add rspamd asan debugging

Dieser Commit ist enthalten in:
andryyy 2021-09-02 12:45:59 +02:00
Ursprung 1a5eab3c21
Commit dfa70f435e
3 geänderte Dateien mit 46 neuen und 1 gelöschten Zeilen

27
docs/debug-asan_rspamd.md Normale Datei
Datei anzeigen

@ -0,0 +1,27 @@
A quick guide to deeply a malfunctioning Rspamd.
```
docker-compose exec rspamd-mailcow bash
if ! grep -qi 'apt-stable-asan' /etc/apt/sources.list.d/rspamd.list; then
sed -i 's/apt-stable/apt-stable-asan/i' /etc/apt/sources.list.d/rspamd.list
fi
apt-get update ; apt-get upgrade rspamd
nano /docker-entrypoint.sh
# Before "exec "$@"" add the following lines:
export G_SLICE=always-malloc
export ASAN_OPTIONS=new_delete_type_mismatch=0:detect_leaks=1:detect_odr_violation=0:log_path=/tmp/rspamd-asan:quarantine_size_mb=2048:malloc_context_size=8:fast_unwind_on_malloc=0
```
Restart Rspamd: `docker-compose restart rspamd-mailcow`
Your memory consumption will increase by a lot, it will also steadily grow, which is not related to a possible memory leak you are looking for.
Leave the container running for a few minutes, hours or days (it should match the time you usually wait for the leak to "happen") and restart it: `docker-compose restart rspamd-mailcow`.
Now enter the container by running `docker-compose exec rspamd-mailcow bash`, change the directory to /tmp and copy the asan Files to your desired location or upload them via termbin.com (`cat /tmp/rspamd-asan.* | nc termbin.com 9999`).

17
docs/debug-reset_tls.md Normale Datei
Datei anzeigen

@ -0,0 +1,17 @@
In case you encounter problems with your certificate, key or Let's Encrypt account, please try to reset the TLS assets:
```
source mailcow.conf
docker-compose down
rm -rf data/assets/ssl
mkdir data/assets/ssl
openssl req -x509 -newkey rsa:4096 -keyout data/assets/ssl-example/key.pem -out data/assets/ssl-example/cert.pem -days 365 -subj "/C=DE/ST=NRW/L=Willich/O=mailcow/OU=mailcow/CN=${MAILCOW_HOSTNAME}" -sha256 -nodes
cp -n -d data/assets/ssl-example/*.pem data/assets/ssl/
docker-compose up -d
```
This will stop mailcow, source the variables we need, create a self-signed certificate and start mailcow.
If you use Let's Encrypt you should be careful as you will create a new account and a new set of certificates. You will run into a ratelimit sooner or later.
Please also note that previous TLSA records will be invalid.

Datei anzeigen

@ -57,7 +57,8 @@ nav:
- 'Remove Persistent Data': 'debug-rm_volumes.md'
- 'Common Problems': 'debug-common_problems.md'
- 'Admin login to SOGo': 'debug-admin_login_sogo.md'
- 'Reset TLS certificates': 'debug-reset-tls.md'
- 'Reset TLS certificates': 'debug-reset_tls.md'
- 'Advanced: Find memory leaks in Rspamd': 'debug-asan_rspamd.md'
- 'Backup & Restore':
- 'Helper script':
- 'Backup': 'b_n_r_backup.md'