I’ve posted DMitry up on github, fork away!
Dovecot 2.2 + 2.3 with Solr 6, 7 and Solr 8
I found very little (if anything) out there with people trying to setup Solr 6 and Dovecot 2 so thought i’d post this up. Perhaps it will help someone else along the way.
What i’m running:-
- FreebSD 12
- Openjdk 8
- Dovecot 2 (installed from pkgs)
- Apache-solr 8 (downloaded direct from apache)
I’m not going to cover how to install and configure dovecot here but in short I installed it using “pkg install dovecot2” on FreeBSD and configured based on my needs in /usr/local/etc/dovecot/dovecot.conf along with the following entries to enable FTS and Solr
...
mail_plugins = $mail_plugins quota fts fts_solr
...
plugin {
fts_autoindex=yes
fts = solr
fts_solr = url=http://localhost:8983/solr/dovecot/
}
...
protocol imap {
mail_plugins = quota imap_quota fts fts_solr
}
protocol lmtp {
mail_plugins = quota fts fts_solr
}
...
The above assumes that you’re running solr on localhost of course.
Now, in Solr version 5+ you no longer need tomcat or jetty installed separately to run solr so forget reading any articles that advise you to install these unless you’re running solr version 4 or older. Reason being, solr now ships with a copy of jetty and all the startup scripts you need.
- All you need to install is OpenJDK 8 JRE and make sure that your java version output is at least version 1.8 as below
# java -version openjdk version "1.8.0_92" OpenJDK Runtime Environment (build 1.8.0_92-b14) OpenJDK 64-Bit Server VM (build 25.92-b14, mixed mode)
Version 1.7 (OpenJDK 7) will not work with solr and you will find that solr will not start
pkg install openjdk8-jre-8 (try pkg search openjdk8 - you need JRE)
This will prompt you to install numerous java packages and other bits and bobs.
- Download a copy of apache solr and extract to a suitable location. The below is using Solr 6 but I’ll come on to the differences you need between 6 and 8.
mkdir /opt cd /opt fetch http://www-eu.apache.org/dist/lucene/solr/6.1.0/solr-6.1.0.tgz tar -xvzf solr-6.1.0.tgz mv solr-6.1.0 solr
- Solr should now just start without issue by running the below
bin/solr start
once started it will drop to the background
- Now solr should be running you can create a brand new collection for dovecot
bin/solr create -c dovecot -n dovecot
- If all went well you’ll have a new collection made, so lets navigate to the configuration folder
cd /opt/solr/server/solr/dovecot/conf/
- Once there you’ll need to create a file named schema.xml and load it with the following schema.Dovecot 2.2:-
<?xml version="1.0" encoding="UTF-8" ?> <!-- For fts-solr: This is the Solr schema file, place it into solr/conf/schema.xml. You may want to modify the tokenizers and filters. --> <schema name="dovecot" version="1.5"> <types> <!-- IMAP has 32bit unsigned ints but java ints are signed, so use longs --> <fieldType name="string" class="solr.StrField" /> <fieldType name="long" class="solr.TrieLongField" /> <fieldType name="boolean" class="solr.BoolField" /> <fieldType name="text" class="solr.TextField" positionIncrementGap="100"> <analyzer type="index"> <tokenizer class="solr.StandardTokenizerFactory"/> <filter class="solr.StopFilterFactory" ignoreCase="true" words="lang/stopwords_en.txt"/> <filter class="solr.WordDelimiterFilterFactory" generateWordParts="1" generateNumberParts="1" catenateWords="1" catenateNumbers="1" catenateAll="0" splitOnCaseChange="1"/> <filter class="solr.LowerCaseFilterFactory"/> <filter class="solr.EnglishPossessiveFilterFactory"/> <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/> <filter class="solr.EnglishMinimalStemFilterFactory"/> </analyzer> <analyzer type="query"> <tokenizer class="solr.StandardTokenizerFactory"/> <filter class="solr.SynonymFilterFactory" synonyms="synonyms.txt" ignoreCase="true" expand="true"/> <filter class="solr.StopFilterFactory" ignoreCase="true" words="lang/stopwords_en.txt"/> <filter class="solr.WordDelimiterFilterFactory" generateWordParts="1" generateNumberParts="1" catenateWords="0" catenateNumbers="0" catenateAll="0" splitOnCaseChange="1"/> <filter class="solr.LowerCaseFilterFactory"/> <filter class="solr.EnglishPossessiveFilterFactory"/> <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/> <filter class="solr.EnglishMinimalStemFilterFactory"/> </analyzer> </fieldType> </types> <fields> <field name="id" type="string" indexed="true" stored="true" required="true" /> <field name="uid" type="long" indexed="true" stored="true" required="true" /> <field name="box" type="string" indexed="true" stored="true" required="true" /> <field name="user" type="string" indexed="true" stored="true" required="true" /> <field name="hdr" type="text" indexed="true" stored="false" /> <field name="body" type="text" indexed="true" stored="false" /> <field name="from" type="text" indexed="true" stored="false" /> <field name="to" type="text" indexed="true" stored="false" /> <field name="cc" type="text" indexed="true" stored="false" /> <field name="bcc" type="text" indexed="true" stored="false" /> <field name="subject" type="text" indexed="true" stored="false" /> <!-- Used by Solr internally: --> <field name="_version_" type="long" indexed="true" stored="true"/> </fields> <uniqueKey>id</uniqueKey> </schema>
Dovecot 2.3:-
<?xml version="1.0" encoding="UTF-8"?> <schema name="dovecot" version="2.0"> <fieldType name="string" class="solr.StrField" omitNorms="true" sortMissingLast="true"/> <fieldType name="long" class="solr.LongPointField" positionIncrementGap="0"/> <fieldType name="boolean" class="solr.BoolField" sortMissingLast="true"/> <fieldType name="text" class="solr.TextField" autoGeneratePhraseQueries="true" positionIncrementGap="100"> <analyzer type="index"> <tokenizer class="solr.StandardTokenizerFactory"/> <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/> <filter class="solr.WordDelimiterGraphFilterFactory" catenateNumbers="1" generateNumberParts="1" splitOnCaseChange="1" generateWordParts="1" splitOnNumerics="1" catenateAll="1" catenateWords="1"/> <filter class="solr.FlattenGraphFilterFactory"/> <filter class="solr.LowerCaseFilterFactory"/> <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/> <filter class="solr.PorterStemFilterFactory"/> </analyzer> <analyzer type="query"> <tokenizer class="solr.StandardTokenizerFactory"/> <filter class="solr.SynonymGraphFilterFactory" expand="true" ignoreCase="true" synonyms="synonyms.txt"/> <filter class="solr.FlattenGraphFilterFactory"/> <filter class="solr.StopFilterFactory" words="stopwords.txt" ignoreCase="true"/> <filter class="solr.WordDelimiterGraphFilterFactory" catenateNumbers="1" generateNumberParts="1" splitOnCaseChange="1" generateWordParts="1" splitOnNumerics="1" catenateAll="1" catenateWords="1"/> <filter class="solr.LowerCaseFilterFactory"/> <filter class="solr.KeywordMarkerFilterFactory" protected="protwords.txt"/> <filter class="solr.PorterStemFilterFactory"/> </analyzer> </fieldType> <field name="id" type="string" indexed="true" required="true" stored="true"/> <field name="uid" type="long" indexed="true" required="true" stored="true"/> <field name="box" type="string" indexed="true" required="true" stored="true"/> <field name="user" type="string" indexed="true" required="true" stored="true"/> <field name="hdr" type="text" indexed="true" stored="false"/> <field name="body" type="text" indexed="true" stored="false"/> <field name="from" type="text" indexed="true" stored="false"/> <field name="to" type="text" indexed="true" stored="false"/> <field name="cc" type="text" indexed="true" stored="false"/> <field name="bcc" type="text" indexed="true" stored="false"/> <field name="subject" type="text" indexed="true" stored="false"/> <!-- Used by Solr internally: --> <field name="_version_" type="long" indexed="true" stored="true"/> <uniqueKey>id</uniqueKey> </schema> - Now you need to delete the managed schema file that comes with solr 5+ as we will not be using a managed schema
rm managed-schema
- Next, open up the below file in a text editor, i.e.
vi solrconfig.xml
For Solr 5 and 6 completely remove this section
<processor class="solr.AddSchemaFieldsUpdateProcessorFactory"> <str name="defaultFieldType">strings</str> <lst name="typeMapping"> <str name="valueClass">java.lang.Boolean</str> <str name="fieldType">booleans</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.util.Date</str> <str name="fieldType">tdates</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.lang.Long</str> <str name="valueClass">java.lang.Integer</str> <str name="fieldType">tlongs</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.lang.Number</str> <str name="fieldType">tdoubles</str> </lst> </processor>
For solr 8 you need to do the following:-
1. Remove the element add-schema-fields from <updateRequestProcessorChain’s processor attribute.
2. Completely remove the below section
<updateProcessor class="solr.AddSchemaFieldsUpdateProcessorFactory" name="add-schema-fields"> <lst name="typeMapping"> <str name="valueClass">java.lang.String</str> <str name="fieldType">text_general</str> <lst name="copyField"> <str name="dest">*_str</str> <int name="maxChars">256</int> </lst> <!-- Use as default mapping instead of defaultFieldType --> <bool name="default">true</bool> </lst> <lst name="typeMapping"> <str name="valueClass">java.lang.Boolean</str> <str name="fieldType">booleans</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.util.Date</str> <str name="fieldType">pdates</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.lang.Long</str> <str name="valueClass">java.lang.Integer</str> <str name="fieldType">plongs</str> </lst> <lst name="typeMapping"> <str name="valueClass">java.lang.Number</str> <str name="fieldType">pdoubles</str> </lst> </updateProcessor>
Now for all versions, in the same file find the line that reads the below
See http://wiki.apache.org/solr/GuessingFieldTypes-->
and add in the following just below it
<schemaFactory class="ClassicIndexSchemaFactory"> </schemaFactory>
- With a bit of luck that’s everything you need to do so go ahead and restart solr by issuing /opt/solr/bin/solr restart and head straight to the logs file and you should hopefully see the following.
tail -f /opt/solr/server/logs/solr.log ...... 2016-08-15 14:40:37.515 INFO (coreLoadExecutor-6-thread-1) [ x:dovecot] o.a.s.c.CoreContainer registering core: dovecot
If you see any errors about failing to register field types, double check over the steps above and make sure you didn’t miss anything or something managed to creep back in
- finally open up another terminal and tail the solr log file as above whilst running the following command in dovecot and you should have all your emails indexed into solr 🙂
doveadm index -A inbox
Good luck!
Forward as attachment in OWA (Outlook Web Access)
This was kindly posted online by R.West at the url below:-
You can only “forward as an attachment” in Outlook Web Access if you have installed the S/MIME control.
In OWA, goto OPTIONS and then EMAIL SECURITY.
Click the link to install the S/MIME attachment.
After that, you can create a NEW message, and drag/drop an existing message from your inbox into the new message. It will appear as an attachment, not a link.
*Note:- when I did this the email never showed as an attachment in the new message window but it was there and did work.
https://social.technet.microsoft.com/Forums/exchange/en-US/70dae318-d615-4f0a-96ab-df25c1575238/owa-forward-as-attachment
Find out all recent Windows logins and screen unlocks
If you need to output a list of all local PC unlocks and logins you can use the below steps. This will only display ‘unlocks’ and ‘logins’ for a locally cached domain user.
The below will show you all 'local' (not remote) logins and unlocks:- 1. Open Event viewer 2. Navigate to Windows Logs > Security 3. Click Filter Current Log 4. Select XML Tab 5. Tick Edit Query 6. Replace the entire query with the below:- <QueryList> <Query Id="0" Path="Security"> <Select Path="Security"> *[System[(EventID='4624')] and EventData[Data[@Name='LogonType'] and (Data='7' or Data='11')] and EventData[Data[@Name='ProcessName']='C:\Windows\System32\winlogon.exe'] ] </Select> </Query> </QueryList>
You can get a list of login types from here:- https://technet.microsoft.com/en-us/library/cc787567%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
Plesk 12 + CentOS 6 + Mod_security not working or blocking?
So, you need to enable the ‘Web Application Firewall’ (aka Mod_security) on Plesk 12 and CentOS 6?
I personally had quite a few problems getting this working in the beginning. When I finally got Mod_security installed via plesk and turned on I found that it wasn’t actually blocking anything. One way to test whether Mod_security is working or not is to navigate to http://www.domain.tld/etc/passwd . If you instantly get a 403 Forbidden chances are it’s working fine, if not and you are running Plesk 12 and CentOS 6.X, try the below.
First, find out what RPM packages you have installed (ignore the yum plugin listed). In some cases I had an old 2.7.3 mod_security listed which is no good.
[root@server yum]# rpm --query --all | grep security plesk-modsecurity-configurator-12.0.18-cos6.build1200140724.12.noarch yum-plugin-security-1.1.30-30.el6.noarch plesk-modsecurity-crs-12.0.14-14033112.x86_64 mod_security-2.8.0-24.el6.art.x86_64
Next, remove those packages (excluding the yum one listed).
[root@server yum]# rpm --erase plesk-modsecurity-configurator-12.0.18-cos6.build1200140724.12.noarch plesk-modsecurity-crs-12.0.14-14033112.x86_64 mod_security-2.8.0-24.el6.art.x86_64
Now, manually download the right RPM’s from plesk directly and install them.
[root@server temp]# wget http://autoinstall.plesk.com/PSA_12.0.18/dist-rpm-RedHat-el6-x86_64/opt/hosting/modsecurity/mod_security-2.8.0-14061715.x86_64.rpm [root@server temp]# wget http://autoinstall.plesk.com/PSA_12.0.18/dist-rpm-RedHat-el6-x86_64/opt/hosting/modsecurity/plesk-modsecurity-configurator-12.0.18-rhel6.build1200140724.12.noarch.rpm [root@server temp]# wget http://autoinstall.plesk.com/PSA_12.0.18/dist-rpm-RedHat-el6-x86_64/opt/hosting/modsecurity/plesk-modsecurity-crs-12.0.14-14033111.x86_64.rpm [root@web18 temp]# rpm -i mod_security-2.8.0-14061715.x86_64.rpm plesk-modsecurity-configurator-12.0.18-rhel6.build1200140724.12.noarch.rpm plesk-modsecurity-crs-12.0.14-14033111.x86_64.rpm
If all installed ok, head to plesk and turn ‘ON’ the Web Application Firewall under Tools & settings. If you already had it on, try turning it off and on again 😉
Hope this helps!
Stuttering and Jerky YouTube playback in Chrome
For quite sometime on any of my PC’s I would get jerky/stuttery playback on youtube videos in Chrome but perfect playback in Internet Explorer. So, what’s going on? Well if it’s anything like mine your chrome has likely got more than one Adobe / Shockwave flash plugin installed. Here’s how to resolve it:-
1. Open up Chrome and head enter ‘chrome://plugins’ in your address bar.
2. Clicked on the ‘+’ located at the top right of the screen next to ‘Details. This will expand the details of all the plugins you’ve got.
3. Use CTRL+F if you need it to locate ‘Flash’ in the list.
4. Once you’ve found the Adobe Flash plugins check how many files are listed under the plugin and disable ALL of them except for the one similar to below:-
Name: Shockwave Flash Description: Shockwave Flash 16.0 r0 Version: 16,0,0,305 Location: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll Type: NPAPI Disable MIME types: MIME type Description File extensions application/x-shockwave-flash Adobe Flash movie .swf application/futuresplash FutureSplash movie .spl
5. Next, tick the ‘Always Allowed’ tickbox and completely close chrome. With mine I ran taskkill /F /IM chrome.exe from a command prompt to completely kill it.
6. Now, head to youtube and hopefully your problems are solved 🙂
Hope this helps someone else.
James
Issues installing grub to a new drive
If you see the following similar issue when installing grub on a replacement drive
root@server:~# grub-install /dev/sdc /usr/sbin/grub-probe: error: no such disk. Auto-detection of a filesystem of /dev/md0 failed. Please report this together with the output of "/usr/sbin/grub-probe --device-map=/boot/grub/device.map --target=fs -v /boot/grub" to <bug-grub@gnu.org>
Run the following
1. mv /boot/grub/device.map /boot/grub/device.map.old 2. grub-mkdevicemap 3. update-grub2 4. grub-install /dev/sdX (run for both drives)
Cisco 6500 Line card throughput
So, I decided to start looking into what cards we had in production setups and investigate what sort of throughput we should be expecting on the line cards that we use within the Cisco 6500 and 7600 chassis’ that we run.
First off, the following is a general list of the card models that we tend to run in production along with a few other SFP modules that I won’t include here:
WS-X6148A-GE-TX WS-X6548-GE-TX WS-X6748-GE-TX
All the cards listed are 48 port line cards for the Cisco 6500/7600 series chassis’, however, there’s some big differences between the cards that you may not be aware of.
Chassis connection types
The backplane on the chassis allows all the cards to talk to one another and to talk to the supervisor engine. There’s a good article on wikipedia about this here
Classic :- 32Gb/s Shared Bus Half-Duplex CEF256 :- 8Gb/s Full Duplex dedicated 'fabric' connection + shared bus connection CEF720 :- 2x 20Gb/s Full Duplex dedicated 'fabric' connections + shared bus connection
There are also distributed versions that I won’t cover here.
Back to the cards
Going back to the cards themselves. Cisco don’t make it too easy in my opinion to find the details on the line cards throughput features, particularly from the product pages on the line cards themselves. So after a bit of research, below is a brief summary of the features of some of the cards that I’ve found:-
6148A * 'classic' line cards and aren't fabric enabled * 6 ASICs per card * 8 ports per ASIC * 1Gb/s per ASIC * 32GB/s Half-Duplex connection to backplane 6548 * 256 Fabric Enabled line cards * 6 ASICs per card * 8 ports per ASIC * 1Gb/s per ASIC * Dedicated full duplex 8Gb/s link between other cards 6748 * 720 Fabric Enabled line cards * 4 ASICs per card * 12 ports per ASIC (ports 1-12, 13-24, 25-36. 37-48) * Each ASIC can do 10Gb/s * Dedicated full duplex (40Gb/s) 2x 20GB/s links between other cards
The WS-X6148A-GE-TX line card and WS-X6548-GE-TX line card are pretty much the same card and are just as oversubscribed as one another, though, the WS-X6148A-GE-TX does have larger port buffers and the ability to set a higher MTU, this aside the WS-X6548-GE-TX benefits from having a dedicated Full-Duplex link to the backplane allowing it to shift the data quicker.
Conclusion
After the research I have done if you have fairly low bandwidth customers WS-X6548-GE-TX (cef256) line cards will be fine. However, if you’re providing pseudo wires, mpls etc and dealing with higher bandwidth customers cef720 cards such as the WS-X6748-GE-TX cards are more suitable.
One final useful command, if you want to see whether your cards are connected to the crossbar (Fabric) backplane or the classic bus, try this:-
core# show fabric switching-mode
Global switching mode is Compact
dCEF mode is not enforced for system to operate
Fabric module is not required for system to operate
Modules are allowed to operate in bus mode
Truncated mode is allowed, due to presence of CEF720 module
Module Slot Switching Mode
1 Crossbar
2 Crossbar
3 Crossbar
4 Crossbar
5 dCEF
7 Crossbar
One final quote from Cisco
“Connectivity Problem or Packet Loss with WS-X6548-GE-TX and WS-X6148-GE-TX Modules used in a Server Farm
When you use either the WS-X6548-GE-TX or WS-X6148-GE-TX modules, there is a possibility that individual port utilization can lead to connectivity problems or packet loss on the surrounding interfaces. Especially when you use EtherChannel and Remote Switched Port Analyzer (RSPAN) in these line cards, you can potentially see the slow response due to packet loss. These line cards are oversubscription cards that are designed to extend gigabit to the desktop and might not be ideal for server farm connectivity. On these modules there is a single 1-Gigabit Ethernet uplink from the port ASIC that supports eight ports. These cards share a 1 Mb buffer between a group of ports (1-8, 9-16, 17-24, 25-32, 33-40, and 41-48) since each block of eight ports is 8:1 oversubscribed.”
Any feedback, corrections, suggestions etc more than welcome.
References:-
Understanding Quality of Service on the Catalyst 6500 Switch
Release Notes for Cisco IOS 12.2SX
Release Notes for Cisco IOS 15.0SY
Cisco 6500 Architecture white paper
Decrypt Plesk 11 passwords
We had a need to decrypt plesk passwords upon request to interface with another system so after a bit of playing about the following code is what we landed at:-
<?php
$key = file_get_contents("/etc/psa/private/secret_key");
$hash = explode('
Just pass the AES string in its entirety from the psa database.
Hope this helps people :)
James
, '$AES-128-CBC$some-example-string==$some-example-salt==');
$iv = base64_decode($hash[2]);
$ct = base64_decode($hash[3]);
$dec = str_replace("\0", "", mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ct , MCRYPT_MODE_CBC, $iv));
echo($dec);
?>
Just pass the AES string in its entirety from the psa database.
Hope this helps people 🙂
James
Building Dbmail 3.1 (3.1.9) on FreeBSD
Working on a server running DBMail 3.0 and found there was a memory leak with IMAPD at least stating ‘Too Many Open Files’ every now and then. Upgrading to 3.1.9 wasn’t as straight forward as I had hoped as libevent2 is now required rather than version 1 so the following were the steps I found that worked for me on FreebSD:-
First remove the old libevent version
cd /usr/ports/devel/libevent make deinstall
Next, install the new version
cd /usr/ports/devel/libevent2 make install
Finally I then had to patch dbmail to include some libevent2 files
edit src/dbmail.h.in at #ifdef HAVE_ENDIAN_H #include #endif add +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <event2/keyvalq_struct.h> +#include <event2/event_compat.h> +#include <event2/buffer_compat.h> + +
Finally you can then cd the the extracted tar ball of dbmail 3.1 and run the following
env CPPFLAGS="-I /usr/local/include -I /usr/local/include/event2 -I /usr/local/include/event2/compat -I /usr/local/include/zdb -L/usr/local/lib/event2" LDFLAGS="-L/usr/local/lib/event2" ./configure --with-sieve=/usr/local --sysconfdir=/etc
gmake gmake install
Hope this helps!
James