[Dovecot] Problem after migration dovecot 1.2 -> dovecot 2.0
I have migrated from dovecot 1.2 to dovecot 2.0. When I connect via telnet to 110 port of the dovecot server the client hangs:
telnet 192.168.4.80 110
Trying 192.168.4.80... /Connected to 192.168.4.80. Escape character is '^]'./
In syslog I got the following error:/Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is not dir owner)/
My /var/run/dovecot directory listing is the following:ls -lhR /var/run/dovecot
//var/run/dovecot: total 12K srw------- 1 root root 0 ene 12 11:40 anvil srw------- 1 root root 0 ene 12 11:40 anvil-auth-penalty srw------- 1 root root 0 ene 12 11:40 auth-client srw------- 1 dovecot root 0 ene 12 11:40 auth-login srw------- 1 entrega root 0 ene 12 11:40 auth-master srw------- 1 entrega root 0 ene 12 11:40 auth-userdb srw------- 1 dovecot root 0 ene 12 11:40 auth-worker srw------- 1 root root 0 ene 12 11:40 config srw------- 1 root root 0 ene 12 11:40 dict srwxrwxrwx 1 root root 0 dic 27 21:36 dict-server srw------- 1 root root 0 ene 12 11:40 director-admin srw------- 1 root root 0 ene 12 09:17 director-userdb srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw------- 1 root root 0 ene 12 11:40 doveadm-server lrwxrwxrwx 1 root root 25 ene 12 11:40 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty drwxr-x--- 2 root root 4,0K ene 12 11:40 login -rw------- 1 root root 6 ene 12 11:40 master.pid
/var/run/dovecot/empty: total 0
/var/run/dovecot/login: total 4,0K srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw-rw-rw- 1 root root 0 ene 12 11:40 imap srw-rw-rw- 1 root root 0 ene 12 11:40 login srw-rw-rw- 1 root root 0 ene 12 11:40 pop3 srw-rw-rw- 1 root root 0 ene 12 11:40 sieve -rw-r--r-- 2 root root 230 ene 9 20:56 ssl-parameters.dat srw-rw-rw- 1 root root 0 ene 12 11:40 ssl-params /
My doveconf -n is the following:/ # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) ext3 auth_debug = yes auth_master_user_separator = * auth_mechanisms = plain login base_dir = /var/run/dovecot/ default_client_limit = 4096 default_process_limit = 2500 disable_plaintext_auth = no dotlock_use_excl = yes mail_fsync = never mail_gid = entrega mail_location = maildir:/buzones/us.es/%2.26Hn/%2.200Hn/%n:INDEX=/buzones/ramdisk/%2.26Hn/%2.200Hn/%n mail_plugins = " zlib" mail_uid = entrega managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { driver = shadow } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } passdb { args = /etc/usuario_maestro.txt driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir:Cuota de usuario quota_rule2 = Trash:storage=+10%% quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 sieve = /buzones/us.es/%2.26Hn/%2.200Hn/%n/dovecot.sieve sieve_dir = /buzones/us.es/%2.26Hn/%2.200Hn/%n/sieve/ zlib_save = gz zlib_save_level = 9 } protocols = pop3 imap sieve service auth { unix_listener auth-master { user = entrega } unix_listener auth-userdb { user = entrega } user = root } service imap-login { executable = /usr/libexec/dovecot/imap-login process_limit = 2000 } service imap { executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap process_limit = 2000 } service managesieve-login { executable = /usr/libexec/dovecot/managesieve-login inet_listener sieve { port = 2000 } process_limit = 2000 } service managesieve { executable = /usr/libexec/dovecot/managesieve process_limit = 2000 } service pop3-login { executable = /usr/libexec/dovecot/pop3-login process_limit = 2000 } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 2000 } ssl_ca = </etc/pki/generico/cacert.crt.pem ssl_cert = </etc/pki/generico/wildcard-us_es.crt ssl_key = </etc/pki/generico/wildcard-key.pem userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } userdb { args = /etc/dovecot/dovecot-ldap-userdb.conf driver = ldap } verbose_proctitle = yes protocol sieve { managesieve_implementation_string = dovecot managesieve_logout_format = bytes=%i/%o managesieve_max_line_length = 65536 } protocol lda { hostname = us.es info_log_path = log_path = mail_fsync = optimized mail_plugins = quota sieve zlib postmaster_address = evcorreo@us.es syslog_facility = mail } protocol imap { mail_plugins = quota imap_quota zlib } protocol pop3 { mail_plugins = zlib pop3_enable_last = yes pop3_uidl_format = %08Xv%08Xu }
/UID & GID of my users:
[root@buzon login]# id entrega uid=500(entrega) gid=500(entrega) grupos=500(entrega) [root@buzon login]# id dovecot uid=104(dovecot) gid=107(dovecot) grupos=107(dovecot) [root@buzon login]# id dovenull uid=107(dovenull) gid=110(dovenull) grupos=110(dovenull)
What am I doing wrong? I have migrated a identical server from dovecot 1.2 to dovecot 2.0 without this problem.
Regards
Javier Still no luck with this. I have followed the debuggind guidelines of dovecot wiki (http://wiki2.dovecot.org/Debugging/ProcessTracing) and executed the following:
strace -f -tt -o strace_dovecot -p 15426
15426 is the PID os /usr/sbin/dovecot. I attach you compressed the log of the strace . Hope this help to solve this issue.
Regards
Javiertelnet 192.168.4.80 110
Trying 192.168.4.80... /Connected to 192.168.4.80. Escape character is '^]'./
In syslog I got the following error:/Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is not dir owner)/
My /var/run/dovecot directory listing is the following:ls -lhR /var/run/dovecot
//var/run/dovecot: total 12K srw------- 1 root root 0 ene 12 11:40 anvil srw------- 1 root root 0 ene 12 11:40 anvil-auth-penalty srw------- 1 root root 0 ene 12 11:40 auth-client srw------- 1 dovecot root 0 ene 12 11:40 auth-login srw------- 1 entrega root 0 ene 12 11:40 auth-master srw------- 1 entrega root 0 ene 12 11:40 auth-userdb srw------- 1 dovecot root 0 ene 12 11:40 auth-worker srw------- 1 root root 0 ene 12 11:40 config srw------- 1 root root 0 ene 12 11:40 dict srwxrwxrwx 1 root root 0 dic 27 21:36 dict-server srw------- 1 root root 0 ene 12 11:40 director-admin srw------- 1 root root 0 ene 12 09:17 director-userdb srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw------- 1 root root 0 ene 12 11:40 doveadm-server lrwxrwxrwx 1 root root 25 ene 12 11:40 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty drwxr-x--- 2 root root 4,0K ene 12 11:40 login -rw------- 1 root root 6 ene 12 11:40 master.pid
/var/run/dovecot/empty: total 0
/var/run/dovecot/login: total 4,0K srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw-rw-rw- 1 root root 0 ene 12 11:40 imap srw-rw-rw- 1 root root 0 ene 12 11:40 login srw-rw-rw- 1 root root 0 ene 12 11:40 pop3 srw-rw-rw- 1 root root 0 ene 12 11:40 sieve -rw-r--r-- 2 root root 230 ene 9 20:56 ssl-parameters.dat srw-rw-rw- 1 root root 0 ene 12 11:40 ssl-params /
My doveconf -n is the following:/ # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) ext3 auth_debug = yes auth_master_user_separator = * auth_mechanisms = plain login base_dir = /var/run/dovecot/ default_client_limit = 4096 default_process_limit = 2500 disable_plaintext_auth = no dotlock_use_excl = yes mail_fsync = never mail_gid = entrega mail_location = maildir:/buzones/us.es/%2.26Hn/%2.200Hn/%n:INDEX=/buzones/ramdisk/%2.26Hn/%2.200Hn/%n mail_plugins = " zlib" mail_uid = entrega managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { driver = shadow } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } passdb { args = /etc/usuario_maestro.txt driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir:Cuota de usuario quota_rule2 = Trash:storage=+10%% quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 sieve = /buzones/us.es/%2.26Hn/%2.200Hn/%n/dovecot.sieve sieve_dir = /buzones/us.es/%2.26Hn/%2.200Hn/%n/sieve/ zlib_save = gz zlib_save_level = 9 } protocols = pop3 imap sieve service auth { unix_listener auth-master { user = entrega } unix_listener auth-userdb { user = entrega } user = root } service imap-login { executable = /usr/libexec/dovecot/imap-login process_limit = 2000 } service imap { executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap process_limit = 2000 } service managesieve-login { executable = /usr/libexec/dovecot/managesieve-login inet_listener sieve { port = 2000 } process_limit = 2000 } service managesieve { executable = /usr/libexec/dovecot/managesieve process_limit = 2000 } service pop3-login { executable = /usr/libexec/dovecot/pop3-login process_limit = 2000 } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 2000 } ssl_ca = </etc/pki/generico/cacert.crt.pem ssl_cert = </etc/pki/generico/wildcard-us_es.crt ssl_key = </etc/pki/generico/wildcard-key.pem userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } userdb { args = /etc/dovecot/dovecot-ldap-userdb.conf driver = ldap } verbose_proctitle = yes protocol sieve { managesieve_implementation_string = dovecot managesieve_logout_format = bytes=%i/%o managesieve_max_line_length = 65536 } protocol lda { hostname = us.es info_log_path = log_path = mail_fsync = optimized mail_plugins = quota sieve zlib postmaster_address = evcorreo@us.es syslog_facility = mail } protocol imap { mail_plugins = quota imap_quota zlib } protocol pop3 { mail_plugins = zlib pop3_enable_last = yes pop3_uidl_format = %08Xv%08Xu }
/UID & GID of my users:
[root@buzon login]# id entrega uid=500(entrega) gid=500(entrega) grupos=500(entrega) [root@buzon login]# id dovecot uid=104(dovecot) gid=107(dovecot) grupos=107(dovecot) [root@buzon login]# id dovenull uid=107(dovenull) gid=110(dovenull) grupos=110(dovenull)
What am I doing wrong? I have migrated a identical server fromdovecot 1.2 to dovecot 2.0 without this problem.
Regards Javier
On 12.1.2011, at 13.34, Javier de Miguel Rodrí guez wrote:
/Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is not dir owner)/
Hmm.
ls -lhR /var/run/dovecot
drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty drwxr-x--- 2 root root 4,0K ene 12 11:40 login
These two directories should have "dovenull" as group.. It should have automatically figured this out by looking up dovenull's group. I could send some debug patches to figure out what the problem is.. But you should be able to work around it by setting:
service imap-login { group = dovenull }
These two directories should have "dovenull" as group.. It should have automatically figured this out by looking up dovenull's group. I could send some debug patches to figure out what the problem is.. But you should be able to work around it by setting:
service imap-login { group = dovenull }
That make the trick. But is strange, in the other dovecot server I own i do not need dovenull for those dirs.
Regards
Javier
participants (2)
-
Javier de Miguel Rodríguez
-
Timo Sirainen