DuckCorp Projects: Issueshttps://projects.duckcorp.org/https://projects.duckcorp.org/favicon.ico?16699090422022-06-26T11:59:48ZDuckCorp Projects
Redmine DuckCorp Infrastructure - Enhancement #773 (New): Investigate Kea usagehttps://projects.duckcorp.org/issues/7732022-06-26T11:59:48ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>ISC doesn't recommend <a href="https://www.isc.org/dhcp/" class="external">ISC DHCP</a> (for new project):</p>
<blockquote>
<p>We recommend that new implementers use Kea and implement ISC DHCP only if Kea does not meet their needs. The Kea distribution does not currently include either a client or a relay.</p>
</blockquote>
<p>The next Debian release provides a <a href="https://packages.debian.org/bookworm/kea" class="external">Kea package</a>.</p> DuckCorp Infrastructure - Bug #767 (New): mailman3-web internal errorhttps://projects.duckcorp.org/issues/7672022-03-27T19:49:44ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>I just tried to use mailmain3-web to remove my old email address from the the dc-admins list. I encountered an HTTP 500 (twice).<br /><pre>
ERROR 2022-03-27 21:43:42,082 1507813 postorius Mailman REST API not available
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 445, in _make_request
six.raise_from(e, None)
File "<string>", line 3, in raise_from
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 440, in _make_request
httplib_response = conn.getresponse()
File "/usr/lib/python3.9/http/client.py", line 1347, in getresponse
response.begin()
File "/usr/lib/python3.9/http/client.py", line 307, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.9/http/client.py", line 276, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 755, in urlopen
retries = retries.increment(
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 532, in increment
raise six.reraise(type(error), error, _stacktrace)
File "/usr/lib/python3/dist-packages/six.py", line 718, in reraise
raise value.with_traceback(tb)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 699, in urlopen
httplib_response = self._make_request(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 445, in _make_request
six.raise_from(e, None)
File "<string>", line 3, in raise_from
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 440, in _make_request
httplib_response = conn.getresponse()
File "/usr/lib/python3.9/http/client.py", line 1347, in getresponse
response.begin()
File "/usr/lib/python3.9/http/client.py", line 307, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.9/http/client.py", line 276, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
urllib3.exceptions.ProtocolError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/mailmanclient/restbase/connection.py", line 107, in call
response = request(
File "/usr/lib/python3/dist-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 542, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 655, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 498, in send
raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/django/core/handlers/base.py", line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/lib/python3/dist-packages/django/views/generic/base.py", line 71, in view
return self.dispatch(request, *args, **kwargs)
File "/usr/lib/python3/dist-packages/django/contrib/auth/mixins.py", line 52, in dispatch
return super().dispatch(request, *args, **kwargs)
File "/usr/lib/python3/dist-packages/django/contrib/auth/mixins.py", line 109, in dispatch
return super().dispatch(request, *args, **kwargs)
File "/usr/lib/python3/dist-packages/postorius/views/generic.py", line 74, in dispatch
return super(MailingListView, self).dispatch(request, *args, **kwargs)
File "/usr/lib/python3/dist-packages/django/views/generic/base.py", line 97, in dispatch
return handler(request, *args, **kwargs)
File "/usr/lib/python3/dist-packages/postorius/views/list.py", line 183, in post
return self._member_post(request, role)
File "/usr/lib/python3/dist-packages/postorius/views/list.py", line 135, in _member_post
self.mailing_list.unsubscribe(member)
File "/usr/lib/python3/dist-packages/mailmanclient/restobjects/mailinglist.py", line 414, in unsubscribe
self._connection.call(path, method='DELETE')
File "/usr/lib/python3/dist-packages/mailmanclient/restbase/connection.py", line 135, in call
raise MailmanConnectionError(
mailmanclient.restbase.connection.MailmanConnectionError: ('Could not connect to Mailman API: ', "ConnectionError(ProtocolError('Connection aborted.', RemoteDisconnected('Remote end closed connection without response')))")
ERROR 2022-03-27 21:43:42,091 1507813 django.request Service Unavailable: /postorius/lists/dc-admins.lists.duckcorp.org/members/member/
</pre></p> DuckCorp Infrastructure - Enhancement #745 (New): ban IPs that try to authenticate with a nonexis...https://projects.duckcorp.org/issues/7452021-11-24T14:03:15ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Fail2ban should block the following attemps:<br /><pre>
Nov 24 15:06:46 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:00 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:20 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:30 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:07:44 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
Nov 24 15:08:04 Toushirou dovecot[1308700]: auth: ldap(<redacted>,XXX.237.103.19): unknown user
</pre></p>
<p>Some numbers in order to support the new filter (the oldest entry in the journal is 7 days old):<br /><pre>
root@Toushirou:~# # count all entries
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | wc -l
5032
root@Toushirou:~# # check the regex
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | sed -n 's/.*ldap([^,]\+,\([^,)]\+\)\(,<[^>]\+>\)\?):.*/\1/p' | sort | uniq -c | sort -nr | awk '{print $1}' | paste -sd+ | bc
5029
root@Toushirou:~# # display the most used IPs
root@Toushirou:~# journalctl -g '(auth:.*unknown)' | sed -n 's/.*ldap([^,]\+,\([^,)]\+\)\(,<[^>]\+>\)\?):.*/\1/p' | sort | uniq -c | sort -nr | awk '{print $1}' | head -n 10
741
566
467
362
307
182
177
174
167
161
# There are 697 different IPs, the twenty most used produce 85% of the login failure.
</pre></p> Bip - Enhancement #715 (New): Backlog one channel onlyhttps://projects.duckcorp.org/issues/7152020-12-17T09:34:26ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>The backlog command only allows to backlog all the channels from one network.</p>
<p>It would be nice to fetch backlog from one channel only.</p>
<p>From: Debian bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668420" class="external">#668420</a>.</p> DuckCorp Infrastructure - Bug #713 (New): orfeo: smartd misconfiguredhttps://projects.duckcorp.org/issues/7132020-09-18T13:16:29ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>See <code>/var/log/daemon.log</code>:<br /><pre>
Aug 18 05:16:48 Orfeo smartd[509]: Device: /dev/sg3, opened
Aug 18 05:16:48 Orfeo smartd[509]: Device: /dev/sg3, [LSILOGIC Logical Volume 3000], 72.9 GB
Aug 18 05:16:48 Orfeo smartd[509]: Device: /dev/sg3, Bad IEC (SMART) mode page, err=4, skip device
Aug 18 05:16:48 Orfeo smartd[509]: Unable to register SCSI device /dev/sg3 at line 24 of file /etc/smartd.conf
Aug 18 05:16:48 Orfeo smartd[509]: Unable to register device /dev/sg3 (no Directive -d removable). Exiting.
[...]
Aug 18 05:16:48 Orfeo systemd[1]: smartd.service: Main process exited, code=exited, status=16/n/a
Aug 18 05:16:48 Orfeo systemd[1]: smartd.service: Failed with result 'exit-code'.
</pre></p> DuckCorp Infrastructure - Bug #443 (New): clamav@hq.duckcorp.org: User unknown in virtual alias t...https://projects.duckcorp.org/issues/4432015-02-24T00:30:17ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>On orfeo, <code>/var/log/mail.log</code> contains, the following error:<br /><pre>
Feb 22 09:50:31 orfeo postfix/smtpd[15387]: NOQUEUE: reject: RCPT from ppp0-dsl-elwing.hq.duckcorp.org[193.17.192.249]:
550 5.1.1 <clamav@hq.duckcorp.org>: Recipient address rejected: User unknown in virtual alias table;
from=<> to=<clamav@hq.duckcorp.org> proto=ESMTP helo=<Elwing.hq.duckcorp.org>
</pre></p> Bip - Bug #431 (New): bip is leaking file descriptorshttps://projects.duckcorp.org/issues/4312015-01-15T02:01:19ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>fran wrote:</p>
<blockquote>
<p>bip is leaking file descriptors on my server, and the fix is pretty easy: on connection.c, on read_socket, whenever read returns <1 and errno is different to EAGAIN and EINTR, the socket MUST be closed <br />because read will not return 0 on the following iterations of select (cause it's not added to the read fd_set after that), plus after read failing with fatal error it keeps returning -1</p>
</blockquote> UFWI - Enhancement #417 (New): Add GnuTLS 3.x supporthttps://projects.duckcorp.org/issues/4172014-11-25T22:42:24ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Oleg Blednov</p> UFWI - Bug #416 (New): Missing "Exit" menu entryhttps://projects.duckcorp.org/issues/4162014-11-25T22:41:46ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>In stand-alone mode, the main menu is missing a "Quit" or "Exit" entry.</p>
<p>Added by Laurent Defert</p> UFWI - Bug #415 (New): Remove runtime dependency to ntp modulehttps://projects.duckcorp.org/issues/4152014-11-25T22:41:20ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #414 (New): Remove dependency to ufwi_confhttps://projects.duckcorp.org/issues/4142014-11-25T22:40:57ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.euUFWI - Bug #413 (New): Remove dependency to networkhttps://projects.duckcorp.org/issues/4132014-11-25T22:40:15ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Creating a ruleset only shows :<br /><pre>
Firewall error
Error #1201001: No component registered with this name ('network')
</pre></p>
<p>Added by Laurent Defert</p> UFWI - Bug #412 (New): Remove references to minimalModehttps://projects.duckcorp.org/issues/4122014-11-25T22:40:02ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>Added by Laurent Defert</p> UFWI - Bug #411 (New): About windowhttps://projects.duckcorp.org/issues/4112014-11-25T22:39:52ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>The window currently displays :<br /><pre>
'<p><b>ufwi-conf</b></p>\n' +
'<p>Copyright &copy; 2008 INL</p>\n' +
'<p>' + tr('This front-end program is licensed under the '
+ 'GNU General Public License, version 2.') + '</p>'
</pre></p>
<p>Display the content of an Authors file instead, show the license as a link to its content on fsf.org</p>
<p>Added by Laurent Defert</p> UFWI - Bug #410 (New): Remove references to NuConfMainWindow.minimalModehttps://projects.duckcorp.org/issues/4102014-11-25T22:38:58ZPierre-Louis Bonicolipierre-louis.bonicoli@ir5.eu
<p>References to NuConfMainWindow.model should be removed as well.</p>
<p>Added by Laurent Defert</p>