stopper swat
swat est démarré par inetd.conf
Donc commenter la ligne.
----------
changer les alias au niveau unix
/etc/aliases
-----------
Changer les alias pour le mail
/etc/email-addresses
--------------
exim smarthost with authentification
sudo nano /etc/exim4/passwd.client
...and add the line
*:login:password
sudo nano /etc/exim4/exim4.conf.localmacros
...add the line
AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = 1
sudo /etc/init.d/exim4 restart
-----
.mailrc
pour conserver dans un folder ex. .Sent les mails envoyés en ligne de commande, voici
ce qu'il faut mettre dans .mailrc
set record="~/Maildir/.Sent"
... autres réglages utilisés :
set EDITOR=/usr/bin/vi
set VISUAL=/usr/bin/vi
set PAGER=/usr/bin/less
set indentprefix=" >"
----------------------
Attention dovecot a besoin de l'ipv6, sinon erreur d'installation.
Donc modprobe ipv6
mais surtout mettre dans /etc/modules ipv6 sur une ligne
How do I enable or use IPv6?
Easy. sudo modprobe ipv6 will enable it immediately. If you want it to automatically be enabled at boot, just add ipv6 on a line by itself at the end of /etc/modules.
DOVECOT
/etc/dovecot/conf.d#
Dovecot SSL configuration
The most important SSL settings are (in conf.d/10-ssl.conf):
ssl = yes
# Preferred permissions: root:root 0444
ssl_cert =
# Preferred permissions: root:root 0400
ssl_key =
In 10-auth.conf
There are a couple of different ways to specify when SSL/TLS is required:
disable_plaintext_auth=yes # allows plaintext authentication only when SSL/TLS is used first.
#ssl = required requires SSL/TLS also for non-plaintext authentication.
If you have only plaintext mechanisms enabled (auth { mechanisms = plain login } ), you can use either (or both) of the above settings. They behave exactly the same way then.
Note that plaintext authentication is always allowed (and SSL not required) for connections from localhost, as they're assumed to be secure anyway. This applies to all connections where the local and the remote IP addresses are equal. Also IP ranges specified by login_trusted_networks setting are assumed to be secure.
-----
disable pop imap etc.
> Is it possible to disable unsecure POP3 protocol at all in Dovecot 2.1?
> There was "protocols" option in 1.x version, and there was separate
> pop3 and pop3s modules.
> There is no "pop3s" in configuration files in 2.1.
sure, set inet_listner pop3 to port = 0
there is a pop3s if you add one
more help show dovecot -n
-------------
tasksel pour installer mail server print server files server
--------------------
Converting Mbox mailboxes to Maildir format
http://batleth.sapienti-sat.org/projects/mb2md/
http://wiki2.dovecot.org/Migration/MailFormat
------------------
Pour utiliser Maildir comme système mail par défaut
Changer la variable MAIL
rot@jupi:/etc/profile.d# cat maildir.sh
export MAIL=$HOME/Maildir/
------
notification nouveaux mails
First, /etc/login.defs. You will want to locate the QMAIL_DIR and MAIL_FILE environment variables and uncomment them. Then, comment out the MAIL_DIR environment variable. The value of MAIL_FILE will be appended to the user's home directory, such that the MAIL environment variable becomes defined as MAIL=$HOME/$MAIL_FILE, which is what you want. An example follows.
QMAIL_DIR Maildir/
#MAIL_DIR /var/mail
MAIL_FILE Maildir/
Second, modify your /etc/pam.d/login to receive new mail notifications when you login on the console. Your /etc/pam.d/login with the correction options for pam_mail.so should look like the example below.
session optional pam_mail.so standard noenv dir=~/Maildir
Last, you need to make a similar modification to /etc/pam.d/ssh so you receive new mail notifications when you login via ssh. In order for the MAIL environment variable to be set correctly, you must ensure that the noenv is not passed to pam_mail.so.
# Print the status of the user's mailbox upon successful login.
session optional pam_mail.so standard dir=~/Maildir # [1]
-----
PROCMAIL
créer le fichier
/etc/procmailrc
# system-wide settings for procmail
SHELL="/bin/bash"
LOGFILE="/var/log/procmail.log"
DEFAULT="$HOME/Maildir/"
MAILDIR="$HOME/Maildir/"
~
http://blog.edseek.com/~jasonb/articles/exim4_courier/exim4.html
dpkg-reconfigure exim4-config
parmi les options choisir Maildir
OU BIEN
2.3. Configuring Exim4 for Maildir Delivery
Unlike configuring Exim3 for Maildir, the configuration for Exim4 is straightforward. If you choose to use the debconf generated configuration file, you need merely open /etc/exim4/update-exim4.conf.conf and make a single edit. Add the option dc_localdelivery to the end of the file with a value of maildir_home, or change its value if it already exists, as shown below. (Future versions of debconf configuration will likely include this as a configuration time option for the Debian package of Exim4.)
dc_localdelivery=maildir_home
Now, restart the daemon.
nebula:~# invoke-rc.d exim4 reload
Reloading exim4 configuration files
----
http://dev.mutt.org/trac/wiki/MuttFaq/Maildir
Pour que Mutt fonctionne avec maildir
dans /etc/Muttrc
set mbox_type=Maildir
set spoolfile="~/Maildir/"
set folder="~/Maildir/"
set mask=".*" # the default mask hides dotfiles and maildirs are dotfiles now.
# set mask="!^\.[^.]" # this line intentionally commented out
set record="+.Sent"
set postponed="+.Drafts"
mailboxes ! + `\
for file in ~/Maildir/.*; do \
box=$(basename "$file"); \
if [ ! "$box" = '.' -a ! "$box" = '..' -a ! "$box" = '.customflags' \
-a ! "$box" = '.subscriptions' ]; then \
echo -n "\"+$box\" "; \
fi; \
done`
macro index c "
macro pager c "
macro index C "
macro index M "
------------------------
SAMBA
apt-get install samba-common-bin pour fournir testparm
Pour générer le fichier de config fonctionnel et optimisé (meilleures performances)
testparm -s smb.conf.master >smb.conf
In the Authentication section, uncomment
security = user
ajouter les passwords des users
pi@raspberrypi ~ $ sudo smbpasswd -a pi
-----------------
CONTOURNEMENT BUG CUPS SAMBA NT_STATUS_ACCESS_DENIED
il faut ajouter cette directive :
use client driver = yes
load printers = yes
printing = cups
printcap name = cups
---------------------
export DISPLAY
Sur ubuntu client :
To enable it, add xserver-allow-tcp=true to lightdm:
sudo vi /usr/share/lightdm/lightdm.conf.d/50-xserver-command.conf
[SeatDefaults]
# Dump core
xserver-command=X -core
xserver-allow-tcp=true
----------------
Changer les alternative pour l'editor
installer vim
modifier /usr/share/vim/vimrc
syntax on
/etc/alternatives# rm editor;ln -s /usr/bin/vim.basic editor
------------
CUPSD
pour qu'un utilisateur puisse modifier le serveur il doit être dans le group lpadmin
le fichier /etc/cups/cups-files-conf détermine ce group par la directive
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
SystemGroup lpadmin
----------------------------------
problème certificat non valide base
http://www.fetchmail.info/fetchmail-FAQ.html#K5
fetchmail -v in.base.be
Signature: 9C:F1:CF:DD:C2:73:E6:30:70:B6:85:3A:CD:2E:46:33
ajouter dans fetchmail.rc
en dessous de chaque username
sslfingerprint "9C:F1:CF:DD:C2:73:E6:30:70:B6:85:3A:CD:2E:46:33"
Remarque : pas utilisé en fait. Pose un problème, mais je ne sais plus lequel.
Apparemment, j'ai choisi de laisser ceci
#sslfingerprint "9C:F1:CF:DD:C2:73:E6:30:70:B6:85:3A:CD:2E:46:33"
sslcommonname "imap.example.com"
#sslproto TLS1
mais je ne sais plus pourquoi...
dans le log mail.err
Dec 9 19:16:56 jupi fetchmail[14061]: Attention: la connexion n'est pas sûre mais on continue quand même (il vaut mieux utiliser --sslcertck !).
Dec 9 19:16:57 jupi fetchmail[14061]: Erreur de vérification du certificat du serveur : self signed certificate
Dec 9 19:16:57 jupi fetchmail[14061]: Cela signifie que le certificat racine (fourni pour /OU=IMAP server/CN=imap.example.com/emailAddress=postmaster@example.com) n'est pas dans la liste des certificats des CA de confiance ou que c_rehash doit être exécuté sur le répertoire des certificats. Pour plus de détails, consultez la documentation de --sslcertpath et --sslcertfile dans la page de manuel.
---------------------------------------------
réglages syslog
/etc/rsyslog.conf
root@jupi:/var/log# cat /etc/rsyslog.conf
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#################
#### MODULES ####
#################
$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog # provides kernel logging support
#$ModLoad immark # provides --MARK-- message capability
# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
###########################
#### GLOBAL DIRECTIVES ####
###########################
#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
#
# Set the default permissions for all log files.
#
$FileOwner root
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
###############
#### RULES ####
###############
#
# First some standard log files. Log by facility.
#
auth,authpriv.* /var/log/auth.log
*.*;\
auth,authpriv,mail.none;\
local0.none /var/log/syslog
#cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
lpr.* -/var/log/lpr.log
#mail.* -/var/log/mail.log
user.* -/var/log/user.log
local0.* -/var/log/ipupdate.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
#mail.=info /var/log/mail.info
#mail.=debug /var/log/mail.debug
#mail.=notice /var/log/mail.notice
mail.warn /var/log/mail.err
mail.=debug;mail.=info;\
mail.=notice /var/log/mail.log
#
# Logging for INN news system.
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none;\
local0.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news,local0.none -/var/log/messages
#
# Emergencies are sent to everybody logged in.
#
*.emerg :omusrmsg:*
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
#daemon.*;mail.*;\
# news.err;\
# *.=debug;*.=info;\
# *.=notice;*.=warn |/dev/xconsole
configuration wheezy sur raspberry pi
timezonedpkg-reconfigure tzdata
network static
vi /etc/network/interfaces
auto lo
iface lo inet loopback
iface eth0 inet static
address 10.0.1.68
netmask 255.255.255.0
gateway 10.0.1.1
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
Vérifier que les dns sont bien indiqués dans /etc/resolv.conf
keyboard
vi /etc/default/keyboard
# KEYBOARD CONFIGURATION FILE
# Consult the keyboard(5) manual page.
XKBMODEL="pc105"
XKBLAYOUT="be"
XKBVARIANT=""
XKBOPTIONS=""
BACKSPACE="guess"
SAMBA
apt-get install samba samba-common-bin
~
Aucun commentaire:
Enregistrer un commentaire