Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - chiareu

Pages: [1]
1
After each reboot, the protection is temporary disabled.

Security - Hide all processes if not owned by the user [STATUS: ACTIVE PERMANENT]

after reboot

Security - Hide all processes if not owned by the user [STATUS: DISABLED TEMPORARY and ACTIVE PERMANENT]

so after a reboot, you should not forget to go and enable it, please make it permanent if it's set as permanent

2
Hi Adam, you are right in principle, even for cPanel & WHM to run on properly, SELinux must remain disabled.
SELinux it's useful to enforce the security of the server, and I was happy when I saw that CWP PRO has support for it.

From what I read around the forums, always errors had appeared between SELinux and Dovecot or Postfix.
Official SELinux support says that it's designed to work well with Dovecot but in custom configurations as on control panels there are always big chances to appear some errors.

Since it was included directly in the CWP PRO, it meant that it was also compatible rules in place to run without hassle.
But seems that after last updates, and SELinux updates too some issues appeared.

Unfortunately, I do not have the necessary knowledge to develop this set of rules, which is why I made this topic, maybe several heads will find a viable solution.

3
After last update, seems that Dovecot failed to initialize mail storage if SELINUX=enforcing & SELINUXTYPE=targeted

Code: [Select]
lda(email@domain.tld): Error: User initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/var/vmail/domain.tld/email) failed: Permission denied (euid=101(vmail) egid=12(mail) missing +w perm: /var/vmail, UNIX perms appear ok (ACL/MAC wrong?))
lda: Fatal: Invalid user settings. Refer to server log for more information.

If we put the SElinux on permissive mode, all work right, but to disable the SElinux it's not recommended.

The command "semanage permissive -a dovecot_t" it puts dovecot into a permissive mode and we can connect to mail server.
But that is not the right way to resolve the problem, it's just a temporary solution.

We need some custom rules for SELINUX to work with Dovecot.

Cheers

4
CWP it's a really nice and promising project, but the management and development team behind has a serious public relation and communication problems.
No offence guys, I understand that you are serious professionals and your energies are focused on the development of this great piece of software, but you should pay more attention to your community here.
The need for a communication strategy and a transparent changelogs it's a fact, you should change the attitude and become more people-oriented.
There is a great need for a community manager and a volunteer team to work closely with the dev team and support the forum topics and community concerns.
For sure a lot of people will involve if you open a real door here.

All the best guys.

ps. become personal, we are people and we like to know who we talk with. even if it's a nick name :)))

5
The command "semanage permissive -a dovecot_t" it puts dovecot into a permissive mode and we can connect to mail server.
But that is not the right way to resolve the problem, it's just a temporary solution.

Any good solution guys?

6
Seems that the issue it's SElinux related.
SELINUX=enforcing
SELINUXTYPE=targeted

If I put the SElinux on permissive mode, all work right.
But to disable the SElinux it's not recommended, so this is a bug in config.

Maybe some experienced admin can help us with a workaround for this situation.
Thank you

7
Hi guys, on relative new CWP config on Centos, I created an email address and I tried to configure Outlook to connect.
When I failed to connect, I tried to login on Roundcube who failed as well.

So I look in the dovecot log and found that error:

lda(email@domain.tld): Error: User initialization failed: Initializing mail storage from mail_location setting failed: mkdir(/var/vmail/domain.tld/email) failed: Permission denied (euid=101(vmail) egid=12(mail) missing +w perm: /var/vmail, UNIX perms appear ok (ACL/MAC wrong?))

lda: Fatal: Invalid user settings. Refer to server log for more information.

Any ideas what to do? I hate the mail server config :(((

8
CentOS 7 Problems / Re: Problem with memcached
« on: November 25, 2019, 02:27:53 PM »
First I use CWP Pro
1. In CWP go to ConfigServer Scripts > ConfigServer firewall > lfd - Login Failure Daemon
2. Select and edit csf.pignore - add this line
exe:/usr/bin/memcached

Attention /bin not /sbin

9
CentOS 7 Problems / Re: Ownership of public_html changed frequently
« on: October 26, 2019, 05:53:48 PM »
And no answer from the staff... of course, why do they bother to answer here when they want to sell support :(
starting to feel very disappointed that I take the pro version.

Pages: [1]