Zimbra 8.8.15 Patch-35 - share experience

Ask questions about your setup or get help installing ZCS server (ZD section below).
User avatar
gabrieles
Outstanding Member
Outstanding Member
Posts: 233
Joined: Tue Feb 14, 2017 9:40 am

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by gabrieles »

scantec wrote:We had that problem. Clearing /opt/zimbra/jetty/work/ fixed the issue
Thanks, issue resolved. The directory was not emptied correctly.
Post edited
User avatar
L. Mark Stone
Ambassador
Ambassador
Posts: 2793
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine, US
ZCS/ZD Version: 10.0.6 Network Edition
Contact:

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by L. Mark Stone »

No issues reported after several multi- and single-server environments updated.
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
xorcz
Posts: 27
Joined: Fri Nov 20, 2015 6:48 am

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by xorcz »

I had to reapply
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
because reject_sender_login_mismatch
was missing.
User avatar
L. Mark Stone
Ambassador
Ambassador
Posts: 2793
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine, US
ZCS/ZD Version: 10.0.6 Network Edition
Contact:

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by L. Mark Stone »

xorcz wrote:I had to reapply
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
because reject_sender_login_mismatch
was missing.
That article is old and no longer applies.

If you instead had done:

Code: Select all

zmprov mcf zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch
...the restriction, as it is now stored in LDAP, would have survived the patch.

Hope that helps,
Mark
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
amme
Posts: 2
Joined: Fri Dec 02, 2022 8:23 am

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by amme »

Hello there,

here another one with mailboxd not starting after upgrade to P35.

it seems that jetty.xml.in and jetty.xml are wrongly parserized during upgrade:

With P34:
near line 800/802 of jetty.xml.in:
<Item><SystemProperty name="jetty.zimlet.base" default="."/>/webapps/zimlet</Item>
<Item><SystemProperty name="jetty.zimlet.base" default="."/>/../zimlets-deployed</Item>

Broken after P35:
<Item><SystemProperty name="jetty.base" default="."/>/webapps/zimlet</Item>
<Item>./../zimlets-deployed</Item>

Error in zmmailboxd.out with P35 just applied:
getException in file:///opt/zimbra/jetty_base/etc/jetty.xml
Caused by: java.lang.IllegalArgumentException: file:///opt/zimbra_store/log/./../zimlets-deployed is not an existing directory.


Partially fixed, mailboxd starting but zimlets components unavailable (service/zimlets/* : 404)
<Item><SystemProperty name="jetty.base" default="."/>/webapps/zimlet</Item>
<Item><SystemProperty name="jetty.base" default="."/>/../zimlets-deployed</Item>

Maybe this could help to make mailboxd start again. Any help to fix zimlets is really appreciated.
(undeploy/deploy, work cleaning ...already done)
amme
Posts: 2
Joined: Fri Dec 02, 2022 8:23 am

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by amme »

...after further digging... It seems that it's not a wrong parsing of configuration files.

Looking into commit:

ZBUG 2991 - use cwd of jetty process path for zimlets-deployed directory
https://github.com/Zimbra/zm-jetty-conf ... 7b65e2b272

They consider that jetty is running into /opt/zimbra/jetty
But... it seems to be running into /opt/zimbra/log

if you go back of 1 level and then go into /opt/zimbra/zimlet-deploy in fact there is no difference since "jetty" and "log" folders are at the same level.

But, if someone like me store logs in a different volume (/opt/zimbra_store/log) the "cwd" folder is different than expected and a relative path brokes all the games.
Caused by: java.lang.IllegalArgumentException: file:///opt/zimbra_store/log/./../zimlets-deployed is not an existing directory.

Pretty sad, especially since the patch was born to fix zimbra behavior when installed in a non standard path!
halfgaar
Advanced member
Advanced member
Posts: 171
Joined: Sat Sep 13, 2014 12:54 am
Location: Netherlands
ZCS/ZD Version: Ubuntu 18.04, 8.8.15_P43
Contact:

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by halfgaar »

Sounds like it's worthy of a bug report.
User avatar
axslingr
Outstanding Member
Outstanding Member
Posts: 256
Joined: Sat Sep 13, 2014 2:20 am
ZCS/ZD Version: 8.8.15.GA.3869.UBUNTU18.64 UBUNTU18

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by axslingr »

No issues here on single servers Ubuntu 18.04 and Centos7
aurfalien
Advanced member
Advanced member
Posts: 70
Joined: Sat Sep 13, 2014 12:01 am

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by aurfalien »

I'm unsure about it.

It no longer liked my Zimbra admin password having a $ in it.

I also started to get frequent Server Configuration Error messages which never happened before.

I'm going to try and get some one from some sort of Zimbra oriented professional services company to look at what I did to get things working.

Seems that I've read a good amount of posts similar to mine w/o resolution. Hoping that I can hire some one to help answer my questions on what I did and why was it required.

My previous experience with Zimbra was that it simply worked right out the box but not in my case now.

At any rate I am glad to have applied the patch as it addresses some serious vulnerabilities but man was it stressful figuring out basic things that I've never had to do with Zimbra.
hisfran
Posts: 31
Joined: Tue Apr 29, 2014 2:10 pm

Re: Zimbra 8.8.15 Patch-35 - share experience

Post by hisfran »

Just attempted to upgrade Zimbra 8.8.15 patch 34 to patch 35 on Ubuntu 18.04LTS

Everything proceeded well until I ran into an issue when restarting zimbra: the zmcontrol command prompted for a sudo zimbra password when starting the proxy.
It never happened before.
I was able to revers to a Proxmox snapshot taken prior to the upgrade.

Here is when it happened:

$ zmcontrol restart
...
Stopping proxy...[sudo] password for zimbra:

Then:
$ zmproxyctl status
proxy is not running.
$ zmproxyctl start
Error: nginx not installed

But nginx is installed and was working well before the update:

$ apt list --installed | grep nginx
zimbra-nginx/unknown,now 1.20.0-1zimbra8.8b3.16.04 amd64 [installed,automatic]

Any idea how to fix this?

Fran
Post Reply