i think its time now... * File transfer - XEP-0065 - Proxy65 file transfer proxy. The proxy can run in cluster mode. Important Notes: - Since this release, ejabberd requires Erlang R10B-5 or higher. R11B-5 is the recommended version. R12 is not yet officially supported, and is not recommended for production servers. - The 'ssl' option is no longer available in the listening ports. To get legacy SSL encryption use the option 'tls'. - The new ejabberdctl command line administration script can start, stop and perform many other administrative tasks in ejabberd. http://svn.process-one.net/ejabberd/branches/ejabberd-2.0.x/doc/release_notes_2.0.0.txt Reproducible: Always
I'm interested in this and would be willing to co-maintain if chainsaw so agrees.
Caleb, I'm willing to hand the package off to you at this point. Especially with the new release candidates and the feature requests (with patches), I feel that I am slowing this package down. I use this in production, in a fairly 'boring' deployment with no clustering or pubsub usage. I'm happy to provide you with any assistance required on IRC or through e-mail.
Thanks Tony - I'll take a look and endeavor to get something here shortly. I'll ping you on IRC whenever I have something to show for.
This is now in portage, but it may need some changes/work. Please advise if you have any suggestions.
Caleb has taken over maintainership of this package. Apologies for my inactiveness as an ejabberd maintainer lately.
The ebuild seems to be in portage BUT: ejabberdctl {error_logger,{{2008,2,9},{21,8,56}},"inet_config: file ~s not found~n",["/usr/etc/ejabberd/inetrc"]} the default install seems to have issues.
ejabberd 2.0.0 final is out i hope mod_proxy loads/works now, had no luck so far with rc1
/usr/sbin/ejabberdctl needs to be updated, as the paths are all wrong. Either that, or we need to install stuff into "ejabberd" directories and not "jabber".
The setup used by Gentoo seems to diverge from what ejabberd expects. I.e. paths are wrong. (And here it often seems to just hang. Though since I am a Erlang and ejabberd newb: This may be normal...)
Created attachment 149129 [details] my ejabberd 2.0.0 overlay I've spent some time trying to give this package some lovin', as I use it on my lan for various things (no FQDN or clustering, just a simple server). Since I wanted to check out some of the newer features in 2.0.0, I unmasked it and it stopped working. This got me hooked. Please find attached tarball of my overlay which is derived from the Gentoo ejabberd 2.0.0 ebuild. I took ideas from the Fedora rpm spec and also modified the Debian wrapper scripts to suit Gentoo config. I also attempted to close some open Gentoo bugs while I was at it. I had a go at bug entries 155101, 176295, 210234, 213619 and 215853, I may have fixed those but it probably introduces some new problems as well, I'm an Erlang noob. :) This is my first attempt at hacking an ebuild, especially one of such tricky nature, so feedback of any things I messed up or could have done better would be appreciated. Best Regards Gav
Note: Manifest file not found: '/usr/local/portage/net-im/ejabberd/Manifest
Works great so far. (It at least builds and runs, the basic features work.)
stuff from overlay works fine/better so far. the init script doesn't pretend on a false service start even ejabberd runs anymore. but i still have huge problems with not starting mod_proxy65. Anyone else? not sure if it is a gennto or ejabberd problem, so don't know about opening a new bug for it. who has proxy65 working, no errors about it in logs and shown in service discovery?
Glad to hear to hear it works, thanks for testing. :) I haven't tested s2s or mod_proxy65 as I don't really need them at the moment. I did have mod_proxy65 enabled in the config at one point but never bothered to poke the holes in my firewall to test service discovery more. Note that ejabberd seems quite fussy about its config, if there is something it doesn't like it will probably warn in the logs and not start (like building without mod_irc and leaving it enabled in the config). Will test s2s and mod_proxy65 a bit when I get some time, and let you know how it goes.
If s2s just means that I can communicate with accounts on my server from accounts on other servers, then yes, that works. Even with TLS (s2s_use_starttls). (Certs setup by the script you mention in the postinst.)
Created attachment 149362 [details] updated overlay I updated the overlay a bit. Changes: Included Manifest (duh) Some payment to RepoMan :-O Remove inetrc from $FILESDIR and use the ejabberd default inetrc. Added patch for fixing mod_proxy65 running in Erlang12 - this is a known ejabberd issue and is fixed in ejabberd svn. For details see here http://support.process-one.net/browse/EJAB-542 Thanks Dennis and jamatik for info regarding s2s and mod_proxy65
New ebuild still works. ;)
I committed these versions into portage. Please try them out and let me know if I missed something or more changes are needed.
thanks! but, some "political" note: http://www.ejabberd.im/ejabber Correct Spelling It happens that people spell the name of this Jabber/XMPP server wrongly. They talk about ejabber, Ejabber, Ejabberd, eJabber, or eJabberd. However, the only right spelling is ejabberd. Thus: no capitalization, and a "d" at the end.
PS: HOMEPAGE still points to http://ejabberd.jabber.ru/, while http://www.process-one.net/en/ejabberd/ (developer site) would be correct. Another option might be http://www.ejabberd.im/ (community site). This is bug #212532.
You changed: chmod 640 $pemfile chown root:jabber $pemfile to: chmod 600 $pemfile chown root $pemfile which causes: ** {{badmatch,{error,"SSL_CTX_use_certificate_file failed: error:0200100D:system library:fopen:Permission denied"}}, Though since ejabberd runs as the "jabber" user, I would propose staying with chmod 600 and just adjusting chown to "jabber".
evadim was probably talking about the init.d script.
(In reply to comment #22) > evadim was probably talking about the init.d script. > yes, excuse that has not explained
I was reading some more Gentoo docs and found that uploading a tarball is considered bad form, splitting out files is better. I also should have renamed the self-cert-v2.sh file to reflect changes, I had the cert file permission issue too. Sorry for inconvenience these caused.
updated the self-cert-v2.sh file let me know if there's anything else :)
Docs were installing with the first overlay before I tried fixing some repoman errors, but I botched the quotes in the update and they do not install now. Would this work and keep repoman happy? dohtml "${WORKDIR}"/"${MY_P}"/doc/*.{html,png}
during every system-restart ejabberd-init-script fails/gives an error because of: # ls /var/run/jabber/ -la ... -r-------- 1 jabber jabber 20 15. Apr 00:00 .erlang.cookie ... and # cat /etc/init.d/ejabberd | grep chmod chmod 0600 /var/run/jabber/.erlang.cookie the last line should be removed or moved to the ebuild (postinst)
Just an FYI, the April 11th tarball has a couple path errors in the /etc/init.d/ejabberd file. Search and replace /bin/ejabber with /sbin/ejabber to fix them.
After stopping ejabberd, removing that line in the init script, removing the cookie file and starting ejabberd, the cookie is regenerated with the correct permissions. I'm for removing the line from the init script too, it looks redundant now, unless user runs ejabberd as root before using the init script as mentioned in bug 190266, but then user should know not to do this. Changes I'm using are based from the ejabberd-2.0.0-r1 (now in portage thanks to Caleb :) Fix init script cookie issue by removing chown line from init script. Replace "eJabberd" with "ejabberd" in init script output. Include doc files in a way that repoman likes (really this time, quotes are not my friend it seems), also added release notes file after actually reading bug 155101. Regarding init script in comment #28: Thanks for info, I could not figure out what you meant though. :(
Created attachment 149984 [details] changes described in comment 29
Created attachment 149985 [details] changes described in comment 29
Guys - I'll work on getting these changes into portage tomorrow. In the meantime, I'm getting some reports that using /etc/init.d/ejabberd restart doesn't work, but using stop then start does work. Can anyone else verify this?
(In reply to comment #32) > In the meantime, I'm getting some reports that using /etc/init.d/ejabberd > restart doesn't work, but using stop then start does work. Can anyone else > verify this? > for me it always work. erlang have kpoll USE-flag, may be add it to ejaberd? original init script from ejabberd 2.0 have this: ejabberdctl.cfg: # POLL: Kernel polling ([true|false]) # # The kernel polling option requires support in the kernel. # Additionaly, you need to enable this feature while compiling Erlang. # # Default: true # #POLL=true kpoll enabled by +K true in erl comand line: in my /usr/sbin/ejabberd: exec $ERL $SNAME $EJABBERD_NODE \ -s ejabberd +K true \
Efimov, Can you provide a patch? I guess I don't exactly see how to put this in.
(In reply to comment #34) --- /root/ejabberd 2008-04-30 16:47:48.000000000 +0400 +++ /root/ejabberd.poll 2008-04-30 16:45:58.000000000 +0400 @@ -40,7 +40,7 @@ export EJABBERD_CONFIG_PATH=$CONFIG exec $ERL $SNAME $EJABBERD_NODE \ - -s ejabberd \ + -s ejabberd +K true \ -kernel inetrc \"$INETRC\" \ -sasl sasl_error_logger \{file,\"$SASL_LOG\"\} \ -mnesia dir \"$SPOOL\" \ but how to implement that? USE or just variable in init-script? kpoll depend on kernell support (may be CONFIG_EPOLL=y ? don't know) more info http://www.ejabberd.im/kernel-poll but post very old & now it works without patches
in original script it enabled like smp: quote=original script # define default configuration POLL=true SMP=auto ERL_PROCESSES=250000 ERLANG_OPTS="+K $POLL -smp $SMP +P $ERL_PROCESSES" # start server start () { erl \ $NAME $ERLANG_NODE \ -noinput -detached \ -pa $EJABBERD_EBIN \ -mnesia dir "\"$EJABBERD_DB\"" \ -s ejabberd \ -sasl sasl_error_logger \{file,\"$SASL_LOG_PATH\"\} \ $ERLANG_OPTS $ARGS "$@" } may be add it to /etc/init.d/ejabberd & /etc/conf.d/ejabberd like smp?
ejabberd 2.0.1 20 May 2008 Recent changes include: - Erlang R12 support. - Better LDAP handling. - PubSub bugfixes. - Documentation improvements. - inband registration limitation per IP. - s2s improvements. http://svn.process-one.net/ejabberd/branches/ejabberd-2.0.x/doc/release_notes_2.0.1.txt
Created attachment 153933 [details, diff] Patch for the ebuild to compile and install 2.0.1 Emerges with attached changes. Does not run properly however. Attached is also a patch to fix eacces errors. This bug was present in the 2.0.0-r1 ebuild, too! The remaining issue seems to have something to do with SASL/SSL. I wont post a full log here, since at least one portion of it contained my passwords, and I have no clue what the other cryptic numbers mean. (Removed parts marked with "...".) =INFO REPORT==== 2008-05-22 14:01:38 === I(<0.259.0>:ejabberd_listener:112) : (#Port<0.425>) Accepted connection {{77,187,179,150},36529} -> {{87,106,43,29},5222} =ERROR REPORT==== 2008-05-22 14:01:39 === ** State machine <0.426.0> terminating ** Last event in was {xmlstreamelement, {xmlelement,"response", [{"xmlns","urn:ietf:params:xml:ns:xmpp-sasl"}], ... ** When State == wait_for_sasl_response ** Data == {state, {socket_state,tls, {tlssock,#Port<0.425>,#Port<0.430>}, <0.425.0>}, ... ** Reason for termination = ** {{case_clause,"my secret password"}, [{cyrsasl_digest,mech_step,2}, {cyrsasl,server_step,2}, {ejabberd_c2s,wait_for_sasl_response,2}, {gen_fsm,handle_msg,7}, {proc_lib,init_p,5}]} Those logs are extremely cryptic to the untrained eye... No idea what causes this or whether this is a bug in ejabberd, sasl, the original ebuild, my changed ebuild... I just know this does not happen with 2.0.0-r1. If you need more non-sensitive information, I can post that here. Portage 2.1.4.4 (default-linux/x86/vserver, gcc-4.1.2, glibc-2.6.1-r0, 2.6.9-023stab044.11-smp i686) ================================================================= System uname: 2.6.9-023stab044.11-smp i686 Dual Core AMD Opteron(tm) Processor 175 Timestamp of tree: Mon, 19 May 2008 13:45:01 +0000 app-shells/bash: 3.2_p33 dev-lang/python: 2.5.2-r3 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.7.9-r1, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-pipe -O2 -march=i686 -fomit-frame-pointer -fstack-protector" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-pipe -O2 -march=i686 -fomit-frame-pointer -fstack-protector" DISTDIR="/usr/portage/distfiles" FEATURES="collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ http://distfiles.gentoo.org" LANG="en_GB.UTF-8" LC_ALL="en_GB.UTF-8" LDFLAGS="-Wl,--hash-style=gnu" LINGUAS="de" MAKEOPTS="-j1" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_EXTRA_OPTS="--include='/x11-libs/' --include='/x11-libs/qt*/' --exclude='/x11-libs/*/' --exclude='/games*/' --exclude='/gnome*/' --exclude='/gnustep*/' --exclude='/kde*/' --exclude='/rox*/' --exclude='/sci*/' --exclude='/x11*/' --exclude='/xfce*/'" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="berkdb cli cracklib crypt dri fortran iconv ipv6 isdnlog midi mudflap mysql ncurses nls openmp pam pcre perl php postfix pppd python readline reflection sasl session snmp spl ssl tcpd unicode userlocales vhosts x86 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="de" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
Created attachment 153935 [details, diff] Patch for 2.0.x init script, to prevent eacces errors. (Needed for all versions.)
Forgot a detailed description: When I try to log into my server, it seems to get stuck in an authentication loop, sending/receiving requests and challenges. Why it does that is not clear to me from the error message.
bumped in portage, please try it out and let me know if we need to do anything more
We tracked down the issue to be a svn-revision mismatch between ejabberd_c2s and cyrsasl_digest. 2.0.1 will get rereleased, probably today, since there were also other modules wrongly packed. The rereleased tarball will then have these issues fixed.
it's out http://www.process-one.net/downloads/ejabberd/2.0.1/ejabberd-2.0.1_2.tar.gz
Created attachment 154053 [details] ebuild for ejabberd-2.0.1-r2 My take at updating the ebuild for the fixed release. Worked for me... YMMV!
re-relaese of 2.0.1 still doesn't compile with USEFLAG ldap
MY_PV=${PV} MY_P=${PN}-${MY_PV} This is basically a noop, right? --- I think the -r version argument is reserved for Gentoo revisions. Instead I presume something like 2.0.1_p2 or 2.0.1.2 should be used? Then probably with an adapted MY_PV?
Bumped to ejabberd-2.0.1_p2.ebuild
ejabberd-2.0.1-p2 adds /etc/init.d/ejabberd script with a new line "cd /var/lib/ejabberd". This directory is not created by the ebuild.
Oups, sorry. I didn't test it yet, but I think any directory which is readable by the jabber user would work. (The directory change is to workaround the issue where ejabberd/erlang (?) would report lots of eaccess errors for files like ./lib.beam.)
I was trying to build ejabberd 2.0.1 with makeopts=-j(3 or 4) and had it fail with this error: make[1]: Entering directory `/builddir/build/BUILD/ejabberd-2.0.1/src/eldap' /usr/bin/erlc -bber_bin -W -I .. -pz .. ELDAPv3.asn make[1]: *** No rule to make target `ELDAPv3.beam', needed by `all'. Stop. make[1]: *** Waiting for unfinished jobs....
http://lists.jabber.ru/pipermail/ejabberd/2008-May/003770.html
ejabberd 2.0.2 released on 2008-08-29 17:52 * Anti-abuse feature: client blacklist support by IP. * Guide: new section Securing ejabberd; improved usability. * LDAP filter optimisation: ability to filter user in ejabberd and not LDAP. * MUC improvements: room options to restrict visitors; broadcast reasons.
@Julian Golderer For those who aren't able to read... Quote of the Changelog: *ejabberd-2.0.2 (09 Sep 2008) 09 Sep 2008; Caleb Tennis <caleb@gentoo.org> -ejabberd-2.0.2_beta1.ebuild, +ejabberd-2.0.2.ebuild: version bump
I guess we can close this out.