We Keep Coding

Recursive lsearch in exim

I have the following router in my exim.conf:
my_redirect_router:
driver = redirect
data = ${lookup{$local_part#$domain}lsearch{/etc/exim/file}}
The /etc/exim/file used by lsearch has the following lines:
asdfqwerty#domain.com: asdf-qwerty#domain.com
asdf-qwerty#domain.com: abc#domain1.com,def#domain2.com,ghi#domain3.com
In the past, when an email is sent to asdfqwerty#domain.com, exim would be able to redirect to asdf-qwerty#domain.com, for which exim would then forward the email to the emails listed in the expansion. With the exim 4.89 that I have installed, this "recursive" lsearch expansion does not work anymore. When it receives mail for asdfqwerty#domain.com, it returns this error:
** asdf-qwerty#domain.com <asdfqwerty#domain.com>: Unknown user
I haven't changed my exim.conf file in 5+ years. What should I do to get this behavior again? Thanks!

Run a debug session using the -bt switch and see what it gives you:
exim -d -bt asdf-qwerty#domain.com
It should show you where the lookup is failing.

Stopping the agent: Reason = sig.kill in cloudstack kvm agent

I work with cloudstack4.9.2.0, have add a kvm host, the agent has started but it always crashed with log message:
[cloud.agent.Agent] (AgentShutdownThread:null) (logid:) Stopping the agent: Reason = sig.kill
and there is no more useful error message.
But when I use dmesg, I see these:
[18343.770338] libvirtd[5320]: segfault at 7fd34826c313 ip 00007fd34826c313 sp 00007fd343deacf0 error 14 in libnss_sss.so.2[7fd349a0f000+8000]
[18493.759889] libvirtd[10687]: segfault at 7f2d3ad17313 ip 00007f2d3ad17313 sp 00007f2d5016bcf0 error 14
[18642.749523] libvirtd[16073]: segfault at 7f098e654313 ip 00007f098e654313 sp 00007f09a4114cf0 error 14 in libnss_sss.so.2[7f098fdf7000+8000]
[18792.739096] libvirtd[21469]: segfault at 7f374ed17313 ip 00007f374ed17313 sp 00007f374e8dccf0 error 14
[18926.729704] libvirtd[26724]: segfault at 7fbaf62a9313 ip 00007fbaf62a9313 sp 00007fbaf5e6ecf0 error 14
does anyone know what is going on?

Looks like agent is being killed for some reason.
Can you check if Kvm host is able to access 8250 port of cloudstack server ?

Mod_security rules setup error

I am trying to implement the default setting provided by OWASP.
Link:https://www.modsecurity.org/CRS/Documentation/quickstart.html
When restarting apache I am getting eror
Syntax error on line 45 of
/etc/modsecurity/rules/REQUEST-910-IP-REPUTATION.conf: Internal Error:
Failed to add rule to the ruleset. Action 'configtest' failed. The
Apache error log may have more information. ...fail!
The code for the relevant section is
SecRule TX:DO_REPUT_BLOCK "#eq 1" \
"msg:'Request from Known Malicious Client (Based on previous traffic violations).',\
logdata:'Previous Block Reason: %{ip.reput_block_reason}',\
severity:'CRITICAL',\
id:910000,\
phase:request,\
block,\
t:none,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-reputation-ip',\
tag:'IP_REPUTATION/MALICIOUS_CLIENT',\
setvar:'tx.msg=%{rule.msg}',\
skipAfter:BEGIN_REQUEST_BLOCKING_EVAL,\
chain"
SecRule IP:REPUT_BLOCK_FLAG "#eq 1" \
"setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.%{rule.id}-AUTOMATION/MALICIOUS-%{matched_var_name}=%{matched_var}"
whereas line 45 in the error refers to chain"
I don't have any idea about the syntax of these rules.

You are maybe affected by the Apache bug 55910
Handling of line wrapping is broken if "\" is the last character before buffer resizing.
[...]
This issue is also affecting ModSecurity.
Upgrade to Apache 2.4.11 to solve the issue.

Pentaho not starting because it tries bind to port 9092 already used by itself

I'm trying to start Pentaho server on Debian Jessie.
Pentaho crap itself by showing the following error:
15:55:24,198 WARN [PentahoSolutionSpringApplicationContext] Exception encountered during context initialization - cancelling refresh attempt
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.h2.tools.Server' defined in file [/opt/pentaho-biplatform-ce-6.1.0.1-196/biserver-ce/pentaho-solutions/system/GettingStartedDB-spring.xml]: Invocation of init method failed; nested exception is org.h2.jdbc.JdbcSQLException: Exception opening port "H2 TCP Server (tcp://localhost:9092)" (port may be in use), cause: "timeout" [90061-131]
Error is very clear - port 9092 is used by something else. The problem is that it is actually used by Pentaho, so it's complaining about the port which is currently used by itself...
To test that I've changed the port to 9093 in the following file:
./pentaho-solutions/system/GettingStartedDB.properties
The only difference between exceptions now was that port, which was 9093 this time, so it's definitely complaining about the port it is using, very weird.
Full log can be found here: http://ix.io/1ydv
Ideas?

Try to add the following attribute to the CATALINA_OPTS options in the start_pentaho.sh file :
CATALINA_OPTS="... -Dh2.bindAddress=ip_of_your_machine"
It helped me to remove the Exception opening port "H2 TCP Server (tcp://localhost:9092)" (port may be in use) error.

adding as follows in CATALINA_OPTS options in the start_pentaho.sh file is solving this issue:
CATALINA_OPTS="... -Dh2.bindAddress=localhost"

The root cause of the problem is that your server's hostname does not points to 127.0.0.1
Just add(edit) this line into your /etc/hosts:
127.0.0.1 localhost YOUR_HOST_NAME

Redmine Apache Passenger error: Unexpected error in mod_passenger

Error message given by Apache:
[ pid=26810 thr=140719191291712 file=ext/apache2/Hooks.cpp:862 time=2014-01-27 10:57:06.221 ]:
Unexpected error in mod_passenger: Cannot connect to Unix socket
'/tmp/passenger.1.0.25998/generation-0/socket': Permission denied (13)
Backtrace: [Truncated...]
As a temporary fix, changing owner apache:apache of /tmp/passengerXXX solves the issue.
But when restart apache, this directory is owned by root and error.
Help me ##