by the standard?
I suppose that in some emails clients there is a maximum from which is cut.
But 70 (??) is too few.
I suppose that 256 is enough for me in particular.
When I write a email with webmail I have a limited number o caracteres that I can input in the subject field. Less that 70, I suppose.
How many characters do you need? We might be able to get it up to a few hundred, but not much more than that.
Subject: When I add a mail filter based on message size, citserver crashes
Hello All,
I added a mail filter to an account I created. The rule is as follows; If the message size is larger than 10MB, send the defined reject message and stop. I tried almost every variation but no luck :( will you please help me to solve this?
Thank you.
After defining the rule, when I test it, the following situation occurs in the log.
{"log":"citserver[7]: fulltext: indexing started. msgs 457--458\n","stream":"stderr","time":"2024-11-07T13:50:53.342358177Z"}
{"log":"citserver[7]: msgbase: CtdlFetchMessage(458, 1)\n","stream":"stderr","time":"2024-11-07T13:50:53.344190837Z"}
{"log":"citserver[7]: fulltext: ft_index_message() adding msg 458\n","stream":"stderr","time":"2024-11-07T13:50:53.374346074Z"}
{"log":"citserver[7]: msgbase: CtdlOutputPreLoadedMsg(TheMessage=not null, 0, 0, 0, 1\n","stream":"stderr","time":"2024-11-07T13:50:53.374414953Z"}
{"log":"citserver[7]: msgbase: fixed_output_pre() type=\u003cmultipart/mixed\u003e\n","stream":"stderr","time":"2024-11-07T13:50:53.376436866Z"}
{"log":"citserver[7]: msgbase: fixed_output() part 1: (text/plain) (22 bytes)\n","stream":"stderr","time":"2024-11-07T13:50:53.376535161Z"}
{"log":"citserver[7]: msgbase: fixed_output_post() type=\u003cmultipart/mixed\u003e\n","stream":"stderr","time":"2024-11-07T13:50:53.37821028Z"}
{"log":"citserver[7]: fulltext: wordbreaking message 458 (23 bytes)\n","stream":"stderr","time":"2024-11-07T13:50:53.378250008Z"}
{"log":"citserver[7]: fulltext: indexing message 458 [2 tokens]\n","stream":"stderr","time":"2024-11-07T13:50:53.37836418Z"}
{"log":"citserver[7]: fulltext: indexer has run for 0 seconds; yielded=0\n","stream":"stderr","time":"2024-11-07T13:50:53.379728317Z"}
{"log":"citserver[7]: user_ops: 5 maps to avayacit03\n","stream":"stderr","time":"2024-11-07T13:50:53.380228496Z"}
{"log":"citserver[7]: msgbase: CtdlFetchMessage(457, 1)\n","stream":"stderr","time":"2024-11-07T13:50:53.38032817Z"}
{"log":"citserver[7]: inboxrules: for avayacit03, messages newer than 457\n","stream":"stderr","time":"2024-11-07T13:50:53.380492983Z"}
{"log":"citserver[7]: inboxrules: processing message #458 which is higher than 457, we are in 0000000005.Mail\n","stream":"stderr","time":"2024-11-07T13:50:53.38068976Z"}
{"log":"citserver[7]: inboxrules: processing rule: 0 , field: size\n","stream":"stderr","time":"2024-11-07T13:50:53.38081185Z"}
{"log":"citserver[7]: inboxrules: loading metadata for message 458\n","stream":"stderr","time":"2024-11-07T13:50:53.38082569Z"}
{"log":"citserver[7]: inboxrules: rule activated\n","stream":"stderr","time":"2024-11-07T13:50:53.380832963Z"}
{"log":"ctdlvisor: pid=7 exited, status=139, exitcode=0\n","stream":"stderr","time":"2024-11-07T13:50:53.430515813Z"}
{"log":"ctdlvisor: citserver crashed on signal 11\n","stream":"stderr","time":"2024-11-07T13:50:53.430548361Z"}
{"log":"ctdlvisor: citserver running on pid=76\n","stream":"stderr","time":"2024-11-07T13:50:53.430624425Z"}
{"log":"ctdlvisor: executing citserver\n","stream":"stderr","time":"2024-11-07T13:50:53.430660564Z"}
{"log":"citserver[76]: main: creating lockfile\n","stream":"stderr","time":"2024-11-07T13:50:53.447751474Z"}
Subject: No working install posible on debian bookworm or other raspberry pi os
Hi Guys,
I have been busy day's to get citadel running on my raspberry pi but without success.
The setup and needed download when use easy install are good to go, but when it comes to login to the admin it goes wrong.
When installing the easy install the standard way so use admin and the password citadel for the web cit to login i got always an password error.
If i run the easy installer again and replace the admin and password with some of my own i have the same problem with password error.
I did searched google for an answer but there is less information on how to get it work on Debian bookworm.
Maybe someone did had the same problems as i have? and solved them?
Or maybe someone can help me out here? because it is very frustrating when trying days without success.
Thanks in Advance.
Alcomys
I suppose that in some emails clients there is a maximum from
which is cut.
But 70 (??) is too few.
Ok, it will be 256 in the next update.
Subject: Re: When I add a mail filter based on message size, citserver crashes
Hello All,
I added a mail filter to an account I created. The rule is as follows; If the message size is larger than 10MB, send the defined reject message and stop. I tried almost every variation but no luck :( will you please help me to solve this?
Thank you.
Thank you for such a well researched and clearly written bug report. I was able to reproduce this issue immediately, and was also able to get a stack trace of the crash, so it ought to be fixable reasonably quickly.
An official issue tracker page has been created at [ https://uncensored.citadel.org/wiki?go=Citadel%20Issue%20Tracker?page=2024nov12-crash ]
Subject: Re: When I add a mail filter based on message size, citserver crashes
Ok, this is fixed in https://code.citadel.org/citadel.git/commit/?id=a2dc9c66382e65082492c255a0bf27d187e383bb
The fixed code will appear in the next released version.
In the mean time, try the following workaround: create a rule that forces the inbox handler to load the message headers. For example, "if subject equals xyxyxyxyxyx, file into trash, and continue". Doesn't matter what it is, as long as it appears in the list above your reject rule.
You can remove that dummy rule after the next upgrade. Watch for a new release of Citadel Server over the next few days.
Subject: Re: When I add a mail filter based on message size, citserver crashes
Hello,
Thank you for your attention on such short notice. We also appreciate you spending your valuable personal time to develop and maintain a good product like Citadel.
I know that NetBSD is not one of the primary OSes for Citadel. I am just an entusiast compiling Citadel for fun on NetBSD. I do not expect support, just sending this information hoping that it will be useful...
BTW, I compiled Citadel under Linux and it is working fine.
The problem is that citserver uses 100% CPU under NetBSD. I found out that the issue is with pthreads. The only way I found to mitigate this is to exclude threading from the code completely (see the patch below). Setting max_threads to 1 does not
mitigate the issue (still 100% CPU)
Additional information:
My versions:
* NetBSD 10.0
* Citadel 4.0.1004
* libcitadel 4.0.1004
* db 18.1.40
Output of ldd:
/opt/citadel/sbin/citserver:
-lssl.15 => /usr/lib/libssl.so.15
-lcrypto.15 => /usr/lib/libcrypto.so.15
-lcrypt.1 => /usr/lib/libcrypt.so.1
-lc.12 => /usr/lib/libc.so.12
-lz.1 => /usr/lib/libz.so.1
-liconv.2
=> /usr/pkg/lib/libiconv.so.2
-lcitadel.4 => /opt/citadel/lib/libcitadel.so.4
-lpthread.1 => /usr/lib/libpthread.so.1
-lical.3 => /usr/pkg/lib/libical.so.3
-licuuc.75 => /usr/pkg/lib/libicuuc.so.75
-licudata.75 => /usr/pkg/lib/libicudata.so.75
-lstdc++.9 => /usr/lib/libstdc++.so.9
-lm.0 => /usr/lib/libm.so.0
-lgcc_s.1 => /usr/lib/libgcc_s.so.1
-licui18n.75 => /usr/pkg/lib/libicui18n.so.75
-lldap.6 => /usr/lib/libldap.so.6
-llber.5 => /usr/lib/liblber.so.5
-lgssapi.12 => /usr/lib/libgssapi.so.12
-lkrb5.28 => /usr/lib/libkrb5.so.28
-lhx509.7 => /usr/lib/libhx509.so.7
-lasn1.10 => /usr/lib/libasn1.so.10
-lcom_err.8 => /usr/lib/libcom_err.so.8
-lroken.20 => /usr/lib/libroken.so.20
-lutil.7 => /usr/lib/libutil.so.7
-lwind.1 => /usr/lib/libwind.so.1
-lheimbase.2 => /usr/lib/libheimbase.so.2
-lheimntlm.6 => /usr/lib/libheimntlm.so.6
-lexpat.1 => /usr/pkg/lib/libexpat.so.1
-lcurl.4
=> /usr/pkg/lib/libcurl.so.4
-lnghttp2.14 => /usr/pkg/lib/libnghttp2.so.14
-lidn2.0 => /usr/pkg/lib/libidn2.so.0
-lunistring.5 => /usr/pkg/lib/libunistring.so.5
-lintl.1 => /usr/lib/libintl.so.1
-lresolv.3 => /usr/lib/libresolv.so.3
-ldb18-18.1 => /usr/pkg/lib/libdb18-18.1.so
My test patch (unified) which got citserver going without 100% CPU:
# o< --------------------------------------------------------------------------
--- server/threads.c.orig 2024-11-13 10:52:14.366557357 +0000
+++ server/threads.c 2024-11-13 10:55:38.939885643 +0000
@@ -67,14 +67,10 @@
// Second call to module init functions now that threading is up
initialize_modules(1);
- // Begin with one worker thread. We will expand the pool if necessary
- CtdlThreadCreate(worker_thread);
-
- // The supervisor thread monitors worker threads and spawns more of them if it finds that they are all in use.
+ //NOTE: citserv
on NetBSD is using 100% CPU, so disabling threading!
+ //event loop without threads (although pthread code initialized)
while (!server_shutting_down) {
- if ((active_workers == num_workers) && (num_workers < CtdlGetConfigInt("c_max_workers"))) {
- CtdlThreadCreate(worker_thread);
- }
+ worker_thread(NULL);
usleep(1000000);
}
# o< --------------------------------------------------------------------------
Some other tweaks to get it compiled under NetBSD
# in order to find libdb v18
sed -i 's/^BACKEND_LDFLAGS=.*/BACKEND_LDFLAGS=-ldb18/' configure
sed -i 's@^#include <db.h>@#include <db18/db.h>@' server/backends/berkeley_db/berkeley_db.c
# all the -R (rpaths) are needed for NetBSD, because it does not do traditional shared libraries lookup
CFLAGS="-I/usr/pkg/include -L/usr/pkg/lib -Wl,-R/usr/pkg/lib -I/opt/citadel/include -L/opt/citadel/lib -Wl,-R/opt/citadel/lib" \
LDFLAGS="-L/usr/pkg/lib
-Wl,-R/usr/pkg/lib -L/opt/citadel/lib -Wl,-R/opt/citadel/lib" \
./configure --ctdldir=/opt/citadel/sbin
Cheers and have fun!
Subject: Re: When I add a mail filter based on message size, citserver crashes
Thank you for your attention on such short notice. We also
appreciate you spending your valuable personal time to develop
and maintain a good product like Citadel.
Seeing people using and enjoying the Citadel System is very rewarding.
Please be advised that we've pushed a maintenance release (version 1006) that contains the fix to the bug you uncovered. It is available in both Docker and Easy Install packages.
Subject: Re: When I add a mail filter based on message size, citserver crashes
Hello,
I pulled the latest docker image and fired up Citadel. I wrote the rule and it works. Thanks again.
Regards,
Subject: Re: citserver NetBSD 100% CPU from pthreads
The problem is that citserver uses 100% CPU under NetBSD. I found out thatthe issue is with pthreads. The only way I found to >mitigate this is to exclude threading from the code completely (see the patch below). Setting max_threads to 1 does not
mitigate the issue (still 100% CPU)
That is indeed an interesting workaround. It would be interesting to see a stack trace to know where the active loop is taking place. Although disabling multithreaded execution isn't a workable solution for the mainline, it will actually work at a very small scale, it will simply answer one request at a time. We had someone trying that under HP-UX about 20 years ago with similar results.
It would be interesting to see a stack traceIt seams the high load is coming from the main thread (in top PID 8846 and
to know where the active loop is taking place.
LID 8846) ... Almost sure this is about how NetBSD handles pthreads differently
than Linux, but I am not so deep in thread programming, so cannot say for sure..
My test results are:
* without any server load (just started the server)
* disabled all services (IMAP, XMPP, etc.) not to interfere the results
* my versions: libcitadel 4.0.1004, citadel 4.0.1004, db 18.1.40
top output (one thread per line) shows:
PID LID USERNAME PRI STATE TIME WCPU CPU NAME COMMAND
8864 8864 citadel 30 CPU/0 5:48 98.19% 98.19% - citserver
8864 9543 citadel 85 select/1 0:00 0.00% 0.00% - citserver
8864 10738 citadel 85 select/1 0:00 0.00% 0.00% - citserver
4528
4528 user 85 poll/1 0:00 0.00% 0.00% - sudo
11229 11229 user 85 poll/1 0:00 0.00% 0.00% - sudo
6537 6537 root 85 wait/1 0:00 0.00% 0.00% - gdb
gdb output (started process, sent ^C, thread apply all bt) shows:
user@machine:~$ sudo gdb /opt/citadel/sbin/citserver
GNU gdb (GDB) 11.0.50.20200914-git
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64--netbsd".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources
online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /opt/citadel/sbin/citserver...
(gdb) run -ucitadel -h/var/db/citadel
Starting program: /opt/citadel/sbin/citserver -ucitadel -h/var/db/citadel
citserver[8864]: crypto: keys/citadel.key exists and is readable
citserver[8864]: crypto: keys/citadel.cer exists and is readable
citserver[8864]: citserver: checking directory access
citserver[8864]: citserver: opening databases
citserver[8864]: db: initialized Berkeley DB backend
citserver[8864]: citserver: seeding the pseudo-random number generator
citserver[8864]: citserver: initializing configuration system
citserver[8864]: citserver: creating base rooms (if necessary)
citserver[8864]: control: sanity checking the recorded highest message and room numbers
citserver[8864]:
control: sanity checking the recorded highest user number
citserver[8864]: control: sanity checks complete
citserver[8864]: main: upgrading modules
citserver[8864]: Existing database version on disk is 1004
citserver[8864]: extensions: unix domain socket 'citadel.socket': registered.
citserver[8864]: extensions: unix domain socket 'citadel-admin.socket': registered.
citserver[8864]: extensions: TCP port 127.0.0.1:504: (citadel-TCP) registered.
citserver[8864]: main: initializing server extensions
citserver[8864]: extensions: service IMAP has been manually disabled, skipping
citserver[8864]: extensions: service IMAPS has been manually disabled, skipping
citserver[8864]: extensions: service NNTP has been manually disabled, skipping
citserver[8864]: extensions: service NNTPS has been manually disabled, skipping
citserver[8864]: extensions: service POP3 has been manually disabled, skipping
citserver[8864]:
extensions: service POP3S has been manually disabled, skipping
citserver[8864]: rssclient: using libcurl/8.10.1 OpenSSL/3.0.12 zlib/1.2.13 libidn2/2.3.7 nghttp2/1.62.1
citserver[8864]: extensions: service SMTP-MTA has been manually disabled, skipping
citserver[8864]: extensions: service SMTPs-MTA has been manually disabled, skipping
citserver[8864]: extensions: service SMTP-MSA has been manually disabled, skipping
citserver[8864]: extensions: unix domain socket 'lmtp.socket': registered.
citserver[8864]: extensions: unix domain socket 'lmtp-unfiltered.socket': registered.
citserver[8864]: Existing database version on disk is 1004
citserver[8864]: extensions: service DICT_TCP has been manually disabled, skipping
citserver[8864]: extensions: service XMPP has been manually disabled, skipping
citserver[8864]: main: changing uid to 301
[New LWP 10738 of process 8864]
[New LWP 9543 of process
8864]
^C[New process 8864]
Thread 4 received signal SIGINT, Interrupt.
[Switching to process 8864]
0x00007a7d6c846e2a in _sys___select50 () from /usr/lib/libc.so.12
(gdb) thread apply all bt
Thread 3 (LWP 9543 of process 8864 ""):
#0 0x00007a7d6c846e2a in _sys___select50 () from /usr/lib/libc.so.12
#1 0x00007a7d6ea086f1 in __select50 () from /usr/lib/libpthread.so.1
#2 0x00000000004264e7 in worker_thread (blah=0x0) at server/sysdep.c:720
#3 0x00007a7d6ea0c89f in pthread.create_tramp () from /usr/lib/libpthread.so.1
#4 0x00007a7d6c892f80 in ?? () from /usr/lib/libc.so.12
#5 0x0000000000000000 in ?? ()
Thread 2 (LWP 10738 of process 8864 ""):
#0 0x00007a7d6c846e2a in _sys___selec
t50 () from /usr/lib/libc.so.12
#1 0x00007a7d6ea086f1 in __select50 () from /usr/lib/libpthread.so.1
#2 0x00000000004264e7 in worker_thread (blah=0x0) at server/sysdep.c:720
#3 0x00007a7d6ea0c89f in pthread.create_tramp
() from /usr/lib/libpthread.so.1
#4 0x00007a7d6c892f80 in ?? () from /usr/lib/libc.so.12
#5 0x0000000000400000 in ?? ()
#6 0x00007a7d65400000 in ?? ()
#7 0x0000001003a0efff in ?? ()
#8 0x00007a7d652000c0 in ?? ()
#9 0x00000000001fff40 in ?? ()
#10 0x0000000000000000 in ?? ()
Thread 1 (LWP 8864 of process 8864 ""):
--Type <RET> for more, q to quit, c to continue without paging--
#0 0x00007a7d6c9694cd in usleep () from /usr/lib/libc.so.12
#1 0x0000000000426c06 in go_threading () at server/threads.c:78
#2 0x0000000000424b78 in main (argc=3, argv=0x7f7fffca4d58) at server/server_main.c:298
(gdb)
Cheers !
Although disabling multithreaded execution isn't a workable solutionthat for sure...
for the mainline
, it will actually work at a very small scale, it will simply answer onewell, this is good news for me :) thanks for the info
request at a time.
i was thinking i may install [in a very distant future] a home server with
almost no load...
speaking of load: I tested the no-threaded server with 'loadtest -n5' and did
not see crashing or some db corruptions, so it actually may be useful.