Many webhosts, such as Mediatemple and ourselves, offer several versions of PHP. Both PHP4 and PHP5 are provided in our case. PHP4 is still the default, so you may get error messages or improper behavior when you run a script written for php5. The solution is simple, just create a .htaccess file in the root of your site (or in a subdirectory if you wish to run different versions on different parts of your site.) with the following line in it:
AddHandler php5-script .php
That will cause all .php files in the scope of the .htaccess to run with the PHP5 interpreter, instead of version 4.
For those having issues with newer releases of Zimbra and Godaddy and/or Starfield Tech SSL certificates, here’s what worked for us.
Likely you are getting a: “Your certificate was not installed due to the error : system failure: XXXXX ERROR: Unmatching certificate” error message. Zimbra is trying to tell you, in it’s own ineloquent way, that something is missing from the cert chain.
You’ll need three certificates,
Certificate: [domainname].crt (the one with your domainname in it that you downloaded)
Root CA: sf-class2-root.crt
Intermediate CA: sf_bundle.crt
You can get the sf-class2-root.crt root certificate and sf_bundle.crt from the Starfield Secure Certificate Services Repository here: https://certs.starfieldtech.com/Repository.go#root_der
Once they’re all downloaded plug all three of them into the install certificate screen as listed above.
The steps for renewed GoDaddy ssl certs should work in a similar way.
We will be upgrading our Zimbra infrastructure to 5.0.18 this weekend.
ZCS 5.0.18 contains many important enhancements and bug fixes, including:
- Critical security updates (Already patched in our setup as soon as the security update was published.)
- Outlook 2007 rules are now run automatically. If an Outlook rule and a Zimbra rule act on the same message, the Outlook rule will run first. Note that Outlook 2007 has a local rule called Clear Categories on Mail that is turned on by default. If this rule is enabled, it will clear categories on messages. This rule should be disabled. To disable, in Outlook, go to Tools->Rules and Alerts…, and uncheck Clear categories on mail.
- Out-of-office replies can now be set in Outlook This feature is accessed from Tools->Out of Office Assistant.
- Appointment reminder pop-ups now work as expected
The maintenance window is from 8pm to 10pm PDT Friday night, expected downtime is 30 minutes or less.
I got notified late this afternoon about a critical security vulnerability in zimbra. The email a bit short on details stating only:
This vulnerability allows unauthorized, remote access to files that are readable by the “zimbra user” account on the ZCS Mailbox Server (also known as mailbox service, or “mailboxd”).
All released versions (including the 6.0 betas) are affected. There is a link in the e-mail and also at support.zimbra.com.
Assuming you downloaded the patch to /tmp and are on Ubuntu and running ZCS 5.0.x (other linux ymmv), issue these three commands as root on each of your mailbox server.
#mkdir /opt/zimbra/save-07012009/ ; /etc/initd.d/zimbra stop
#mv /opt/zimbra/lib/jars/dom4j-1.5.jar ; /opt/zimbra/save-07012009/dom4j-1.5-lib.jar ; mv /opt/zimbra/jetty-6.1.5/common/lib/dom4j-1.5.jar /opt/zimbra/save-07012009/dom4j-1.5-common.jar ; cp /tmp/dom4j-1.5.jar /opt/zimbra/lib/jars/dom4j-1.5.jar ; cp /tmp/dom4j-1.5.jar /opt/zimbra/jetty-6.1.5/common/lib/dom4j-1.5.jar ; chown zimbra:zimbra /opt/zimbra/lib/jars/dom4j-1.5.jar ; chown zimbra:zimbra /opt/zimbra/jetty-6.1.5/common/lib/dom4j-1.5.jar
#/etc/init.d/zimbra start
Total downtime for us was less than 3 minutes per mailbox server.
There is no other information on the support pages and oddly enough no one in the forums seems to be talking about this either. I will update as I get more information.
When compiling daemontools (or any other djb programs) you may end up getting some kind of error regarding errno.h or ERRNO.
While there are patches out there for each program (djbdns, qmail, daemontools, etc), there is an even simpler way.
Look for a file called conf-cc in the source distribution, edit it with your favorite text editor and add -include /usr/include/errno.h to the end of the line.
You should end up with something like this:
gcc -O2 -include /usr/include/errno.h
I use ultravnc under Wine to provide remote help desk support to clients. (None of the Mac VNC clients I know of support proxy/repeater environments.)
Well the other day I went to support a user and all I got was gibberish from my keystrokes, after a bit of embarrassing “can you type XXXX and hit enter” type stuff, I disconnected and started trying to figure out if it was me or the end user. After a couple short tests on other remote computers, it became obvious there was something seriously wrong with my keymap. Just the XWindows one too, my keyboard worked fine outside of XWindows.
A couple google queries later and I had the answer.
Short Version
- Close XWindows
- Delete the directory at /usr/X11/share/X11/xkb
Done and done.
Welcome to our new blog. As part of the launch of the new web site along with many new services (including Zimbra which I’m really excited about, but we’ll get to that later) we’ve added a blog. While I been blogging for a bit over at my personal blog, I believe this is John’s first foray into the blogosphere. He’ll be joining us soon, with his own take on technology and entrepreneurship. In the meantime I’ll be blogging about various techie subjects and will be slowly moving over my more technical blog entries to this site.
Cheers
Kalani Sanders
Letushostu.com
I was trying to serve some pages and files off of a windows samba share but was only getting a blank page. After some googling around I found the solution.
Simply put “EnableSendfile Off” in your httpd.conf file and restart Apache.
I just finished setting up two GLPI servers and had the same issue on both. After much slogging though google with very little help, I found mention of ownership issues (not to be confused with permissions issues). The glpi folder and all files and subfolders must be owned by the user and group the web server is running as. (Typically “nobody”, “www-data”, or “apache”.) It doesn’t matter even if you set your permissions chmod 777, the ownership is what makes the difference.
Assuming your httpd’s user/group is www-data here’s what you need to do: (Bold is a command, regular is the output, highlights are added for emphasis.)
htdocs # ls -l
total 2
drwxrwxrwx 15 root root 4096 Nov 30 06:04 glpi
-rw-r–r– 1 root root 44 Nov 20 15:22 index.html
htdocs# chown -R www-data:www-data glpi
htdocs # ls -l
total 2
drwxrwxrwx 15 www-data www-data 4096 Nov 30 06:04 glpi
-rw-r–r– 1 root root 44 Nov 20 15:22 index.html
This is something very simple but was not immediately obvious to me. I am setting up a Zabbix server as part of my consulting work and have many servers behind firewalls that need to use active checks. (Connect from server behind firewall/nat to the zabbix server, rather than have the zabbix server connect out to the monitored agents.) When you create the host set the name and dns name to the server’s name you put into the zabbix_agentd.conf file on the server you want to do active checks on. It will show up as unknown availability but that is erroneous.
Also, you need to create items with active checks. I recommend cloning a template and copying the items and triggers over. Then do a Mass Update and set all the items to “Zabbix Agent (Active)”