search

msimerson / Mail-Toaster-6

Mail Toaster 6
https://github.com/msimerson/Mail-Toaster-6/wiki
BSD 3-Clause "New" or "Revised" License
47 stars 16 forks source link

Please show what is causing haraka to fail #91

Closed toastedmail closed 8 years ago

toastedmail commented 8 years ago

Run initial commands and provision haraka

sudo sh

fetch https://raw.githubusercontent.com/msimerson/Mail-Toaster-6/master/mail-toaster.sh

mail-toaster.sh 100% of 18 kB 6460 kBps 00m00s

sh mail-toaster.sh

loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage

. mail-toaster.sh && provision host

loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage provision-host.sh 100% of 8412 B 12 MBps 00m00s loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage

updating FreeBSD with security patches

Looking up update.FreeBSD.org mirrors... 4 mirrors found. Fetching metadata signature for 10.3-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done.

No updates needed to update system to 10.3-RELEASE-p11. No updates are available to install. Run '/usr/sbin/freebsd-update fetch' first.

updating FreeBSD pkg collection

Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date.

updating FreeBSD ports tree

Looking up portsnap.FreeBSD.org mirrors... 6 mirrors found. Fetching snapshot tag from your-org.portsnap.freebsd.org... done. Fetching snapshot metadata... done. Updating from Mon Oct 31 16:44:05 EDT 2016 to Mon Oct 31 19:26:20 EDT 2016. Fetching 5 metadata patches... done. Applying metadata patches... done. Fetching 0 metadata files... done. Fetching 10 patches. (10/10) 100.00% done.
done. Applying patches... done. Fetching 0 new ports or files... done. Removing old files and directories... done. Extracting new files: /usr/ports/Mk/Scripts/ /usr/ports/Mk/bsd.port.mk /usr/ports/audio/lv2/ /usr/ports/benchmarks/iperf3/ /usr/ports/graphics/vips/ /usr/ports/math/dynare/ /usr/ports/math/matio/ /usr/ports/math/scilab/ /usr/ports/net-p2p/sonarr/ /usr/ports/security/gnupg1/ Building new INDEX files... done.

enabling NTPd

ntpd_enable: YES -> YES ntpd_sync_on_start: YES -> YES Stopping ntpd. Waiting for PIDS: 89787, 89787. Starting ntpd. sendmail_enable="NO" preserving sendmail flags ListenAddress 104.193.49.47 ListenAddress 192.168.1.95 preserving /etc/ssh/sshd_config ListenAddress

disabling syslog network listener

syslogd_flags: -b 172.16.15.1 -a 172.16.15.0/12:* -cc -> -ss Stopping syslogd. Waiting for PIDS: 89964. Starting syslogd.

checking for host listeners on all IPs

preserving pf.conf settings

TLS certificates already exist

jail_enable: YES -> YES rc.d/jail is already patched jail_list="dns mysql vpopmail dovecot webmail haproxy clamav avg redis rspamd geoip spamassassin haraka monitor" preserving existing jail order

installing jailmanage

Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The most recent version of packages are already installed /usr/local/sbin/jailmanage 100% of 7614 B 11 MBps 00m00s cloned_interfaces="lo1" ifconfig_lo1="172.16.15.1 netmask 255.255.255.0" syslogd_flags="-ss" NOTICE: changing syslogd flags

configuring syslog to accept messages from jails

syslogd_flags: -ss -> -b 172.16.15.1 -a 172.16.15.0/12:* -cc Stopping syslogd. Waiting for PIDS: 96040. Starting syslogd.

removing /etc/hosts toaster additions

adding /etc/hosts entries

172.16.15.1 syslog 172.16.15.2 base 172.16.15.254 stage 172.16.15.3 dns 172.16.15.4 mysql 172.16.15.8 vpopmail 172.16.15.15 dovecot 172.16.15.10 webmail 172.16.15.12 haproxy 172.16.15.5 clamav 172.16.15.14 avg 172.16.15.16 redis 172.16.15.13 rspamd 172.16.15.17 geoip 172.16.15.6 spamassassin 172.16.15.9 haraka 172.16.15.11 monitor 172.16.15.22 minecraft 172.16.15.23 joomla 172.16.15.24 php7 172.16.15.25 memcached 172.16.15.26 sphinxsearch 172.16.15.27 elasticsearch

Success! Your host is ready to install Mail Toaster 6!

provision base

172.16.15.2 provision-base.sh 100% of 7339 B 11 MBps 00m00s loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage zroot/jails/base-10.3-RELEASE@p11 snapshot exists

provision base

172.16.15.2 provision-base.sh 100% of 7339 B 11 MBps 00m00s loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage zroot/jails/base-10.3-RELEASE@p11 snapshot exists # provision haraka 172.16.15.9 provision-haraka.sh 100% of 14 kB 30 MBps 00m00s loading config from mail-toaster.conf mysql enabled toaster host: mxbt1.barontel.com email domain: barontel.com shell: /bin/csh safe name: stage zroot/jails/base-10.3-RELEASE@p11 snapshot exists zroot/data/redis filesystem exists

stage cleanup

service jail stop stage Stopping jails:. jail -r stage zroot/data/haraka filesystem exists zroot/data/geoip filesystem exists

stage jail filesystem setup

zfs clone zroot/jails/base-10.3-RELEASE@p11 zroot/jails/stage sysrc -R /jails/stage hostname=haraka hostname: base -> haraka

creating data volume

zroot/data/haraka filesystem exists zroot/data/haraka filesystem exists mkdir -p /jails/stage/data mount_nullfs /data/haraka /jails/stage/data mount /jails/stage/usr/ports mount /jails/stage/var/cache/pkg

devfs BPF ruleset already present

stage jail haraka startup

Setting hostname: haraka. Starting syslogd. ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib 32-bit compatibility ldconfig path: /usr/lib32 Clearing /tmp (X related). Starting cron.

Mon Oct 31 19:50:58 EDT 2016 zroot/data/geoip filesystem exists mkdir -p /jails/stage/usr/local/share/GeoIP mount_nullfs /data/geoip /jails/stage/usr/local/share/GeoIP Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date.

installing node & npm

pkg -j stage install -y node npm gmake Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The following 10 package(s) will be affected (of 0 checked):

New packages to be INSTALLED: node: 6.7.0 npm: 3.9.2 gmake: 4.2.1_1 c-ares: 1.12.0 openssl: 1.0.2j,1 icu: 57.1,1 libuv: 1.9.1 python27: 2.7.12 libffi: 3.2.1 python2: 2_3

Number of packages to be installed: 10

The process will require 150 MiB more space. [haraka] [1/10] Installing libffi-3.2.1... [haraka] [1/10] Extracting libffi-3.2.1: 100% [haraka] [2/10] Installing c-ares-1.12.0... [haraka] [2/10] Extracting c-ares-1.12.0: 100% [haraka] [3/10] Installing openssl-1.0.2j,1... [haraka] [3/10] Extracting openssl-1.0.2j,1: 100% ldconfig: warning: ldconfig: No such file or directory [haraka] [4/10] Installing icu-57.1,1... [haraka] [4/10] Extracting icu-57.1,1: 100% [haraka] [5/10] Installing libuv-1.9.1... [haraka] [5/10] Extracting libuv-1.9.1: 100% [haraka] [6/10] Installing python27-2.7.12... [haraka] [6/10] Extracting python27-2.7.12: 100% [haraka] [7/10] Installing node-6.7.0... [haraka] [7/10] Extracting node-6.7.0: 100% [haraka] [8/10] Installing gmake-4.2.1_1... [haraka] [8/10] Extracting gmake-4.2.1_1: 100% [haraka] [9/10] Installing python2-2_3... [haraka] [9/10] Extracting python2-2_3: 100% [haraka] [10/10] Installing npm-3.9.2... [haraka] [10/10] Extracting npm-3.9.2: 100% Message from openssl-1.0.2j,1: Copy /usr/local/openssl/openssl.cnf.sample to /usr/local/openssl/openssl.cnf and edit it to fit your needs. Message from python27-2.7.12:

Note that some standard Python modules are provided as separate ports as they require additional dependencies. They are available as:

bsddb databases/py-bsddb gdbm databases/py-gdbm sqlite3 databases/py-sqlite3 tkinter x11-toolkits/py-tkinter

=========================================================================== Message from node-6.7.0: Note: If you need npm (Node Package Manager), please install www/npm.

installing Haraka

jexec stage pkg install -y git Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The following 16 package(s) will be affected (of 0 checked):

New packages to be INSTALLED: git: 2.9.2_2 expat: 2.2.0 p5-Error: 0.17024 perl5: 5.20.3_15 cvsps: 2.1_2 pcre: 8.39 p5-Authen-SASL: 2.16_1 p5-Digest-HMAC: 1.03_1 p5-GSSAPI: 0.28_1 curl: 7.50.3 p5-Net-SMTP-SSL: 1.03 p5-IO-Socket-SSL: 2.038 p5-Net-SSLeay: 1.78 p5-IO-Socket-IP: 0.37_1 p5-Socket: 2.021 p5-Mozilla-CA: 20160104

Number of packages to be installed: 16

The process will require 84 MiB more space. [haraka] [1/16] Installing perl5-5.20.3_15... [haraka] [1/16] Extracting perl5-5.20.3_15: 100% [haraka] [2/16] Installing p5-Net-SSLeay-1.78... [haraka] [2/16] Extracting p5-Net-SSLeay-1.78: 100% [haraka] [3/16] Installing p5-IO-Socket-IP-0.37_1... [haraka] [3/16] Extracting p5-IO-Socket-IP-0.37_1: 100% [haraka] [4/16] Installing p5-Socket-2.021... [haraka] [4/16] Extracting p5-Socket-2.021: 100% [haraka] [5/16] Installing p5-Mozilla-CA-20160104... [haraka] [5/16] Extracting p5-Mozilla-CA-20160104: 100% [haraka] [6/16] Installing p5-Digest-HMAC-1.03_1... [haraka] [6/16] Extracting p5-Digest-HMAC-1.03_1: 100% [haraka] [7/16] Installing p5-GSSAPI-0.28_1... [haraka] [7/16] Extracting p5-GSSAPI-0.28_1: 100% [haraka] [8/16] Installing p5-IO-Socket-SSL-2.038... [haraka] [8/16] Extracting p5-IO-Socket-SSL-2.038: 100% [haraka] [9/16] Installing expat-2.2.0... [haraka] [9/16] Extracting expat-2.2.0: 100% [haraka] [10/16] Installing p5-Error-0.17024... [haraka] [10/16] Extracting p5-Error-0.17024: 100% [haraka] [11/16] Installing cvsps-2.1_2... [haraka] [11/16] Extracting cvsps-2.1_2: 100% [haraka] [12/16] Installing pcre-8.39... [haraka] [12/16] Extracting pcre-8.39: 100% [haraka] [13/16] Installing p5-Authen-SASL-2.16_1... [haraka] [13/16] Extracting p5-Authen-SASL-2.16_1: 100% [haraka] [14/16] Installing curl-7.50.3... [haraka] [14/16] Extracting curl-7.50.3: 100% [haraka] [15/16] Installing p5-Net-SMTP-SSL-1.03... [haraka] [15/16] Extracting p5-Net-SMTP-SSL-1.03: 100% [haraka] [16/16] Installing git-2.9.2_2... ===> Creating groups. Creating group 'git_daemon' with gid '964'. ===> Creating users Creating user 'git_daemon' with uid '964'. [haraka] [16/16] Extracting git-2.9.2_2: 100% Message from perl5-5.20.3_15: The /usr/bin/perl symlink has been removed starting with Perl 5.20. For shebangs, you should either use:

!/usr/local/bin/perl

or

!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl, the second will work as long as perl is in PATH. Message from cvsps-2.1_2: ===> NOTICE:

The cvsps port currently does not have a maintainer. As a result, it is more likely to have unresolved issues, not be up-to-date, or even be removed in the future. To volunteer to maintain this port, please create an issue at:

https://bugs.freebsd.org/bugzilla

More information about port maintainership is available at:

https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port Message from git-2.9.2_2:

* GITWEB *** If you installed the GITWEB option please follow these instructions:

In the directory /usr/local/share/examples/git/gitweb you can find all files to make gitweb work as a public repository on the web.

All you have to do to make gitweb work is: 1) Copy the files /usr/local/share/examples/git/gitweb/ to a directory on your web server (e.g. Apache2) in which you are able to execute CGI-scripts. 2) In gitweb.cgi, adjust the variable $projectroot to point to your git repository (that is where you have your .git project directories). * GITWEB ***

* CONTRIB **** If you installed the CONTRIB option please note that the scripts are installed in /usr/local/share/git-core/contrib. Some of them require other ports to be installed (perl, python, etc), which you may need to install manually. * CONTRIB ****

jexec stage npm install -g strongloop/modern-syslog Haraka ws express /usr/local/bin/haraka -> /usr/local/lib/node_modules/Haraka/bin/haraka /usr/local/bin/spf -> /usr/local/lib/node_modules/Haraka/bin/spf /usr/local/bin/dkimverify -> /usr/local/lib/node_modules/Haraka/bin/dkimverify /usr/local/bin/haraka_grep -> /usr/local/lib/node_modules/Haraka/bin/haraka_grep

iconv@2.2.1 install /usr/local/lib/node_modules/Haraka/node_modules/iconv node-gyp rebuild

gyp WARN EACCES user "root" does not have permission to access the dev dir "/root/.node-gyp/6.7.0" gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/Haraka/node_modules/iconv/.node-gyp" gmake: Entering directory '/usr/local/lib/node_modules/Haraka/node_modules/iconv/build' CXX(target) Release/obj.target/iconv/src/binding.o CC(target) Release/obj.target/iconv/deps/libiconv/lib/iconv.o In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:209: ../deps/libiconv/lib/jisx0208.h:2381:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0100) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:210: ../deps/libiconv/lib/jisx0212.h:2161:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0460) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:213: ../deps/libiconv/lib/gb2312.h:2539:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0460) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:214: In file included from ../deps/libiconv/lib/isoir165.h:81: ../deps/libiconv/lib/isoir165ext.h:760:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0200) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:217: In file included from ../deps/libiconv/lib/cns11643.h:38: ../deps/libiconv/lib/cns11643_inv.h:15373:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0100) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:218: ../deps/libiconv/lib/big5.h:4124:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0100) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:220: ../deps/libiconv/lib/ksc5601.h:2988:12: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (wc >= 0x0000 && wc < 0x0460) ~~ ^ ~~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:235: In file included from ../deps/libiconv/lib/gb18030.h:186: ../deps/libiconv/lib/gb18030uni.h:185:23: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (i >= 0 && i <= 39419) { ~ ^ ~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:235: ../deps/libiconv/lib/gb18030.h:249:25: warning: comparison of unsigned expression >= 0 is always true [-Wtautological-compare] if (i >= 0 && i < 0x100000) { ~ ^ ~ In file included from ../deps/libiconv/lib/iconv.c:70: In file included from ../deps/libiconv/lib/converters.h:241: In file included from ../deps/libiconv/lib/cp950.h:130: ../deps/libiconv/lib/cp950ext.h:39:11: warning: equality comparison with extraneous parentheses [-Wparentheses-equality] if ((c1 == 0xf9)) {


../deps/libiconv/lib/cp950ext.h:39:11: note: remove extraneous parentheses around the comparison to silence this warning
  if ((c1 == 0xf9)) {
      ~   ^      ~
../deps/libiconv/lib/cp950ext.h:39:11: note: use '=' to turn this equality comparison into an assignment
  if ((c1 == 0xf9)) {
          ^~
          =
In file included from ../deps/libiconv/lib/iconv.c:70:
In file included from ../deps/libiconv/lib/converters.h:242:
In file included from ../deps/libiconv/lib/big5hkscs1999.h:46:
../deps/libiconv/lib/hkscs1999.h:2957:12: warning: comparison of unsigned expression >= 0 is always true
      [-Wtautological-compare]
    if (wc >= 0x0000 && wc < 0x02d0)
        ~~ ^  ~~~~~~
In file included from ../deps/libiconv/lib/iconv.c:70:
In file included from ../deps/libiconv/lib/converters.h:243:
In file included from ../deps/libiconv/lib/big5hkscs2001.h:48:
../deps/libiconv/lib/hkscs2001.h:63:11: warning: equality comparison with extraneous parentheses [-Wparentheses-equality]
  if ((c1 == 0x8c)) {
       ~~~^~~~~~~
../deps/libiconv/lib/hkscs2001.h:63:11: note: remove extraneous parentheses around the comparison to silence this warning
  if ((c1 == 0x8c)) {
      ~   ^      ~
../deps/libiconv/lib/hkscs2001.h:63:11: note: use '=' to turn this equality comparison into an assignment
  if ((c1 == 0x8c)) {
          ^~
          =
In file included from ../deps/libiconv/lib/iconv.c:70:
In file included from ../deps/libiconv/lib/converters.h:245:
In file included from ../deps/libiconv/lib/big5hkscs2008.h:48:
../deps/libiconv/lib/hkscs2008.h:59:11: warning: equality comparison with extraneous parentheses [-Wparentheses-equality]
  if ((c1 == 0x87)) {
       ~~~^~~~~~~
../deps/libiconv/lib/hkscs2008.h:59:11: note: remove extraneous parentheses around the comparison to silence this warning
  if ((c1 == 0x87)) {
      ~   ^      ~
../deps/libiconv/lib/hkscs2008.h:59:11: note: use '=' to turn this equality comparison into an assignment
  if ((c1 == 0x87)) {
          ^~
          =
In file included from ../deps/libiconv/lib/iconv.c:153:
lib/aliases.gperf:362:28: warning: static variable 'aliases' is used in an inline function with external linkage
      [-Wstatic-in-inline]
          register int o = aliases[key].name;
                           ^
lib/aliases.gperf:348:1: note: use 'static' to give inline function 'aliases_lookup' internal linkage
__inline
^
static 
lib/aliases.gperf:777:27: note: 'aliases' declared here
static const struct alias aliases[] =
                          ^
lib/aliases.gperf:365:44: warning: static variable 'stringpool_contents' is used in an inline function with external linkage
      [-Wstatic-in-inline]
              register const char *s = o + stringpool;
                                           ^
lib/aliases.gperf:775:37: note: expanded from macro 'stringpool'
#define stringpool ((const char *) &stringpool_contents)
                                    ^
lib/aliases.gperf:348:1: note: use 'static' to give inline function 'aliases_lookup' internal linkage
__inline
^
static 
lib/aliases.gperf:425:34: note: 'stringpool_contents' declared here
static const struct stringpool_t stringpool_contents =
                                 ^
lib/aliases.gperf:368:25: warning: static variable 'aliases' is used in an inline function with external linkage
      [-Wstatic-in-inline]
                return &aliases[key];
                        ^
lib/aliases.gperf:348:1: note: use 'static' to give inline function 'aliases_lookup' internal linkage
__inline
^
static 
lib/aliases.gperf:777:27: note: 'aliases' declared here
static const struct alias aliases[] =
                          ^
16 warnings generated.
  SOLINK_MODULE(target) Release/obj.target/iconv.node
  COPY Release/iconv.node
gmake: Leaving directory '/usr/local/lib/node_modules/Haraka/node_modules/iconv/build'

> dtrace-provider@0.6.0 install /usr/local/lib/node_modules/Haraka/node_modules/dtrace-provider
> node scripts/install.js

> modern-syslog@1.1.4 install /usr/local/lib/node_modules/modern-syslog
> node-gyp rebuild

gyp WARN EACCES user "root" does not have permission to access the dev dir "/root/.node-gyp/6.7.0"
gyp WARN EACCES attempting to reinstall using temporary dev dir "/usr/local/lib/node_modules/modern-syslog/.node-gyp"
gmake: Entering directory '/usr/local/lib/node_modules/modern-syslog/build'
  CXX(target) Release/obj.target/core/core.o
  SOLINK_MODULE(target) Release/obj.target/core.node
  COPY Release/core.node
gmake: Leaving directory '/usr/local/lib/node_modules/modern-syslog/build'
/usr/local/lib
+-- express@4.14.0 
| +-- accepts@1.3.3 
| | +-- mime-types@2.1.12 
| | | `-- mime-db@1.24.0 
| | `-- negotiator@0.6.1 
| +-- array-flatten@1.1.1 
| +-- content-disposition@0.5.1 
| +-- content-type@1.0.2 
| +-- cookie@0.3.1 
| +-- cookie-signature@1.0.6 
| +-- debug@2.2.0 
| | `-- ms@0.7.1 
| +-- depd@1.1.0 
| +-- encodeurl@1.0.1 
| +-- escape-html@1.0.3 
| +-- etag@1.7.0 
| +-- finalhandler@0.5.0 
| | +-- statuses@1.3.0 
| | `-- unpipe@1.0.0 
| +-- fresh@0.3.0 
| +-- merge-descriptors@1.0.1 
| +-- methods@1.1.2 
| +-- on-finished@2.3.0 
| | `-- ee-first@1.1.1 
| +-- parseurl@1.3.1 
| +-- path-to-regexp@0.1.7 
| +-- proxy-addr@1.1.2 
| | +-- forwarded@0.1.0 
| | `-- ipaddr.js@1.1.1 
| +-- qs@6.2.0 
| +-- range-parser@1.2.0 
| +-- send@0.14.1 
| | +-- destroy@1.0.4 
| | +-- http-errors@1.5.0 
| | | +-- inherits@2.0.1 
| | | `-- setprototypeof@1.0.1 
| | `-- mime@1.3.4 
| +-- serve-static@1.11.1 
| +-- type-is@1.6.13 
| | `-- media-typer@0.3.0 
| +-- utils-merge@1.0.0 
| `-- vary@1.1.0 
+-- Haraka@2.8.10 
| +-- address-rfc2821@1.0.0 
| +-- address-rfc2822@1.0.1 
| +-- async@2.0.1 
| | `-- lodash@4.16.5 
| +-- daemon@1.1.0 
| +-- elasticsearch@12.0.1 
| | +-- chalk@1.1.3 
| | | +-- ansi-styles@2.2.1 
| | | +-- escape-string-regexp@1.0.5 
| | | +-- has-ansi@2.0.0 
| | | | `-- ansi-regex@2.0.0 
| | | +-- strip-ansi@3.0.1 
| | | `-- supports-color@2.0.0 
| | +-- forever-agent@0.6.1 
| | `-- promise@7.1.1 
| |   `-- asap@2.0.5 
| +-- generic-pool@2.4.3 
| +-- haraka-constants@1.0.0 
| +-- haraka-net-utils@1.0.4 
| | `-- haraka-config@1.0.5 
| +-- haraka-nosql@0.4.0 
| | +-- redis@0.12.1 
| | `-- strong-store-cluster@0.1.3 
| +-- haraka-plugin-asn@1.0.6 
| | `-- maxmind@0.6.0 
| +-- haraka-plugin-geoip@1.0.1 
| | `-- maxmind@1.3.0 
| |   +-- big-integer@1.6.16 
| |   `-- lru-cache@4.0.1 
| |     +-- pseudomap@1.0.2 
| |     `-- yallist@2.0.0 
| +-- haraka-plugin-watch@1.0.3 
| +-- haraka-tld@1.0.10 
| | `-- punycode@2.0.1 
| +-- iconv@2.2.1 
| | `-- nan@2.4.0 
| +-- ipaddr.js@1.2.0 
| +-- js-yaml@3.6.1 
| | +-- argparse@1.0.9 
| | `-- esprima@2.7.3 
| +-- ldapjs@1.0.0 
| | +-- asn1@0.2.3 
| | +-- assert-plus@0.1.5 
| | +-- backoff@2.4.1 
| | | `-- precond@0.2.3 
| | +-- bunyan@1.5.1 
| | | +-- mv@2.1.1 
| | | | +-- mkdirp@0.5.1 
| | | | | `-- minimist@0.0.8 
| | | | +-- ncp@2.0.0 
| | | | `-- rimraf@2.4.5 
| | | |   `-- glob@6.0.4 
| | | |     +-- inflight@1.0.6 
| | | |     +-- inherits@2.0.3 
| | | |     +-- minimatch@3.0.3 
| | | |     | `-- brace-expansion@1.1.6 
| | | |     |   +-- balanced-match@0.4.2 
| | | |     |   `-- concat-map@0.0.1 
| | | |     `-- path-is-absolute@1.0.1 
| | | `-- safe-json-stringify@1.0.3 
| | +-- dashdash@1.10.1 
| | +-- dtrace-provider@0.6.0 
| | +-- ldap-filter@0.2.2 
| | +-- once@1.3.2 
| | | `-- wrappy@1.0.2 
| | +-- vasync@1.6.3 
| | `-- verror@1.6.0 
| |   `-- extsprintf@1.2.0 
| +-- nopt@3.0.6 
| | `-- abbrev@1.0.9 
| +-- npid@0.4.0 
| +-- redis@2.6.3 
| | +-- double-ended-queue@2.1.0-0 
| | +-- redis-commands@1.3.0 
| | `-- redis-parser@2.1.1 
| +-- semver@5.0.3 
| +-- sprintf-js@1.0.3 
| +-- tmp@0.0.29 
| | `-- os-tmpdir@1.0.2 
| `-- vs-stun@0.0.7 
+-- modern-syslog@1.1.4  (git://github.com/strongloop/modern-syslog.git#bba6a20eb226d8dfdecf25bdb3ca96e583b42372)
| `-- nan@2.4.0 
`-- ws@1.1.1 
  +-- options@0.0.6 
  `-- ultron@1.0.2 

jexec stage npm install -g haraka-plugin-log-reader
/usr/local/lib
`-- haraka-plugin-log-reader@1.0.4 

   ***   installing Haraka, stage 2   ***

jexec stage haraka -i /data
warning: Unable to create file: /data/README already exists
warning: Unable to create file: /data/package.json already exists
warning: Unable to create file: /data/config/internalcmd_key already exists
warning: EEXIST, File exists '/data/config/smtp.ini'
warning: EEXIST, File exists '/data/config/loglevel'
warning: EEXIST, File exists '/data/config/plugins'
warning: EEXIST, File exists '/data/config/dkim/dkim_key_gen.sh'

   ***   configuring Haraka   ***

   ***   install p0f   ***

pkg -j stage install -y p0f
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
    p0f: 3.09b

Number of packages to be installed: 1
[haraka] [1/1] Installing p0f-3.09b...
[haraka] [1/1] Extracting p0f-3.09b: 100%

   ***   installing p0f startup file   ***

sysrc -R /jails/stage p0f_enable=YES
p0f_enable:  -> YES
jexec stage service p0f start
Starting p0f.
--- p0f 3.09b by Michal Zalewski <lcamtuf@coredump.cx> ---

[!] Consider specifying -u in daemon mode (see README).
[+] Loaded 322 signatures from '/usr/local/etc/p0f.fp'.
[+] Intercepting traffic on interface 'em0'.
[+] Custom filtering rule enabled: dst port 25 or dst port 587 or dst port 465 [+VLAN]
[+] Listening on API socket '/tmp/.p0f_socket' (max 20 clients).
[+] Daemon process created, PID 96808 (stderr not kept).

Good luck, you're on your own now!

   ***   enabling Haraka spamassassin plugin   ***

zroot/data/clamav filesystem exists
zroot/data/avg filesystem exists

   ***   configuring Haraka avg plugin   ***

   ***   update tmpdir in avg.ini   ***

   ***   rejecting brutefore AUTH signature   ***

ylmf\-pc
zroot/data/geoip filesystem exists

   ***   starting haraka   ***

sysrc -R /jails/stage haraka_enable=YES
haraka_enable:  -> YES
haraka_flags:  -> -c /data
jexec stage service haraka start
loaded TLD files: 1=1501 2=6003 3=2319
loaded 8048 Public Suffixes
loglevel: LOGINFO
Starting up Haraka version 2.8.10
[INFO] [-] [core] Loading plugins
[INFO] [-] [core] Loading plugin: process_title
[INFO] [-] [core] Loading plugin: log.syslog
[INFO] [-] [core] Loading plugin: relay
[INFO] [-] [core] Loading plugin: access
[INFO] [-] [access] skipping helo.checks.regexps
[INFO] [-] [core] Loading plugin: connect.p0f
[INFO] [-] [core] Loading plugin: connect.geoip
[INFO] [-] [connect.geoip] provider maxmind with 6 DBs
[INFO] [-] [core] Loading plugin: connect.fcrdns
[INFO] [-] [core] Loading plugin: dnsbl
[INFO] [-] [core] Loading plugin: helo.checks
[INFO] [-] [core] Loading plugin: tls
[INFO] [-] [core] Loading plugin: auth/auth_vpopmaild
[INFO] [-] [core] Loading plugin: mail_from.is_resolvable
[INFO] [-] [core] Loading plugin: spf
[INFO] [-] [core] Loading plugin: rcpt_to.qmail_deliverable
[INFO] [-] [core] Loading plugin: bounce
[INFO] [-] [core] Loading plugin: data.headers
[INFO] [-] [core] Loading plugin: data.uribl
[INFO] [-] [core] Loading plugin: attachment
[INFO] [-] [core] Loading plugin: clamd
[INFO] [-] [clamd] Loading excludes file
[INFO] [-] [core] Loading plugin: avg
[INFO] [-] [core] Loading plugin: spamassassin
[INFO] [-] [core] Loading plugin: rspamd
[INFO] [-] [core] Loading plugin: dkim_sign
[INFO] [-] [core] Loading plugin: karma
[INFO] [-] [core] Loading plugin: queue/smtp_forward
[INFO] [-] [core] Loading plugin: limit
[INFO] [-] [core] Loading plugin: watch
[INFO] [-] [core] Loading plugin: redis

   ***   waiting for Haraka to start listeners   ***

   ***   testing Haraka   ***

checking for port 25 listener in staged jail
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS      
root     node       96932 176 tcp4  172.16.15.254:25      *:*
it worked

   ***   promoting jail haraka   ***

service jail stop stage
Stopping jails: stage.
jail -r stage
stage: removed
nameserver 172.16.15.3
umount /jails/stage/dev
unmount /jails/stage/usr/ports
unmount /jails/stage/var/cache/pkg
zroot/data/haraka filesystem exists
/data/haraka on /jails/stage/data (nullfs, local)
unmount data fs /jails/stage/data
zroot/data/geoip filesystem exists
/data/geoip on /jails/stage/usr/local/share/GeoIP (nullfs, local)
unmount data fs /jails/stage/usr/local/share/GeoIP
zfs rename zroot/jails/stage zroot/jails/haraka.ready
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (0)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (1)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (2)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (3)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (4)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (5)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (6)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (7)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (8)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (9)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (10)
cannot unmount '/jails/stage': Device busy
waiting for ZFS filesystem to quiet (11)
service jail stop haraka
Stopping jails:.
jail -r haraka
zroot/data/haraka filesystem exists
zroot/jails/haraka.last filesystem exists
zfs destroy zroot/jails/haraka.last
zroot/jails/haraka filesystem exists
zfs rename zroot/jails/haraka zroot/jails/haraka.last
zfs rename zroot/jails/haraka.ready zroot/jails/haraka

   ***   haraka already in /etc/jail.conf   ***

   ***   service jail start haraka   ***

Starting jails: cannot start jail  "haraka": 
jail: haraka: mount: /jails/haraka/data/avg: No such file or directory
.

Success! A new 'haraka' jail is provisioned

#
msimerson commented 8 years ago

duplicate of #88

johannes73 commented 8 years ago

I think it is great that Matt is polishing MT6... I am really looking forward to moving from MT5 to MT6.

After issue #91 was closed today, I downloaded mail-toaster.sh again, and provisioned all jails again - up to "provision haraka". But apparently I must be doing something wrong.

I still get the same error as in issue #91:

######### (...) Starting jails: cannot start jail "haraka": jail: haraka: mount: /jails/haraka/data/avg: No such file or directory #########

Very thankful for a kick in the right direction...

msimerson commented 8 years ago

The problem is right here:

Starting jails: cannot start jail "haraka":
jail: haraka: mount: /jails/haraka/data/avg: No such file or directory

Hint: look in /etc/jail.conf. Figure out the problem. Instead of whining, dig in and figure it out and CONTRIBUTE something instead of just whining. Or be a decent human being and patiently wait until I get around to it.

msimerson commented 8 years ago

I've had a chance to look into this. My theory is that both of you had provisioned an AVG jail in the past, and then partly removed everything and started anew. Evidence of this:

*** haraka already in /etc/jail.conf ***

The build script doesn't change/update the jail declarations in /etc/jail.conf. I haven't thought of a clever way to do that that doesn't deprive users of the ability to customize /etc/jail.conf.

When the Haraka jail was initially provisioned, the build script detected the presence of /data/avg and added a mount entry for it in Haraka's section of /etc/jail.conf. Note the difference between an install with AVG enabled and without:

with

haraka  {
        ip4.addr = lo1|172.16.15.9;
        devfs_ruleset = 7;
        mount += "/data/haraka $path/data nullfs rw 0 0";
        mount += "/data/avg $path/data/avg nullfs rw 0 0";
        mount += "/data/geoip $path/usr/local/share/GeoIP nullfs ro 0 0";
    }

without

haraka  {
        ip4.addr = lo1|172.16.15.9;
        devfs_ruleset = 7;
        mount += "/data/haraka $path/data nullfs rw 0 0";
        mount += "/data/geoip $path/usr/local/share/GeoIP nullfs ro 0 0";
    }

This time around, neither of you provisioned AVG. Since the build script did NOT detect /data/avg, it also did not create the AVG directory mount point (/jails/haraka/data/avg). When the jail attempts to start, that directory doesn't exist and so the jail doesn't start.

Possible solutions:

  1. when you "start over" on a host, don't forget to rm /etc/jail.conf, especially if you make different choices the next time. * look at the extremely dangerous unprovision command in mail-toaster.sh.
  2. remove the avg mount line from the haraka section in /etc/jail.conf
  3. manually create the missing directory (mkdir /jails/haraka/data/avg)
toastedmail commented 8 years ago

Matt, When I made the new MT6, it was made in a brand new QEMU VM. There was no prior install of anything. I used FreeBSD 10.3-RELEASE amd/64 iso.

I don't have time right now, but I will try to reproduce the behavior and comment here on the result.