From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:message-id:organization:user-agent:in-reply-to :references:mime-version:content-type:content-transfer-encoding; bh=w/nH+9/5VsKjAEvksxPhu2KWbnYxsBYqDI8HRbbhGuA=; b=pizV8McBQGmRBw9BiWi1rg1mxDySY8rSvLM0+Ygaug2wbjeVlU5E1yNvvf/qABSW3D h8YbaBpsknEY3MXipUfgCicdwVRDi5JfagXidBbdpEJR5qz0wYOos+1JZwGw3xIctmHK roQLqydqDO+6y0KZyndSewWfXDkg3tBenJ5x4YVLtvu0NTAup+n3d2v/JGtZWsAANoD2 DcDgQnlDiCIGG80tmwa3p2IlZlKT4T4hzEQ+8amMiiJHCPaB33kf151lrCjW1q7Qs8ly AcCewORhEBLti8lHBCjTDrUUTiX7QmxbAT3UccfFbJuLIRg0POlGYaaiBCI1vHa8a9T/ n64w== X-Received: by 10.152.18.165 with SMTP id x5mr11379828lad.42.1411626065544; Wed, 24 Sep 2014 23:21:05 -0700 (PDT) From: "=?utf-8?B?0JLQsNC00LjQvCDQmNC70LvQsNGA0LjQvtC90L7Qsg==?=" X-Google-Original-From: =?utf-8?B?0JLQsNC00LjQvCDQmNC70LvQsNGA0LjQvtC90L7Qsg==?= To: ALT Linux sysadmins' discussion Date: Thu, 25 Sep 2014 15:21:01 +0900 Message-ID: <3112325.xHj1VoQ9tR@it-0.tln> Organization: =?UTF-8?B?0J7QntCeICLQotC10LvQtdCd0Y3RgiI=?= User-Agent: KMail/4.14.1 (Linux/3.14.19-std-def-alt1; KDE/4.14.1; x86_64; ; ) In-Reply-To: <5423AE32.6050904@schoolnet.by> References: <54231A81.4080107@schoolnet.by> <2323962.CzvQDx3Ha1@it-0.tln> <5423AE32.6050904@schoolnet.by> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="nextPart2012157.yXHce71I9x" Content-Transfer-Encoding: 7Bit Subject: Re: [Sysadmins] =?utf-8?b?SU0gKEphYmJlciA/KSDQtNC70Y8g0LvQvtC60LA=?= =?utf-8?b?0LvQutC4Lg==?= X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux sysadmins' discussion List-Id: ALT Linux sysadmins' discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2014 06:21:11 -0000 Archived-At: List-Archive: This is a multi-part message in MIME format. --nextPart2012157.yXHce71I9x Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8" 0JIg0L/QuNGB0YzQvNC1INC+0YIgMjUg0YHQtdC90YLRj9Cx0YDRjyAyMDE0IDA4OjU0OjU4INC/ 0L7Qu9GM0LfQvtCy0LDRgtC10LvRjCBBLiBLdWxpa291c2tpINC90LDQv9C40YHQsNC7Ogo+IDI1 LjA5LjIwMTQgMDQ6MTgsINCS0LDQtNC40Lwg0JjQu9C70LDRgNC40L7QvdC+0LIg0L/QuNGI0LXR gjoKPiA+INCSINC/0LjRgdGM0LzQtSDQvtGCIDI1INGB0LXQvdGC0Y/QsdGA0Y8gMjAxNCAxMDow NDo1OCDQv9C+0LvRjNC30L7QstCw0YLQtdC70YwgYWxleGVpQHRhZi5ydSDQvdCw0L/QuNGB0LDQ uzoKPiA+PiDQnNC+0LbQvdC+INC/0L7RgdC80L7RgtGA0LXRgtGMINCyINGB0YLQvtGA0L7QvdGD IG9wZW5maXJlCj4gPiAKPiA+INCi0L7Qu9GM0LrQviDQvtC9INC90LAg0Y/QstC1Lgo+IAo+INCU 0LvRjyDRgtCw0LrQvtCz0L4g0L/RgNC+0YHRgtC+0LPQviDRgdC70YPRh9Cw0Y8g0Y/QstCwIC0t INCx0LDQsNCw0LDQu9GM0YjQvtC5INC80LjQvdGD0YEuCgrQotC+0LPQtNCwINC70L7QstC40YLQ tSDQutCy0LjQvdGC0Y3RgdGB0LXQvdGG0LjRjiAo0LHQtdC3INC/0YPRgdGC0YvRhSDQuCDQt9Cw 0LrQvtC80LzQtdC90YLQsNGA0LXQvdC90YvRhSDRgdGC0YDQvtC6LCDRgSDRhNC10LnQutCw0LzQ uCAK0YHQtdGA0LLQtdGA0L7Qsi/QsNC00LzQuNC90L7Qsi/Qv9Cw0YDQvtC70LXQuSkg0L7QsdC6 0LDRgtCw0L3QvdC+0LPQviDQutC+0L3RhNC40LPQsCBlamFiYmVyZCwg0YDQsNCx0L7RgtCw0Y7R idC10LPQviDQsiDQtNCw0L3QvdGL0LkgCtC80L7QvNC10L3RgiDQvdCwIHVzaWIudHYsIHVzcG9z dC5ydSwgbmVkc2liLnJ1CgrQo9GH0YLQuNGC0LUg0YLQvtC70YzQutC+LCDRh9GC0L4g0YMg0LzQ tdC90Y8g0YjQsNCzINGC0LDQsdGD0LvRj9GG0LjQuCAtIDQg0YHQuNC80LLQvtC70LAuINCYINC0 0LvRjyDQv9GA0LDQstC40LvRjNC90L7QuSAK0YDQsNGB0YbQstC10YLQutC4INGB0LjQvdGC0LDQ utGB0LjRgdCwINCyINC80LjQtNC90LDQudGC0LUg0LzQvtC20L3QviDQvdCwINCy0YDQtdC80Y8g 0L/RgNCw0LLQutC4INC00LDRgtGMINGE0LDQudC70YMg0YDQsNGB0YjQuNGA0LXQvdC40LUgCi5l cmwsINC70LjQsdC+INGB0LTQtdC70LDRgtGMINGB0LjQvNC70LjQvdC6INGBINGC0LDQutC40Lwg 0YDQsNGB0YjQuNGA0LXQvdC40LXQvCDQuCDRgNC10LTQsNC60YLQuNGA0L7QstCw0YLRjCDRh9C1 0YDQtdC3INC90LXQs9C+LgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCtChINGD0LLQ sNC20LXQvdC40LXQvCwgKm5peC3QsNC00LzQuNC90LjRgdGC0YDQsNGC0L7RgApNb2JpbGU6ICs3 ICg5NjQpIDEwMy02NS02NwpTa3lwZTogZ2JJTW9Cb3UKSklEID0gPG1haWx0bzo+ClZpYmVyID0g TW9iaWxlClVJTjogNzg5OTUxNwo= --nextPart2012157.yXHce71I9x Content-Disposition: attachment; filename="ejabberd.cfg" Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8"; name="ejabberd.cfg" {loglevel, 2}.=09=09=09=09=09=09=09=09=09=09=09=09% Verbosity of log fi= les generated by ejabberd. {hosts, ["yoursite.ru"]}.=09=09=09=09=09=09=09=09=09% Domains served by= ejabberd. You can define one or several. {watchdog_admins, ["sysadmin@yoursite.ru"]}.=09=09=09=09% If an ejabber= d process consumes too much memory, send live notifications to those Ja= bber accounts. {listen, [=09=09=09=09=09=09=09=09=09=09=09=09=09% Which ports will eja= bberd listen, which service handles it and what options to start it wit= h. =09{5222, ejabberd_c2s, [ =09=09starttls, {certfile, "/etc/ejabberd/ejabberd.pem"},=09% If TLS is= compiled and you installed a SSL certificate, put the correct path to = the file. =09=09{access, c2s}, =09=09{shaper, c2s_shaper}, =09=09{max_stanza_size, 65536} =09]}, =09{5269, ejabberd_s2s_in, [ =09=09starttls, {certfile, "/etc/ejabberd/ejabberd.pem"}, =09=09{shaper, s2s_shaper}, =09=09{max_stanza_size, 131072} =09]}, =09{5347, ejabberd_service, [ =09=09{name, "=D0=A8=D0=BB=D1=8E=D0=B7 =D0=B2 ICQ"}, =09=09{ip, {127,0,0,1}}, =09=09{access, all}, =09=09{shaper_rule, fast}, =09=09{hosts, ["icq.yoursite.ru", "sms.yoursite.ru"], [{password, "icqP= assWord"}]} =09]}, =09{5348, ejabberd_service, [ =09=09{name, "=D0=A8=D0=BB=D1=8E=D0=B7 =D0=B2 MRA"}, =09=09{ip, {127,0,0,1}}, =09=09{access, all}, =09=09{shaper_rule, fast}, =09=09{host, "mrim.yoursite.ru", [{password, "mrimPassWord"}]} =09]}, =09{5349, ejabberd_service, [ =09=09{name, "=D0=A8=D0=BB=D1=8E=D0=B7 =D0=B2 MSN"}, =09=09{ip, {127,0,0,1}}, =09=09{access, all}, =09=09{shaper_rule, fast}, =09=09{host, "msn.yoursite.ru", [{password, "msnPassWord"}]} =09]}, =09{5350, ejabberd_service, [ =09=09{name, "=D0=A8=D0=BB=D1=8E=D0=B7 =D0=B2 =D0=BA=D0=BE=D0=BD=D1=82=D0= =B0=D0=BA=D1=82=D0=B5"}, =09=09{ip, {127,0,0,1}}, =09=09{access, all}, =09=09{shaper_rule, fast}, =09=09{host, "online.yoursite.ru", [{password, "vkPassWord"}]} =09]}, =09{5280, ejabberd_http, [http_poll, web_admin]} ]}. {s2s_use_starttls, true}.=09=09=09=09=09=09=09=09=09% Enable STARTTLS += Dialback for S2S connections. {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}.=09=09=09=09% You must spe= cify a certificate file. {auth_method, ldap}.=09=09=09=09=09=09=09=09=09=09% Authentication usin= g LDAP {ldap_servers, ["ldap.tld"]}. {ldap_base, "dc=3Dyoursite,dc=3Dru"}.=09=09=09=09=09=09=09% Search base= of LDAP directory {ldap_rootdn, "cn=3Dsysadmin,dc=3Dyoursite,dc=3Dru"}.=09=09=09=09% LDAP= manager {ldap_password, "DerUberParol"}.=09=09=09=09=09=09=09% Password to LDAP= manager {ldap_uids, [{"mail", "%u@yoursite.ru"}]}.=09=09=09=09=09% LDAP attribu= te that holds user ID {shaper, normal, {maxrate, 1000}}.=09=09=09=09=09=09=09% The "normal"=09= shaper limits traffic speed to 1 kB/s {shaper, fast, {maxrate, 50000}}.=09=09=09=09=09=09=09% The "fast"=09sh= aper limits traffic speed to 50 kB/s {acl, local, {user_regexp, "yoursite.ru"}}.=09=09=09=09=09% Local users= . Do not modify this line. {acl, admin, {user, "sysadmin", "yoursite.ru"}}. {acl, admin, {user, "sysadmin", "tld"}}. {access, max_user_sessions, [{10, all}]}.=09=09=09=09=09% Maximum numbe= r of simultaneous sessions allowed for a single user {access, local, [{allow, local}]}.=09=09=09=09=09=09=09% This rule allo= ws access only for local users {access, c2s, [=09=09=09=09=09=09=09=09=09=09=09=09% Only non-blocked u= sers can use c2s connections =09{deny, blocked}, =09{allow, all} ]}. {access, c2s_shaper, [{none, admin},=09=09=09=09=09=09% For C2S connect= ions, all users except admins use "normal" shaper =09=09=09=09=09{normal, all} ]}. {access, s2s_shaper, [{fast, all}]}.=09=09=09=09=09=09% All S2S connect= ions use "fast" shaper {access, announce, [{allow, admin}]}.=09=09=09=09=09=09% Only admins ca= n send announcement messages {access, configure, [{allow, admin}]}.=09=09=09=09=09=09% Only admins c= an use configuration interface {access, muc_admin, [{allow, admin}]}.=09=09=09=09=09=09% Admins of thi= s server are also admins of MUC service {access, muc, [{allow, all}]}.=09=09=09=09=09=09=09=09% All users are a= llowed to use MUC service {access, pubsub_createnode, [{allow, all}]}.=09=09=09=09% Everybody can= create pubsub nodes {access, register, [{deny, all}]}.=09=09=09=09=09=09=09% In-band regist= ration allows registration of any possible username. {language, "ru"}.=09=09=09=09=09=09=09=09=09=09=09% Default language us= ed for server messages. {modules, [=09=09=09=09=09=09=09=09=09=09=09=09=09% Modules enabled in = all ejabberd virtual hosts. =09{mod_adhoc,=09=09=09[]}, =09{mod_announce,=09=09[{access, announce}]},=09=09=09=09% recommends m= od_adhoc =09{mod_caps,=09=09=09[]}, =09{mod_configure,=09=09[]},=09=09=09=09=09=09=09=09% requires mod_adho= c =09{mod_disco,=09=09=09[ =09=09{extra_domains, [ =09=09=09"users.jabber.org", =09=09=09"icq.yoursite.ru", =09=09=09"sms.yoursite.ru" =09=09]} =09]}, =09{mod_irc,=09=09=09[]}, =09{mod_last,=09=09=09[]}, =09{mod_muc,=09=09=09[ =09=09{access, muc}, =09=09{access_create, muc}, =09=09{access_persistent, muc}, =09=09{access_admin, muc_admin} =09]}, =09{mod_offline,=09=09[]}, =09{mod_privacy,=09=09[]}, =09{mod_private,=09=09[]}, =09{mod_proxy65, [ =09=09{name, "=D0=A4=D0=B0=D0=B9=D0=BB=D0=BE=D0=BE=D0=B1=D0=BC=D0=B5=D0= =BD=D0=BD=D1=8B=D0=B9 =D0=BF=D1=80=D0=BE=D0=BA=D1=81=D0=B8"} =09]}, =09{mod_pubsub,=09=09[=09=09=09=09=09=09=09=09=09% requires mod_caps =09=09{access_createnode, pubsub_createnode}, =09=09{plugins, ["default", "pep"]} =09]}, =09{mod_roster,=09=09[]}, =09{mod_shared_roster_ldap,[ =09=09{ldap_base,=09=09=09"dc=3Dyoursite,dc=3Dru"}, =09=09{ldap_filter,=09=09"(initials=3D*)"}, =09=09{ldap_rfilter,=09=09"(initials=3D*)"}, =09=09{ldap_memberattr,=09"uid"}, =09=09{ldap_useruid,=09=09"uid"}, =09=09{ldap_userdesc,=09=09"cn"}, =09=09{ldap_uidattr,=09=09"cn"}, =09=09{ldap_groupdesc,=09"departmentNumber"}, =09=09{ldap_groupattr,=09"ou"} =09]}, =09{mod_stats,=09=09=09[]}, =09{mod_time,=09=09=09[]}, =09{mod_vcard_ldap,=09[ =09=09{ldap_vcard_map, [ =09=09=09{"NICKNAME",=09"%s", ["cn"]}, =09=09=09{"GIVEN",=09=09"%s", ["givenName"]}, =09=09=09{"MIDDLE",=09=09"%s", ["initials"]}, =09=09=09{"FAMILY",=09=09"%s", ["sn"]}, =09=09=09{"FN",=09=09=09"%s", ["displayName"]}, =09=09=09{"EMAIL",=09=09"%s", ["mail"]}, =09=09=09{"ORGNAME",=09=09"%s", ["o"]}, =09=09=09{"ORGUNIT",=09=09"%s", ["departmentNumber"]}, =09=09=09{"CTRY",=09=09"%s", ["co"]}, =09=09=09{"LOCALITY",=09"%s", ["l"]}, =09=09=09{"STREET",=09=09"%s", ["street"]}, =09=09=09{"REGION",=09=09"%s", ["st"]}, =09=09=09{"PCODE",=09=09"%s", ["postalCode"]}, =09=09=09{"TITLE",=09=09"%s", ["title"]}, =09=09=09{"URL",=09=09=09"%s", ["labeledURI"]}, =09=09=09{"DESC",=09=09"%s", ["description"]}, =09=09=09{"BDAY",=09=09"%s", ["birthDate"]}, =09=09=09{"TEL",=09=09=09"%s", ["telephoneNumber"]} =09=09]}, =09=09{ldap_search_fields, [ =09=09=09{"User",=09=09"cn"}, =09=09=09{"Name",=09=09"givenName"}, =09=09=09{"Family Name",=09"sn"}, =09=09=09{"Email",=09=09"mail"}, =09=09=09{"Company",=09=09"o"}, =09=09=09{"Department",=09"departmentNumber"}, =09=09=09{"Role",=09=09"title"}, =09=09=09{"Birthday",=09"birthDate"}, =09=09=09{"Description",=09"description"}, =09=09=09{"Country",=09=09"co"}, =09=09=09{"Phone",=09=09"telephoneNumber"} =09=09]}, =09=09{ldap_search_reported, [ =09=09=09{"Full Name",=09"FN"}, =09=09=09{"Nickname",=09"NICKNAME"}, =09=09=09{"Birthday",=09"BDAY"}, =09=09=09{"Country",=09=09"CTRY"}, =09=09=09{"Email",=09=09"EMAIL"} =09=09]} =09]}, =09{mod_version,=09=09[]} ]}. --nextPart2012157.yXHce71I9x--