[Dovecot] doveadm index - Bug or expected behaviour?

Bruno Galindro da Costa bruno.galindro at gmail.com
Thu Jun 5 18:30:26 UTC 2014 

My ldap config is using the variable %d in base search for domain
replacement when dovecot will search for users in LDAP. Its works fine for
dovecot operation.

But, for doveadm index, not. It ignores that variable and tries to pass a
base search without domain. So, the search will not working.

This is the command:
# doveadm -v index -A  INBOX


This is my config:
# cat /etc/dovecot/dovecot-ldap-userdb.conf
hosts = 10.0.0.1
tls = no
auth_bind = no
ldap_version = 3
base = ou=%d,ou=mail,ou=services,dc=domain
scope = subtree
deref = never
user_filter = (& (cn=%n)(objectclass=nisMailAlias)(ContaAtiva=TRUE) )
user_attrs =
cn=rfc822mailmember,EmailQuota=quota_rule=*:storage=%$M,EmailQuotaSpecial=quota_rule=*:storage=%$M,eduPersonPrincipalName=eppn
iterate_filter =
(&(objectclass=nisMailAlias)(ContaAtiva=TRUE)(!(EmailQuota=0)))
iterate_attrs = rfc822mailmember=user


This is the error reported by doveadm index:
doveadm(root): Error: User listing returned failure
doveadm: Error: Failed to iterate through some users


If you put a tcpdump to monitor the search, you i'll see 3 packets. The
first is the LDAP searchRequest message, with this content:
LDAPMessage searchRequest(3) "*ou=,*ou=mail,ou=services,dc=domain"
wholeSubtree


If I change the base parameter of config file to this, it works perfectly:
base = ou=net.domain,ou=mail,ou=services,dc=domain

tcpdump:
LDAPMessage searchRequest(3)
"*ou=**net.domain**,*ou=mail,ou=services,dc=domain"
wholeSubtree


# dovecot -n

# 2.2.13 (5c877bca95e5): /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-63-virtual x86_64 Ubuntu 12.04.4 LTS zfs
auth_cache_negative_ttl = 1 mins
auth_cache_size = 1 k
auth_cache_ttl = 10 mins
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@~
disable_plaintext_auth = no
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_gid = mail
mail_home = /var/mail/mailboxes/%d/%n/home
mail_location =
maildir:/var/mail/mailboxes/%d/%n:INDEX=/var/mail.indexes/%d/%n
mail_privileged_group = mail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags
copy include variables body enotify environment mailbox date ihave
namespace inbox {
  inbox = yes
  location =
  prefix =
  type = private
}
namespace spam {
  list = yes
  location = maildir:/var/mail.spam/%d/%n
  mailbox Filtrados {
    auto = subscribe
  }
  prefix = SPAM.
  subscriptions = yes
  type = private
}
passdb {
  args = /etc/dovecot/passdb.v3.1.sh
  driver = checkpassword
}
plugin {
  mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename flag_change save mailbox_create
  mail_log_fields = uid box msgid from subject size vsize
  quota = maildir:DefaultQuota
  quota_exceeded_message = O destinatario desta mensagem esta com a caixa
postal cheia. A sua mensagem so pode ser entregue se o destinatario apagar
algumas das mensagens.
  quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 %u
  quota_warning2 = storage=90%% /usr/local/bin/quota-warning.sh 90 %u
  sieve = /var/mail/sieve_scripts/%d/%n/.dovecot.sieve
  sieve_after = /etc/dovecot/sieve/default.sieve
  sieve_dir = /var/mail/sieve_scripts/%d/%n/sieve
  sieve_global_dir = /etc/dovecot/sieve
  sieve_global_path = /etc/dovecot/sieve/default.sieve
  trash = /etc/dovecot/dovecot-trash.conf
}
protocols = imap sieve pop3
service anvil {
  client_limit = 1603
}
service auth {
  client_limit = 1600
  unix_listener auth-client {
    mode = 0660
  }
  unix_listener auth-master {
    group = mail
    mode = 0600
    user = vmail
  }
  user = root
  vsz_limit = 256 M
}
service imap-login {
  client_limit = 1500
  inet_listener imap {
    address = *,[::]
    port = 143
  }
  inet_listener imaps {
    address = *,[::]
    port = 993
  }
  process_limit = 500
  service_count = 0
  user = dovecot
  vsz_limit = 256 M
}
service imap {
  process_limit = 2048
  vsz_limit = 450 M
}
service managesieve-login {
  client_limit = 1500
  executable = /usr/lib/dovecot/managesieve-login
  process_limit = 500
  service_count = 0
  user = dovecot
  vsz_limit = 256 M
}
service managesieve {
  executable = /usr/lib/dovecot/managesieve
  process_limit = 2048
  vsz_limit = 450 M
}
service pop3-login {
  client_limit = 1500
  inet_listener pop3s {
    address = *,[::]
    port = 2221
  }
  process_limit = 500
  service_count = 0
  user = dovecot
  vsz_limit = 256 M
}
service pop3 {
  process_limit = 2048
  vsz_limit = 450 M
}
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap-userdb.conf
  driver = ldap
}
protocol imap {
  mail_fsync = never
  mail_max_userip_connections = 2048
  mail_plugins = quota imap_quota trash zlib mail_log notify
  ssl_ca = </etc/dovecot/ca.crt
  ssl_cert = </etc/dovecot/domain.crt
  ssl_key = </etc/dovecot/domain.key
}
protocol pop3 {
  mail_fsync = never
  mail_plugins = quota
  pop3_uidl_format = %08Xu%08Xv
  ssl_ca = </etc/dovecot/ca.crt
  ssl_cert = </etc/dovecot/domain.crt
  ssl_key = </etc/dovecot/domain.key
}
protocol sieve {
  managesieve_implementation_string = Cyrus timsieved v2.2.13
  managesieve_logout_format = bytes=%i/%o
  ssl_ca = </etc/dovecot/ca.crt
  ssl_cert = </etc/dovecot/domain.crt
  ssl_key = </etc/dovecot/domain.key
}
protocol lda {
  auth_socket_path = /var/run/dovecot/auth-master
  mail_fsync = optimized
  mail_plugins = quota sieve expire
  postmaster_address = admin at domain
}


-- 
Att.
Bruno Galindro da Costa

More information about the dovecot mailing list