2.3.17 broken on CentOS8 / bug

Aki Tuomi aki.tuomi at open-xchange.com
Wed Nov 3 14:34:02 EET 2021


This issue is now fixed for Dovecot on master with

https://github.com/dovecot/core/compare/ca2237e%5E..6fff8d5.patch

and for pigeonhole master with

https://github.com/dovecot/pigeonhole/commit/29750ba54c20eea0afd4ca436ddc1325723ce93f.patch

Regards,
Aki

> On 01/11/2021 08:38 Aki Tuomi <aki.tuomi at open-xchange.com> wrote:
> 
>  
> Hi all!
> 
> We are looking into this issue.
> 
> Aki
> 
> > On 30/10/2021 19:36 TG Servers <srvrs at prvtmail.net> wrote:
> > 
> > 
> > Thanks Robert, I read that. I will also wait for a patch and stay
> >  
> >  Cheers
> > 
> > 
> > On 30/10/2021 12:59, Robert Nowotny wrote:
> > 
> > > the reason is : 
> > >  
> > > ssl_ca = </etc/ssl/certs/ca-bundle.crt
> > >  
> > >  if "ca-bundle.crt"is too big, You will get that error.
> > >  this should be fixed, but as a workaround You might pull out the certificates You need.
> > >  I personally wait for the patch and stay at 2.3.16 for the time beeing.
> > >  
> > >  yours sincerely
> > >  Robert
> > > 
> > >  
> > > 
> > > Am 30.10.2021 um 10:34 schrieb TG Servers:
> > > 
> > > > Hello,
> > > >  
> > > >  tonight my dovecot upgraded to 2.3.17 and completely broke on recent CentOS 8 installation.
> > > >  
> > > >  I found the service in status 
> > > >  
> > > >  [root at riot ~]# systemctl status dovecot
> > > >  ● dovecot.service - Dovecot IMAP/POP3 email server
> > > >  Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
> > > >  Active: failed (Result: exit-code) since Sat 2021-10-30 09:59:11 CEST; 58s ago
> > > >  Docs: man:dovecot(1)
> > > >  https://doc.dovecot.org/
> > > >  Process: 1515 ExecStart=/usr/sbin/dovecot -F (code=exited, status=89)
> > > >  Process: 1429 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
> > > >  Main PID: 1515 (code=exited, status=89)
> > > >  
> > > >  Oct 30 09:59:10 riot.<domain>.com systemd[1]: Starting Dovecot IMAP/POP3 email server...
> > > >  Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: execvp(/usr/libexec/dovecot/managesieve) failed: Argument list too long
> > > >  Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Error: managesieve-login: dump-capability process returned 89
> > > >  Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: execvp(/usr/sbin/dovecot) failed: Argument list too long
> > > >  Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a
> > > >  Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: Failed with result 'exit-code'.
> > > >  Oct 30 09:59:11 riot.<domain>.com systemd[1]: Failed to start Dovecot IMAP/POP3 email server.
> > > >  
> > > >  This seems to be like a bug as no configuration was changed by me in the middle of the night.
> > > >  I recall there were similar errors/bug reports in the past were it seemed it was managesieve but wasn't, people had some misconfigurations in the dovecot.conf. I did not change my dovecot.conf since April.
> > > >  But maybe here it is a pigeonhole issue.
> > > >  
> > > >  As I did not find any reason for it I changed the repo and downgraded to 2.3.16-2 now and it runs without any flaws, like all the time before. I had no time to investigate this any longer thand 2 hours with 2.3.17 installed as this is a production server and I need the email access. I also did not find anything adressable in the logs.
> > > >  
> > > >  [root at riot dovecot]# systemctl status dovecot
> > > >  ● dovecot.service - Dovecot IMAP/POP3 email server
> > > >  Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
> > > >  Active: active (running) since Sat 2021-10-30 10:18:11 CEST; 2s ago
> > > >  Docs: man:dovecot(1)
> > > >  https://doc.dovecot.org/
> > > >  Process: 32398 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
> > > >  Main PID: 32452 (dovecot)
> > > >  Status: "v2.3.16 (7e2e900c1a) running"
> > > >  Tasks: 4 (limit: 99912)
> > > >  Memory: 4.4M
> > > >  CGroup: /system.slice/dovecot.service
> > > >  ├─32452 /usr/sbin/dovecot -F
> > > >  ├─32507 dovecot/anvil
> > > >  ├─32508 dovecot/log
> > > >  └─32513 dovecot/config
> > > >  
> > > >  Oct 30 10:18:11 riot.<domain>.com systemd[1]: Starting Dovecot IMAP/POP3 email server...
> > > >  Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: Warning: Corrected permissions for login directory /var/run/dovecot/token-login
> > > >  Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Warning: Corrected permissions for login directory /var/run/dovecot/token-login
> > > >  Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, lmtp, sieve
> > > >  Oct 30 10:18:11 riot.<domain>.com systemd[1]: Started Dovecot IMAP/POP3 email server.
> > > >  
> > > >  
> > > >  This is the configuration
> > > >  # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf
> > > >  # Pigeonhole version 0.5.16 (09c29328)
> > > >  # OS: Linux 4.18.0-305.19.1.el8_4.x86_64 x86_64 AlmaLinux release 8.4 (Electric Cheetah)
> > > >  # Hostname: riot.<domain>.com
> > > >  auth_mechanisms = plain login
> > > >  auth_verbose = yes
> > > >  listen = *
> > > >  mail_gid = vmail
> > > >  mail_home = /var/vmail/mailboxes/%d/%n
> > > >  mail_location = maildir:~/mail:LAYOUT=fs
> > > >  mail_plugins = " quota fts fts_solr"
> > > >  mail_privileged_group = vmail
> > > >  mail_uid = vmail
> > > >  managesieve_notify_capability = mailto
> > > >  managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
> > > >  namespace inbox {
> > > >  inbox = yes
> > > >  location =
> > > >  mailbox Drafts {
> > > >  auto = subscribe
> > > >  special_use = \Drafts
> > > >  }
> > > >  mailbox Sent {
> > > >  auto = subscribe
> > > >  special_use = \Sent
> > > >  }
> > > >  mailbox Spam {
> > > >  auto = subscribe
> > > >  special_use = \Junk
> > > >  }
> > > >  mailbox Trash {
> > > >  auto = subscribe
> > > >  special_use = \Trash
> > > >  }
> > > >  prefix =
> > > >  separator = .
> > > >  type = private
> > > >  }
> > > >  passdb {
> > > >  args = /etc/dovecot/dovecot-sql.conf
> > > >  driver = sql
> > > >  }
> > > >  plugin {
> > > >  fts = solr
> > > >  fts_autoindex = yes
> > > >  fts_solr = url=http://localhost:<solr_port>/solr/dovecot/
> > > >  imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve
> > > >  imapsieve_mailbox1_causes = COPY
> > > >  imapsieve_mailbox1_name = Spam
> > > >  imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve
> > > >  imapsieve_mailbox2_causes = COPY
> > > >  imapsieve_mailbox2_from = Spam
> > > >  imapsieve_mailbox2_name = *
> > > >  quota = maildir:User quota
> > > >  quota_exceeded_message = User %u is over the storage quota
> > > >  sieve = file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
> > > >  sieve_before = /var/vmail/sieve/global/spam-global.sieve
> > > >  sieve_global_extensions = +vnd.dovecot.pipe
> > > >  sieve_pipe_bin_dir = /usr/bin
> > > >  sieve_plugins = sieve_imapsieve sieve_extprograms
> > > >  }
> > > >  protocols = imap lmtp sieve
> > > >  service auth {
> > > >  unix_listener /var/spool/postfix/private/auth {
> > > >  group = postfix
> > > >  mode = 0660
> > > >  user = postfix
> > > >  }
> > > >  unix_listener auth-userdb {
> > > >  group = vmail
> > > >  mode = 0660
> > > >  user = vmail
> > > >  }
> > > >  }
> > > >  service imap-login {
> > > >  inet_listener imap {
> > > >  port = 0
> > > >  }
> > > >  inet_listener imaps {
> > > >  port = 993
> > > >  }
> > > >  }
> > > >  service lmtp {
> > > >  unix_listener /var/spool/postfix/private/dovecot-lmtp {
> > > >  group = postfix
> > > >  mode = 0660
> > > >  user = postfix
> > > >  }
> > > >  user = vmail
> > > >  }
> > > >  service managesieve-login {
> > > >  inet_listener sieve {
> > > >  port = 4190
> > > >  }
> > > >  }
> > > >  ssl = required
> > > >  ssl_ca = </etc/ssl/certs/ca-bundle.crt
> > > >  ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt
> > > >  ssl_cipher_list = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:EECDH+AESGCM:EDH+AESGCM:@SECLEVEL=2
> > > >  ssl_client_ca_dir = /etc/ssl/certs
> > > >  ssl_client_ca_file = /etc/ssl/certs/ca-bundle.crt
> > > >  ssl_dh = # hidden, use -P to show it
> > > >  ssl_key = # hidden, use -P to show it
> > > >  ssl_prefer_server_ciphers = yes
> > > >  userdb {
> > > >  args = /etc/dovecot/dovecot-sql.conf
> > > >  driver = sql
> > > >  }
> > > >  protocol imap {
> > > >  imap_idle_notify_interval = 24 mins
> > > >  mail_max_userip_connections = 20
> > > >  mail_plugins = " quota fts fts_solr imap_quota imap_sieve"
> > > >  }
> > > >  protocol lmtp {
> > > >  mail_plugins = " quota fts fts_solr sieve"
> > > >  postmaster_address = postmaster@<domain>.com
> > > >  }
> > > >  local_name mail.<domain_3>.com {
> > > >  ssl_cert = </etc/ssl/certs/<domain_3>.com_chain.crt
> > > >  ssl_key = # hidden, use -P to show it
> > > >  }
> > > >  local_name mail.<domain_2>.net {
> > > >  ssl_cert = </etc/ssl/certs/<domain_2>.net_chain.crt
> > > >  ssl_key = # hidden, use -P to show it
> > > >  }
> > > >  local_name mail.<domain>.com {
> > > >  ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt
> > > >  ssl_key = # hidden, use -P to show it
> > > >  }
> > > >  
> > > >  
> > > >  
> > > >  
> > > >  
> > > >  
> > > > 
> > > 
> > > 
> > 
> >


More information about the dovecot mailing list