[Dovecot] chdir() on NFS
Hi, I'm having problems accessing home directories though NFS. This setup uses LDAP and Kerberos. Users defined on the local host work fine. This is what dovecot writes in the logs while trying to log in as the user johndoe:
Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnecting to LDAP server... Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnected to LDAP server after 1 attempt(s) Mar 19 14:10:54 jack imap-login: Login: johndoe [10.0.0.30] Mar 19 14:10:54 jack dovecot: chdir(/home/johndoe) failed: Permission denied Mar 19 14:10:54 jack dovecot: child 3525 (imap) returned error 89
The authentication is OK, but dovecot fails to get access to the home directory. What username does dovecot try to chdir() as?
If I 'su' from to that user I have access to /home/johndoe, and a quick test with Courier IMAP worked fine. Postfix has no problem delivering mail in the users maildir using procmail.
Some relevant config options:
default_mail_env = maildir:~/mail:INDEX=/var/indexes/%n auth_userdb = passwd auth_passdb = pam auth_user = root
-- Christian Andersen <http://phuzz.org>
Christian Andersen said:
Hi, I'm having problems accessing home directories though NFS. This setup uses LDAP and Kerberos. Users defined on the local host work fine. This is what dovecot writes in the logs while trying to log in as the user johndoe:
Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnecting to LDAP server... Mar 19 14:10:54 jack dovecot-auth: nss_ldap: reconnected to LDAP server after 1 attempt(s) Mar 19 14:10:54 jack imap-login: Login: johndoe [10.0.0.30] Mar 19 14:10:54 jack dovecot: chdir(/home/johndoe) failed: Permission denied Mar 19 14:10:54 jack dovecot: child 3525 (imap) returned error 89
The authentication is OK, but dovecot fails to get access to the home directory. What username does dovecot try to chdir() as?
If I 'su' from to that user I have access to /home/johndoe, and a quick test with Courier IMAP worked fine. Postfix has no problem delivering mail in the users maildir using procmail.
Some relevant config options:
default_mail_env = maildir:~/mail:INDEX=/var/indexes/%n auth_userdb = passwd auth_passdb = pam auth_user = root
Problem solved, I guess...
I recompiled from source and just replaced the dovecot binary in /usr/sbin. Trying to do 'rpmbuild -tb' and install the resulting rpm rendered everything unusable, but I guess that's just a matter of tweaking some options to 'configure'.
What's the difference between the Fedora Core 1 version (0.99.10-6) and the latest stable version (0.99.10.4)?
-- Christian Andersen <http://phuzz.org>
Hi Christian,
On Mar 19, 2004, at 6:33 PM, Christian Andersen wrote:
Mar 19 14:10:54 jack imap-login: Login: johndoe [10.0.0.30] Mar 19 14:10:54 jack dovecot: chdir(/home/johndoe) failed: Permission denied Mar 19 14:10:54 jack dovecot: child 3525 (imap) returned error 89
Problem solved, I guess...
I think you will find your mailbox empty...
I recompiled from source and just replaced the dovecot binary in /usr/sbin. Trying to do 'rpmbuild -tb' and install the resulting rpm rendered everything unusable, but I guess that's just a matter of tweaking some options to 'configure'.
What's the difference between the Fedora Core 1 version (0.99.10-6) and the latest stable version (0.99.10.4)?
I guess the fedora core 1 version does not report with an error when dovecot can't open your mail file/folder. This is a separate patch for the release version.
Please note that the current dovecot version does not support dotlocking for all file actions, so NFS is probably not safe and will result in lock errors. (and lock errors can result in the error you were experiencing). I do know Timo is working real hard on getting dovecot to support dotlocking as well for all file actions.
-- Christian Andersen <http://phuzz.org>
Kind Regards,
Maikel Verheijen.
Maikel Verheijen wrote:
I guess the fedora core 1 version does not report with an error when dovecot can't open your mail file/folder. This is a separate patch for the release version.
Please note that the current dovecot version does not support dotlocking for all file actions, so NFS is probably not safe and will result in lock errors. (and lock errors can result in the error you were experiencing). I do know Timo is working real hard on getting dovecot to support dotlocking as well for all file actions.
Does this apply to Maildir-format or just mbox? I thought I was playing it safe by using Maildir and having the index files on the local drive... That's the impression I got from the current dovecot documnentation. I just thought it was strange that the problem went away by just replacing the binary.
Anyway, this is just a temporary setup for a project in a class at my university, nothing mission critical.
-- Christian Andersen <http://phuzz.org>
On Mar 19, 2004, at 8:13 PM, Christian Andersen wrote:
Maikel Verheijen wrote:
I guess the fedora core 1 version does not report with an error when dovecot can't open your mail file/folder. This is a separate patch for the release version.
Please note that the current dovecot version does not support dotlocking for all file actions, so NFS is probably not safe and will result in lock errors. (and lock errors can result in the error you were experiencing). I do know Timo is working real hard on getting dovecot to support dotlocking as well for all file actions.
Does this apply to Maildir-format or just mbox? I thought I was playing it safe by using Maildir and having the index files on the local drive... That's the impression I got from the current dovecot documnentation. I just thought it was strange that the problem went away by just replacing the binary. The locking mechanism is more important for mbox mailspools, but dovecot has some extra files (.subscriptions and .customflags) that need locking as well. For the separate mails in the mailboxes dovecot needs no locking when you use maildir.
Index files on the local drive are a good idea if you only use one machine for the mailbox, if you use multiple, your index files might get corrupted. You can use in-memory indexes as well.
Christian Andersen <http://phuzz.org>
Kind regards,
Maikel Verheijen
participants (2)
-
Christian Andersen
-
Maikel Verheijen