[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users

29 Jun 2012

      Hi,
we have configured userdb and passdb in the director and try to

iterate all users and pass the "purge" command via doveadm proxy to

port 19000 on the correct director backend host.
A single purge -u username@example.org via doveadm-proxy works correctly,
but iterating over some users with -A fails.
Note: users/domains have been anonymized in output:

mail04:~# /usr/bin/doveadm -c

/etc/dovecot-director/dovecot-director.conf -D purge -A 2>&1
doveadm(root): Debug: Loading modules from directory:

/usr/lib/dovecot/modules/doveadm
doveadm(root): Debug: Skipping module doveadm_acl_plugin, because

dlopen() failed:

/usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so:

undefined symbol: acl_user_module (this is usually intentional, so

just ignore this message)
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because

dlopen() failed:

/usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so:

undefined symbol: expire_set_lookup (this is usually intentional, so

just ignore this message)
doveadm(root): Debug: Skipping module doveadm_quota_plugin, because

dlopen() failed:

/usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so:

undefined symbol: quota_user_module (this is usually intentional, so

just ignore this message)
doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because

dlopen() failed:

/usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so:

undefined symbol: i_stream_create_deflate (this is usually

intentional, so just ignore this message)
doveadm(root): Debug: Skipping module doveadm_fts_plugin, because

dlopen() failed:

/usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so:

undefined symbol: fts_list_backend (this is usually intentional, so

just ignore this message)
doveadm(user01@domain1.example.org): Debug: auth input:

user=user01@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user02@domain1.example.org): Debug: auth input:

user=user02@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user03@domain1.example.org): Debug: auth input:

user=user03@domain1.example.org proxy host=10.129.3.192

proxy_refresh=86400
doveadm(user04@domain1.example.org): Debug: auth input:

user=user04@domain1.example.org proxy host=10.129.3.192

proxy_refresh=86400
doveadm(user05@domain1.example.org): Debug: auth input:

user=user05@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
doveadm(user06@domain1.example.org): Debug: auth input:

user=user06@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user07@domain1.example.org): Debug: auth input:

user=user07@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
doveadm(user08@domain1.example.org): Debug: auth input:

user=user08@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user01@domain2.example.org): Debug: auth input:

user=user01@domain2.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user09@domain1.example.org): Debug: auth input:

user=user09@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
10 / 94doveadm(user10@domain1.example.org): Debug: auth input:

user=user10@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
doveadm(user11@domain1.example.org): Debug: auth input:

user=user11@domain1.example.org proxy host=10.129.3.191

proxy_refresh=86400
doveadm(user12@domain1.example.org): Debug: auth input:

user=user12@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user13@domain1.example.org): Debug: auth input:

user=user13@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
doveadm(user14@domain1.example.org): Debug: auth input:

user=user14@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user15@domain1.example.org): Debug: auth input:

user=user15@domain1.example.org proxy host=10.129.3.191

proxy_refresh=86400
doveadm(user16@domain1.example.org): Debug: auth input:

user=user16@domain1.example.org proxy host=10.129.3.191

proxy_refresh=86400
doveadm(user17@domain1.example.org): Debug: auth input:

user=user17@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user18@domain1.example.org): Debug: auth input:

user=user18@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user19@domain1.example.org): Debug: auth input:

user=user19@domain1.example.org proxy host=10.129.3.192

proxy_refresh=86400
20 / 94doveadm(user20@domain1.example.org): Debug: auth input:

user=user20@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user21@domain1.example.org): Debug: auth input:

user=user21@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user22@domain1.example.org): Debug: auth input:

user=user22@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user02@domain2.example.org): Debug: auth input:

user=user02@domain2.example.org proxy host=10.129.3.190

proxy_refresh=86400
doveadm(user23@domain1.example.org): Debug: auth input:

user=user23@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user24@domain1.example.org): Debug: auth input:

user=user24@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user01@domain3.example.org): Debug: auth input:

user=user01@domain3.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user25@domain1.example.org): Debug: auth input:

user=user25@domain1.example.org proxy host=10.129.3.192

proxy_refresh=86400
doveadm(user26@domain1.example.org): Debug: auth input:

user=user26@domain1.example.org proxy host=10.129.3.191

proxy_refresh=86400
doveadm(user27@domain1.example.org): Debug: auth input:

user=user27@domain1.example.org proxy host=10.129.3.190

proxy_refresh=86400
30 / 94doveadm(user28@domain1.example.org): Debug: auth input:

user=user28@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user29@domain1.example.org): Debug: auth input:

user=user29@domain1.example.org proxy host=10.129.3.191

proxy_refresh=86400
doveadm(user30@domain1.example.org): Debug: auth input:

user=user30@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user31@domain1.example.org): Debug: auth input:

user=user31@domain1.example.org proxy host=10.129.3.193

proxy_refresh=86400
doveadm(user31@domain1.example.org): Error: doveadm server failure
doveadm: Error: Failed to iterate through some users

The user "user31@domain1.example.org" is proxied to the correct

backend host according to director status, but the dovecot.log on the

doveadm service
backend host shows the following error:
Jun 29 15:40:31 10.129.3.249 dovecot:

doveadm(user31@domain1.example.org): Error: user

user31@domain1.example.org: Error reading configuration:

net_connect_unix(/var/run/dovecot/config) failed: Permission denied
Jun 29 15:40:31 10.129.3.249 dovecot:

doveadm(user31@domain1.example.org): Error: purge: User lookup failed:

Internal error occurred. Refer to server log for more information.
The wiki http://wiki2.dovecot.org/Services#doveadm states that the

privileges are (temporarily) dropped to the mail user's privileges

after userdb lookup. It seems that from the second purge on which is

passed over a single doveadm connection, the user lookup fails.
It also seems a bit strange, that the "-A" parameter
can be observed in the doveadm tcp stream to the backend,
since iteration should be already done in the director and
the backend should purge only a single user:
D username@example.org purge -A
Is there a bug or have I misconfigured/overlooked something?
Configs of mailbox backend and director are attached.
Kind regards
Daniel

[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users

Daniel Parthey