Re: [rt-users] Help! RTX-Shredder eats all my memory...
Maybe Shredder will delete some tickets. Take a look at this bug: http://rt3.fsck.com/Ticket/Display.html?id=14170&user=guest&pass=guest ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] How should I create a db in mysql?
Hi, folks. My scenario is: Debian 5.0 lenny x86_64 Request Tracker 3.6 Mysql 5.0 This is my first time here and I need some help: I don't know to create a mysql database, since as I observed, there is no database created. -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] include transaction to search results
Hi, I have a question about the query builder. Can i include transaction fields somehow in my query? like these format: title | transaction create | completed, etc.etc I require the first transaction record to my result table if its possible. or it is only possible if i'm write a custom app to query the database itself? I can query it with native SQL with these statement: select a.* from Attachments a, Transactions t where a.Transactionid=t.id and t.objectid=$ticketid; Any suggestions? :) Thanks for your help! Regards, Zoltan Kiss ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] include transaction to search results
Hi, I have a question about the query builder. Can i include transaction fields somehow in my query? like these format: title | transaction create | completed, etc.etc I require the first transaction record to my result table if its possible. or it is only possible if i'm write a custom app to query the database itself? I can query it with native SQL with these statement: select a.* from Attachments a, Transactions t where a.Transactionid=t.id and t.objectid=$ticketid; Any suggestions? :) Thanks for your help! Regards, Zoltan Kiss ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
Login to mysql as root (or user with admin access). create database rt3; grant all on rt3.* to rt3 identified by 'password'; flush privileges; should do it IIRC. You can also use the 'mysqladmin' utility that I think the documentation references. -jake On Mon, 30 Nov 2009, Wagner Pereira wrote: Hi, folks. My scenario is: Debian 5.0 lenny x86_64 Request Tracker 3.6 Mysql 5.0 This is my first time here and I need some help: I don't know to create a mysql database, since as I observed, there is no database created. -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] [Rt-announce] SECURITY - Session Fixation Vulnerability in RT 3.0.0-3.8.5
In late September, a customer contacted us to report a session fixation
vulnerability in RT 3.8.5 and all earlier versions back to and including
RT 3.0.0. Over the course of the past month, we've worked to develop
and release a version of RT not vulnerable to this issue as well as a
"hot patch" to earlier versions of RT which eliminates the vulnerability
with minimal code changes. RT 3.8.6, released on October 19th, is _not_
vulnerable.
We have been assigned CVE number CVE-2009-3585 for this issue.
This issue could allow a malicious attacker who can operate a server in
the same domain (example.com where RT is rt.example.com) to obtain and
redistribute an RT session identifier to an unsuspecting user before
they log into RT. When that user logs in, the attacker would then be
able to hijack the user's session.
As part of an internal audit of the session handling code, we found and
fixed an additional, related vulnerability which could allow an attacker
with HTTP access to the RT server to construct a similar attack without
the need for a server within the same domain.
If you are using RT's $WebExternalAuth configuration variable, you are
not vulnerable to this issue (but should still apply this patch).
If you are using the RT extension "RT-Authen-ExternalAuth", you must apply
this patch. RT-Authen-ExternalAuth does NOT protect you from this
vulnerability.
I have attached six patches which should cover all vulnerable versions
of RT 3. RT 3.6.10 will be released later today and will include a
version of this patch. As mentioned before, RT 3.8.6 is _not_ vulnerable.
The SHA1s of patches are:
38e0a8ce3480807a5dd6cc4da0eb51183382cddd RT-3.0.0-session_fixation.v3.patch
de22a6e67d7d9d163a392d92530818f3d28e0af2
RT-3.0.1-3.0.6-session_fixation.v3.patch
03fb855a449393ef93db67b800d396bdbfb38a8f
RT-3.0.7-3.6.1-session_fixation.v3.patch
7e5acff213a735894663f63fac90c95089a5e5d1
RT-3.6.2-3.6.3-session_fixation.v3.patch
9c60e647c848e35cea5a6ffe36bdd1f0a355c91f
RT-3.6.4-3.6.9-session_fixation.v2.patch
ada53ca94fdb4db3b185a7e14405d5a9ef76017f RT-3.8-session_fixation.patch
RT 3.0.0
$ cd /opt/rt3/share
$ patch -p1 < /path/to/RT-3.0.0-session_fixation.v3.patch
RT 3.0.1-3.0.6
$ cd /opt/rt3/share
$ patch -p1 < /path/to/RT-3.0.1-3.0.6-session_fixation.v3.patch
RT 3.0.7-3.6.1
$ cd /opt/rt3/share
$ patch -p1 < /path/to/RT-3.0.7-3.6.1-session_fixation.v3.patch
RT 3.6.2-3.6.3
$ cd /opt/rt3/share
$ patch -p1 < RT-3.6.2-3.6.3-session_fixation.v3.patch
RT 3.6.4-3.6.9
$ cd /opt/rt3/share
$ patch -p1 < RT-3.6.4-3.6.9-session_fixation.v2.patch
RT 3.8.0-3.8.5
$ cd /opt/rt3/share
$ patch -p1 < /path/to/RT-3.8-session_fixation.patch
You should then clear your mason cache. If your RT is installed in
/opt/rt3, you would use this command:
$ rm -rf /opt/rt3/var/mason_data/obj/*
and restart your webserver, this is often accomplished with
$ /etc/init.d/httpd restart
(or)
$ /etc/init.d/apache restart
I apologize for any inconvenience that this issue may have caused you.
We go to great lengths to make sure that RT is robust and secure, but,
as with any software, occasionally we do find defects. We do our best
to deal with them quickly and responsibly.
I'd like to thank Mikal Gule and the University of Oslo for bringing
this issue to our attention and working with us to triage it and test
the patches included below. I'd also like to thank Thomas Goetz, who
also brought a variant of this issue to our attention.
If you require assistance evaluating whether your RT deployment is
vulnerable to this issue or deploying the patch, please don't hesitate to
contact us at sa...@bestpractical.com. While we're not able to provide
commercial support without charge, we'll make every effort to provide
help for this issue as quickly and as inexpensively as possible.
Best,
Jesse Vincent
Best Practical
diff --git a/html/Elements/SetupSessionCookie b/html/Elements/SetupSessionCookie
index 019dc28..3f8ea84 100755
--- a/html/Elements/SetupSessionCookie
+++ b/html/Elements/SetupSessionCookie
@@ -42,7 +42,7 @@ my $pm = "$session_class.pm"; $pm =~ s|::|/|g; require $pm;
LockDirectory => $RT::MasonSessionDir,
};
};
-if ($@) {
+if ( $@ || !($session{'CurrentUser'} && $session{'CurrentUser'}->id) ) {
# If the session is invalid, create a new session.
if ( $@ =~ /Object does not/i ) {
@@ -56,6 +56,18 @@ my $pm = "$session_class.pm"; $pm =~ s|::|/|g; require $pm;
};
undef $cookies{'RT_SID'};
}
+elsif ( !($session{'CurrentUser'} && $session{'CurrentUser'}->id) ) {
+tied(%session)->delete;
+tie %session, $session_class, undef,
+ $backends{$RT::DatabaseType} ? {
+Handle => $RT::Handle->dbh,
+LockHandle => $RT::Handle->dbh,
+ } : {
+Directory => $RT::MasonSessionDir,
+LockDirectory => $RT::MasonSessionD
Re: [rt-users] Users with minimal rights now have full rights - why?
John, Unless you only have a few users, I /strongly/ recommend granting privileges to groups, not to individual users. This will make rights maintenance much easier in the future. When a new person needs the same rights as others in a group, you merely add them to that group instead of adding each right time after time after time. Kenn LBNL On 11/29/2009 3:20 PM, John David Chapman wrote: OK, Lets take this step by step. I’m John Chapman, and my Customer is Joe Bloggs. So…. I log in using my superuser account “John Chapman”. I goto Configuration>Global>User Rights, and see that “Joe Bloggs” rights are only set to “create ticket” and “commentonticket”. Good. That’s what I want. BUT when I log into Joe Bloggs account he can do everything just like he is a superuser. I don’t want Joe Bloggs to be able to do that :-( ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] Using RTFM with MediaWiki?
Greetings, We currently have a public facing "howto site" for our users that runs Mediawiki. A lot of the articles there are FAQ answers that would be perfect to use as articles for RTFM but we don't want to have to maintain them in two different places. Is there a way to link RTFM and Mediawiki so that I an pull articles from Mediawiki instead of/in addition to RTFM? -- Randy Smith http://www.vuser.org/ http://perlstalker.blogspot.com/ ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] You're almost there
Hi, friends. Finishing my RT configuration, I faced this up: RT: Request Tracker You're almost there! You haven't yet configured your webserver to run RT. You appear to have installed RT's web interface correctly, but haven't yet configured your web server to "run" the RT server which powers the web interface. The next step is to edit your webserver's configuration file to instruct it to use RT's mod_perl , fastcgi or speedycgi handler. What's next? -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] 3.8.6: WritableAttributes error in Web.pm's AttemptExternalAuth
I am trying to upgrade our 3.6.5 RT instance to 3.8.6 and I am getting
an error at the point of first log on.
There is new code in RT 3.8.6 that wasn't present in 3.8.5 that is
throwing an error for me:
error: Can't locate object method "WritableAttributes" via package
"pms52" (perhaps you forgot to
load "pms52"?) at /opt/rt3/bin/../lib/RT/Interface/Web.pm line 367,
line 276.
context:
...
363: # now get user specific information, to better create our user.
364: my $new_user_info =
RT::Interface::Web::WebExternalAutoInfo($user);
365:
366: # set the attributes that have been defined.
367: foreach my $attribute ( $user->WritableAttributes ) {
368: $m->callback(
369: Attribute => $attribute,
370: User => $user,
371: UserInfo => $new_user_info,
...
code stack:
/opt/rt3/bin/../lib/RT/Interface/Web.pm:367
/opt/rt3/bin/../lib/RT/Interface/Web.pm:197
/opt/rt3/share/html/autohandler:53
I have RT configured to use WebExternalAuto, and so have an Apache
module providing the userid via REMOTE_USER and user info collected via
ldap. I logon with username "pms52" which appears in the error. I can
also see in the rt log that it has successfully retrieved my information
from our ldap server.
I am not a perl programmer but it looks to me like the RT code at line
367 is expecting a database object but has a String instead.
The AttemptExternalAuth subrouting is new in RT 3.8.6. Is there
something I have not configured correctly or is there a bug ? I have
pasted what I think are the relevant parts of our RT_SiteConfig below.
Many thanks,
Philip Shore.
Set($AuthMethods, ['Internal']);
Set($WebExternalAuth , 1);
Set($WebExternalAuto , 1);
Set($AutoCreate, { Privileged => 0 } );
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 1);
Set($LdapAttrMap, {'Name' => 'uid',
'EmailAddress' => 'mail',
'Organization' => 'instID',
'RealName' => 'displayName',
'NickName' => 'title',
'ExternalContactInfoId' => 'mailAlternative',
'ExternalAuthId' => 'uid',
'Gecos' => 'uid',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'postalAddress',
'Address2' => 'postalAddress'}
);
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: sa...@bestpractical.com
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] 3.8.6: WritableAttributes error in Web.pm's AttemptExternalAuth
On Mon, Nov 30, 2009 at 06:38:14PM +, Philip Shore wrote:
> I am trying to upgrade our 3.6.5 RT instance to 3.8.6 and I am getting
> an error at the point of first log on.
>
> There is new code in RT 3.8.6 that wasn't present in 3.8.5 that is
> throwing an error for me:
I'd be interested to know if the untested attached patch fixes the
issue you're seeing.
Your siteconfig is also really odd, it isn't clear to me if you're
using all in-house config, or some mix of apache auth and
RT-Authen-ExternalAuth or the much older ldap handler.
-kevin
> error: Can't locate object method "WritableAttributes" via package
> "pms52" (perhaps you forgot to
> load "pms52"?) at /opt/rt3/bin/../lib/RT/Interface/Web.pm line 367,
> line 276.
> context:
> ...
> 363: # now get user specific information, to better create our user.
> 364: my $new_user_info =
> RT::Interface::Web::WebExternalAutoInfo($user);
> 365:
> 366: # set the attributes that have been defined.
> 367: foreach my $attribute ( $user->WritableAttributes ) {
> 368: $m->callback(
> 369: Attribute => $attribute,
> 370: User => $user,
> 371: UserInfo => $new_user_info,
> ...
> code stack:
> /opt/rt3/bin/../lib/RT/Interface/Web.pm:367
> /opt/rt3/bin/../lib/RT/Interface/Web.pm:197
> /opt/rt3/share/html/autohandler:53
>
>
> I have RT configured to use WebExternalAuto, and so have an Apache
> module providing the userid via REMOTE_USER and user info collected via
> ldap. I logon with username "pms52" which appears in the error. I can
> also see in the rt log that it has successfully retrieved my information
> from our ldap server.
>
> I am not a perl programmer but it looks to me like the RT code at line
> 367 is expecting a database object but has a String instead.
>
> The AttemptExternalAuth subrouting is new in RT 3.8.6. Is there
> something I have not configured correctly or is there a bug ? I have
> pasted what I think are the relevant parts of our RT_SiteConfig below.
>
> Many thanks,
> Philip Shore.
>
>
> Set($AuthMethods, ['Internal']);
>
> Set($WebExternalAuth , 1);
> Set($WebExternalAuto , 1);
> Set($AutoCreate, { Privileged => 0 } );
>
> Set($LdapExternalInfo, 1);
> Set($LdapAutoCreateNonLdapUsers, 1);
> Set($LdapAttrMap, {'Name' => 'uid',
>'EmailAddress' => 'mail',
>'Organization' => 'instID',
>'RealName' => 'displayName',
>'NickName' => 'title',
>'ExternalContactInfoId' => 'mailAlternative',
>'ExternalAuthId' => 'uid',
>'Gecos' => 'uid',
>'WorkPhone' => 'telephoneNumber',
>'Address1' => 'postalAddress',
>'Address2' => 'postalAddress'}
> );
>
>
> ___
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sa...@bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 5127f05..08d28ec 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -364,7 +364,7 @@ sub AttemptExternalAuth {
my $new_user_info =
RT::Interface::Web::WebExternalAutoInfo($user);
# set the attributes that have been defined.
-foreach my $attribute ( $user->WritableAttributes ) {
+foreach my $attribute ( $UserObj->WritableAttributes ) {
$m->callback(
Attribute=> $attribute,
User => $user,
pgpltSnIqWIBK.pgp
Description: PGP signature
___
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
Community help: http://wiki.bestpractical.com
Commercial support: sa...@bestpractical.com
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
On Mon, Nov 30, 2009 at 12:26:45PM -0200, Wagner Pereira wrote: > Hi, folks. > > My scenario is: > Debian 5.0 lenny x86_64 > Request Tracker 3.6 > Mysql 5.0 > > This is my first time here and I need some help: > > I don't know to create a mysql database, since as I observed, there is > no database created. I suspect you want the 'make initdb' command pgpNbIcNJNmQM.pgp Description: PGP signature ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] Pruning email responses
There is a blog post about extending MakeClicky to go a Gmail-like collapse/expand of things that look like inline quotes of previous messages. It is here: http://tylerlesmann.com/2008/nov/21/collapsible-quotes-request-tracker/ The thing that I didn't like about it is that it seemed to require "top posting" in order to work,since everything after what looks like the quote boundary becomes collapsed. Even though you can control how your staff use RT (to trim out useless quoted text), you can't really control your customers to do so. In my organization, we changed the "On Correspond" scrip not to include the transaction content, which forces the customer to login to the SelfService Web UI in order to see what happened. There, the "Reply" link that would normally quote a transaction has a local customization not to do so. This way, we eliminated repetitive useless quoting. Allen ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
Hi, Kevin. Could you help me? RT: Request Tracker You're almost there! You haven't yet configured your webserver to run RT. You appear to have installed RT's web interface correctly, but haven't yet configured your web server to "run" the RT server which powers the web interface. The next step is to edit your webserver's configuration file to instruct it to use RT's mod_perl , fastcgi or speedycgi handler. -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 Kevin Falcone escreveu: > On Mon, Nov 30, 2009 at 12:26:45PM -0200, Wagner Pereira wrote: > >> Hi, folks. >> >> My scenario is: >> Debian 5.0 lenny x86_64 >> Request Tracker 3.6 >> Mysql 5.0 >> >> This is my first time here and I need some help: >> >> I don't know to create a mysql database, since as I observed, there is >> no database created. >> > > I suspect you want the 'make initdb' command > > > > ___ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > Community help: http://wiki.bestpractical.com > Commercial support: sa...@bestpractical.com > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
On Mon, Nov 30, 2009 at 05:43:20PM -0200, Wagner Pereira wrote: > Hi, Kevin. > > Could you help me? > > RT: Request Tracker > You're almost there! > > You haven't yet configured your webserver to run RT. > > You appear to have installed RT's web interface correctly, but haven't > yet configured your web server to "run" the RT server which powers the > web interface. > > The next step is to edit your webserver's configuration file to instruct > it to use RT's mod_perl , fastcgi or speedycgi handler. This is all covered in the README You need to configure apache -kevin > -- > > Wagner Pereira > > PoP-SP/RNP - Ponto de Presença da RNP em São Paulo > CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo > http://www.pop-sp.rnp.br > f...@rnp 1015-8902 > > > > Kevin Falcone escreveu: > > On Mon, Nov 30, 2009 at 12:26:45PM -0200, Wagner Pereira wrote: > > > >> Hi, folks. > >> > >> My scenario is: > >> Debian 5.0 lenny x86_64 > >> Request Tracker 3.6 > >> Mysql 5.0 > >> > >> This is my first time here and I need some help: > >> > >> I don't know to create a mysql database, since as I observed, there is > >> no database created. > >> > > > > I suspect you want the 'make initdb' command > > > > > > > > ___ > > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > > > Community help: http://wiki.bestpractical.com > > Commercial support: sa...@bestpractical.com > > > > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > > Buy a copy at http://rtbook.bestpractical.com > ___ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > Community help: http://wiki.bestpractical.com > Commercial support: sa...@bestpractical.com > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com > pgpYz2dtBJiyi.pgp Description: PGP signature ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] I'm almost there!
Hello, folks. I need to make my RT works, so, could anyone help me? That's my /var/log/apache2/error.log (last attempts): [Mon Nov 30 11:10:22 2009] [notice] caught SIGTERM, shutting down [Mon Nov 30 15:35:08 2009] [notice] Apache/2.2.9 (Debian) configured -- resuming normal operations [Mon Nov 30 15:57:50 2009] [notice] caught SIGTERM, shutting down [Mon Nov 30 15:57:53 2009] [notice] Apache/2.2.9 (Debian) configured -- resuming normal operations [Mon Nov 30 16:00:45 2009] [notice] caught SIGTERM, shutting down [Mon Nov 30 16:00:49 2009] [notice] Apache/2.2.9 (Debian) configured -- resuming normal operations [Mon Nov 30 16:08:53 2009] [error] [client 200.133.192.22] File does not exist: /opt/rt3/share/html/rt [Mon Nov 30 16:17:11 2009] [error] [client 200.133.192.22] File does not exist: /opt/rt3/share/html/rt [Mon Nov 30 16:17:58 2009] [notice] caught SIGTERM, shutting down [Mon Nov 30 16:18:01 2009] [notice] Apache/2.2.9 (Debian) configured -- resuming normal operations [Mon Nov 30 17:14:46 2009] [error] [client 200.133.192.22] File does not exist: /opt/rt3/share/html/opt [Mon Nov 30 17:34:29 2009] [notice] caught SIGTERM, shutting down Below is my /etc/apache2/sites-available/default file: rtracker:/etc/apache2/sites-available# cat default Listen 200.133.192.79:80 ServerAdmin m...@pop-sp.rnp.br ServerName www.pop-sp.rnp.br # DocumentRoot /opt/rt3/share/html Alias /rt "/opt/rt3/share/html/" # PerlModule Apache::DBI # PerlRequire "/opt/rt3/bin/webmux.pl" AllowOverride All Options execCGI FollowSymLinks Order allow,deny Allow from all DocumentRoot /var/www/ RewriteEngine On RedirectMatch permanent (.*)/$ $1/index.html AddDefaultCharset UTF-8 SetHandler perl-script PerlHandler RT::Mason Options FollowSymLinks AllowOverride None Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
This is all covered in the README You need to configure apache -kevin Kevin, Is this README file in /opt/rt3/share/doc path? -- Wagner Pereira PoP-SP/RNP - Ponto de Presença da RNP em São Paulo CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo http://www.pop-sp.rnp.br f...@rnp 1015-8902 Kevin Falcone escreveu: > On Mon, Nov 30, 2009 at 05:43:20PM -0200, Wagner Pereira wrote: > >> Hi, Kevin. >> >> Could you help me? >> >> RT: Request Tracker >> You're almost there! >> >> You haven't yet configured your webserver to run RT. >> >> You appear to have installed RT's web interface correctly, but haven't >> yet configured your web server to "run" the RT server which powers the >> web interface. >> >> The next step is to edit your webserver's configuration file to instruct >> it to use RT's mod_perl , fastcgi or speedycgi handler. >> > > This is all covered in the README > You need to configure apache > > -kevin > > >> -- >> >> Wagner Pereira >> >> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo >> CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo >> http://www.pop-sp.rnp.br >> f...@rnp 1015-8902 >> >> >> >> Kevin Falcone escreveu: >> >>> On Mon, Nov 30, 2009 at 12:26:45PM -0200, Wagner Pereira wrote: >>> >>> Hi, folks. My scenario is: Debian 5.0 lenny x86_64 Request Tracker 3.6 Mysql 5.0 This is my first time here and I need some help: I don't know to create a mysql database, since as I observed, there is no database created. >>> I suspect you want the 'make initdb' command >>> >>> >>> >>> ___ >>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >>> >>> Community help: http://wiki.bestpractical.com >>> Commercial support: sa...@bestpractical.com >>> >>> >>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. >>> Buy a copy at http://rtbook.bestpractical.com >>> >> ___ >> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >> >> Community help: http://wiki.bestpractical.com >> Commercial support: sa...@bestpractical.com >> >> >> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. >> Buy a copy at http://rtbook.bestpractical.com >> >> >> >> >> ___ >> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >> >> Community help: http://wiki.bestpractical.com >> Commercial support: sa...@bestpractical.com >> >> >> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. >> Buy a copy at http://rtbook.bestpractical.com ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] You're almost there
On Mon, Nov 30, 2009 at 18:52, Wagner Pereira wrote: > Hi, friends. > > Finishing my RT configuration, I faced this up: > > RT: Request Tracker > You're almost there! > > You haven't yet configured your webserver to run RT. > > You appear to have installed RT's web interface correctly, but haven't > yet configured your web server to "run" the RT server which powers the > web interface. > > The next step is to edit your webserver's configuration file to instruct > it to use RT's mod_perl , fastcgi or speedycgi handler. > > What's next? Have you read the instructions that come included with RT? More can also be found on the Wiki (http://wiki.bestpractical.com/view/InstallationGuides). If you need the list to help you then you'll have to provide some information about your install - not least of which for this is the Operating System you're using and what web server software you're using. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] I'm almost there!
On Mon, Nov 30, 2009 at 05:56:22PM -0200, Wagner Pereira wrote: > Alias /rt "/opt/rt3/share/html/" I believe this ^^ is conflicting with this > > RewriteEngine On > RedirectMatch permanent (.*)/$ $1/index.html > AddDefaultCharset UTF-8 > SetHandler perl-script > PerlHandler RT::Mason > Only one of them wins, and it appears that the Alias is doing so pgphLmpY63dmX.pgp Description: PGP signature ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] [Rt-announce] SECURITY - RT 3.6.10 Released
This is a security release of RT. It includes a fix for the session fixation vulnerability detailed in the following announcements: http://blog.bestpractical.com/2009/11/session-fixation-vulnerability.html http://lists.bestpractical.com/pipermail/rt-announce/2009-November/000176.html You can download it here: http://download.bestpractical.com/pub/rt/release/rt-3.6.10.tar.gz http://download.bestpractical.com/pub/rt/release/rt-3.6.10.tar.gz.sig SHA1 sums 145124d3ce7dcae76a935f9ce373825ca5fb6e7d rt-3.6.10.tar.gz 4322f23057c14296ece60dc9f8e242ba5ea2a155 rt-3.6.10.tar.gz.sig A complete list of changes since 3.6.9 is included below. -kevin commit 81f0759f2852c5b3950f48849300eed5a7166f7f Author: Alex Vandiver Date: Wed Sep 30 17:07:24 2009 -0400 Remove references to .svn commit e28bfabe51ad2b53ca33a7328d3bd6a202d504d8 Author: Alex Vandiver Date: Wed Sep 30 17:08:29 2009 -0400 Remove old and incorrect releng.cnf commit e82d5f9b82ebbe3f6556d5ad3bda44f9476d6864 Author: Alex Vandiver Date: Tue Oct 6 14:18:44 2009 -0400 Use spaces instead of tabs in commands, otherwise copy-and-paste in the terminal can fail commit b157bae9d06e22c8cdbc6d1c74e93ae586bd37db Author: Alex Vandiver Date: Tue Oct 6 14:27:26 2009 -0400 Add .gitignore from 3.8-trunk commit a8f7dccfb53118c950cc8bebff3e64c069c978a7 Author: Kevin Falcone Date: Mon Nov 30 13:45:26 2009 -0500 Apply patch for session fixation vulnerability (CVE-2009-3585) pgpoV4732oARC.pgp Description: PGP signature ___ RT-Announce mailing list rt-annou...@lists.bestpractical.com http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-announce ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
[rt-users] Search for tickets created by members of a group
All, Im trying to create a dashboard that lists tickets created by a list of users who all belong to a group in RT. In order to do that, I need to create the search first obviously. Is there a way to say "created by members of group X" or do I need to say "owner = X or owner = Y or owner = Z" ? Thanks ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
Re: [rt-users] How should I create a db in mysql?
Take a look at the following 2 URL's, and make sure you set your Apache directives (in your httpd.conf file): http://wiki.bestpractical.com/view/ManualInstallation http://wiki.bestpractical.com/view/ManualApacheConfig Also, make sure you have all the appropriate references made to mod_perl (or FastCGI) Lastly, there are some references (in the past few months) made to this issue, and you'd be able to Google them on www.gossamer-threads.com http://www.gossamer-threads.com/lists/rt/users/90374 -Behzad On Nov 30, 2009, at 12:06 PM, Wagner Pereira wrote: > This is all covered in the README > You need to configure apache > > -kevin > > Kevin, > > Is this README file in /opt/rt3/share/doc path? > > -- > > Wagner Pereira > > PoP-SP/RNP - Ponto de Presença da RNP em São Paulo > CCE/USP - Centro de Computação Eletrônica da Universidade de São Paulo > http://www.pop-sp.rnp.br > f...@rnp 1015-8902 > > > > Kevin Falcone escreveu: >> On Mon, Nov 30, 2009 at 05:43:20PM -0200, Wagner Pereira wrote: >> >>> Hi, Kevin. >>> >>> Could you help me? >>> >>> RT: Request Tracker >>> You're almost there! >>> >>> You haven't yet configured your webserver to run RT. >>> >>> You appear to have installed RT's web interface correctly, but >>> haven't >>> yet configured your web server to "run" the RT server which powers >>> the >>> web interface. >>> >>> The next step is to edit your webserver's configuration file to >>> instruct >>> it to use RT's mod_perl , fastcgi or speedycgi handler. >>> >> >> This is all covered in the README >> You need to configure apache >> >> -kevin >> >> >>> -- >>> >>> Wagner Pereira >>> >>> PoP-SP/RNP - Ponto de Presença da RNP em São Paulo >>> CCE/USP - Centro de Computação Eletrônica da Universidade de São >>> Paulo >>> http://www.pop-sp.rnp.br >>> f...@rnp 1015-8902 >>> >>> >>> >>> Kevin Falcone escreveu: >>> On Mon, Nov 30, 2009 at 12:26:45PM -0200, Wagner Pereira wrote: > Hi, folks. > > My scenario is: > Debian 5.0 lenny x86_64 > Request Tracker 3.6 > Mysql 5.0 > > This is my first time here and I need some help: > > I don't know to create a mysql database, since as I observed, > there is > no database created. > > I suspect you want the 'make initdb' command ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com >>> ___ >>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >>> >>> Community help: http://wiki.bestpractical.com >>> Commercial support: sa...@bestpractical.com >>> >>> >>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. >>> Buy a copy at http://rtbook.bestpractical.com >>> >>> >>> >>> >>> ___ >>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users >>> >>> Community help: http://wiki.bestpractical.com >>> Commercial support: sa...@bestpractical.com >>> >>> >>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. >>> Buy a copy at http://rtbook.bestpractical.com > ___ > http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users > > Community help: http://wiki.bestpractical.com > Commercial support: sa...@bestpractical.com > > > Discover RT's hidden secrets with RT Essentials from O'Reilly Media. > Buy a copy at http://rtbook.bestpractical.com ___ http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users Community help: http://wiki.bestpractical.com Commercial support: sa...@bestpractical.com Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
