[Dovecot] Pam trouble
Benjamin Dabelow
benja.dabelow at gmx.net
Tue Feb 24 13:13:03 EET 2004
Hi folks,
I can't get dovecot to authenticate properly against ldap/pam.
I've been fiddling with it for several days now, to no avail. It keeps crashing
with:
Child died with signal 11
The system is Solaris9. Enclosed is a trace of dovecot-auth for a connection to
pop with correct username and password and my config.
Any help is appreciated.
Cheers
Benjamin
Trace-----------------------------------------------------
29964: poll(0x00052E28, 9, 4999) (sleeping...)
29964: poll(0x00052E28, 9, 4999) = 0
29964: poll(0x00052E28, 9, 0) = 0
29964: poll(0x00052E28, 9, 4999) (sleeping...)
29964: poll(0x00052E28, 9, 4999) = 1
29964: accept(3, 0xFFBFFAD0, 0xFFBFFAC8, 1) = 13
29964: fstat64(13, 0xFFBFF920) = 0
29964: getsockopt(13, SOL_SOCKET, 0x2000, 0xFFBFFA20, 0xFFBFFA1C, 0) = 0
29964: setsockopt(13, SOL_SOCKET, 0x2000, 0xFFBFFA20, 4, 0) = 0
29964: fcntl(13, F_SETFL, 0x00000080) = 0
29964: fstat64(13, 0xFFBFF9D8) = 0
29964: llseek(13, 0, SEEK_CUR) Err#29 ESPIPE
29964: getsockname(13, 0xFFBFF928, 0xFFBFF924, 1) = 0
29964: write(13, "\0\0 u\f\0\0\001", 8) = 8
29964: poll(0x00052E28, 10, 2917) = 1
29964: read(13, "\0\0 u1C", 4096) = 4
29964: poll(0x00052E28, 10, 2917) (sleeping...)
29964: poll(0x00052E28, 10, 2917) = 0
29964: poll(0x00052E28, 10, 0) = 0
29964: poll(0x00052E28, 10, 4999) (sleeping...)
29964: poll(0x00052E28, 10, 4999) = 1
29964: read(14, "\0\0\001\0\0\001\0\0\001".., 4092) = 16
29964: write(14, "\0\0\001\0\0\001\0\0\0\0".., 20) = 20
29964: poll(0x00052E28, 10, 1664) = 1
29964: read(14, "\0\0\002\0\0\001\0\0\011".., 4076) = 29
29964: pipe() = 15 [16]
29964: fork1() = 29981
29964: lwp_schedctl(SC_STATE|SC_PREEMPT, 0, 0xFFBFF7AC) = 0
29964: close(16) = 0
29981: fork1() (returning as child ...) = 29964
29981: getpid() = 29981 [29964]
29981: close(15) = 0
29981: lwp_schedctl(SC_STATE|SC_PREEMPT, 0, 0xFFBFF4A4) = 0
29981: open("/etc/pam_debug", O_RDONLY) Err#2 ENOENT
29981: stat64("/etc/pam.conf", 0xFFBFF4C0) = 0
29981: open("/etc/pam.conf", O_RDONLY) = 15
29981: mmap(0x00000000, 1893, PROT_READ, MAP_PRIVATE, 15, 0) = 0xFEBA0000
29981: munmap(0xFEBA0000, 1893) = 0
29981: close(15) = 0
29981: stat64("/usr/lib/security/pam_unix.so.1", 0xFFBFF400) = 0
29981: stat("/usr/lib/security/pam_unix.so.1", 0xFFBFED44) = 0
29981: open("/usr/lib/security/pam_unix.so.1", O_RDONLY) = 15
29981: fstat(15, 0xFFBFED44) = 0
29981: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEBA0000
29981: mmap(0x00000000, 212992, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEB40000
29981: mmap(0xFEB6A000, 36767, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 15, 106496) = 0xFEB6A000
29981: munmap(0xFEB5A000, 65536) = 0
29981: resolvepath("/usr/lib/security/pam_unix.so.1",
"/usr/lib/security/pam_unix.so.1", 1023) = 31
29981: memcntl(0xFEB40000, 24652, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
29981: close(15) = 0
29981: stat("/usr/lib/libc.so.1", 0xFFBFEC84) = 0
29981: stat("/usr/lib/libpam.so.1", 0xFFBFEC84) = 0
29981: stat("/usr/lib/libnsl.so.1", 0xFFBFEC84) = 0
29981: stat("/usr/lib/libcmd.so.1", 0xFFBFEC84) = 0
29981: stat("/usr/lib/libmp.so.2", 0xFFBFEC84) = 0
29981: munmap(0xFEBA0000, 8192) = 0
29981: stat64("/usr/lib/security/pam_openldap.so.1", 0xFFBFF400) = 0
29981: stat("/usr/lib/security/pam_openldap.so.1", 0xFFBFED44) = 0
29981: open("/usr/lib/security/pam_openldap.so.1", O_RDONLY) = 15
29981: fstat(15, 0xFFBFED44) = 0
29981: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEBA0000
29981: mmap(0x00000000, 106496, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEB20000
29981: mmap(0xFEB38000, 3928, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 15, 32768) = 0xFEB38000
29981: munmap(0xFEB2A000, 57344) = 0
29981: resolvepath("/usr/lib/security/pam_openldap.so.1",
"/usr/lib/security/pam_openldap.so.1", 1023) = 35
29981: memcntl(0xFEB20000, 6704, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
29981: close(15) = 0
29981: stat("/opt/OpenLDAP2/lib/libc.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libc.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libc.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libldap.so.2", 0xFFBFEC84) = 0
29981: mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_ANON, -1, 0) = 0xFEB10000
29981: stat("/opt/OpenLDAP2/lib/liblber.so.2", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libnsl.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libnsl.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libnsl.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libcrypt_i.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libcrypt_i.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libcrypt_i.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libresolv.so.2", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libresolv.so.2", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libresolv.so.2", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libpam.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libpam.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libpam.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libdl.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libdl.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libdl.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libpthread.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libpthread.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libpthread.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/librt.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/librt.so.1", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/librt.so.1", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libdb-4.0.so", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libdb-4.0.so", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/lib/libdb-4.0.so", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libssl.so.0.9.7", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libssl.so.0.9.7", 0xFFBFEC84) = 0
29981: stat("/opt/OpenLDAP2/lib/libcrypto.so.0.9.7", 0xFFBFEC84) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libcrypto.so.0.9.7", 0xFFBFEC84) = 0
29981: munmap(0xFEBA0000, 8192) = 0
29981: open64("/var/run/name_service_door", O_RDONLY) = 15
29981: fcntl(15, F_SETFD, 0x00000001) = 0
29981: door_info(15, 0xFEEC2668) = 0
29981: close(15) = 0
29981: stat("/usr/lib/nss_files.so.1", 0xFFBFDE64) = 0
29981: open("/etc/passwd", O_RDONLY) = 15
29981: fstat64(15, 0xFFBFE2D8) = 0
29981: brk(0x00081460) = 0
29981: brk(0x00083460) = 0
29981: fstat64(15, 0xFFBFE180) = 0
29981: ioctl(15, TCGETA, 0xFFBFE264) Err#25 ENOTTY
29981: read(15, " r o o t : x : 0 : 1 : Z".., 8192) = 710
29981: read(15, 0x00080594, 8192) = 0
29981: llseek(15, 0, SEEK_CUR) = 710
29981: close(15) = 0
29981: stat("/usr/lib/nss_ldap.so.1", 0xFFBFDE64) = 0
29981: open("/usr/lib/nss_ldap.so.1", O_RDONLY) = 15
29981: fstat(15, 0xFFBFDE64) = 0
29981: mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEBA0000
29981: mmap(0x00000000, 163840, PROT_READ|PROT_EXEC, MAP_PRIVATE, 15, 0) =
0xFEAE0000
29981: mmap(0xFEAFC000, 4828, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED, 15, 49152) = 0xFEAFC000
29981: mmap(0xFEAFE000, 35640, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE|MAP_FIXED|MAP_ANON, -1, 0) = 0xFEAFE000
29981: munmap(0xFEAEE000, 57344) = 0
29981: resolvepath("/usr/lib/nss_ldap.so.1", "/usr/lib/nss_ldap.so.1", 1023) =
22
29981: memcntl(0xFEAE0000, 9792, MC_ADVISE, MADV_WILLNEED, 0, 0) = 0
29981: close(15) = 0
29981: stat("/opt/OpenLDAP2/lib/libldap.so.2", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/liblber.so.2", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libdb-4.0.so", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libdb-4.0.so", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/libdb-4.0.so", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libdl.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libdl.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/libdl.so.1", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libnsl.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libnsl.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/libnsl.so.1", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libresolv.so.2", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libresolv.so.2", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/libresolv.so.2", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libpthread.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libpthread.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/libpthread.so.1", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/librt.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/librt.so.1", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/lib/librt.so.1", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libssl.so.0.9.7", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libssl.so.0.9.7", 0xFFBFDDA4) = 0
29981: stat("/opt/OpenLDAP2/lib/libcrypto.so.0.9.7", 0xFFBFDDA4) Err#2 ENOENT
29981: stat("/usr/local/ssl/lib/libcrypto.so.0.9.7", 0xFFBFDDA4) = 0
29981: munmap(0xFEBA0000, 8192) = 0
29981: sigaction(SIGPIPE, 0xFFBFE2B8, 0xFFBFE3F8) = 0
29981: sigprocmask(SIG_SETMASK, 0xFEBEA0B4, 0xFFBFE308) = 0
29981: sigprocmask(SIG_SETMASK, 0xFFBFE2F4, 0x00000000) = 0
29981: getpid() = 29981 [29964]
29981: getuid() = 0 [0]
29981: open("/etc/ldap.conf", O_RDONLY) = 15
29981: fstat64(15, 0xFFBFCA38) = 0
29981: fstat64(15, 0xFFBFC8E0) = 0
29981: ioctl(15, TCGETA, 0xFFBFC9C4) Err#25 ENOTTY
29981: read(15, " # @ ( # ) $ I d : l".., 8192) = 6190
29981: read(15, 0x0008018C, 8192) = 0
29981: llseek(15, 0, SEEK_CUR) = 6190
29981: close(15) = 0
29981: open64("/var/run/name_service_door", O_RDONLY) = 15
29981: fcntl(15, F_SETFD, 0x00000001) = 0
29981: door_info(15, 0xFEEC2668) = 0
29981: close(15) = 0
29981: open("/etc/inet/ipnodes", O_RDONLY) = 15
29981: fstat64(15, 0xFFBFADA8) = 0
29981: brk(0x00083460) = 0
29981: brk(0x00085460) = 0
29981: fstat64(15, 0xFFBFAC50) = 0
29981: ioctl(15, TCGETA, 0xFFBFAD34) Err#25 ENOTTY
29981: read(15, " #\n # I n t e r n e t".., 8192) = 61
29981: read(15, 0x0008257C, 8192) = 0
29981: llseek(15, 0, SEEK_CUR) = 61
29981: close(15) = 0
29981: open64("/var/run/name_service_door", O_RDONLY) = 15
29981: fcntl(15, F_SETFD, 0x00000001) = 0
29981: door_info(15, 0xFEEC2668) = 0
29981: close(15) = 0
29981: open("/etc/hosts", O_RDONLY) = 15
29981: fstat64(15, 0xFFBFAD28) = 0
29981: fstat64(15, 0xFFBFABD0) = 0
29981: ioctl(15, TCGETA, 0xFFBFACB4) Err#25 ENOTTY
29981: read(15, " #\n # I n t e r n e t".., 8192) = 107
29981: read(15, 0x0008257C, 8192) = 0
29981: llseek(15, 0, SEEK_CUR) = 107
29981: close(15) = 0
29981: so_socket(PF_INET, SOCK_STREAM, IPPROTO_IP, "", 1) = 15
29981: setsockopt(15, tcp, TCP_NODELAY, 0xFFBFD724, 4, 1) = 0
29981: fcntl(15, F_GETFL, 0xFF1FE9E0) = 2
29981: fstat64(15, 0xFFBFD468) = 0
29981: getsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD568, 0xFFBFD560, 0) = 0
29981: fstat64(15, 0xFFBFD4D8) = 0
29981: getsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD5D8, 0xFFBFD5D4, 0) = 0
29981: setsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD5D8, 4, 0) = 0
29981: fcntl(15, F_SETFL, 0x00000082) = 0
29981: connect(15, 0x0007F9E8, 16, 1) = 0
29981: fcntl(15, F_GETFL, 0xFF1FE9F8) = 130
29981: fstat64(15, 0xFFBFD468) = 0
29981: getsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD568, 0xFFBFD560, 0) = 0
29981: fstat64(15, 0xFFBFD4D8) = 0
29981: getsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD5D8, 0xFFBFD5D4, 0) = 0
29981: setsockopt(15, SOL_SOCKET, 0x2000, 0xFFBFD5D8, 4, 0) = 0
29981: fcntl(15, F_SETFL, 0x00000002) = 0
29981: getpeername(15, 0xFFBFD708, 0xFFBFD2E8, 1) = 0
29981: open64("/var/run/name_service_door", O_RDONLY) = 17
29981: fcntl(17, F_SETFD, 0x00000001) = 0
29981: door_info(17, 0xFEEC2668) = 0
29981: close(17) = 0
29981: open("/etc/inet/ipnodes", O_RDONLY) = 17
29981: fstat64(17, 0xFFBFAC98) = 0
29981: fstat64(17, 0xFFBFAB40) = 0
29981: ioctl(17, TCGETA, 0xFFBFAC24) Err#25 ENOTTY
29981: read(17, " #\n # I n t e r n e t".., 8192) = 61
29981: read(17, 0x0008257C, 8192) = 0
29981: llseek(17, 0, SEEK_CUR) = 61
29981: close(17) = 0
29981: open64("/var/run/name_service_door", O_RDONLY) = 17
29981: fcntl(17, F_SETFD, 0x00000001) = 0
29981: door_info(17, 0xFEEC2668) = 0
29981: close(17) = 0
29981: open("/etc/hosts", O_RDONLY) = 17
29981: fstat64(17, 0xFFBFAC18) = 0
29981: fstat64(17, 0xFFBFAAC0) = 0
29981: ioctl(17, TCGETA, 0xFFBFABA4) Err#25 ENOTTY
29981: read(17, " #\n # I n t e r n e t".., 8192) = 107
29981: llseek(17, 0, SEEK_CUR) = 107
29981: close(17) = 0
29981: uname(0xFFBFD110) = 1
29981: time() = 1077620847
29981: write(15, " 01D020101 w188016 1 . 3".., 31) = 31
29981: poll(0xFFBFD1C0, 1, -1) = 1
29981: read(15, " 0\f020101 x07\n", 8) = 8
29981: read(15, "01\004\004\0", 6) = 6
29981: time() = 1077620847
29981: brk(0x00085460) = 0
29981: brk(0x00087460) = 0
29981: brk(0x00087460) = 0
29981: brk(0x00089460) = 0
29981: brk(0x00089460) = 0
29981: brk(0x0008B460) = 0
29981: brk(0x0008B460) = 0
29981: brk(0x0008D460) = 0
29981: time() = 1077620847
29981: getpid() = 29981 [29964]
29981: brk(0x0008D460) = 0
29981: brk(0x00093460) = 0
29981: brk(0x00093460) = 0
29981: brk(0x00097460) = 0
29981: brk(0x00097460) = 0
29981: brk(0x0009B460) = 0
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: open("/dev/urandom", O_RDONLY|O_NONBLOCK|O_NOCTTY) = 17
29981: poll(0xFFBFD3B0, 1, 10) = 1
29981: read(17, "029F\0 XA5B2F0C7 U &1FE6".., 32) = 32
29981: close(17) = 0
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getuid() = 0 [0]
29981: getpid() = 29981 [29964]
29981: time() = 1077620847
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: write(15, "8095010301\0 l\0\0\0 \0".., 151) = 151
29981: read(15, "160301\0 J02\0", 7) = 7
29981: brk(0x0009B460) = 0
29981: brk(0x0009D460) = 0
29981: time() = 1077620847
29981: time() = 1077620847
29981: getpid() = 29981 [29964]
29981: read(15, "\0 F0301 @ ; 0 oBFEE1DE1".., 72) = 72
29981: read(15, "1603010412", 5) = 5
29981: read(15, "\v\0040E\004\v\004\b 082".., 1042) = 1042
29981: brk(0x0009D460) = 0
29981: brk(0x0009F460) = 0
29981: getpid() = 29981 [29964]
29981: read(15, "160301\004", 5) = 5
29981: read(15, "0E\0\0\0", 4) = 4
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: getpid() = 29981 [29964]
29981: brk(0x0009F460) = 0
29981: brk(0x000A1460) = 0
29981: write(15, "160301\08610\0\082\080 /".., 198) = 198
29981: read(15, "140301\001", 5) = 5
29981: read(15, "01", 1) = 1
29981: read(15, "160301\0 0", 5) = 5
29981: read(15, "9197ADECFE9AFB )DF83 $8A".., 48) = 48
29981: time() = 1077620847
29981: write(15, "170301\0 DF0F1E H pC386".., 90) = 90
29981: time() = 1077620847
29981: poll(0xFFBFD230, 1, 30000) = 1
29981: read(15, "170301\0 ", 5) = 5
29981: read(15, "DBFFF9B9EC g WEE iE0 , Z".., 32) = 32
29981: read(15, "170301\0 0", 5) = 5
29981: read(15, "7F >BDCE96B4 = zE587F1 ]".., 48) = 48
29981: time() = 1077620847
29981: setsockopt(15, SOL_SOCKET, SO_KEEPALIVE, 0xFFBFDB88, 4, 1) = 0
29981: fcntl(15, F_SETFD, 0x00000001) = 0
29981: getsockname(15, 0xFEAFE2F8, 0xFFBFDB84, 1) = 0
29981: getpeername(15, 0xFEAFE308, 0xFFBFDB84, 1) = 0
29981: time() = 1077620847
29981: getpid() = 29981 [29964]
29981: getuid() = 0 [0]
29981: time() = 1077620847
29981: write(15, "170301\0 $1D1086B7 { #".., 266) = 266
29981: poll(0xFFBFD1E0, 1, -1) = 1
29981: read(15, "170301\0 ", 5) = 5
29981: read(15, " 3 0 @B7AA14 j9284E2D4\t".., 32) = 32
29981: read(15, "1703010180", 5) = 5
29981: read(15, "92 | e850589C27F <CDB0 a".., 384) = 384
29981: poll(0xFFBFD1E0, 1, -1) = 1
29981: read(15, "170301\0 ", 5) = 5
29981: read(15, "DABDA1 `8DBDD795B117E4D3".., 32) = 32
29981: read(15, "170301\0 0", 5) = 5
29981: read(15, "8AA2B9 y1A MFEC3FCDB J".., 48) = 48
29981: time() = 1077620847
29981: time() = 1077620847
29981: stat("/usr/lib/nss_files.so.1", 0xFFBFE2D4) = 0
29981: open("/etc/shadow", O_RDONLY) = 17
29981: fstat64(17, 0xFFBFE878) = 0
29981: fstat64(17, 0xFFBFE720) = 0
29981: ioctl(17, TCGETA, 0xFFBFE804) Err#25 ENOTTY
29981: read(17, " r o o t : f s i o o X 9".., 8192) = 308
29981: read(17, 0x0008CB34, 8192) = 0
29981: llseek(17, 0, SEEK_CUR) = 308
29981: close(17) = 0
29981: stat("/usr/lib/nss_ldap.so.1", 0xFFBFE2D4) = 0
29981: sigaction(SIGPIPE, 0xFFBFE728, 0xFFBFE868) = 0
29981: sigprocmask(SIG_SETMASK, 0xFEBEA0B4, 0xFFBFE778) = 0
29981: sigprocmask(SIG_SETMASK, 0xFFBFE764, 0x00000000) = 0
29981: getpid() = 29981 [29964]
29981: getuid() = 0 [0]
29981: getpid() = 29981 [29964]
29981: getuid() = 0 [0]
29981: time() = 1077620847
29981: write(15, "170301\0 8D81 R r r89".., 266) = 266
29981: poll(0xFFBFD650, 1, -1) = 1
29981: read(15, "170301\0 ", 5) = 5
29981: read(15, " 61ED503E3C40EC7A3 R\t (".., 32) = 32
29981: read(15, "170301\0F0", 5) = 5
29981: read(15, "D61F k # \F1\v l wFFE3 r".., 240) = 240
29981: poll(0xFFBFD650, 1, -1) = 1
29981: read(15, "170301\0 ", 5) = 5
29981: read(15, " 898 8DB2CD bB9 m8B84C5".., 32) = 32
29981: read(15, "170301\0 0", 5) = 5
29981: read(15, "9F >C5BCA687 X .EEA2 > i".., 48) = 48
29981: time() = 1077620847
29981: time() = 1077620847
29981: Incurred fault #6, FLTBOUNDS %pc = 0xFF053364
29981: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000004
29981: Received signal #11, SIGSEGV [default]
29981: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000004
29964: poll(0x00052E28, 11, 999) = 1
29964: read(15, 0xFFBFF958, 512) = 0
29964: time() = 1077620847
29964: write(4, " d o v e c o t - a u t h".., 61) = 61
29964: write(14, "\0\0\001\0\0\003\0\0\0\0".., 20) = 20
29964: close(15) = 0
29964: poll(0x00052E28, 10, 446) = 0
29964: poll(0x00052E28, 10, 0) = 0
29964: waitid(P_ALL, 0, 0xFFBFF998, WEXITED|WTRAPPED|WNOHANG) = 0
29964: time() = 1077620848
29964: write(4, " d o v e c o t - a u t h".., 74) = 74
29964: waitid(P_ALL, 0, 0xFFBFF998, WEXITED|WTRAPPED|WNOHANG) Err#10 ECHILD
29964: poll(0x00052E28, 10, 998) = 0
29964: poll(0x00052E28, 10, 0) = 0
29964: poll(0x00052E28, 10, 4999) (sleeping...)
29964: poll(0x00052E28, 10, 4999) = 1
29964: read(14, 0x0007C051, 4047) = 0
29964: close(14) = 0
29964: poll(0x00052E28, 9, 2885) (sleeping...)
dovecot.conf----------------------------------------------------
## Dovecot 1.0 configuration file
# Default values are shown after each value, it's not required to uncomment
# any of the lines. Exception to this are paths, they're just examples
# with real defaults being based on configure options. The paths listed here
# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
# --with-ssldir=/etc/ssl
# Base directory where to store runtime data.
base_dir = /usr/local/dovecot/run/
# Protocols we want to be serving:
# imap imaps pop3 pop3s
protocols = imap pop3 imaps pop3s
# IP or host address where to listen in for connections. It's not currently
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
# interfaces depending on the operating system. You can specify ports with
# "host:port".
imap_listen = *
pop3_listen = *
# IP or host address where to listen in for SSL connections. Defaults
# to above non-SSL equilevants if not specified.
#imaps_listen =
#pop3s_listen =
# Disable SSL/TLS support.
ssl_disable = yes
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
# SSL parameter file. Master process generates this file for login processes.
# It contains Diffie Hellman and RSA parameters.
ssl_parameters_file = /usr/local/dovecot/run/ssl-parameters.dat
# How often to regenerate the SSL parameters file. Generation is quite CPU
# intensive operation. The value is in hours, 0 disables regeneration
# entirely.
ssl_parameters_regenerate = 24
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability)
#disable_plaintext_auth = no
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
log_path = /var/log/dovecot.log
# For informational messages, use this logfile instead of the default
info_log_path = /var/log/dovecot.info
# Prefix for each line written to log file. % codes are in strftime(3)
# format. Note the extra space at the end of line.
#log_timestamp = "%b %d %H:%M:%S "
##
## Login processes
##
# Directory where authentication process places authentication UNIX sockets
# which login needs to be able to connect to. The sockets are created when
# running as root, so you don't have to worry about permissions.
#login_dir = /usr/local/dovecot/run/login
# chroot login process to the login_dir. Only reason not to do this is if you
# wish to run the whole Dovecot without roots.
#login_chroot = yes
##
## IMAP login process
##
login = imap
# Executable location.
#login_executable = /usr/local/dovecot/libexec/dovecot/imap-login
# User to use for the login process. Create a completely new user for this,
# and don't use it anywhere else. The user must also belong to a group where
# only it has access, it's used to control access for authentication process.
login_user = dovecot
# Set max. process size in megabytes. If you don't use
# login_process_per_connection you might need to grow this.
#login_process_size = 16
# Should each login be processed in it's own process (yes), or should one
# login process be allowed to process multiple connections (no)? Yes is more
# secure, espcially with SSL/TLS enabled. No is faster since there's no need
# to create processes all the time.
#login_process_per_connection = yes
# Number of login processes to create. If login_process_per_user is
# yes, this is the number of extra processes waiting for users to log in.
#login_processes_count = 3
# Maximum number of extra login processes to create. The extra process count
# usually stays at login_processes_count, but when multiple users start logging
# IN AT THE SAME time more extra processes are created. To prevent fork-bombing
# we check only once in a second if new processes should be created - if all
# of them are used at the time, we double their amount until limit set by this
# setting is reached. This setting is used only if login_process_per_use is yes.
#login_max_processes_count = 128
# Maximum number of connections allowed in login state. When this limit is
# reached, the oldest connections are dropped. If login_process_per_user
# is no, this is a per-process value, so the absolute maximum number of users
# logging in actually login_processes_count * max_logging_users.
#login_max_logging_users = 256
##
## POP3 login process
##
# Settings default to same as above, so you don't have to set anything
# unless you want to override them.
login = pop3
# Exception to above rule being the executable location.
#login_executable = /usr/libexec/dovecot/pop3-login
##
## Mail processes
##
# Maximum number of running mail processes. When this limit is reached,
# new users aren't allowed to log in.
#max_mail_processes = 1024
# Show more verbose process titles (in ps). Currently shows user name and
# IP address. Useful for seeing who are actually using the IMAP processes
# (eg. shared mailboxes or if same uid is used for multiple accounts).
#verbose_proctitle = no
# Show protocol level SSL errors.
#verbose_ssl = no
# Valid UID range for users, defaults to 500 and above. This is mostly
# to make sure that users can't log in as daemons or other system users.
# Note that denying root logins is hardcoded to dovecot binary and can't
# be done even if first_valid_uid is set to 0.
#first_valid_uid = 500
#last_valid_uid = 0
# Valid GID range for users, defaults to non-root/wheel. Users having
# non-valid GID as primary group ID aren't allowed to log in. If user
# belongs to supplementary groups with non-valid GIDs, those groups are
# not set.
#first_valid_gid = 1
#last_valid_gid = 0
# ':' separated list of directories under which chrooting is allowed for mail
# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
# This setting doesn't affect login_chroot or auth_chroot variables.
# WARNING: Never add directories here which local users can modify, that
# may lead to root exploit. Usually this should be done only if you don't
# allow shell access for users. See doc/configuration.txt for more information.
#valid_chroot_dirs =
# Default chroot directory for mail processes. This can be overridden by
# giving /./ in user's home directory (eg. /home/./user chroots into /home).
#mail_chroot =
# Default MAIL environment to use when it's not set. By leaving this empty
# dovecot tries to do some automatic detection as described in
# doc/mail-storages.txt. There's a few special variables you can use:
#
# %u - username
# %n - user part in user at domain, same as %u if there's no domain
# %d - domain part in user at domain, empty if user there's no domain
# %h - home directory
#
# You can also limit a width of string by giving the number of max. characters
# after the '%' character. For example %1u gives the first character of
# username. Some examples:
#
# maildir:/var/mail/%1u/%u/Maildir
# mbox:~/mail/:INBOX=/var/mail/%u
# mbox:/var/mail/%d/%n/:INDEX=/var/indexes/%d/%n
#
default_mail_env = maildir:/maildir/%u/Maildir
# Space-separated list of fields to cache for all mails. Currently these
# fields are allowed followed by a list of commands they speed up:
#
# Envelope - FETCH ENVELOPE and SEARCH FROM, TO, CC, BCC, SUBJECT,
# SENTBEFORE, SENTON, SENTSINCE, HEADER MESSAGE-ID,
# HEADER IN-REPLY-TO
# Body - FETCH BODY
# Bodystructure - FETCH BODY, BODYSTRUCTURE
# MessagePart - FETCH BODY[1.2.3] (ie. body parts), RFC822.SIZE,
# SEARCH SMALLER, LARGER, also speeds up BODY/BODYSTRUCTURE
# generation. This is always set with mbox mailboxes, and
# also default with Maildir.
#
# Different IMAP clients work in different ways, that's why Dovecot by default
# only caches MessagePart which speeds up most operations. Whenever client
# does something where caching could be used, the field is automatically marked
# to be cached later. For example after FETCH BODY the BODY will be cached
# for all new messages. Normally you should leave this alone, unless you know
# what most of your IMAP clients are. Caching more fields than needed makes
# the index files larger and generate useless I/O.
#
# With maildir there's one extra optimization - if nothing is cached, indexing
# the maildir becomes much faster since it's not opening any of the mail files.
# This could be useful if your IMAP clients access only new mails.
#mail_cache_fields = MessagePart
# Space-separated list of fields that Dovecot should never set to be cached.
# Useful if you want to save disk space at the cost of more I/O when the fields
# needed.
#mail_never_cache_fields =
# Workarounds for various client bugs:
# oe6-fetch-no-newmail:
# Never send EXISTS/RECENT when replying to FETCH command. Outlook Express
# seems to think they are FETCH replies and gives user "Message no longer
# in server" error. Note that OE6 still breaks even with this workaround
# if synchronization is set to "Headers Only".
# outlook-idle:
# Outlook and Outlook Express never abort IDLE command, so if no mail
# arrives in half a hour, Dovecot closes the connection. This is still
# fine, except Outlook doesn't connect back so you don't see if new mail
# arrives.
#client_workarounds =
# Dovecot can notify client of new mail in selected mailbox soon after it's
# received. This setting specifies the minimum interval in seconds between
# new mail notifications to client - internally they may be checked more or
# less often. Setting this to 0 disables the checking.
# NOTE: Evolution client breaks with this option when it's trying to APPEND.
#mailbox_check_interval = 0
# Like mailbox_check_interval, but used for IDLE command.
#mailbox_idle_check_interval = 30
# Allow full filesystem access to clients. There's no access checks other than
# what the operating system does for the active UID/GID. It works with both
# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
# or ~user/.
mail_full_filesystem_access = no
# Maximum allowed length for custom flag name. It's only forced when trying
# to create new flags.
#mail_max_flag_length = 50
# Save mails with CR+LF instead of plain LF. This makes sending those mails
# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
# But it also creates a bit more disk I/O which may just make it slower.
#mail_save_crlf = no
# Use mmap() instead of read() to read mail files. read() seems to be a bit
# faster with my Linux/x86 and it's better with NFS, so that's the default.
#mail_read_mmaped = no
# Copy mail to another folders using hard links. This is much faster than
# actually copying the file. This is problematic only if something modifies
# the mail in one folder but doesn't want it modified in the others. I don't
# know any MUA which would modify mail files directly. IMAP protocol also
# requires that the mails don't change, so it would be problematic in any case.
# If you care about performance, enable it.
#maildir_copy_with_hardlinks = no
# Check if mails' content has been changed by external programs. This slows
# down things as extra stat() needs to be called for each file. If changes are
# noticed, the message is treated as a new message, since IMAP protocol
# specifies that existing message are immutable.
#maildir_check_content_changes = no
# Which locking methods to use for locking mbox. There's three available:
# dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
# solution. If you want to use /var/mail/ like directory, the users
# will need write access to that directory.
# fcntl : Use this if possible. Works with NFS too if lockd is used.
# flock : May not exist in all systems. Doesn't work with NFS.
#
# You can use both fcntl and flock too; if you do the order they're declared
# with is important to avoid deadlocks if other MTAs/MUAs are using both fcntl
# and flock. Some operating systems don't allow using both of them
# simultaneously, eg. BSDs. If dotlock is used, it's always created first.
#mbox_locks = dotlock fcntl
# Should we create dotlock file even when we want only a read-lock? Setting
# this to yes hurts the performance when the mailbox is accessed simultaneously
# by multiple processes, but it's needed for reliable reading if no other
# locking methods are available.
#mbox_read_dotlock = no
# Maximum time in seconds to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 300
# If dotlock exists but the mailbox isn't modified in any way, override the
# lock file after this many seconds.
#mbox_dotlock_change_timeout = 30
# umask to use for mail files and directories
#umask = 0077
# Drop all privileges before exec()ing the mail process. This is mostly
# meant for debugging, otherwise you don't get core dumps. Note that setting
# this to yes means that log file is opened as the logged in user, which
# might not work. It could also be a small security risk if you use single UID
# for multiple users, as the users could ptrace() each others processes then.
#mail_drop_priv_before_exec = no
##
## IMAP process
##
# Executable location
#imap_executable = /usr/libexec/dovecot/imap
# Set max. process size in megabytes. Most of the memory goes to mmap()ing
# files, so it shouldn't harm much even if this limit is set pretty high.
#imap_process_size = 256
# Support for dynamically loadable modules.
#imap_use_modules = no
#imap_modules = /usr/lib/dovecot/imap
##
## POP3 process
##
# Executable location
#pop3_executable = /usr/libexec/dovecot/pop3
# Set max. process size in megabytes. Most of the memory goes to mmap()ing
# files, so it shouldn't harm much even if this limit is set pretty high.
#pop3_process_size = 256
# Support for dynamically loadable modules.
#pop3_use_modules = no
#pop3_modules = /usr/lib/dovecot/pop3
##
## Authentication processes
##
# You can have multiple processes; each time "auth = xx" is seen, a new
# process definition is started. The point of multiple processes is to be
# able to set stricter permissions to others. For example, plain/PAM
# authentication requires roots, but if you also use digest-md5 authentication
# for some users, you can authenticate them without any privileges in a
# separate auth process. Just remember that only one auth process is asked
# for the password, so you can't have different passwords with different
# processes (unless they have different auth methods, and you're ok with
# having different password for each method).
# Authentication process name.
auth = default
# Space separated list of wanted authentication mechanisms:
# plain digest-md5 anonymous
auth_mechanisms = plain
# Space separated list of realms for SASL authentication mechanisms that need
# them. You can leave it empty if you don't want to support multiple realms.
# Many clients simply use the first one listed here, so keep the default realm
# first.
#auth_realms =
# Default realm to use if none was specified.
#auth_default_realm =
# Where user database is kept:
# passwd: /etc/passwd or similiar, using getpwnam()
# passwd-file <path>: passwd-like file with specified location
# static uid=<uid> gid=<gid> home=<dir template>: static settings
# vpopmail: vpopmail library
# ldap <config path>: LDAP, see doc/dovecot-ldap.conf
# pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
#auth_userdb = passwd
auth_userdb = ldap /usr/local/dovecot/etc/dovecot-ldap.conf
# Where password database is kept:
# passwd: /etc/passwd or similiar, using getpwnam()
# shadow: /etc/shadow or similiar, using getspnam()
# pam [<service> | *]: PAM authentication
# passwd-file <path>: passwd-like file with specified location
# vpopmail: vpopmail authentication
# ldap <config path>: LDAP, see doc/dovecot-ldap.conf
# pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
auth_passdb = pam imap
#auth_passdb = ldap /usr/local/dovecot/etc/dovecot-ldap.conf
#auth_executable = /usr/libexec/dovecot/dovecot-auth
# Set max. process size in megabytes.
#auth_process_size = 256
# User to use for the process. This user needs access to only user and
# password databases, nothing else. Only shadow and pam authentication
# requires roots, so use something else if possible.
auth_user = root
# Directory where to chroot the process. Most authentication backends don't
# work if this is set, and there's no point chrooting if auth_user is root.
#auth_chroot =
# Number of authentication processes to create
#auth_count = 1
# List of allowed characters in username. If the user-given username contains
# a character not listed in here, the login automatically fails. This is just
# an extra check to make sure user can't exploit any potential quote escaping
# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
# set this value to empty.
#auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
# Username to use for users logging in with ANONYMOUS SASL mechanism
#auth_anonymous_username = anonymous
# More verbose logging. Useful for figuring out why authentication isn't
# working.
auth_verbose = yes
# digest-md5 authentication process. It requires special MD5 passwords which
# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
# Note that the passwd-file is opened before chrooting and dropping root
# privileges, so it may be 0600-root owned file.
#auth = digest_md5
#auth_methods = digest-md5
#auth_realms =
#auth_userdb = passwd-file /etc/passwd.imap
#auth_passdb = passwd-file /etc/passwd.imap
#auth_user = imapauth
#auth_chroot =
# if you plan to use only passwd-file, you don't need the two auth processes,
# simply set "auth_methods = plain digest-md5"
--
Benjamin Dabelow benja.dabelow at gmx.net
Staufenbergstr. 88 benja-dabelow.gmxhome.de/start.html
74081 Heilbronn
Germany
More information about the dovecot
mailing list