On 22.03.2017 10:17, Leon Kyneur wrote:
On Wed, Mar 22, 2017, at 01:04 AM, Aki Tuomi wrote:
On 22.03.2017 10:03, Leon Kyneur wrote:
Hi
I am trying to configure the last_login plugin with LDAP dictionary which is causing dict service to crash. Not sure if this is a bug or some configuration parameter I'm getting wrong?
Running latest dovecot but was having the same problem in earlier version 2.2.25
# dovecot --version 2.2.28 (bed8434)
I have configured dovecot like so:
dovecot.conf (before conf.d/*.conf: dict { #quota = mysql:/etc/dovecot/dovecot-dict-sql.conf.ext #expire = sqlite:/etc/dovecot/dovecot-dict-sql.conf.ext lastlogin = ldap:/etc/dovecot/dovecot-ldap-dict.conf.ext }
conf.d/10-master.conf service dict { # If dict proxy is used, mail processes should have access to its socket. # For example: mode=0660, group=vmail and global mail_access_groups=vmail unix_listener dict { mode = 0660 user = vmail group = vmail } }
conf.d/20-imap.conf: protocol imap { # Space separated list of plugins to load (default is global mail_plugins). mail_plugins = $mail_plugins last_login
# Maximum number of IMAP connections allowed for a user from each IP address. # NOTE: The username is compared case-sensitively. #mail_max_userip_connections = 10 }
90-plugins.conf plugin { #setting_name = value #last_login_dict = proxy::lastlogin last_login_dict = proxy:dict:lastlogin zlib_save = gz zlib_save_level = 6 }
dovecot-ldap-dict.conf.ext: uri = ldap://ldap.internal bind_dn = cn=Manager,dc=mail,dc=com password = XXXX tls = no debug = 1
map { pattern = last-login/$user filter = (&(mail=%{user})(objectClass=mailUser)) # the () is required base_dn = o=domains,dc=mail,dc=com username_attribute = mail value_attribute = lastLoginTime fields { mail=$user } }
I don't see dovecot ever making a connection to the LDAP server I've configured in the dovecot-ldap-dict.conf.ext file.
Log shows
==> /var/log/dovecot.log <== Mar 22 07:49:30 imap-login: Info: Login: user=leon@mail.com, method=PLAIN, rip=X.X.X.X, lip=X.X.X.X, mpid=36105, secured, session=
Mar 22 07:49:30 dict: Fatal: master: service(dict): child 36107 killed with signal 11 (core dumped) Mar 22 07:49:30 imap(leon@mail.com): Error: dict-client: Commit may have failed: Connection closed (reply took 0.015 secs) Mar 22 07:49:30 imap(leon@mail.com): Error: last_login_dict: Write was unconfirmed (timeout or disconnect) for user leon@mail.com Backtrace: # gdb /var/core/36107 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-94.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: http://www.gnu.org/software/gdb/bugs/... [New LWP 36107] Reading symbols from /usr/libexec/dovecot/dict...Reading symbols from /usr/lib/debug/usr/libexec/dovecot/dict.debug...done. done. Missing separate debuginfo for Try: yum --enablerepo='*debug*' install /usr/lib/debug/.build-id/b0/07fede01895dec1aca9d8b8993fe27d70a3a20 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `dovecot/dict'. Program terminated with signal 11, Segmentation fault. #0 0x0000000000000000 in ?? () (gdb) bt full #0 0x0000000000000000 in ?? () No symbol table info available. #1 0x00007fbcf11bd04f in cmd_begin (cmd=0x7fbcf2c02910, line=<optimized out>) at dict-commands.c:365 trans = 0x7fbcf2c029a0 id = 1 #2 0x00007fbcf11bdef8 in dict_command_input (conn=conn@entry=0x7fbcf2bf24d0, line=line@entry=0x7fbcf2bf48cb "B1") at dict-commands.c:625 cmd_func = 0x7fbcf13c85c0
cmd = 0x7fbcf2c02910 ret = <optimized out> #3 0x00007fbcf11bc6ee in dict_connection_input_more (conn=0x7fbcf2bf24d0) at dict-connection.c:117 _data_stack_cur_id = 3 line = 0x7fbcf2bf48cb "B1" ret = <optimized out> #4 0x00007fbcf11bc7d2 in dict_connection_input (conn=0x7fbcf2bf24d0) at dict-connection.c:167 line = <optimized out> conn = 0x7fbcf2bf24d0 #5 0x00007fbcf0d1b2d2 in io_loop_call_io (io=0x7fbcf2bf2890) at ioloop.c:599 ioloop = 0x7fbcf2be0740 t_id = 2 __FUNCTION__ = "io_loop_call_io" #6 0x00007fbcf0d1c95f in io_loop_handler_run_internal (ioloop=ioloop@entry=0x7fbcf2be0740) at ioloop-epoll.c:223 ctx = 0x7fbcf2beded0 events = <optimized out> list = 0x7fbcf2bf28f0 io = <optimized out> tv = {tv_sec = 2147483, tv_usec = 0} events_count = <optimized out> msecs = <optimized out> ret = 1 i = 0 call = <optimized out> __FUNCTION__ = "io_loop_handler_run_internal" #7 0x00007fbcf0d1b36c in io_loop_handler_run (ioloop=ioloop@entry=0x7fbcf2be0740) at ioloop.c:648 No locals. #8 0x00007fbcf0d1b528 in io_loop_run (ioloop=0x7fbcf2be0740) at ioloop.c:623 __FUNCTION__ = "io_loop_run" #9 0x00007fbcf0ca4603 in master_service_run (service=0x7fbcf2be05e0, callback=callback@entry=0x7fbcf11be150 ) at master-service.c:641 No locals. #10 0x00007fbcf11bbff9 in main (argc=1, argv=0x7fbcf2be0390) at main.c:161 set_roots = {0x7fbcf13c88a0 , 0x0} error = 0x0 LDAP writes are not supported in LDAP dict module yet. It should not crash though. Aki Thanks Aki
Couldn't see mention of which backends support write on the wiki - http://wiki2.dovecot.org/Dictionary. Are there others I should avoid?
Regards
Leon
All the other should support writing.
Aki