On 30/06/2019 13:36, Aki Tuomi via dovecot wrote:
Hello, I'm trying to work through an issue that cropped up on a server I've been working on and haven't found a very good workaround.
Dovecot is operating in a jailed environment.
The configuration in dovecot-sql.conf.ext has been set appropriately with the host=127.0.0.1 (which works from a jailed environment) and when dovecot attempts to auth it appears to perform a reverse dns lookup and overwrites the host with the result localhost before using the msql credentials 'user'@'localhost' which then fails after timing out.
I'm currently running version 2.2.33.2 of dovecot.
The workaround seems to be to have two credentials for the same user. 'user@'localhost' and 'user'@'127.0.0.1'; postfix operates in a jail as well and works around the jail issue in the same way but doesn't overwrite the specified host with a reverse dns lookup.
Anyone have any suggestions on how to handle this issue better? or maybe there's a way to force different behavior which I haven't yet found in the documentation?
Any help is much appreciated.
Best Regards.
Hi!
The 127.0.0.1 issue is actually a MySQL issue, unfortunately.
" On Unix, MySQL programs treat the host name localhost specially, in a way that is likely different from what you expect compared to other network-based programs: the client connects using a Unix socket file. The --socket option or the MYSQL_UNIX_PORT environment variable may be used to specify the socket name. "
So not really something we could do much about.
Aki
Aki
it is possible to force the use of tcp socket instead of unix socket by specifying an ip instead of the hostname localhost. As I understood it Nathan is specifying 127.0.0.1 so that will connect with tcp socket.
John