Koozali.org: home of the SME Server

Obsolete Releases => SME VoIP (Asterisk, SAIL etc) => Topic started by: jester on August 05, 2011, 11:36:58 PM

Title: Several errors with SAIL (SME8A14V31116.iso) install
Post by: jester on August 05, 2011, 11:36:58 PM

Hi SARK-Devs,

Today i've clean installation of the SME8A14V31116.iso (and added the Zarafa contrib)... but i'm getting several mails with errors messages:

• The following mail is flooding my mailbox (approx. every 30 sec.):
  
  Quote

  Subject: Cron <root@phoenix> perl /opt/sark/scripts/srkrestrtdm.pl
  
  Can't locate IO/Socket/Multicast.pm in @INC (@INC contains: /opt/sark/perl/modules /usr/lib/perl5/site_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi /usr/lib/perl5/vendor_perl/5.8.8 /usr/lib/perl5/vendor_perl /usr/lib/perl5/5.8.8/i386-linux-thread-multi /usr/lib/perl5/5.8.8 .) at /opt/sark/scripts/responder.pl line 32.
  
  BEGIN failed--compilation aborted at /opt/sark/scripts/responder.pl line 32.

  
  
  
• Then these type of messages, and i think my workstations ip-address got blacklisted somehow by this, 'cause i got totally shut out on that ip :
  
  Quote

  Subject: OSSEC Notification - phoenix - Alert level 13
  
  OSSEC HIDS Notification.
  2011 Aug 05 22:23:08
  Received From: phoenix->/var/log/httpd/access_log
  Rule: 1003 fired (level 13) -> "Non standard syslog message (size too large)."
  
  Portion of the log(s):
  
  [05/Aug/2011:22:23:08 +0200] "GET /static.php=3Fversion=3D7.0.0-27791&p[]=3Dclient/core/constants.js&p[]=3Dclient/core/fixedsettings.js&p[]=3Dclient/core/utils.js&p[]=3Dclient/views/view.js&p[]=3Dclient/views/table.view.js&p[]=3Dclient/widgets/widget.js&p[]=3Dclient/widgets/menu.js&p[]=3Dclient/layout/js/dialog.js&p[]=3Dclient/modules/module.js&p[]=3Dclient/modules/dialogmodule.js& HTTP/1.1" 200 44027 "https://phoenix.domain.tld/index.php=3Fload=3Ddialog&task=3Dreadmail_standard&storeid=3D0000000038a1bb1005e5101aa1bb08002b2a56c200007a617261666136636c69656e742e646c6c0000000000b0512fa976c34c169ab4b35e337b8a6701000000010000007d17e630eba94cdbb4f94f56da4d55ec70736575646f3a2f2f556e6b6e6f776e00&parententryid=3D00000000b0512fa976c34c169ab4b35e337b8a670100000003000000810bc7c27924419c844f44b4d8ab7bc000000000&entryid=3D00000000b0512fa976c34c169ab4b35e337b8a67010000000500000083afbd37084e4db4bbde5b807fe22d8700000000" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.30 (KHTML, like Gecko) Ubuntu/10.04 Chromium/12.0.742.112 Chrome/12.0.742.112 Safari/534.30"
  
  
   --END OF NOTIFICATION

  
  
  
• And last but not least:
  
  Quote

  Subject: Cron <root@phoenix> php /opt/sark/generator/srktimer.php
  
  Warning: Terminal locale not UTF-8, but UTF-8 locale is being forced.
  
           Screen output may not be correctly printed.
  

I could not find any related posts... weird 'cause the iso has been posted some time ago. Are these known issues?
Any pointers on how to resolve this are greatly appreciated.

Kind regards.

Title: Re: Several errors with SAIL (SME8A14V31116.iso) install
Post by: SARK devs on August 06, 2011, 09:56:28 PM

Hello Jester

Let's see if we can get you back on the road.

You are missing an rpm (it is missing from the distro).  You can get it here

http://sailpbx.com/sail/sail-3.1/perl-IO-Socket-Multicast-1.12-1.rhel5.i386.rpm

The second issue is OSSEC complaining about the length of log message that one of your applications is writing.  Looks like maybe a webmail app perhaps?  As long as you are happy that the message is valid you can ignore it,  turn off that message in OSSEC or change the maximum length in the rule.  You can find the rule in /var/ossec/rules/syslog_rules.xml.  Here is what it says

Code: [Select]

  <rule id="1003" level="13" maxsize="1025">
    <description>Non standard syslog message (size too large).</description>
  </rule>
If you change it, you'll need to bounce ossec or the box.  As an aside; are you sure that OSSEC is locking you out?  Do you see your IP being dropped when you do iptables -L ?


Lastly, I have no idea what the locale message is but there are other posts about that message which reference the zarafa contrib.

Kind Regards

S 



 




 

Title: Re: Several errors with SAIL (SME8A14V31116.iso) install
Post by: jester on August 10, 2011, 08:51:48 AM

Hi S.

Missing rpm installed, OSSEC adjusted (i was being dropped)... things are looking much brighter now ;) On with the testing and fiddling.
You are right about the locale message being related to Zarafa... i'm still investigating that one.


Thanks ever so much!
Jester.

Title: Re: Several errors with SAIL (SME8A14V31116.iso) install
Post by: compsos on August 20, 2011, 10:46:30 AM

Jester

Did you find a solution? It looks like it is wider than SME http://osdir.com/ml/centos/2011-07/msg01443.html (http://osdir.com/ml/centos/2011-07/msg01443.html)