OVH Community, votre nouvel espace communautaire.

ovh release 3 : impossible de redémarrer opendkim et pb patch-all 3.34 > 3.35


Tristan
26/06/2015, 18h25
ok, problème résolu...
j'ai appliqué le dernier patch directement via
Code:
 wget ftp://ftp.ovh.net/made-in-ovh/releas...h-3.34-3.35.sh -O patch-3.34-3.35.sh; sh patch-3.34-3.35.sh
, et là, le patch est bien appliqué...

Ce patch corrige mon pb avec opendkim, ainsi que le bug dans OVHM (quand on ajoute un domaine, plantage de BIND au redémarrage du service) :-)

Par contre, ce n'est pas normal que le patch-all ne fonctionne pas...

Tristan
26/06/2015, 16h47
Bonjour,

j'ai un serveur depuis qq jours (donc tout frais) sous ovh release 3.34 avec juste qq domaines installés et très peu de modifs faites dessus, et déjà plusieurs soucis :-(

1) si j'essaie de redémarrer opendkim, j'ai l'erreur suivante :
Code:
 Impossible de redemarrer les services
Stopping OpenDKIM Milter: [ÉCHOUÉ] Starting OpenDKIM Milter: opendkim: /etc/opendkim.conf: /etc/opendkim/keys/default.private: open(): No such file or directory [ÉCHOUÉ]
Le fichier /etc/opendkim/keys/default.private n'existe pas...
Est-ce normal ?
Par contre, dans les sous répertoires opendkim/keys/domaine_qq_chose.com j'ai bien le fichier.

le contenu de opendkim.conf
Code:
## CONFIGURATION OPTIONS

##  Specifies the path to the process ID file.
PidFile	/var/run/opendkim/opendkim.pid

##  Selects operating modes. Valid modes are s (sign) and v (verify). Default is v.
##  Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing
##  messages.
Mode    sv

##  Log activity to the system log.
Syslog	yes

##  Log additional entries indicating successful signing or verification of messages.
SyslogSuccess	yes

##  If logging is enabled, include detailed logging about why or why not a message was
##  signed or verified. This causes an increase in the amount of log data generated
##  for each message, so set this to No (or comment it out) if it gets too noisy.
LogWhy	yes

##  Attempt to become the specified user before starting operations.
UserID	opendkim:opendkim

##  Create a socket through which your MTA can communicate.
Socket	inet:8891@localhost

##  Required to use local socket with MTAs that access the socket as a non-
##  privileged user (e.g. Postfix)
Umask	002

##  This specifies a text file in which to store DKIM transaction statistics.
##  OpenDKIM must be manually compiled with --enable-stats to enable this feature.
# Statistics	/var/spool/opendkim/stats.dat

##  Specifies whether or not the filter should generate report mail back
##  to senders when verification fails and an address for such a purpose
##  is provided. See opendkim.conf(5) for details.
SendReports	yes

##  Specifies the sending address to be used on From: headers of outgoing
##  failure reports.  By default, the e-mail address of the user executing
##  the filter is used (executing_user@hostname).
# ReportAddress	"Example.com Postmaster" 

##  Add a DKIM-Filter header field to messages passing through this filter
##  to identify messages it has processed.
SoftwareHeader	yes

## SIGNING OPTIONS

##  Selects the canonicalization method(s) to be used when signing messages.
Canonicalization	relaxed/relaxed

##  Domain(s) whose mail should be signed by this filter. Mail from other domains will
##  be verified rather than being signed. Uncomment and use your domain name.
##  This parameter is not required if a SigningTable is in use.
# Domain	example.com

##  Defines the name of the selector to be used when signing messages.
Selector	default

##  Specifies the minimum number of key bits for acceptable keys and signatures.
MinimumKeyBits	1024

##  Gives the location of a private key to be used for signing ALL messages. This
##  directive is ignored if KeyTable is enabled.
KeyFile	/etc/opendkim/keys/default.private

##  Gives the location of a file mapping key names to signing keys. In simple terms,
##  this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
##  directive in the configuration file. Requires SigningTable be enabled.
# KeyTable	/etc/opendkim/KeyTable

##  Defines a table used to select one or more signatures to apply to a message based
##  on the address found in the From: header field. In simple terms, this tells
##  OpenDKIM how to use your keys. Requires KeyTable be enabled.
# SigningTable	refile:/etc/opendkim/SigningTable

##  Identifies a set of "external" hosts that may send mail through the server as one
##  of the signing domains without credentials as such.
# ExternalIgnoreList	refile:/etc/opendkim/TrustedHosts

##  Identifies a set "internal" hosts whose mail should be signed rather than verified.
# InternalHosts	refile:/etc/opendkim/TrustedHosts

##  Contains a list of IP addresses, CIDR blocks, hostnames or domain names
##  whose mail should be neither signed nor verified by this filter.  See man
##  page for file format.
# PeerList	X.X.X.X

##  Always oversign From (sign using actual From and a null From to prevent
##  malicious signatures header fields (From and/or others) between the signer
##  and the verifier.  From is oversigned by default in the Fedora package
##  because it is often the identity key used by reputation systems and thus
##  somewhat security sensitive.
OversignHeaders	From

2) j'ai la release 3.34.
A priori un patch pour passer en 3.35 est dispo cf : ftp://ftp.ovh.net/made-in-ovh/releas...h-3.34-3.35.sh
Mais si je lance un patch-all (wget ftp://ftp.ovh.net/made-in-ovh/releas...l-release-3.sh && sh patch-all-release-3.sh), j'ai droit à un "OVH-Release is up to date !!" et je suis toujours en 3.34 :-(
Est-ce pareil pour vous ?

Merci d'avance pour votre aide:-)