PaulHowarth/Blog/2008-06

Paul's Blog Entries for June 2008

Monday 2nd June 2008

Local Packages

  • Updated nmap to 4.65

Tuesday 3rd June 2008

Local Packages

  • Updated dovecot to 1.0.14

  • Updated perl-HTML-Lint to 2.04

Fedora Project

Finally followed up on an idea I had nearly six months ago about writing SELinux policy modules for various milters, and specifically for milter-regex and spamass-milter, the two milters I maintain in Fedora. This was made more urgent by Bug #447247, which boils down to spamass-milter not working in Fedora 9 with SELinux in enforcing mode.

My idea was basically to have a generic milter policy template and then build on that the differences that each milter has. It's a first pass but I'm now running both milters confined by SELinux in enforcing mode and without any problems. The policy probably needs expanding to support running with Postfix instead of Sendmail but I don't have any Postfix servers to try that with.

Thursday 5th June 2008

Local Packages

  • Updated curl to 7.18.2

  • Updated dovecot to include convert-tool, a tool for converting mbox mailboxes to maildir format, as per the Rawhide version

  • Updated perl-Pod-Simple to 3.07

Helen at Nursery

Helen's first full day at nursery today, aged just under 9 months. She's done amazingly well considering her usual discomfort with strangers, and much to my surprise lasted the whole day and even enjoyed it!

Friday 6th June 2008

Fedora Project

Got an email from the buildsystem for the sparc secondary architecture (which appears to be attempting to build all of Fedora 9 on sparc at the moment) indicating that perl-Math-GMP had failed to build (amongst a bunch of other mails).

It turned out to be the same 64-bit problem in the test suite that I've previously fixed for the x86_64, ppc64, and ia64 architectures. I was able to test this by making a fixed SRPM and doing a scratch build on the sparc buildsystem:

$ koji --weburl=http://sparc.koji.fedoraproject.org/koji --server=http://sparc.koji.fedoraproject.org/kojihub build --scratch --arch-override=sparc64 dist-f9 perl-Math-GMP-2.04-10.fc9.src.rpm
Uploading srpm: perl-Math-GMP-2.04-10.fc9.src.rpm
[====================================] 100% 00:00:01  21.64 KiB  10.84 KiB/sec
Created task: 78356
Task info: http://sparc.koji.fedoraproject.org/koji/taskinfo?taskID=78356
Watching tasks (this may be safely interrupted)...
78356 build (dist-f9, perl-Math-GMP-2.04-10.fc9.src.rpm): free
78356 build (dist-f9, perl-Math-GMP-2.04-10.fc9.src.rpm): free -> open (korolev.ausil.us)
  78561 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): free
  78561 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): free -> open (daedalus.ausil.us)
  78561 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): open (daedalus.ausil.us) -> closed
  0 free  1 open  1 done  0 failed
78356 build (dist-f9, perl-Math-GMP-2.04-10.fc9.src.rpm): open (korolev.ausil.us) -> closed
  0 free  0 open  2 done  0 failed

78356 build (dist-f9, perl-Math-GMP-2.04-10.fc9.src.rpm) completed successfully

So I then committed the fix in CVS for F-9 and Rawhide, rebuilt the Rawhide package on the main Fedora buildsystem, and built the F-9 package on the sparc buildsystem only (since the updated package would have zero benefit for other-arch users):

$ koji --weburl=http://sparc.koji.fedoraproject.org/koji --server=http://sparc.koji.fedoraproject.org/kojihub build dist-f9 'cvs://cvs.fedoraproject.org/cvs/pkgs?rpms/perl-Math-GMP/F-9#perl-Math-GMP-2_04-10_fc9'
Created task: 78629
Task info: http://sparc.koji.fedoraproject.org/koji/taskinfo?taskID=78629
Watching tasks (this may be safely interrupted)...
78629 build (dist-f9, F-9:perl-Math-GMP-2_04-10_fc9): free
78629 build (dist-f9, F-9:perl-Math-GMP-2_04-10_fc9): free -> open (korolev.ausil.us)
  78631 buildSRPMFromSCM (F-9:perl-Math-GMP-2_04-10_fc9): free
  78631 buildSRPMFromSCM (F-9:perl-Math-GMP-2_04-10_fc9): free -> open (daedalus.ausil.us)
  78631 buildSRPMFromSCM (F-9:perl-Math-GMP-2_04-10_fc9): open (daedalus.ausil.us) -> closed
  0 free  1 open  1 done  0 failed
  78634 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): free
  78635 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparcv9): free
  78634 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): free -> open (daedalus.ausil.us)
  78635 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparcv9): free -> open (korolev.ausil.us)
  78635 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparcv9): open (korolev.ausil.us) -> closed
  0 free  2 open  2 done  0 failed
  78634 buildArch (perl-Math-GMP-2.04-10.fc9.src.rpm, sparc64): open (daedalus.ausil.us) -> closed
  0 free  1 open  3 done  0 failed
  78643 tagBuild (noarch): free
  78643 tagBuild (noarch): free -> open (daedalus.ausil.us)
  78643 tagBuild (noarch): open (daedalus.ausil.us) -> closed
  0 free  1 open  4 done  0 failed
78629 build (dist-f9, F-9:perl-Math-GMP-2_04-10_fc9): open (korolev.ausil.us) -> closed
  0 free  0 open  5 done  0 failed

78629 build (dist-f9, F-9:perl-Math-GMP-2_04-10_fc9) completed successfully

Monday 9th June 2008

Fedora Project

  • Built two of the packages that had previously failed on the sparc buildsystem, namely gtkwave and spamass-milter; the only failed build I have left is lat, which is probably because the entire mono stack isn't built. I think we'll need sparcv9/sparc64 ExcludeArch tracker bugs soon (they should block Bug #251073, the sparc ExcludeArch tracker, which doesn't yet appear to have any dependencies...)

Wednesday 11th June 2008

Local Packages

  • Updated perl-Test-File to 1.25

Friday 13th June 2008

Local Packages

  • Updated perl-Convert-UUlib to 1.11

Wednesday 18th June 2008

Local Packages

  • Updated curl to include the fix to allow curl_multi_perform() over a proxy (Bug #450140)

  • Updated dovecot in make the initscript LSB-compliant (Bug #451838)

Thursday 19th June 2008

Fedora Project

  • Updated gtkwave to 3.1.11 in Rawhide

Local Packages

  • Updated gtkwave to 3.1.11

  • Updated sendmail to fix a potential socket file descriptor leak in libmilter (if the libmilter-using application ran another process, the descriptor would be inherited by that process)

Sunday 22nd June 2008

Local Packages

  • Updated dovecot to 1.1.0 as per the Rawhide package

  • Further updated dovecot to 1.1.1

  • Updated moin (and this site) to 1.7.0

  • Removed versions of xxdiff for current Fedora releases as the software is now packaged officially in Fedora

Monday 23rd June 2008

Moin 1.7.0

It seems that uploading attachments (at least on a CentOS 5 box using mod_python; this site, using mod_fcgid on Fedora 9 works OK) is partly broken. I raised MoinMoinBugs/1.7ModPythonAttachmentUploadFails about it.

I also noticed that where I have ACL groups such as AdminGroup to limit access to pages, the groups seems to be ignored, so for instance I couldn't actually edit a page if I only had edit access to the page via a group membership and not through an ACL that included my username specifically. A workaround for this appears to be to make an edit to the affected group page.

The userform action is no longer present, so logging out using the monobook theme results in an ugly error message: "Unknown action userform".

Local Packages

  • Updated moin-theme-monobook to fix the "Unknown action userform" error on logout and symlink the missing icons for conflict and renamed to the icons from the modern theme.

Tuesday 24th June 2008

Local Packages

CentOS 5.2 was released today. All of my RHEL5 packages will be built in a CentOS 5.2 root from now on.

  • Updated moin-theme-mentalwealth to fix missing icons for renamed and conflict

Fedora Project

  • Branched and built perl-Math-Pari for EPEL-4 and EPEL-5

Wednesday 25th June 2008

RoundCubeMail

RoundCube Mail is a very nice webmail application with an application-like interface (as opposed to a website). It's also packaged up as an RPM for Fedora, which should in theory make installation simple. Unfortunately the roundcubemail-README.fedora in the package only describes why there is no SQLite support in the package rather than how to actually get the application up and running from scratch. The upstream INSTALL file is only slightly more helpful as some of the files have been moved around (quite rightly) in the package to make it FHS-compliant, and the installer application isn't packaged.

So here are the steps I took to installing it on my own system, which has a local IMAP server already running (I was installing the package primarily to support my wife being able to read her mail from work). I chose to use MySQL for the database backend.

Firstly, install the software:

# yum install roundcubemail mysql-server php-mysql php-mbstring php-xml

{i} mysql-server and php-mysql are required to use the MySQL backend
{i} php-mbstring and php-xml are missing dependencies that will be added in an update (Bug #451652)

Edit /etc/php.ini and set the error reporting level and timezone:

error_reporting = E_ALL & ~E_NOTICE
date.timezone = "Europe/London"

You may also want to increase the upload_max_filesize value if you want to be able to handle larger attachments.

If you're not a current MySQL user, you'll need to set up the MySQL server. Let's say we're going to set the MySQL root user's password to "xy22y" (replace goalkeeper.city-fan.org with your own hostname):

# chkconfig mysqld on
# service mysqld start
Initializing MySQL database:  Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h goalkeeper.city-fan.org password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com
                                                           [  OK  ]
Starting MySQL:                                            [  OK  ]
# /usr/bin/mysqladmin -u root password 'xy22y'
# /usr/bin/mysqladmin -u root -h goalkeeper.city-fan.org password 'xy22y'
# service mysqld restart
Stopping MySQL:                                            [  OK  ]
Starting MySQL:                                            [  OK  ]
# 

The next step is to set up the roundcubemail database that the application will use. The MySQL username will be roundcube and we'll set its password to be "cool-php-app":

# mysql -u root --password=xy22y
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.0.51a Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> CREATE DATABASE roundcubemail DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.00 sec)

mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'cool-php-app';
Query OK, 0 rows affected (0.00 sec)

mysql> QUIT
Bye
# mysql -u root --password=xy22y roundcubemail < /usr/share/doc/roundcubemail-0.2/SQL/mysql5.initial.sql
# 

Edit /etc/httpd/conf.d/roundcubemail.conf to allow access from the Internet:

#
# Round Cube Webmail is a browser-based multilingual IMAP client
#

Alias /roundcubemail /usr/share/roundcubemail

<Directory /usr/share/roundcubemail/>
  Order allow,deny
  Allow from all
</Directory>

{i} The Alias line sets the base URL that the application will appear at on your web server. You may wish to change it from /roundcubemail (i.e. http://your.host.name/roundcubemail/) to (say) /mail or /webmail or even /my-private-mail-app.

Edit the $rcmail_config['db_dsnw'] entry in /etc/roundcubemail/db.inc.php to change the password from "pass" to "cool-php-app".

Edit /etc/roundcubemail/main.inc.php to configure your IMAP server:

$rcmail_config['default_host'] = 'localhost';
$rcmail_config['mail_domain'] = 'your.mail.domain';
$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
$rcmail_config['log_logins'] = true;

Set SELinux booleans to support PHP applications connecting to IMAP servers and sending mail:

# setsebool -P httpd_builtin_scripting=1 httpd_can_network_connect=1 httpd_can_sendmail=1

Restart the web server:

# service httpd restart

That should do it, and you should be able to access your mail at http://your.host.name/roundcubemail/

It's a good idea to run /usr/bin/mysql_secure_installation to improve the security of your MySQL server. It is safe to do this after setting up other databases; it's an interactive script and won't damage the roundcubemail setup.

Thursday 26th June 2008

Local Packages

  • Updated moin-theme-dew to add symlinks to the modern theme for the missing renamed and conflict icons

Friday 27th June 2008

Local Packages

  • Updated dovecot to have it listen for both IPv4 and IPv6 connections by default

Fedora Project

Raised some bugs on packages that didn't get rebuilt for perl 5.10.0 during the Fedora 9 development phase and hence have modules in perl 5.8.8 versioned directories that aren't in the @INC path for Fedora 9's perl.

Related bugs already raised for this issue are Bug #447921 (perl-Unicode-MapUTF8) and Bug #448082 (perl-XML-TreeBuilder). I have a list of about 20 packages that I'll be raising these bugs on if they haven't already been fixed.

Monday 30th June 2008

Local Packages

  • Updated nmap to 4.68

  • Updated perl-Array-Compare to 1.16

Fedora Project

Raised a couple more bugs for F-9 packages not built for perl 5.10.0:

I was about to raise another one for perl-Net-Netmask but I found that WarrenTogami had beaten me to it.

Previous Month: May 2008
Next Month: July 2008

Recent