Package: calendarserver
Version: 9.1+dfsg-1
Severity: important
Dear Maintainer,
after update to the latest version (9.2+dfsg-1), I repeatedly get the following
error stack:
2019-01-18T13:37:43+0100 [caldav-0] [twext.who.nss#info] Loading and indexing
NSS records
2019-01-18T13:37:43+0100 [caldav-1] [txweb2.server#info] OPTIONS
/calendars/__uids__/F90C8AD5-6EC5-5153-A94B-9992EAAB8DE5/ HTTP/1.1
2019-01-18T13:37:43+0100 [caldav-1] [txweb2.server#critical] Exception
rendering request: <OPTIONS
/calendars/__uids__/F90C8AD5-6EC5-5153-A94B-9992EAAB8DE5/ (1, 1)>
2019-01-18T13:37:43+0100 [caldav-1] Traceback (most recent call last):
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/augment.py", line 219, in
recordWithShortName
2019-01-18T13:37:43+0100 [caldav-1] recordType, shortName,
timeoutSeconds=timeoutSeconds
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twext/who/aggregate.py", line 165, in
recordWithShortName
2019-01-18T13:37:43+0100 [caldav-1] recordType, shortName,
timeoutSeconds=timeoutSeconds
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1613, in
unwindGenerator
2019-01-18T13:37:43+0100 [caldav-1] return _cancellableInlineCallbacks(gen)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1529, in
_cancellableInlineCallbacks
2019-01-18T13:37:43+0100 [caldav-1] _inlineCallbacks(None, g, status)
2019-01-18T13:37:43+0100 [caldav-1] --- <exception caught here> ---
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/calendarserver/provision/root.py", line 367,
in locateChild
2019-01-18T13:37:43+0100 [caldav-1] authnUser, authzUser = yield
self.authenticate(request)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 654, in
_runCallbacks
2019-01-18T13:37:43+0100 [caldav-1] current.result = callback(current.result,
*args, **kw)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txweb2/dav/resource.py", line 1065, in
translateUnauthenticated
2019-01-18T13:37:43+0100 [caldav-1] f.trap(UnauthorizedLogin, LoginFailed)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twisted/python/failure.py", line 441, in trap
2019-01-18T13:37:43+0100 [caldav-1] raise self
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txweb2/dav/resource.py", line 1635, in
principalsForAuthID
2019-01-18T13:37:43+0100 [caldav-1] authnPrincipal = yield
self.findPrincipalForAuthID(authid)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txweb2/dav/resource.py", line 1659, in
findPrincipalForAuthID
2019-01-18T13:37:43+0100 [caldav-1] principal = yield
collection.principalForUser(authid)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twistedcaldav/directory/principal.py", line
181, in principalForShortName
2019-01-18T13:37:43+0100 [caldav-1] record = (yield
self.directory.recordWithShortName(recordType, name))
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/augment.py", line 219, in
recordWithShortName
2019-01-18T13:37:43+0100 [caldav-1] recordType, shortName,
timeoutSeconds=timeoutSeconds
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1418, in
_inlineCallbacks
2019-01-18T13:37:43+0100 [caldav-1] result = g.send(result)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/cache.py", line 679, in
recordWithShortName
2019-01-18T13:37:43+0100 [caldav-1] "recordWithShortName"
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/cache.py", line 597, in lookupRecord
2019-01-18T13:37:43+0100 [caldav-1] record =
self._memcacher.memcacheGetRecord(memcachekey)
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/cache.py", line 211, in
memcacheGetRecord
2019-01-18T13:37:43+0100 [caldav-1] return self.unpickleRecord(pickled) if
pickled is not None else None
2019-01-18T13:37:43+0100 [caldav-1] File
"/usr/lib/python2.7/dist-packages/txdav/who/cache.py", line 158, in
unpickleRecord
2019-01-18T13:37:43+0100 [caldav-1] return record_class(self._recordService,
fields)
2019-01-18T13:37:43+0100 [caldav-1] exceptions.TypeError: __init__() takes
exactly 4 arguments (3 given)
-- System Information:
Debian Release: 9.8
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable'), (100, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/1 CPU core)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages calendarserver depends on:
ii adduser 3.115
ii lsb-base 9.20161125
ii memcached 1.5.6-1
ii python 2.7.13-2
ii python-crypto 2.6.1-9+b1
ii python-dateutil 2.7.3-3
ii python-kerberos 1.1.5-2+b2
ii python-openssl 16.2.0-1
ii python-pg8000 1.10.6-1
ii python-psutil 5.5.0-1
ii python-pycalendar 1:2.1~git20161130.0.e68e150-1
ii python-service-identity 16.0.0-2
ii python-setproctitle 1.1.10-1+b2
ii python-sqlparse 0.2.2-1
ii python-twext 1:0.1~git20161216.0.b90293c-1
ii python-twisted 18.9.0-3
ii python-twisted-core 18.9.0-3
ii python-tz 2018.9-1
ii python-xattr 0.9.6-1
ii python-zope.interface 4.3.2-1+b2
ii ssl-cert 1.0.39
Versions of packages calendarserver recommends:
ii python-pam 0.4.2-13.2
calendarserver suggests no packages.
-- Configuration Files:
/etc/caldavd/caldavd.plist changed:
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 2006-2017 Apple Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd";>
<plist version="1.0">
<dict>
<!--
Public network address information
This is the server's public network address, which is provided to
clients in URLs and the like. It may or may not be the network
address that the server is listening to directly, though it is by
default. For example, it may be the address of a load balancer or
proxy which forwards connections to the server.
-->
<!-- Network host name [empty = system host name] -->
<key>ServerHostName</key>
<string>calendarServer</string> <!-- The hostname clients use when
connecting -->
<!-- HTTP port [0 = disable HTTP] -->
<key>HTTPPort</key>
<integer>8008</integer>
<!-- SSL port [0 = disable HTTPS] -->
<!-- (Must also configure SSLCertificate and SSLPrivateKey below) -->
<key>SSLPort</key>
<integer>8443</integer>
<key>EnableSSL</key>
<true/>
<key>SSLMethod</key>
<string>TLSv1_2_METHOD</string>
<!-- Redirect non-SSL ports to an SSL port (if configured for SSL) -->
<key>RedirectHTTPToHTTPS</key>
<false/>
<!--
Network address configuration information
This configures the actual network address that the server binds to.
-->
<!-- Fehlermeldung, der Methode gethostbyaddr "{socket.error: Address
family not supported by protocol}"
https://www.lug-kr.de/wiki/Calendarserver
Abholfe schafft folgender Eintrag in der Konfiguration.
-->
<key>BindAddresses</key>
<array>
<string>10.33.34.26</string>
</array>
<!-- List of IP addresses to bind to [empty = all]
<key>BindAddresses</key>
<array>
</array>
-->
<!-- List of port numbers to bind to for HTTP [empty = same as "Port"] -->
<key>BindHTTPPorts</key>
<array>
</array>
<!-- List of port numbers to bind to for SSL [empty = same as "SSLPort"] -->
<key>BindSSLPorts</key>
<array>
</array>
<!--
Data Store
-->
<!-- Server root -->
<key>ServerRoot</key>
<string>/var/lib/caldavd</string>
<!-- Database connection -->
<key>DBType</key>
<string>postgres</string>
<key>DatabaseConnection</key>
<dict>
<key>endpoint</key>
<string>unix:/var/run/postgresql</string>
<key>database</key>
<string>caldav</string>
<key>user</key>
<string>caldavd</string>
<key>password</key>
<string></string>
</dict>
<!-- Data root -->
<key>DataRoot</key>
<string>/var/lib/caldavd</string>
<!-- Document root -->
<key>DocumentRoot</key>
<string>/var/spool/caldavd</string>
<!-- Configuration root -->
<key>ConfigRoot</key>
<string>/etc/caldavd</string>
<!-- Run root -->
<key>RunRoot</key>
<string>/var/run/caldavd</string>
<!-- Child aliases -->
<key>Aliases</key>
<array>
<!--
<dict>
<key>url</key>
<string>/foo</string>
<key>path</key>
<string>/path/to/foo</string>
</dict>
-->
</array>
<!--
Quotas and limits
-->
<!-- User quota (in bytes) [0 = no quota] applies to attachments only -->
<key>UserQuota</key>
<integer>104857600</integer> <!-- 100Mb -->
<!-- Maximum size for a single attachment (in bytes) [0 = no limit] -->
<key>MaximumAttachmentSize</key>
<integer>10485760</integer> <!-- 10Mb -->
<!-- Maximum number of calendars/address books allowed in a home -->
<!-- 0 for no limit -->
<key>MaxCollectionsPerHome</key>
<integer>50</integer>
<!-- Maximum number of resources in a calendar/address book -->
<!-- 0 for no limit -->
<key>MaxResourcesPerCollection</key>
<integer>10000</integer>
<!-- Maximum resource size (in bytes) -->
<key>MaxResourceSize</key>
<integer>1048576</integer> <!-- 1Mb -->
<!-- Maximum number of unique attendees per entire event -->
<!-- 0 for no limit -->
<key>MaxAttendeesPerInstance</key>
<integer>100</integer>
<!-- Maximum number of instances allowed during expansion -->
<!-- 0 for no limit -->
<key>MaxAllowedInstances</key>
<integer>3000</integer>
<!--
Directory service
A directory service provides information about principals (eg.
users, groups, locations and resources) to the server.
A variety of directory services are available for use.
-->
<!-- XML File Directory Service
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>xml</string>
<key>params</key>
<dict>
<key>xmlFile</key>
<string>/etc/caldavd/accounts.xml</string>
</dict>
</dict>
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>ldap</string>
<key>params</key>
<dict>
<key>recordTypes</key>
<array>
<string>users</string>
<string>groups</string>
</array>
<key>uri</key>
<string>ldaps://sambaDC/</string>
<key>useTLS</key>
<true/>
<key>credentials</key>
<dict>
<key>dn</key>
<string>CN=SomeUser,CN=Users,DC=licht,DC=company,DC=eu</string>
<key>password</key>
<string>xxxxxxxxxx</string>
</dict>
<key>rdnSchema</key>
<dict>
<key>base</key>
<string>dc=licht,dc=company,dc=eu</string>
<key>users</key>
<string>cn=Users</string>
<key>groups</key>
<string>cn=Users</string>
<key>locations</key>
<string>ou=places</string>
<key>resources</key>
<string>ou=resources</string>
<key>addresses</key>
<string>ou=buildings</string>
</dict>
<key>mapping</key>
<dict>
<key>uid</key>
<array>
<string>uidNumber</string>
</array>
<key>guid</key>
<array>
<string>gidNumber</string>
</array>
<key>shortNames</key>
<array>
<string>sAMAccountName</string>
</array>
<key>fullNames</key>
<array>
<string>cn</string>
</array>
<key>emailAddresses</key>
<array>
<string>mail</string>
</array>
<key>memberDNs</key>
<array>
<string>member</string>
</array>
<key>loginAllowed</key>
<array>
<string>sAMAccountType:805306368</string>
</array>
<key>hasCalendars</key>
<array>
<string>sAMAccountType:805306368</string>
</array>
<key>autoScheduleMode</key>
<array>
<string></string>
<string></string>
</array>
<key>autoAcceptGroup</key>
<array>
<string>autoAcceptGroup</string>
</array>
<key>readWriteProxy</key>
<array>
<string>calRWProxy</string>
</array>
<key>readOnlyProxy</key>
<array>
<string>calROProxy</string>
</array>
</dict>
<key>extraFilters</key>
<dict>
<key>users</key>
<string>(objectCategory=user)</string>
<key>groups</key>
<string>(objectCategory=group)</string>
<key>locations</key>
<string>(calStatus=active)</string>
<key>resources</key>
<string>(calStatus=active)</string>
<key>addresses</key>
<string></string>
</dict>
</dict>
</dict>
-->
<!-- NSS directory service -->
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>twistedcaldav.directory.nss.NssDirectoryService</string>
<key>params</key>
<dict>
<key>recordTypes</key>
<array>
<string>users</string>
<string>groups</string>
</array>
<key>realmName</key>
<string>licht.company.eu</string>
<!-- Don't treat user ids smaller than firstValidUid as calendarserver
users -->
<key>firstValidUid</key>
<integer>1000</integer>
<!-- Don't treat user ids larger than lastValidUid as calendarserver users
-->
<key>lastValidUid</key>
<integer>3500000</integer>
<!-- Groups starting with this prefix are considered calendarserver groups
-->
<key>groupPrefix</key>
<string>caldavd-</string>
<!-- Don't treat group ids smaller than firstValidGid as calendarserver
groups -->
<key>firstValidGid</key>
<integer>1000</integer>
<!-- Don't treat group ids larger than lastValidGid as calendarserver
groups -->
<key>lastValidGid</key>
<integer>3500000</integer>
<!-- use username@mailDomain as calender user mail addresses -->
<key>mailDomain</key>
<string>company.eu</string>
<!-- refresh time in seconds -->
<key>refreshIntervalThreshold</key>
<integer>1200</integer>
</dict>
</dict>
<!--
Special principals
These principals are granted special access and/or perform
special roles on the server.
-->
<!-- Principals with "DAV:all" access (relative URLs) -->
<key>AdminPrincipals</key>
<array>
<!--
<string>/principals/__uids__/AEB68DD7-D2B8-4D4D-A574-2A4533DF36A4/</string> -->
</array>
<!-- Principals with "DAV:read" access (relative URLs) -->
<key>ReadPrincipals</key>
<array>
<!--
<string>/principals/__uids__/983C8238-FB6B-4D92-9242-89C0A39E5F81/</string> -->
</array>
<!-- Create "proxy access" principals -->
<key>EnableProxyPrincipals</key>
<true/>
<!-- NSS Directory Service -->
<!-- Groups starting with groupPrefix are considered calendarserver groups
-->
<!-- Don't treat user id's smaller than firstValidUid as calendarserver
users -->
<!-- Don't treat group id's smaller than firstValidGid as calendarserver
groups -->
<!-- use shortName@mailDomain as calender user mail addresses -->
<!-- Users and groups information will not be reloaded if the cache is not
empty
and it had been populated less than refreshIntervalThreshold seconds
ago -->
<!--
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>nss</string>
<key>params</key>
<dict>
<key>realmName</key>
<string>Test Realm</string>
<key>groupPrefix</key>
<string>caldavd-</string>
<key>firstValidUid</key>
<integer>1000</integer>
<key>lastValidUid</key>
<integer>65533</integer>
<key>firstValidGid</key>
<integer>1000</integer>
<key>lastValidGid</key>
<integer>65533</integer>
<key>mailDomain</key>
<string>example.com</string>
<key>refreshIntervalThreshold</key>
<integer>60</integer>
</dict>
</dict>
-->
<!-- Resource and Location Service -->
<key>ResourceService</key>
<dict>
<key>Enabled</key>
<true/>
<key>type</key>
<string>xml</string>
<key>params</key>
<dict>
<key>xmlFile</key>
<string>/etc/caldavd/resources.xml</string>
</dict>
</dict>
<!-- Augment Service -->
<key>AugmentService</key>
<dict>
<key>type</key>
<string>xml</string>
<key>params</key>
<dict>
<key>xmlFiles</key>
<array>
<string>/etc/caldavd/augments.xml</string>
</array>
</dict>
</dict>
<!--
Permissions
-->
<!-- Anonymous read access for root resource -->
<key>EnableAnonymousReadRoot</key>
<true/>
<!-- Anonymous read access for resource hierarchy -->
<key>EnableAnonymousReadNav</key>
<false/>
<!-- Enables directory listings for principals -->
<key>EnablePrincipalListings</key>
<false/>
<!-- Render calendar collections as a monolithic iCalendar object -->
<key>EnableMonolithicCalendars</key>
<true/>
<!--
Authentication
-->
<key>Authentication</key>
<dict>
<!-- Clear text; best avoided -->
<key>Basic</key>
<dict>
<key>Enabled</key>
<true/>
<!-- Set to false to disallow plaintext authentication over non-SSL -->
<key>AllowedOverWireUnencrypted</key>
<true/>
</dict>
<!-- Digest challenge/response -->
<key>Digest</key>
<dict>
<key>Enabled</key>
<false/>
<key>Algorithm</key>
<string>md5</string>
<key>Qop</key>
<string></string>
</dict>
<!-- Kerberos/SPNEGO -->
<key>Kerberos</key>
<dict>
<key>Enabled</key>
<true/>
<key>ServicePrincipal</key>
<string>sambaDC</string>
</dict>
</dict>
<!--
Logging
-->
<!-- Log root -->
<key>LogRoot</key>
<string>/var/log/caldavd</string>
<!-- Apache-style access log -->
<key>AccessLogFile</key>
<string>access.log</string>
<key>RotateAccessLog</key>
<true/>
<!-- Server activity log -->
<key>ErrorLogFile</key>
<string>error.log</string>
<!-- Log levels -->
<key>DefaultLogLevel</key>
<string>info</string> <!-- debug, info, warn, error -->
<!-- Server process ID file -->
<key>PIDFile</key>
<string>caldavd.pid</string>
<!--
SSL/TLS
-->
<!-- Public key -->
<key>SSLCertificate</key>
<string>/etc/ssl/certs/calendarServer.pem</string>
<!-- SSL authority chain (for intermediate certs) -->
<key>SSLAuthorityChain</key>
<string></string>
<!-- Private key -->
<key>SSLPrivateKey</key>
<string>/etc/ssl/private/calendarServer.key</string>
<!--
Process management
-->
<key>UserName</key>
<string>caldavd</string>
<key>GroupName</key>
<string>caldavd</string>
<key>ProcessType</key>
<string>Combined</string>
<key>MultiProcess</key>
<dict>
<key>ProcessCount</key>
<integer>0</integer> <!-- 0 = automatic -->
</dict>
<!--
Notifications
-->
<key>Notifications</key>
<dict>
<!-- Time spent coalescing notifications before delivery -->
<key>CoalesceSeconds</key>
<integer>3</integer>
<key>Services</key>
<dict>
<key>XMPPNotifier</key>
<dict>
<!-- XMPP notification service -->
<key>Service</key>
<string>twistedcaldav.notify.XMPPNotifierService</string>
<key>Enabled</key>
<false/>
<!-- XMPP host and port to contact -->
<key>Host</key>
<string>xmpp.host.name</string>
<key>Port</key>
<integer>5222</integer>
<!-- Jabber ID and password for the server -->
<key>JID</key>
<string>j...@xmpp.host.name/resource</string>
<key>Password</key>
<string>password_goes_here</string>
<!-- PubSub service address -->
<key>ServiceAddress</key>
<string>pubsub.xmpp.host.name</string>
</dict>
</dict>
</dict>
<!--
Server-to-server protocol
-->
<key>Scheduling</key>
<dict>
<!-- CalDAV protocol options -->
<key>CalDAV</key>
<dict>
<key>EmailDomain</key>
<string></string>
<key>HTTPDomain</key>
<string></string>
<key>AddressPatterns</key>
<array>
</array>
</dict>
<!-- iSchedule protocol options -->
<key>iSchedule</key>
<dict>
<key>Enabled</key>
<false/>
<key>AddressPatterns</key>
<array>
</array>
<key>RemoteServers</key>
<string>/etc/caldavd/remoteservers.xml</string>
</dict>
<!-- iMIP protocol options -->
<key>iMIP</key>
<dict>
<key>Enabled</key>
<false/>
<key>MailGatewayServer</key>
<string>localhost</string>
<key>MailGatewayPort</key>
<integer>62310</integer>
<key>Sending</key>
<dict>
<key>Server</key>
<string></string>
<key>Port</key>
<integer>587</integer>
<key>UseSSL</key>
<true/>
<key>Username</key>
<string></string>
<key>Password</key>
<string></string>
<key>Address</key>
<string></string> <!-- Address email will be sent from -->
</dict>
<key>Receiving</key>
<dict>
<key>Server</key>
<string></string>
<key>Port</key>
<integer>995</integer>
<key>Type</key>
<string></string> <!-- Either "pop" or "imap" -->
<key>UseSSL</key>
<true/>
<key>Username</key>
<string></string>
<key>Password</key>
<string></string>
<key>PollingSeconds</key>
<integer>30</integer>
</dict>
<key>AddressPatterns</key>
<array>
<string>mailto:.*</string>
</array>
</dict>
</dict>
<!--
Free-busy URL protocol
-->
<key>FreeBusyURL</key>
<dict>
<key>Enabled</key>
<true/>
<key>TimePeriod</key>
<integer>14</integer>
<key>AnonymousAccess</key>
<false/>
</dict>
<!--
Non-standard CalDAV extensions
-->
<!-- Private Events -->
<key>EnablePrivateEvents</key>
<true/>
<!-- Shared Calendars & Address Books -->
<key>Sharing</key>
<dict>
<key>Enabled</key>
<true/>
</dict>
<!--
Miscellaneous items
-->
<!-- Web-based administration -->
<key>EnableWebAdmin</key>
<true/>
<!-- Do not split calendars and tasks -->
<key>RestrictCalendarsToOneComponentType</key>
<false/>
</dict>
</plist>
/etc/caldavd/resources.xml changed:
<directory realm="/Search" />
/etc/default/calendarserver changed:
start_calendarserver=yes
-- no debconf information
