Dovecot v2.3.19 released: User/PassDB lookups fail after update

Aki Tuomi aki.tuomi at open-xchange.com
Mon May 16 06:57:43 UTC 2022 

Hi!

Thank you for reporting this issue. I can reproduce it locally, and we'll take a look at it.

Aki

> On 15/05/2022 10:35 Ralf Becker <rb at egroupware.org> wrote:
> 
>  
> After updating to 2.3.19 (from 2.3.16) passdb and userdb lookups fail:
> 
> root at backup:~# doveadm user rb at egroupware.org; doveadm log errors
> 
> userdb lookup: user rb at egroupware.org doesn't exist
> field    value
> 
> May 15 07:22:18 Panic: auth: file userdb-blocking.c: line 124 
> (userdb_blocking_iter_next): assertion failed: (ctx->conn != NULL)
> May 15 07:22:18 Error: auth: Raw backtrace: 
> /usr/lib/dovecot/libdovecot.so.0(backtrace_append+0x41) [0x7f019a651c91] 
> -> /usr/lib/dovecot/libdovecot.so.0(backtrace_get+0x22) [0x7f019a651db2] 
> -> /usr/lib/dovecot/libdovecot.so.0(+0x10b0bb) [0x7f019a65f0bb] -> 
> /usr/lib/dovecot/libdovecot.so.0(+0x10b157) [0x7f019a65f157] -> 
> /usr/lib/dovecot/libdovecot.so.0(+0x5d375) [0x7f019a5b1375] -> 
> dovecot/auth [0 wait, 0 passdb, 0 userdb](+0x157a7) [0x55e256d287a7] -> 
> dovecot/auth [0 wait, 0 passdb, 0 userdb](+0x1954b) [0x55e256d2c54b] -> 
> dovecot/auth [0 wait, 0 passdb, 0 userdb](+0x36ca7) [0x55e256d49ca7] -> 
> dovecot/auth [0 wait, 0 passdb, 0 userdb](+0x2ab86) [0x55e256d3db86] -> 
> /usr/lib/dovecot/libdovecot.so.0(io_loop_handle_timeouts+0x15f) 
> [0x7f019a67576f] -> 
> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xcf) 
> [0x7f019a67702f] -> 
> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x54) 
> [0x7f019a675a54] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x40) 
> [0x7f019a675bc0] -> 
> /usr/lib/dovecot/libdovecot.so.0(master_service_run+0x17) 
> [0x7f019a5e7207] -> dovecot/auth [0 wait, 0 passdb, 0 
> userdb](main+0x3c8) [0x55e256d29588] -> 
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3) [0x7f019a2de0b3] 
> -> dovecot/auth [0 wait, 0 passdb, 0 userdb](_start+0x2e) [0x55e256d2976e]
> May 15 07:22:19 Fatal: auth: master: service(auth): child 19 killed with 
> signal 6 (core dumped)
> May 15 07:22:19 Error: replicator: auth-master: userdb list: 
> Disconnected unexpectedly
> May 15 07:22:19 Error: replicator: listing users failed, can't replicate 
> existing data
> May 15 07:22:19 Error: doveadm(arash 2student at bb-trunk.egroupware.de): 
> User doesn't exist
> May 15 07:22:19 Error: doveadm(arash teacher at bb-trunk.egroupware.de): 
> User doesn't exist
> May 15 07:22:20 Error: doveadm(christoph 
> thyssen at bb-trunk.egroupware.de): User doesn't exist
> May 15 07:23:21 Error: doveadm(arash student at bb-trunk.egroupware.de): 
> User doesn't exist
> May 15 07:24:02 Error: 
> doveadm(schieder at uni-kl.de@bb-trunk.egroupware.de): User doesn't exist
> May 15 07:24:07 Error: doveadm(sabour at uni-kl.de@bb-trunk.egroupware.de): 
> User doesn't exist
> May 15 07:24:24 Error: 
> doveadm(ralf.imaptest at outdoor-training.de@bb-trunk.egroupware.de): User 
> doesn't exist
> May 15 07:24:31 Error: doveadm(arash tolou at bb-trunk.egroupware.de): User 
> doesn't exist
> May 15 07:24:31 Error: 
> doveadm(becker_r at uni-kl.de@bb-trunk.egroupware.de): User doesn't exist
> May 15 07:24:49 Error: 
> doveadm(olat.vcrp.de:2723414355 at bb-trunk.egroupware.de): User doesn't exist
> May 15 07:24:56 Error: 
> doveadm(olat.vcrp.de:1167852044 at bb-trunk.egroupware.de): User doesn't exist
> 
> Reverting back to 2.3.16 fixes the problem for now.
> 
> My doveadm config -n is attached. We use a hourly updated local sqlight 
> database and a dict for userdb.
> 
> Any ideas?
> 
> Ralf
> 
> 
> Am 10.05.22 um 08:33 schrieb Aki Tuomi:
> > Hi all!
> >
> > We are pleased to release v2.3.19 of Dovecot.
> >
> > The docker images have been upgraded to use bullseye as base image.
> >
> > https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz
> > https://dovecot.org/releases/2.3/dovecot-2.3.19.tar.gz.sig
> > Binary packages in https://repo.dovecot.org/
> > Docker images in https://hub.docker.com/r/dovecot/dovecot
> >
> > Regards,
> > Aki Tuomi
> > Open-Xchange oy
> >
> > --
> >
> > + Added mail_user_session_finished event, which is emitted when the mail
> >    user session is finished (e.g. imap, pop3, lmtp). It also includes
> >    fields with some process statistics information.
> >    See https://doc.dovecot.org/admin_manual/list_of_events/ for more
> >    information.
> > + Added process_shutdown_filter setting. When an event matches the filter,
> >    the process will be shutdown after the current connection(s) have
> >    finished. This is intended to reduce memory usage of long-running imap
> >    processes that keep a lot of memory allocated instead of freeing it to
> >    the OS.
> > + auth: Add cache hit indicator to auth passdb/userdb finished events.
> >    See https://doc.dovecot.org/admin_manual/list_of_events/ for more
> >    information.
> > + doveadm deduplicate: Performance is improved significantly.
> > + imapc: COPY commands were sent one mail at a time to the remote IMAP
> >    server. Now the copying is buffered, so multiple mails can be copied
> >    with a single COPY command.
> > + lib-lua: Add a Lua interface to Dovecot's HTTP client library. See
> >    https://doc.dovecot.org/admin_manual/lua/ for more information.
> > - auth: Cache lookup would use incorrect cache key after username change.
> > - auth: Improve handling unexpected LDAP connection errors/hangs.
> >    Try to fix up these cases by reconnecting to the LDAP server and
> >    aborting LDAP requests earlier.
> > - auth: Process crashed if userdb iteration was attempted while auth-workers
> >    were already full handling auth requests.
> > - auth: db-oauth2: Using %{oauth2:name} variables caused unnecessary
> >    introspection requests.
> > - dict: Timeouts may have been leaked at deinit.
> > - director: Ring may have become unstable if a backend's tag was changed.
> >    It could also have caused director process to crash.
> > - doveadm kick: Numeric parameter was treated as IP address.
> > - doveadm: Proxying can panic when flushing print output. Fixes
> >    Panic: file ioloop.c: line 865 (io_loop_destroy): assertion failed:
> >    (ioloop == current_ioloop).
> > - doveadm sync: BROKENCHAR was wrongly changed to '_' character when
> >    migrating mailboxes. This was set by default to %, so any mailbox
> >    names containing % characters were modified to "_25".
> > - imapc: Copying or moving mails with doveadm to an imapc mailbox could
> >    have produced "Error: Syncing mailbox '[...]' failed" Errors. The
> >    operation itself succeeded but attempting to sync the destination
> >    mailbox failed.
> > - imapc: Prevent index log synchronization errors when two or more imapc
> >    sessions are adding messages to the same mailbox index files, i.e.
> >    INDEX=MEMORY is not used.
> > - indexer: Process was slowly leaking memory for each indexing request.
> > - lib-fts: fts header filters caused binary content to be sent to the
> >    indexer with non-default configuration.
> > - doveadm-server: Process could hang in some situations when printing
> >    output to TCP client, e.g. when printing doveadm sync state.
> > - lib-index: dovecot.index.log files were often read and parsed entirely,
> >    rather than only the parts that were actually necessary. This mainly
> >    increased CPU usage.
> > - lmtp-proxy: Session ID forwarding would cause same session IDs being
> >    used when delivering same mail to multiple backends.
> > - log: Log prefix update may have been lost if log process was busy.
> >    This could have caused log prefixes to be empty or in some cases
> >    reused between sessions, i.e. log lines could have been logged for the
> >    wrong user/session.
> > - mail_crypt: Plugin crashes if it's loaded only for some users. Fixes
> >    Panic: Module context mail_crypt_user_module missing.
> > - mail_crypt: When LMTP was delivering mails to both recipients with mail
> >    encryption enabled and not enabled, the non-encrypted recipients may
> >    have gotten mails encrypted anyway. This happened when the first
> >    recipient was encrypted (mail_crypt_save_version=2) and the 2nd
> >    recipient was not encrypted (mail_crypt_save_version=0).
> > - pop3: Session would crash if empty line was sent.
> > - stats: HTTP server leaked memory.
> > - submission-login: Long credentials, such as OAUTH2 tokens, were refused
> >    during SASL interactive due to submission server applying line length
> >    limits.
> > - submission-login: When proxying to remote host, authentication was not
> >    using interactive SASL when logging in using long credentials such as
> >    OAUTH2 tokens. This caused authentication to fail due to line length
> >    constraints in SMTP protocol.
> > - submission: Terminating the client connection with QUIT command after
> >    mail transaction is started with MAIL command and before it is
> >    finished with DATA/BDAT can cause a segfault crash.
> > - virtual: doveadm search queries with mailbox-guid as the only parameter
> >    crashes: Panic: file virtual-search.c: line 77 (virtual_search_get_records):
> >    assertion failed: (result != 0)
> 
> 
> -- 
> Ralf Becker
> EGroupware GmbH [www.egroupware.org]
> Handelsregister HRB Kaiserslautern 3587
> Geschäftsführer Birgit und Ralf Becker
> Leibnizstr. 17, 67663 Kaiserslautern, Germany
> Telefon +49 631 31657-0

More information about the dovecot mailing list