[Dovecot] Dsync error: Couldn't drop privileges: getgrnam
Hi,
I upgraded (in place upgrade, preserving my dovecot configs) to a newer release of ubuntu in order to gain access to slightly newer Dovecot release and be able to use Dsync for migration from Cyrus, here is my doveconf -n output:
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.0-44-generic x86_64 Ubuntu 12.10
auth_debug = yes
auth_default_realm = whatever.com
auth_master_user_separator = *
auth_socket_path = /var/run/dovecot/auth-master
imapc_features = rfc822.size
imapc_host = oldmail.whatever.com
imapc_master_user = cyradmin
imapc_password = <password hidden>
mail_chroot = /var/vmail
mail_debug = yes
mail_gid = 5000
mail_location = maildir:~/Maildir
mail_prefetch_count = 20
mail_privileged_group = vmail
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve pop3"
service auth-worker {
user = $default_internal_user
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
group = dovecot
mode = 0600
user = dovecot
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
ssl_cert = And the command I am using to (attempt) a mailbox sync: doveadm -o mail_fsync=never backup -R -u alantestuser@whatever.com
imapc: Produces this output: dsync(alantestuser@whatever.com): Error: user
alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail)
failed: No such file or directory (in mail_privileged_group setting)
dsync(alantestuser@whatever.com): Fatal: User init failed mail.log shows this: Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Loading modules
from directory: /usr/lib/dovecot/modules/auth
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Loading modules
from directory: /usr/lib/dovecot/modules/auth
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Module loaded:
/usr/lib/dovecot/modules/auth/libauthdb_ldap.so
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: passwd-file
/etc/dovecot/master-users: Read 1 users in 0 secs
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: master in:
USER#0111#011alantestuser@whatever.com#011service=doveadm
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: master out:
USER#0111#011alantestuser@whatever.com#011uid=5000#011gid=5000#011home=/domain/w/whatever.com/a/alantestuser I followed this doc (which could use a little fleshing out, I will be
happy to do it once I get a grasp on this!):
http://wiki2.dovecot.org/Migration/Dsync Thanks in advance! /Alan
On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote:
On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
On 2013-12-08 22:08, Alan McGinlay - SICS wrote:
Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
PS: Sorry for previous top-post, I was using webmail on my phone!
On 2013-12-09 11:21, Alan McGinlay - SICS wrote:
On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS:
On 2013-12-09 11:21, Alan McGinlay - SICS wrote:
On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
On 2013-12-10 11:34, Robert Schetterer wrote:
Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
On 2013-12-10 11:52, Alan McGinlay - SICS wrote:
On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
On 2013-12-10 14:09, Alan McGinlay - SICS wrote:
On 2013-12-10 11:52, Alan McGinlay - SICS wrote: On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
Another update, only about 1900 of 25000~ mails are actually copied :/
On 2013-12-10 14:25, Alan McGinlay - SICS wrote:
On 2013-12-10 14:09, Alan McGinlay - SICS wrote: On 2013-12-10 11:52, Alan McGinlay - SICS wrote: On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS alanm@sics.se wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
Another update, only about 1900 of 25000~ mails are actually copied :/
Can't believe I'm the only one with this error, googled it and there is nothing. Sorry to whine but I am getting desperate here!
I have upgraded to dovecot 2.1.7 but am still getting this error when performing a dsync:
Error: safe_mkstemp(/var/vmail/tmp/dovecot.doveadm.) failed: No such file or directory
It seems to fire that error only on some mails being synced but it's apparently random. If there are a lot of new mails then it gives that error a lot, if only one or two mails have come in since the last sync then it might give that error for both, one or none of them.
If i change the dsync command to mirror instead of backup then the output becomes:
Error: safe_mkstemp(/var/vmail/tmp/dovecot.doveadm.) failed: No such file or directory Error: Couldn't create temp file Error: Can't save message to mailbox DNS: Internal error occurred. Refer to server log for more information. [2013-12-12 13:16:46] Error: msg-get failed: box=Junk uid=87595 guid= Error: msg-get failed: box=Junk uid=87596 guid= Error: msg-get failed: box=Junk uid=87597 guid= Error: msg-get failed: box=Junk uid=87598 guid= Error: msg-get failed: box=Junk uid=87599 guid= Error: msg-get failed: box=Drafts uid=1339 guid= Warning: Mailbox changes caused a desync. You may want to run dsync again.
syslog, mail.log and mail.err contain nothing except the master user logging in / out and no errors or warnings. Debug is enabled in 10-logging.conf.
Please help!
participants (3)
-
Alan McGinlay - SICS
-
Robert Schetterer
-
Timo Sirainen