TCP Cluster replication headache

FUSTE Emmanuel emmanuel.fuste at thalesgroup.com
Tue Aug 26 08:43:56 UTC 2014


Le 07/05/2014 17:38, Emmanuel Fusté a écrit :
> Hello,
>
> After going crazy building a dovecot cluster, I finally see the light ;-))
> But some things are "strange" and could probably be fixed/enhanced.
>
> First :
> I follow the wiki doc, setting global doveadm_port.
> Things did not work, I've got:
>
> dovecot: doveadm(X1234567): Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't support crentials lookups (to see if user is proxied, because doveadm_port is set)
>
> Same kind of error too when trying to use doveadm on the command line to
> get the replica status.
> My user/auth db is LDAP with "auth_bind = yes", but I don't understand
> the message in these context and did'nt know how to fix this.
> I tried to hardcode proxy/proxy_maybe property in the passdb declaration
> etc...
> Finally, I remove the global "doveadm_port 12345" and add ":12345" at
> the end of my "mail_replica =" line and all began to work !
> Is it a wanted and expected error/fix ?

Ok, this first point should be fixed by 
http://hg.dovecot.org/dovecot-2.2/rev/a2e0e89bc27d
Need to test it.

Thank you.
Emmanuel.

>
> Secondly:
> Now all is working and "doveadm replicator status '*' " correctly list
> all my users and the status, but after a few seconds (after replication
> kick in), I see all user listed twice.
> One time, as declared in the userdb with letters in uppercase  : "X1234567"
> One time, in lowercase : "x1234567"
> On disk, all is OK, with only one replica in an uppercase directory.
> I initially think that it was a mismatch between userdb and passdb users
> return, but it was in fact the default value of auth_username_format
> that was the culprit. After going from the default %Lu to %u doveadm
> replicator status show only one entry per user as expected.
> Is it wanted and expected too? why auth_username_format is used/interact
> with/in the replication process and/or the replicator status command ?
>
> Not all is functionally tested, I go back to work.
> My is conf at the end of this message.
>
> Thanks Simo for this great piece of software.
>
> Emmanuel
>
> # 2.2.12.7 (f7731356530e+): /etc/dovecot/dovecot.conf
> # OS: Linux 3.11.0-19-generic x86_64 Ubuntu 12.04.4 LTS
> auth_master_user_separator = *
> auth_username_format = %u
> doveadm_password = xxxxxxxxxxx
> lda_mailbox_autocreate = yes
> listen = *
> mail_gid = vmail
> mail_location = maildir:~/Maildir
> mail_plugins = quota notify replication
> mail_uid = vmail
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
> namespace {
>     hidden = no
>     inbox = yes
>     list = yes
>     location =
>     prefix =
>     separator = /
>     subscriptions = yes
>     type = private
> }
> namespace {
>     hidden = no
>     inbox = no
>     list = children
>     location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
>     prefix = shared/%%u/
>     separator = /
>     subscriptions = no
>     type = shared
> }
> passdb {
>     args = /etc/dovecot/dovecot-ldap.conf.ext
>     driver = ldap
> }
> plugin {
>     acl = vfile
>     acl_anyone = allow
>
>     acl_shared_dict =file:/appli/vmail/shared-mailboxes
>     mail_replica = tcp:thsmytmbx02p.online.corp.thales:12345
>     quota = dict:userquota::file:/appli/vmail/local_userquota/%%h/dovecot-quota
>     quota_rule = *:storage=100M
>     quota_rule2 = INBOX:storage=+20%%
>     quota_rule3 = Trash:storage=+10%%
>     sieve = ~/.dovecot.sieve
>     sieve_dir = ~/sieve
> }
> protocols = imap sieve
> service aggregator {
>     fifo_listener replication-notify-fifo {
>       user = vmail
>     }
>     unix_listener replication-notify {
>       user = vmail
>     }
> }
> service auth {
>     unix_listener auth-userdb {
>       group = vmail
>       mode = 0660
>     }
> }
> service doveadm {
>     inet_listener {
>       port = 12345
>     }
>     user = vmail
> }
> service replicator {
>     process_min_avail = 1
>     unix_listener replicator-doveadm {
>       mode = 0666
>     }
> }
> ssl = no
> userdb {
>     args = /etc/dovecot/dovecot-users-ldap.conf.ext
>     driver = ldap
> }
> protocol lda {
>     mail_plugins = quota sieve
> }
> protocol imap {
>     mail_plugins = quota imap_quota
> }
>
>
>
> dovecot-users-ldap.conf.ext:
> dovecot-ldap.conf.ext:
>
> uris = ldapi:///
> dn = uid=dovecot,dc=mydomain,dc=com
> dnpass = xxxxxxxxxxxx
> auth_bind = yes
> ldap_version = 3
> base = ou=users,dc=mydomain,dc=com
> user_attrs = =home=/appli/vmail/%{ldap:uid}
> user_filter = (&(objectClass=inetOrgPerson)(|(uid=%u)(mail=%u)))
> pass_attrs = =user=%{ldap:uid}
> pass_filter = (&(objectClass=inetOrgPerson)(uid=%u)(!(pwdReset=TRUE)))
> iterate_attrs = uid=user
> iterate_filter = (objectClass=inetOrgPerson)
>


More information about the dovecot mailing list