Posts by ptruman

    I would probably agree, however FreePBX is about the best GUI for asterisk going, and I'd rather that than bugger with the CLI :)


    Alternately you could create a new usergroup and add apache2 and asterisk to it, and just set the perms on the php5.6 exe to be for that group alone - which would limit the exposure somewhat. As mentioned in the article, tampering with the php code trips a signature alarm, so as it's only one apache2 site, one (nologin) user and a php-fm instance using php5.6, the attack surface is limited.


    *Most* but not all the FreePBX scripts run if you just edit them to run php7.0 instead of 5.6, but they will trigger signature check alerts in FreePBX, and not all of them yet do - although the FreePBX team say they are trying to get moved to php7, I don't think it's a priority for them yet :(

    Quick one - I have heavily customised my sshd_config - including changing default algorithms.
    If I change the config in the UI, it always replaces my config with the default - is there a template "base" config hiding that can be fettled?

    Hi all


    I've rebuilt OMV3 from ISO on my N54L and everything is now working, EXCEPT OpenVPNAS.
    I've installed the plugin, and openvpn-as


    There are two users it setup, openvpn and openvpn_as


    From what I see in the as.conf those users are set to run the process.
    systemctl start openvpnas works (or seems to) but if I login to the admin GUI, or connect a client, after a minute or so, it restarts, although systemctl status openvpnas shows:


    Apr 17 21:48:03 MediaVault systemd[1]: PID file /var/run/openvpnas.pid not readable (yet?) after start.
    Apr 17 21:48:03 MediaVault systemd[1]: Started OpenVPN Access Server Service.


    Partial log below. What is going on? From my previous running drive, I can't see any sticky/SETUID bits on anything. The two users are just members of their own group (same as the username). This is clearly a perms issue but I'm damned if I can figure out what...


    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "iptables_openvpn": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "iptables_web": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "license": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "log": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "openvpn_0": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "openvpn_1": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "openvpn_2": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "openvpn_3": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "user": "started",
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] "web": "started"
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] }
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] }
    2018-04-17 21:28:07+0100 [OMIClientAuth,0,] Server Agent started
    2018-04-17 21:28:12+0100 [-] License Info {'apc': False, 'concurrent_connections': 2}
    2018-04-17 21:29:02+0100 [OMIClientAuth,0,] OMI Cancel pending deferred ['exit']
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: "Tue Apr 17 20:29:02 2018 MANAGEMENT: CMD 'exit'"
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Client disconnected'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Triggering management exit'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 Closing TUN/TAP interface'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 /sbin/ifconfig as0t3 0.0.0.0'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 Linux ip addr del failed: could not execute external program'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 SIGTERM[soft,management-exit] received, process exiting'
    2018-04-17 21:29:02+0100 [-] OVPN 3 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: >STATE:1523996942,EXITING,management-exit,,,,,'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: "Tue Apr 17 20:29:02 2018 MANAGEMENT: CMD 'exit'"
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Client disconnected'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Triggering management exit'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 Closing TUN/TAP interface'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 /sbin/ifconfig as0t2 0.0.0.0'
    2018-04-17 21:29:02+0100 [OMIClientAuth,0,] OMI Cancel pending deferred ['exit']
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 Linux ip addr del failed: could not execute external program'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 SIGTERM[soft,management-exit] received, process exiting'
    2018-04-17 21:29:02+0100 [-] OVPN 2 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: >STATE:1523996942,EXITING,management-exit,,,,,'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: "Tue Apr 17 20:29:02 2018 MANAGEMENT: CMD 'exit'"
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Client disconnected'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Triggering management exit'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 Closing TUN/TAP interface'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 /sbin/ifconfig as0t1 0.0.0.0'
    2018-04-17 21:29:02+0100 [OMIClientAuth,0,] OMI Cancel pending deferred ['exit']
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 Linux ip addr del failed: could not execute external program'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 SIGTERM[soft,management-exit] received, process exiting'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: >STATE:1523996942,EXITING,management-exit,,,,,'
    2018-04-17 21:29:02+0100 [-] OVPN 1 OUT: 'Tue Apr 17 20:29:02 2018 PORT SHARE PROXY: proxy exiting'
    2018-04-17 21:29:02+0100 [OMIClientAuth,0,] OMI Cancel pending deferred ['exit']
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: "Tue Apr 17 20:29:02 2018 MANAGEMENT: CMD 'exit'"
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Client disconnected'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: Triggering management exit'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 Closing TUN/TAP interface'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 /sbin/ifconfig as0t0 0.0.0.0'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 Linux ip addr del failed: could not execute external program'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 SIGTERM[soft,management-exit] received, process exiting'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 MANAGEMENT: >STATE:1523996942,EXITING,management-exit,,,,,'
    2018-04-17 21:29:02+0100 [-] OVPN 0 OUT: 'Tue Apr 17 20:29:02 2018 PORT SHARE PROXY: proxy exiting'
    2018-04-17 21:29:02+0100 [-] IPTABLES_LIVE ERR: 'IPTABLES_RESTORE: Sending SIGTERM to pid 22702'
    2018-04-17 21:29:02+0100 [-] PROC RESTORE /proc/sys/net/ipv4/ip_forward -> 1
    2018-04-17 21:29:02+0100 [-] PROC RESTORE /proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal -> 1
    2018-04-17 21:29:02+0100 [-] WEB: Sending SIGTERM to pid 22648
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] Received SIGTERM, shutting down.'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 909 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 908 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 907 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 906 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 905 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 904 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 11194 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] (Port 943 Closed)'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] Main loop terminated.'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] Warning: No permission to delete pid file'
    2018-04-17 21:29:02+0100 [-] WEB OUT: '2018-04-17 21:29:02+0100 [-] Server Shut Down.'
    2018-04-17 21:29:02+0100 [-] Server Agent shutting down, stop status: {'errors': {}, 'service_status': {'bridge': 'off', 'log': 'off', 'license': 'off', 'ip$
    2018-04-17 21:29:02+0100 [-] (Port None Closed)
    2018-04-17 21:29:02+0100 [-] (Port None Closed)
    2018-04-17 21:29:02+0100 [-] (Port None Closed)
    2018-04-17 21:29:02+0100 [-] Received SIGTERM, shutting down.
    2018-04-17 21:29:02+0100 [-] Main loop terminated.
    2018-04-17 21:29:02+0100 [-] Server Shut Down.
    2018-04-17 21:29:04+0100 [-] Log opened.
    2018-04-17 21:29:04+0100 [-] twistd 9.0.0 (/usr/local/openvpn_as/bin/python 2.7.11) starting up.
    2018-04-17 21:29:04+0100 [-] reactor class: twisted.internet.epollreactor.EPollReactor.
    2018-04-17 21:29:04+0100 [-] rmdir /usr/local/openvpn_as/etc/db_push
    2018-04-17 21:29:04+0100 [-] ACCESS SERVER starting, version=2.5
    2018-04-17 21:29:04+0100 [-] Max open files set to (4096, 4096)
    2018-04-17 21:29:04+0100 [-] /etc/resolv.conf changed, reparsing
    2018-04-17 21:29:04+0100 [-] Resolver added ('127.0.0.1', 53) to server list
    2018-04-17 21:29:05+0100 [-] twisted.web.server.Site starting on "u'/usr/local/openvpn_as/etc/sock/sagent'"
    2018-04-17 21:29:05+0100 [-] twisted.web.server.Site starting on "u'/usr/local/openvpn_as/etc/sock/sagent.localroot'"
    2018-04-17 21:29:05+0100 [-] twisted.web.server.Site starting on "u'/usr/local/openvpn_as/etc/sock/sagent.api'"

    I've just gone from an N40L to an N54L (due to a dead PSU).
    Moved all the drives as is, and OMV started fine - this is good.


    My data is on a RAID-1, as is my boot drive.


    I've then swapped out my data drive from the 500GB drives they were on, to 2 x 1TB drives - that worked (pull old drive, plug new drive, rebuild - repeat with other drive). Reboots all working.


    I've tried to do this with the OpSys drive, but have run afoul of the old disks being 512KB sectors, versus 4096K on the new 1TB drives - trying to boot results in a black screen with a flashing cursor - no OMV screen. Putting the old drives back in works again.


    So, to save much argument, I suspect the easiest thing to do is re-install OMV on the new disks, but I have forgotten a couple of things...


    a) If I rebuild the system disks, how do I reattach my data mirror? (I would remove the physical disks before working on anything to ensure they are safe).
    b) Can I backup my existing operating system drive folder and just copy them back? I was considering copying all folders (except /srv/) to the data drive so I could copy them back... (with cp -a)


    I ask (b) as I have a lot of custom stuff running - Asterisk, DNSCrypt, OpenRemote, Crashplan etc....and it would be lovely to just get it to go!

    Lo there


    Thought I'd give the remote desktop plugin a whirl. It installed ok, and I can run mstsc to connect, and login as my admin user - and get an X screen, but I then get this:


    Unable to load a failsafe session Unable to determine failsafe session name. Possible causes: xfconfd isn't running (D-bus setup problem); environment variable $XDG_CONFIG_DIRS is set incorrectly (must include "/etc"), or xfce4-session is installed incorrectly."

    Any clues?

    Genuinely didn't spot that, I think there are always some announcements that are there and get glossed over - but I'll def keep my eyes more open :)

    Hi there


    Running omv-update today, I'm getting:


    Code
    Get:106 http://httpredir.debian.org jessie-backports/non-free amd64 Packages [27.7 kB]
    Fetched 21.7 MB in 7s (2,850 kB/s)
    W: Failed to fetch https://dl.bintray.com/openmediavault-plugin-developers/erasmus-plex/dists/jessie/Release Unable to find expected entry 'main/binary-amd64/Packages' in Release file (Wrong sources.list entry or malformed file)
    E: Some index files failed to download. They have been ignored, or old ones used instead.


    Any clues?

    Right - god knows why I didn't check the nginx logs, but this is hiding in there:


    Code
    2017/10/21 19:01:23 [error] 12549#0: *15 FastCGI sent in stderr: "PHP message: PHP Warning: session_start(): open(/var/lib/php5/sessions/sess_cg9bvqt33fvfr22h449cn4f703, O_RDWR) failed: Permission denied (13) in /usr/share/php/openmediavault/session.inc on line 43" while reading response header from upstream, client: 127.0.0.1, server: openmediavault-webgui, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm-openmediavault-webgui.sock:", host: "127.0.0.1:444"


    Clues?

    Update : RRD is getting errors in syslog still, as seen below....although it only seems to get those if I run the omv-firstaid rrd checker....


    You can see my check of omv-engined, then an rrd restart, but then they resume barfing.
    What have I/it done?!


    The drives are not out of space (df -h below)


    Code
    Filesystem Size Used Avail Use% Mounted on
    udev 10M 0 10M 0% /dev
    tmpfs 1.2G 16M 1.2G 2% /run
    /dev/md0 70G 8.2G 59G 13% /
    tmpfs 2.8G 4.0K 2.8G 1% /dev/shm
    tmpfs 5.0M 0 5.0M 0% /run/lock
    tmpfs 2.8G 0 2.8G 0% /sys/fs/cgroup
    tmpfs 2.8G 568K 2.8G 1% /tmp
    /dev/md127 459G 285G 151G 66% /sftp/pete/Pete

    syslog tail below:



    In case something is blocking a port, here is netstatn -tulpen : https://pastebin.com/aZHsuJrL
    (note that I run Java for CrashPlan and OpenRemote)

    Well this is awkward :)


    OMV Erasmus 3.0.89 has been running fine - and I have LetsEncrypt running, but I use port 444 for HTTPS, as I have SSH running on 443, so I can proxy in from outside (yes, I'm firewalled, and SSH has three (3) factor auth running)


    The other day I installed Asterisk 15, with FreePBX 13. FreePBX uses Apache, but I set that to run on port 81 (and the admin interface was working). I think it did some bits with MySQL, but to be fair, I didn't try to login to OMV as all services are running fine (apparently!)


    Tried to login today, and I get the blue WebGUI login screen.
    If I put in a valid admin user/pass, it clears, looks like it'll login, then re-appears at the login screen.
    If I put in an invalid user/pass, it gives me an error.


    I did have lots of collectd errors in syslog, which I've cleared and restarted collectd and that seems happier, but I still can't login....


    omv-engined is "already running", omv-firstaid shows no issues, although if I run RRD check, randomly I get told


    All RRD database files are valid.
    Action failed -- Other action already in progress -- please try again later


    If I run it again, I don't get "Action failed", then again, I will.


    Not sure if that's the problem - or a red herring?


    Any clues?