Directories Not Working
Hi,
I have a 9.1.2 deployment and have deployed CIPC. On the CIPC when I hit the Directories button I get the list just fine:
1. Missed Calls
2. Received Calls
3. Placed Calls ...
and so on. But if I select anything I get no numbers but instead the message "Select Service".
Any ideas?
Thanks,
Joey
Hi Joey,
Which version of CIPC is being used and what is the OS of the PC? Can you try the TFTP connectivity check with the Publisher as mentioned in the following post
https://supportforums.cisco.com/discussion/11002501/directories-cisco-ip-communicator
HTH
Manish
Similar Messages
-
LDAP Directories not working at work
I've used LDAP directories in Address Book at home but when I'm at work the same configurations do not work, only my company LDAP works. This seems odd as I am able to add these LDAP servers and use them at home. Id there some sort of blocking being done? How is that possible? An example is Stanford:
ldap.stanford.edu
cn=people,dc=stanford,dc=edu
port 389I had our IT guys come down here once again to try to explain the problem to them. They sort of just stood there slack-jawed, not understanding and told me that Mac Mail won't run on our Exchange server. Well, Mac Mail IS currently running in conjunction with our Exchange server, I need the info for the LDAP server! They act like everything is classified information and that I'm just some crazy Mac-user. I just don't understand how Entourage can access this LDAP server, and Mac Mail can't.
I tried putting "cn=gravity.com" in the Search Base box but it didn't fix the problem. And what do I put for Scope: Base, One Level, or Subtree? I know what to put for my authentication, but is the server called ldap//:auntie.gravity.gravitymail.com or is it just auntie.gravity.gravitymail.com? Or is it ldap.auntie.gravity.gravitymail.com? I'm just not sure what the problem is. I feel like I'm just trying an infinite number of combinations until it works.... -
NFS for portable home directories not working
I just recently tried to move our PHD's over to NFS instead of AFP to allow for fast user switching and some other reasons.
However it doesn't work at all... The automount seems to work fine, as I can browse to /Network/Servers/servername/Users/ fine, but when the user tries to sync, a dialog pops up:
The sync could not complete because your network home at "nfs://servername/Users" is currently unavailable.
Try again later when it is available.
and then in the console it shows:
com.apple.SystemUIServer.agent[14236] mount_nfs: /Volumes/Users: Operation not permitted
HomeSync[14369] HomeSync.syncNow: Unable to mount server URL at 'nfs://servername/Users', status = 65.
com.apple.SystemUIServer.agent[14236] HomeSync[14369:903] HomeSync.syncNow: Unable to mount server URL at 'nfs://servername/Users', status = 65.
It seems like its trying to mount it at /Volumes/Users, but it can't (because a normal user can't mount nfs volumes?(..as far as i know))...and furthermore I don't know why it needs to mount it at /Volumes/Users when it's already automounted at /Network/Servers/servername/UsersI just managed to get my first sync to work.
My server exports /opt/home/<user> but not /opt/home since each user has a separate lvm volume. What worked was the following:
dscl . -delete /Users/<user> dsAttrTypeStandard:OriginalHomeDirectory
dscl . -append /Users/<user> dsAttrTypeStandard:OriginalHomeDirectory "<homedir><url>nfs://find/opt/home/<user></url><path></path></homedir>"
This is similar to what I saw on http://managingosx.wordpress.com/2009/02/19/leopard-mobileaccounts-and-nfs-homes / except putting the users name (in place of <user> as part of the url instead of part of the path.
The value for dsAttrTypeStandard:OriginalHomeDirectory was formerly /Network/Servers/<server>/opt/home/<user> which is a perfectly good directory, but not a url. I don't know why it wouldn't use the directory and manufactured a url instead.
By changing the value back to default and making my server export /opt/home, I'm still able to sync. Naturally I like this solution much better.
Doesn't seem like this solution will help you much if a given user can sync on some machines and not others, unless maybe you have different export rules to different machines in your network. -
Firefox 4b8 not working with Shockwave for Director 11.5.9.615
Have installed Firefox 4b8 and Shockwave for Director 11.5.9.615.<br />
Also have Firefox 3.6.13 with '''separate profile'''. <br />
Director plugin works fine in Firefox 3.6.13 but not in Firefox 4b8. <br />
Loading a Shockwave for Director page is initially blocked in both Firefox versions by NoScript;
*clicking on the space for the game/whatever loads in Firefox 3.6.13
*clicking on the space for the game/whatever in Firefox 4b8, the entire space for the game/whatever disappears and never re-appears
What I have already tried:
#Uninstalled Shockwave for Director and re-installed - no change
#Firefox 4b8 in Safe Mode - no change
#Tested Firefox 4b8 on Mozilla plugins site - shows correct current version
#Tested Firefox 4b8 on Adobe site with games - won't work (Firefox 3.6.13 works on same site)
#Copied '''''np32dsw.dll''''' to Firefox 4b8 installation folder/plugins, ran same tests -no change
Any suggestions?Found a solution based somewhat on cor-el's reply with some interesting differences in Firefox 3.6.13 and 4b8. '''<u>cor-el</u>''', please see my question at the end.
I added the item (boolean) ''dom.ipc.plugins.enabled.np32dsw.dll'' in about:config and set it to false. There was no change. I changed the value of that item to true and the box/area where the SWF item was to be located on the page did not disappear as before -- that was an improvement! -- but the SWF item would not load.
I then discovered that I needed to allow a site (temporarily) in NoScript and everything worked.
Some interesting differences and findings in Firefox 3.6.13 and 4b8 regarding this situation; all based on the same web site behavior with the 2 versions of Firefox:
#preference ''dom.ipc.plugins.enabled.np32dsw.dll''
#*Firefox 3.6.13 '''does not''' require the preference to exist in order to work
#*Firefox 4b8 '''requires''' the preference, set to true, for everything to work as expected '''
#**the preference ''dom.ipc.plugins.enabled'' can be set to <u>'''false'''</u> or to true with no negative difference in behavior (<u>the preference ''dom.ipc.plugins.enabled'' when set to false seems to be ignored when ''dom.ipc.plugins.enabled.np32dsw.dll'' is set to true</u>)
#NoScript (same version and exactly the same settings in NoScript for both versions of Firefox)
#*Firefox 3.6.13 '''does not''' require user to temporarily allow any other domain for the item to work properly
#*Firefox 4b8 '''requires''' the user to temporarily allow another domain for the item to work properly
'''<u>cor-el</u>:'''
*Should I post this in Bugzilla for investigation?
*It would be good to know what the difference is in 4b8 that necessitates the 2 above items in 4b8 and not in 3.6.13 on the same web site. -
HTTP probes not working on Local Director 416 using 4.2.4
Situation: We are using an LD-416 to load balance http and https requests for 4 web servers with publicly addressable IP's behind one publicly addressable virtual IP.
Desired: We would like to setup http probes to monitor a web page on the servers and fail them if the expected header result of 200 is not met.
Steps taken: Setup http probes to monitor one of the web servers per the Command Reference guide. Page used for testing is written to generate a header response other than the expected result. Commands entered:
1. probe real websrv04 HTTP 1
2. probehttp real websrv04 file /sw/testfileserver/badpage.asp expected 200 request HEAD
3. probeconfig HTTP 1
4. write t
5. write mem
Websrv04 is defined as a real server. We have also tried doing it by the IP address as well as leaving out those settings for which we're checking the defaults (ie. expected and request).
Expectation: The LD should run an http probe against websrv04 every ten seconds looking for the page "badpage.asp" and expect to receive a header result of 200. The first time the LD sees anything other than the expected result, it should fail the server.
Reality: The server never fails. We can even remove the page in question from the web server and the probe still will not fail the server.
Any and all help would be most greatly appreciated.you need to configure a probe to the virtual address as well otherwise probing does not work.
This is done in the web document but it does not appear clearly that it is necessary. Hoewever, you need it to make it work.
Gilles. -
Jquery is not working after i enable the attachments in Share Point EditForm
Hi ,
I have customized the Edit form .After customization the attachment functionality is not working and resolved the issue by creating the new Edit form .The attachments section only works if i don't push any j query/java script functions.If i comment below
line two lines the attachment sections works.But i would need to include them .Could you tell me how would i call below script in EditForm.
//_spBodyOnLoadFunctionNames.push("Test");
//_spBodyOnLoadFunctionNames.push("checkStatus");
<script>
function redirect(offerID)
var loc = "DispForm.aspx?ID=" + offerID;
window.location.href = loc;
function Test()
var TitleValue = "Drafting Communication";//$('#ctl00_m_g_1918401d_e6f3_4b9b_9262_dbb4aabcfd12_ff11_ctl00_ctl00_TextField').val();
alert(TitleValue );
if(TitleValue =="Drafting Communication")
$("select[Title='Workflow Stage']").find('option:contains("Stage 1 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 2 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 3 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 4 – Review")').remove();
else if(TitleValue =="Stage-1 Pre Approval Business")
$("select[Title='Workflow Stage']").find('option:contains("Drafting Communication")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 2 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 3 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 4 – Review")').remove();
else if(TitleValue =="Stage-2 Approval Marketing")
$("select[Title='Workflow Stage']").find('option:contains("Drafting Communication")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 1 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 3 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 4 – Review")').remove();
else if(TitleValue =="Stage-3 Approval Director")
$("select[Title='Workflow Stage']").find('option:contains("Drafting Communication")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 2 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 1 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 4 – Review")').remove();
else
$("select[Title='Workflow Stage']").find('option:contains("Drafting Communication")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 2 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 1 – Review")').remove();
$("select[Title='Workflow Stage']").find('option:contains("Stage 3 – Review")').remove();
$(".SelectA").hide();
function getTagFromIdentifierAndTitle(tagName, title)
var tags = document.getElementsByTagName(tagName);
for (var i=0; i < tags.length; i++) {
var tempString = tags[i].id;
if (tags[i].title== title) {
alert(tags[i].title);
return tags[i].value;
return null;
function checkStatus() {
var selectedId = getField('select','Current Status').options[getField('select','Current Status').selectedIndex].value;
var docID = 73;
if(selectedId == 'Approved')
$("input[value$='Save']").attr('disabled', true);
function getField(fieldType,fieldTitle) {
var docTags = document.getElementsByTagName(fieldType);
for (var i=0; i < docTags.length; i++) {
if (docTags[i].title == fieldTitle) {
return docTags[i]
//_spBodyOnLoadFunctionNames.push("Test");
//_spBodyOnLoadFunctionNames.push("checkStatus");
</script>Hi,
According to your post, my understanding is that you failed to use the _spBodyOnLoadFunctionNames.push() function.
Per my knowledge, the _spBodyOnLoadFunctionNames.push() is SharePoint's version of jQuery's $(document).ready() or $(function(){}).
I recommend you to add a content-editor-webpart on the page and add the code below on the source editor to check whether it works.
<script language="javascript">
_spBodyOnLoadFunctionNames.push("FunctionName");
function FunctionName(){
alert(Test);
</script>
More information:
SharePoint JavaScript – Page Load Add function: _spBodyOnLoadFunctionNames
If it works well, the issues is caused by the functions you created.
You need to check whether your code are correct.
In addition, you can make init.js loaded before _spBodyOnLoadFunctionNames.
Here is a similar thread for your reference:
http://sharepoint.stackexchange.com/questions/93937/spbodyonloadfunctionnames-not-working-on-master-page
Best Regards,
Linda Li
Linda Li
TechNet Community Support -
Good Afternoon.
I am having a hard time trying to find what needs to be set to allow url
include statments in php on Netware 6.5 sp3, php5.
I know my code is correct after trying it on an external server, and it
seems all other php coding works. Just not the http includes as shown
below:
<?php
include ('http://your.website.here/filenamehere.php');
?>
php.ini is posted below:
[PHP]
; About php.ini ;
; This file controls many aspects of PHP's behavior. In order for PHP to
; read it, it must be named 'php.ini'. PHP looks for it in the current
; working directory, in the path designated by the environment variable
; PHPRC, and in the path that was defined in compile time (in that order).
; Under Windows, the compile-time path is the Windows directory. The
; path in which the php.ini file is looked for can be overridden using
; the -c argument in command line mode.
; The syntax of the file is extremely simple. Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably
guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.
; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
; The value can be a string, a number, a PHP constant (e.g. E_ALL or
M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an
expression
; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
; Expressions in the INI file are limited to bitwise operators and
parentheses:
; | bitwise OR
; & bitwise AND
; ~ bitwise NOT
; ! boolean NOT
; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.
; An empty string can be denoted by simply not writing anything after the
equal
; sign, or by using the None keyword:
; foo = ; sets foo to an empty string
; foo = none ; sets foo to an empty string
; foo = "none" ; sets foo to the string 'none'
; If you use constants in your value, and these constants belong to a
; dynamically loaded extension (either a PHP extension or a Zend
extension),
; you may only use these constants *after* the line that loads the
extension.
; About this file ;
; This is the recommended, PHP 5-style version of the php.ini-dist file.
It
; sets some non standard settings, that make PHP more efficient, more
secure,
; and encourage cleaner coding.
; The price is that with these settings, PHP may be incompatible with some
; applications, and sometimes, more difficult to develop with. Using this
; file is warmly recommended for production sites. As all of the changes
from
; the standard settings are thoroughly documented, you can go over each
one,
; and decide whether you want to use it or not.
; For general information about the php.ini file, please consult the
php.ini-dist
; file, included in your PHP distribution.
; This file is different from the php.ini-dist file in the fact that it
features
; different values for several directives, in order to improve
performance, while
; possibly breaking compatibility with the standard out-of-the-box
behavior of
; PHP. Please make sure you read what's different, and modify your scripts
; accordingly, if you decide to use this file instead.
; - register_globals = Off [Security, Performance]
; Global variables are no longer registered for input data (POST, GET,
cookies,
; environment and other server variables). Instead of using $foo, you
must use
; you can use $_REQUEST["foo"] (includes any variable that arrives
through the
; request, namely, POST, GET and cookie variables), or use one of the
specific
; $_GET["foo"], $_POST["foo"], $_COOKIE["foo"] or $_FILES["foo"],
depending
; on where the input originates. Also, you can look at the
; import_request_variables() function.
; Note that register_globals is going to be depracated (i.e., turned
off by
; default) in the next version of PHP, because it often leads to
security bugs.
; Read http://php.net/manual/en/security.registerglobals.php for
further
; information.
; - register_long_arrays = Off [Performance]
; Disables registration of the older (and deprecated) long predefined
array
; variables ($HTTP_*_VARS). Instead, use the superglobals that were
; introduced in PHP 4.1.0
; - display_errors = Off [Security]
; With this directive set to off, errors that occur during the
execution of
; scripts will no longer be displayed as a part of the script output,
and thus,
; will no longer be exposed to remote users. With some errors, the
error message
; content may expose information about your script, web server, or
database
; server that may be exploitable for hacking. Production sites should
have this
; directive set to off.
; - log_errors = On [Security]
; This directive complements the above one. Any errors that occur
during the
; execution of your script will be logged (typically, to your server's
error log,
; but can be configured in several ways). Along with setting
display_errors to off,
; this setup gives you the ability to fully understand what may have
gone wrong,
; without exposing any sensitive information to remote users.
; - output_buffering = 4096 [Performance]
; Set a 4KB output buffer. Enabling output buffering typically
results in less
; writes, and sometimes less packets sent on the wire, which can often
lead to
; better performance. The gain this directive actually yields greatly
depends
; on which Web server you're working with, and what kind of scripts
you're using.
; - register_argc_argv = Off [Performance]
; Disables registration of the somewhat redundant $argv and $argc
global
; variables.
; - magic_quotes_gpc = off [Performance]
; Input data is no longer escaped with slashes so that it can be sent
into
; SQL databases without further manipulation. Instead, you should use
the
; function addslashes() on each input element you wish to send to a
database.
; - variables_order = "GPCS" [Performance]
; The environment variables are not hashed into the $_ENV. To access
; environment variables, you can use getenv() instead.
; - error_reporting = E_ALL [Code Cleanliness, Security(?)]
; By default, PHP surpresses errors of type E_NOTICE. These error
messages
; are emitted for non-critical errors, but that could be a symptom of
a bigger
; problem. Most notably, this will cause error messages about the use
; of uninitialized variables to be displayed.
; - allow_call_time_pass_reference = Off [Code cleanliness]
; It's not possible to decide to force a variable to be passed by
reference
; when calling a function. The PHP 4 style to do this is by making the
; function require the relevant argument by reference.
; Language Options ;
; Enable the PHP scripting language engine under Apache.
engine = On
; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
zend.ze1_compatibility_mode = Off
; Allow the <? tag. Otherwise, only <?php and <script> tags are
recognized.
; NOTE: Using short tags should be avoided when developing applications or
; libraries that are meant for redistribution, or deployment on PHP
; servers which are not under your control, because short tags may not
; be supported on the target server. For portable, redistributable code,
; be sure not to use short tags.
short_open_tag = On
; Allow ASP-style <% %> tags.
asp_tags = Off
; The number of significant digits displayed in floating point numbers.
precision = 14
; Enforce year 2000 compliance (will cause problems with non-compliant
browsers)
y2k_compliance = On
; Output buffering allows you to send header lines (including cookies) even
; after you send body content, at the price of slowing PHP's output layer a
; bit. You can enable output buffering during runtime by calling the
output
; buffering functions. You can also enable output buffering for all files
by
; setting this directive to On. If you wish to limit the size of the
buffer
; to a certain size - you can use a maximum number of bytes instead of
'On', as
; a value for this directive (e.g., output_buffering=4096).
output_buffering = 4096
; You can redirect all of the output of your scripts to a function. For
; example, if you set output_handler to "mb_output_handler", character
; encoding will be transparently converted to the specified encoding.
; Setting any output handler automatically turns on output buffering.
; Note: People who wrote portable scripts should not depend on this ini
; directive. Instead, explicitly set the output handler using
ob_start().
; Using this ini directive may cause problems unless you know what
script
; is doing.
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
; and you cannot use both "ob_gzhandler" and
"zlib.output_compression".
; Note: output_handler must be empty if this is set 'On' !!!!
; Instead you must use zlib.output_handler.
;output_handler =
; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; Note: Resulting chunk size may vary due to nature of compression. PHP
; outputs chunks that are few hundreds bytes each as a result of
; compression. If you prefer a larger chunk size for better
; performance, enable output_buffering in addition.
; Note: You need to use zlib.output_handler instead of the standard
; output_handler, or otherwise the output will be corrupted.
zlib.output_compression = Off
; You cannot specify additional output handlers if zlib.output_compression
; is activated here. This setting does the same as output_handler but in
; a different order.
;zlib.output_handler =
; Implicit flush tells PHP to tell the output layer to flush itself
; automatically after every output block. This is equivalent to calling
the
; PHP function flush() after each and every call to print() or echo() and
each
; and every HTML block. Turning this option on has serious performance
; implications and is generally recommended for debugging purposes only.
implicit_flush = off
; The unserialize callback function will be called (with the undefined
class'
; name as parameter), if the unserializer finds an undefined class
; which should be instanciated.
; A warning appears if the specified function is not defined, or if the
; function doesn't include/implement the missing class.
; So only set this entry, if you really want to implement such a
; callback-function.
unserialize_callback_func=
; When floats & doubles are serialized store serialize_precision
significant
; digits after the floating point. The default value ensures that when
floats
; are decoded with unserialize, the data will remain the same.
serialize_precision = 100
; Whether to enable the ability to force arguments to be passed by
reference
; at function call time. This method is deprecated and is likely to be
; unsupported in future versions of PHP/Zend. The encouraged method of
; specifying which arguments should be passed by reference is in the
function
; declaration. You're encouraged to try and turn this option Off and make
; sure your scripts work properly with it in order to ensure they will work
; with future versions of the language (you will receive a warning each
time
; you use this feature, and the argument will be passed by value instead
of by
; reference).
allow_call_time_pass_reference = Off
; Safe Mode
safe_mode = off
; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = Off
; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =
; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir = "sys:/tmp"
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe
Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_
; This directive contains a comma-delimited list of environment variables
that
; the end user won't be able to change using putenv(). These variables
will be
; protected even if safe_mode_allowed_env_vars is set to allow to change
them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; By default this is also set to "sys:/tmp". This is actually the value
that is
; set for the below mentioned "upload_tmp_dir" directive. If
"upload_tmp_dir" is
; changed, change the same for "open_basedir" also. This is done to allow
; phpMyAdmin application users to execute SQL commands through an SQL file.
open_basedir = ".;sys:/tmp"
; This directive allows you to disable certain functions for security
reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions =
; This directive allows you to disable certain classes for security
reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_classes =
; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <font color="??????"> would work.
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg = #FFFFFF
;highlight.default = #0000BB
;highlight.html = #000000
; Misc
; Decides whether PHP may expose the fact that it is installed on the
server
; (e.g. by adding its signature to the Web server header). It is no
security
; threat in any way, but it makes it possible to determine whether you use
PHP
; on your server or not.
expose_php = On
; Resource Limits ;
max_execution_time = 30 ; Maximum execution time of each script, in
seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing
request data
memory_limit = 64M ; Maximum amount of memory a script may consume
(8MB)
; Error handling and logging ;
; error_reporting is a bit-field. Or each number up to get desired error
; reporting level
; E_ALL - All errors and warnings (doesn't include E_STRICT)
; E_ERROR - fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often
result
; from a bug in your code, but it's possible that it
was
; intentional (e.g., using an uninitialized variable
and
; relying on the fact it's automatically initialized
to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best
interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; Examples:
; - Show all errors, except for notices and coding standards warnings
;error_reporting = E_ALL & ~E_NOTICE & ~E_STRICT
; - Show all errors, except for notices
;error_reporting = E_ALL & ~E_NOTICE
; - Show only errors
;error_reporting = E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR
; - Show all errors
error_reporting = E_ALL
; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error
logging
; instead (see below). Keeping display_errors enabled on a production web
site
; may reveal security information to end users, such as file paths on your
Web
; server, your database schema or other information.
display_errors = Off
; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed. It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off
; Log errors into a log file (server-specific log, stderr, or error_log
(below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = On
; Set maximum length of log_errors. In error_log information about the
source is
; added. The default is 1024 and 0 allows to not apply any maximum length
at all.
log_errors_max_len = 1024
; Do not log repeated messages. Repeated errors must occur in same file on
same
; line until ignore_repeated_source is set true.
ignore_repeated_errors = Off
; Ignore source of message when ignoring repeated messages. When this
setting
; is On you will not log errors with repeated messages from different
files or
; sourcelines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = On
; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off
; Disable the inclusion of HTML tags in error messages.
; Note: Never use this feature for production boxes.
;html_errors = Off
; If html_errors is set On PHP produces clickable error messages that
direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from
http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used
including
; the dot.
; Note: Never use this feature for production boxes.
;docref_root = "/phpmanual/"
;docref_ext = .html
; String to output before an error message.
;error_prepend_string = "<font color=ff0000>"
; String to output after an error message.
;error_append_string = "</font>"
; Log errors to specified file.
error_log = "sys:/php5/error.log"
; Log errors to syslog (Event Log on NT, not valid in Windows 95).
;error_log = syslog
; Data Handling ;
; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
;arg_separator.output = "&"
; List of separator(s) used by PHP to parse input URLs into variables.
; Default is "&".
; NOTE: Every character in this directive is considered as separator!
;arg_separator.input = ";&"
; This directive describes the order in which PHP registers GET, POST,
Cookie,
; Environment and Built-in variables (G, P, C, E & S respectively, often
; referred to as EGPCS or GPC). Registration is done from left to right,
newer
; values override older values.
variables_order = "GPCS"
; Whether or not to register the EGPCS variables as global variables. You
may
; want to turn this off if you don't want to clutter your scripts' global
scope
; with user data. This makes most sense when coupled with track_vars - in
which
; case you can access all of the GPC variables through the $HTTP_*_VARS[],
; variables.
; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily
lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off
; Whether or not to register the old-style input arrays, HTTP_GET_VARS
; and friends. If you're not using them, it's recommended to turn them
off,
; for performance reasons.
register_long_arrays = On
; This directive tells PHP whether to declare the argv&argc variables (that
; would contain the GET information). If you don't use these variables,
you
; should turn it off for increased performance.
register_argc_argv = Off
; Maximum size of POST data that PHP will accept.
post_max_size = 8M
; Magic quotes
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = off
; Magic quotes for runtime-generated data, e.g. data from SQL, from
exec(), etc.
magic_quotes_runtime = off
; Use Sybase-style magic quotes (escape ' with '' instead of ').
magic_quotes_sybase = Off
; Automatically add files before or after any PHP document.
auto_prepend_file =
auto_append_file =
; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header. To disable sending of the charset, simply
; set it to be empty.
; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"
; Always populate the $HTTP_RAW_POST_DATA variable.
;always_populate_raw_post_data = On
; Paths and Directories ;
; UNIX: "/path1:/path2"
;include_path = ".:/php/includes"
; Windows: "path1;path2"
;include_path = ".;c:phpincludes"
; NetWare
include_path = ".;sys:/php5/includes"
; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues. The alternate is to use the
; cgi.force_redirect configuration below.
doc_root =
; The directory under which PHP opens the script using /~username used only
; if nonempty.
user_dir =
; Directory in which the loadable extensions (modules) reside.
extension_dir = sys:/php5/ext
; Whether or not to enable the dl() function. The dl() function does NOT
work
; properly in multithreaded servers, such as IIS or Zeus, and is
automatically
; disabled on them.
enable_dl = On
; cgi.force_redirect is necessary to provide security running PHP as a CGI
under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; cgi.force_redirect = 1
; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
; every request.
; cgi.nph = 1
; if cgi.force_redirect is turned on, and you are not running under Apache
or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name
that PHP
; will look for to know it is OK to continue execution. Setting this
variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env = ;
; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
; security tokens of the calling client. This allows IIS to define the
; security context that the request runs under. mod_fastcgi under Apache
; does not currently support this feature (03/17/2002)
; Set to 1 if running under IIS. Default is zero.
; fastcgi.impersonate = 1;
; cgi.rfc2616_headers configuration option tells PHP what type of headers
to
; use when sending HTTP response code. If it's set 0 PHP sends Status:
header that
; is supported by Apache. When this option is set to 1 PHP will send
; RFC2616 compliant header.
; Default is zero.
;cgi.rfc2616_headers = 0
; File Uploads ;
; Whether to allow HTTP file uploads.
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if
not
; specified).
upload_tmp_dir = sys:/tmp
; Maximum allowed size for uploaded files.
upload_max_filesize = 100M
; Fopen wrappers ;
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
allow_url_fopen = On
; Define the anonymous ftp password (your email address)
;from="[email protected]"
; Define the User-Agent string
;user_agent="PHP"
; Default timeout for socket based streams (seconds)
default_socket_timeout = 60
; If your scripts have to deal with files from Macintosh systems,
; or you are running on a Mac and need to deal with files from
; unix or win32 systems, setting this flag will cause PHP to
; automatically detect the EOL character in those files so that
; fgets() and file() will work regardless of the source of the file.
; auto_detect_line_endings = Off
; Dynamic Extensions ;
; If you wish to have an extension loaded automatically, use the following
; syntax:
; extension=modulename.extension
; For example, on Windows:
; extension=msql.dll
; ... or under UNIX:
; extension=msql.so
; Note that it should be the name of the module only; no directory
information
; needs to go here. Specify the location of the extension with the
; extension_dir directive above.
;Windows Extensions
;Note that ODBC support is built in, so no dll is needed for it.
;extension=php_bz2.dll
;extension=php_cpdf.dll
;extension=php_curl.dll
;extension=php_dba.dll
;extension=php_dbase.dll
;extension=php_dbx.dll
;extension=php_exif.dll
;extension=php_fdf.dll
;extension=php_filepro.dll
;extension=php_gd2.dll
;extension=php_gettext.dll
;extension=php_ifx.dll
;extension=php_iisfunc.dll
;extension=php_imap.dll
;extension=php_interbase.dll
;extension=php_java.dll
;extension=php_ldap.dll
;extension=php_mbstring.dll
;extension=php_mcrypt.dll
;extension=php_mhash.dll
;extension=php_mime_magic.dll
;extension=php_ming.dll
;extension=php_mssql.dll
;extension=php_msql.dll
;extension=php_mysql.dll
;extension=php_oci8.dll
;extension=php_openssl.dll
;extension=php_oracle.dll
;extension=php_pdf.dll
;extension=php_pgsql.dll
;extension=php_shmop.dll
;extension=php_snmp.dll
;extension=php_sockets.dll
;extension=php_sybase_ct.dll
;extension=php_tidy.dll
;extension=php_w32api.dll
;extension=php_xmlrpc.dll
;extension=php_xsl.dll
;extension=php_yaz.dll
;extension=php_zip.dll
;NetWare Extensions
extension=php_ldap.nlm
extension=phpmysql.nlm
extension=php2ucs.nlm
extension=php_xml.nlm
extension=php_ossl.nlm
; Module Settings ;
[Syslog]
; Whether or not to define the various syslog variables (e.g. $LOG_PID,
; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In
; runtime, you can define these variables by calling
define_syslog_variables().
define_syslog_variables = Off
[mail function]
; For Win32 only.
;SMTP =
;smtp_port = 25
; For Win32 only.
; sendmail_from =
; For Unix only. You may supply arguments as well (default: "sendmail -t
-i").
;sendmail_path =
; Force the addition of the specified parameters to be passed as extra
parameters
; to the sendmail binary. These parameters will always replace the value
of
; the 5th parameter to mail(), even in safe mode.
;mail.force_extra_parameters =
[SQL]
sql.safe_mode = Off
[ODBC]
;odbc.default_db = Not yet implemented
;odbc.default_user = Not yet implemented
;odbc.default_pw = Not yet implemented
; Allow or prevent persistent links.
odbc.allow_persistent = On
; Check that a connection is still valid before reuse.
odbc.check_persistent = On
; Maximum number of persistent links. -1 means no limit.
odbc.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no
limit.
odbc.max_links = -1
; Handling of LONG fields. Returns number of bytes to variables. 0 means
; passthru.
odbc.defaultlrl = 4096
; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to
char.
; See the documentation on odbc_binmode and odbc_longreadlen for an
explanation
; of uodbc.defaultlrl and uodbc.defaultbinmode
odbc.defaultbinmode = 1
[MySQL]
; Allow or prevent persistent links.
mysql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mysql.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no
limit.
mysql.max_links = -1
; Default port number for mysql_connect(). If unset, mysql_connect() will
use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order). Win32 will only
look
; at MYSQL_PORT.
mysql.default_port =
; Default socket name for local MySQL connects. If empty, uses the
built-in
; MySQL defaults.
mysql.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysql.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysql.default_user =
; Default password for mysql_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo
get_cfg_var("mysql.default_password")
; and reveal this password! And of course, any users with read access to
this
; file will be able to reveal the password as well.
mysql.default_password =
; Maximum time (in secondes) for connect timeout. -1 means no limit
mysql.connect_timeout = 60
; Trace mode. When trace_mode is active (=On), warnings for table/index
scans and
; SQL-Errors will be displayed.
mysql.trace_mode = Off
[MySQLI]
; Maximum number of links. -1 means no limit.
mysqli.max_links = -1
; Default port number for mysqli_connect(). If unset, mysqli_connect()
will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order). Win32 will only
look
; at MYSQL_PORT.
mysqli.default_port = 3306
; Default socket name for local MySQL connects. If empty, uses the
built-in
; MySQL defaults.
mysqli.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysqli.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysqli.default_user =
; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo
get_cfg_var("mysqli.default_password")
; and reveal this password! And of course, any users with read access to
this
; file will be able to reveal the password as well.
mysqli.default_password =
; Allow or prevent reconnect
mysqli.reconnect = Off
[mSQL]
; Allow or prevent persistent links.
msql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
msql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
msql.max_links = -1
[PostgresSQL]
; Allow or prevent persistent links.
pgsql.allow_persistent = On
; Detect broken persistent links always with pg_pconnect().
; Auto reset feature requires a little overheads.
pgsql.auto_reset_persistent = Off
; Maximum number of persistent links. -1 means no limit.
pgsql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
pgsql.max_links = -1
; Ignore PostgreSQL backends Notice message or not.
; Notice message logging require a little overheads.
pgsql.ignore_notice = 0
; Log PostgreSQL backends Noitce message or not.
; Unless pgsql.ignore_notice=0, module cannot log notice message.
pgsql.log_notice = 0
[Sybase]
; Allow or prevent persistent links.
sybase.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybase.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no
limit.
sybase.max_links = -1
;sybase.interface_file = "/usr/sybase/interfaces"
; Minimum error severity to display.
sybase.min_error_severity = 10
; Minimum message severity to display.
sybase.min_message_severity = 10
; Compatability mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results
according
; to their Sybase type, instead of treating them all as strings. This
; compatability mode will probably not stay around forever, so try applying
; whatever necessary changes to your code, and turn it off.
sybase.compatability_mode = Off
[Sybase-CT]
; Allow or prevent persistent links.
sybct.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybct.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no
limit.
sybct.max_links = -1
; Minimum server message severity to display.
sybct.min_server_severity = 10
; Minimum client message severity to display.
sybct.min_client_severity = 10
[dbx]
; returned column names can be converted for compatibility reasons
; possible values for dbx.colnames_case are
; "unchanged" (default, if not set)
; "lowercase"
; "uppercase"
; the recommended default is either upper- or lowercase, but
; unchanged is currently set for backwards compatibility
dbx.colnames_case = "lowercase"
[bcmath]
; Number of decimal digits for all bcmath functions.
bcmath.scale = 0
[browscap]
;browscap = extra/browscap.ini
[Informix]
; Default host for ifx_connect() (doesn't apply in safe mode).
ifx.default_host =
; Default user for ifx_connect() (doesn't apply in safe mode).
ifx.default_user =
; Default password for ifx_connect() (doesn't apply in safe mode).
ifx.default_password =
; Allow or prevent persistent links.
ifx.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
ifx.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no
limit.
ifx.max_links = -1
; If on, select statements return the contents of a text blob instead of
its id.
ifx.textasvarchar = 0
; If on, select statements return the contents of a byte blob instead of
its id.
ifx.byteasvarchar = 0
; Trailing blanks are stripped from fixed-length char columns. May help
the
; life of Informix SE users.
ifx.charasvarchar = 0
; If on, the contents of text and byte blobs are dumped to a file instead
of
; keeping them in memory.
ifx.blobinfile = 0
; NULL's are returned as empty strings, unless this is set to 1. In that
case,
; NULL's are returned as string 'NULL'.
ifx.nullformat = 0
[Session]
; Handler used to store/retrieve data.
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored. Note: Windows users have to change this
; variable in order to use PHP's session functions.
; As of PHP 4.0.1, you can define the path as:
; session.save_path = "N;/path"
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
; The file storage module creates files using mode 600 by default.
; You can change that by using
; session.save_path = "N;MODE;/path"
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
;session.save_path = "/tmp"
session.save_path = sys:/php5/sessiondata
; Whether to use cookies.
session.use_cookies = 1
; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
; The path for which the cookie is valid.
session.cookie_path = /
; The domain for which the cookie is valid.
session.cookie_domain =
; Handler used to serialize data. php is the standard serializer of PHP.
session.serialize_handler = php
; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.
session.gc_probability = 1
session.gc_divisor = 1000
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
; (see session.save_path above), then garbage collection does *not*
; happen automatically. You will need to do your own garbage
; collection through a shell script, cron entry, or some other
method.
; For example, the following script would is the equivalent of
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit
register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning separately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 0
session.bug_compat_warn = 0
; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =
; How many bytes to read from the file.
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache
; Document expires after n minutes.
session.cache_expire = 180
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
; to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
; in publically accessible computer.
; - User may access your site with the same session ID
; always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
; Select a hash function
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
session.hash_function = 0
; Define how many bits are stored in each character when converting
; the binary hash data to something readable.
; 4 bits: 0-9, a-f
; 5 bits: 0-9, a-v
; 6 bits: 0-9, a-z, A-Z, "-", ","
session.hash_bits_per_character = 5
; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeent ry"
[MSSQL]
; Allow or prevent persistent links.
mssql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mssql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
mssql.max_links = -1
; Minimum error severity to display.
mssql.min_error_severity = 10
; Minimum message severity to display.
mssql.min_message_severity = 10
; Compatability mode with old versions of PHP 3.0.
mssql.compatability_mode = Off
; Connect timeout
;mssql.connect_timeout = 5
; Query timeout
;mssql.timeout = 60
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textlimit = 4096
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textsize = 4096
; Limits the number of records in each batch. 0 = all records in one
batch.
;mssql.batchsize = 0
; Specify how datetime and datetim4 columns are returned
; On => Returns data converted to SQL server settings
; Off => Returns values as YYYY-MM-DD hh:mm:ss
;mssql.datetimeconvert = On
; Use NT authentication when connecting to the server
mssql.secure_connection = Off
; Specify max number of processes. Default = 25
;mssql.max_procs = 25
[Assertion]
; Assert(expr); active by default.
;assert.active = On
; Issue a PHP warning for each failed assertion.
;assert.warning = On
; Don't bail out by default.
;assert.bail = Off
; User-function to be called if an assertion fails.
;assert.callback = 0
; Eval the expression with current error_reporting(). Set to true if you
want
; error_reporting(0) around the eval().
;assert.quiet_eval = 0
[Ingres II]
; Allow or prevent persistent links.
ingres.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
ingres.max_persistent = -1
; Maximum number of links, including persistents. -1 means no limit.
ingres.max_links = -1
; Default database (format: [node_id::]dbname[/srv_class]).
ingres.default_database =
; Default user.
ingres.default_user =
; Default password.
ingres.default_password =
[Verisign Payflow Pro]
; Default Payflow Pro server.
pfpro.defaulthost = "test-payflow.verisign.com"
; Default port to connect to.
pfpro.defaultport = 443
; Default timeout in seconds.
pfpro.defaulttimeout = 30
; Default proxy IP address (if required).
;pfpro.proxyaddress =
; Default proxy port.
;pfpro.proxyport =
; Default proxy logon.
;pfpro.proxylogon =
; Default proxy password.
;pfpro.proxypassword =
[Sockets]
; Use the system read() function instead of the php_read() wrapper.
sockets.use_system_read = On
[com]
; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
;com.typelib_file =
; allow Distributed-COM calls
;com.allow_dcom = true
; autoregister constants of a components typlib on com_load()
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
; show warnings on duplicate constat registrations
;com.autoregister_verbose = true
[LDAP]
; Path to a directory which contains SSL certificates to be used for LDAP
over SSL
; Terminate the path with /
ldap.ssl_cert_dir = "sys:/php5/cert/"
[mbstring]
; language for internal character representation.
;mbstring.language = Japanese
; internal/script encoding.
; Some encoding cannot work as internal encoding.
; (e.g. SJIS, BIG5, ISO-2022-*)
;mbstring.internal_encoding = EUC-JP
; http input encoding.
;mbstring.http_input = auto
; http output encoding. mb_output_handler must be
; registered as output buffer to function
;mbstring.http_output = SJIS
; enable automatic encoding translation accoding to
; mbstring.internal_encoding setting. Input chars are
; converted to internal encoding by setting this to On.
; Note: Do _not_ use automatic encoding translation for
; portable libs/applications.
;mbstring.encoding_translation = Off
; automatic encoding detection order.
; auto means
;mbstring.detect_order = auto
; substitute_character used when character cannot be converted
; one from another
;mbstring.substitute_character = none;
; overload(replace) single byte functions by mbstring functions.
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
; etc. Possible values are 0,1,2,4 or combination of them.
; For example, 7 for overload everything.
; 0: No overload
; 1: Overload mail() function
; 2: Overload str*() functions
; 4: Overload ereg*() functions
;mbstring.func_overload = 0
[FrontBase]
;fbsql.allow_persistent = On
;fbsql.autocommit = On
;fbsql.default_database =
;fbsql.default_database_password =
;fbsql.default_host =
;fbsql.default_password =
;fbsql.default_user = "_SYSTEM"
;fbsql.generate_warnings = Off
;fbsql.max_connections = 128
;fbsql.max_links = 128
;fbsql.max_persistent = -1
;fbsql.max_results = 128
;fbsql.batchSize = 1000
[exif]
; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as
JIS.
; With mbstring support this will automatically be converted into the
encoding
; given by corresponding encode setting. When empty
mbstring.internal_encoding
; is used. For the decode settings you can distinguish between motorola
and
; intel byte order. A decode setting cannot be empty.
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS
[Tidy]
; The path to a default tidy configuration file to use when using tidy
;tidy.default_config = /usr/local/lib/php/default.tcfg
; Should tidy clean and repair output automatically?
; WARNING: Do not use this option if you are generating non-html content
; such as dynamic images
tidy.clean_output = Off
[soap]
; Enables or disables WSDL caching feature.
soap.wsdl_cache_enabled=1
; Sets the directory name where SOAP extension will put cache files.
soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used
; instead of original one.
soap.wsdl_cache_ttl=86400
; Local Variables:
; tab-width: 4
; End:
[Imagemagick Extension - Added By GKO - 08.01.05]
extension=php_imagick.nlm
Thank you for any insight you can give ... I am not a php person.
TonyTony,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
- Check all of the other support tools and options available at
http://support.novell.com.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://support.novell.com/forums)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://support.novell.com/forums/faq_general.html
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://support.novell.com/forums/ -
[SOLVED] SQLite not working with PHP
For reasons unknown, I cannot get PHP to work properly with SQLite. I have uncommented the "extension=sqlite.so" in /etc/php/php.ini, ensured that PHP's configuration was being loaded from said file, and made sure PHP was working fine with my server of choice (lighttpd). Unfortunately, it doesn't seem to work, as evidenced by
Fatal error: Call to undefined function sqlite_open() in test.php on line x
Which is what PHP spits at me. I've checked lighty's logs and nothing's wrong. PHP's set to send to syslog, so I'm not sure where I could check on that. Here is a quick look at PHP's setup.
My /etc/php/php.ini:
[PHP]
; About php.ini ;
; This file controls many aspects of PHP's behavior. In order for PHP to
; read it, it must be named 'php.ini'. PHP looks for it in the current
; working directory, in the path designated by the environment variable
; PHPRC, and in the path that was defined in compile time (in that order).
; The path in which the php.ini file is looked for can be overridden using
; the -c argument in command line mode.
; The syntax of the file is extremely simple. Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.
; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
; Expressions in the INI file are limited to bitwise operators and parentheses:
; | bitwise OR
; & bitwise AND
; ~ bitwise NOT
; ! boolean NOT
; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.
; An empty string can be denoted by simply not writing anything after the equal
; sign, or by using the None keyword:
; foo = ; sets foo to an empty string
; foo = none ; sets foo to an empty string
; foo = "none" ; sets foo to the string 'none'
; If you use constants in your value, and these constants belong to a
; dynamically loaded extension (either a PHP extension or a Zend extension),
; you may only use these constants *after* the line that loads the extension.
; About this file ;
; This is the recommended, PHP 5-style version of the php.ini-dist file. It
; sets some non standard settings, that make PHP more efficient, more secure,
; and encourage cleaner coding.
; The price is that with these settings, PHP may be incompatible with some
; applications, and sometimes, more difficult to develop with. Using this
; file is warmly recommended for production sites. As all of the changes from
; the standard settings are thoroughly documented, you can go over each one,
; and decide whether you want to use it or not.
; For general information about the php.ini file, please consult the php.ini-dist
; file, included in your PHP distribution.
; This file is different from the php.ini-dist file in the fact that it features
; different values for several directives, in order to improve performance, while
; possibly breaking compatibility with the standard out-of-the-box behavior of
; PHP. Please make sure you read what's different, and modify your scripts
; accordingly, if you decide to use this file instead.
; - register_long_arrays = Off [Performance]
; Disables registration of the older (and deprecated) long predefined array
; variables ($HTTP_*_VARS). Instead, use the superglobals that were
; introduced in PHP 4.1.0
; - display_errors = Off [Security]
; With this directive set to off, errors that occur during the execution of
; scripts will no longer be displayed as a part of the script output, and thus,
; will no longer be exposed to remote users. With some errors, the error message
; content may expose information about your script, web server, or database
; server that may be exploitable for hacking. Production sites should have this
; directive set to off.
; - log_errors = On [Security]
; This directive complements the above one. Any errors that occur during the
; execution of your script will be logged (typically, to your server's error log,
; but can be configured in several ways). Along with setting display_errors to off,
; this setup gives you the ability to fully understand what may have gone wrong,
; without exposing any sensitive information to remote users.
; - output_buffering = 4096 [Performance]
; Set a 4KB output buffer. Enabling output buffering typically results in less
; writes, and sometimes less packets sent on the wire, which can often lead to
; better performance. The gain this directive actually yields greatly depends
; on which Web server you're working with, and what kind of scripts you're using.
; - register_argc_argv = Off [Performance]
; Disables registration of the somewhat redundant $argv and $argc global
; variables.
; - magic_quotes_gpc = Off [Performance]
; Input data is no longer escaped with slashes so that it can be sent into
; SQL databases without further manipulation. Instead, you should use the
; database vendor specific escape string function on each input element you
; wish to send to a database.
; - variables_order = "GPCS" [Performance]
; The environment variables are not hashed into the $_ENV. To access
; environment variables, you can use getenv() instead.
; - error_reporting = E_ALL [Code Cleanliness, Security(?)]
; By default, PHP suppresses errors of type E_NOTICE. These error messages
; are emitted for non-critical errors, but that could be a symptom of a bigger
; problem. Most notably, this will cause error messages about the use
; of uninitialized variables to be displayed.
; - allow_call_time_pass_reference = Off [Code cleanliness]
; It's not possible to decide to force a variable to be passed by reference
; when calling a function. The PHP 4 style to do this is by making the
; function require the relevant argument by reference.
; - short_open_tag = Off [Portability]
; Using short tags is discouraged when developing code meant for redistribution
; since short tags may not be supported on the target server.
; Language Options ;
; Enable the PHP scripting language engine under Apache.
engine = On
; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
zend.ze1_compatibility_mode = Off
; Allow the <? tag. Otherwise, only <?php and <script> tags are recognized.
; NOTE: Using short tags should be avoided when developing applications or
; libraries that are meant for redistribution, or deployment on PHP
; servers which are not under your control, because short tags may not
; be supported on the target server. For portable, redistributable code,
; be sure not to use short tags.
short_open_tag = Off
; Allow ASP-style <% %> tags.
asp_tags = Off
; The number of significant digits displayed in floating point numbers.
precision = 14
; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
y2k_compliance = On
; Output buffering allows you to send header lines (including cookies) even
; after you send body content, at the price of slowing PHP's output layer a
; bit. You can enable output buffering during runtime by calling the output
; buffering functions. You can also enable output buffering for all files by
; setting this directive to On. If you wish to limit the size of the buffer
; to a certain size - you can use a maximum number of bytes instead of 'On', as
; a value for this directive (e.g., output_buffering=4096).
output_buffering = 4096
; You can redirect all of the output of your scripts to a function. For
; example, if you set output_handler to "mb_output_handler", character
; encoding will be transparently converted to the specified encoding.
; Setting any output handler automatically turns on output buffering.
; Note: People who wrote portable scripts should not depend on this ini
; directive. Instead, explicitly set the output handler using ob_start().
; Using this ini directive may cause problems unless you know what script
; is doing.
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
; Note: output_handler must be empty if this is set 'On' !!!!
; Instead you must use zlib.output_handler.
;output_handler =
; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; Note: Resulting chunk size may vary due to nature of compression. PHP
; outputs chunks that are few hundreds bytes each as a result of
; compression. If you prefer a larger chunk size for better
; performance, enable output_buffering in addition.
; Note: You need to use zlib.output_handler instead of the standard
; output_handler, or otherwise the output will be corrupted.
zlib.output_compression = Off
;zlib.output_compression_level = -1
; You cannot specify additional output handlers if zlib.output_compression
; is activated here. This setting does the same as output_handler but in
; a different order.
;zlib.output_handler =
; Implicit flush tells PHP to tell the output layer to flush itself
; automatically after every output block. This is equivalent to calling the
; PHP function flush() after each and every call to print() or echo() and each
; and every HTML block. Turning this option on has serious performance
; implications and is generally recommended for debugging purposes only.
implicit_flush = Off
; The unserialize callback function will be called (with the undefined class'
; name as parameter), if the unserializer finds an undefined class
; which should be instantiated.
; A warning appears if the specified function is not defined, or if the
; function doesn't include/implement the missing class.
; So only set this entry, if you really want to implement such a
; callback-function.
unserialize_callback_func=
; When floats & doubles are serialized store serialize_precision significant
; digits after the floating point. The default value ensures that when floats
; are decoded with unserialize, the data will remain the same.
serialize_precision = 100
; Whether to enable the ability to force arguments to be passed by reference
; at function call time. This method is deprecated and is likely to be
; unsupported in future versions of PHP/Zend. The encouraged method of
; specifying which arguments should be passed by reference is in the function
; declaration. You're encouraged to try and turn this option Off and make
; sure your scripts work properly with it in order to ensure they will work
; with future versions of the language (you will receive a warning each time
; you use this feature, and the argument will be passed by value instead of by
; reference).
allow_call_time_pass_reference = Off
; Safe Mode
safe_mode = Off
; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = Off
; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =
; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_
; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions =
; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_classes =
; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <span style="color: ???????"> would work.
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg = #FFFFFF
;highlight.default = #0000BB
;highlight.html = #000000
; If enabled, the request will be allowed to complete even if the user aborts
; the request. Consider enabling it if executing long request, which may end up
; being interrupted by the user or a browser timing out.
; ignore_user_abort = On
; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed.
; realpath_cache_size=16k
; Duration of time, in seconds for which to cache realpath information for a given
; file or directory. For systems with rarely changing files, consider increasing this
; value.
; realpath_cache_ttl=120
; Misc
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
expose_php = Off
; Resource Limits ;
max_execution_time = 30 ; Maximum execution time of each script, in seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing request data
;max_input_nesting_level = 64 ; Maximum input variable nesting level
memory_limit = 32M ; Maximum amount of memory a script may consume (32MB)
; Error handling and logging ;
; error_reporting is a bit-field. Or each number up to get desired error
; reporting level
; E_ALL - All errors and warnings (doesn't include E_STRICT)
; E_ERROR - fatal run-time errors
; E_RECOVERABLE_ERROR - almost fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; Examples:
; - Show all errors, except for notices and coding standards warnings
;error_reporting = E_ALL & ~E_NOTICE
; - Show all errors, except for notices
;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
; - Show only errors
;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
; - Show all errors, except coding standards warnings
error_reporting = E_ALL
; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
; possible values for display_errors:
; Off - Do not display any errors
; stderr - Display errors to STDERR (affects only CGI/CLI binaries!)
; On or stdout - Display errors to STDOUT (default)
; To output errors to STDERR with CGI/CLI:
;display_errors = "stderr"
; Default
display_errors = On
; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed. It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off
; Log errors into a log file (server-specific log, stderr, or error_log (below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = On
; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
log_errors_max_len = 1024
; Do not log repeated messages. Repeated errors must occur in same file on same
; line unless ignore_repeated_source is set true.
ignore_repeated_errors = Off
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; source lines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = Off
;report_zend_debug = 0
; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off
; Turn off normal error reporting and emit XML-RPC error XML
;xmlrpc_errors = 0
; An XML-RPC faultCode
;xmlrpc_error_number = 0
; Disable the inclusion of HTML tags in error messages.
; Note: Never use this feature for production boxes.
;html_errors = Off
; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot.
; Note: Never use this feature for production boxes.
;docref_root = "/phpmanual/"
;docref_ext = .html
; String to output before an error message.
;error_prepend_string = "<font color=#ff0000>"
; String to output after an error message.
;error_append_string = "</font>"
; Log errors to specified file.
;error_log = filename
; Log errors to syslog.
error_log = syslog
; Data Handling ;
; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
;arg_separator.output = "&"
; List of separator(s) used by PHP to parse input URLs into variables.
; Default is "&".
; NOTE: Every character in this directive is considered as separator!
;arg_separator.input = ";&"
; This directive describes the order in which PHP registers GET, POST, Cookie,
; Environment and Built-in variables (G, P, C, E & S respectively, often
; referred to as EGPCS or GPC). Registration is done from left to right, newer
; values override older values.
variables_order = "GPCS"
; Whether or not to register the EGPCS variables as global variables. You may
; want to turn this off if you don't want to clutter your scripts' global scope
; with user data. This makes most sense when coupled with track_vars - in which
; case you can access all of the GPC variables through the $HTTP_*_VARS[],
; variables.
; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off
; Whether or not to register the old-style input arrays, HTTP_GET_VARS
; and friends. If you're not using them, it's recommended to turn them off,
; for performance reasons.
register_long_arrays = Off
; This directive tells PHP whether to declare the argv&argc variables (that
; would contain the GET information). If you don't use these variables, you
; should turn it off for increased performance.
register_argc_argv = Off
; When enabled, the SERVER and ENV variables are created when they're first
; used (Just In Time) instead of when the script starts. If these variables
; are not used within a script, having this directive on will result in a
; performance gain. The PHP directives register_globals, register_long_arrays,
; and register_argc_argv must be disabled for this directive to have any affect.
auto_globals_jit = On
; Maximum size of POST data that PHP will accept.
post_max_size = 8M
; Magic quotes
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
; Automatically add files before or after any PHP document.
auto_prepend_file =
auto_append_file =
; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header. To disable sending of the charset, simply
; set it to be empty.
; PHP's built-in default is text/html
default_mimetype = "text/html"
default_charset = "utf-8"
; Always populate the $HTTP_RAW_POST_DATA variable.
;always_populate_raw_post_data = On
; Paths and Directories ;
; UNIX: "/path1:/path2"
include_path = ".:/usr/share/pear"
; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues. The alternate is to use the
; cgi.force_redirect configuration below
doc_root =
; The directory under which PHP opens the script using /~username used only
; if nonempty.
user_dir =
; Directory in which the loadable extensions (modules) reside.
extension_dir = "/usr/lib/php/20060613/"
; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
; disabled on them.
enable_dl = Off
; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; cgi.force_redirect = 1
; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
; every request.
; cgi.nph = 1
; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution. Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env = ;
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
cgi.fix_pathinfo=1
; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
; security tokens of the calling client. This allows IIS to define the
; security context that the request runs under. mod_fastcgi under Apache
; does not currently support this feature (03/17/2002)
; Set to 1 if running under IIS. Default is zero.
; fastcgi.impersonate = 1;
; Disable logging through FastCGI connection
; fastcgi.logging = 0
; cgi.rfc2616_headers configuration option tells PHP what type of headers to
; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
; is supported by Apache. When this option is set to 1 PHP will send
; RFC2616 compliant header.
; Default is zero.
;cgi.rfc2616_headers = 0
; File Uploads ;
; Whether to allow HTTP file uploads.
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
;upload_tmp_dir =
; Maximum allowed size for uploaded files.
upload_max_filesize = 2M
; Fopen wrappers ;
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
allow_url_fopen = Off
; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
allow_url_include = Off
; Define the anonymous ftp password (your email address)
;from="[email protected]"
; Define the User-Agent string
; user_agent="PHP"
; Default timeout for socket based streams (seconds)
default_socket_timeout = 60
; Dynamic Extensions ;
; If you wish to have an extension loaded automatically, use the following
; syntax:
; extension=modulename.extension
; For example, under UNIX:
; extension=msql.so
; Note that it should be the name of the module only; no directory information
; needs to go here. Specify the location of the extension with the
; extension_dir directive above.
; Module Settings ;
[Date]
; Defines the default timezone used by the date functions
;date.timezone =
;date.default_latitude = 31.7667
;date.default_longitude = 35.2333
;date.sunrise_zenith = 90.583333
;date.sunset_zenith = 90.583333
[filter]
;filter.default = unsafe_raw
;filter.default_flags =
[iconv]
;iconv.input_encoding = ISO-8859-1
;iconv.internal_encoding = ISO-8859-1
;iconv.output_encoding = ISO-8859-1
[sqlite]
sqlite.assoc_case = 1
[Pcre]
;PCRE library backtracking limit.
;pcre.backtrack_limit=100000
;PCRE library recursion limit.
;Please note that if you set this value to a high number you may consume all
;the available process stack and eventually crash PHP (due to reaching the
;stack size limit imposed by the Operating System).
;pcre.recursion_limit=100000
[Syslog]
; Whether or not to define the various syslog variables (e.g. $LOG_PID,
; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In
; runtime, you can define these variables by calling define_syslog_variables().
define_syslog_variables = Off
[mail function]
; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path =
; Force the addition of the specified parameters to be passed as extra parameters
; to the sendmail binary. These parameters will always replace the value of
; the 5th parameter to mail(), even in safe mode.
;mail.force_extra_parameters =
[SQL]
sql.safe_mode = Off
[ODBC]
;odbc.default_db = Not yet implemented
;odbc.default_user = Not yet implemented
;odbc.default_pw = Not yet implemented
; Allow or prevent persistent links.
odbc.allow_persistent = On
; Check that a connection is still valid before reuse.
odbc.check_persistent = On
; Maximum number of persistent links. -1 means no limit.
odbc.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
odbc.max_links = -1
; Handling of LONG fields. Returns number of bytes to variables. 0 means
; passthru.
odbc.defaultlrl = 4096
; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
; of uodbc.defaultlrl and uodbc.defaultbinmode
odbc.defaultbinmode = 1
[MySQL]
; Allow or prevent persistent links.
mysql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mysql.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
mysql.max_links = -1
; Default port number for mysql_connect(). If unset, mysql_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).
mysql.default_port =
; Default socket name for local MySQL connects. If empty, uses the built-in
; MySQL defaults.
mysql.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysql.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysql.default_user =
; Default password for mysql_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
; and reveal this password! And of course, any users with read access to this
; file will be able to reveal the password as well.
mysql.default_password =
; Maximum time (in seconds) for connect timeout. -1 means no limit
mysql.connect_timeout = 60
; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
; SQL-Errors will be displayed.
mysql.trace_mode = Off
[MySQLi]
; Maximum number of links. -1 means no limit.
mysqli.max_links = -1
; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).
mysqli.default_port = 3306
; Default socket name for local MySQL connects. If empty, uses the built-in
; MySQL defaults.
mysqli.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysqli.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysqli.default_user =
; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
; and reveal this password! And of course, any users with read access to this
; file will be able to reveal the password as well.
mysqli.default_pw =
; Allow or prevent reconnect
mysqli.reconnect = Off
[mSQL]
; Allow or prevent persistent links.
msql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
msql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
msql.max_links = -1
[OCI8]
; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA)
;oci8.privileged_connect = Off
; Connection: The maximum number of persistent OCI8 connections per
; process. Using -1 means no limit.
;oci8.max_persistent = -1
; Connection: The maximum number of seconds a process is allowed to
; maintain an idle persistent connection. Using -1 means idle
; persistent connections will be maintained forever.
;oci8.persistent_timeout = -1
; Connection: The number of seconds that must pass before issuing a
; ping during oci_pconnect() to check the connection validity. When
; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
; pings completely.
;oci8.ping_interval = 60
; Tuning: This option enables statement caching, and specifies how
; many statements to cache. Using 0 disables statement caching.
;oci8.statement_cache_size = 20
; Tuning: Enables statement prefetching and sets the default number of
; rows that will be fetched automatically after statement execution.
;oci8.default_prefetch = 10
; Compatibility. Using On means oci_close() will not close
; oci_connect() and oci_new_connect() connections.
;oci8.old_oci_close_semantics = Off
[PostgresSQL]
; Allow or prevent persistent links.
pgsql.allow_persistent = On
; Detect broken persistent links always with pg_pconnect().
; Auto reset feature requires a little overheads.
pgsql.auto_reset_persistent = Off
; Maximum number of persistent links. -1 means no limit.
pgsql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
pgsql.max_links = -1
; Ignore PostgreSQL backends Notice message or not.
; Notice message logging require a little overheads.
pgsql.ignore_notice = 0
; Log PostgreSQL backends Notice message or not.
; Unless pgsql.ignore_notice=0, module cannot log notice message.
pgsql.log_notice = 0
[Sybase]
; Allow or prevent persistent links.
sybase.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybase.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
sybase.max_links = -1
;sybase.interface_file = "/usr/sybase/interfaces"
; Minimum error severity to display.
sybase.min_error_severity = 10
; Minimum message severity to display.
sybase.min_message_severity = 10
; Compatibility mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results according
; to their Sybase type, instead of treating them all as strings. This
; compatibility mode will probably not stay around forever, so try applying
; whatever necessary changes to your code, and turn it off.
sybase.compatability_mode = Off
[Sybase-CT]
; Allow or prevent persistent links.
sybct.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybct.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
sybct.max_links = -1
; Minimum server message severity to display.
sybct.min_server_severity = 10
; Minimum client message severity to display.
sybct.min_client_severity = 10
[bcmath]
; Number of decimal digits for all bcmath functions.
bcmath.scale = 0
[browscap]
;browscap = extra/browscap.ini
[Informix]
; Default host for ifx_connect() (doesn't apply in safe mode).
ifx.default_host =
; Default user for ifx_connect() (doesn't apply in safe mode).
ifx.default_user =
; Default password for ifx_connect() (doesn't apply in safe mode).
ifx.default_password =
; Allow or prevent persistent links.
ifx.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
ifx.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
ifx.max_links = -1
; If on, select statements return the contents of a text blob instead of its id.
ifx.textasvarchar = 0
; If on, select statements return the contents of a byte blob instead of its id.
ifx.byteasvarchar = 0
; Trailing blanks are stripped from fixed-length char columns. May help the
; life of Informix SE users.
ifx.charasvarchar = 0
; If on, the contents of text and byte blobs are dumped to a file instead of
; keeping them in memory.
ifx.blobinfile = 0
; NULL's are returned as empty strings, unless this is set to 1. In that case,
; NULL's are returned as string 'NULL'.
ifx.nullformat = 0
[Session]
; Handler used to store/retrieve data.
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored.
; As of PHP 4.0.1, you can define the path as:
; session.save_path = "N;/path"
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
; The file storage module creates files using mode 600 by default.
; You can change that by using
; session.save_path = "N;MODE;/path"
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
session.save_path = "/tmp"
; Whether to use cookies.
session.use_cookies = 1
;session.cookie_secure =
; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
; session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = PHPSESSID
; Initialize session on request startup.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
; The path for which the cookie is valid.
session.cookie_path = /
; The domain for which the cookie is valid.
session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
session.cookie_httponly =
; Handler used to serialize data. php is the standard serializer of PHP.
session.serialize_handler = php
; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.
session.gc_probability = 1
session.gc_divisor = 1000
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 1440
; NOTE: If you are using the subdirectory option for storing session files
; (see session.save_path above), then garbage collection does *not*
; happen automatically. You will need to do your own garbage
; collection through a shell script, cron entry, or some other method.
; For example, the following script would is the equivalent of
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning separately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 0
session.bug_compat_warn = 1
; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =
; How many bytes to read from the file.
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = nocache
; Document expires after n minutes.
session.cache_expire = 180
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
; to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
; in publically accessible computer.
; - User may access your site with the same session ID
; always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
; Select a hash function
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
session.hash_function = 0
; Define how many bits are stored in each character when converting
; the binary hash data to something readable.
; 4 bits: 0-9, a-f
; 5 bits: 0-9, a-v
; 6 bits: 0-9, a-z, A-Z, "-", ","
session.hash_bits_per_character = 5
; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[MSSQL]
; Allow or prevent persistent links.
mssql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mssql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
mssql.max_links = -1
; Minimum error severity to display.
mssql.min_error_severity = 10
; Minimum message severity to display.
mssql.min_message_severity = 10
; Compatibility mode with old versions of PHP 3.0.
mssql.compatability_mode = Off
; Connect timeout
;mssql.connect_timeout = 5
; Query timeout
;mssql.timeout = 60
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textlimit = 4096
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textsize = 4096
; Limits the number of records in each batch. 0 = all records in one batch.
;mssql.batchsize = 0
; Specify how datetime and datetim4 columns are returned
; On => Returns data converted to SQL server settings
; Off => Returns values as YYYY-MM-DD hh:mm:ss
;mssql.datetimeconvert = On
; Use NT authentication when connecting to the server
mssql.secure_connection = Off
; Specify max number of processes. -1 = library default
; msdlib defaults to 25
; FreeTDS defaults to 4096
;mssql.max_procs = -1
; Specify client character set.
; If empty or not set the client charset from freetds.comf is used
; This is only used when compiled with FreeTDS
;mssql.charset = "ISO-8859-1"
[Assertion]
; Assert(expr); active by default.
;assert.active = On
; Issue a PHP warning for each failed assertion.
;assert.warning = On
; Don't bail out by default.
;assert.bail = Off
; User-function to be called if an assertion fails.
;assert.callback = 0
; Eval the expression with current error_reporting(). Set to true if you want
; error_reporting(0) around the eval().
;assert.quiet_eval = 0
[COM]
; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
;com.typelib_file =
; allow Distributed-COM calls
;com.allow_dcom = true
; autoregister constants of a components typlib on com_load()
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
; show warnings on duplicate constant registrations
;com.autoregister_verbose = true
[mbstring]
; language for internal character representation.
;mbstring.language = Japanese
; internal/script encoding.
; Some encoding cannot work as internal encoding.
; (e.g. SJIS, BIG5, ISO-2022-*)
;mbstring.internal_encoding = EUC-JP
; http input encoding.
;mbstring.http_input = auto
; http output encoding. mb_output_handler must be
; registered as output buffer to function
;mbstring.http_output = SJIS
; enable automatic encoding translation according to
; mbstring.internal_encoding setting. Input chars are
; converted to internal encoding by setting this to On.
; Note: Do _not_ use automatic encoding translation for
; portable libs/applications.
;mbstring.encoding_translation = Off
; automatic encoding detection order.
; auto means
;mbstring.detect_order = auto
; substitute_character used when character cannot be converted
; one from another
;mbstring.substitute_character = none;
; overload(replace) single byte functions by mbstring functions.
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
; etc. Possible values are 0,1,2,4 or combination of them.
; For example, 7 for overload everything.
; 0: No overload
; 1: Overload mail() function
; 2: Overload str*() functions
; 4: Overload ereg*() functions
;mbstring.func_overload = 0
; enable strict encoding detection.
;mbstring.strict_encoding = Off
[FrontBase]
;fbsql.allow_persistent = On
;fbsql.autocommit = On
;fbsql.show_timestamp_decimals = Off
;fbsql.default_database =
;fbsql.default_database_password =
;fbsql.default_host =
;fbsql.default_password =
;fbsql.default_user = "_SYSTEM"
;fbsql.generate_warnings = Off
;fbsql.max_connections = 128
;fbsql.max_links = 128
;fbsql.max_persistent = -1
;fbsql.max_results = 128
[gd]
; Tell the jpeg decode to libjpeg warnings and try to create
; a gd image. The warning will then be displayed as notices
; disabled by default
;gd.jpeg_ignore_warning = 0
[exif]
; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
; With mbstring support this will automatically be converted into the encoding
; given by corresponding encode setting. When empty mbstring.internal_encoding
; is used. For the decode settings you can distinguish between motorola and
; intel byte order. A decode setting cannot be empty.
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS
[Tidy]
; The path to a default tidy configuration file to use when using tidy
;tidy.default_config = /usr/local/lib/php/default.tcfg
; Should tidy clean and repair output automatically?
; WARNING: Do not use this option if you are generating non-html content
; such as dynamic images
tidy.clean_output = Off
[soap]
; Enables or disables WSDL caching feature.
soap.wsdl_cache_enabled=1
; Sets the directory name where SOAP extension will put cache files.
soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used
; instead of original one.
soap.wsdl_cache_ttl=86400
; available extensions
;extension=bcmath.so
;extension=bz2.so
;extension=calendar.so
;extension=curl.so
;extension=dba.so
;extension=dbase.so
;extension=exif.so
;extension=ftp.so
;extension=gd.so
extension=gettext.so
;extension=gmp.so
;extension=iconv.so
;extension=imap.so
;extension=json.so
;extension=ldap.so
;extension=mcrypt.so
;extension=mhash.so
;extension=mime_magic.so
;extension=mysql.so
;extension=mysqli.so
;extension=ncurses.so
;extension=odbc.so
;extension=openssl.so
;extension=pdo.so
;extension=pdo_mysql.so
;extension=pdo_odbc.so
;extension=pdo_pgsql.so
;extension=pdo_sqlite.so
;extension=pgsql.so
;extension=posix.so
;extension=pspell.so
extension=session.so
;extension=shmop.so
;extension=snmp.so
;extension=soap.so
extension=sockets.so
extension=sqlite.so
;extension=sysvmsg.so
;extension=sysvsem.so
;extension=sysvshm.so
;extension=tidy.so
;extension=xmlrpc.so
;extension=xsl.so
;extension=zip.so
extension=zlib.so
; Local Variables:
; tab-width: 4
; End:
I've attempted enabling pdo.so and pdo_sqlite.so as well, with no results, making sure to stop lighty and flush all of its processes before checking again.
`php-cgi -m | grep sqlite` does not return anything, either.
The extensions directory (/usr/lib/php/20060613) exists on my system and contains sqlite.so, as expected.
I have no clue what's going on here and would greatly appreciate any help offered.
Last edited by xelados (2009-09-23 04:02:22)After the last update which installed PHP 5.3.0, I'm having a similar problem. PHP fails to recognize any extensions which I've defined in php.ini. PHP itself works just fine, so I'm sure this problem is related to the update of PHP.
Here's my php.ini:
[PHP]
; About php.ini ;
; This file controls many aspects of PHP's behavior. In order for PHP to
; read it, it must be named 'php.ini'. PHP looks for it in the current
; working directory, in the path designated by the environment variable
; PHPRC, and in the path that was defined in compile time (in that order).
; The path in which the php.ini file is looked for can be overridden using
; the -c argument in command line mode.
; The syntax of the file is extremely simple. Whitespace and Lines
; beginning with a semicolon are silently ignored (as you probably guessed).
; Section headers (e.g. [Foo]) are also silently ignored, even though
; they might mean something in the future.
; Directives are specified using the following syntax:
; directive = value
; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
; Expressions in the INI file are limited to bitwise operators and parentheses:
; | bitwise OR
; & bitwise AND
; ~ bitwise NOT
; ! boolean NOT
; Boolean flags can be turned on using the values 1, On, True or Yes.
; They can be turned off using the values 0, Off, False or No.
; An empty string can be denoted by simply not writing anything after the equal
; sign, or by using the None keyword:
; foo = ; sets foo to an empty string
; foo = none ; sets foo to an empty string
; foo = "none" ; sets foo to the string 'none'
; If you use constants in your value, and these constants belong to a
; dynamically loaded extension (either a PHP extension or a Zend extension),
; you may only use these constants *after* the line that loads the extension.
; About this file ;
; This is the recommended, PHP 5-style version of the php.ini-dist file. It
; sets some non standard settings, that make PHP more efficient, more secure,
; and encourage cleaner coding.
; The price is that with these settings, PHP may be incompatible with some
; applications, and sometimes, more difficult to develop with. Using this
; file is warmly recommended for production sites. As all of the changes from
; the standard settings are thoroughly documented, you can go over each one,
; and decide whether you want to use it or not.
; For general information about the php.ini file, please consult the php.ini-dist
; file, included in your PHP distribution.
; This file is different from the php.ini-dist file in the fact that it features
; different values for several directives, in order to improve performance, while
; possibly breaking compatibility with the standard out-of-the-box behavior of
; PHP. Please make sure you read what's different, and modify your scripts
; accordingly, if you decide to use this file instead.
; - register_long_arrays = Off [Performance]
; Disables registration of the older (and deprecated) long predefined array
; variables ($HTTP_*_VARS). Instead, use the superglobals that were
; introduced in PHP 4.1.0
; - display_errors = Off [Security]
; With this directive set to off, errors that occur during the execution of
; scripts will no longer be displayed as a part of the script output, and thus,
; will no longer be exposed to remote users. With some errors, the error message
; content may expose information about your script, web server, or database
; server that may be exploitable for hacking. Production sites should have this
; directive set to off.
; - log_errors = On [Security]
; This directive complements the above one. Any errors that occur during the
; execution of your script will be logged (typically, to your server's error log,
; but can be configured in several ways). Along with setting display_errors to off,
; this setup gives you the ability to fully understand what may have gone wrong,
; without exposing any sensitive information to remote users.
; - output_buffering = 4096 [Performance]
; Set a 4KB output buffer. Enabling output buffering typically results in less
; writes, and sometimes less packets sent on the wire, which can often lead to
; better performance. The gain this directive actually yields greatly depends
; on which Web server you're working with, and what kind of scripts you're using.
; - register_argc_argv = Off [Performance]
; Disables registration of the somewhat redundant $argv and $argc global
; variables.
; - magic_quotes_gpc = Off [Performance]
; Input data is no longer escaped with slashes so that it can be sent into
; SQL databases without further manipulation. Instead, you should use the
; function addslashes() on each input element you wish to send to a database.
; - variables_order = "GPCS" [Performance]
; The environment variables are not hashed into the $_ENV. To access
; environment variables, you can use getenv() instead.
; - error_reporting = E_ALL [Code Cleanliness, Security(?)]
; By default, PHP suppresses errors of type E_NOTICE. These error messages
; are emitted for non-critical errors, but that could be a symptom of a bigger
; problem. Most notably, this will cause error messages about the use
; of uninitialized variables to be displayed.
; - allow_call_time_pass_reference = Off [Code cleanliness]
; It's not possible to decide to force a variable to be passed by reference
; when calling a function. The PHP 4 style to do this is by making the
; function require the relevant argument by reference.
; - short_open_tag = Off [Portability]
; Using short tags is discouraged when developing code meant for redistribution
; since short tags may not be supported on the target server.
; Language Options ;
; Enable the PHP scripting language engine under Apache.
engine = On
; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
zend.ze1_compatibility_mode = Off
; Allow the <? tag. Otherwise, only <?php and <script> tags are recognized.
; NOTE: Using short tags should be avoided when developing applications or
; libraries that are meant for redistribution, or deployment on PHP
; servers which are not under your control, because short tags may not
; be supported on the target server. For portable, redistributable code,
; be sure not to use short tags.
short_open_tag = Off
; Allow ASP-style <% %> tags.
asp_tags = Off
; The number of significant digits displayed in floating point numbers.
precision = 14
; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
y2k_compliance = On
; Output buffering allows you to send header lines (including cookies) even
; after you send body content, at the price of slowing PHP's output layer a
; bit. You can enable output buffering during runtime by calling the output
; buffering functions. You can also enable output buffering for all files by
; setting this directive to On. If you wish to limit the size of the buffer
; to a certain size - you can use a maximum number of bytes instead of 'On', as
; a value for this directive (e.g., output_buffering=4096).
output_buffering = Off
; You can redirect all of the output of your scripts to a function. For
; example, if you set output_handler to "mb_output_handler", character
; encoding will be transparently converted to the specified encoding.
; Setting any output handler automatically turns on output buffering.
; Note: People who wrote portable scripts should not depend on this ini
; directive. Instead, explicitly set the output handler using ob_start().
; Using this ini directive may cause problems unless you know what script
; is doing.
; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
; and you cannot use both "ob_gzhandler" and "zlib.output_compression".
; Note: output_handler must be empty if this is set 'On' !!!!
; Instead you must use zlib.output_handler.
;output_handler =
; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; Note: Resulting chunk size may vary due to nature of compression. PHP
; outputs chunks that are few hundreds bytes each as a result of
; compression. If you prefer a larger chunk size for better
; performance, enable output_buffering in addition.
; Note: You need to use zlib.output_handler instead of the standard
; output_handler, or otherwise the output will be corrupted.
zlib.output_compression = Off
;zlib.output_compression_level = -1
; You cannot specify additional output handlers if zlib.output_compression
; is activated here. This setting does the same as output_handler but in
; a different order.
;zlib.output_handler =
; Implicit flush tells PHP to tell the output layer to flush itself
; automatically after every output block. This is equivalent to calling the
; PHP function flush() after each and every call to print() or echo() and each
; and every HTML block. Turning this option on has serious performance
; implications and is generally recommended for debugging purposes only.
implicit_flush = Off
; The unserialize callback function will be called (with the undefined class'
; name as parameter), if the unserializer finds an undefined class
; which should be instantiated.
; A warning appears if the specified function is not defined, or if the
; function doesn't include/implement the missing class.
; So only set this entry, if you really want to implement such a
; callback-function.
unserialize_callback_func=
; When floats & doubles are serialized store serialize_precision significant
; digits after the floating point. The default value ensures that when floats
; are decoded with unserialize, the data will remain the same.
serialize_precision = 100
; Whether to enable the ability to force arguments to be passed by reference
; at function call time. This method is deprecated and is likely to be
; unsupported in future versions of PHP/Zend. The encouraged method of
; specifying which arguments should be passed by reference is in the function
; declaration. You're encouraged to try and turn this option Off and make
; sure your scripts work properly with it in order to ensure they will work
; with future versions of the language (you will receive a warning each time
; you use this feature, and the argument will be passed by value instead of by
; reference).
allow_call_time_pass_reference = Off
; Safe Mode
safe_mode = Off
; By default, Safe Mode does a UID compare check when
; opening files. If you want to relax this to a GID compare,
; then turn on safe_mode_gid.
safe_mode_gid = Off
; When safe_mode is on, UID/GID checks are bypassed when
; including files from this directory and its subdirectories.
; (directory must also be in include_path or full path must
; be used when including)
safe_mode_include_dir =
; When safe_mode is on, only executables located in the safe_mode_exec_dir
; will be allowed to be executed via the exec family of functions.
safe_mode_exec_dir =
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_
; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
; open_basedir, if set, limits all file operations to the defined directory
; and below. This directive makes most sense if used in a per-directory
; or per-virtualhost web server configuration file. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
; open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_functions =
; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names. This directive is
; *NOT* affected by whether Safe Mode is turned On or Off.
disable_classes =
; Colors for Syntax Highlighting mode. Anything that's acceptable in
; <span style="color: ???????"> would work.
;highlight.string = #DD0000
;highlight.comment = #FF9900
;highlight.keyword = #007700
;highlight.bg = #FFFFFF
;highlight.default = #0000BB
;highlight.html = #000000
; If enabled, the request will be allowed to complete even if the user aborts
; the request. Consider enabling it if executing long request, which may end up
; being interrupted by the user or a browser timing out.
; ignore_user_abort = On
; Determines the size of the realpath cache to be used by PHP. This value should
; be increased on systems where PHP opens many files to reflect the quantity of
; the file operations performed.
; realpath_cache_size=16k
; Duration of time, in seconds for which to cache realpath information for a given
; file or directory. For systems with rarely changing files, consider increasing this
; value.
; realpath_cache_ttl=120
; Misc
; Decides whether PHP may expose the fact that it is installed on the server
; (e.g. by adding its signature to the Web server header). It is no security
; threat in any way, but it makes it possible to determine whether you use PHP
; on your server or not.
expose_php = Off
; Resource Limits ;
max_execution_time = 120 ; Maximum execution time of each script, in seconds
max_input_time = 120 ; Maximum amount of time each script may spend parsing request data
;max_input_nesting_level = 64 ; Maximum input variable nesting level
memory_limit = 128M ; Maximum amount of memory a script may consume (32MB)
; Error handling and logging ;
; error_reporting is a bit-field. Or each number up to get desired error
; reporting level
; E_ALL - All errors and warnings (doesn't include E_STRICT)
; E_ERROR - fatal run-time errors
; E_RECOVERABLE_ERROR - almost fatal run-time errors
; E_WARNING - run-time warnings (non-fatal errors)
; E_PARSE - compile-time parse errors
; E_NOTICE - run-time notices (these are warnings which often result
; from a bug in your code, but it's possible that it was
; intentional (e.g., using an uninitialized variable and
; relying on the fact it's automatically initialized to an
; empty string)
; E_STRICT - run-time notices, enable to have PHP suggest changes
; to your code which will ensure the best interoperability
; and forward compatibility of your code
; E_CORE_ERROR - fatal errors that occur during PHP's initial startup
; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
; initial startup
; E_COMPILE_ERROR - fatal compile-time errors
; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
; E_USER_ERROR - user-generated error message
; E_USER_WARNING - user-generated warning message
; E_USER_NOTICE - user-generated notice message
; Examples:
; - Show all errors, except for notices and coding standards warnings
;error_reporting = E_ALL & ~E_NOTICE
; - Show all errors, except for notices
;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
; - Show only errors
;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
; - Show all errors, except coding standards warnings
error_reporting = E_ALL
; Print out errors (as a part of the output). For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below). Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
; possible values for display_errors:
; Off - Do not display any errors
; stderr - Display errors to STDERR (affects only CGI/CLI binaries!)
; On or stdout - Display errors to STDOUT (default)
; To output errors to STDERR with CGI/CLI:
;display_errors = "stderr"
; Default
display_errors = On
; Even when display_errors is on, errors that occur during PHP's startup
; sequence are not displayed. It's strongly recommended to keep
; display_startup_errors off, except for when debugging.
display_startup_errors = Off
; Log errors into a log file (server-specific log, stderr, or error_log (below))
; As stated above, you're strongly advised to use error logging in place of
; error displaying on production web sites.
log_errors = Off
; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at all.
log_errors_max_len = 1024
; Do not log repeated messages. Repeated errors must occur in same file on same
; line until ignore_repeated_source is set true.
ignore_repeated_errors = Off
; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; source lines.
ignore_repeated_source = Off
; If this parameter is set to Off, then memory leaks will not be shown (on
; stdout or in the log). This has only effect in a debug compile, and if
; error reporting includes E_WARNING in the allowed list
report_memleaks = Off
;report_zend_debug = 0
; Store the last error/warning message in $php_errormsg (boolean).
track_errors = Off
; Disable the inclusion of HTML tags in error messages.
; Note: Never use this feature for production boxes.
;html_errors = Off
; If html_errors is set On PHP produces clickable error messages that direct
; to a page describing the error or function causing the error in detail.
; You can download a copy of the PHP manual from http://www.php.net/docs.php
; and change docref_root to the base URL of your local copy including the
; leading '/'. You must also specify the file extension being used including
; the dot.
; Note: Never use this feature for production boxes.
;docref_root = "/phpmanual/"
;docref_ext = .html
; String to output before an error message.
;error_prepend_string = "<font color=ff0000>"
; String to output after an error message.
;error_append_string = "</font>"
; Log errors to specified file.
;error_log = filename
; Log errors to syslog.
error_log = syslog
; Data Handling ;
; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
; The separator used in PHP generated URLs to separate arguments.
; Default is "&".
;arg_separator.output = "&"
; List of separator(s) used by PHP to parse input URLs into variables.
; Default is "&".
; NOTE: Every character in this directive is considered as separator!
;arg_separator.input = ";&"
; This directive describes the order in which PHP registers GET, POST, Cookie,
; Environment and Built-in variables (G, P, C, E & S respectively, often
; referred to as EGPCS or GPC). Registration is done from left to right, newer
; values override older values.
variables_order = "GPCS"
; Whether or not to register the EGPCS variables as global variables. You may
; want to turn this off if you don't want to clutter your scripts' global scope
; with user data. This makes most sense when coupled with track_vars - in which
; case you can access all of the GPC variables through the $HTTP_*_VARS[],
; variables.
; You should do your best to write your scripts so that they do not require
; register_globals to be on; Using form variables as globals can easily lead
; to possible security problems, if the code is not very well thought of.
register_globals = Off
; Whether or not to register the old-style input arrays, HTTP_GET_VARS
; and friends. If you're not using them, it's recommended to turn them off,
; for performance reasons.
register_long_arrays = Off
; This directive tells PHP whether to declare the argv&argc variables (that
; would contain the GET information). If you don't use these variables, you
; should turn it off for increased performance.
register_argc_argv = Off
; When enabled, the SERVER and ENV variables are created when they're first
; used (Just In Time) instead of when the script starts. If these variables
; are not used within a script, having this directive on will result in a
; performance gain. The PHP directives register_globals, register_long_arrays,
; and register_argc_argv must be disabled for this directive to have any affect.
auto_globals_jit = On
; Maximum size of POST data that PHP will accept.
post_max_size = 128M
; Magic quotes
; Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off
; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off
; Use Sybase-style magic quotes (escape ' with '' instead of \').
magic_quotes_sybase = Off
; Automatically add files before or after any PHP document.
auto_prepend_file =
auto_append_file =
; As of 4.0b4, PHP always outputs a character encoding by default in
; the Content-type: header. To disable sending of the charset, simply
; set it to be empty.
; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"
; Always populate the $HTTP_RAW_POST_DATA variable.
;always_populate_raw_post_data = On
; Paths and Directories ;
; UNIX: "/path1:/path2"
;include_path = ".:/usr/share/pear"
; The root of the PHP pages, used only if nonempty.
; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
; if you are running php as a CGI under any web server (other than IIS)
; see documentation for security issues. The alternate is to use the
; cgi.force_redirect configuration below
doc_root =
; The directory under which PHP opens the script using /~username used only
; if nonempty.
user_dir =
; Directory in which the loadable extensions (modules) reside.
extension_dir = "/usr/lib/php/modules/"
; Whether or not to enable the dl() function. The dl() function does NOT work
; properly in multithreaded servers, such as IIS or Zeus, and is automatically
; disabled on them.
enable_dl = Off
; cgi.force_redirect is necessary to provide security running PHP as a CGI under
; most web servers. Left undefined, PHP turns this on by default. You can
; turn it off here AT YOUR OWN RISK
; **You CAN safely turn this off for IIS, in fact, you MUST.**
; cgi.force_redirect = 1
; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
; every request.
; cgi.nph = 1
; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
; will look for to know it is OK to continue execution. Setting this variable MAY
; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
; cgi.redirect_status_env = ;
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
; cgi.fix_pathinfo=1
; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
; security tokens of the calling client. This allows IIS to define the
; security context that the request runs under. mod_fastcgi under Apache
; does not currently support this feature (03/17/2002)
; Set to 1 if running under IIS. Default is zero.
; fastcgi.impersonate = 1;
; Disable logging through FastCGI connection
; fastcgi.logging = 0
; cgi.rfc2616_headers configuration option tells PHP what type of headers to
; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
; is supported by Apache. When this option is set to 1 PHP will send
; RFC2616 compliant header.
; Default is zero.
;cgi.rfc2616_headers = 0
; File Uploads ;
; Whether to allow HTTP file uploads.
file_uploads = On
; Temporary directory for HTTP uploaded files (will use system default if not
; specified).
;upload_tmp_dir =
; Maximum allowed size for uploaded files.
upload_max_filesize = 128M
; Fopen wrappers ;
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
allow_url_fopen = On
; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
allow_url_include = Off
; Define the anonymous ftp password (your email address)
;from="[email protected]"
; Define the User-Agent string
; user_agent="PHP"
; Default timeout for socket based streams (seconds)
default_socket_timeout = 10
; Dynamic Extensions ;
; If you wish to have an extension loaded automatically, use the following
; syntax:
; extension=modulename.extension
; For example, under UNIX:
; extension=msql.so
; Note that it should be the name of the module only; no directory information
; needs to go here. Specify the location of the extension with the
; extension_dir directive above.
; Module Settings ;
[Date]
; Defines the default timezone used by the date functions
;date.timezone =
;date.default_latitude = 31.7667
;date.default_longitude = 35.2333
;date.sunrise_zenith = 90.583333
;date.sunset_zenith = 90.583333
[filter]
;filter.default = unsafe_raw
;filter.default_flags =
[iconv]
;iconv.input_encoding = ISO-8859-1
;iconv.internal_encoding = ISO-8859-1
;iconv.output_encoding = ISO-8859-1
[sqlite]
;sqlite.assoc_case = 0
[xmlrpc]
;xmlrpc_error_number = 0
;xmlrpc_errors = 0
[Pcre]
;PCRE library backtracking limit.
;pcre.backtrack_limit=100000
;PCRE library recursion limit.
;Please note that if you set this value to a high number you may consume all
;the available process stack and eventually crash PHP (due to reaching the
;stack size limit imposed by the Operating System).
;pcre.recursion_limit=100000
[Syslog]
; Whether or not to define the various syslog variables (e.g. $LOG_PID,
; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In
; runtime, you can define these variables by calling define_syslog_variables().
define_syslog_variables = Off
[mail function]
; For Unix only. You may supply arguments as well (default: "sendmail -t -i").
;sendmail_path =
; Force the addition of the specified parameters to be passed as extra parameters
; to the sendmail binary. These parameters will always replace the value of
; the 5th parameter to mail(), even in safe mode.
;mail.force_extra_parameters =
[SQL]
sql.safe_mode = Off
[ODBC]
;odbc.default_db = Not yet implemented
;odbc.default_user = Not yet implemented
;odbc.default_pw = Not yet implemented
; Allow or prevent persistent links.
odbc.allow_persistent = On
; Check that a connection is still valid before reuse.
odbc.check_persistent = On
; Maximum number of persistent links. -1 means no limit.
odbc.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
odbc.max_links = -1
; Handling of LONG fields. Returns number of bytes to variables. 0 means
; passthru.
odbc.defaultlrl = 4096
; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char.
; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
; of uodbc.defaultlrl and uodbc.defaultbinmode
odbc.defaultbinmode = 1
[MySQL]
; Allow or prevent persistent links.
mysql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mysql.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
mysql.max_links = -1
; Default port number for mysql_connect(). If unset, mysql_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).
mysql.default_port =
; Default socket name for local MySQL connects. If empty, uses the built-in
; MySQL defaults.
mysql.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysql.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysql.default_user =
; Default password for mysql_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
; and reveal this password! And of course, any users with read access to this
; file will be able to reveal the password as well.
mysql.default_password =
; Maximum time (in seconds) for connect timeout. -1 means no limit
mysql.connect_timeout = 60
; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
; SQL-Errors will be displayed.
mysql.trace_mode = Off
[MySQLi]
; Maximum number of links. -1 means no limit.
mysqli.max_links = -1
; Default port number for mysqli_connect(). If unset, mysqli_connect() will use
; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
; compile-time value defined MYSQL_PORT (in that order).
mysqli.default_port = 3306
; Default socket name for local MySQL connects. If empty, uses the built-in
; MySQL defaults.
mysqli.default_socket =
; Default host for mysql_connect() (doesn't apply in safe mode).
mysqli.default_host =
; Default user for mysql_connect() (doesn't apply in safe mode).
mysqli.default_user =
; Default password for mysqli_connect() (doesn't apply in safe mode).
; Note that this is generally a *bad* idea to store passwords in this file.
; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
; and reveal this password! And of course, any users with read access to this
; file will be able to reveal the password as well.
mysqli.default_pw =
; Allow or prevent reconnect
mysqli.reconnect = Off
[mSQL]
; Allow or prevent persistent links.
msql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
msql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
msql.max_links = -1
[OCI8]
; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA)
;oci8.privileged_connect = Off
; Connection: The maximum number of persistent OCI8 connections per
; process. Using -1 means no limit.
;oci8.max_persistent = -1
; Connection: The maximum number of seconds a process is allowed to
; maintain an idle persistent connection. Using -1 means idle
; persistent connections will be maintained forever.
;oci8.persistent_timeout = -1
; Connection: The number of seconds that must pass before issuing a
; ping during oci_pconnect() to check the connection validity. When
; set to 0, each oci_pconnect() will cause a ping. Using -1 disables
; pings completely.
;oci8.ping_interval = 60
; Tuning: This option enables statement caching, and specifies how
; many statements to cache. Using 0 disables statement caching.
;oci8.statement_cache_size = 20
; Tuning: Enables statement prefetching and sets the default number of
; rows that will be fetched automatically after statement execution.
;oci8.default_prefetch = 10
; Compatibility. Using On means oci_close() will not close
; oci_connect() and oci_new_connect() connections.
;oci8.old_oci_close_semantics = Off
[PostgresSQL]
; Allow or prevent persistent links.
pgsql.allow_persistent = On
; Detect broken persistent links always with pg_pconnect().
; Auto reset feature requires a little overheads.
pgsql.auto_reset_persistent = Off
; Maximum number of persistent links. -1 means no limit.
pgsql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
pgsql.max_links = -1
; Ignore PostgreSQL backends Notice message or not.
; Notice message logging require a little overheads.
pgsql.ignore_notice = 0
; Log PostgreSQL backends Noitce message or not.
; Unless pgsql.ignore_notice=0, module cannot log notice message.
pgsql.log_notice = 0
[Sybase]
; Allow or prevent persistent links.
sybase.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybase.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
sybase.max_links = -1
;sybase.interface_file = "/usr/sybase/interfaces"
; Minimum error severity to display.
sybase.min_error_severity = 10
; Minimum message severity to display.
sybase.min_message_severity = 10
; Compatibility mode with old versions of PHP 3.0.
; If on, this will cause PHP to automatically assign types to results according
; to their Sybase type, instead of treating them all as strings. This
; compatibility mode will probably not stay around forever, so try applying
; whatever necessary changes to your code, and turn it off.
sybase.compatability_mode = Off
[Sybase-CT]
; Allow or prevent persistent links.
sybct.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
sybct.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
sybct.max_links = -1
; Minimum server message severity to display.
sybct.min_server_severity = 10
; Minimum client message severity to display.
sybct.min_client_severity = 10
[bcmath]
; Number of decimal digits for all bcmath functions.
bcmath.scale = 0
[browscap]
;browscap = extra/browscap.ini
[Informix]
; Default host for ifx_connect() (doesn't apply in safe mode).
ifx.default_host =
; Default user for ifx_connect() (doesn't apply in safe mode).
ifx.default_user =
; Default password for ifx_connect() (doesn't apply in safe mode).
ifx.default_password =
; Allow or prevent persistent links.
ifx.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
ifx.max_persistent = -1
; Maximum number of links (persistent + non-persistent). -1 means no limit.
ifx.max_links = -1
; If on, select statements return the contents of a text blob instead of its id.
ifx.textasvarchar = 0
; If on, select statements return the contents of a byte blob instead of its id.
ifx.byteasvarchar = 0
; Trailing blanks are stripped from fixed-length char columns. May help the
; life of Informix SE users.
ifx.charasvarchar = 0
; If on, the contents of text and byte blobs are dumped to a file instead of
; keeping them in memory.
ifx.blobinfile = 0
; NULL's are returned as empty strings, unless this is set to 1. In that case,
; NULL's are returned as string 'NULL'.
ifx.nullformat = 0
[Session]
; Handler used to store/retrieve data.
session.save_handler = files
; Argument passed to save_handler. In the case of files, this is the path
; where data files are stored.
; As of PHP 4.0.1, you can define the path as:
; session.save_path = "N;/path"
; where N is an integer. Instead of storing all the session files in
; /path, what this will do is use subdirectories N-levels deep, and
; store the session data in those directories. This is useful if you
; or your OS have problems with lots of files in one directory, and is
; a more efficient layout for servers that handle lots of sessions.
; NOTE 1: PHP will not create this directory structure automatically.
; You can use the script in the ext/session dir for that purpose.
; NOTE 2: See the section on garbage collection below if you choose to
; use subdirectories for session storage
; The file storage module creates files using mode 600 by default.
; You can change that by using
; session.save_path = "N;MODE;/path"
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
session.save_path = "/www/sessions"
; Whether to use cookies.
session.use_cookies = 1
;session.cookie_secure =
; This option enables administrators to make their users invulnerable to
; attacks which involve passing session ids in URLs; defaults to 0.
session.use_only_cookies = 1
; Name of the session (used as cookie name).
session.name = ServerSessionIdentifier
; Initialize session on request startup.
session.auto_start = 0
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
; The path for which the cookie is valid.
session.cookie_path = /
; The domain for which the cookie is valid.
session.cookie_domain =
; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
session.cookie_httponly = 1
; Handler used to serialize data. php is the standard serializer of PHP.
session.serialize_handler = php
; Define the probability that the 'garbage collection' process is started
; on every session initialization.
; The probability is calculated by using gc_probability/gc_divisor,
; e.g. 1/100 means there is a 1% chance that the GC process starts
; on each request.
session.gc_probability = 1
session.gc_divisor = 30
; After this number of seconds, stored data will be seen as 'garbage' and
; cleaned up by the garbage collection process.
session.gc_maxlifetime = 3600
; NOTE: If you are using the subdirectory option for storing session files
; (see session.save_path above), then garbage collection does *not*
; happen automatically. You will need to do your own garbage
; collection through a shell script, cron entry, or some other method.
; For example, the following script would is the equivalent of
; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
; cd /path/to/sessions; find -cmin +24 | xargs rm
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning separately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 0
session.bug_compat_warn = 1
; Check HTTP Referer to invalidate externally stored URLs containing ids.
; HTTP_REFERER has to contain this substring for the session to be
; considered as valid.
session.referer_check =
; How many bytes to read from the file.
session.entropy_length = 0
; Specified here to create the session id.
session.entropy_file =
;session.entropy_length = 16
;session.entropy_file = /dev/urandom
; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
session.cache_limiter = none
; Document expires after n minutes.
session.cache_expire = 0
; trans sid support is disabled by default.
; Use of trans sid may risk your users security.
; Use this option with caution.
; - User may send URL contains active session ID
; to other person via. email/irc/etc.
; - URL that contains active session ID may be stored
; in publically accessible computer.
; - User may access your site with the same session ID
; always using URL stored in browser's history or bookmarks.
session.use_trans_sid = 0
; Select a hash function
; 0: MD5 (128 bits)
; 1: SHA-1 (160 bits)
session.hash_function = 1
; Define how many bits are stored in each character when converting
; the binary hash data to something readable.
; 4 bits: 0-9, a-f
; 5 bits: 0-9, a-v
; 6 bits: 0-9, a-z, A-Z, "-", ","
session.hash_bits_per_character = 6
; The URL rewriter will look for URLs in a defined set of HTML tags.
; form/fieldset are special; if you include them here, the rewriter will
; add a hidden <input> field with the info which is otherwise appended
; to URLs. If you want XHTML conformity, remove the form entry.
; Note that all valid entries require a "=", even if no value follows.
;url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
[MSSQL]
; Allow or prevent persistent links.
mssql.allow_persistent = On
; Maximum number of persistent links. -1 means no limit.
mssql.max_persistent = -1
; Maximum number of links (persistent+non persistent). -1 means no limit.
mssql.max_links = -1
; Minimum error severity to display.
mssql.min_error_severity = 10
; Minimum message severity to display.
mssql.min_message_severity = 10
; Compatibility mode with old versions of PHP 3.0.
mssql.compatability_mode = Off
; Connect timeout
;mssql.connect_timeout = 5
; Query timeout
;mssql.timeout = 60
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textlimit = 4096
; Valid range 0 - 2147483647. Default = 4096.
;mssql.textsize = 4096
; Limits the number of records in each batch. 0 = all records in one batch.
;mssql.batchsize = 0
; Specify how datetime and datetim4 columns are returned
; On => Returns data converted to SQL server settings
; Off => Returns values as YYYY-MM-DD hh:mm:ss
;mssql.datetimeconvert = On
; Use NT authentication when connecting to the server
mssql.secure_connection = Off
; Specify max number of processes. -1 = library default
; msdlib defaults to 25
; FreeTDS defaults to 4096
;mssql.max_procs = -1
; Specify client character set.
; If empty or not set the client charset from freetds.comf is used
; This is only used when compiled with FreeTDS
;mssql.charset = "ISO-8859-1"
[Assertion]
; Assert(expr); active by default.
;assert.active = On
; Issue a PHP warning for each failed assertion.
;assert.warning = On
; Don't bail out by default.
;assert.bail = Off
; User-function to be called if an assertion fails.
;assert.callback = 0
; Eval the expression with current error_reporting(). Set to true if you want
; error_reporting(0) around the eval().
;assert.quiet_eval = 0
[COM]
; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
;com.typelib_file =
; allow Distributed-COM calls
;com.allow_dcom = true
; autoregister constants of a components typlib on com_load()
;com.autoregister_typelib = true
; register constants casesensitive
;com.autoregister_casesensitive = false
; show warnings on duplicate constant registrations
;com.autoregister_verbose = true
[mbstring]
; language for internal character representation.
;mbstring.language = Japanese
; internal/script encoding.
; Some encoding cannot work as internal encoding.
; (e.g. SJIS, BIG5, ISO-2022-*)
;mbstring.internal_encoding = EUC-JP
; http input encoding.
;mbstring.http_input = auto
; http output encoding. mb_output_handler must be
; registered as output buffer to function
;mbstring.http_output = SJIS
; enable automatic encoding translation according to
; mbstring.internal_encoding setting. Input chars are
; converted to internal encoding by setting this to On.
; Note: Do _not_ use automatic encoding translation for
; portable libs/applications.
;mbstring.encoding_translation = Off
; automatic encoding detection order.
; auto means
;mbstring.detect_order = auto
; substitute_character used when character cannot be converted
; one from another
;mbstring.substitute_character = none;
; overload(replace) single byte functions by mbstring functions.
; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
; etc. Possible values are 0,1,2,4 or combination of them.
; For example, 7 for overload everything.
; 0: No overload
; 1: Overload mail() function
; 2: Overload str*() functions
; 4: Overload ereg*() functions
;mbstring.func_overload = 0
; enable strict encoding detection.
;mbstring.strict_encoding = Off
[FrontBase]
;fbsql.allow_persistent = On
;fbsql.autocommit = On
;fbsql.show_timestamp_decimals = Off
;fbsql.default_database =
;fbsql.default_database_password =
;fbsql.default_host =
;fbsql.default_password =
;fbsql.default_user = "_SYSTEM"
;fbsql.generate_warnings = Off
;fbsql.max_connections = 128
;fbsql.max_links = 128
;fbsql.max_persistent = -1
;fbsql.max_results = 128
[gd]
; Tell the jpeg decode to libjpeg warnings and try to create
; a gd image. The warning will then be displayed as notices
; disabled by default
;gd.jpeg_ignore_warning = 0
[exif]
; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
; With mbstring support this will automatically be converted into the encoding
; given by corresponding encode setting. When empty mbstring.internal_encoding
; is used. For the decode settings you can distinguish between motorola and
; intel byte order. A decode setting cannot be empty.
;exif.encode_unicode = ISO-8859-15
;exif.decode_unicode_motorola = UCS-2BE
;exif.decode_unicode_intel = UCS-2LE
;exif.encode_jis =
;exif.decode_jis_motorola = JIS
;exif.decode_jis_intel = JIS
[Tidy]
; The path to a default tidy configuration file to use when using tidy
;tidy.default_config = /usr/local/lib/php/default.tcfg
; Should tidy clean and repair output automatically?
; WARNING: Do not use this option if you are generating non-html content
; such as dynamic images
tidy.clean_output = Off
[soap]
; Enables or disables WSDL caching feature.
soap.wsdl_cache_enabled=1
; Sets the directory name where SOAP extension will put cache files.
soap.wsdl_cache_dir="/tmp"
; (time to live) Sets the number of second while cached file will be used
; instead of original one.
soap.wsdl_cache_ttl=86400
; available extensions
;extension=bcmath.so
;extension=bz2.so
;extension=calendar.so
;extension=curl.so
;extension=dba.so
;extension=dbase.so
;extension=exif.so
;extension=ftp.so
extension=gd.so
extension=gettext.so
;extension=iconv.so
;extension=imap.so
;extension=json.so
;extension=ldap.so
extension=mcrypt.so
;extension=mime_magic.so
extension=mysql.so
;extension=mysqli.so
;extension=ncurses.so
;extension=odbc.so
extension=openssl.so
extension=pdo.so
extension=pdo_mysql.so
;extension=pdo_odbc.so
;extension=pdo_pgsql.so
;extension=pdo_sqlite.so
;extension=pgsql.so
;extension=posix.so
;extension=pspell.so
extension=session.so
;extension=shmop.so
;extension=snmp.so
;extension=soap.so
extension=sockets.so
;extension=sqlite.so
;extension=sysvmsg.so
;extension=sysvsem.so
;extension=sysvshm.so
;extension=tidy.so
;extension=xmlrpc.so
;extension=xsl.so
;extension=zip.so
extension=zlib.so
; Local Variables:
; tab-width: 4
; End:
Some more info:
[root@Taurine etc]# php-cgi -m
[PHP Modules]
cgi-fcgi
Core
ctype
date
dom
ereg
fileinfo
filter
gettext
hash
libxml
mbstring
mysql
mysqlnd
openssl
pcre
PDO
pdo_mysql
Reflection
session
SimpleXML
sockets
SPL
standard
tokenizer
xml
xmlreader
xmlwriter
zlib
[Zend Modules]
[root@Taurine etc]# php-cgi -v
PHP 5.3.0 with Suhosin-Patch (cgi-fcgi) (built: Sep 16 2009 13:55:34)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2009 Zend Technologies
[root@Taurine etc]# cd /usr/lib/php/modules/
[root@Taurine modules]# ls -alh
totalt 3,2M
drwxr-xr-x 2 root root 4,0K 16 sep 13.57 .
drwxr-xr-x 4 root root 4,0K 16 sep 13.57 ..
-rwxr-xr-x 1 root root 27K 16 sep 13.57 bcmath.so
-rwxr-xr-x 1 root root 21K 16 sep 13.57 bz2.so
-rwxr-xr-x 1 root root 25K 16 sep 13.57 calendar.so
-rwxr-xr-x 1 root root 51K 16 sep 13.57 dba.so
-rwxr-xr-x 1 root root 52K 16 sep 13.57 exif.so
-rwxr-xr-x 1 root root 46K 16 sep 13.57 ftp.so
-rwxr-xr-x 1 root root 11K 16 sep 13.57 gettext.so
-rwxr-xr-x 1 root root 37K 16 sep 13.57 iconv.so
-rwxr-xr-x 1 root root 1,2M 16 sep 13.57 imap.so
-rwxr-xr-x 1 root root 35K 16 sep 13.57 json.so
-rwxr-xr-x 1 root root 43K 16 sep 13.57 mysql.so
-rwxr-xr-x 1 root root 109K 16 sep 13.57 mysqli.so
-rwxr-xr-x 1 root root 110K 16 sep 13.57 openssl.so
-rwxr-xr-x 1 root root 98K 16 sep 13.57 pdo.so
-rwxr-xr-x 1 root root 24K 16 sep 13.57 pdo_mysql.so
-rwxr-xr-x 1 root root 286K 16 sep 13.57 phar.so
-rwxr-xr-x 1 root root 26K 16 sep 13.57 posix.so
-rwxr-xr-x 1 root root 9,8K 16 sep 13.57 shmop.so
-rwxr-xr-x 1 root root 356K 16 sep 13.57 soap.so
-rwxr-xr-x 1 root root 46K 16 sep 13.57 sockets.so
-rwxr-xr-x 1 root root 355K 16 sep 13.57 sqlite.so
-rwxr-xr-x 1 root root 15K 16 sep 13.57 sysvmsg.so
-rwxr-xr-x 1 root root 8,3K 16 sep 13.57 sysvsem.so
-rwxr-xr-x 1 root root 11K 16 sep 13.57 sysvshm.so
-rwxr-xr-x 1 root root 79K 16 sep 13.57 xmlrpc.so
-rwxr-xr-x 1 root root 79K 16 sep 13.57 zip.so
Last edited by nullvoid (2009-09-22 17:39:47) -
AIR-LAP1242G-E-K9 do not work with AIR-CT5508-K9 while AIR-LAP1142N-E-K9 do
Hello,
we do have a site where we need to deploy AIR-LAP1142N-E-K9 and AIR-LAP1242G-E-K9 APs. We have two AIR-CT5508-K9 controllers with SW version 6.0.188.0.
AIR-LAP1142N-E-K9s work okay, as expected, we do not have any problems with them.
However AIR-LAP1242G-E-K9s do not, there is a problem with establishing CAPWAP tunnel with the controller.The AP is seen on the controller for a while, with 0 time up-time, cannot change any settings on the AP via controller, and after a while it disapears from the controller, apears again and this repeats.
The APs and controllers are connected to the LAN campus.
Controllers via two 1G links configured as Etherchannel to WS-C6506-E VSS switch with s72033-ipservicesk9_wan-vz.122-33.SXI1.bin on it.
APs to WS-C3750G-48PS with c3750-ipbasek9-mz.122-50.SE2.bin on it. 3750 is connected to the C6505 via two 1G links configured as Etherchannel.
Below I copied the log I captured on 1242 and the controller. Highlighted ones are the ones which I think might bring a clue.
I performed some troubleshooting steps.
- As we have some other controllers available over WAN, I tested the 1242 AP with 2100, 4400 and also with the same model AIR-CT5508-K9 with SW version 6.0.188.0 over WAN and this worked always okay.
- I wanted to be sure that I eliminate any kind of out of sequence packet issue, so I brought down all redundancy L2 links so that the L2 path from the AP to the controller was only through one leg links.
- I also brought the second controller down to eliminate potential issue with having two of them up.
- The AP gets its IP from DHCP configured on the C6506 switch, I am always able to ssh to AP, so the IP connectivity does not seem to be an issue.
- I have more 1242s, all behave in the same way. I also connected them to some other 3750 switches we have in the campus, always the same.
- As this seems to be maybe a kind of ssl issue, I tried to play with controller settings, like enabling Accept... options under Security/AP Policy,but this did not help.
- I also tried to reboot the controller, no improvement.
- The APs came from the factory, so in the beginning everything was factory default in them. They were always able to download the image from the controller in the very initial phase. I still do have some of them untouched, so I can perform any troubleshooting steps with the fresh one.
I can reproduce this, can also send debugging logs if needed.
Any idea on what could be wrong is highly appreciated.
Thank you.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
This Discussion has been converted into document:- https://supportforums.cisco.com/docs/DOC-23054
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
AIR-LAP1242G-E-K9 10.0.13.28 log
*Mar 1 00:00:05.922: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:07.536: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot1 1Radio 0
*Mar 1 00:00:07.672: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 304 messages)
*Mar 1 00:00:09.809: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar 1 00:00:09.874: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(21a)JA2, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 02-Nov-09 18:42 by prod_rel_team
*Mar 1 00:00:09.874: %SNMP-5-COLDSTART: SNMP agent on host wuen4028 is undergoing a cold start
*Mar 1 00:00:09.964: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:00:09.967: bsnInitRcbSlot: slot 1 has NO radio
*Mar 1 00:00:10.191: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:00:10.191: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:00:10.430: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:00:10.818: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
*Mar 1 00:00:11.212: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:00:18.315: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.0.13.28, mask 2 55.255.255.0, hostname wuen4028
*Mar 1 00:00:28.988: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:00:31.456: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:00:31.495: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:00:32.457: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:00:32.457: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
*Mar 1 00:00:38.810: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:00:47.811: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 1 00:00:56.812: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-LWAPP-CONTROLLER
*Mar 1 00:01:07.815: %CAPWAP-3-ERRORLOG: Selected MWAR 'wuen4001'(index 0).
*Mar 1 00:01:07.815: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Feb 11 07:52:24.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.13.5 peer_port: 5246
*Feb 11 07:52:24.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Feb 11 07:52:25.441: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.13.5 peer_port: 5246
*Feb 11 07:52:25.443: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.13.5
*Feb 11 07:52:25.443: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Feb 11 07:52:25.445: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message from 10.0.13.5
*Feb 11 07:52:25.445: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
*Feb 11 07:52:25.445: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Feb 11 07:52:25.445: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.0.13.5
*Feb 11 07:52:30.441: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.13.5
*Feb 11 07:52:30.442: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message from 10.0.13.5
*Feb 11 07:52:30.443: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
*Feb 11 07:52:30.443: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Feb 11 07:52:30.443: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.0.13.5
*Feb 11 07:52:47.644: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Feb 11 07:53:23.999: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 10.0.13.5:5246
*Feb 11 07:53:24.000: %CAPWAP-3-ERRORLOG: Selected MWAR 'wuen4001'(index 0).
*Feb 11 07:53:24.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Feb 11 07:52:24.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.13.5 peer_port: 5246
*Feb 11 07:52:24.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Feb 11 07:52:24.001: %DTLS-5-PEER_DISCONNECT: Peer 10.0.13.5 has closed connection.
*Feb 11 07:52:24.001: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 10.0.13.5:5246
*Feb 11 07:52:24.002: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.
*Feb 11 07:52:24.123: %CAPWAP-3-ERRORLOG: Dropping dtls packet since session is not established.
wuen4028#
AIR-CT5508-K9 10.0.13.5 log
*Feb 11 09:00:54.824: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to c
omplete DTLS handshake with peer 10.0.13.28
*Feb 11 08:59:53.798: %DOT1X-3-MAX_EA
P_RETRIES: 1x_auth_pae.c:2862 Max EAP identity request retries (3) exceeded for
client 00:1f:3b:93:dd:4f
*Feb 11 08:59:51.197: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:c0:a8:e1:b1:71
--More-- or (q)uit
*Feb 11 08:59:21.212: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:292 RRM LOG: Airewave Di
rector: Could not find valid channel lists for 802.11bg
*Feb 11 08:58:39.766: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to c
omplete DTLS handshake with peer 10.0.13.28
*Feb 11 08:57:06.131: %RRM-3-RRM_LOGM
SG: rrmChanUtils.c:292 RRM LOG: Airewave Director: Could not find valid channel
lists for 802.11bg
*Feb 11 08:56:24.504: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to c
omplete DTLS handshake with peer 10.0.13.28
*Feb 11 08:55:09.693: %DOT1X-3-MAX_EA
P_RETRIES: 1x_auth_pae.c:2862 Max EAP identity request retries (3) exceeded for
client 00:1f:3b:93:dd:4f
*Feb 11 08:54:51.040: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:292 RRM LOG: Airewave Di
rector: Could not find valid channel lists for 802.11bg
*Feb 11 08:53:56.493: %DOT1X-3-MAX_EAP_RETRANS: 1x_ptsm.c:426 Max EAP retransmis
sions exceeded for client 00:1f:3b:93:dd:4f
*Feb 11 08:53:34.497: %DTL-3-OSARP_DEL_FAILED: dtl_arp.c:1380 Unable to delete a
n ARP entry for 10.0.13.28 from the operating system. ioctl operation failed
*Feb 11 08:52:35.936: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:292 RRM LOG: Airewave Di
rector: Could not find valid channel lists for 802.11bg
*Feb 11 08:52:26.492: %DOT1X-3-MAX_EAP_RETRANS: 1x_ptsm.c:426 Max EAP retransmis
sions exceeded for client 00:1f:3b:93:dd:4f
*Feb 11 08:50:07.680: %DOT1X-3-MAX_EAP_RETRANS: 1x_ptsm.c:426 Max EAP retransmis
sions exceeded for client 00:1f:3b:93:e6:57
*Feb 11 08:48:37.458: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:1f:3b:93:e6:57
*Feb 11 08:47:37.438: %DOT1X-3-MAX_EAP_RETRANS: 1x_ptsm.c:426 Max EAP retransmis
sions exceeded for client 00:1f:3b:93:e6:57
*Feb 11 08:47:34.438: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:16:44:1d:0f:53
*Feb 11 08:46:32.422: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-ke
y M3 retransmissions exceeded for client 00:16:44:1d:0f:53
*Feb 11 08:46:06.790: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:1f:3b:95:61:bd
*Feb 11 08:46:06.789: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447 Authentication abor
ted for client 00:1f:3b:95:61:bd
*Feb 11 08:46:06.210: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:1f:3b:93:e6:57
*Feb 11 08:45:34.304: %DOT1X-3-MAX_EAP_RETRIES: 1x_auth_pae.c:2862 Max EAP ident
ity request retries (3) exceeded for client 00:1f:3b:95:61:bd
*Feb 11 08:45:34.303: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447 Authentication abor
ted for client 00:1f:3b:95:61:bd
*Feb 11 08:45:01.298: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:292 RRM LOG: Airewave Di
rector: Could not find valid channel lists for 802.11bg
*Feb 11 08:44:38.076: %SIM-3-PORT_UP: sim.c:9547 Physical port 2 is up!.
*Feb 11 08:44:38.037: %SIM-3-PORT_UP: sim.c:9547 Physical port 1 is up!.
--More-- or (q)uit
*Feb 11 08:44:38.009: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'cliWebInitParms.cfg'
*Feb 11 08:44:37.980: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'rrcEngineInitParms.cfg'
*Feb 11 08:44:37.980: %CNFGR-3-INV_COMP_ID: cnfgr.c:2105 Invalid Component Id :
Unrecognized (81) in cfgConfiguratorInit.
*Feb 11 08:44:37.928: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'rfidInitParms.cfg'
*Feb 11 08:44:37.915: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'dhcpParms.cfg'
*Feb 11 08:44:37.903: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'bcastInitParms.cfg'
*Feb 11 08:44:37.834: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'rrmInitParms.cfg'
*Feb 11 08:44:27.331: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'apfInitParms.cfg'
*Feb 11 08:44:27.226: %MM-3-MEMBER_ADD_FAILED: mm_dir.c:903 Could not add Mobili
ty Member. Reason: IP already assigned, Member-Count:1,MAC: 00:00:00:00:00:00, I
P: 0.0.0.0
*Feb 11 08:44:27.023: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'mmInitParms.cfg'
*Feb 11 08:44:27.013: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'aaaapiInitParms.cfg'
*Feb 11 08:44:27.011: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'pemInitParms.cfg'
*Feb 11 08:44:26.898: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'dot1xInitParms.cfg'
*Feb 11 08:44:26.868: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'capwapInitParms.cfg'
*Feb 11 08:44:26.718: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'spamInitParms.cfg'
*Feb 11 08:44:25.650: %SSHPM-3-FREAD_FAILED: sshpmlscscep.c:1395 Error reading f
ile /mnt/application/lscca_pem.crt
*Feb 11 08:44:06.435: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read con
figuration file 'sshpmInitParms.cfg'Thanks for such quick response and suggestions.
Yes, I seem not to to be 100% perfect as for the list of troubleshooting steps I took.
I had already tried the two commands you mentioned. I tried again, this time with some other 1242, but these do not help.
Yes, I was already thinking that this could be in theory a licensing issue. The controller is bougth with 25 licenses.
In the beginnign I had one 1142 on it and tried to enable 1242s which did not work. Now I have five 1142s on it, as this worked okay, I guess it could not be a licensing issue.
I think that I can see in the log files that the machines communicate to each other, L2 or L3 paths seem to be working okay. I forgot to mention that I am using option 43 on the DHCP server, so the AP clearly finds its way to the controller. What's more both APs and the controllers are in the same VLAN, so they are in the same broadcast domain.
Below is sho ver from the AP. The AP seems to have Certificate type - manufacture installed, so I guess there should not be a problem with the certificate, especially knowing that the AP works with other controllers over WAN.
My guess these messages seen on AP especially "Invalid event 38 & state 3 combination" might tell us what's wrong.
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin:0cm;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
*Feb 11 07:52:24.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Feb 11 07:52:24.001: %DTLS-5-PEER_DISCONNECT: Peer 10.0.13.5 has closed connection.
*Feb 11 07:52:24.001: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 10.0.13.5:5246
*Feb 11 07:52:24.002: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.
*Feb 11 07:52:24.123: %CAPWAP-3-ERRORLOG: Dropping dtls packet since session is not established.
Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(21a)JA2, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Mon 02-Nov-09 18:42 by prod_rel_team
ROM: Bootstrap program is C1240 boot loader
BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.4(13d)JA, RELEASE SOFTWARE (fc2)
AP9caf.ca00.1c78 uptime is 17 minutes
System returned to ROM by power-on
System image file is "flash:/c1240-k9w8-mx.124-21a.JA2/c1240-k9w8-mx.124-21a.JA2"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-LAP1242G-E-K9 (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
Processor board ID FCZ135082GH
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from power-on
LWAPP image version 6.0.188.0
1 FastEthernet interface
1 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 9C:AF:CA:00:1C:78
Part Number : 73-11479-01
PCA Assembly Number : 800-30493-01
PCA Revision Number : A0
PCB Serial Number : FOC13484GYY
Top Assembly Part Number : 800-29589-03
Top Assembly Serial Number : FCZ135082GH
Top Revision Number : A0
Product/Model Number : AIR-LAP1242G-E-K9
Configuration register is 0xF
AP9caf.ca00.1c78# -
Jail in vsftpd 2.3.4-2 do not work properly... no idea why
I have used the chroot_local_user=YES option in the vsftpd conf... (I have restarted it)
But then I tried in filezilla accessing with a regular user, and its not jailed at all, I can see everything in the server... any idea?
vsftpd 2.3.4-2
here the current conf:
# Example config file /etc/vsftpd.conf
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# Uncomment this to allow local users to log in.
local_enable=YES
# Uncomment this to enable any form of FTP write command.
write_enable=YES
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
# Activate logging of uploads/downloads.
xferlog_enable=YES
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#xferlog_std_format=YES
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_local_user=YES
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
ssl_enable=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
rsa_private_key_file=/etc/ssl/certs/vsftpd.pemYup, well, I did not read the man page yet... just read the arch wiki page...
I thought that using just chroot_local_user=YES I will not need to use that file, as it uses the system users...
Do not work that way?
/me runs man vsftpd... then man vsftpd.conf
Last edited by luuuciano (2011-12-02 14:57:00) -
Quicktime causes buffer overrun and does not work
I just tried to update to Quicktime 7 (7.0.4). It installs fine.
When I visit the movie trailers page on Apple.com
I try to play a clip and I get an error message that says buffer overun (trying to play keynote address in wuicktime application)
or an error message that says plugin performed an illegal operation and then it crashes my firefox browser.
It seems there are a lot of bugs with quicktime 7, I have tried standalone downloads of 7.0.3 and 7.0.2, they don't work either.
I have tried installing in safe mode and the installler will not work. what next?
do I actually have to reinstall windows to get it to work or do i have to go through the hassle of manually attempting to clear all of the clutter off of the hard drive and tinker with registry settings and try again?
Is there an explanation from APPLE to rectify these problems or will I just have to give up using your product?
Is there going to be a fix or is apple not supporting quicktime for windows anymore?
Too bad version 6 was messed with. It worked perfectly.I'm having the exact same problem, since the upgrade this week.
iTunes does an immediate shutdown when it’s clicked. No errors are reported.
I automatically thought of Quicktime and when I clicked on it, I get a immediate shutdown as-well, but in Quicktime’s case I get an error window that states “Buffer Overflow error”.
I’ve tried to uninstall Quicktime from the Add/Remove programs in the Control panel. It flashes, does not report any errors and appears to be removing the program (Quicktime). But, when all is finished Quicktime remains in the Add/Remove programs list and it has not been removed.
Just to see what would happen, I installed Quicktime all by itself, and then tried to removed it VIA Control Panel. Same experiences (Quicktime remains in the Add/Remove programs list and it has not been removed).
I’ve removed iTunes a couple of times and tried to re-install (using defaults). Same problem exists (i.e. ‘Buffer Overflow error’).
I reinstall DirectX. Same problem exists (i.e. ‘Buffer Overflow error’).
Can Quicktime be removed manually? (i.e. delete files\directories, and Registry edits)?
Or is this just a nightmare to perform?
Does anyone have any other thoughts I can try?
AMD 3300+ Windows XP 512mb memory, CD writer, SATA and IDE HD's, On board Mobo video (S3). -
I am running a small network on a MacPro running OS X server 10.5.4 with 2 mac clients and 2 windows clients. The OS X server was installed by an apple specialist but it is still not working properly and I find it hard to believe that it is a bug is the software as it seems to be a fundamental problem which most people would have encountered.
Each user has their home directories stored on a separate drive on the server and iCal server is running. However, when a Mac client logs into the network they iCal does not work properly. It either will not show any calendars or if it does then a new event cannot be entered.
Below is an extract from the client message log from rebooting the machine. The first problems with iCal seem to occur at 1:20:48:
9/5/08 1:19:34 PM kernel npvhash=4095
9/5/08 1:19:30 PM com.apple.launchctl.System[2] fsck_hfs: Volume is journaled. No checking performed.
9/5/08 1:19:30 PM com.apple.launchctl.System[2] fsck_hfs: Use the -f option to force checking.
9/5/08 1:19:33 PM com.apple.launchctl.System[2] launchctl: Please convert the following to launchd: /etc/mach_init.d/dashboardadvisoryd.plist
9/5/08 1:19:33 PM com.apple.launchd[1] (org.cups.cupsd) Unknown key: SHAuthorizationRight
9/5/08 1:19:33 PM com.apple.launchd[1] (org.ntp.ntpd) Unknown key: SHAuthorizationRight
9/5/08 1:19:34 PM DirectoryService[11] Launched version 5.4 (v514.21)
9/5/08 1:19:35 PM kernel hi mem tramps at 0xffe00000
9/5/08 1:19:34 PM DirectoryService[11] Improper shutdown detected
9/5/08 1:19:35 PM kernel PAE enabled
9/5/08 1:19:34 PM kextd[10] 404 cached, 0 uncached personalities to catalog
9/5/08 1:19:35 PM kernel 64 bit mode enabled
9/5/08 1:19:35 PM kernel Darwin Kernel Version 9.4.0: Mon Jun 9 19:30:53 PDT 2008; root:xnu-1228.5.20~1/RELEASE_I386
9/5/08 1:19:35 PM kernel standard timeslicing quantum is 10000 us
9/5/08 1:19:35 PM kernel vmpagebootstrap: 508582 free pages and 15706 wired pages
9/5/08 1:19:35 PM kernel migtable_maxdispl = 79
9/5/08 1:19:35 PM kernel 91 prelinked modules
9/5/08 1:19:35 PM kernel AppleACPICPU: ProcessorApicId=0 LocalApicId=0 Enabled
9/5/08 1:19:35 PM kernel AppleACPICPU: ProcessorApicId=1 LocalApicId=1 Enabled
9/5/08 1:19:35 PM kernel Loading security extension com.apple.security.TMSafetyNet
9/5/08 1:19:35 PM kernel calling mpopolicyinit for TMSafetyNet
9/5/08 1:19:35 PM kernel Security policy loaded: Safety net for Time Machine (TMSafetyNet)
9/5/08 1:19:35 PM kernel Loading security extension com.apple.nke.applicationfirewall
9/5/08 1:19:35 PM kernel Loading security extension com.apple.security.seatbelt
9/5/08 1:19:35 PM kernel calling mpopolicyinit for mb
9/5/08 1:19:35 PM kernel Seatbelt MACF policy initialized
9/5/08 1:19:35 PM kernel Security policy loaded: Seatbelt Policy (mb)
9/5/08 1:19:35 PM kernel Copyright (c) 1982, 1986, 1989, 1991, 1993
9/5/08 1:19:35 PM kernel The Regents of the University of California. All rights reserved.
9/5/08 1:19:35 PM kernel MAC Framework successfully initialized
9/5/08 1:19:35 PM kernel using 10485 buffer headers and 4096 cluster IO buffer headers
9/5/08 1:19:35 PM kernel devfsmakenode: not ready for devices!
9/5/08 1:19:35 PM kernel IOAPIC: Version 0x20 Vectors 64:87
9/5/08 1:19:35 PM kernel ACPI: System State [S0 S3 S4 S5] (S3)
9/5/08 1:19:35 PM kernel mbinit: done
9/5/08 1:19:35 PM kernel Security auditing service present
9/5/08 1:19:35 PM kernel BSM auditing present
9/5/08 1:19:35 PM kernel rooting via boot-uuid from /chosen: 033560DC-0859-35E9-B64E-FE25488D5DD8
9/5/08 1:19:35 PM kernel Waiting on <dict ID="0"><key>IOProviderClass</key><string ID="1">IOResources</string><key>IOResourceMatch</key><string ID="2">boot-uuid-media</string></dict>
9/5/08 1:19:35 PM kernel AppleYukon2: 532111ab,00000000 sk98osx_dnet - CheckDictionaryEntry failed, expected vs. dictionary
9/5/08 1:19:35 PM kernel FireWire (OHCI) Lucent ID 5811 built-in now active, GUID 001e52fffe510454; max speed s400.
9/5/08 1:19:35 PM kernel CSRHIDTransitionDriver::start []
9/5/08 1:19:35 PM kernel Got boot device = IOService:/AppleACPIPlatformExpert/PCI0@0/AppleACPIPCI/SATA@1F,2/AppleAHCI/PRT2 @2/IOAHCIDevice@0/AppleAHCIDiskDriver/IOAHCIBlockStorageDevice/IOBlockStorageDri ver/Hitachi HTS541612J9SA00 Media/IOGUIDPartitionScheme/Customer@2
9/5/08 1:19:35 PM kernel BSD root: disk0s2, major 14, minor 2
9/5/08 1:19:35 PM kernel jnl: unknown-dev: replay_journal: from: 13329408 to: 15447040 (joffset 0x11f02000)
9/5/08 1:19:35 PM kernel CSRHIDTransitionDriver::switchToHCIMode legacy
9/5/08 1:19:35 PM kernel jnl: unknown-dev: journal replay done.
9/5/08 1:19:35 PM kernel HFS: Removed 5 orphaned unlinked files or directories
9/5/08 1:19:35 PM kernel Jettisoning kernel linker.
9/5/08 1:19:35 PM kernel Resetting IOCatalogue.
9/5/08 1:19:35 PM kernel GFX0: family specific matching fails
9/5/08 1:19:35 PM kernel display: family specific matching fails
9/5/08 1:19:35 PM kernel Matching service count = 1
9/5/08 1:19:35 PM kernel Matching service count = 3
9/5/08 1:19:35 PM kernel Matching service count = 3
9/5/08 1:19:35 PM kernel Matching service count = 3
9/5/08 1:19:35 PM kernel Matching service count = 3
9/5/08 1:19:35 PM kernel Matching service count = 3
9/5/08 1:19:35 PM kernel display: family specific matching fails
9/5/08 1:19:35 PM kernel Previous Shutdown Cause: 0
9/5/08 1:19:35 PM kernel GFX0: family specific matching fails
9/5/08 1:19:35 PM kernel ath_attach: devid 0x1c
9/5/08 1:19:35 PM kernel yukon: Ethernet address 00:16:cb:ad:ea:bb
9/5/08 1:19:36 PM kernel mac 10.3 phy 6.1 radio 10.2
9/5/08 1:19:36 PM kernel USBF: 11.740 AppleUSBHubPort: Port 1 of Hub at 0x7d000000 about to terminate a busy device (IOUSBCompositeDevice) after waiting 10 seconds
9/5/08 1:19:36 PM kernel USBF: 12. 41 CSRHIDTransitionDriver[0x3dcb680](IOUSBCompositeDevice) GetFullConfigDescriptor(0) returned NULL
9/5/08 1:19:36 PM kernel CSRHIDTransitionDriver... done
9/5/08 1:19:37 PM mDNSResponder mDNSResponder-171.4 (Apr 20 2008 11:59:52)[16] starting
9/5/08 1:19:38 PM configd[14] Error: No interface name for AirPort_Athr5424ab
9/5/08 1:19:38 PM configd[14] Error: ioPublishedDriverCallback() failed to initDeviceFromService()
9/5/08 1:19:38 PM fseventsd[38] event logs in /.fseventsd out of sync with volume. destroying old logs. (215919 13 231722)
9/5/08 1:19:38 PM fseventsd[38] log dir: /.fseventsd getting new uuid: 01610E3D-7144-4D13-84C5-AD0B5AA2A76F
9/5/08 1:19:44 PM rpc.statd[29] statd.notify - no notifications needed
9/5/08 1:19:45 PM bootlog[45] BOOT_TIME: 1220617164 0
9/5/08 1:19:46 PM kextd[10] writing kernel link data to /var/run/mach.sym
9/5/08 1:19:47 PM VMware Fusion 72241[58] Starting VMware Fusion:
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] VMware Fusion 72241: Starting VMware Fusion:
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] kextload: /Library/Application Support/VMware Fusion/kexts/vmmon.kext loaded successfully
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] kextload: /Library/Application Support/VMware Fusion/kexts/vmci.kext loaded successfully
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] kextload: /Library/Application Support/VMware Fusion/kexts/vmioplug.kext loaded successfully
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] kextload: /Library/Application Support/VMware Fusion/kexts/vmnet.kext loaded successfully
9/5/08 1:19:47 PM kernel vmmon: Loaded @ 0x4bcbe000: Info 0x4bccb500 Name com.vmware.kext.vmx86 Version 1.1.1fc2 build-72241 at Jan 16 2008 21:26:45
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Internet Software Consortium DHCP Server 2.0
9/5/08 1:19:47 PM kernel vmmon: Service start
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] All rights reserved.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Please contribute if you find this software useful.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] For info, please visit http://www.****.***/****-contrib.html
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Configured subnet: 192.168.91.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Setting vmnet-dhcp IP address: 192.168.91.254
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Opened:
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Recving on VNet/vmnet8/192.168.91.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Sending on VNet/vmnet8/192.168.91.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Internet Software Consortium DHCP Server 2.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] All rights reserved.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Please contribute if you find this software useful.
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] For info, please visit http://www.****.***/****.html
9/5/08 1:19:47 PM kernel vmmon: Instrumenting bug 151304 without page information...
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Configured subnet: 192.168.164.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Setting vmnet-dhcp IP address: 192.168.164.254
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Opened:
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Recving on VNet/vmnet1/192.168.164.0
9/5/08 1:19:47 PM com.vmware.launchd.vmware[48] Sending on VNet/vmnet1/192.168.164.0
9/5/08 1:19:47 PM kernel vmmon: Fast clock thread started.
9/5/08 1:19:47 PM kernel vmmon: Initial HV check: anyNotCapable=0 anyUnlocked=0 anyEnabled=1 anyDisabled=0
9/5/08 1:19:47 PM kernel vmmon: HV check: anyNotCapable=0 anyUnlocked=0 anyEnabled=1 anyDisabled=0
9/5/08 1:19:47 PM kernel vmmon: Module initialized.
9/5/08 1:19:47 PM kernel vmmon: Registering for power state changes
9/5/08 1:19:47 PM kernel vmci: Initializing module.
9/5/08 1:19:47 PM kernel vmci: VMCI: Driver initialized.
9/5/08 1:19:47 PM kernel vmci: Module initialized.
9/5/08 1:19:47 PM kernel vmnet: Initializing module (version 1.1.1fc2, build-72241).
9/5/08 1:19:47 PM kernel vmnet: VMNet_Start allocated gOSMallocTag
9/5/08 1:19:47 PM kernel vmnet: Module initialized.
9/5/08 1:19:47 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x43b8100.
9/5/08 1:19:47 PM kernel vmnet: VMNetConnect: returning port 0x43b8100
9/5/08 1:19:47 PM kernel vmnet: Hub 8 does not exist, allocating memory.
9/5/08 1:19:47 PM kernel vmnet: Allocated hub 0x445d800 for hubNum 8.
9/5/08 1:19:47 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:e5:c6:b8
9/5/08 1:19:47 PM kernel vmnet: Hub 8
9/5/08 1:19:47 PM kernel vmnet: Port 0
9/5/08 1:19:47 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x4480e00.
9/5/08 1:19:47 PM kernel vmnet: VMNetConnect: returning port 0x4480e00
9/5/08 1:19:47 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:e4:8c:c0
9/5/08 1:19:47 PM kernel vmnet: Hub 8
9/5/08 1:19:47 PM kernel vmnet: Port 0
9/5/08 1:19:47 PM kernel vmnet: Port 1
9/5/08 1:19:47 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x4480c00.
9/5/08 1:19:47 PM kernel vmnet: VMNetConnect: returning port 0x4480c00
9/5/08 1:19:47 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:ff:08:cc
9/5/08 1:19:47 PM kernel vmnet: Hub 8
9/5/08 1:19:47 PM kernel vmnet: Port 0
9/5/08 1:19:47 PM kernel vmnet: Port 1
9/5/08 1:19:47 PM kernel vmnet: Port 2
9/5/08 1:19:47 PM kernel vmnet: VNetUserIfFree: freeing userIf at 0x4480c00.
9/5/08 1:19:47 PM kernel vmnet: netif-vmnet8: Adding protocol 2.
9/5/08 1:19:47 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x4480a00.
9/5/08 1:19:47 PM kernel vmnet: VMNetConnect: returning port 0x4480a00
9/5/08 1:19:47 PM kernel vmnet: Hub 1 does not exist, allocating memory.
9/5/08 1:19:47 PM kernel vmnet: Allocated hub 0x448b800 for hubNum 1.
9/5/08 1:19:47 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:eb:03:38
9/5/08 1:19:48 PM kernel vmnet: Hub 1
9/5/08 1:19:48 PM kernel vmnet: Port 0
9/5/08 1:19:48 PM kernel vmnet: VNetUserIfFree: freeing userIf at 0x4480a00.
9/5/08 1:19:48 PM kernel vmnet: netif-vmnet1: Adding protocol 2.
9/5/08 1:19:48 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x4480800.
9/5/08 1:19:48 PM kernel vmnet: VMNetConnect: returning port 0x4480800
9/5/08 1:19:48 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:f3:c2:e0
9/5/08 1:19:48 PM kernel vmnet: Hub 1
9/5/08 1:19:48 PM kernel vmnet: Port 0
9/5/08 1:19:48 PM kernel vmnet: Port 1
9/5/08 1:19:48 PM /usr/sbin/ocspd[85] starting
9/5/08 1:19:48 PM /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow[33] Login Window Application Started
9/5/08 1:19:48 PM /System/Library/CoreServices/rapserver.app/Contents/MacOS/rapserverd[25] RAP: Starting, pid=25
9/5/08 1:19:48 PM /System/Library/CoreServices/rapserver.app/Contents/MacOS/rapserverd[25] RAP: Started, pid=25, port=4073
9/5/08 1:19:50 PM kernel AirPort_Athr5424ab: Ethernet address 00:1c:b3:b2:46:95
9/5/08 1:19:51 PM kernel display: Not usable
9/5/08 1:19:50 PM mDNSResponder[16] Adding registration domain paul\.dyson.members.mac.com.
9/5/08 1:19:50 PM mDNSResponder[16] Adding registration domain paul\.dyson.members.mac.com.
9/5/08 1:19:51 PM configd[14] setting hostname to "Media-Mac-mini.local"
9/5/08 1:19:51 PM airportd[90] No networks found on channels remembered for belkin54g
9/5/08 1:19:51 PM airportd[90] Could not find "belkin54g"
9/5/08 1:19:51 PM airportd[90] Could not find any preferred networks; trying broadcast requests..
9/5/08 1:19:51 PM ARDAgent [96] ******ARDAgent Launched******
9/5/08 1:19:51 PM loginwindow[33] Login Window Started Security Agent
9/5/08 1:19:52 PM mDNSResponder[16] registerserviceinstance: domain paul\.dyson.members.mac.com. already registered
9/5/08 1:19:53 PM ARDAgent [96] ******ARDAgent Ready******
9/5/08 1:19:54 PM airportd[90] Broadcast requests also failed..
9/5/08 1:19:55 PM com.apple.SystemStarter[27] iCal Server Launched!
9/5/08 1:19:55 PM org.ntp.ntpd[24] Error : nodename nor servname provided, or not known
9/5/08 1:19:55 PM ntpdate[108] can't find host time.euro.apple.com
9/5/08 1:19:55 PM com.apple.SystemStarter[27] Loading VirusBarrier Service
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: extension /Library/StartupItems/VirusBarrier/VirusBarrierService.kext appears to be loadable
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: loading extension /Library/StartupItems/VirusBarrier/VirusBarrierService.kext
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: /Library/StartupItems/VirusBarrier/VirusBarrierService.kext loaded successfully
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: sending personalities to kernel:
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: from extension /Library/StartupItems/VirusBarrier/VirusBarrierService.kext:
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: ScannerService
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: sending 1 personality to the kernel
9/5/08 1:19:55 PM com.apple.SystemStarter[27] kextload: matching started for /Library/StartupItems/VirusBarrier/VirusBarrierService.kext
9/5/08 1:19:55 PM ntpdate[108] no servers can be used, exiting
9/5/08 1:19:55 PM airportd[90] Probing highest ranked networks via directed scan..
9/5/08 1:19:58 PM kernel AirPort: Link Up on en1
9/5/08 1:20:03 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x496af00.
9/5/08 1:20:03 PM kernel vmnet: VMNetConnect: returning port 0x496af00
9/5/08 1:20:03 PM kernel vmnet: Hub 0 does not exist, allocating memory.
9/5/08 1:20:03 PM kernel vmnet: Allocated hub 0x496b000 for hubNum 0.
9/5/08 1:20:03 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:ef:00:58
9/5/08 1:20:03 PM kernel vmnet: Hub 0
9/5/08 1:20:03 PM kernel vmnet: Port 0
9/5/08 1:20:03 PM kernel vmnet: bridge-en1: got dev 0x3dc8004
9/5/08 1:20:03 PM kernel vmnet: bridge-en1: wireless interface detected.
9/5/08 1:20:03 PM kernel vmnet: bridge-en1: up
9/5/08 1:20:03 PM kernel vmnet: bridge-en1: attached
9/5/08 1:20:03 PM kernel vmnet: VNetUserIfFree: freeing userIf at 0x496af00.
9/5/08 1:20:05 PM kernel AppleYukon2: error - 2 Pair Downshift detected
9/5/08 1:20:05 PM kernel AppleYukon2: 00000000,00000000 skgehw - cppSkDrvEvent - SKDRV_DOWNSHIFTDET
9/5/08 1:20:05 PM kernel AppleYukon2 - en0 link active, 100-Mbit, full duplex, symmetric flow control enabled port 0
9/5/08 1:20:06 PM kernel vmnet: bridge-en1: interface en is going DOWN
9/5/08 1:20:06 PM airportd[90] Error: Apple80211Associate() failed -6
9/5/08 1:20:07 PM kernel vmnet: VMNetDisconnect called for port 0x4968000
9/5/08 1:20:07 PM kernel vmnet: bridge-en1: filter detached
9/5/08 1:20:07 PM kernel vmnet: bridge-en1: down
9/5/08 1:20:07 PM kernel vmnet: bridge-en1: detached
9/5/08 1:20:07 PM kernel vmnet: Freeing hub at 0x496b000.
9/5/08 1:20:07 PM kernel vmnet: VNetUserIf_Create: created userIf at 0x496aa00.
9/5/08 1:20:07 PM kernel vmnet: VMNetConnect: returning port 0x496aa00
9/5/08 1:20:07 PM kernel vmnet: Hub 0 does not exist, allocating memory.
9/5/08 1:20:07 PM kernel vmnet: Allocated hub 0x496b000 for hubNum 0.
9/5/08 1:20:07 PM kernel vmnet: VMNETSOBINDTOHUB: port: paddr 00:50:56:ff:a5:00
9/5/08 1:20:07 PM kernel vmnet: Hub 0
9/5/08 1:20:07 PM kernel vmnet: Port 0
9/5/08 1:20:07 PM kernel vmnet: bridge-en0: got dev 0x42b0204
9/5/08 1:20:07 PM kernel vmnet: bridge-en0: up
9/5/08 1:20:07 PM kernel vmnet: bridge-en0: attached
9/5/08 1:20:07 PM kernel vmnet: VNetUserIfFree: freeing userIf at 0x496aa00.
9/5/08 1:20:08 PM mDNSResponderHelper[89] "/etc/racoon/remote/anonymous.conf" looks familiar, will overwrite
9/5/08 1:20:08 PM mDNSResponderHelper[89] racoon (pid=125) started
9/5/08 1:20:10 PM com.apple.KerberosAutoConfig[127] Kerberos configuration is up to date
9/5/08 1:20:12 PM mDNSResponder[16] registerserviceinstance: domain paul\.dyson.members.mac.com. already registered
9/5/08 1:20:12 PM com.apple.KerberosAutoConfig[128] Kerberos configuration is up to date
9/5/08 1:20:12 PM com.apple.KerberosAutoConfig[129] Kerberos configuration is up to date
9/5/08 1:20:26 PM kernel AFP_VFS afpfs_mount: /Network/Servers/server.kennedydyson.co.uk/Volumes/Data/Users, pid 100
9/5/08 1:20:28 PM loginwindow[33] Login Window - Returned from Security Agent
9/5/08 1:20:28 PM loginwindow[33] USER_PROCESS: 33 console
9/5/08 1:20:29 PM com.apple.launchd[1] (com.apple.UserEventAgent-LoginWindow[97]) Exited: Terminated
9/5/08 1:20:29 PM com.apple.launchd[133] (0x103c10.AppleVNCServer[101]) Failed to add kevent for PID 101. Will unload at MIG return
9/5/08 1:20:29 PM com.apple.familycontrols[132] ** [User findUserByID:1038 searchParent:NO] returned nil
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/webfilterc tl[148] ** [User findUserByID:1038 searchParent:NO] returned nil
9/5/08 1:20:29 PM com.apple.familycontrols[132] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d: option requires an argument -- n
9/5/08 1:20:29 PM com.apple.familycontrols[132] 'Unknown argument given
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] 'Unknown argument given
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] Usage: /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k start -p <port> -n <username>
9/5/08 1:20:29 PM com.apple.familycontrols[132] Usage: /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k start -p <port> -n <username>
9/5/08 1:20:29 PM com.apple.familycontrols[132] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k stop
9/5/08 1:20:29 PM com.apple.familycontrols[132] Options:
9/5/08 1:20:29 PM com.apple.familycontrols[132] [-X]: do not detach from console
9/5/08 1:20:29 PM com.apple.familycontrols[132] [-v]: verbose
9/5/08 1:20:29 PM com.apple.familycontrols[132] [-l]: create log file
9/5/08 1:20:29 PM com.apple.familycontrols[132] Private:
9/5/08 1:20:29 PM com.apple.familycontrols[132] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k socket <socket_fd> <logfile_fd> -n <username>
9/5/08 1:20:29 PM com.apple.familycontrols[132] ** abnormal termination of /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d (returned: 1)
9/5/08 1:20:29 PM com.apple.familycontrols[132] ** httpsproxystart failed r:1
9/5/08 1:20:31 PM com.apple.launchd[133] (com.apple.ReportPanic[155]) Exited with exit code: 1
9/5/08 1:20:30 PM airportd[90] No networks found on channels remembered for belkin54g
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k stop
9/5/08 1:20:30 PM airportd[90] Could not find "belkin54g"
9/5/08 1:20:31 PM ReportPanic[155] Reading panic log failed with error: Error Domain=NSCocoaErrorDomain Code=257 UserInfo=0x107570 "The file “2008-07-29-160619.panic” could not be opened because you do not have appropriate access privileges."
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] Options:
9/5/08 1:20:30 PM airportd[90] Could not find any preferred networks; trying broadcast requests..
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] [-X]: do not detach from console
9/5/08 1:20:33 PM airportd[90] Broadcast requests also failed..
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] [-v]: verbose
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] [-l]: create log file
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] Private:
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[161] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k socket <socket_fd> <logfile_fd> -n <username>
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/webfilterc tl[148] ** abnormal termination of /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d (returned: 1)
9/5/08 1:20:29 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/webfilterc tl[148] ** httpsproxystart failed r:1
9/5/08 1:20:30 PM ARDAgent [154] ******ARDAgent Launched******
9/5/08 1:20:31 PM mDNSResponder[16] registerserviceinstance: domain paul\.dyson.members.mac.com. already registered
9/5/08 1:20:31 PM ARDAgent [154] ******ARDAgent Ready******
9/5/08 1:20:34 PM airportd[90] Probing highest ranked networks via directed scan..
9/5/08 1:20:37 PM kernel AirPort: Link Up on en1
9/5/08 1:20:38 PM Dock[165] _DESCRegisterDockExtraClient failed 268435459
9/5/08 1:20:39 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (FE80:0000:0000:0000:021C:B3FF:FEB2:4695); network traffic reduction measures in effect
9/5/08 1:20:42 PM /System/Library/CoreServices/coreservicesd[83] SFLSharePointsEntry::CreateDSRecord: dsCreateRecordAndOpen(medialocal's Public Folder) returned -14135
9/5/08 1:20:42 PM /System/Library/CoreServices/coreservicesd[83] SFLSharePointsEntry::CreateDSRecord: dsCreateRecordAndOpen(Paul Admin's Public Folder) returned -14135
9/5/08 1:20:43 PM com.apple.KerberosAutoConfig[183] Kerberos configuration is up to date
9/5/08 1:20:44 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (169.254.35.3); network traffic reduction measures in effect
9/5/08 1:20:45 PM airportd[90] Error: Apple80211Associate() failed -6
9/5/08 1:20:46 PM kernel AppleYukon2: 00000000,00000001 sk98osx sky2 - - sk98osx_sky2::replaceOrCopyPacket tried N times
9/5/08 1:20:46 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (169.254.35.3); network traffic reduction measures in effect
9/5/08 1:20:46 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (FE80:0000:0000:0000:021C:B3FF:FEB2:4695); network traffic reduction measures in effect
9/5/08 1:20:46 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (169.254.35.3); network traffic reduction measures in effect
9/5/08 1:20:48 PM com.apple.familycontrols[132] ** trying to launch apache with but no username given
9/5/08 1:20:48 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/webfilterc tl[148] ** trying to launch apache with but no username given
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper 2008-09-05 13:20:48.022 iCalExternalSync[185:10b] WARNING: restore save failed: Error Domain=NSCocoaErrorDomain Code=134030 UserInfo=0x175c10 "An error occurred while saving." {
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper NSUnderlyingException = Fetching maximum primary key failed;
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper }
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper 2008-09-05 13:20:48.041 iCalExternalSync[185:10b] WARNING: CalCalendarStore: restore failed: Error Domain=CalCalendarStorePersistenceErrorDomain Code=1 UserInfo=0x176b00 "Failed to rebuild the iCal database."
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper {
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper NSLocalizedDescription = "Failed to rebuild the iCal database.";
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper NSLocalizedRecoverySuggestion = "An error occurred while saving.";
9/5/08 1:20:48 PM [0x0-0x11011].com.apple.iCal.helper }
9/5/08 1:20:48 PM iCalExternalSync[185] WARNING: restore save failed: Error Domain=NSCocoaErrorDomain Code=134030 UserInfo=0x175c10 "An error occurred while saving." {
NSUnderlyingException = Fetching maximum primary key failed;
9/5/08 1:20:49 PM com.apple.KerberosAutoConfig[188] Kerberos configuration is up to date
9/5/08 1:20:48 PM iCalExternalSync[185] WARNING: CalCalendarStore: restore failed: Error Domain=CalCalendarStorePersistenceErrorDomain Code=1 UserInfo=0x176b00 "Failed to rebuild the iCal database."
NSLocalizedDescription = "Failed to rebuild the iCal database.";
NSLocalizedRecoverySuggestion = "An error occurred while saving.";
9/5/08 1:20:50 PM mDNSResponder[16] Note: Frequent transitions for interface en1 (169.254.35.3); network traffic reduction measures in effect
9/5/08 1:20:50 PM mDNSResponder[16] SendResponses: No active interface to send: 04 17 Media\032Mac\032mini.device-info.tcp.local. TXT model=Macmini2,1
9/5/08 1:20:53 PM [0x0-0x14014].SoftwareUpdateCheck[192] SoftwareUpdateCheck: non-admin user
9/5/08 1:20:54 PM com.apple.launchd[133] ([0x0-0x14014].SoftwareUpdateCheck[192]) Exited with exit code: 102
9/5/08 1:20:54 PM com.apple.KerberosAutoConfig[215] Kerberos configuration is up to date
9/5/08 1:20:56 PM com.apple.familycontrols[132] ** [User findUserByID:1038 searchParent:NO] returned nil
9/5/08 1:20:56 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/webfilterc tl[220] ** [User findUserByID:1038 searchParent:NO] returned nil
9/5/08 1:20:56 PM com.apple.familycontrols[132] /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d: option requires an argument -- n
9/5/08 1:20:56 PM /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d[223] 'Unknown argument given
9/5/08 1:20:56 PM com.apple.familycontrols[132] 'Unknown argument given
9/5/08 1:20:56 PM com.apple.familycontrols[132] Usage: /System/Library/PrivateFrameworks/FamilyControls.framework/Resources/httpsproxy d -k start -p <port> -n <username>
Once loaded iCal does not respond and a "force quit" is the only option.
I have looked at the logs in Server Admin and I can't seem to see any problems at about the same time.
I would be grateful if someone could let me know whether this is a bug with the software or whether there is a solution. For the time being, the mac users are having to use portable home directories in order to allow them to use iCal.
<Edited by Moderator>Hi
I've not long ago spotted it. It is a longish log. I would sort out that problem anyway because it can't be good for that user.
What needs to happen is a sampling of a the log server side when the problems occur for the clients. It would be a good idea if you posted a little more about how the server is configured. Are you using Server Preferences to administer the Server by any chance? What is the result of issuing this command from terminal:
sudo changeip -checkhostname
Post the result. Did the apple engineer configure internal DNS & DHCP Services to accommodate the web and ical services? Is the web service running? Are you using virtual domains? Are the client macs using the Server to resolve DNS?
As you can see lots of questions. If you are using Server Preferences then I'm going to have to stop trying to assist you. Please don't think there is anything wrong with your server because you are using the application, because there is not. Neither is there anything wrong with the choices made by the original guy. It's just I don't deal with anything other than Advanced. I have little knowledge of Server Preferences. Please don't be tempted to 'convert' to Advanced thinking it may 'improve' matters. It's just as likely it will make things worse.
Consider getting the original guy back in and having him do it for you again. Who knows you may find things will go a lot smoother this time?
Tony -
Flash Player 10 does not work in IE or Firefox. What could it conflict with?
I'm using Firefox 3.6.8 (and sometimes IE 8.0.6001.18702IC) on Windows XP Pro, SP 3.
For some weeks now, I have been unable to hear any sounds on anything Flash-based, from YouTube to games at MSN.com or embedded videos on any site using Flash. Initially I had assumed it to be because of having QuickTime installed because I know QT likes to hijack everything. I uninstalled QT (and Real Player) and Flash Player then reinstalled Flash Player (and Shockwave Player just in case) and guess what?
Yup. Nothing. When I uninstalled everything, I used a program called Revo Uninstaller, which includes a registry cleaning option. I then used Abexo and WinASO's registry cleaners to make sure I got everything else that even looked like QuickTime off my hard drive.
When I reinstalled Flash, the following programs appeared in C:\Windows\system 32\Macromed\Flash:
Flash 10i.ocx (10.1.82.76)
FlashUtil10i_ActiveX (10.1.82.76)
FlashUntil10i_Plugin (10.1.82.76)
genuinst (6.0.2800.1531)
FlashUtil10i_ActiveX.dll (10.1.82.76)
NPSWF32.dll (10.1.82.76)
KB931433
FlashInstall
Install
Flashplayer.xpt
When I check IE's "Tools" and look for add-ons, it says that Flash (Shockwave Flash) is enabled. I even enabled the other Adobe add-ons for Acrobat and such just to be sure. Firefox shows Shockwave Flash and Shockwave for Director both to be enabled. The Flash control panel settings don't help: I have all sites set to store about 100 KB on my computer to make sure there's enough room for everything but still nothing.
Before anyone asks, my audio drivers are up to date, thanks to the manufacturer's website. I have DirectX 9.0c installed and everything else works fine. I can play audio and video elsewhere with no problems. It's only Flash that's showing me this trouble and there's no hint as to what else could be interfering with Flash.
Any ideas?Well, great. I tried the uninstall/reinstall before, but not with the uninstaller, so I was hopeful that this time might do it. No such luck. The video still plays, but no sound.
All the sound settings are working with everything else from games to media players. I set Windows' firewall to allow both the ActiveX and plugin for Flash, just in case.
In the Flash folder, I now have:
Flash10l.ocx (10.1.102.64)
Flash Util10l_ActiveX (10.1.102.64)
FlashUtil10l_Plugin (10.1.102.64)
Genuinst (6.0.2800.1531)
FlashUtil10l_ActiveX.dll (10.1.102.64)
NPSWF32.dll (10.1.102.64)
And the setup and text files that went with 'em.
I've also done a system restart since then and zip.
I went through IE and Firefox and looked for any file associations (like .flv) that I could manually change over to using Flash, but no go. The settings panels for Flash have all been set to allow YouTube specifically (as a test) and to allow 10KB of storage space for all affected sites.
Now what? I'm really not looking forward to a reformat and reinstall, but it's looking like that's what it's going to take.
Date: Sun, 14 Nov 2010 17:37:07 -0700
From: [email protected]
To: [email protected]
Subject: Flash Player 10 does not work in IE or Firefox. What could it conflict with?
Something is strange with your list of modules; you list FlashUntil10i_Plugin (10.1.102.64), but this is really 10.1.85.3
I recommend that you uninstall Flash Player completely (using http://kb2.adobe.com/cps/141/tn_14157.html), then restart Windows, and delete all remaining files in C:\Windows\system32\Macromed\Flash.
Next reinstall both ActiveX (http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe) and the plugin (http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe).
After that, if the problem persists, have a look at this page http://kb2.adobe.com/cps/837/cpsid_83739.html
> -
Issue with spamassassin, now mail not working
Hi ! I installed spamtrainer almost two months ago. Been feeding the [email protected] for several weeks now , 700 emails each day at least .
There was very little improvement if none at all. Tried to add "@local_domains_maps = (1)" to amavisd.conf last night thinking it might be the problem , though no virtual domain exist. This was one of the issue on the default Amavisd config. The other one is adding the symbolic link which I already done.
Computer froze while adding the parameter "@local_domains_maps = (1)", so I manually turn off the Power Mac, then mail stopped altogether. The mails are filing up but the clients couldn't send or receive since this incidence .
FF is the maincf. and amavis.conf
All help are greatly appreciated.
mail:/Users/sysadmin root# postconf -n
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
always_bcc =
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
html_directory = no
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
message_size_limit = 31457280
mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
mydomain = cpplaw.com
mydomain_fallback = localhost
myhostname = mail.cpplaw.com
mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks permit
smtpd_tls_key_file =
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains =
virtual_transport = virtual
mail:/Users/sysadmin root# postconf -n
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
always_bcc =
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
html_directory = no
inet_interfaces = all
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
luser_relay =
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
message_size_limit = 31457280
mydestination = $myhostname,localhost.$mydomain,localhost,mail.cpplaw.com,cpplaw.com
mydomain = cpplaw.com
mydomain_fallback = localhost
myhostname = mail.cpplaw.com
mynetworks = 127.0.0.1/32,192.168.1.0/24,127.0.0.1
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_client_restrictions = permit_mynetworks permit
smtpd_tls_key_file =
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains =
virtual_transport = virtual
mail:/Users/sysadmin root#
_______________________Amavisd.cof_________________________
use strict;
# Configuration file for amavisd-new
# This software is licensed under the GNU General Public License (GPL).
# See comments at the start of amavisd-new for the whole license text.
#Sections:
# Section I - Essential daemon and MTA settings
# Section II - MTA specific
# Section III - Logging
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
# Section V - Per-recipient and per-sender handling, whitelisting, etc.
# Section VI - Resource limits
# Section VII - External programs, virus scanners, SpamAssassin
# Section VIII - Debugging
#GENERAL NOTES:
# This file is a normal Perl code, interpreted by Perl itself.
# - make sure this file (or directory where it resides) is NOT WRITABLE
# by mere mortals, otherwise it represents a severe security risk!
# - for values which are interpreted as booleans, it is recommended
# to use 1 for true, and 0 or undef or '' for false.
# THIS IS DIFFERENT FROM OLDER AMAVIS VERSIONS where "no" also meant false,
# now it means true, like any nonempty string does!
# - Perl syntax applies. Most notably: strings in "" may include variables
# (which start with $ or @); to include characters @ and $ in double
# quoted strings, precede them by a backslash; in single-quoted strings
# the $ and @ lose their special meaning, so it is usually easier to use
# single quoted strings. Still, in both cases a backslash need to be doubled
# - variables with names starting with a '@' are lists, the values assigned
# to them should be lists as well, e.g. ('one@foo', $mydomain, "three");
# note the comma-separation and parenthesis. If strings in the list
# do not contain spaces nor variables, a Perl operator qw() may be used
# as a shorthand to split its argument on whitespace and produce a list
# of strings, e.g. qw( one@foo example.com three ); Note that the argument
# to qw is quoted implicitly and no variable interpretation is done within
# (no '$' variable evaluations). The #-initiated comments can not be used
# within the string. In other words, $ and # lose their special meaning
# withing a qw argument, just like within '...' strings.
# - all e-mail addresses in this file and as used internally by the daemon
# are in their raw (rfc2821-unquoted and nonbracketed) form, i.e.
# Bob "Funny" [email protected], not: "Bob \"Funny\" Dude"@example.com
# and not <"@example.com>; also: '' and not ''.
# Section I - Essential daemon and MTA settings
# $MYHOME serves as a quick default for some other configuration settings.
# More refined control is available with each individual setting further down.
# $MYHOME is not used directly by the program. No trailing slash!
#$MYHOME = '/var/lib/amavis'; # (default is '/var/amavis')
# : $mydomain serves as a quick default for some other configuration settings.
# : More refined control is available with each individual setting further down.
# : $mydomain is never used directly by the program.
$mydomain = 'cpplaw.com'; aol.com'; # (no useful default)
# Set the user and group to which the daemon will change if started as root
# (otherwise just keep the UID unchanged, and these settings have no effect):
$daemon_user = 'clamav'; # (no default; customary: vscan or amavis)
$daemon_group = 'clamav'; # (no default; customary: vscan or amavis)
# Runtime working directory (cwd), and a place where
# temporary directories for unpacking mail are created.
# (no trailing slash, may be a scratch file system)
$TEMPBASE = $MYHOME; # (must be set if other config vars use is)
#$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
# $helpers_home sets environment variable HOME, and is passed as option
# 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory
# on a normal persistent file system, not a scratch or temporary file system
#$helpers_home = $MYHOME; # (defaults to $MYHOME)
#$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot)
#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid")
#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock")
# set environment variables if you want (no defaults):
$ENV{TMPDIR} = $TEMPBASE; # wise, but usually not necessary
# MTA SETTINGS, UNCOMMENT AS APPROPRIATE,
# both $forward_method and $notify_method default to 'smtp:127.0.0.1:10025'
# POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4
# (set host and port number as required; host can be specified
# as IP address or DNS name (A or CNAME, but MX is ignored)
#$forward_method = 'smtp:127.0.0.1:10025'; # where to forward checked mail
#$notify_method = $forward_method; # where to submit notifications
# NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST
# uncomment the approprate settings below if using other setups!
# SENDMAIL MILTER, using amavis-milter.c helper program:
#$forward_method = undef; # no explicit forwarding, sendmail does it by itself
# milter; option -odd is needed to avoid deadlocks
#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}';
# just a thought: can we use use -Am instead of -odd ?
# SENDMAIL (old non-milter setup, as relay):
#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}';
#$notify_method = $forward_method;
# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent):
#$forward_method = undef; # no explicit forwarding, amavis.c will call LDA
#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}';
# EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead):
#$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}';
#$notify_method = $forward_method;
# prefer to collect mail for forwarding as BSMTP files?
#$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp";
#$notify_method = $forward_method;
# Net::Server pre-forking settings
# You may want $max_servers to match the width of your MTA pipe
# feeding amavisd, e.g. with Postfix the 'Max procs' field in the
# master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp
$max_servers = 2; # number of pre-forked children (default 2)
$max_requests = 10; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in n sec
# (default: 8*60 seconds)
# Check also the settings of @av_scanners at the end if you want to use
# virus scanners. If not, you may want to delete the whole long assignment
# to the variable @av_scanners, which will also remove the virus checking
# code (e.g. if you only want to do spam scanning).
# Here is a QUICK WAY to completely DISABLE some sections of code
# that WE DO NOT WANT (it won't even be compiled-in).
# For more refined controls leave the following two lines commented out,
# and see further down what these two lookup lists really mean.
#@bypass_virus_checks_acl = qw( . ); # uncomment to DISABLE anti-virus code
#@bypass_spam_checks_acl = qw( . ); # uncomment to DISABLE anti-spam code
# Any setting can be changed with a new assignment, so make sure
# you do not unintentionally override these settings further down!
# Lookup list of local domains (see README.lookups for syntax details)
# NOTE:
# For backwards compatibility the variable names @local_domains (old) and
# @local_domains_acl (new) are synonyms. For consistency with other lookups
# the name @local_domains_acl is now preferred. It also makes it more
# obviously distinct from the new %local_domains hash lookup table.
# local_domains* lookup tables are used in deciding whether a recipient
# is local or not, or in other words, if the message is outgoing or not.
# This affects inserting spam-related headers for local recipients,
# limiting recipient virus notifications (if enabled) to local recipients,
# in deciding if address extension may be appended, and in SQL lookups
# for non-fqdn addresses. Set it up correctly if you need features
# that rely on this setting (or just leave empty otherwise).
# With Postfix (2.0) a quick reminder on what local domains normally are:
# a union of domains spacified in: $mydestination, $virtual_alias_domains,
# $virtual_mailbox_domains, and $relay_domains.
@local_domains_acl = ( ".$mydomain" ); # $mydomain and its subdomains
# @local_domains_acl = qw(); # default is empty, no recipient treated as local
# @local_domains_acl = qw( .example.com );
# @local_domains_acl = qw( .example.com !host.sub.example.net .sub.example.net );
# @local_domains_acl = ( ".$mydomain", '.example.com', 'sub.example.net' );
# or alternatively(A), using a Perl hash lookup table, which may be assigned
# directly, or read from a file, one domain per line; comments and empty lines
# are ignored, a dot before a domain name implies its subdomains:
#read_hash(\%local_domains, '/var/amavis/local_domains');
#or alternatively(B), using a list of regular expressions:
# $local_domains_re = new_RE( qr'[@.]example\.com$'i );
# see README.lookups for syntax and semantics
# Section II - MTA specific (defaults should be ok)
# if $relayhost_is_client is true, IP address in $notify_method and
# $forward_method is dynamically overridden with SMTP client peer address
# if available, which makes possible for several hosts to share one daemon
#$relayhost_is_client = 1; # (defaults to false)
#$insert_received_line = 1; # behave like MTA: insert 'Received:' header
# (does not apply to sendmail/milter)
# (default is true)
# AMAVIS-CLIENT PROTOCOL INPUT SETTINGS (e.g. with sendmail milter)
# (used with amavis helper clients like amavis-milter.c and amavis.c,
# NOT needed for Postfix and Exim)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
#$unix_socketname = undef; # disable listening on a unix socket
# (default is undef, i.e. disabled)
# (usual setting is $MYHOME/amavisd.sock)
# Do we receive quoted or raw addresses from the helper program?
# (does not apply to SMTP; defaults to true)
#$gets_addr_in_quoted_form = 1; # "Bob \"Funny\" Dude"@example.com
#$gets_addr_in_quoted_form = 0; # Bob "Funny" [email protected]
# SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...)
# (used when MTA is configured to pass mail to amavisd via SMTP or LMTP)
$inet_socket_port = 10024; # accept SMTP on this local TCP port
# (default is undef, i.e. disabled)
# multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028];
# SMTP SERVER (INPUT) access control
# - do not allow free access to the amavisd SMTP port !!!
# when MTA is at the same host, use the following (one or the other or both):
#$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface
# (default is '127.0.0.1')
@inet_acl = qw( 127.0.0.1 ); # allow SMTP access only from localhost IP
# (default is qw( 127.0.0.1 ) )
# when MTA (one or more) is on a different host, use the following:
#@inet_acl = qw(127/8 10.1.0.1 10.1.0.2); # adjust the list as appropriate
#$inet_socket_bind = undef; # bind to all IP interfaces
# Example1:
# @inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 );
# permit only SMTP access from loopback and rfc1918 private address space
# Example2:
# @inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0
# 127.0.0.1 10/8 172.16/12 192.168/16 );
# matches loopback and rfc1918 private address space except host 192.168.1.12
# and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches)
# Example3:
# @inet_acl = qw( 127/8
# !172.16.3.0 !172.16.3.127 172.16.3.0/25
# !172.16.3.128 !172.16.3.255 172.16.3.128/25 );
# matches loopback and both halves of the 172.16.3/24 C-class,
# split into two subnets, except all four broadcast addresses
# for these subnets
# See README.lookups for details on specifying access control lists.
# Section III - Logging
# true (e.g. 1) => syslog; false (e.g. 0) => logging to file
$DO_SYSLOG = 0; # (defaults to false)
#$SYSLOG_LEVEL = 'user.info'; # (defaults to 'mail.info')
# Log file (if not using syslog)
$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
#NOTE: levels are not strictly observed and are somewhat arbitrary
# 0: startup/exit/failure messages, viruses detected
# 1: args passed from client, some more interesting messages
# 2: virus scanner output, timing
# 3: server, client
# 4: decompose parts
# 5: more debug details
$log_level = 4; # (defaults to 0)
# Customizeable template for the most interesting log file entry (e.g. with
# $log_level=0) (take care to properly quote Perl special characters like '\')
# For a list of available macros see README.customize .
# only log infected messages (useful with log level 0):
# $log_templ = '[? %#V |[? %#F ||banned filename ([%F|,])]|infected ([%V|,])]#
# [? %#V |[? %#F ||, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]#
# |, from=<%o>, to=[<%R>|,][? %i ||, quarantine %i]]';
# log both infected and noninfected messages (default):
$log_templ = '[? %#V |[? %#F |[?%#D|Not-Delivered|Passed]|BANNED name/type (%F)]|INFECTED (%V)], #
<%o> -> [<%R>|,][? %i ||, quarantine %i], Message-ID: %m, Hits: %c';
# Section IV - Notifications/DSN, BOUNCE/REJECT/DROP/PASS destiny, quarantine
# Select notifications text encoding when Unicode-aware Perl is converting
# text from internal character representation to external encoding (charset
# in MIME terminology)
# to be used in RFC 2047-encoded header field bodies, e.g. in Subject:
#$hdr_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
# to be used in notification body text: its encoding and Content-type.charset
#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1')
# Default template texts for notifications may be overruled by directly
# assigning new text to template variables, or by reading template text
# from files. A second argument may be specified in a call to read_text(),
# specifying character encoding layer to be used when reading from the
# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding.
# Text will be converted to internal character representation by Perl 5.8.0
# or later; second argument is ignored otherwise. See PerlIO::encoding,
# Encode::PerlIO and perluniintro man pages.
# $notify_sender_templ = read_text('/var/amavis/notify_sender.txt');
# $notify_virus_sender_templ= read_text('/var/amavis/notify_virus_sender.txt');
# $notify_virus_admin_templ = read_text('/var/amavis/notify_virus_admin.txt');
# $notify_virus_recips_templ= read_text('/var/amavis/notify_virus_recips.txt');
# $notify_spam_sender_templ = read_text('/var/amavis/notify_spam_sender.txt');
# $notify_spam_admin_templ = read_text('/var/amavis/notify_spam_admin.txt');
# If notification template files are collectively available in some directory,
# use read_l10n_templates which calls read_text for each known template.
# read_l10n_templates('/etc/amavis/en_US');
# Here is an overall picture (sequence of events) of how pieces fit together
# (only virus controls are shown, spam controls work the same way):
# bypass_virus_checks set for all recipients? ==> PASS
# no viruses? ==> PASS
# log virus if $log_templ is nonempty
# quarantine if $virus_quarantine_to is nonempty
# notify admin if $virus_admin (lookup) nonempty
# notify recips if $warnvirusrecip and (recipient is local or $warn_offsite)
# add address extensions for local recipients (when enabled)
# send (non-)delivery notifications
# to sender if DSN needed (BOUNCE) or ($warnvirussender and D_PASS)
# virus_lovers or final_destiny==D_PASS ==> PASS
# DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny)
# Equivalent flow diagram applies for spam checks.
# If a virus is detected, spam checking is skipped entirely.
# The following symbolic constants can be used in *destiny settings:
# D_PASS mail will pass to recipients, regardless of bad contents;
# D_DISCARD mail will not be delivered to its recipients, sender will NOT be
# notified. Effectively we lose mail (but will be quarantined
# unless disabled). Not a decent thing to do for a mailer.
# D_BOUNCE mail will not be delivered to its recipients, a non-delivery
# notification (bounce) will be sent to the sender by amavisd-new;
# Exception: bounce (DSN) will not be sent if a virus name matches
# $viruses_that_fake_sender_re, or to messages from mailing lists
# (Precedence: bulk|list|junk);
# D_REJECT mail will not be delivered to its recipients, sender should
# preferably get a reject, e.g. SMTP permanent reject response
# (e.g. with milter), or non-delivery notification from MTA
# (e.g. Postfix). If this is not possible (e.g. different recipients
# have different tolerances to bad mail contents and not using LMTP)
# amavisd-new sends a bounce by itself (same as D_BOUNCE).
# Notes:
# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible
# for informing the sender about non-delivery, and how informative
# the notification can be (amavisd-new knows more than MTA);
# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status
# notification, colloquially called 'bounce') - depending on MTA;
# Best suited for sendmail milter, especially for spam.
# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the
# reason for mail non-delivery, but unable to reject the original
# SMTP session). Best suited to reporting viruses, and for Postfix
# and other dual-MTA setups, which can't reject original client SMTP
# session, as the mail has already been enqueued.
$final_virus_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE)
$final_spam_destiny = D_PASS; # (defaults to D_REJECT)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS), D_BOUNCE suggested
# Alternatives to consider for spam:
# - use D_PASS if clients will do filtering based on inserted mail headers;
# - use D_DISCARD, if kill_level is set safely high;
# - use D_BOUNCE instead of D_REJECT if not using milter;
# There are no sensible alternatives to D_BOUNCE for viruses, but consider:
# - use D_PASS (or virus_lovers) and $warnvirussender=1 to deliver viruses;
# - use D_REJECT instead of D_BOUNCE if using milter and under heavy
# virus storm;
# Don't bother to set both D_DISCARD and $warn*sender=1, it will get mapped
# to D_BOUNCE.
# The separation of *_destiny values into D_BOUNCE, D_REJECT, D_DISCARD
# and D_PASS made settings $warnvirussender and $warnspamsender only still
# useful with D_PASS.
# The following $warn*sender settings are ONLY used when mail is
# actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*).
# Bounces or rejects produce non-delivery status notification anyway.
# Notify virus sender?
#$warnvirussender = 1; # (defaults to false (undef))
# Notify spam sender?
#$warnspamsender = 1; # (defaults to false (undef))
# Notify sender of banned files?
#$warnbannedsender = 1; # (defaults to false (undef))
# Notify sender of syntactically invalid header containing non-ASCII characters?
#$warnbadhsender = 1; # (defaults to false (undef))
# Notify virus (or banned files) RECIPIENT?
# (not very useful, but some policies demand it)
#$warnvirusrecip = 1; # (defaults to false (undef))
#$warnbannedrecip = 1; # (defaults to false (undef))
# Notify also non-local virus/banned recipients if $warn*recip is true?
# (including those not matching local_domains*)
#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals)
# Treat envelope sender address as unreliable and don't send sender
# notification / bounces if name(s) of detected virus(es) match the list.
# Note that virus names are supplied by external virus scanner(s) and are
# not standardized, so virus names may need to be adjusted.
# See README.lookups for syntax.
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i );
# where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address)
# - the administrator address may be a simple fixed e-mail address (a scalar),
# or may depend on the SENDER address (e.g. its domain), in which case
# a ref to a hash table can be specified (specify lower-cased keys,
# dot is a catchall, see README.lookups).
# Empty or undef lookup disables virus admin notifications.
$virus_admin = '[email protected]';
# $virus_admin = undef; # do not send virus admin notifications (default)
# $virus_admin = {'not.example.com' => '', '.' => '[email protected]'};
# $virus_admin = '[email protected]';
# equivalent to $virus_admin, but for spam admin notifications:
#$spam_admin = '[email protected]';# $spam_admin = undef; # do not send spam admin notifications (default)
# $spam_admin = {'not.example.com' => '', '.' => '[email protected]'};
#advanced example, using a hash lookup table:
# - $virus_admin = {
# '[email protected]' => '[email protected]',
# '.sub1.example.com' => '[email protected]',
# '.sub2.example.com' => '', # don't send admin notifications
# 'a.sub3.example.com' => '[email protected]',
# '.sub3.example.com' => '[email protected]',
# '.example.com' => '[email protected]', # catchall for our virus senders
# '.' => '[email protected]', # catchall for the rest
# whom notification reports are sent from (ENVELOPE SENDER);
# may be a null reverse path, or a fully qualified address:
# (admin and recip sender addresses default to $mailfrom
# for compatibility, which in turn defaults to undef (empty) )
# If using strings in double quotes, don't forget to quote @, i.e. \@
$mailfrom_notify_admin = "virusalert\@$mydomain";
$mailfrom_notify_recip = "virusalert\@$mydomain";
$mailfrom_notify_spamadmin = "spam.police\@$mydomain";
# 'From' HEADER FIELD for sender and admin notifications.
# This should be a replyable address, see rfc1894. Not to be confused
# with $mailfrom_notify_sender, which is the envelope address and
# should be empty (null reverse path) according to rfc2821.
# $hdrfrom_notify_sender = "amavisd-new <postmaster\@$mydomain>";
# $hdrfrom_notify_sender = 'amavisd-new <[email protected]>';
# (defaults to: "amavisd-new <postmaster\@$myhostname>")
# $hdrfrom_notify_admin = $mailfrom_notify_admin;
# (defaults to: $mailfrom_notify_admin)
# $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin;
# (defaults to: $mailfrom_notify_spamadmin)
# whom quarantined messages appear to be sent from (envelope sender)
$mailfrom_to_quarantine = undef; # original sender if undef, or set explicitly
# (default is undef)
# Location to put infected mail into: (applies to 'local:' quarantine method)
# empty for not quarantining, may be a file (mailbox),
# or a directory (no trailing slash)
# (the default value is undef, meaning no quarantine)
$QUARANTINEDIR = '/var/virusmails';
#$virus_quarantine_method = "local:virus-%i-%n"; # default
#$spam_quarantine_method = "local:spam-%b-%i-%n"; # default
#use the new 'bsmtp:' method as an alternative to the default 'local:'
#$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%i-%n.bsmtp";
#$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%b-%i-%n.bsmtp";
# When using the 'local:' quarantine method (default), the following applies:
# A finer control of quarantining is available through variable
# $virus_quarantine_to/$spam_quarantine_to. It may be a simple scalar string,
# or a ref to a hash lookup table, or a regexp lookup table object,
# which makes possible to set up per-recipient quarantine addresses.
# The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a
# per-recipient lookup result from the hash table %$virus_quarantine_to)
# is/are interpreted as follows:
# VARIANT 1:
# empty or undef disables quarantine;
# VARIANT 2:
# a string NOT containg an '@';
# amavisd will behave as a local delivery agent (LDA) and will quarantine
# viruses to local files according to hash %local_delivery_aliases (pseudo
# aliases map) - see subroutine mail_to_local_mailbox() for details.
# Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'.
# Setting $virus_quarantine_to ($spam_quarantine_to) to this string will:
# * if $QUARANTINEDIR is a directory, each quarantined virus will go
# to a separate file in the $QUARANTINEDIR directory (traditional
# amavis style, similar to maildir mailbox format);
# * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style
# mailbox. All quarantined messages will be appended to this file.
# Amavisd child process must obtain an exclusive lock on the file during
# delivery, so this may be less efficient than using individual files
# or forwarding to MTA, and it may not work across NFS or other non-local
# file systems (but may be handy for pickup of quarantined files via IMAP
# for example);
# VARIANT 3:
# any email address (must contain '@').
# The e-mail messages to be quarantined will be handed to MTA
# for delivery to the specified address. If a recipient address local to MTA
# is desired, you may leave the domain part empty, e.g. 'infected@', but the
# '@' character must nevertheless be included to distinguish it from variant 2.
# This method enables more refined delivery control made available by MTA
# (e.g. its aliases file, other local delivery agents, dealing with
# privileges and file locking when delivering to user's mailbox, nonlocal
# delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined
# will not be handed back to amavisd for checking, as this will cause a loop
# (hopefully broken at some stage)! If this can be assured, notifications
# will benefit too from not being unecessarily virus-scanned.
# By default this is safe to do with Postfix and Exim v4 and dual-sendmail
# setup, but probably not safe with sendmail milter interface without
# precaution.
# (the default value is undef, meaning no quarantine)
#$virus_quarantine_to = '[email protected]'; # traditional local quarantine
#$virus_quarantine_to = 'infected@'; # forward to MTA for delivery
#$virus_quarantine_to = "virus-quarantine\@$mydomain"; # similar
#$virus_quarantine_to = '[email protected]'; # similar
#$virus_quarantine_to = undef; # no quarantine
#$virus_quarantine_to = new_RE( # per-recip multiple quarantines
# [qr'^user@example\.com$'i => 'infected@'],
# [qr'^(.*)@example\.com$'i => 'virus-${1}@example.com'],
# [qr'^(.*)(@[^@])?$'i => 'virus-${1}${2}'],
# [qr/.*/ => 'virus-quarantine'] );
# similar for spam
# (the default value is undef, meaning no quarantine)
#$spam_quarantine_to = '[email protected]';
#$spam_quarantine_to = "spam-quarantine\@$mydomain";
#$spam_quarantine_to = new_RE( # per-recip multiple quarantines
# [qr'^(.*)@example\.com$'i => 'spam-${1}@example.com'],
# [qr/.*/ => 'spam-quarantine'] );
# In addition to per-recip quarantine, a by-sender lookup is possible. It is
# similar to $spam_quarantine_to, but the lookup key is the sender address:
#$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine
# Add X-Virus-Scanned header field to mail?
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: undef)
# Leave empty to add no header field # (default: undef)
$X_HEADER_LINE = "by amavisd-new at $mydomain";
$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone
#$remove_existing_x_scanned_headers= 1; # remove existing headers
# (defaults to false)
$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone
#$remove_existing_spam_headers = 1; # remove existing spam headers if
# spam scanning is enabled (default)
# set $bypass_decode_parts to true if you only do spam scanning, or if you
# have a good virus scanner that can deal with compression and recursively
# unpacking archives by itself, and save amavisd the trouble.
# Disabling decoding also causes banned_files checking to only see
# MIME names and MIME content types, not the content classification types
# as provided by the file(1) utility.
# It is a double-edged sword, make sure you know what you are doing!
#$bypass_decode_parts = 1; # (defaults to false)
# don't trust this file type or corresponding unpacker for this file type,
# keep both the original and the unpacked file
# (lookup key is what file(1) utility returned):
$keep_decoded_original_re = new_RE(
qr'^(ASCII|text|uuencoded|xxencoded|binhex)'i,
# Checking for banned MIME types and names. If any mail part matches,
# the whole mail is rejected, much like the way viruses are handled.
# A list in object $banned_filename_re can be defined to provide a list
# of Perl regular expressions to be matched against each part's:
# * Content-Type value (both declared and effective mime-type),
# including the possible security risk content types
# message/partial and message/external-body, as specified by rfc2046;
# * declared (recommended) file names as specified by MIME subfields
# Content-Disposition.filename and Content-Type.name, both in their
# raw (encoded) form and in rfc2047-decoded form if applicable;
# * file content type as guessed by 'file(1)' utility, both the raw result
# from file(1), as well as short type name, classified into names such as
# .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe, ..., which is always
# beginning with a dot - see subroutine determine_file_types().
# This step is done only if $bypass_decode_parts is not true.
# * leave $banned_filename_re undefined to disable these checks
# (giving an empty list to new_RE() will also always return false)
$banned_filename_re = new_RE(
qr'\.[a-zA-Z][a-zA-Z0-9]{0,3}\.(vbs|pif|scr|bat|com|exe|dll)$'i, # double extension
# qr'.\.(exe|vbs|pif|scr|bat|com)$'i, # banned extension - basic
# qr'.\.(ade|adp|bas|bat|chm|cmd|com|cpl|crt|exe|hlp|hta|inf|ins|isp|js|
# jse|lnk|mdb|mde|msc|msi|msp|mst|pcd|pif|reg|scr|sct|shs|shb|vb|
# vbe|vbs|wsc|wsf|wsh)$'ix, # banned extension - long
# qr'^\.(exe|zip|lha|tnef)$'i, # banned file(1) types
# qr'^application/x-msdownload$'i, # banned MIME types
# qr'^message/partial$'i, qr'^message/external-body$'i, # rfc2046
# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631
# and http://www.cknow.com/vtutor/vtextensions.htm
# A little trick: a pattern qr'\.exe$' matches both a short type name '.exe',
# as well as any file name which happens to end with .exe. If only matching
# a file name is desired, but not the short name, a pattern qr'.\.exe$'i
# or similar may be used, which requires that at least one character preceeds
# the '.exe', and so it will never match short file types, which always start
# with a dot.
# Section V - Per-recipient and per-sender handling, whitelisting, etc.
# %virus_lovers, @virus_lovers_acl and $virus_lovers_re lookup tables:
# (these should be considered policy options, they do not disable checks,
# see bypas*checks for that!)
# Exclude certain RECIPIENTS from virus filtering by adding their lower-cased
# envelope e-mail address (or domain only) to the hash %virus_lovers, or to
# the access list @virus_lovers_acl - see README.lookups and examples.
# Make sure the appropriate form (e.g. external/internal) of address
# is used in case of virtual domains, or when mapping external to internal
# addresses, etc. - this is MTA-specific.
# Notifications would still be generated however (see the overall
# picture above), and infected mail (if passed) gets additional header:
# X-AMaViS-Alert: INFECTED, message contains virus: ...
# (header not inserted with milter interface!)
# NOTE (milter interface only): in case of multiple recipients,
# it is only possible to drop or accept the message in its entirety - for all
# recipients. If all of them are virus lovers, we'll accept mail, but if
# at least one recipient is not a virus lover, we'll discard the message.
# %bypass_virus_checks, @bypass_virus_checks_acl and $bypass_virus_checks_re
# lookup tables:
# (this is mainly a time-saving option, unlike virus_lovers* !)
# Similar in concept to %virus_lovers, a hash %bypass_virus_checks,
# access list @bypass_virus_checks_acl and regexp list $bypass_virus_checks_re
# are used to skip entirely the decoding, unpacking and virus checking,
# but only if ALL recipients match the lookup.
# %bypass_virus_checks/@bypass_virus_checks_acl/$bypass_virus_checks_re
# do NOT GUARANTEE the message will NOT be checked for viruses - this may
# still happen when there is more than one recipient for a message, and
# not all of them match these lookup tables. To guarantee virus delivery,
# a recipient must also match %virus_lovers/@virus_lovers_acl lookups
# (but see milter limitations above),
# NOTE: it would not be clever to base virus checks on SENDER address,
# since there are no guarantees that it is genuine. Many viruses
# and spam messages fake sender address. To achieve selective filtering
# based on the source of the mail (e.g. IP address, MTA port number, ...),
# use mechanisms provided by MTA if available.
# Similar to lookup tables controlling virus checking, there exist
# spam scanning, banned names/types, and headers_checks control counterparts:
# %spam_lovers, @spam_lovers_acl, $spam_lovers_re
# %banned_files_lovers, @banned_files_lovers_acl, $banned_files_lovers_re
# %bad_header_lovers, @bad_header_lovers_acl, $bad_header_lovers_re
# and:
# %bypass_spam_checks/@bypass_spam_checks_acl/$bypass_spam_checks_re
# %bypass_banned_checks/@bypass_banned_checks_acl/$bypass_banned_checks_re
# %bypass_header_checks/@bypass_header_checks_acl/$bypass_header_checks_re
# See README.lookups for details about the syntax.
# The following example disables spam checking altogether,
# since it matches any recipient e-mail address (any address
# is a subdomain of the top-level root DNS domain):
# @bypass_spam_checks_acl = qw( . );
# @bypass_header_checks_acl = qw( [email protected] );
# @bad_header_lovers_acl = qw( [email protected] );
# See README.lookups for further detail, and examples below.
# $virus_lovers{lc("postmaster\@$mydomain")} = 1;
# $virus_lovers{lc('[email protected]')} = 1;
# $virus_lovers{lc('[email protected]')} = 1;
# $virus_lovers{lc('some.user@')} = 1; # this recipient, regardless of domain
# $virus_lovers{lc('[email protected]')} = 0; # never, even if domain matches
# $virus_lovers{lc('example.com')} = 1; # this domain, but not its subdomains
# $virus_lovers{lc('.example.com')}= 1; # this domain, including its subdomains
#or:
# @virus_lovers_acl = qw( [email protected] !lab.xxx.com .xxx.com yyy.org );
# $bypass_virus_checks{lc('[email protected]')} = 1;
# @bypass_virus_checks_acl = qw( some.ddd !butnot.example.com .example.com );
# @virus_lovers_acl = qw( [email protected] );
# $virus_lovers_re = new_RE( qr'(helpdesk|postmaster)@example\.com$'i );
# $spam_lovers{lc("postmaster\@$mydomain")} = 1;
# $spam_lovers{lc('[email protected]')} = 1;
# $spam_lovers{lc('[email protected]')} = 1;
# @spam_lovers_acl = qw( !.example.com );
# $spam_lovers_re = new_RE( qr'^user@example\.com$'i );
# don't run spam check for these RECIPIENT domains:
# @bypass_spam_checks_acl = qw( d1.com .d2.com a.d3.com );
# or the other way around (bypass check for all BUT these):
# @bypass_spam_checks_acl = qw( !d1.com !.d2.com !a.d3.com . );
# a practical application: don't check outgoing mail for spam:
# @bypass_spam_checks_acl = ( "!.$mydomain", "." );
# (a downside of which is that such mail will not count as ham in SA bayes db)
# Where to find SQL server(s) and database to support SQL lookups?
# A list of triples: (dsn,user,passw). (dsn = data source name)
# Specify more than one for multiple (backup) SQL servers.
# See 'man DBI', 'man DBD::mysql', 'DBD::Pg', ... for details.
# @lookup_sql_dsn =
# ( ['DBI:mysql:mail:host1', 'some-username1', 'some-password1'],
# ['DBI:mysql:mail:host2', 'some-username2', 'some-password2'] );
# ('mail' in the example is the database name, choose what you like)
# With PostgreSQL the dsn (first element of the triple) may look like:
# 'DBI:Pg:host=host1;dbname=mail'
# The SQL select clause to fetch per-recipient policy settings.
# The %k will be replaced by a comma-separated list of query addresses
# (e.g. full address, domain only, catchall). Use ORDER, if there
# is a chance that multiple records will match - the first match wins.
# If field names are not unique (e.g. 'id'), the later field overwrites the
# earlier in a hash returned by lookup, which is why we use '*,users.id'.
# No need to uncomment the following assignment if the default is ok.
# $sql_select_policy = 'SELECT *,users.id FROM users,policy'.
# ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'.
# ' ORDER BY users.priority DESC';
# The SQL select clause to check sender in per-recipient whitelist/blacklist
# The first SELECT argument '?' will be users.id from recipient SQL lookup,
# the %k will be sender addresses (e.g. full address, domain only, catchall).
# The default value is:
# $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'.
# ' WHERE (rid=?) AND (sid=mailaddr.id) AND (mailaddr.email IN (%k))'.
# ' ORDER BY mailaddr.priority DESC';
# To disable SQL white/black list, set to undef (otherwise comment-out
# the following statement, leaving it at the default value):
$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting
# If you decide to pass viruses (or spam) to certain recipients using the
# above lookup tables or using $final_virus_destiny=1, you can set
# the variable $addr_extension_virus ($addr_extension_spam) to some
# string, and the recipient address will have this string appended
# as an address extension to the local-part of the address. This extension
# can be used by final local delivery agent to place such mail in different
# folders. Leave these two variables undefined or empty strings to prevent
# appending address extensions. Setting has no effect on recipient which will
# not be receiving viruses/spam. Recipients who do not match lookup tables
# local_domains* are not affected.
# LDAs usually default to stripping away address extension if no special
# handling is specified, so having this option enabled normally does no harm,
# provided the $recipients_delimiter matches the setting on the final
# MTA's LDA.
# $addr_extension_virus = 'virus'; # (default is undef, same as empty)
# $addr_extension_spam = 'spam'; # (default is undef, same as empty)
# $addr_extension_banned = 'banned'; # (default is undef, same as empty)
# Delimiter between local part of the recipient address and address extension
# (which can optionally be added, see variables $addr_extension_virus and
# $addr_extension_spam). E.g. recipient address <[email protected]> gets changed
# to <[email protected]>.
# Delimiter should match equivalent (final) MTA delimiter setting.
# (e.g. for Postfix add 'recipient_delimiter = +' to main.cf)
# Setting it to an empty string or to undef disables this feature
# regardless of $addr_extension_virus and $addr_extension_spam settings.
$recipient_delimiter = '+'; # (default is '+')
# true: replace extension; false: append extension
# $replace_existing_extension = 1; # (default is false)
# Affects matching of localpart of e-mail addresses (left of '@')
# in lookups: true = case sensitive, false = case insensitive
$localpart_is_case_sensitive = 0; # (default is false)
# ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT)
# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted
# senders even if the message is recognized as spam. Effectively, for the
# specified senders, message RECIPIENTS temporarily become 'spam_lovers', with
# further processing being the same as otherwise specified for spam lovers.
# It does not turn off inserting spam-related headers, if they are enabled.
# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM.
# Effectively, for messages from blacklisted senders, spam level
# is artificially pushed high, and the normal spam processing applies,
# resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual
# reactions to spam, including possible rejection. If the message nevertheless
# still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED
# in the 'X-Spam-Status' header field, but the reported spam value and
# set of tests in this report header field (if available from SpamAssassin,
# which may have not been called) is not adjusted.
# A sender may be both white- and blacklisted at the same time,
# settings are independent. For example, being both white- and blacklisted,
# message is delivered to recipients, but is tagged as spam.
# If ALL recipients of the message either white- or blacklist the sender,
# spam scanning (calling the SpamAssassin) is bypassed, saving on time.
# The following variables (lookup tables) are available, with the semantics
# and syntax as specified in README.lookups:
# %whitelist_sender, @whitelist_sender_acl, $whitelist_sender_re
# %blacklist_sender, @blacklist_sender_acl, $blacklist_sender_re
# SOME EXAMPLES:
#ACL:
# @whitelist_sender_acl = qw( .example.com );
# @whitelist_sender_acl = ( ".$mydomain" ); # $mydomain and its subdomains
# NOTE: This is not a reliable way of turning off spam checks for
# locally-originating mail, as sender address can easily be faked.
# To reliably avoid spam-scanning outgoing mail,
# use @bypass_spam_checks_acl .
#RE:
# $whitelist_sender_re = new_RE(
# qr'^postmaster@.*\bexample\.com$'i,
# qr'^owner-[^@]*@'i, qr'-request@'i,
# qr'\.example\.com$'i );
$blacklist_sender_re = new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market.alert|money2you|MyGreenCard)@'i,
qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
#HASH lookup variant:
# NOTE: Perl operator qw splits its argument string by whitespace
# and produces a list. This means that addresses can not contain
# whitespace, and there is no provision for comments within the string.
# You can use the normal Perl list syntax if you have special requirements,
# e.g. map {...} ('one user@bla', '.second.com'), or use read_hash to read
# addresses from a file.
# a hash lookup table can be read from a file,
# one address per line, comments and empty lines are permitted:
# read_hash(\%whitelist_sender, '/var/amavis/whitelist_sender');
# ... or set directly:
# $whitelist_sender{''} = 1; # don't spam-check MTA bounces
map { $whitelist_sender{lc($_)}=1 } (qw(
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
returns.groups.yahoo.com
# ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT
# The same semantics as for global white/blacklisting applies, but this
# time each recipient (or its domain, or subdomain, ...) can be given
# an individual lookup table for matching senders. The per-recipient lookups
# override the global lookups, which serve as a fallback default.
# Specify a two-level lookup table: the key for the outer table is recipient,
# and the result should be an inner lookup table (hash or ACL or RE),
# where the key used will be the sender.
#$per_recip_blacklist_sender_lookup_tables = {
# '[email protected]'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i),
# '[email protected]'=>[qw( [email protected],org .d2.example,org )],
#$per_recip_whitelist_sender_lookup_tables = {
# '[email protected]' => [qw( [email protected] .other.example.org )],
# '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )],
# '.my2.example.com' => read_hash('/var/amavis/my2-wl.dat'),
# 'abuse@' => { 'postmaster@'=>1,
# '[email protected]'=>1, '[email protected]'=>1 },
# Section VI - Resource limits
# Sanity limit to the number of allowed recipients per SMTP transaction
# $smtpd_recipient_limit = 1000; # (default is 1000)
# Resource limitations to protect against mail bombs (e.g. 42.zip)
# Maximum recursion level for extraction/decoding (0 or undef disables limit)
$MAXLEVELS = 14; # (default is undef, no limit)
# Maximum number of extracted files (0 or undef disables the limit)
$MAXFILES = 1500; # (default is undef, no limit)
# For the cumulative total of all decoded mail parts we set max storage size
# to defend against mail bombs. Even though parts may be deleted (replaced
# by decoded text) during decoding, the size they occupied is _not_ returned
# to the quota pool.
# Parameters to storage quota formula for unpacking/decoding/decompressing
# Formula:
# quota = max($MIN_EXPANSION_QUOTA,
# $mail_size*$MIN_EXPANSION_FACTOR,
# min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR))
# In plain words (later condition overrules previous ones):
# allow MAX_EXPANSION_FACTOR times initial mail size,
# but not more than MAX_EXPANSION_QUOTA,
# but not less than MIN_EXPANSION_FACTOR times initial mail size,
# but never less than MIN_EXPANSION_QUOTA
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (must be specified)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (must be specified)
# Section VII - External programs, virus scanners
# Specify a path string, which is a colon-separated string of directories
# (no trailing slashes!) to be assigned to the environment variable PATH
# and to serve for locating external programs below.
# NOTE: if $daemon_chroot_dir is nonempty, the directories will be
# relative to the chroot directory specified;
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
# Specify one string or a search list of strings (first match wins).
# The string (or: each string in a list) may be an absolute path,
# or just a program name, to be located via $path;
# Empty string or undef (=default) disables the use of that external program.
# Optionally command arguments may be specified - only the first substring
# up to the whitespace is used for file searching.
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, same options
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$cpio = 'cpio';
# SpamAssassin settings
# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value
# of the option local_tests_only. See Mail::SpamAssassin man page.
# If set to 1, no tests that require internet access will be performed.
$sa_local_tests_only = 1; # (default: false)
#$sa_auto_whitelist = 1; # turn on AWL (default: false)
$sa_mail_body_size_limit = 64*1024; # don't waste time on SA if mail is larger
# (less than 1% of spam is > 64k)
# default: undef, no limitations
# default values, can be overridden by more specific lookups, e.g. SQL
$sa_tag_level_deflt = -999; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 3.0; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 22.0;
#$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
# at or above that level: bounce/reject/drop,
# quarantine, and adding mail address extension
# The $sa_tag_level_deflt, $sa_tag2_level_deflt and $sa_kill_level_deflt
# may also be hashrefs to hash lookup tables, to make static per-recipient
# settings possible without having to resort to SQL or LDAP lookups.
# a quick reference:
# tag_level controls adding the X-Spam-Status and X-Spam-Level headers,
# tag2_level controls adding 'X-Spam-Flag: YES', and editing Subject,
# kill_level controls 'evasive actions' (reject, quarantine, extensions);
# it only makes sense to maintain the relationship:
# tag_level <= tag2_level <= kill_level
# string to prepend to Subject header field when message exceeds tag2 level
$sa_spam_subject_tag = '*** JUNK MAIL ***'; # (defaults to undef, disables)
# (only seen when spam is not to be rejected
# and recipient is in local_domains*)
$sa_spam_modifies_subj = 1; # may be a ref to a lookup table, default is true
# Example: modify Subject for all local recipients except [email protected]
#$sa_spam_modifies_subj = [qw( [email protected] . )];
# @av_scanners is a list of n-tuples, where fields semantics is:
# 1. av scanner plain name, to be used in log and reports;
# 2. scanner program name; this string will be submitted to subroutine
# find_external_programs(), which will try to find the full program
# path name; if program is not found, this scanner is disabled.
# Besides a simple string (full program path name or just the basename
# to be looked for in PATH), this may be an array ref of alternative
# program names or full paths - the first match in the list will be used;
# As a special case for more complex scanners, this field may be
# a subroutine reference, and the whole n-tuple is passed to it as args.
# 3. command arguments to be given to the scanner program;
# a substring {} will be replaced by the directory name to be scanned,
# i.e. "$tempdir/parts"
# 4. an array ref of av scanner exit status values, or a regexp (to be
# matched against scanner output), indicating NO VIRUSES found;
# 5. an array ref of av scanner exit status values, or a regexp (to be
# matched against scanner output), indicating VIRUSES WERE FOUND;
# Note: the virus match prevails over a 'not found' match, so it is safe
# even if 4. matches for viruses too;
# 6. a regexp (to be matched against scanner output), returning a list
# of virus names found.
# 7. and 8.: (optional) subroutines to be executed before and after scanner
# (e.g. to set environment or current directory);
# see examples for these at KasperskyLab AVP and Sophos sweep.
# NOTES:
# - NOT DEFINING @av_scanners (e.g. setting it to empty list, or deleting the
# whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE
# (which can be handy if all you want to do is spam scanning);
# - the order matters: although _all_ available entries from the list are
# always tried regardless of their verdict, scanners are run in the order
# specified: the report from the first one detecting a virus will be used
# (providing virus names and scanner output); REARRANGE THE ORDER TO WILL;
# - it doesn't hurt to keep an unused command line scanner entry in the list
# if the program can not be found; the path search is only performed once
# during the program startup;
# CORROLARY: to disable a scanner that _does_ exist on your system,
# comment out its entry or use undef or '' as its program name/path
# (second parameter). An example where this is almost a must: disable
# Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl
# (same for Trophie/vscan, and clamd/clamscan), or if another unrelated
# program happens to have a name matching one of the entries ('sweep'
# again comes to mind);
# - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES
# for interfacing (where the second parameter starts with \&).
# Keeping such entry and not having a corresponding virus scanner daemon
# causes an unnecessary connection attempt (which eventually times out,
# but it wastes precious time). For this reason the daemonized entries
# are commented in the distribution - just remove the '#' where needed.
@av_scanners = (
# ### http://www.vanja.com/tools/sophie/
# ['Sophie',
# \&ask_daemon, ["{}/\n", '/var/run/sophie'],
# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/
# ['Sophos SAVI', \&sophos_savi ],
# ### http://clamav.elektrapro.com/
# ['Clam Antivirus-clamd',
# \&ask_daemon, ["CONTSCAN {}\n", '/var/amavis/clamd'],
# qr/\bOK$/, qr/\bFOUND$/,
# qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd,
# # match the socket name in clamav.conf to the socket name in this entry
# ### http://www.openantivirus.org/
# ['OpenAntiVirus ScannerDaemon (OAV)',
# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'],
# qr/^OK/, qr/^FOUND: /, qr/^FOUND: (.+)/ ],
# ### http://www.vanja.com/tools/trophie/
# ['Trophie',
# \&ask_daemon, ["{}/\n", '/var/run/trophie'],
# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/,
# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/ ],
# ### http://www.f-prot.com/
# ['FRISK F-Prot Daemon',
# \&ask_daemon,
# ["GET {}/*?-dumb%20-archive HTTP/1.0\r\n\r\n",
# ['127.0.0.1:10200','127.0.0.1:10201','127.0.0.1:10202',
# '127.0.0.1:10203','127.0.0.1:10204'] ],
# qr/(?i)<summary[^>]*>clean<\/summary>/,
# qr/(?i)<summary[^>]*>infected<\/summary>/,
# qr/(?i)<name>(.+)<\/name>/ ],
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp','kavscanner'],
"-* -P -B -Y -O- {}", [0,3,8], [2,4], # any use for -A -K ?
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
'{}', [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
# change the startup-script in /etc/init.d/kavd to:
# DPARMS="-I0 -Y -* /var/amavis"
# adjusting /var/amavis above to match your $TEMPBASE.
# NOTE: cd /opt/AVP/DaemonClients; configure; cd Sample; make
# cp AvpDaemonClient /opt/AVP/
### http://www.hbedv.com/ or http://www.centralcommand.com/
['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
# NOTE: remove the -z if you only have a demo version
### http://www.commandsoftware.com/
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
### http://www.symantec.com/
['Symantec CarrierScan via Symantec CommandLineScanner',
['cscmdline','savsecls'],
'-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/Files Infected: 0/, qr/^Infected: /,
qr/Info:\s+(.+)/ ],
### http://drweb.imshop.de/
['DrWeb Antivirus for Linux/FreeBSD/Solaris', 'drweb',
'-al -ar -fm -go -ha -ml -ot -sd -up {}',
[0], [1], sub {('no-name')} ],
### http://www.f-secure.com/products/anti-virus/
['F-Secure Antivirus', 'fsav',
'--dumb --archive {}', [0], [3,8],
qr/(?:infection|Infected): (.+)/ ],
['CAI InoculateIT', 'inocucmd',
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
['MkS_Vir daemon',
'mksscan', '-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
### http://www.nod32.com/
['ESET Software NOD32', 'nod32',
'-all -subdir+ {}', [0], [1,2],
qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],
### http://www.nod32.com/
['ESET Software NOD32 - Client/Server Version', 'nod32cli',
'-a -r -d recurse --heur standard {}', [0], [10,11],
qr/^\S+\s+infected:\s+(.+)/ ],
### http://www.norman.com/products_nvc.shtml
['Norman Virus Control v5 / Linux', 'nvccmd',
'-c -l:0 -s -u {}', [0], [1],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
### http://www.pandasoftware.com/
['Panda Antivirus for Linux', ['pavcl','pavc'],
'-aut -aex -heu -cmp -nor -nso -eng {}',
qr/Number of files infected\.*: 0(?!\d)/,
qr/Number of files infected\.*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
# Check your RAV license terms before fiddling with the following two lines!
# ['GeCAD RAV AntiVirus 8', 'ravav',
# '--all --archive --mail {}', [1], [2,3,4,You are welcome. I'm glad you got it back up.
(1) You say you did the symbolic link. I will assume this is set correctly; it's very important that it is.
(2) I don't know what you mean by "Been feeding the [email protected] for several weeks now, 700 emails each day at least." After the initial training period, SpamAssassin doesn't learn from mail it has already processed correctly. At this point, you only need to teach SpamAssassin when it is wrong. [email protected] should only be getting spam that is being passed as clean. Likewise, [email protected] should only be getting legitimate mail that is being flagged as junk. You are redirecting mail to both [email protected] and [email protected] ... right? SpamAssassin needs both.
(3) Next, as I said before, you need to implement those "Frontline spam defense for Mac OS X Server." Once you have that done and issue "postfix reload" you can look at your SMTP log in Server Admin and watch as Postfix blocks one piece of junk mail after another. It's kind of cool.
(4) Add some SARE rules:
Visit http://www.rulesemporium.com/rules.htm and download the following rules:
70sareadult.cf
70saregenlsubj0.cf
70sareheader0.cf
70sarehtml0.cf
70sareobfu0.cf
70sareoem.cf
70sarespoof.cf
70sarestocks.cf
70sareunsub.cf
72sare_redirectpost
Visit http://www.rulesemporium.com/other-rules.htm and download the following rules:
backhair.cf
bogus-virus-warnings.cf
chickenpox.cf
weeds.cf
Copy these rules to /etc/mail/spamassassin/
Then stop and restart mail services.
There are other things you can do, and you'll find differing opinions about such things. In general, I think implementing the "Frontline spam defense for Mac OS X Server" and adding the SARE rules will help a lot. Good luck! -
Weblogic Http Apache Plugin not working
Hi,
I have installed weblogic server 10.3 on WindowsXP Professional and Http Apache 2.2 is running on port 80. I followed the following document to configure the Apache plugin:
http://e-docs.bea.com/wls/docs103/plugins/apache.html
but when I go and test the plugin it always comes back with 404 page not found. As per the documentation I am testing it as
http://localhost:80/weblogic/
Here is my httpd.conf
Include "C:/bea/alui/plumtreeconf/"
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
# with ServerRoot set to "C:/Program Files/Apache Software Foundation/Apache2.2" will be interpreted by the
# server as "C:/Program Files/Apache Software Foundation/Apache2.2/logs/foo.log".
# NOTE: Where filenames are specified, you must use forward slashes
# instead of backslashes (e.g., "c:/apache" instead of "c:\apache").
# If a drive letter is omitted, the drive on which httpd.exe is located
# will be used by default. It is recommended that you always supply
# an explicit drive letter in absolute paths to avoid confusion.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
ServerRoot "C:/Program Files/Apache Software Foundation/Apache2.2"
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
#LoadModule disk_cache_module modules/mod_disk_cache.so
#LoadModule dumpio_module modules/mod_dumpio.so
LoadModule env_module modules/mod_env.so
#LoadModule expires_module modules/mod_expires.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule filter_module modules/mod_filter.so
#LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
#LoadModule info_module modules/mod_info.so
LoadModule isapi_module modules/mod_isapi.so
#LoadModule ldap_module modules/mod_ldap.so
#LoadModule logio_module modules/mod_logio.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule mime_module modules/mod_mime.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule status_module modules/mod_status.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule unique_id_module modules/mod_unique_id.so
#LoadModule userdir_module modules/mod_userdir.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule version_module modules/mod_version.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule weblogic_module modules/mod_wl_22.so
<IfModule mod_weblogic.c>
WebLogicHost localhost
WebLogicPort 7001
</IfModule>
<Location /weblogic>
SetHandler weblogic-handler
PathTrim /weblogic
</Location>
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User daemon
Group daemon
</IfModule>
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName localhost:80
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs"
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# features.
ProxyRequests On
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# This should be changed to whatever you set DocumentRoot to.
<Directory "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "logs/error.log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "logs/access.log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "logs/access.log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://localhost/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock logs/cgisock
</IfModule>
# "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "C:/Program Files/Apache Software Foundation/Apache2.2/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
DefaultType text/plain
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://localhost/subscription_info.html
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#EnableMMAP off
#EnableSendfile off
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf
# Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
#Include conf/extra/httpd-autoindex.conf
# Language settings
#Include conf/extra/httpd-languages.conf
# User home directories
#Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
#Include conf/extra/httpd-default.conf
# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>Is there anything else I need to add to this file. As I am trying to install ALUI and for this I need to add the plugin as when I go to my portal page none of the
images shows. Any help is appreciated.
ThanksHi,
There is patch for the webserver(Apache Plugin),thats needs to be downloaded from Metalink,dont use the default plugin that comes with the weblogic 10.3 installtion.
Regards,
Dinesh
Maybe you are looking for
-
Problem with GuardianEdge and Discoverer export
We're having problems doing XLS or SLK exports out of Discoverer Plus 10g and appears to only be happening on PCs where the GuardianEdge encryption product has been installed. In fact, we can export to a shared drive (i.e. server not protected by Gua
-
There are 2 printers on the system. I want to create a Print Button, so that if the user clicks it, a desired area prints on a specific printer. Thanks for your consideration.
-
Shared Public IP to two Servers - ASA 5510 8.3. NAT/PAT
I have a situation where we have a single DMZ server currently statically forwarded to a single public IP. TCP ports 80, 443, 8080, 8500, 53, and 21 are open to this server via an access list. However, we have added an additional server to the DMZ,
-
(GnuPG) Encryption in Mail.app and TLS
Hello: I am planning on using Mail.app on Leopard (10.5). My worry is that I rely heavily on GnuPG for emails (S/MIME alone doesn't cut it), and I would like to have something like Enigmail/Enigmime (Mozilla Thunderbird) that allows me to sign/encryp
-
Uninstall itunes without losing the settings
Hi guys, I want to re-install my iTunes, but how can I make sure that the settings (for example the folders my iPhone syncs with) stay and don't ddisappear/delete. Thank you, YoYo