Hi all,
I can't login.
This is a dovecot server for a small inhouse network, and I doon't use any encryption, and just want to login using the standard Linux login
dovecot status gives me the following error messages:
un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs Jun 12 12:30:06 ulmke2 dovecot[5811]: master: Error: service(auth): command startup failed, throttling for 32 secs Jun 12 12:30:06 ulmke2 dovecot[5814]: imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 10 secs): user=<>, rip=192.168.100.29, lip=192.168.100.2, session=<qXOLWW9uBNPAqGQd> Jun 12 12:30:06 ulmke2 dovecot[5814]: imap-login: Warning: Timeout leak: 0x7fa8a7d372a0 (auth-server-connection.c:397) Jun 12 12:30:16 ulmke2 dovecot[5814]: imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=192.168.100.29, lip=192.168.100.2, session=<pw8lWm9uBtPAqGQd> Jun 12 12:30:36 ulmke2 dovecot[5814]: imap-login: Error: Timeout waiting for handshake from auth server. my pid=5874, input bytes=0 Jun 12 12:30:36 ulmke2 dovecot[5814]: imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 30 secs): user=<>, rip=192.168.100.29, lip=192.168.100.2, session=<pw8lWm9uBtPAqGQd> Jun 12 12:30:38 ulmke2 dovecot[5814]: auth: Error: stats: open(old-stats-user) failed: Permission denied Jun 12 12:30:38 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs Jun 12 12:30:38 ulmke2 dovecot[5811]: master: Error: service(auth): command startup failed, throttling for 60 secs
I'm moving to a new server.
stats: open(old-stats-user) failed: Permission denied
This file may be somewhere on the old server.
Can anyone help me?
--
Best Regards, Walter Ulmke
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs
Config error.
"Fatal" sounds fatal ;-)
stats: open(old-stats-user) failed: Permission denied
Likewise config error, but not fatal.
Post your config
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWx+rFMQnQQNheMxiAQL4kgf+NIOIf/sUgrloibuBz2HyTEwsdFma7/OS jb7ibn9GkG5Q+72Jlfei/O6CG/v6t0poUgGrRhEOU6JTMLwkHB5PQgip8Spu4C1S K16HMRBHOibOjAhoS2JB/On2KRTb6qH3gNd//xuPbkM3tjTT3s+YoI3+Yg+2dVbp 3L4Bfb9ajosYzD3fb2L+UH1EFIyXY73GqUriXJCxApMbTTCGrvZQ6mEqObVCUqiR 8mbx72v4Es/RgXpXJT1DAvoJanGEbUk7YE7SWTHYUzQ3JyN9KtUYIgn6pca9mmWI y8GRn3nIHOI6ny2HCDp5SyFKQ7A0GJeVHLECUjD8Wv/uXF/8tpADWQ== =gFZM -----END PGP SIGNATURE-----
On 2018-06-12 13:14, Steffen Kaiser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs
Config error.
"Fatal" sounds fatal ;-)
stats: open(old-stats-user) failed: Permission denied
Likewise config error, but not fatal.
Post your config
- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
Hi Steffen,
the output from doveconf -n:
auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } ssl = no ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { driver = passwd }
--
Best Regards, Walter Ulmke
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
Date: Tue, 12 Jun 2018 14:23:30 +0200 From: Walter Ulmke <ulw@ulmke.com> To: dovecot@dovecot.org Subject: Re: cant login to Dovecot
On 2018-06-12 13:14, Steffen Kaiser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs
Config error.
"Fatal" sounds fatal ;-)
see below. Update your mechs
stats: open(old-stats-user) failed: Permission denied
There is no stats config.
Likewise config error, but not fatal.
Post your config
auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
https://wiki2.dovecot.org/Authentication/Mechanisms?highlight=(apop)
APOP: This is a POP3-specific authentication. Similar to CRAM-MD5, but requires storing password in plaintext.
But PAM does not offer access to plain/text, IMHO.
managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } ssl = no ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { driver = passwd }
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWx/IGsQnQQNheMxiAQLZaQgAwqOE59dZoXqcBkYYmdgiej4glYRhjaSl kwZeY6aFHjoErXK9B2VmrL9atmcMWoI3cocoCzpk5lib5CDuAXdQujCWluT/B/CK 5597D/OG77GhlWhG73Dptytkc03qjx3l4XipkcVrNKtuKVtKO1POFnldfIyUb0mr v73XsTo6trbQu9+S+oK9nZGrUUnirGivz+aVj6Xe2JNke69H8Et6LOJdmQdDxKqR gmGKXwtPMspX5yKOb/4oOLnc6yzif+RVSdC8wcMyGc3dQapVIRKtFOceal5B3eu9 PopaPlTmLTA27GmbxlNbQYP/YZnAxlZTTCvls28fegm1mVfpQeQ9qg== =HFv8 -----END PGP SIGNATURE-----
On 2018-06-12 15:18, Steffen Kaiser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
Date: Tue, 12 Jun 2018 14:23:30 +0200 From: Walter Ulmke <ulw@ulmke.com> To: dovecot@dovecot.org Subject: Re: cant login to Dovecot
On 2018-06-12 13:14, Steffen Kaiser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 12 Jun 2018, Walter Ulmke wrote:
un 12 12:30:06 ulmke2 dovecot[5814]: auth: Fatal: APOP mechanism can't be supported with given passdbs
Config error.
"Fatal" sounds fatal ;-)
see below. Update your mechs
stats: open(old-stats-user) failed: Permission denied
There is no stats config.
Likewise config error, but not fatal.
Post your config
auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
https://wiki2.dovecot.org/Authentication/Mechanisms?highlight=(apop)
APOP: This is a POP3-specific authentication. Similar to CRAM-MD5, but requires storing password in plaintext.
But PAM does not offer access to plain/text, IMHO.
managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } ssl = no ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { driver = passwd }
- -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWx/IGsQnQQNheMxiAQLZaQgAwqOE59dZoXqcBkYYmdgiej4glYRhjaSl kwZeY6aFHjoErXK9B2VmrL9atmcMWoI3cocoCzpk5lib5CDuAXdQujCWluT/B/CK 5597D/OG77GhlWhG73Dptytkc03qjx3l4XipkcVrNKtuKVtKO1POFnldfIyUb0mr v73XsTo6trbQu9+S+oK9nZGrUUnirGivz+aVj6Xe2JNke69H8Et6LOJdmQdDxKqR gmGKXwtPMspX5yKOb/4oOLnc6yzif+RVSdC8wcMyGc3dQapVIRKtFOceal5B3eu9 PopaPlTmLTA27GmbxlNbQYP/YZnAxlZTTCvls28fegm1mVfpQeQ9qg== =HFv8 -----END PGP SIGNATURE-----
PAM war mir immer schon suspekt.
Ich habe den Bereich auskommentiert und erhalte nun:
auth: Error: stats: open(old-stats-user) failed: Permission denied Jun 12 17:04:44 ulmke2 dovecot[6883]: auth: Fatal: No passdbs specified in configuration file. APOP mechanism need> Jun 12 17:04:44 ulmke2 dovecot[6880]: master: Error: service(auth): command startup failed, throttling for 2 secs Jun 12 17:04:44 ulmke2 dovecot[6883]: imap-login: Disconnected: Auth process broken (disconnected before auth was >
--
Best Regards, Walter Ulmke
Am 12.06.2018 um 17:10 schrieb Walter Ulmke:
PAM war mir immer schon suspekt.
Ich habe den Bereich auskommentiert und erhalte nun:
auth: Error: stats: open(old-stats-user) failed: Permission denied Jun 12 17:04:44 ulmke2 dovecot[6883]: auth: Fatal: No passdbs specified
^^^^^^^^^^^^^^^^^^in configuration file. APOP mechanism need> Jun 12 17:04:44 ulmke2 dovecot[6880]: master: Error: service(auth): command startup failed, throttling for 2 secs Jun 12 17:04:44 ulmke2 dovecot[6883]: imap-login: Disconnected: Auth process broken (disconnected before auth was >
-- -- Best Regards, Walter Ulmke
Wait, you have removed
passdb { driver = pam }
from your configuration? That's the wrong part. Strip down auth_mechanisms to the mechanism(s) you really want to support and use. Forget about apop and use plain.
And and SSL configuration is incomplete.
Alexander
On Tue, 12 Jun 2018, Walter Ulmke wrote:
... and just want to login using the standard Linux login
Depends on what you which "standard" you mean but I'll just assume you're using PAM, as suggested by your config.
auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous
Looks like you did a kitchen sink configuration in hopes something will work, but it's probably interfering. Just "plain" and "login" is fine.
passdb { driver = pam }
I don't use PAM, but it looks like you may be a few parameters short. Did you install pam/dovecot config?
https://wiki2.dovecot.org/PasswordDatabase/PAMJoseph Tam <jtam.home@gmail.com>
On 2018-06-13 00:09, Joseph Tam wrote:
On Tue, 12 Jun 2018, Walter Ulmke wrote:
... and just want to login using the standard Linux login
Depends on what you which "standard" you mean but I'll just assume you're using PAM, as suggested by your config.
auth_mechanisms = plain login digest-md5 cram-md5 ntlm rpa apop anonymous
Looks like you did a kitchen sink configuration in hopes something will work, but it's probably interfering. Just "plain" and "login" is fine.
passdb { driver = pam }
I don't use PAM, but it looks like you may be a few parameters short. Did you install pam/dovecot config?
https://wiki2.dovecot.org/PasswordDatabase/PAM
Joseph Tam <jtam.home@gmail.com>
this is driving me mad. I still can't login.
I started with a fresh doveconfig directory and implemented the sufǵgestions in the above Document.
Now doveconfig -n gives me:
managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = prefix = } passdb { driver = pam } plugin { sieve = file:~/sieve;active=~/.dovecot.sieve } ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_options = no_compression ssl_prefer_server_ciphers = yes userdb { driver = passwd }
dovecot status says:
Jun 13 15:27:32 ulmke2 systemd[1]: Started Dovecot IMAP/POP3 email server. Jun 13 15:27:32 ulmke2 systemd[1]: dovecot.service: Main process exited, code=exited,> Jun 13 15:27:32 ulmke2 dovecot[14622]: Error: service(imap-login): listen(*, 993) fai> Jun 13 15:27:32 ulmke2 dovecot[14622]: Fatal: Failed to start listeners Jun 13 15:27:32 ulmke2 systemd[1]: dovecot.service: Unit entered failed state. Jun 13 15:27:32 ulmke2 systemd[1]: dovecot.service: Failed with result 'exit-code'.
At least before it started ....
-- Best Regards, Walter Ulmke
Ulmke Machine Tools, 48496 Hopsten, Germany Tel. ++49/5458/93345-0 Fax. ++49/5458/93345-45 Mobile: ++49/172/5357999 eMail: ulw@ulmke.com Dipl.-Ing. Walter Ulmke e.K. AG Steinfurt HRA 4384
On Wed, 13 Jun 2018, Walter Ulmke wrote:
I started with a fresh doveconfig directory and implemented the suf?gestions in the above Document.
... dovecot status says: ... Jun 13 15:27:32 ulmke2 dovecot[14622]: Error: service(imap-login): listen(*, 993) fai>
You've chopped off the most import part at the end: the reason why it could not open the IMAP port. Nevertheless, I fed this fragment into Google and got
https://bugzilla.redhat.com/show_bug.cgi?id=873188but it's a wild guess if it has anything to do with your problem.
At least before it started ....
Right, the problem here is more basic. Once you get over this, you can move forward to success or the next problem.
Joseph Tam <jtam.home@gmail.com>
participants (4)
-
Alexander Dalloz
-
Joseph Tam
-
Steffen Kaiser
-
Walter Ulmke