Re: [Dovecot] Installing Dovecot on Gentoo

13 Jan 2013


      ...
In the logs it looks like this:

Jan 13 15:22:30 mx0 dovecot: master: Dovecot v2.1.13 starting up (core dumps disabled)
Jan 13 15:23:11 mx0 dovecot: auth: Debug: Loading modules from directory: /usr/lib64/dovecot/auth
Jan 13 15:23:11 mx0 dovecot: auth: Debug: passwd-file /etc/dovecot/master-users: Read 1 users in 0 secs
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_extended_operation_s
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_extended_operation
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_send_initial_request
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_new_connection 1 1 0
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_int_open_connection
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_connect_to_host: TCP db.roessner-net.de:389
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_new_socket: 17
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_prepare_socket: 17
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_connect_to_host: Trying 193.239.107.37:389
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_pvt_connect: fd: 17 tm: -1 async: 0
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_open_defconn: successful
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_send_server_request
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_result ld 0x35d6dd481c0 msgid 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: wait4msg ld 0x35d6dd481c0 msgid 1 (infinite timeout)
Jan 13 15:23:11 mx0 dovecot: auth: Error: wait4msg continue ld 0x35d6dd481c0 msgid 1 all 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: ** ld 0x35d6dd481c0 Connections:
Jan 13 15:23:11 mx0 dovecot: auth: Error: * host: db.roessner-net.de  port: 389  (default)
Jan 13 15:23:11 mx0 dovecot: auth: Error:   refcnt: 2  status: Connected
Jan 13 15:23:11 mx0 dovecot: auth: Error:   last used: Sun Jan 13 15:23:11 2013
Jan 13 15:23:11 mx0 dovecot: auth: Error:
Jan 13 15:23:11 mx0 dovecot: auth: Error:
Jan 13 15:23:11 mx0 dovecot: auth: Error: ** ld 0x35d6dd481c0 Outstanding Requests:
Jan 13 15:23:11 mx0 dovecot: auth: Error:  * msgid 1,  origid 1, status InProgress
Jan 13 15:23:11 mx0 dovecot: auth: Error:    outstanding referrals 0, parent count 0
Jan 13 15:23:11 mx0 dovecot: auth: Error:   ld 0x35d6dd481c0 request count 1 (abandoned 0)
Jan 13 15:23:11 mx0 dovecot: auth: Error: ** ld 0x35d6dd481c0 Response Queue:
Jan 13 15:23:11 mx0 dovecot: auth: Error:    Empty
Jan 13 15:23:11 mx0 dovecot: auth: Error:   ld 0x35d6dd481c0 response count 0
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_chkResponseList ld 0x35d6dd481c0 msgid 1 all 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_chkResponseList returns ld 0x35d6dd481c0 NULL
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_int_select
Jan 13 15:23:11 mx0 dovecot: auth: Error: read1msg: ld 0x35d6dd481c0 msgid 1 all 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: read1msg: ld 0x35d6dd481c0 msgid 1 message type extended-result
Jan 13 15:23:11 mx0 dovecot: auth: Error: read1msg: ld 0x35d6dd481c0 0 new referrals
Jan 13 15:23:11 mx0 dovecot: auth: Error: read1msg:  mark request completed, ld 0x35d6dd481c0 msgid 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: request done: ld 0x35d6dd481c0 msgid 1
Jan 13 15:23:11 mx0 dovecot: auth: Error: res_errno: 0, res_error: <>, res_matched: <>
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_free_request (origid 1, msgid 1)
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_parse_extended_result
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_parse_result
Jan 13 15:23:11 mx0 dovecot: auth: Error: ldap_msgfree
Jan 13 15:23:11 mx0 dovecot: auth: Error: TLS: could not use key file `/etc/ssl/private/mx0.roessner-net.de.key.pem'.
Jan 13 15:23:11 mx0 dovecot: auth: Error: TLS: error:0200100D:system library:fopen:Permission denied bss_file.c:398
Jan 13 15:23:11 mx0 dovecot: auth: Error: TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:400
Jan 13 15:23:11 mx0 dovecot: auth: Error: TLS: error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib ssl_rsa.c:648
strace shows also the permission problem:
6536 1020  munmap(0x769b665ae000, 4096)      = 0
6537 1020  open("/etc/ssl/private/mx0.roessner-net.de.key.pem", O_RDONLY) = -1 EACCES (Permission denied)
6538 1020  write(2, "TLS: could not use key file `/et"..., 76) = 76
6539 991   <... epoll_wait resumed> {{EPOLLIN, {u32=2782493808, u64=17315795663984}}}, 27, -1) = 1
6540 1020  write(2, "TLS: error:0200100D:system libra"..., 74 
6541 991   gettimeofday( 
6542 1020  <... write resumed> )             = 74
6543 991   <... gettimeofday resumed> {1358096769, 965239}, NULL) = 0
6544 1020  write(2, "TLS: error:20074002:BIO routines"..., 69 
Is there any some Linux command, where I could find out which user tries to open the cert file?
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Joerg Heidrich