Problems with dsync and global acls
Michał Węgrzynek
mwegrzynek at litex.pl
Thu Jun 12 12:04:43 UTC 2014
Hi all!
I have 2 servers running dsync tcp replication between them. After
setting global ACLs to
* user=admin lrwstipekxa
on both hosts, I get the following errors during replication for every
folder:
dsync-local(mwegrzynek): Error: Mailbox Trash: Failed to set attribute
vendor/vendor.dovecot/pvt/acl/user=admin: Invalid right ''
This error first manifested in version 2.2.13, there were no such errors
in 2.2.9 (stock Ubuntu 14.04) version.
Am I doing something wrong?
My configuration:
# 2.2.13.3 (6dab0352ccb3+): /etc/dovecot/dovecot.conf
# OS: Linux 3.13.0-29-generic x86_64 Ubuntu 14.04 LTS ext4
auth_cache_size = 10 M
auth_gssapi_hostname = $ALL
auth_krb5_keytab = /etc/dovecot/krb5.keytab
auth_master_user_separator = *
auth_mechanisms = plain login gssapi
auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@()
auth_username_format = %Ln
auth_verbose = yes
default_client_limit = 10000
default_process_limit = 1000
default_vsz_limit = 2 G
doveadm_port = 12345
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
lmtp_rcpt_check_quota = yes
lmtp_save_to_detail_mailbox = yes
mail_gid = vmail
mail_home = /var/mail/users/%u
mail_location = mdbox:/var/mail/users/%u/mdbox
mail_plugins = acl quota virtual zlib listescape fts fts_squat notify
replication
mail_prefetch_count = 20
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave duplicate
mdbox_preallocate_space = yes
namespace dzielone {
list = children
location = mdbox:%%h/mdbox:INDEXPVT=~/shared/%%u
prefix = Dzielone/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
list = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = /
subscriptions = yes
type = private
}
namespace publiczne {
list = children
location = mdbox:/var/mail/public:INDEXPVT=~/public
prefix = Publiczne/
separator = /
subscriptions = no
type = public
}
passdb {
args = /etc/dovecot/passwd.masterusers
driver = passwd-file
master = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.passdb.ext
driver = ldap
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/var/mail/config/shared-mailboxes
fts = squat
fts_squat = partial=4 full=10
mail_replica = tcps:xxx.yyy.zzz
quota = dict:User quota::file:%h/dovecot-quota
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
zlib_save = gz
zlib_save_level = 6
}
pop3_uidl_format = %v.%u
protocols = imap pop3 lmtp sieve
quota_full_tempfail = yes
replication_dsync_parameters = -d -l 60 -n inbox -U
service aggregator {
fifo_listener replication-notify-fifo {
user = vmail
}
unix_listener replication-notify {
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/dovecot-auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = vmail
user = vmail
}
}
service doveadm {
inet_listener {
port = 12345
ssl = yes
}
process_limit = 10
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
mode = 0600
user = vmail
}
}
ssl_ca = </etc/ssl/certs/xxx.pem
ssl_cert = </etc/ssl/certs/default.pem
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_client_ca_file = /etc/ssl/certs/xxx.pem
ssl_key = </etc/ssl/private/default.key
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-ldap.userdb.ext
driver = ldap
}
protocol lmtp {
mail_plugins = acl quota virtual zlib listescape fts fts_squat notify
replication sieve
}
protocol lda {
mail_plugins = acl quota virtual zlib listescape fts fts_squat notify
replication sieve
}
protocol imap {
mail_plugins = acl quota virtual zlib listescape fts fts_squat notify
replication imap_acl imap_zlib imap_quota
}
Thanks in advance for your help,
--
*Michał Węgrzynek*
More information about the dovecot
mailing list