[Dovecot] Dsync error: Couldn't drop privileges: getgrnam
Hi,
I upgraded (in place upgrade, preserving my dovecot configs) to a newer release of ubuntu in order to gain access to slightly newer Dovecot release and be able to use Dsync for migration from Cyrus, here is my doveconf -n output:
# 2.1.7: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-44-generic x86_64 Ubuntu 12.10 auth_debug = yes auth_default_realm = whatever.com auth_master_user_separator = * auth_socket_path = /var/run/dovecot/auth-master imapc_features = rfc822.size imapc_host = oldmail.whatever.com imapc_master_user = cyradmin imapc_password = <password hidden> mail_chroot = /var/vmail mail_debug = yes mail_gid = 5000 mail_location = maildir:~/Maildir mail_prefetch_count = 20 mail_privileged_group = vmail mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = " imap lmtp sieve pop3" service auth-worker { user = $default_internal_user } service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = dovecot mode = 0600 user = dovecot } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } } ssl_cert = <cert ssl_key = <cert userdb { args = uid=vmail gid=vmail home=/domain/%1d/%d/%1n/%n allow_all_users=yes driver = static } protocol lmtp { postmaster_address = post@whatever.com } protocol imap { mail_max_userip_connections = 10 } protocol pop3 { pop3_uidl_format = %v.%u }
And the command I am using to (attempt) a mailbox sync:
doveadm -o mail_fsync=never backup -R -u alantestuser@whatever.com imapc:
Produces this output:
dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting) dsync(alantestuser@whatever.com): Fatal: User init failed
mail.log shows this:
Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Loading modules from directory: /usr/lib/dovecot/modules/auth Dec 5 21:10:54 newmailserver dovecot: auth: Debug: Module loaded: /usr/lib/dovecot/modules/auth/libauthdb_ldap.so Dec 5 21:10:54 newmailserver dovecot: auth: Debug: passwd-file /etc/dovecot/master-users: Read 1 users in 0 secs Dec 5 21:10:54 newmailserver dovecot: auth: Debug: master in: USER#0111#011alantestuser@whatever.com#011service=doveadm Dec 5 21:10:54 newmailserver dovecot: auth: Debug: master out: USER#0111#011alantestuser@whatever.com#011uid=5000#011gid=5000#011home=/domain/w/whatever.com/a/alantestuser
I followed this doc (which could use a little fleshing out, I will be happy to do it once I get a grasp on this!): http://wiki2.dovecot.org/Migration/Dsync
Thanks in advance!
/Alan
On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote:
On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
On 2013-12-08 22:08, Alan McGinlay - SICS wrote:
Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
PS: Sorry for previous top-post, I was using webmail on my phone!
On 2013-12-09 11:21, Alan McGinlay - SICS wrote:
On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS:
On 2013-12-09 11:21, Alan McGinlay - SICS wrote:
On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
On 2013-12-10 11:34, Robert Schetterer wrote:
Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
On 2013-12-10 11:52, Alan McGinlay - SICS wrote:
On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
On 2013-12-10 14:09, Alan McGinlay - SICS wrote:
On 2013-12-10 11:52, Alan McGinlay - SICS wrote: On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
Another update, only about 1900 of 25000~ mails are actually copied :/
On 2013-12-10 14:25, Alan McGinlay - SICS wrote:
On 2013-12-10 14:09, Alan McGinlay - SICS wrote: On 2013-12-10 11:52, Alan McGinlay - SICS wrote: On 2013-12-10 11:34, Robert Schetterer wrote: Am 10.12.2013 11:25, schrieb Alan McGinlay - SICS: On 2013-12-09 11:21, Alan McGinlay - SICS wrote: On 2013-12-08 22:08, Alan McGinlay - SICS wrote: Actually I do, /var/vmail (contains virtual domain mailboxes) is owned by vmail:vmail
On 2013-12-08 21:49, Timo Sirainen wrote: On 5.12.2013, at 22.18, Alan McGinlay - SICS <alanm@sics.se> wrote:
mail_privileged_group = vmail .. mail_location = maildir:~/Maildir .. dsync(alantestuser@whatever.com): Error: user alantestuser@whatever.com: Couldn't drop privileges: getgrnam(vmail) failed: No such file or directory (in mail_privileged_group setting)
You don’t have vmail group in your system? Either create it or remove this setting. Most likely you want to remove it, since this setting was meant only for mbox format, while you’re using maildir.
After much trial and error and following Timos advice, I managed to get a sync to at least start and it lists folders, then it starts spamming this:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: No such file or directory ...
/tmp/dovecot.doveadm. does indeed not exist but I can't find any reference to it online or in the docs,
Any ideas?
Still not able to get anywhere with this :( It really feels like a permissions problem, either with the master user, the unix user i start the dsync with (root) or the user that dsync runs as (vmail). I tried looking at the code for safe_mkstemp but still couldn't work out the source of this problem. If anyone has an idea it would be great to hear it!
perhaps check the dsync target directory must be writable by vmail:vmail
Best Regards MfG Robert Schetterer
Thanks, vmail:vmail owns all mail and parent directories up to /var/vmail/. I tried changing mail_temp_dir in 10-mail.conf from /tmp/ to /var/vmail/tmp (and i created that directory) but it made no difference apart from changing the directory in the "safe_mkstemp" error message. If I comment out mail_temp_dir then the error changes to:
dsync(alantestuser@whatever.com): Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed: Permission denied dsync(alantestuser@whatever.com): Error: stat(/tmp/dovecot.doveadm.3c303c239d223495) failed: Permission denied
Interestingly, the synchronization actually does seem to work! I hadn't noticed at first but in spite of the error, mails are synced across and seemingly are completely intact!
It would be really good to find out the source of this error though!
/A
Another update, only about 1900 of 25000~ mails are actually copied :/
Can't believe I'm the only one with this error, googled it and there is nothing. Sorry to whine but I am getting desperate here!
I have upgraded to dovecot 2.1.7 but am still getting this error when performing a dsync:
Error: safe_mkstemp(/var/vmail/tmp/dovecot.doveadm.) failed: No such file or directory
It seems to fire that error only on some mails being synced but it's apparently random. If there are a lot of new mails then it gives that error a lot, if only one or two mails have come in since the last sync then it might give that error for both, one or none of them.
If i change the dsync command to mirror instead of backup then the output becomes:
Error: safe_mkstemp(/var/vmail/tmp/dovecot.doveadm.) failed: No such file or directory Error: Couldn't create temp file Error: Can't save message to mailbox DNS: Internal error occurred. Refer to server log for more information. [2013-12-12 13:16:46] Error: msg-get failed: box=Junk uid=87595 guid= Error: msg-get failed: box=Junk uid=87596 guid= Error: msg-get failed: box=Junk uid=87597 guid= Error: msg-get failed: box=Junk uid=87598 guid= Error: msg-get failed: box=Junk uid=87599 guid= Error: msg-get failed: box=Drafts uid=1339 guid= Warning: Mailbox changes caused a desync. You may want to run dsync again.
syslog, mail.log and mail.err contain nothing except the master user logging in / out and no errors or warnings. Debug is enabled in 10-logging.conf.
Please help!
participants (3)
-
Alan McGinlay - SICS
-
Robert Schetterer
-
Timo Sirainen