Search found 146 matches

by metux
Wed Feb 04, 2015 5:15 pm
Forum: Administrators
Topic: glibc Ghost vulnerability
Replies: 17
Views: 2026

glibc Ghost vulnerability

No, that's exactly what I've said (just w/ more words): the package set changes. The reason behind the differenciation between plain upgrade and release-upgrade is that operators might not expect a changing package set (eg. possibly some packages disappearing, or new ones appearing that migh...
by metux
Wed Feb 04, 2015 4:48 pm
Forum: Administrators
Topic: Please Vote for the Cisco-Mittel UC re-instatement Bug 93620!
Replies: 5
Views: 825

Please Vote for the Cisco-Mittel UC re-instatement Bug 93620!

I've you're at least slightly concerned about security - kick out the cisco stuff.
by metux
Wed Feb 04, 2015 4:44 pm
Forum: Administrators
Topic: dnscache will not start
Replies: 15
Views: 3657

dnscache will not start

The correct solution is to drop that useless dns-proxy and use a real nameserver (eg. bind9 or djbdns). Actually, I really wonder why a mailserver like Zimbra ships it's own nameserver, which is completely out of scope - totally redundant. Oh, by the way: are you sure, you want to send all your ...
by metux
Wed Feb 04, 2015 4:38 pm
Forum: Administrators
Topic: Tuning with 'noatime' and 'dirsync'. Exactly WHICH dirs to tune?
Replies: 4
Views: 1487

Tuning with 'noatime' and 'dirsync'. Exactly WHICH dirs to tune?

maybe move /opt/zimbra to different spindle, and put the ext4 journal on an SSD. for the VM - if the host is Linux: switch to kvm w/ parvirt (vmware's io performance is horrible), increase the vm memory, limit the (guest) kernel's cache size and drop the swap (IOW: let the host do the swappi...
by metux
Wed Feb 04, 2015 4:26 pm
Forum: Administrators
Topic: blocking extension on mail attachement
Replies: 4
Views: 716

blocking extension on mail attachement

Use a milter for that.
by metux
Wed Feb 04, 2015 4:24 pm
Forum: Administrators
Topic: glibc Ghost vulnerability
Replies: 17
Views: 2026

glibc Ghost vulnerability

> don't do a dist-upgrade, you will upgrade your entire Ubuntu to the next version, 10 to 12, 12 to 14. No, what you're talking about is `do-release-upgrade`. (at least for Ubuntu) The dist-upgrade is only needed if the package set changes, eg. because an upgrade would pull in new dependenci...
by metux
Wed Feb 04, 2015 4:23 pm
Forum: Administrators
Topic: Installing openfire along with ZCS in Ubuntu 14.04
Replies: 1
Views: 287

Installing openfire along with ZCS in Ubuntu 14.04

Zimbra's JDK instance is completely seprated from the system's one, so there shouldn't be any problem here. OTOH, I'd always suggest isolating these services into separate containers or VMs. (by the way: containers are *way* more efficient than VMs, and Zimbra seems to play well w/ c...
by metux
Wed Feb 04, 2015 4:21 pm
Forum: Administrators
Topic: glibc Ghost vulnerability
Replies: 17
Views: 2026

glibc Ghost vulnerability

A simple `apt-get update && apt-get upgrade` should be enough. And that should be pretty safe. Actually, never had any serious trouble with that, as the usual policy @ubuntu (same w/ Debian) only does _minor_ bugfix/security upgrades (within a release) - they usually dont upgrade to newer (m...
by metux
Wed Feb 04, 2015 4:13 pm
Forum: Administrators
Topic: Freeradius doesn't support SSHA512. How can I change default zimbra hash back to SSHA?
Replies: 5
Views: 1168

Freeradius doesn't support SSHA512. How can I change default zimbra hash back to SSHA?

Havent checked freeradius, whether it really doesnt support sha512. But it really should do - so, it the correct way is to fix it.
by metux
Wed Feb 04, 2015 3:58 pm
Forum: Developers
Topic: Git repo is unavailable
Replies: 33
Views: 4216

Git repo is unavailable

also had the connection refused problem on last Sat. > Okay, I don't get the Connection refused-error anymore, only a "Waiting for access to repository" again. :( IIRC, it's waiting for the p4->git sync process to complete. maybe some stale locks, etc ... IMHO, it's better to r...

Go to advanced search