You are surely right on that one :) But in this case it is also no fix for me, I would either have to use a butchered file just for dovecot or change the file for all. It is no big issue though, I think it is obviously this should be fixed in one of the next releases
Op 30 okt. 2021 om 12:10 heeft TG Servers <srvrs@prvtmail.net> het volgende geschreven:
Thanks for your reply William.
But the only thing I found in the meanwhile about this issue is that when the ca-bundles files is too "big" it does not work anymore. And if this file is shortened to one entry it will work, someone seems to have tested this.
This is no fix, it is a bug that has to be fixed by dovecot from my pov.
A fix and a bug are not mutually exclusive :)
The ca-bundles file is used by countless applications without any issues, it is used by 2.3.16 without any issues. There should be no special treatment for a single application necessary.
On 30/10/2021 11:35, William Edwards wrote:
Op 30 okt. 2021 om 10:35 heeft TG Servers <srvrs@prvtmail.net> het volgende geschreven:
Hello,
tonight my dovecot upgraded to 2.3.17 and completely broke on recent CentOS 8 installation.
I found the service in status
[root@riot ~]# systemctl status dovecot
● dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2021-10-30 09:59:11 CEST; 58s ago
Docs: man:dovecot(1)
https://doc.dovecot.org/
Process: 1515 ExecStart=/usr/sbin/dovecot -F (code=exited, status=89)
Process: 1429 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
Main PID: 1515 (code=exited, status=89)
Oct 30 09:59:10 riot.<domain>.com systemd[1]: Starting Dovecot IMAP/POP3 email server...
Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: execvp(/usr/libexec/dovecot/managesieve) failed: Argument list too long
Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Error: managesieve-login: dump-capability process returned 89
Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: execvp(/usr/sbin/dovecot) failed: Argument list too long
Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: Main process exited, code=exited, status=89/n/a
Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: Failed with result 'exit-code'.
Oct 30 09:59:11 riot.<domain>.com systemd[1]: Failed to start Dovecot IMAP/POP3 email server.
Please check the archive. If I’m not mistaken, the same issue + possible solution was posted on the mailing list yesterday.
This seems to be like a bug as no configuration was changed by me in the middle of the night.
I recall there were similar errors/bug reports in the past were it seemed it was managesieve but wasn't, people had some misconfigurations in the dovecot.conf. I did not change my dovecot.conf since April.
But maybe here it is a pigeonhole issue.
As I did not find any reason for it I changed the repo and downgraded to 2.3.16-2 now and it runs without any flaws, like all the time before. I had no time to investigate this any longer thand 2 hours with 2.3.17 installed as this is a production server and I need the email access. I also did not find anything adressable in the logs.
[root@riot dovecot]# systemctl status dovecot
● dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2021-10-30 10:18:11 CEST; 2s ago
Docs: man:dovecot(1)
https://doc.dovecot.org/
Process: 32398 ExecStartPre=/usr/libexec/dovecot/prestartscript (code=exited, status=0/SUCCESS)
Main PID: 32452 (dovecot)
Status: "v2.3.16 (7e2e900c1a) running"
Tasks: 4 (limit: 99912)
Memory: 4.4M
CGroup: /system.slice/dovecot.service
├─32452 /usr/sbin/dovecot -F
├─32507 dovecot/anvil
├─32508 dovecot/log
└─32513 dovecot/config
Oct 30 10:18:11 riot.<domain>.com systemd[1]: Starting Dovecot IMAP/POP3 email server...
Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: Warning: Corrected permissions for login directory /var/run/dovecot/token-login
Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Warning: Corrected permissions for login directory /var/run/dovecot/token-login
Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, lmtp, sieve
Oct 30 10:18:11 riot.<domain>.com systemd[1]: Started Dovecot IMAP/POP3 email server.
This is the configuration
# 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.16 (09c29328)
# OS: Linux 4.18.0-305.19.1.el8_4.x86_64 x86_64 AlmaLinux release 8.4 (Electric Cheetah)
# Hostname: riot.<domain>.com
auth_mechanisms = plain login
auth_verbose = yes
listen = *
mail_gid = vmail
mail_home = /var/vmail/mailboxes/%d/%n
mail_location = maildir:~/mail:LAYOUT=fs
mail_plugins = " quota fts fts_solr"
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapsieve vnd.dovecot.imapsieve
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Spam {
auto = subscribe
special_use = \Junk
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
separator = .
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
plugin {
fts = solr
fts_autoindex = yes
fts_solr = url=http://localhost:<solr_port>/solr/dovecot/
imapsieve_mailbox1_before = file:/var/vmail/sieve/global/learn-spam.sieve
imapsieve_mailbox1_causes = COPY
imapsieve_mailbox1_name = Spam
imapsieve_mailbox2_before = file:/var/vmail/sieve/global/learn-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spam
imapsieve_mailbox2_name = *
quota = maildir:User quota
quota_exceeded_message = User %u is over the storage quota
sieve = file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve
sieve_before = /var/vmail/sieve/global/spam-global.sieve
sieve_global_extensions = +vnd.dovecot.pipe
sieve_pipe_bin_dir = /usr/bin
sieve_plugins = sieve_imapsieve sieve_extprograms
}
protocols = imap lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
user = vmail
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
ssl = required
ssl_ca = </etc/ssl/certs/ca-bundle.crt
ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt
ssl_cipher_list = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:EECDH+AESGCM:EDH+AESGCM:@SECLEVEL=2
ssl_client_ca_dir = /etc/ssl/certs
ssl_client_ca_file = /etc/ssl/certs/ca-bundle.crt
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocol imap {
imap_idle_notify_interval = 24 mins
mail_max_userip_connections = 20
mail_plugins = " quota fts fts_solr imap_quota imap_sieve"
}
protocol lmtp {
mail_plugins = " quota fts fts_solr sieve"
postmaster_address = postmaster@<domain>.com
}
local_name mail.<domain_3>.com {
ssl_cert = </etc/ssl/certs/<domain_3>.com_chain.crt
ssl_key = # hidden, use -P to show it
}
local_name mail.<domain_2>.net {
ssl_cert = </etc/ssl/certs/<domain_2>.net_chain.crt
ssl_key = # hidden, use -P to show it
}
local_name mail.<domain>.com {
ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt
ssl_key = # hidden, use -P to show it
}