Quantcast
Channel: iRedMail
Viewing all articles
Browse latest Browse all 14148

Ired admin login fail..

$
0
0

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
======== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache):2.4
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
====

Hello Friends,
After upgrade iredadmin from 0.1.6 to 0.4.1
Have some problems

nubeog@mail:/usr/share/apache2$ ls -l
total 60
-rw-r--r--  1 root      root      14882 feb  4 07:56 apache2-maintscript-helper
-rwxr-xr-x  1 root      root       1574 feb  4 07:56 ask-for-passphrase
drwxr-xr-x  2 root      root       4096 abr 17 11:05 build
drwxr-xr-x  2 root      root       4096 abr 17 11:05 default-site
drwxr-xr-x  3 root      root       4096 abr 17 11:05 error
drwxr-xr-x  3 root      root      12288 abr 17 11:05 icons
lrwxrwxrwx  1 root      root         15 abr 28 12:45 iredadmin -> iRedAdmin-0.4.1
dr-xr-xr-x  8 iredadmin iredadmin  4096 abr 20 15:47 iRedAdmin-0.1.6
dr-xr-xr-x  9 iredadmin iredadmin  4096 abr 28 12:45 iRedAdmin-0.4.1
lrwxrwxrwx  1 root      root         37 abr 17  2012 phpldapadmin -> /usr/share/apache2/phpldapadmin-1.2.2
drwxr-xr-x 11 root      root       4096 oct 26  2011 phpldapadmin-1.2.2
lrwxrwxrwx  1 root      root         36 abr 17  2012 roundcubemail -> /usr/share/apache2/roundcubemail-0.7
drwxr-xr-x 12 root      root       4096 abr 17  2012 roundcubemail-0.7

------------------------------------------------------------------------------------------
nubeog@mail:/usr/share/apache2$ /etc/apache2/conf.d/iredadmin.conf

WSGISocketPrefix /var/run/wsgi
WSGIDaemonProcess iredadmin user=iredadmin threads=15
WSGIProcessGroup iredadmin

AddType text/html .py

<Directory /usr/share/apache2/iredadmin/>
    Order allow,deny
    Require all granted
</Directory>

------------------------------------------------------------------------------------------------
nubeog@mail:/usr/share/apache2$ /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost

DocumentRoot /mounts/d2p1/www
    <Directory />
        Options FollowSymLinks
        AllowOverride None
    </Directory>
<Directory /mounts/d2p1/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Require all granted
</Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Require all denied
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

    #   SSL Engine Switch:
    #   Enable/Disable SSL for this virtual host.
    SSLEngine on

    #   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.
    SSLCertificateFile /etc/ssl/certs/iRedMail_CA.pem
    SSLCertificateKeyFile /etc/ssl/private/iRedMail.key

    #   Server Certificate Chain:
    #   Point SSLCertificateChainFile at a file containing the
    #   concatenation of PEM encoded CA certificates which form the
    #   certificate chain for the server certificate. Alternatively
    #   the referenced file can be the same as SSLCertificateFile
    #   when the CA certificates are directly appended to the server
    #   certificate for convinience.
    #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

    #   Certificate Authority (CA):
    #   Set the CA certificate verification path where to find CA
    #   certificates for client authentication or alternatively one
    #   huge file containing all of them (file must be PEM encoded)
    #   Note: Inside SSLCACertificatePath you need hash symlinks
    #         to point to the certificate files. Use the provided
    #         Makefile to update the hash symlinks after changes.
    #SSLCACertificatePath /etc/ssl/certs/
    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt

    #   Certificate Revocation Lists (CRL):
    #   Set the CA revocation path where to find CA CRLs for client
    #   authentication or alternatively one huge file containing all
    #   of them (file must be PEM encoded)
    #   Note: Inside SSLCARevocationPath you need hash symlinks
    #         to point to the certificate files. Use the provided
    #         Makefile to update the hash symlinks after changes.
    #SSLCARevocationPath /etc/apache2/ssl.crl/
    #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

    #   Client Authentication (Type):
    #   Client certificate verification type and depth.  Types are
    #   none, optional, require and optional_no_ca.  Depth is a
    #   number which specifies how deeply to verify the certificate
    #   issuer chain before deciding the certificate is not valid.
    #SSLVerifyClient require
    #SSLVerifyDepth  10

    #   Access Control:
    #   With SSLRequire you can do per-directory access control based
    #   on arbitrary complex boolean expressions containing server
    #   variable checks and other lookup directives.  The syntax is a
    #   mixture between C and Perl.  See the mod_ssl documentation
    #   for more details.
    #<Location />
    #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
    #            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
    #            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
    #            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
    #            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
    #           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
    #</Location>

    #   SSL Engine Options:
    #   Set various options for the SSL engine.
    #   o FakeBasicAuth:
    #     Translate the client X.509 into a Basic Authorisation.  This means that
    #     the standard Auth/DBMAuth methods can be used for access control.  The
    #     user name is the `one line' version of the client's X.509 certificate.
    #     Note that no password is obtained from the user. Every entry in the user
    #     file needs this password: `xxj31ZMTZzkVA'.
    #   o ExportCertData:
    #     This exports two additional environment variables: SSL_CLIENT_CERT and
    #     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
    #     server (always existing) and the client (only existing when client
    #     authentication is used). This can be used to import the certificates
    #     into CGI scripts.
    #   o StdEnvVars:
    #     This exports the standard SSL/TLS related `SSL_*' environment variables.
    #     Per default this exportation is switched off for performance reasons,
    #     because the extraction step is an expensive operation and is usually
    #     useless for serving static content. So one usually enables the
    #     exportation for CGI and SSI requests only.
    #   o StrictRequire:
    #     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
    #     under a "Satisfy any" situation, i.e. when it applies access is denied
    #     and no other module can change it.
    #   o OptRenegotiate:
    #     This enables optimized SSL connection renegotiation handling when SSL
    #     directives are used in per-directory context.
    #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
    </Directory>

    #   SSL Protocol Adjustments:
    #   The safe and default but still SSL/TLS standard compliant shutdown
    #   approach is that mod_ssl sends the close notify alert but doesn't wait for
    #   the close notify alert from client. When you need a different shutdown
    #   approach you can use one of the following variables:
    #   o ssl-unclean-shutdown:
    #     This forces an unclean shutdown when the connection is closed, i.e. no
    #     SSL close notify alert is send or allowed to received.  This violates
    #     the SSL/TLS standard but is needed for some brain-dead browsers. Use
    #     this when you receive I/O errors because of the standard approach where
    #     mod_ssl sends the close notify alert.
    #   o ssl-accurate-shutdown:
    #     This forces an accurate shutdown when the connection is closed, i.e. a
    #     SSL close notify alert is send and mod_ssl waits for the close notify
    #     alert of the client. This is 100% SSL/TLS standard compliant, but in
    #     practice often causes hanging connections with brain-dead browsers. Use
    #     this only for browsers where you know that their SSL implementation
    #     works correctly.
    #   Notice: Most problems of broken clients are also related to the HTTP
    #   keep-alive facility, so you usually additionally want to disable
    #   keep-alive for those clients, too. Use variable "nokeepalive" for this.
    #   Similarly, one has to force some clients to use HTTP/1.0 to workaround
    #   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
    #   "force-response-1.0" for this.
    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

Alias /cluebringer "/usr/share/postfix-cluebringer-webui/webui/"
Alias /mail "/usr/share/apache2/roundcubemail/"
Alias /webmail "/usr/share/apache2/roundcubemail/"
Alias /roundcube "/usr/share/apache2/roundcubemail/"
Alias /phpldapadmin "/usr/share/apache2/phpldapadmin/"
Alias /ldap "/usr/share/apache2/phpldapadmin/"
Alias /awstats/icon "/usr/share/awstats/icon/"
ScriptAlias /awstats "/usr/lib/cgi-bin/"
WSGIScriptAlias /iredadmin "/usr/share/apache2/iredadmin/iredadmin.py/"
Alias /iredadmin/static "/usr/share/apache2/iredadmin/static/"
</VirtualHost>
</IfModule>

------------------------------------------------------------------------------------
nubeog@mail:/usr/share/apache2$ grep -i 192.168.1.19 /var/log/apache2/error.log
[Mon May 04 09:20:58.469452 2015] [:error] [pid 5241] [client 192.168.1.19:55889] 0.06 (1): DELETE FROM sessions WHERE '2015-05-03T09:20:58.384347' > atime
[Mon May 04 09:20:58.471108 2015] [:error] [pid 5241] [client 192.168.1.19:55889] 0.0 (2): SELECT * FROM sessions WHERE session_id='180efd94cac198b2547153c741b909552a77c9fd'
[Mon May 04 09:20:58.575664 2015] [:error] [pid 5241] [client 192.168.1.19:55889] 0.0 (1): SELECT * FROM sessions WHERE session_id='a041a829f0426c045722a5b54e1af4f7aad837f7'
[Mon May 04 09:20:59.149786 2015] [:error] [pid 5241] [client 192.168.1.19:55889] 0.0 (2): SELECT * FROM sessions WHERE session_id='a041a829f0426c045722a5b54e1af4f7aad837f7'
[Mon May 04 09:20:59.151109 2015] [:error] [pid 5241] [client 192.168.1.19:55889] 0.0 (3): INSERT INTO sessions (data, session_id) VALUES ('KGRwMQpTJ3VzZXJuYW1lJwpwMgpOc1MnZW5hYmxlX3BvbGljeWQnCnAzCkkwMApzUydzdG9yZV9w\\nYXNzd29yZF9pbl9wbGFpbl90ZXh0JwpwNApJMDAKc1MnbGFuZycKcDUKUydlbl9VUycKcDYKc1Mn\\naXAnCnA3ClYxOTIuMTY4LjEuMTkKcDgKc1MnbG9nZ2VkJwpwOQpJMDAKc1MnYW1hdmlzZF9lbmFi\\nbGVfcXVhcmFudGluZScKcDEwCkkwMQpzUydzZXNzaW9uX2lkJwpwMTEKUydhMDQxYTgyOWYwNDI2\\nYzA0NTcyMmE1YjU0ZTFhZjRmN2FhZDgzN2Y3JwpwMTIKc1MnZGVmYXVsdF9tdGFfdHJhbnNwb3J0\\nJwpwMTMKUydkb3ZlY290JwpwMTQKc1MnZmFpbGVkX3RpbWVzJwpwMTUKSTAKc1MnaXNfZ2xvYmFs\\nX2FkbWluJwpwMTYKSTAwCnNTJ3dlYm1hc3RlcicKcDE3ClMnd3d3QG9sZGdyaW5nby5teCcKcDE4\\nCnNTJ2VuYWJsZV9jbHVlYnJpbmdlcicKcDE5CkkwMQpzLg==\\n', 'a041a829f0426c045722a5b54e1af4f7aad837f7')
[Mon May 04 09:21:15.994940 2015] [:error] [pid 4392] [client 192.168.1.19:55894] 0.0 (1): DELETE FROM sessions WHERE '2015-05-03T09:21:15.983098' > atime
[Mon May 04 09:21:15.996801 2015] [:error] [pid 4392] [client 192.168.1.19:55894] 0.0 (2): SELECT * FROM sessions WHERE session_id='d9d772c1e242089d400b99708583ef8d9b896ace'
[Mon May 04 09:21:16.286460 2015] [:error] [pid 4392] [client 192.168.1.19:55894] 0.0 (3): SELECT * FROM sessions WHERE session_id='d9d772c1e242089d400b99708583ef8d9b896ace'
[Mon May 04 09:21:16.287774 2015] [:error] [pid 4392] [client 192.168.1.19:55894] 0.0 (4): INSERT INTO sessions (data, session_id) VALUES ('KGRwMQpTJ3VzZXJuYW1lJwpwMgpOc1MnZW5hYmxlX3BvbGljeWQnCnAzCkkwMApzUydzdG9yZV9w\\nYXNzd29yZF9pbl9wbGFpbl90ZXh0JwpwNApJMDAKc1MnbGFuZycKcDUKUydlbl9VUycKcDYKc1Mn\\naXAnCnA3ClYxOTIuMTY4LjEuMTkKcDgKc1MnbG9nZ2VkJwpwOQpJMDAKc1MnYW1hdmlzZF9lbmFi\\nbGVfcXVhcmFudGluZScKcDEwCkkwMQpzUydzZXNzaW9uX2lkJwpwMTEKUydkOWQ3NzJjMWUyNDIw\\nODlkNDAwYjk5NzA4NTgzZWY4ZDliODk2YWNlJwpwMTIKc1MnZGVmYXVsdF9tdGFfdHJhbnNwb3J0\\nJwpwMTMKUydkb3ZlY290JwpwMTQKc1MnZmFpbGVkX3RpbWVzJwpwMTUKSTAKc1MnaXNfZ2xvYmFs\\nX2FkbWluJwpwMTYKSTAwCnNTJ3dlYm1hc3RlcicKcDE3ClMnd3d3QG9sZGdyaW5nby5teCcKcDE4\\nCnNTJ2VuYWJsZV9jbHVlYnJpbmdlcicKcDE5CkkwMQpzLg==\\n', 'd9d772c1e242089d400b99708583ef8d9b896ace')
[Mon May 04 13:11:59.790580 2015] [access_compat:error] [pid 22280] [client 192.168.1.19:57408] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:12:11.870765 2015] [access_compat:error] [pid 22279] [client 192.168.1.19:57410] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:19:54.471860 2015] [:error] [pid 22832] [client 192.168.1.19:57531] PHP Strict Standards:  Non-static method PEAR::setErrorHandling() should not be called statically in /usr/share/apache2/roundcubemail-0.7/program/include/iniset.php on line 131
[Mon May 04 13:33:33.818047 2015] [:error] [pid 23921] [client 192.168.1.19:57639] PHP Strict Standards:  Non-static method PEAR::setErrorHandling() should not be called statically in /usr/share/apache2/roundcubemail-0.7/program/include/iniset.php on line 131
[Mon May 04 13:33:39.388231 2015] [access_compat:error] [pid 23961] [client 192.168.1.19:57659] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:33:40.749513 2015] [access_compat:error] [pid 23961] [client 192.168.1.19:57659] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:46:53.715931 2015] [access_compat:error] [pid 23921] [client 192.168.1.19:57872] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:46:54.509537 2015] [access_compat:error] [pid 23921] [client 192.168.1.19:57872] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:46:55.049007 2015] [access_compat:error] [pid 23921] [client 192.168.1.19:57872] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:46:55.598841 2015] [access_compat:error] [pid 23921] [client 192.168.1.19:57872] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:49:27.804370 2015] [access_compat:error] [pid 25557] [client 192.168.1.19:57903] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:49:29.531676 2015] [access_compat:error] [pid 25557] [client 192.168.1.19:57903] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py
[Mon May 04 13:49:30.006519 2015] [access_compat:error] [pid 25557] [client 192.168.1.19:57903] AH01797: client denied by server configuration: /usr/share/apache2/iredadmin/iredadmin.py



--------------------------------------------------------------------------------
I need a create some email accounts but i can't enter to iredadmin
Anyone can tell me how can i create an email account manually..?


Viewing all articles
Browse latest Browse all 14148

Trending Articles