Article 12243 at 08/03/12 02:34:04 From: bluequartzlist (at mark) hotmail.com Subject: [coba-e:12243] Re: [testing] dovecot udpate

Index: [Article Count Order] [Thread]
Date:  Tue, 11 Mar 2008 13:34:04 -0400
From:  "Zeffie" <bluequartzlist (at mark) hotmail.com>
Subject:  [coba-e:12243] Re: [testing] dovecot udpate
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <BAY129-DAV123818537FFE857E7E51E9CA0F0 (at mark) phx.gbl>
References:  <327DE0A0-4C10-47A0-B6F7-71D79103911B (at mark) alpha.or.jp> <BAY129-DAV76CAC02DDE71D0BCF8FBECA0E0 (at mark) phx.gbl> <D0D0ED72-1F66-473E-A0EE-1D43EC435A28 (at mark) alpha.or.jp>
X-Mail-Count: 12243

>>   I have the following issues with this.
>> #1 This will not fix to the db crashing problem
>
> I'm not sure this package fixes or not,
> If you are right, what is the cause of db crashing issue?
> And, will you send us your patch to fix it?

The problem is in the way dovecot starts new child processes.  they double 
their amount until the limit set by this setting is reached..  which by 
default is unlimited.  When a dos attack and or a exchange server opens 
multiple auth sessions the db program can't keep up.  The solution is to 
limit the potential processess...  (The version update is just good pratice)

@@ -159,7 +159,7 @@
 # we check only once in a second if new processes should be created - if 
all
 # of them are used at the time, we double their amount until the limit set 
by
 # this setting is reached.
-#login_max_processes_count = 128
+login_max_processes_count = 12


>> #2 I don't like the change to the Release number format
>> @@ -1,13 +1,13 @@
>> Summary: Dovecot Secure imap server
>> Name: dovecot
>> -Version: 1.0
>> -Release: 1.0.BQ
>> +Version: 1.0.12
>> +Release: 0BQ01
>> License: LGPL
>
> What is your recommend numbering rule?

0BQ01 in not a number but instead a word and will not work well in a number 
based system..  This is the 1.0 release of the new version so it should stay 
the same.  The Release  number does not need to be changed and this change 
may cause problems since it is incorrectly formatted.

>
>> #3 I don't like the usage of perl in the spec file
>
> Hahaha... the post scripts exactly use some perl script.
> You mean, if the spec file use perl, we need to add require perl, right?
> Anyway, BlueQuartz uses perl by default, so it isn't big problem.
>

No it's just messy and I would consider it a bad hack job.  A patch should 
be made for these changes as calling perl 6 times durring an install could 
cause a crash that could cause yum to report an error and allow for a 
mis-configured and or broken dovecot.conf.  This would depend on the load, 
memory and overall health of the system.

By making a patch you guarentee the conf will be adjusted as desired.

(I made a patch)

>
>> #4 I posted my dovecot rpm and I have had 489 downloads from 175  unique 
>> ip's and the only problem found was if ssl is on then it was  shut off 
>> but not in the gui.  This update does not address that and  still include 
>> the changes to the dovecot.conf.
>
> Your package will probably fix db issue, but I don't know how to fix and
> it will fix correctly.
> But, all users has ssl problem who are enabled imaps and pops, in fact.
> I think we should release the package that doesn't break the function
> and doesn't conflict GUI settings and configurations.
> Because of BlueQuartz is the software for appliance.
> Hisao

the ssl problem would require a cce post script to to check the codb and 
adjust the dovecot.conf as needed...  I would have to pay my programmer to 
do this work and I'm not sure it would be a good investment for me.

I have made several other changes to the spec as well...
--- SPECS/dovecot.spec  2007-04-16 18:23:08.000000000 -0500
+++ SPECS/dovecot.spec.mine     2008-03-06 19:14:31.000000000 -0600
@@ -1,13 +1,15 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
-Version: 1.0
-Release: 1.0.BQ
+Version: 1.0.12
+Release: 1.0.Z1.centos4.Zeffie.com.BQ
 License: LGPL
 Group: System Environment/Daemons
+URL: http://www.dovecot.org/download.html

+%define _unpackaged_files_terminate_build 0
 %define build_postgres 0
 %define build_mysql 0
-%define upstream 1.0.0
+%define upstream %{version}

 Source: %{name}-%{upstream}.tar.gz
 Source1: dovecot.init
@@ -18,8 +20,8 @@
 Source6: perfect_maildir.pl
 Source7: dovecot-REDHAT-FAQ.txt
 Source100: dovecot-bluequartz.pam
+Patch: dovecot.patch

-URL: http://www.dovecot.org/
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: openssl-devel
 BuildRequires: openldap-devel
@@ -64,6 +66,7 @@
 %prep

 %setup -q -n %{name}-%{upstream}
+%patch0

 %build
 #rm -f ./configure
@@ -141,12 +144,8 @@
 fi

 %post
-/usr/bin/perl -pi -e "s|#auth_cache_size.*|auth_cache_size = 1024|;" 
/etc/dovecot.conf
-/usr/bin/perl -pi -e "s|#auth_cache_ttl.*|auth_cache_ttl = 3600|;" 
/etc/dovecot.conf
-/usr/bin/perl -pi -e "s|.*disable_plaintext_auth.*|disable_plaintext_auth = 
no|;" /etc/dovecot.conf
-/usr/bin/perl -pi -e "s|.*pop3_uidl_format.*|  pop3_uidl_format = 
%08Xu%08Xv|;" /etc/dovecot.conf
-/usr/bin/perl -pi -e "s|^#mail_location =|mail_location = 
mbox:~/mail/:INBOX=mbox|;" /etc/dovecot.conf
-/usr/bin/perl -pi -e 'if ( /^.*passdb pam/ ) {$change = 1;} if ($change && 
/#args/) {s/#args = dovecot/args = session=yes cache_key=%u%s dovecot/; 
$change = 0;}' /etc/dovecot.conf
+# reboot notice
+echo "Updates require you to reboot" | mail -s "REBOOT REQUIRED on 
`hostname`" root

 /sbin/chkconfig --add %{name}
 # create a ssl cert
@@ -172,10 +171,10 @@
 # Restart if it had been running before installation
 if [ -e %{restart_flag} ]; then
   rm %{restart_flag}
-  /sbin/service %{name} start >/dev/null 2>&1
+  /sbin/service %{name} restart >/dev/null 2>&1
 fi

-/sbin/service cced.init restart >/dev/null 2>&1
+# why???? /sbin/service cced.init restart >/dev/null 2>&1

 exit 0

@@ -201,8 +200,8 @@
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 
size mtime) %{ssldir}/private/dovecot.pem
 %dir %{_libexecdir}/%{name}
 %{_libexecdir}/%{name}/*
-%{_libdir}/%{name}/imap/*
-%{_libdir}/%{name}/lda/*
+# listed twice error %{_libdir}/%{name}/imap/*
+# listed twice error %{_libdir}/%{name}/lda/*
 %{_libdir}/%{name}/*
 %{_sbindir}/dovecot
 %{_sbindir}/dovecotpw
@@ -213,6 +212,30 @@


 %changelog
+* Thu Mar 6 2008 Jeff Ball <zeffie>
+- fix url location in spec
+- update to 1.0.12
+- change the upstream var to %{version}
+- specify centos4 in the filename
+
+* Thu Dec 13 2007 Jeff Ball <zeffie>
+- disable disable_plaintext_auth perl adjustment again....
+- it's just gone!
+
+* Fri Dec 7 2007 Jeff Ball <zeffie>
+- add the Microsoft Exchange Server fix
+
+* Sat Dec 1 2007 Jeff Ball <zeffie>
+- disable disable_plaintext_auth perl adjustment
+
+* Wed Nov 28 2007 Jeff Ball <zeffie>
+- rev to 1.0.8
+- review spec
+- define _unpackaged_files_terminate_build 0
+- don't list the lib twice
+- why is the lib packaged anyway....
+- this needs to go into a devel rpm
+
 * Mon Apr 16 2007 Brian Smith <brian> 1.0.BQ
 - 1.0 finally released!!  Changed cache TTL to 3600

you can find the SRPM here
http://www.bqforge.com/FREE/dovecot-1.0.12-1.0.Z1.centos4.Zeffie.com.BQ.src.rpm
if you would like to review my exact work...

there are additional changes that need to be done as well but since I'm not 
sure about my staying here today I'm not sure I will make them...

hope this helps


--
Zeffie...
http://www.zeffie.com/
Now I build it and You surf it!
Cobalt RaQ Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of RaQ Updates!
Cobalt Spam Filter, Security, Firewall, Anti Virus Products.
Yahoo: wwwZeffie ... Aim: wwZeffie ... Msn wwZeffie (at mark) hotmail.com ...
US 734-446-0350 734-454-9117 US Toll Free 800-231-4459 UK 0208-150-6860