25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-22 16:20:52 +01:00

Merge from trunk (r1730 to r1734).

PR:		EJABP-1

SVN Revision: 1735
This commit is contained in:
Jean-Sébastien Pédron 2008-12-17 13:52:44 +00:00
parent 6a3436b1c4
commit 69805f36fa
8 changed files with 228 additions and 149 deletions

View File

@ -1,3 +1,31 @@
2008-12-17 Jean-Sébastien Pédron <js.pedron@meetic-corp.com>
Merge from trunk (r1730 to r1734).
2008-12-16 Badlop <badlop@process-one.net>
* src/mod_pubsub/mod_pubsub.erl: Fix update pubsub tables from
ejabberd 1.x to 2.x (EJAB-817)
* doc/guide.tex: Fix capitalization of some section titles
* doc/guide.tex: Mention as optional Requirements: mysql, pgsql
and pam
* src/ejabberd_admin.erl: Command reopen-log must also rotate
sasl.log (thanks to Alexander Tsvyashchenko)(EJAB-711)
* src/ejabberd_logger_h.erl: Export the function rotate_log/1
* doc/guide.tex: Improve explanation of log files rotation
* doc/guide.tex: Improve explanation of watchdog admins
option: only useful for developers (EJAB-816)
* src/ejabberd.cfg.example: Likewise
* doc/guide.tex: Say 'higher' instead of 'newer' in requirements
* README: Likewise
* doc/guide.tex: Simplify example mod_muc configuration
2008-12-16 Jean-Sébastien Pédron <js.pedron@meetic-corp.com>
Merge from trunk (r1709 to r1730).

2
README
View File

@ -9,7 +9,7 @@ To compile ejabberd you need:
- GNU Make
- GCC
- libexpat 1.95 or higher
- Erlang/OTP R10B-9 or newer
- Erlang/OTP R10B-9 or higher
- OpenSSL 0.9.6 or higher, for STARTTLS, SASL and SSL
encryption. Optional, highly recommended.
- Zlib 1.2.3 or higher, for Stream Compression support

View File

@ -96,7 +96,7 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}
</LI><LI CLASS="li-toc"><A HREF="#htoc4">Chapter&#XA0;2&#XA0;&#XA0;Installing <TT>ejabberd</TT></A>
<UL CLASS="toc"><LI CLASS="li-toc">
<A HREF="#htoc5">2.1&#XA0;&#XA0;Installing <TT>ejabberd</TT> with Binary Installer</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc6">2.2&#XA0;&#XA0;Installing <TT>ejabberd</TT> with Operating System specific packages</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc6">2.2&#XA0;&#XA0;Installing <TT>ejabberd</TT> with Operating System Specific Packages</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc7">2.3&#XA0;&#XA0;Installing <TT>ejabberd</TT> with CEAN</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc8">2.4&#XA0;&#XA0;Installing <TT>ejabberd</TT> from Source Code</A>
<UL CLASS="toc"><LI CLASS="li-toc">
@ -161,12 +161,12 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}
</LI><LI CLASS="li-toc"><A HREF="#htoc59">3.3.23&#XA0;&#XA0;<TT>mod_version</TT></A>
</LI></UL>
</LI></UL>
</LI><LI CLASS="li-toc"><A HREF="#htoc60">Chapter&#XA0;4&#XA0;&#XA0;Managing an <TT>ejabberd</TT> server</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc60">Chapter&#XA0;4&#XA0;&#XA0;Managing an <TT>ejabberd</TT> Server</A>
<UL CLASS="toc"><LI CLASS="li-toc">
<A HREF="#htoc61">4.1&#XA0;&#XA0;<TT>ejabberdctl</TT></A>
<UL CLASS="toc"><LI CLASS="li-toc">
<A HREF="#htoc62">4.1.1&#XA0;&#XA0;Commands</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc63">4.1.2&#XA0;&#XA0;Erlang runtime system</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc63">4.1.2&#XA0;&#XA0;Erlang Runtime System</A>
</LI></UL>
</LI><LI CLASS="li-toc"><A HREF="#htoc64">4.2&#XA0;&#XA0;Web Admin</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc65">4.3&#XA0;&#XA0;Ad-hoc Commands</A>
@ -177,8 +177,8 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}
<A HREF="#htoc68">5.1&#XA0;&#XA0;Firewall Settings</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc69">5.2&#XA0;&#XA0;epmd</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc70">5.3&#XA0;&#XA0;Erlang Cookie</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc71">5.4&#XA0;&#XA0;Erlang node name</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc72">5.5&#XA0;&#XA0;Securing sensible files</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc71">5.4&#XA0;&#XA0;Erlang Node Name</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc72">5.5&#XA0;&#XA0;Securing Sensible Files</A>
</LI></UL>
</LI><LI CLASS="li-toc"><A HREF="#htoc73">Chapter&#XA0;6&#XA0;&#XA0;Clustering</A>
<UL CLASS="toc"><LI CLASS="li-toc">
@ -199,9 +199,9 @@ BLOCKQUOTE.figure DIV.center DIV.center HR{display:none;}
</LI></UL>
</LI><LI CLASS="li-toc"><A HREF="#htoc84">Chapter&#XA0;7&#XA0;&#XA0;Debugging</A>
<UL CLASS="toc"><LI CLASS="li-toc">
<A HREF="#htoc85">7.1&#XA0;&#XA0;Watchdog Alerts</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc86">7.2&#XA0;&#XA0;Log Files</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc87">7.3&#XA0;&#XA0;Debug Console</A>
<A HREF="#htoc85">7.1&#XA0;&#XA0;Log Files</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc86">7.2&#XA0;&#XA0;Debug Console</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc87">7.3&#XA0;&#XA0;Watchdog Alerts</A>
</LI></UL>
</LI><LI CLASS="li-toc"><A HREF="#htoc88">Appendix&#XA0;A&#XA0;&#XA0;Internationalization and Localization</A>
</LI><LI CLASS="li-toc"><A HREF="#htoc89">Appendix&#XA0;B&#XA0;&#XA0;Release Notes</A>
@ -304,8 +304,8 @@ or with the command <TT>bin/ejabberdctl live</TT> in other Operating Systems.
This way you see the error message provided by Erlang
and can identify what is exactly the problem.</P><P>The <TT>ejabberdctl</TT> administration script is included in the <TT>bin</TT> directory.
Please refer to the section&#XA0;<A HREF="#ejabberdctl">4.1</A> for details about <TT>ejabberdctl</TT>,
and configurable options to fine tune the Erlang runtime system.</P><P> <A NAME="install.os"></A> </P><!--TOC section Installing <TT>ejabberd</TT> with Operating System specific packages-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc6">2.2</A>&#XA0;&#XA0;<A HREF="#install.os">Installing <TT>ejabberd</TT> with Operating System specific packages</A></H2><!--SEC END --><P> <A NAME="install.os"></A> </P><P>Some Operating Systems provide a specific <TT>ejabberd</TT> package adapted to
and configurable options to fine tune the Erlang runtime system.</P><P> <A NAME="install.os"></A> </P><!--TOC section Installing <TT>ejabberd</TT> with Operating System Specific Packages-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc6">2.2</A>&#XA0;&#XA0;<A HREF="#install.os">Installing <TT>ejabberd</TT> with Operating System Specific Packages</A></H2><!--SEC END --><P> <A NAME="install.os"></A> </P><P>Some Operating Systems provide a specific <TT>ejabberd</TT> package adapted to
the system architecture and libraries.
It usually also checks dependencies
and performs basic configuration tasks like creating the initial
@ -330,10 +330,13 @@ as long as your system have all the dependencies.</P><P> <A NAME="installreq"></
GNU Make
</LI><LI CLASS="li-itemize">GCC
</LI><LI CLASS="li-itemize">Libexpat 1.95 or higher
</LI><LI CLASS="li-itemize">Erlang/OTP R10B-9 or newer.
</LI><LI CLASS="li-itemize">Erlang/OTP R10B-9 or higher.
</LI><LI CLASS="li-itemize">OpenSSL 0.9.6 or higher, for STARTTLS, SASL and SSL encryption. Optional, highly recommended.
</LI><LI CLASS="li-itemize">Zlib 1.2.3 or higher, for Stream Compression support (<A HREF="http://www.xmpp.org/extensions/xep-0138.html">XEP-0138</A>). Optional.
</LI><LI CLASS="li-itemize">GNU Iconv 1.8 or higher, for the IRC Transport (mod_irc). Optional. Not needed on systems with GNU Libc.
</LI><LI CLASS="li-itemize">Erlang mysql library. Optional. For MySQL authentication or storage. See section <A HREF="#compilemysql">3.2.1</A>.
</LI><LI CLASS="li-itemize">Erlang pgsql library. Optional. For PostgreSQL authentication or storage. See section <A HREF="#compilepgsql">3.2.3</A>.
</LI><LI CLASS="li-itemize">PAM library. Optional. For Pluggable Authentication Modules (PAM). See section <A HREF="#pam">3.1.4</A>.
</LI><LI CLASS="li-itemize">GNU Iconv 1.8 or higher, for the IRC Transport (mod_irc). Optional. Not needed on systems with GNU Libc. See section <A HREF="#modirc">3.3.6</A>.
</LI></UL><P> <A NAME="download"></A> </P><!--TOC subsection Download Source Code-->
<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc10">2.4.2</A>&#XA0;&#XA0;<A HREF="#download">Download Source Code</A></H3><!--SEC END --><P> <A NAME="download"></A>
</P><P>Released versions of <TT>ejabberd</TT> are available in the ProcessOne <TT>ejabberd</TT> downloads page:
@ -400,7 +403,7 @@ to install <TT>ejabberd</TT>.</P><P>The files and directories created are, by de
<B><TT>.erlang.cookie</TT></B></DT><DD CLASS="dd-description"> Erlang cookie file (see section <A HREF="#cookie">5.3</A>)
</DD><DT CLASS="dt-description"><B><TT>acl.DCD, ...</TT></B></DT><DD CLASS="dd-description"> Mnesia database spool files (*.DCD, *.DCL, *.DAT)
</DD></DL>
</DD><DT CLASS="dt-description"><B><TT>/var/log/ejabberd/</TT></B></DT><DD CLASS="dd-description"> Log directory (see section&#XA0;<A HREF="#logfiles">7.2</A>):
</DD><DT CLASS="dt-description"><B><TT>/var/log/ejabberd/</TT></B></DT><DD CLASS="dd-description"> Log directory (see section&#XA0;<A HREF="#logfiles">7.1</A>):
<DL CLASS="description"><DT CLASS="dt-description">
<B><TT>ejabberd.log</TT></B></DT><DD CLASS="dd-description"> ejabberd service log
</DD><DT CLASS="dt-description"><B><TT>sasl.log</TT></B></DT><DD CLASS="dd-description"> Erlang/OTP system log
@ -1254,7 +1257,7 @@ For that purpose, the options described in the next sections
must be set inside a <TT>host_cofig</TT> for each vhost (see section <A HREF="#virtualhost">3.1.2</A>).
For example:
</P><PRE CLASS="verbatim">{host_config, "public.example.org", [
{odbc_server, {pgsql, "localhost", "database", "ejabberd", "password"}},
{odbc_server, {pgsql, "localhost", "database-public-example-org", "ejabberd", "password"}},
{auth_method, [odbc]}
]}.
</PRE><P> <A NAME="mysql"></A> </P><!--TOC subsection MySQL-->
@ -2106,16 +2109,16 @@ to new hardware. This will involve service breakdowns around 23:00 UMT.
We apologise for this inconvenience.&#X2019; to <TT>conference.example.org</TT>,
it will be displayed in all active rooms. In this example the history
feature is disabled.
<PRE CLASS="verbatim">{acl, admins, {user, "admin", "example.org"}}.
<PRE CLASS="verbatim">{acl, admin, {user, "admin", "example.org"}}.
{access, muc_admins, [{allow, admins}]}.
{access, muc_admin, [{allow, admin}]}.
{modules,
[
...
{mod_muc, [{access, all},
{access_create, all},
{access_admin, muc_admins},
{access_admin, muc_admin},
{history_size, 0}]},
...
]}.
@ -2132,20 +2135,20 @@ and the default value of 20 history messages will be send to the users.
<PRE CLASS="verbatim">{acl, paying_customers, {user, "customer1", "example.net"}}.
{acl, paying_customers, {user, "customer2", "example.com"}}.
{acl, paying_customers, {user, "customer3", "example.org"}}.
{acl, admins, {user, "admin", "example.org"}}.
{acl, admin, {user, "admin", "example.org"}}.
{access, muc_admins, [{allow, admins},
{access, muc_admin, [{allow, admin},
{deny, all}]}.
{access, muc_access, [{allow, paying_customers},
{allow, admins},
{allow, admin},
{deny, all}]}.
{modules,
[
...
{mod_muc, [{access, muc_access},
{access_create, muc_admins},
{access_admin, muc_admins}]},
{access_create, muc_admin},
{access_admin, muc_admin}]},
...
]}.
</PRE></LI><LI CLASS="li-itemize">In the following example, MUC anti abuse options are used. An
@ -2164,7 +2167,7 @@ the newly created rooms have by default those options.
[
...
{mod_muc, [{access, muc_access},
{access_create, muc_admins},
{access_create, muc_admin},
{default_room_options,
[
{allow_change_subj, false},
@ -2174,7 +2177,7 @@ the newly created rooms have by default those options.
{title, "New chatroom"},
{anonymous, false}
]},
{access_admin, muc_admins}]},
{access_admin, muc_admin}]},
...
]}.
</PRE></LI></UL><P> <A NAME="modmuclog"></A> </P><!--TOC subsection <TT>mod_muc_log</TT>-->
@ -2897,8 +2900,8 @@ answers <TT>ejabberd</TT>&#X2019;s version when queried.</P><P>Options:
The default value is <TT>true</TT>.
</DD><DT CLASS="dt-description"><B><TT>iqdisc</TT></B></DT><DD CLASS="dd-description"> This specifies
the processing discipline for Software Version (<TT>jabber:iq:version</TT>) IQ queries (see section&#XA0;<A HREF="#modiqdiscoption">3.3.2</A>).
</DD></DL><P> <A NAME="manage"></A> </P><!--TOC chapter Managing an <TT>ejabberd</TT> server-->
<H1 CLASS="chapter"><!--SEC ANCHOR --><A NAME="htoc60">Chapter&#XA0;4</A>&#XA0;&#XA0;<A HREF="#manage">Managing an <TT>ejabberd</TT> server</A></H1><!--SEC END --><P> <A NAME="manage"></A> </P><P> <A NAME="ejabberdctl"></A> </P><!--TOC section <TT>ejabberdctl</TT>-->
</DD></DL><P> <A NAME="manage"></A> </P><!--TOC chapter Managing an <TT>ejabberd</TT> Server-->
<H1 CLASS="chapter"><!--SEC ANCHOR --><A NAME="htoc60">Chapter&#XA0;4</A>&#XA0;&#XA0;<A HREF="#manage">Managing an <TT>ejabberd</TT> Server</A></H1><!--SEC END --><P> <A NAME="manage"></A> </P><P> <A NAME="ejabberdctl"></A> </P><!--TOC section <TT>ejabberdctl</TT>-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc61">4.1</A>&#XA0;&#XA0;<A HREF="#ejabberdctl"><TT>ejabberdctl</TT></A></H2><!--SEC END --><P> <A NAME="ejabberdctl"></A> </P><P> <A NAME="commands"></A> </P><!--TOC subsection Commands-->
<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc62">4.1.1</A>&#XA0;&#XA0;<A HREF="#commands">Commands</A></H3><!--SEC END --><P> <A NAME="commands"></A> </P><P>The <TT>ejabberdctl</TT> command line administration script allows to start, stop and perform
many other administrative tasks in a local or remote <TT>ejabberd</TT> server.</P><P>When <TT>ejabberdctl</TT> is executed without any parameter,
@ -2915,8 +2918,9 @@ The more interesting ones are:
<B><TT>help</TT></B></DT><DD CLASS="dd-description"> Get help about ejabberdctl or any available command. Try <TT>ejabberdctl help help</TT>.
</DD><DT CLASS="dt-description"><B><TT>status</TT></B></DT><DD CLASS="dd-description"> Check the status of the <TT>ejabberd</TT> server.
</DD><DT CLASS="dt-description"><B><TT>stop</TT></B></DT><DD CLASS="dd-description"> Stop the <TT>ejabberd</TT> server which is running in the machine.
</DD><DT CLASS="dt-description"><B><TT>reopen-log</TT></B></DT><DD CLASS="dd-description"> If you use a tool to rotate logs, you have to configure it
so that this command is executed after each rotation.
</DD><DT CLASS="dt-description"><B><TT>reopen-log</TT></B></DT><DD CLASS="dd-description"> Reopen the log files after they were renamed.
If the old files were not renamed before calling this command,
they are automatically renamed to <TT>"*-old.log"</TT>. See section <A HREF="#logfiles">7.1</A>.
</DD><DT CLASS="dt-description"><B><TT>backup, restore, install-fallback, dump, load</TT></B></DT><DD CLASS="dd-description"> You can use these
commands to create and restore backups.
</DD><DT CLASS="dt-description"><B><TT>import-file, import-dir</TT></B></DT><DD CLASS="dd-description">
@ -2933,8 +2937,8 @@ error is represented by <TT>1</TT>,
and other codes may be used for specifical results.
This can be used by other scripts to determine automatically
if a command succedded or failed,
for example using: <TT>echo $?</TT></P><P> <A NAME="erlangconfiguration"></A> </P><!--TOC subsection Erlang runtime system-->
<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc63">4.1.2</A>&#XA0;&#XA0;<A HREF="#erlangconfiguration">Erlang runtime system</A></H3><!--SEC END --><P> <A NAME="erlangconfiguration"></A> </P><P><TT>ejabberd</TT> is an Erlang/OTP application that runs inside an Erlang runtime system.
for example using: <TT>echo $?</TT></P><P> <A NAME="erlangconfiguration"></A> </P><!--TOC subsection Erlang Runtime System-->
<H3 CLASS="subsection"><!--SEC ANCHOR --><A NAME="htoc63">4.1.2</A>&#XA0;&#XA0;<A HREF="#erlangconfiguration">Erlang Runtime System</A></H3><!--SEC END --><P> <A NAME="erlangconfiguration"></A> </P><P><TT>ejabberd</TT> is an Erlang/OTP application that runs inside an Erlang runtime system.
This system is configured using environment variables and command line parameters.
The <TT>ejabberdctl</TT> administration script uses many of those possibilities.
You can configure some of them with the file <TT>ejabberdctl.cfg</TT>,
@ -3133,8 +3137,8 @@ However, the cookie system is not ultimately effective
to prevent unauthorized access or intrusion to an Erlang node.
The communication between Erlang nodes are not encrypted,
so the cookie could be read sniffing the traffic on the network.
The recommended way to secure the Erlang node is to block the port 4369.</P><P> <A NAME="nodename"></A> </P><!--TOC section Erlang node name-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc71">5.4</A>&#XA0;&#XA0;<A HREF="#nodename">Erlang node name</A></H2><!--SEC END --><P> <A NAME="nodename"></A> </P><P>An Erlang node may have a node name.
The recommended way to secure the Erlang node is to block the port 4369.</P><P> <A NAME="nodename"></A> </P><!--TOC section Erlang Node Name-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc71">5.4</A>&#XA0;&#XA0;<A HREF="#nodename">Erlang Node Name</A></H2><!--SEC END --><P> <A NAME="nodename"></A> </P><P>An Erlang node may have a node name.
The name can be short (if indicated with the command-line parameter <TT>-sname</TT>)
or long (if indicated with the parameter <TT>-name</TT>).
Starting an Erlang node with -sname limits the communication between Erlang nodes to the LAN.</P><P>Using the option <TT>-sname</TT> instead of <TT>-name</TT> is a simple method
@ -3142,8 +3146,8 @@ to difficult unauthorized access to your Erlang node.
However, it is not ultimately effective to prevent access to the Erlang node,
because it may be possible to fake the fact that you are on another network
using a modified version of Erlang <TT>epmd</TT>.
The recommended way to secure the Erlang node is to block the port 4369.</P><P> <A NAME="secure-files"></A> </P><!--TOC section Securing sensible files-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc72">5.5</A>&#XA0;&#XA0;<A HREF="#secure-files">Securing sensible files</A></H2><!--SEC END --><P> <A NAME="secure-files"></A> </P><P><TT>ejabberd</TT> stores sensible data in the file system either in plain text or binary files.
The recommended way to secure the Erlang node is to block the port 4369.</P><P> <A NAME="secure-files"></A> </P><!--TOC section Securing Sensible Files-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc72">5.5</A>&#XA0;&#XA0;<A HREF="#secure-files">Securing Sensible Files</A></H2><!--SEC END --><P> <A NAME="secure-files"></A> </P><P><TT>ejabberd</TT> stores sensible data in the file system either in plain text or binary files.
The file system permissions should be set to only allow the proper user to read,
write and execute those files and directories.</P><DL CLASS="description"><DT CLASS="dt-description">
<B><TT>ejabberd configuration file: /etc/ejabberd/ejabberd.cfg</TT></B></DT><DD CLASS="dd-description">
@ -3256,20 +3260,8 @@ domain.</P><P> <A NAME="servicelb"></A> </P><!--TOC section Service Load-Balanci
</P><PRE CLASS="verbatim">{domain_balancing_component_number, "component.example.com", N}
</PRE><P> <A NAME="debugging"></A> </P><!--TOC chapter Debugging-->
<H1 CLASS="chapter"><!--SEC ANCHOR --><A NAME="htoc84">Chapter&#XA0;7</A>&#XA0;&#XA0;<A HREF="#debugging">Debugging</A></H1><!--SEC END --><P> <A NAME="debugging"></A>
</P><P> <A NAME="watchdog"></A> </P><!--TOC section Watchdog Alerts-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc85">7.1</A>&#XA0;&#XA0;<A HREF="#watchdog">Watchdog Alerts</A></H2><!--SEC END --><P> <A NAME="watchdog"></A>
</P><P><TT>ejabberd</TT> includes a watchdog mechanism.
If a process in the <TT>ejabberd</TT> server consumes too much memory,
a message is sent to the Jabber accounts defined with the option
<TT>watchdog_admins</TT>
in the <TT>ejabberd</TT> configuration file.
Example configuration:
</P><PRE CLASS="verbatim">{watchdog_admins, ["admin2@localhost", "admin2@example.org"]}.
</PRE><P>To remove watchdog admins, remove them in the option.
To remove all watchdog admins, set the option with an empty list:
</P><PRE CLASS="verbatim">{watchdog_admins, []}.
</PRE><P> <A NAME="logfiles"></A> </P><!--TOC section Log Files-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc86">7.2</A>&#XA0;&#XA0;<A HREF="#logfiles">Log Files</A></H2><!--SEC END --><P> <A NAME="logfiles"></A> </P><P>An <TT>ejabberd</TT> node writes two log files:
</P><P> <A NAME="logfiles"></A> </P><!--TOC section Log Files-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc85">7.1</A>&#XA0;&#XA0;<A HREF="#logfiles">Log Files</A></H2><!--SEC END --><P> <A NAME="logfiles"></A> </P><P>An <TT>ejabberd</TT> node writes two log files:
</P><DL CLASS="description"><DT CLASS="dt-description">
<B><TT>ejabberd.log</TT></B></DT><DD CLASS="dd-description"> is the ejabberd service log, with the messages reported by <TT>ejabberd</TT> code
</DD><DT CLASS="dt-description"><B><TT>sasl.log</TT></B></DT><DD CLASS="dd-description"> is the Erlang/OTP system log, with the messages reported by Erlang/OTP using SASL (System Architecture Support Libraries)
@ -3285,12 +3277,32 @@ The possible levels are:
</DD></DL><P>
For example, the default configuration is:
</P><PRE CLASS="verbatim">{loglevel, 4}.
</PRE><P> <A NAME="debugconsole"></A> </P><!--TOC section Debug Console-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc87">7.3</A>&#XA0;&#XA0;<A HREF="#debugconsole">Debug Console</A></H2><!--SEC END --><P> <A NAME="debugconsole"></A> </P><P>The Debug Console is an Erlang shell attached to an already running <TT>ejabberd</TT> server.
</PRE><P>The log files grow continually, so it is recommended to rotate them periodically.
To rotate the log files, rename the files and then reopen them.
The ejabberd command <TT>reopen-log</TT>
(please refer to section <A HREF="#commands">4.1.1</A>)
reopens the log files,
and also renames the old ones if you didn&#X2019;t rename them.</P><P> <A NAME="debugconsole"></A> </P><!--TOC section Debug Console-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc86">7.2</A>&#XA0;&#XA0;<A HREF="#debugconsole">Debug Console</A></H2><!--SEC END --><P> <A NAME="debugconsole"></A> </P><P>The Debug Console is an Erlang shell attached to an already running <TT>ejabberd</TT> server.
With this Erlang shell, an experienced administrator can perform complex tasks.</P><P>This shell gives complete control over the <TT>ejabberd</TT> server,
so it is important to use it with extremely care.
There are some simple and safe examples in the article
<A HREF="http://www.ejabberd.im/interconnect-erl-nodes">Interconnecting Erlang Nodes</A></P><P>To exit the shell, close the window or press the keys: control+c control+c.</P><P> <A NAME="i18ni10n"></A> </P><!--TOC chapter Internationalization and Localization-->
<A HREF="http://www.ejabberd.im/interconnect-erl-nodes">Interconnecting Erlang Nodes</A></P><P>To exit the shell, close the window or press the keys: control+c control+c.</P><P> <A NAME="watchdog"></A> </P><!--TOC section Watchdog Alerts-->
<H2 CLASS="section"><!--SEC ANCHOR --><A NAME="htoc87">7.3</A>&#XA0;&#XA0;<A HREF="#watchdog">Watchdog Alerts</A></H2><!--SEC END --><P> <A NAME="watchdog"></A>
</P><P><TT>ejabberd</TT> includes a watchdog mechanism that may be useful to developers
when troubleshooting a problem related to memory usage.
If a process in the <TT>ejabberd</TT> server consumes a lot of memory,
a message is sent to the Jabber accounts defined with the option
<TT>watchdog_admins</TT>
in the <TT>ejabberd</TT> configuration file.
Note that the threshold to define what is too much memory usage
is only configurable editing the source code.
Example configuration:
</P><PRE CLASS="verbatim">{watchdog_admins, ["admin2@localhost", "admin2@example.org"]}.
</PRE><P>To remove watchdog admins, remove them in the option.
To remove all watchdog admins, set the option with an empty list:
</P><PRE CLASS="verbatim">{watchdog_admins, []}.
</PRE><P> <A NAME="i18ni10n"></A> </P><!--TOC chapter Internationalization and Localization-->
<H1 CLASS="chapter"><!--SEC ANCHOR --><A NAME="htoc88">Appendix&#XA0;A</A>&#XA0;&#XA0;<A HREF="#i18ni10n">Internationalization and Localization</A></H1><!--SEC END --><P> <A NAME="i18ni10n"></A>
</P><P>The source code of <TT>ejabberd</TT> supports localization.
The translators can edit the

View File

@ -261,7 +261,7 @@ The \term{ejabberdctl} administration script is included in the \term{bin} direc
Please refer to the section~\ref{ejabberdctl} for details about \term{ejabberdctl},
and configurable options to fine tune the Erlang runtime system.
\makesection{install.os}{Installing \ejabberd{} with Operating System specific packages}
\makesection{install.os}{Installing \ejabberd{} with Operating System Specific Packages}
Some Operating Systems provide a specific \ejabberd{} package adapted to
the system architecture and libraries.
@ -301,10 +301,13 @@ To compile \ejabberd{} on a `Unix-like' operating system, you need:
\item GNU Make
\item GCC
\item Libexpat 1.95 or higher
\item Erlang/OTP R10B-9 or newer.
\item Erlang/OTP R10B-9 or higher.
\item OpenSSL 0.9.6 or higher, for STARTTLS, SASL and SSL encryption. Optional, highly recommended.
\item Zlib 1.2.3 or higher, for Stream Compression support (\xepref{0138}). Optional.
\item GNU Iconv 1.8 or higher, for the IRC Transport (mod\_irc). Optional. Not needed on systems with GNU Libc.
\item Erlang mysql library. Optional. For MySQL authentication or storage. See section \ref{compilemysql}.
\item Erlang pgsql library. Optional. For PostgreSQL authentication or storage. See section \ref{compilepgsql}.
\item PAM library. Optional. For Pluggable Authentication Modules (PAM). See section \ref{pam}.
\item GNU Iconv 1.8 or higher, for the IRC Transport (mod\_irc). Optional. Not needed on systems with GNU Libc. See section \ref{modirc}.
\end{itemize}
\makesubsection{download}{Download Source Code}
@ -2756,16 +2759,16 @@ Examples:
it will be displayed in all active rooms. In this example the history
feature is disabled.
\begin{verbatim}
{acl, admins, {user, "admin", "example.org"}}.
{acl, admin, {user, "admin", "example.org"}}.
{access, muc_admins, [{allow, admins}]}.
{access, muc_admin, [{allow, admin}]}.
{modules,
[
...
{mod_muc, [{access, all},
{access_create, all},
{access_admin, muc_admins},
{access_admin, muc_admin},
{history_size, 0}]},
...
]}.
@ -2784,20 +2787,20 @@ Examples:
{acl, paying_customers, {user, "customer1", "example.net"}}.
{acl, paying_customers, {user, "customer2", "example.com"}}.
{acl, paying_customers, {user, "customer3", "example.org"}}.
{acl, admins, {user, "admin", "example.org"}}.
{acl, admin, {user, "admin", "example.org"}}.
{access, muc_admins, [{allow, admins},
{access, muc_admin, [{allow, admin},
{deny, all}]}.
{access, muc_access, [{allow, paying_customers},
{allow, admins},
{allow, admin},
{deny, all}]}.
{modules,
[
...
{mod_muc, [{access, muc_access},
{access_create, muc_admins},
{access_admin, muc_admins}]},
{access_create, muc_admin},
{access_admin, muc_admin}]},
...
]}.
\end{verbatim}
@ -2824,7 +2827,7 @@ defined, but some user restriction could be added as well:
[
...
{mod_muc, [{access, muc_access},
{access_create, muc_admins},
{access_create, muc_admin},
{default_room_options,
[
{allow_change_subj, false},
@ -2834,7 +2837,7 @@ defined, but some user restriction could be added as well:
{title, "New chatroom"},
{anonymous, false}
]},
{access_admin, muc_admins}]},
{access_admin, muc_admin}]},
...
]}.
\end{verbatim}
@ -3727,7 +3730,7 @@ Options:
\iqdiscitem{Software Version (\ns{jabber:iq:version})}
\end{description}
\makechapter{manage}{Managing an \ejabberd{} server}
\makechapter{manage}{Managing an \ejabberd{} Server}
\makesection{ejabberdctl}{\term{ejabberdctl}}
@ -3753,8 +3756,9 @@ The more interesting ones are:
\titem{help} Get help about ejabberdctl or any available command. Try \term{ejabberdctl help help}.
\titem{status} Check the status of the \ejabberd{} server.
\titem{stop} Stop the \ejabberd{} server which is running in the machine.
\titem{reopen-log} If you use a tool to rotate logs, you have to configure it
so that this command is executed after each rotation.
\titem{reopen-log} Reopen the log files after they were renamed.
If the old files were not renamed before calling this command,
they are automatically renamed to \term{"*-old.log"}. See section \ref{logfiles}.
\titem {backup, restore, install-fallback, dump, load} You can use these
commands to create and restore backups.
%%More information about backuping can
@ -3782,7 +3786,7 @@ if a command succedded or failed,
for example using: \term{echo \$?}
\makesubsection{erlangconfiguration}{Erlang runtime system}
\makesubsection{erlangconfiguration}{Erlang Runtime System}
\ejabberd{} is an Erlang/OTP application that runs inside an Erlang runtime system.
This system is configured using environment variables and command line parameters.
@ -4041,7 +4045,7 @@ so the cookie could be read sniffing the traffic on the network.
The recommended way to secure the Erlang node is to block the port 4369.
\makesection{nodename}{Erlang node name}
\makesection{nodename}{Erlang Node Name}
An Erlang node may have a node name.
The name can be short (if indicated with the command-line parameter \term{-sname})
@ -4056,7 +4060,7 @@ using a modified version of Erlang \term{epmd}.
The recommended way to secure the Erlang node is to block the port 4369.
\makesection{secure-files}{Securing sensible files}
\makesection{secure-files}{Securing Sensible Files}
\ejabberd{} stores sensible data in the file system either in plain text or binary files.
The file system permissions should be set to only allow the proper user to read,
@ -4276,26 +4280,6 @@ The syntax is the following:
\makechapter{debugging}{Debugging}
\ind{debugging}
\makesection{watchdog}{Watchdog Alerts}
\ind{debugging!watchdog}
\ejabberd{} includes a watchdog mechanism.
If a process in the \ejabberd{} server consumes too much memory,
a message is sent to the Jabber accounts defined with the option
\term{watchdog\_admins}
\ind{options!watchdog\_admins} in the \ejabberd{} configuration file.
Example configuration:
\begin{verbatim}
{watchdog_admins, ["admin2@localhost", "admin2@example.org"]}.
\end{verbatim}
To remove watchdog admins, remove them in the option.
To remove all watchdog admins, set the option with an empty list:
\begin{verbatim}
{watchdog_admins, []}.
\end{verbatim}
\makesection{logfiles}{Log Files}
An \ejabberd{} node writes two log files:
@ -4319,6 +4303,13 @@ For example, the default configuration is:
{loglevel, 4}.
\end{verbatim}
The log files grow continually, so it is recommended to rotate them periodically.
To rotate the log files, rename the files and then reopen them.
The ejabberd command \term{reopen-log}
(please refer to section \ref{commands})
reopens the log files,
and also renames the old ones if you didn't rename them.
\makesection{debugconsole}{Debug Console}
@ -4333,6 +4324,29 @@ There are some simple and safe examples in the article
To exit the shell, close the window or press the keys: control+c control+c.
\makesection{watchdog}{Watchdog Alerts}
\ind{debugging!watchdog}
\ejabberd{} includes a watchdog mechanism that may be useful to developers
when troubleshooting a problem related to memory usage.
If a process in the \ejabberd{} server consumes a lot of memory,
a message is sent to the Jabber accounts defined with the option
\term{watchdog\_admins}
\ind{options!watchdog\_admins} in the \ejabberd{} configuration file.
Note that the threshold to define what is too much memory usage
is only configurable editing the source code.
Example configuration:
\begin{verbatim}
{watchdog_admins, ["admin2@localhost", "admin2@example.org"]}.
\end{verbatim}
To remove watchdog admins, remove them in the option.
To remove all watchdog admins, set the option with an empty list:
\begin{verbatim}
{watchdog_admins, []}.
\end{verbatim}
\appendix{}
\makechapter{i18ni10n}{Internationalization and Localization}

View File

@ -72,8 +72,9 @@
{loglevel, 4}.
%%
%% watchdog_admins: If an ejabberd process consumes too much memory,
%% send live notifications to those Jabber accounts.
%% watchdog_admins: Only useful for developers: if an ejabberd process
%% consumes a lot of memory, send live notifications to these Jabber
%% accounts.
%%
%%{watchdog_admins, ["bob@example.com"]}.

View File

@ -158,8 +158,25 @@ reopen_log() ->
ejabberd_hooks:run(reopen_log_hook, []),
%% TODO: Use the Reopen log API for logger_h ?
ejabberd_logger_h:reopen_log(),
case application:get_env(sasl,sasl_error_logger) of
{ok, {file, SASLfile}} ->
error_logger:delete_report_handler(sasl_report_file_h),
ejabberd_logger_h:rotate_log(SASLfile),
error_logger:add_report_handler(sasl_report_file_h,
{SASLfile, get_sasl_error_logger_type()});
_ -> false
end,
ok.
%% Function copied from Erlang/OTP lib/sasl/src/sasl.erl which doesn't export it
get_sasl_error_logger_type () ->
case application:get_env (sasl, errlog_type) of
{ok, error} -> error;
{ok, progress} -> progress;
{ok, all} -> all;
{ok, Bad} -> exit ({bad_config, {sasl, {errlog_type, Bad}}});
_ -> all
end.
%%%
%%% Account management

View File

@ -31,7 +31,7 @@
%% gen_event callbacks
-export([init/1, handle_event/2, handle_call/2, handle_info/2, terminate/2,
code_change/3, reopen_log/0]).
code_change/3, reopen_log/0, rotate_log/1]).
-record(state, {fd, file}).
@ -206,10 +206,11 @@ write_time({{Y,Mo,D},{H,Mi,S}}, Type) ->
io_lib:format("~n=~s==== ~w-~.2.0w-~.2.0w ~.2.0w:~.2.0w:~.2.0w ===~n",
[Type, Y, Mo, D, H, Mi, S]).
%% Rename the log file if it the filename exists
%% @doc Rename the log file if exists, to "*-old.log".
%% This is needed in systems when the file must be closed before rotation (Windows).
%% On most Unix-like system, the file can be renamed from the command line and
%%the log can directly be reopened.
%% the log can directly be reopened.
%% @spec (Filename::string()) -> ok
rotate_log(Filename) ->
case file:read_file_info(Filename) of
{ok, _FileInfo} ->

View File

@ -242,60 +242,66 @@ update_database(Host) ->
[host_node, host_parent, info] ->
?INFO_MSG("upgrade pubsub tables",[]),
F = fun() ->
NewRecords =
lists:foldl(
fun({pubsub_node, NodeId, ParentId, {nodeinfo, Items, Options, Entities}}, RecList) ->
ItemsList =
lists:foldl(
fun({item, IID, Publisher, Payload}, Acc) ->
C = {Publisher, unknown},
M = {Publisher, now()},
mnesia:write(
#pubsub_item{itemid = {IID, NodeId},
creation = C,
modification = M,
payload = Payload}),
[{Publisher, IID} | Acc]
end, [], Items),
Owners =
dict:fold(
fun(JID, {entity, Aff, Sub}, Acc) ->
UsrItems =
lists:foldl(
fun({P, I}, IAcc) ->
case P of
JID -> [I | IAcc];
_ -> IAcc
end
end, [], ItemsList),
mnesia:write(
#pubsub_state{stateid = {JID, NodeId},
items = UsrItems,
affiliation = Aff,
subscription = Sub}),
case Aff of
owner -> [JID | Acc];
_ -> Acc
end
end, [], Entities),
mnesia:delete({pubsub_node, NodeId}),
[#pubsub_node{nodeid = NodeId,
parentid = ParentId,
owners = Owners,
options = Options} |
RecList]
end, [],
mnesia:match_object(
{pubsub_node, {Host, '_'}, '_', '_'})),
mnesia:delete_table(pubsub_node),
mnesia:create_table(pubsub_node,
[{disc_copies, [node()]},
{attributes, record_info(fields, pubsub_node)}]),
lists:foreach(fun(Record) ->
mnesia:write(Record)
end, NewRecords)
lists:foldl(
fun({pubsub_node, NodeId, ParentId, {nodeinfo, Items, Options, Entities}}, RecList) ->
ItemsList =
lists:foldl(
fun({item, IID, Publisher, Payload}, Acc) ->
C = {Publisher, unknown},
M = {Publisher, now()},
mnesia:write(
#pubsub_item{itemid = {IID, NodeId},
creation = C,
modification = M,
payload = Payload}),
[{Publisher, IID} | Acc]
end, [], Items),
Owners =
dict:fold(
fun(JID, {entity, Aff, Sub}, Acc) ->
UsrItems =
lists:foldl(
fun({P, I}, IAcc) ->
case P of
JID -> [I | IAcc];
_ -> IAcc
end
end, [], ItemsList),
mnesia:write(
#pubsub_state{stateid = {JID, NodeId},
items = UsrItems,
affiliation = Aff,
subscription = Sub}),
case Aff of
owner -> [JID | Acc];
_ -> Acc
end
end, [], Entities),
mnesia:delete({pubsub_node, NodeId}),
[#pubsub_node{nodeid = NodeId,
parentid = ParentId,
owners = Owners,
options = Options} |
RecList]
end, [],
mnesia:match_object(
{pubsub_node, {Host, '_'}, '_', '_'}))
end,
mnesia:transaction(F);
{atomic, NewRecords} = mnesia:transaction(F),
{atomic, ok} = mnesia:delete_table(pubsub_node),
{atomic, ok} = mnesia:create_table(pubsub_node,
[{disc_copies, [node()]},
{attributes, record_info(fields, pubsub_node)}]),
FNew = fun() -> lists:foreach(fun(Record) ->
mnesia:write(Record)
end, NewRecords)
end,
case mnesia:transaction(FNew) of
{atomic, Result} ->
?INFO_MSG("Pubsub tables updated correctly: ~p", [Result]);
{aborted, Reason} ->
?ERROR_MSG("Problem updating Pubsub tables:~n~p", [Reason])
end;
_ ->
ok
end.