Troubleshooting /usr/sbin/ejabberdctl: line 428: 14615 Segmentation fault

I noticed once after installing EJabberd in Ubuntu Server 16.04 and adding the user from the root command:

ejabberdctl register USER localhost PASSWORD

The following error:

/usr/sbin/ejabberdctl: line 428: 14615 Segmentation fault $EXEC_CMD “$CMD”

The log file /var/log/syslog reported:

Sep 11 11:17:00 mail kernel: [4647543.535271] audit: type=1400 audit(1505117820.598:43): apparmor=”DENIED” operation=”file_mmap” profile=”/usr/sbin/ejabberdctl//su” name=”/bin/su” pid=14439 comm=”su” requested_mask=”m” denied_mask=”m” fsuid=0 ouid=0

To solve the error, I opened the apparmor configuration file:

nano /etc/apparmor.d/usr.sbin.ejabberdctl

Found the string:

/bin/su                                 r,

And changed it by adding m:

/bin/su                                 rm,

Restarted the apparmor:

sudo service apparmor restart

Done, the error no longer appears.

Configuring the ircd-hybrid

Suppose we installed ircd-hybrid as I described in this article – Installing the IRC server – ircd-hybrid
Now proceed to setup.

Let’s edit the text of the welcome message:

sudo nano /etc/ircd-hybrid/ircd.motd

Make a copy of the configuration file just in case:

sudo cp /etc/ircd-hybrid/ircd.conf /etc/ircd-hybrid/ircd_original.conf

Open the main configuration file in the text editor, configure the parameters and comment out the unnecessary ones:

sudo nano /etc/ircd-hybrid/ircd.conf

In the configuration file, the standard serverinfo parameters are first followed, if desired, we change them:

serverinfo {
        name = "hybrid8.debian.local";
        description = "test";
        network_name = "debian";
        network_desc = "This is My Network";
        hub = no;
        default_max_clients = 512;
        max_nick_length = 15;
        max_topic_length = 300;
};

Further, contact the server administrator, if desired, change them:

admin {
        name = "SYSADMIN";
        description = "Main Server Administrator";
        email = "<admin@example.com>";
};

Network parameters (on which ports the ircd-hybrid will work, for example, you can change to 6667):

listen {
        port = 6665 .. 6669;
};

The first auth block that allows you to connect everything from the local address 127.0.0.1:

auth {
        user = "*@127.0.0.1";
        spoof = "i.love.debian.org";
        class = "opers";
        flags = need_password, spoof_notice, exceed_limit, kline_exempt,
                xline_exempt, resv_exempt, no_tilde, can_flood;
};

Another auth block allows you to connect to all (comment or change to your own needs):

auth {
        user = "*@*";
        class = "users";
        flags = need_ident;
};

For example, create a password for the user, copy the result of the command in an encrypted form:

mkpasswd PASSWORD

We add the possibility of authorization to any users only with a password and from the specified network:

auth {
        user = "*@192.168.3.0/24";
        class = "users";
        flags = need_password;
encrypted = yes;
password = "PASSWORD_FROM_mkpasswd";
};

In the auth block the password will be stored in encrypted form, in the IRC client it is specified as it is.
To specify the password in the auth block in the unencrypted form, you need to remove encrypted.

In the general section, disable the need_ident:

general {
...
disable_auth = yes;
...
};

Restart ircd-hybrid to apply the changes:

sudo /etc/init.d/ircd-hybrid restart
sudo service ircd-hybrid restart

We can also add an operator:

auth {
name = "admin";
user = "admin@192.168.3.254/32";
class = "opers";
flags = need_password, spoof_notice, exceed_limit, kline_exempt;
encrypted = yes;
password = "PASSWORD_FROM_mkpasswd";
};

You can block IP addresses as necessary in the following ways:

deny {
       ip = "192.168.4.4/32";
       reason = "Spam";
};

After the changes in the configuration file, you need to restart the ircd-hybrid.
As a customer you can use for example free AdiIRC.

Installing the IRC server – ircd-hybrid

Here is an example of installing an IRC server – ircd-hybrid.

To install ircd-hybrid in Ubuntu, run the following command:

sudo apt-get install ircd-hybrid

After installation, ircd-hybrid will use TCP ports 6665-6669.

If desired, to connect to the IRC from the terminal, you can set for example the IRC client epic4:

sudo apt-get install epic4

And connect:

irc 127.0.0.1

You can connect to the channel with the command:

/join CHANNEL

Go out:

/quit

Check whether the ircd-hybrid is running, for example:

netstat -a | grep irc
netstat -an | grep 6667

Restart ircd-hybrid as follows:

sudo /etc/init.d/ircd-hybrid restart

If iptables is used, before you need to write a rule:

sudo iptables -A INPUT -p tcp -m tcp -s 192.168.1.0/24 --dport 6667 -j ACCEPT

This completes the installation and you can proceed with the configuration.
See my article about setting up – Configuring the ircd-hybrid

I’ll also give an example of installing ircd-hybrid from the sources.
Download ircd-hybrid from the official site:

wget http://prdownloads.sourceforge.net/ircd-hybrid/ircd-hybrid-8.2.22.tgz
tar -xvf ircd-hybrid-8.2.22.tgz
cd ircd-hybrid-8.2.22

Install the necessary components:

sudo apt-get install build-essential unzip cmake

Configure and install ircd-hybrid:

./configure --prefix="/home/USER/ircd"
make
make install

You can also install Anope (to extend the functionality):

cd /tmp/
wget https://github.com/anope/anope/archive/2.0.zip
unzip 2.0.zip
cd anope-2.0
./Config
cd build
make
make install

Let’s install the right owner:

sudo chown -R USER: ~/services ~/ircd

Setting up a backup space for Hetzner.de

On the test went into https://robot.your-server.de/, has opened Main functions – Servers, selected the server and in the tab Backup activated free 100GB, since for servers costing 39 € or more this place was allocated for free.
Activated WebDAV to test, samba was already activated, it is also possible to connect via FTP, FTPS, SFTP and SCP using a user name and password, via SFTP/SCP, you can also connect using the key.
The speed of data transfer to the backup server depends on the number of connected users and their traffic.
When connecting, use a domain name, for example USER.your-backup.de, because the IP address can change.
Also, you can not create the /etc and /lib directories in place for backups.

For an example in Ubuntu Server, I will mount a backup location using SAMBA/CIFS.
Install the necessary utilities and create a directory in which we will mount:

sudo apt-get install cifs-utils
sudo mkdir /backup

Temporarily mount the place with the command:

sudo mount.cifs -o user=USER,pass=PASSWORD //USER.your-backup.de/backup /backup

To automatically mount after rebooting the system, add the following line to the / etc / fstab file:

//USER.your-backup.de/backup /backup   cifs  iocharset=utf8,rw,credentials=/etc/backup-credentials.txt,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0

To open a file it is possible for example with the text editor nano (CTRL+X for an output, y/n for saving or canceling changes):

sudo nano /etc/fstab

And add the following lines to the file /etc/backup-credentials.txt:

username=USER
password=PASSWORD

We will only set permissions for the file owner for security reasons:

sudo chmod 600 /etc/backup-credentials.txt

If you use the Windows operating system, you need to create a system user with the same login and password as the backup location.

Now I will connect to the test via WebDAV.
Install the necessary utilities and create a directory in which we will mount:

sudo apt-get install davfs2
sudo mkdir /backup

In CentOS:

yum install davfs2
mkdir /backup

Temporarily to mount through WebDAV a place it is possible a command:

sudo mount -t davfs https://USER.your-backup.de /backup

To automatically mount after rebooting the system, add the following line to the /etc/fstab file:

https://USER.your-backup.de /backup davfs rw,uid=SYSTEM_USER,gid=SYSTEM_GROUP,file_mode=0660,dir_mode=0770 0 0

And in the file /etc/davfs2/secrets the following line:

https://USER.your-backup.de USER PASSWORD

That’s all, in my case, you can save backups to the /backup directory.

Installing and configuring ownCloud

ownCloud – Web application for synchronization, sharing and remote storage of data in the “cloud”.

Perform the installation of ownCloud for example in Ubuntu:

sudo apt-get install owncloud

I noticed that in Ubuntu, at the time of installation I tested on Ubuntu 14.04.03 LTS, canceled the installation of ownCloud from the repository, so you can add a third party and install or update from it. We look at the sources https://software.opensuse.org/package/owncloud

On Ubuntu 14.04, for example, installation from a third-party repository is performed by the following commands:

sudo sh -c "echo 'deb http://download.opensuse.org/repositories/isv:/ownCloud:/community/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
sudo apt-get update
sudo apt-get install owncloud

The next step is to open the web interface http://server/owncloud in the browser and create the login and password for the administrator account, as well as specify the type of database to store the settings, accounts and other information owncloud.
For better performance, it’s better to use the mysql database, for this we will install the MySQL server and create it:

sudo apt-get install mysql-server
mysql -u root -p
create database owncloud;
grant all privileges on owncloud.* to owncloud@localhost  identified by 'ПАРОЛЬ';
exit

To be able to upload large files into owncloud, you will need to edit /etc/php5/apache2/php.ini by changing the upload_max_filesize and post_max_size in it, for example to 2048mb.

See also:
Install Nextcloud in Ubuntu

Allow insecure connections to POP3 / IMAP iRedMail

In order to be able to connect to POP3 / IMAP without STARTTLS, you need to open the Dovecot configuration file:

sudo nano /etc/dovecot/dovecot.conf

Edit the two parameters listed below:

disable_plaintext_auth=no
ssl=yes

To return the parameters of the secure connection to POP3S / IMAPS back:

disable_plaintext_auth=yes
ssl=required

After the changes in the Dovecot configuration, you need to restart it:

sudo /etc/init.d/dovecot restart

See also:
How to enable SMTP without SSL on port 25 in iRedMail / Postfix