[Dovecot] May 21 09:13:14 mail dovecot: imap-login: No authentication sockets found
I started getting this message this morning: May 21 09:13:14 mail
dovecot: imap-login: No authentication sockets found
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4 weeks
now with no issues. Im authenticating against openldap 2.3.27. It
appears ok. I restarted ldap, and dovecot, and everything looked fine
for a few minutes, then this started again. I have around 720 users.
Is there a setting in the dovecot.conf that I can use to fix this? Or
is the problem elsewhere?
-- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
On Mon, 2007-05-21 at 09:21 -0400, dhottinger@harrisonburg.k12.va.us wrote:
I started getting this message this morning: May 21 09:13:14 mail
dovecot: imap-login: No authentication sockets foundIve been runing dovecot on a fc6 dell poweredge 2950 for about 4 weeks
now with no issues. Im authenticating against openldap 2.3.27. It
appears ok. I restarted ldap, and dovecot, and everything looked fine
for a few minutes, then this started again. I have around 720 users.
Is there a setting in the dovecot.conf that I can use to fix this? Or
is the problem elsewhere?
What Dovecot version? The error message means that Dovecot's login_dir (/var/run/dovecot/login) was cleaned. A few other people have been having this problem, but I haven't yet found out any bugs in Dovecot that would cause it. Except before v1.0.rc29 if you tried to start Dovecot while it was already running it would do this.
On Mon, 2007-05-21 at 22:31 +0300, Timo Sirainen wrote:
I started getting this message this morning: May 21 09:13:14 mail
dovecot: imap-login: No authentication sockets found .. What Dovecot version? The error message means that Dovecot's login_dir (/var/run/dovecot/login) was cleaned. A few other people have been having this problem, but I haven't yet found out any bugs in DovecotOn Mon, 2007-05-21 at 09:21 -0400, dhottinger@harrisonburg.k12.va.us wrote: that would cause it. Except before v1.0.rc29 if you tried to start Dovecot while it was already running it would do this.
Actually I was wrong. I fixed it for "dovecot -n" and "dovecot -a", but actually trying to start Dovecot while it's already running will wipe out the login directory. I'll go fix this for v1.0.1.
Thank you Timo. You are great:)
2007/5/23, Timo Sirainen <tss@iki.fi>:
On Mon, 2007-05-21 at 22:31 +0300, Timo Sirainen wrote:
I started getting this message this morning: May 21 09:13:14 mail dovecot: imap-login: No authentication sockets found .. What Dovecot version? The error message means that Dovecot's login_dir (/var/run/dovecot/login) was cleaned. A few other people have been having this problem, but I haven't yet found out any bugs in Dovecot
On Mon, 2007-05-21 at 09:21 -0400, dhottinger@harrisonburg.k12.va.us wrote: that would cause it. Except before v1.0.rc29 if you tried to start Dovecot while it was already running it would do this.
Actually I was wrong. I fixed it for "dovecot -n" and "dovecot -a", but actually trying to start Dovecot while it's already running will wipe out the login directory. I'll go fix this for v1.0.1.
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4 weeks now with no issues. Im authenticating against openldap 2.3.27. It appears ok. I restarted ldap, and dovecot, and everything looked fine for a few minutes, then this started again. I have around 720 users.
Is there a setting in the dovecot.conf that I can use to fix this? Or is the problem elsewhere?
I went back and looked, and you have sent a few messages to the list, but not once have you mentioned what version of dovecot, or provided dovecot -n output...
--
Best regards,
Charles
dhottinger@harrisonburg.k12.va.us wrote:
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4 weeks now with no issues. Im authenticating against openldap 2.3.27. It appears ok. I restarted ldap, and dovecot, and everything looked fine
As Timo mentioned, it sounds like the auth socket is being deleted because it's in a place that the 'tmpwatch' tool will clean out; the default on FC6 is anything more than 720hrs old (30 days), which fits right in to your 4-week observation.
Compare the location of your sockets/cache (dovecot -n) with the list of directories cleaned by tmpwatch (look in /etc/cron.daily/tmpwatch) and make sure the two aren't stepping on each other's toes.
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
Quoting Troy Engel <tengel@fluid.com>:
dhottinger@harrisonburg.k12.va.us wrote:
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4
weeks now with no issues. Im authenticating against openldap
2.3.27. It appears ok. I restarted ldap, and dovecot, and
everything looked fineAs Timo mentioned, it sounds like the auth socket is being deleted because it's in a place that the 'tmpwatch' tool will clean out; the default on FC6 is anything more than 720hrs old (30 days), which fits right in to your 4-week observation.
Compare the location of your sockets/cache (dovecot -n) with the list of directories cleaned by tmpwatch (look in /etc/cron.daily/tmpwatch) and make sure the two aren't stepping on each other's toes.
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
tmpwatch:
/usr/sbin/tmpwatch -x /tmp/.X11-unix -x /tmp/.XIM-unix -x /tmp/.font-unix
-x /tmp/.ICE-unix -x /tmp/.Test-unix 240 /tmp
/usr/sbin/tmpwatch 720 /var/tmp
for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
if [ -d "$d" ]; then
/usr/sbin/tmpwatch -f 720 "$d"
fi
done
dovecot -n [root@mail ~]# dovecot -n # /etc/dovecot.conf login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_location: mbox:~/:INBOX=/var/mail/%u mail_debug: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: passdb: driver: pam userdb: driver: passwd I dont see anything about the auth socket. Been a long day though.
ddh
-- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
dhottinger@harrisonburg.k12.va.us wrote:
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4
weeks now with no issues. Im authenticating against openldap
2.3.27. It appears ok. I restarted ldap, and dovecot, and
everything looked finelogin_dir: /var/run/dovecot/login auth default: passdb: driver: pam userdb: driver: passwd
Just FYI, you are not authenticating [dovecot] against OpenLDAP; you're authenticating using PAM, and it's PAM who is doing the LDAP lookups via nss_ldap. (http://wiki.dovecot.org/AuthDatabase/Passwd)
Did you have all the other 'old' (30d+) files in /var/run/dovecot/ before having restarted the daemon(s)? Any chance you saved a ls -l of that dir somehow? One thing to check is if the socket alone disappeared, or if others (the PID file, for example) were also gone. Since they'd typically have the same datetime stamp, it would provide a clue...
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
Quoting Troy Engel <tengel@fluid.com>:
dhottinger@harrisonburg.k12.va.us wrote:
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4
weeks now with no issues. Im authenticating against openldap
2.3.27. It appears ok. I restarted ldap, and dovecot, and
everything looked finelogin_dir: /var/run/dovecot/login auth default: passdb: driver: pam userdb: driver: passwd
Just FYI, you are not authenticating [dovecot] against OpenLDAP; you're authenticating using PAM, and it's PAM who is doing the LDAP lookups via nss_ldap. (http://wiki.dovecot.org/AuthDatabase/Passwd)
Did you have all the other 'old' (30d+) files in /var/run/dovecot/ before having restarted the daemon(s)? Any chance you saved a ls -l of that dir somehow? One thing to check is if the socket alone disappeared, or if others (the PID file, for example) were also gone. Since they'd typically have the same datetime stamp, it would provide a clue...
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com Sorry, Yes I knew I was authenticating against pam. Didnt do an ls -l of the
/var/run/dovecot. Wouldnt a restart of dovecot fix that though?
ddh
-- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
dhottinger@harrisonburg.k12.va.us wrote:
Yes I knew I was authenticating against pam. Didnt do an ls -l of the /var/run/dovecot. Wouldnt a restart of dovecot fix that though?
Correct, the concept was *before* you restarted the daemon, to try and capture as much info first. It's hard when you're under the gun and need to restore services, but if it happens again I'd suggest scraping the system for clues for a few minutes. (ls -laR important dirs like /var/run/dovecot, ps -ef, maybe some lsof and lslk action, etc.)
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
On Mon, 2007-05-21 at 14:37 -0700, Troy Engel wrote:
dhottinger@harrisonburg.k12.va.us wrote:
Ive been runing dovecot on a fc6 dell poweredge 2950 for about 4 weeks now with no issues. Im authenticating against openldap 2.3.27. It appears ok. I restarted ldap, and dovecot, and everything looked fine
As Timo mentioned, it sounds like the auth socket is being deleted because it's in a place that the 'tmpwatch' tool will clean out;
Does some system really do this? I'd think it would break other software as well. I see at least that I have /var/run/mysqld/mysqld.sock which hasn't been updated since it was started. And then there are a lot of .pid files as well.
Timo Sirainen wrote:
As Timo mentioned, it sounds like the auth socket is being deleted because it's in a place that the 'tmpwatch' tool will clean out;
Does some system really do this? I'd think it would break other software as well. I see at least that I have /var/run/mysqld/mysqld.sock which
Only *certain* directories (ddh pasted the output of a default file). By default the /var/run/dovecot should be left alone, but it never hurts to have people check their system...
-te
-- Troy Engel | Systems Engineer Fluid, Inc | http://www.fluid.com
participants (5)
-
Charles Marcus
-
dhottinger@harrisonburg.k12.va.us
-
funkypunky drunky
-
Timo Sirainen
-
Troy Engel