Language:
switch to room list switch to menu My folders
Go to page: First ... 11 12 13 14 [15] 16 17 18 19 ... Last
[#] Mon Jan 04 2021 14:17:23 EST from ParanoidDelusions

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

If you read back several pages in this room, there was quite a discussion about the different methods of migrating Citadel, including ctdlmigrate. Those discussions might help. 

I was able to successfully migrate a Citadel database from a Pi running Rapsbian to an i5 running Debian. It took me several attempts, I had to jump through a lot of hoops, I couldn't recreate it after I had done it, and I'm not sure what I got right. I know permissions are important - you've got to be root on both systems, and it seemed like directory paths where the files are was important.

It *can* be done. I know that much - but it did not seem remarkably reliable. 

When it is starting, it gives a spinning "/", right? Does that stop? 

sudo tail /var/logs/system.log -f  in a separate terminal window while running the ctdlmigrate - and see if it is throwing up errors. Also, it seems like either running it in a terminal or in a console might have been the key - but I'm not sure which. I know I tried running it in the console logged in as root, I tried running it in a terminal logged in as a regular user, I tried terminal running it sudo, and I tried terminal running it after SU-ing to root. 

I threw everything at the wall - and something stuck. Once. 



Mon Jan 04 2021 10:36:36 EST from markus Subject: How to use ctdlmigrate successfully?

Hello!

Does anybody have experience with "ctdlmigrate"? I gave it a try (from an older citadel server version 824 to the actual 930).  Starting "ctdlmigrate" it seems to export the database from the older system. But obviously there is a problem doing the import to the new system. When "ctdlmigrate" ends no login to the server was possible. After stopping the server it couldn't be restartet.

Any hints are wellcome!

Markus



 



[#] Mon Jan 04 2021 14:21:25 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

sudo tail /var/log/syslog -f - that is. 

I'm not a Linux expert. 

 



[#] Mon Jan 04 2021 18:46:43 EST from omatnet

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

Echoing this latest reply, see my posting and related replies that started on November 12 with the subject: 'Both methods of migration attempts crash within seconds'. ctdlmigrate works well also from an old version to a new version. But in my case, I had a problem - it either crashed midway (too much information) or simply timed out (the old ctdlmigrate did not yet accept the '-w' switch to extend the timeout period). But if this is the issue, you have a work around method, by using IMAP account, transferring safely (albeit slowly) all emails from the old server to the new one. If you read all the postings you will see the answers there.

Mon Jan 04 2021 14:17:23 EST from ParanoidDelusions Subject: Re: How to use ctdlmigrate successfully?

If you read back several pages in this room, there was quite a discussion about the different methods of migrating Citadel, including ctdlmigrate. Those discussions might help. 

I was able to successfully migrate a Citadel database from a Pi running Rapsbian to an i5 running Debian. It took me several attempts, I had to jump through a lot of hoops, I couldn't recreate it after I had done it, and I'm not sure what I got right. I know permissions are important - you've got to be root on both systems, and it seemed like directory paths where the files are was important.

It *can* be done. I know that much - but it did not seem remarkably reliable. 

When it is starting, it gives a spinning "/", right? Does that stop? 

sudo tail /var/logs/system.log -f  in a separate terminal window while running the ctdlmigrate - and see if it is throwing up errors. Also, it seems like either running it in a terminal or in a console might have been the key - but I'm not sure which. I know I tried running it in the console logged in as root, I tried running it in a terminal logged in as a regular user, I tried terminal running it sudo, and I tried terminal running it after SU-ing to root. 

I threw everything at the wall - and something stuck. Once. 



Mon Jan 04 2021 10:36:36 EST from markus Subject: How to use ctdlmigrate successfully?

Hello!

Does anybody have experience with "ctdlmigrate"? I gave it a try (from an older citadel server version 824 to the actual 930).  Starting "ctdlmigrate" it seems to export the database from the older system. But obviously there is a problem doing the import to the new system. When "ctdlmigrate" ends no login to the server was possible. After stopping the server it couldn't be restartet.

Any hints are wellcome!

Markus



 



 



[#] Thu Jan 07 2021 14:45:00 EST from mkuhn

Subject: Citadel log level

[Reply] [ReplyQuoted] [Headers] [Print]

Hi,

Happy new year!

I'm running Citadel 930 and Webcit 927, installed with easyinstall on my Odroid C2 (updating config.guess in libcitadel.tar and citadel-easyinstall.tar would be great). 

I would like to change the log level for smtp events to let Fail2ban block IPs (i.e. telnet connects on port 25).  What would I need to do to generate that information in either mail.log or syslog?

Regards.

Michael

 



[#] Thu Jan 07 2021 19:01:43 EST from markus

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

Well, I have stoppend citadel and webcit, have then deleted all files bellow citadel/data and finally have started citadel and webcit and did citadel setup, but I wasn't lucky in case a) and b), while the cases are:

a) executing ctdlmigrate on destination system 

b) executing sendcommand "MIGR export" > citadel_export.xml on source system and afterwards sendcommand -w <seconds> "MIGR import" < citadel_export.xml on the destination system

In both cases I recognize errors in /var/log/syslog. Rooms were missing as far as I remember and other errors. Does citadel/database need any pretreatment before doing an import? Or do you think source and destination system are too different to migrate going way a) or b)?

If this is the case the only option that I have would be to use a mail user agent to transfer between old and new system. Right?

 

Mon Jan 04 2021 18:46:43 EST from omatnet Subject: Re: How to use ctdlmigrate successfully?

Echoing this latest reply, see my posting and related replies that started on November 12 with the subject: 'Both methods of migration attempts crash within seconds'. ctdlmigrate works well also from an old version to a new version. But in my case, I had a problem - it either crashed midway (too much information) or simply timed out (the old ctdlmigrate did not yet accept the '-w' switch to extend the timeout period). But if this is the issue, you have a work around method, by using IMAP account, transferring safely (albeit slowly) all emails from the old server to the new one. If you read all the postings you will see the answers there.

Mon Jan 04 2021 14:17:23 EST from ParanoidDelusions Subject: Re: How to use ctdlmigrate successfully?

If you read back several pages in this room, there was quite a discussion about the different methods of migrating Citadel, including ctdlmigrate. Those discussions might help. 

I was able to successfully migrate a Citadel database from a Pi running Rapsbian to an i5 running Debian. It took me several attempts, I had to jump through a lot of hoops, I couldn't recreate it after I had done it, and I'm not sure what I got right. I know permissions are important - you've got to be root on both systems, and it seemed like directory paths where the files are was important.

It *can* be done. I know that much - but it did not seem remarkably reliable. 

When it is starting, it gives a spinning "/", right? Does that stop? 

sudo tail /var/logs/system.log -f  in a separate terminal window while running the ctdlmigrate - and see if it is throwing up errors. Also, it seems like either running it in a terminal or in a console might have been the key - but I'm not sure which. I know I tried running it in the console logged in as root, I tried running it in a terminal logged in as a regular user, I tried terminal running it sudo, and I tried terminal running it after SU-ing to root. 

I threw everything at the wall - and something stuck. Once. 



Mon Jan 04 2021 10:36:36 EST from markus Subject: How to use ctdlmigrate successfully?

Hello!

Does anybody have experience with "ctdlmigrate"? I gave it a try (from an older citadel server version 824 to the actual 930).  Starting "ctdlmigrate" it seems to export the database from the older system. But obviously there is a problem doing the import to the new system. When "ctdlmigrate" ends no login to the server was possible. After stopping the server it couldn't be restartet.

Any hints are wellcome!

Markus



 



 



 



[#] Thu Jan 07 2021 19:33:43 EST from markus

Subject: Email copy in sent folder: Why source as destination address?

[Reply] [ReplyQuoted] [Headers] [Print]

Hello,

when I send an email from test@x to test@y citadel places a copy of this email in the "sent items" folder of test@x. So far so god.

But why does citadel insert test@x as second destination address (second To-address) to this email copy? How can I avoid that?

Regards

Markus



[#] Thu Jan 07 2021 20:30:32 EST from ParanoidDelusions

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

This is *exactly* what I was seeing. Error after error, in rooms, in messages... I can't remember the exact error. 

I got it to work exactly ONE time - between a RiP 3b+ and an i5. 

But really, you've that is all you need - is for it to work once. 

I wish I remember what worked, or even what I was doing now. 

Thu Jan 07 2021 19:01:43 EST from markus Subject: Re: How to use ctdlmigrate successfully?

Well, I have stoppend citadel and webcit, have then deleted all files bellow citadel/data and finally have started citadel and webcit and did citadel setup, but I wasn't lucky in case a) and b), while the cases are:

a) executing ctdlmigrate on destination system 

b) executing sendcommand "MIGR export" > citadel_export.xml on source system and afterwards sendcommand -w <seconds> "MIGR import" < citadel_export.xml on the destination system

In both cases I recognize errors in /var/log/syslog. Rooms were missing as far as I remember and other errors. Does citadel/database need any pretreatment before doing an import? Or do you think source and destination system are too different to migrate going way a) or b)?

If this is the case the only option that I have would be to use a mail user agent to transfer between old and new system. Right?

 

Mon Jan 04 2021 18:46:43 EST from omatnet Subject: Re: How to use ctdlmigrate successfully?

Echoing this latest reply, see my posting and related replies that started on November 12 with the subject: 'Both methods of migration attempts crash within seconds'. ctdlmigrate works well also from an old version to a new version. But in my case, I had a problem - it either crashed midway (too much information) or simply timed out (the old ctdlmigrate did not yet accept the '-w' switch to extend the timeout period). But if this is the issue, you have a work around method, by using IMAP account, transferring safely (albeit slowly) all emails from the old server to the new one. If you read all the postings you will see the answers there.

Mon Jan 04 2021 14:17:23 EST from ParanoidDelusions Subject: Re: How to use ctdlmigrate successfully?

If you read back several pages in this room, there was quite a discussion about the different methods of migrating Citadel, including ctdlmigrate. Those discussions might help. 

I was able to successfully migrate a Citadel database from a Pi running Rapsbian to an i5 running Debian. It took me several attempts, I had to jump through a lot of hoops, I couldn't recreate it after I had done it, and I'm not sure what I got right. I know permissions are important - you've got to be root on both systems, and it seemed like directory paths where the files are was important.

It *can* be done. I know that much - but it did not seem remarkably reliable. 

When it is starting, it gives a spinning "/", right? Does that stop? 

sudo tail /var/logs/system.log -f  in a separate terminal window while running the ctdlmigrate - and see if it is throwing up errors. Also, it seems like either running it in a terminal or in a console might have been the key - but I'm not sure which. I know I tried running it in the console logged in as root, I tried running it in a terminal logged in as a regular user, I tried terminal running it sudo, and I tried terminal running it after SU-ing to root. 

I threw everything at the wall - and something stuck. Once. 



Mon Jan 04 2021 10:36:36 EST from markus Subject: How to use ctdlmigrate successfully?

Hello!

Does anybody have experience with "ctdlmigrate"? I gave it a try (from an older citadel server version 824 to the actual 930).  Starting "ctdlmigrate" it seems to export the database from the older system. But obviously there is a problem doing the import to the new system. When "ctdlmigrate" ends no login to the server was possible. After stopping the server it couldn't be restartet.

Any hints are wellcome!

Markus



 



 



 



 



[#] Thu Jan 07 2021 21:13:43 EST from markus

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

I wish you could remember, too :-)

Did you migrate between the same version of citadel on RiP 3b+ and on i5 or at least between the same major numbers like 8xx or 9xx?

Was a password set for your admin-account on citadel of RPi 3b+?

Did you copy any files from RPi 3b+ to i5 except the export of the database on RPi 3b+?

Thu Jan 07 2021 20:30:32 EST from ParanoidDelusions Subject: Re: How to use ctdlmigrate successfully?

This is *exactly* what I was seeing. Error after error, in rooms, in messages... I can't remember the exact error. 

I got it to work exactly ONE time - between a RiP 3b+ and an i5. 

But really, you've that is all you need - is for it to work once. 

I wish I remember what worked, or even what I was doing now. 

Thu Jan 07 2021 19:01:43 EST from markus Subject: Re: How to use ctdlmigrate successfully?

Well, I have stoppend citadel and webcit, have then deleted all files bellow citadel/data and finally have started citadel and webcit and did citadel setup, but I wasn't lucky in case a) and b), while the cases are:

a) executing ctdlmigrate on destination system 

b) executing sendcommand "MIGR export" > citadel_export.xml on source system and afterwards sendcommand -w <seconds> "MIGR import" < citadel_export.xml on the destination system

In both cases I recognize errors in /var/log/syslog. Rooms were missing as far as I remember and other errors. Does citadel/database need any pretreatment before doing an import? Or do you think source and destination system are too different to migrate going way a) or b)?

If this is the case the only option that I have would be to use a mail user agent to transfer between old and new system. Right?

 

Mon Jan 04 2021 18:46:43 EST from omatnet Subject: Re: How to use ctdlmigrate successfully?

Echoing this latest reply, see my posting and related replies that started on November 12 with the subject: 'Both methods of migration attempts crash within seconds'. ctdlmigrate works well also from an old version to a new version. But in my case, I had a problem - it either crashed midway (too much information) or simply timed out (the old ctdlmigrate did not yet accept the '-w' switch to extend the timeout period). But if this is the issue, you have a work around method, by using IMAP account, transferring safely (albeit slowly) all emails from the old server to the new one. If you read all the postings you will see the answers there.

Mon Jan 04 2021 14:17:23 EST from ParanoidDelusions Subject: Re: How to use ctdlmigrate successfully?

If you read back several pages in this room, there was quite a discussion about the different methods of migrating Citadel, including ctdlmigrate. Those discussions might help. 

I was able to successfully migrate a Citadel database from a Pi running Rapsbian to an i5 running Debian. It took me several attempts, I had to jump through a lot of hoops, I couldn't recreate it after I had done it, and I'm not sure what I got right. I know permissions are important - you've got to be root on both systems, and it seemed like directory paths where the files are was important.

It *can* be done. I know that much - but it did not seem remarkably reliable. 

When it is starting, it gives a spinning "/", right? Does that stop? 

sudo tail /var/logs/system.log -f  in a separate terminal window while running the ctdlmigrate - and see if it is throwing up errors. Also, it seems like either running it in a terminal or in a console might have been the key - but I'm not sure which. I know I tried running it in the console logged in as root, I tried running it in a terminal logged in as a regular user, I tried terminal running it sudo, and I tried terminal running it after SU-ing to root. 

I threw everything at the wall - and something stuck. Once. 



Mon Jan 04 2021 10:36:36 EST from markus Subject: How to use ctdlmigrate successfully?

Hello!

Does anybody have experience with "ctdlmigrate"? I gave it a try (from an older citadel server version 824 to the actual 930).  Starting "ctdlmigrate" it seems to export the database from the older system. But obviously there is a problem doing the import to the new system. When "ctdlmigrate" ends no login to the server was possible. After stopping the server it couldn't be restartet.

Any hints are wellcome!

Markus



 



 



 



 



 



[#] Thu Jan 07 2021 21:48:56 EST from markus

Subject: Error on citadel restart with webcit

[Reply] [ReplyQuoted] [Headers] [Print]

Hello?

Recently I used citadel to restart citadel clicking on /adminstration/Shutdown Citadel/Restart Now. Among all the entries I go in /var/log/syslog there are the following ones:

citserver[22211]: extensions: Startup Problems
citserver[22211]: citserver[22211]: msgbase: room hooks returned 1 errors
citserver[22211]: msgbase: room hooks returned 1 errors

First line was also written on console.

What is the reason for that error and how can I avoid it?

Markus



[#] Thu Jan 07 2021 22:14:09 EST from markus

Subject: Cannot add user with underscore in Webcit anymore.

[Reply] [ReplyQuoted] [Headers] [Print]

Hello,

in former times I was able to add users with underscores using webcit. With Citadel 930 and Webcit 927 this seems not possible anymore. Why is that? Can I change that?

Regard

Markus



[#] Thu Jan 07 2021 22:50:43 EST from markus

Subject: It seems that Citadel does not forward emails to a smart host.

[Reply] [ReplyQuoted] [Headers] [Print]

Hello again,

In order to test sending emails via citadel my email user agent is connects to citadel via SMTP MSA Serverport 587. Citadel itself is configured to forward each email to a smart host whoes connection parameters are set bellow Administration / Domain names and Internet mail configuration / Smart hosts. But it seems that citadel does not forward incoming emails to that smart host. Assuming connection parameters are correct, what could be the reason?

Markus



[#] Thu Jan 07 2021 23:03:37 EST from markus

Subject: Re: Cannot add user with underscore in Webcit anymore.

[Reply] [ReplyQuoted] [Headers] [Print]

When I use webcit to add an user whoes user name includes dots then I can afterwards successfully log via webcit using the exactly same user name or a user name that replaces dots by underscores. Does webcit translate underscores to dots or dots to underscores? If so, why? Can I change that behaviour?

Thu Jan 07 2021 22:14:09 EST from markus Subject: Cannot add user with underscore in Webcit anymore.

Hello,

in former times I was able to add users with underscores using webcit. With Citadel 930 and Webcit 927 this seems not possible anymore. Why is that? Can I change that?

Regard

Markus



 



[#] Fri Jan 08 2021 00:45:52 EST from ParanoidDelusions

Subject: Re: How to use ctdlmigrate successfully?

[Reply] [ReplyQuoted] [Headers] [Print]

Ask the guys here - I was in such full-blown panic mode I was driving them nuts with badly formed questions I'd answer myself a day later.

But... let me think about that. It was from non-like 9xx versions - I made an image of my SD and then upgraded it to the same version, first. It was on Raspbian to Debian. I did enable the root account on the Pi, and I feel like that was a major step forward. I used a combination of ctdlmigrate

 

https://www.citadel.org/how_do_i_move_citadel_to_another_host.html

Rsync failed with permissions issue. I looked at the commands that failed, ran them manually under root on the source machine, and most of them worked. The ones that failed were the /files folder - which it seems like Raspbian even locks root out of that folder. Later I took ownership of it and moved it over. It helped me figure out a lot of what was going on, and going wrong, on the Pi.


Again, there is a spinning / when you run this, I believe. It would just stall out on me. I finally got it to run once, and it spun the whole time.

That is what got me looking at syslog with -f and where I noticed the series of errors as it was importing. The time I saw it was not throwing errors, I can't tell you why.

But after that I was rebuilding and tweaking it and trying to import it from one like Debian machine to another - and I think then I was playing around with ./sendcommand "MIGR export" >exported.xml and I had that file in /


The instructions for that are at:

https://www.citadel.org/system_administration_manual.html


Under

Importing/Exporting your Citadel database



Sorry - I really wish I could be more help. I'll have a look at my history and bookmarks and see if they give me any other insight what I did right. Again, if you read back a dozen or so pages, you'll see my online meltdown where I was describing what I was doing and what was happening. It could help, too.

Thu Jan 07 2021 21:13:43 EST from markus Subject: Re: How to use ctdlmigrate successfully?

I wish you could remember, too :-)

Did you migrate between the same version of citadel on RiP 3b+ and on i5 or at least between the same major numbers like 8xx or 9xx?

Was a password set for your admin-account on citadel of RPi 3b+?

Did you copy any files from RPi 3b+ to i5 except the export of the database on RPi 3b+?

 



[#] Fri Jan 08 2021 15:58:31 EST from markus

Subject: How to sync calenders and contacts without synckolab?

[Reply] [ReplyQuoted] [Headers] [Print]

Hello,

I'm looking for a solution to sync my calenders and contacts of Thunderbird's Lightning extention to citadel.

On https://www.citadel.org/using_your_citadel_calendar_and_contacts_in_thunderbird.html I found a soultion that I used in former days. The problem is that nowadays "synckolab" is not actively developed anymore. The most recent version is five years old (see https://www.gargan.org/en/Mozilla_Extensions/SyncKolab/CVS_Nightly/ ) and does only work with Thunderbird version 35 or older.

Does somebody know any other solution to sync calenders and contacts to citadel?

Regards

Markus



[#] Fri Jan 08 2021 19:47:14 EST from omatnet

Subject: Re: Citadel log level

[Reply] [ReplyQuoted] [Headers] [Print]

I have a partial answer for you, but also extend your question so hope that someone else would be able to complete the answer - since I am also trying to use fail2ban with Citadel and it doesn't work as it should:

In previous versions of Citadel, there was an option to add command line parameters that will set the log level. I used to use: 

/usr/local/citadel/citserver -lmail -d -x6

which means using the most verbose logging level and using /var/log/mail.log as the log file (although I think it is the default now, in the past it went only to syslog)

With systemd Citadel is running as a service, so I tried to make this changes to the /etc/systemd/system/citadel.service file but I after the change and restart I am not seeing any difference in the log level. I can verify (with 'ps x | grep citserver') that the command line parameters are sent to citserver, BUT I DO NOT see any difference in the log level at mail.log

Another problem - I can see that some of the Citadel logging data is saved at /var/log/mail.log and some of it is at /var/log/syslog - specifically the login authorization data (bad login attempts, which fail2ban needs to monitor).

That is a problem since fail2ban can only monitor a single log file per 'jail'. Of course I can try and bypass and create 2 fail2ban jails for Citadel but that complicate things quite a bit and it is not supposed to be that way.

Can anyone share further advice on that? Thank you!

 

Thu Jan 07 2021 14:45:00 EST from mkuhn Subject: Citadel log level

Hi,

Happy new year!

I'm running Citadel 930 and Webcit 927, installed with easyinstall on my Odroid C2 (updating config.guess in libcitadel.tar and citadel-easyinstall.tar would be great). 

I would like to change the log level for smtp events to let Fail2ban block IPs (i.e. telnet connects on port 25).  What would I need to do to generate that information in either mail.log or syslog?

Regards.

Michael

 



 



[#] Fri Jan 08 2021 20:22:13 EST from omatnet

Subject: Re: Citadel log level

[Reply] [ReplyQuoted] [Headers] [Print]

I may have found the solution to the problem I experienced in my previous answer/solution below: The '-d' parameter was originally supposed to cause Citserver to run as a daemon. But possibly with systemd it is not needed anymore, or not supported correctly since in fact it caused citserver to have two instances in memory. I removed the '-d' parameter so the line in /etc/systemd/system/citadel.service is now:

/usr/local/citadel/citserver -lmail -x6

and now I am able to see bad login attempts in /var/log/mail.log so fail2ban mail filter should be able to find it and activate blocking. The bad login attempt error line contains the text "user_ops: bad password specified for" as well as the IP number of the offending machine trying to log in, which can be used in the fail2ban filter. I haven't tested yet with fail2ban, but will do so shortly.

By the way, in case you need, the highest level of logging is X7 (the levels are 0-7, 0 being the minimum and 7 being the maximum)

 

Fri Jan 08 2021 19:47:14 EST from omatnet Subject: Re: Citadel log level

I have a partial answer for you, but also extend your question so hope that someone else would be able to complete the answer - since I am also trying to use fail2ban with Citadel and it doesn't work as it should:

In previous versions of Citadel, there was an option to add command line parameters that will set the log level. I used to use: 

/usr/local/citadel/citserver -lmail -d -x6

which means using the most verbose logging level and using /var/log/mail.log as the log file (although I think it is the default now, in the past it went only to syslog)

With systemd Citadel is running as a service, so I tried to make this changes to the /etc/systemd/system/citadel.service file but I after the change and restart I am not seeing any difference in the log level. I can verify (with 'ps x | grep citserver') that the command line parameters are sent to citserver, BUT I DO NOT see any difference in the log level at mail.log

Another problem - I can see that some of the Citadel logging data is saved at /var/log/mail.log and some of it is at /var/log/syslog - specifically the login authorization data (bad login attempts, which fail2ban needs to monitor).

That is a problem since fail2ban can only monitor a single log file per 'jail'. Of course I can try and bypass and create 2 fail2ban jails for Citadel but that complicate things quite a bit and it is not supposed to be that way.

Can anyone share further advice on that? Thank you!

 

Thu Jan 07 2021 14:45:00 EST from mkuhn Subject: Citadel log level

Hi,

Happy new year!

I'm running Citadel 930 and Webcit 927, installed with easyinstall on my Odroid C2 (updating config.guess in libcitadel.tar and citadel-easyinstall.tar would be great). 

I would like to change the log level for smtp events to let Fail2ban block IPs (i.e. telnet connects on port 25).  What would I need to do to generate that information in either mail.log or syslog?

Regards.

Michael

 



 



 



[#] Sat Jan 09 2021 08:13:52 EST from Michael

Subject: Re: Citadel log level

[Reply] [ReplyQuoted] [Headers] [Print]

Thanks a bunch for taking another look at it. I implemented the change to citadel.service and will do some smpt auth testing later today. FYI - there is a failregex sample described in the Citadel Security room here on this bbs

Fri Jan 08 2021 20:22:13 EST from omatnet Subject: Re: Citadel log level

I may have found the solution to the problem I experienced in my previous answer/solution below: The '-d' parameter was originally supposed to cause Citserver to run as a daemon. But possibly with systemd it is not needed anymore, or not supported correctly since in fact it caused citserver to have two instances in memory. I removed the '-d' parameter so the line in /etc/systemd/system/citadel.service is now:

/usr/local/citadel/citserver -lmail -x6

and now I am able to see bad login attempts in /var/log/mail.log so fail2ban mail filter should be able to find it and activate blocking. The bad login attempt error line contains the text "user_ops: bad password specified for" as well as the IP number of the offending machine trying to log in, which can be used in the fail2ban filter. I haven't tested yet with fail2ban, but will do so shortly.

By the way, in case you need, the highest level of logging is X7 (the levels are 0-7, 0 being the minimum and 7 being the maximum)

 

Fri Jan 08 2021 19:47:14 EST from omatnet Subject: Re: Citadel log level

I have a partial answer for you, but also extend your question so hope that someone else would be able to complete the answer - since I am also trying to use fail2ban with Citadel and it doesn't work as it should:

In previous versions of Citadel, there was an option to add command line parameters that will set the log level. I used to use: 

/usr/local/citadel/citserver -lmail -d -x6

which means using the most verbose logging level and using /var/log/mail.log as the log file (although I think it is the default now, in the past it went only to syslog)

With systemd Citadel is running as a service, so I tried to make this changes to the /etc/systemd/system/citadel.service file but I after the change and restart I am not seeing any difference in the log level. I can verify (with 'ps x | grep citserver') that the command line parameters are sent to citserver, BUT I DO NOT see any difference in the log level at mail.log

Another problem - I can see that some of the Citadel logging data is saved at /var/log/mail.log and some of it is at /var/log/syslog - specifically the login authorization data (bad login attempts, which fail2ban needs to monitor).

That is a problem since fail2ban can only monitor a single log file per 'jail'. Of course I can try and bypass and create 2 fail2ban jails for Citadel but that complicate things quite a bit and it is not supposed to be that way.

Can anyone share further advice on that? Thank you!

 

Thu Jan 07 2021 14:45:00 EST from mkuhn Subject: Citadel log level

Hi,

Happy new year!

I'm running Citadel 930 and Webcit 927, installed with easyinstall on my Odroid C2 (updating config.guess in libcitadel.tar and citadel-easyinstall.tar would be great). 

I would like to change the log level for smtp events to let Fail2ban block IPs (i.e. telnet connects on port 25).  What would I need to do to generate that information in either mail.log or syslog?

Regards.

Michael

 



 



 



 



[#] Sat Jan 09 2021 08:31:26 EST from Michael

Subject: Re: Citadel log level

[Reply] [ReplyQuoted] [Headers] [Print]

Works

syslog: mail citserver[1467]: citserver[1467]: user_ops: bad password specified for <> Service <SMTP-MTA> Port <port #> Remote <OP address / IP addrress>

mail.log: mail citserver[1467]: user_ops: bad password specified for <> Service <SMTP-MTA> Port <port #> Remote <OP address / IP addrress>

 

Sat Jan 09 2021 08:13:52 EST from Michael Subject: Re: Citadel log level

Thanks a bunch for taking another look at it. I implemented the change to citadel.service and will do some smpt auth testing later today. FYI - there is a failregex sample described in the Citadel Security room here on this bbs

Fri Jan 08 2021 20:22:13 EST from omatnet Subject: Re: Citadel log level

I may have found the solution to the problem I experienced in my previous answer/solution below: The '-d' parameter was originally supposed to cause Citserver to run as a daemon. But possibly with systemd it is not needed anymore, or not supported correctly since in fact it caused citserver to have two instances in memory. I removed the '-d' parameter so the line in /etc/systemd/system/citadel.service is now:

/usr/local/citadel/citserver -lmail -x6

and now I am able to see bad login attempts in /var/log/mail.log so fail2ban mail filter should be able to find it and activate blocking. The bad login attempt error line contains the text "user_ops: bad password specified for" as well as the IP number of the offending machine trying to log in, which can be used in the fail2ban filter. I haven't tested yet with fail2ban, but will do so shortly.

By the way, in case you need, the highest level of logging is X7 (the levels are 0-7, 0 being the minimum and 7 being the maximum)

 

Fri Jan 08 2021 19:47:14 EST from omatnet Subject: Re: Citadel log level

I have a partial answer for you, but also extend your question so hope that someone else would be able to complete the answer - since I am also trying to use fail2ban with Citadel and it doesn't work as it should:

In previous versions of Citadel, there was an option to add command line parameters that will set the log level. I used to use: 

/usr/local/citadel/citserver -lmail -d -x6

which means using the most verbose logging level and using /var/log/mail.log as the log file (although I think it is the default now, in the past it went only to syslog)

With systemd Citadel is running as a service, so I tried to make this changes to the /etc/systemd/system/citadel.service file but I after the change and restart I am not seeing any difference in the log level. I can verify (with 'ps x | grep citserver') that the command line parameters are sent to citserver, BUT I DO NOT see any difference in the log level at mail.log

Another problem - I can see that some of the Citadel logging data is saved at /var/log/mail.log and some of it is at /var/log/syslog - specifically the login authorization data (bad login attempts, which fail2ban needs to monitor).

That is a problem since fail2ban can only monitor a single log file per 'jail'. Of course I can try and bypass and create 2 fail2ban jails for Citadel but that complicate things quite a bit and it is not supposed to be that way.

Can anyone share further advice on that? Thank you!

 

Thu Jan 07 2021 14:45:00 EST from mkuhn Subject: Citadel log level

Hi,

Happy new year!

I'm running Citadel 930 and Webcit 927, installed with easyinstall on my Odroid C2 (updating config.guess in libcitadel.tar and citadel-easyinstall.tar would be great). 

I would like to change the log level for smtp events to let Fail2ban block IPs (i.e. telnet connects on port 25).  What would I need to do to generate that information in either mail.log or syslog?

Regards.

Michael

 



 



 



 



 



[#] Sat Jan 09 2021 09:34:39 EST from Michael

Subject: Re: How to sync calenders and contacts without synckolab?

[Reply] [ReplyQuoted] [Headers] [Print]

Hi Markus,

I looked into calendar synching with Citadel as well a few years ago.  Decided it's not worth the hassle and used my Nextcloud instance instead.  Maybe another route for you too.

Michael

Fri Jan 08 2021 15:58:31 EST from markus Subject: How to sync calenders and contacts without synckolab?

Hello,

I'm looking for a solution to sync my calenders and contacts of Thunderbird's Lightning extention to citadel.

On https://www.citadel.org/using_your_citadel_calendar_and_contacts_in_thunderbird.html I found a soultion that I used in former days. The problem is that nowadays "synckolab" is not actively developed anymore. The most recent version is five years old (see https://www.gargan.org/en/Mozilla_Extensions/SyncKolab/CVS_Nightly/ ) and does only work with Thunderbird version 35 or older.

Does somebody know any other solution to sync calenders and contacts to citadel?

Regards

Markus



 



[#] Sat Jan 09 2021 17:33:10 EST from markus

Subject: Starting citadel on system start?

[Reply] [ReplyQuoted] [Headers] [Print]

Hello!

The setup routine of webcite offers the option to start webcit on system start. I cannot see the same option for citadel. Is there a way to start citadel on Debian system start?

Thanks and regards

Markus



Go to page: First ... 11 12 13 14 [15] 16 17 18 19 ... Last