dsync fails for existing user: "Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password" ?
i'm attempting to dsync from a remote/other IMAP store to my current/new dovecot instance
testing remote's IMAP access from the local/dovecot box, i can successfully login
openssl s_client \
-crlf \
-4 \
-showcerts \
-bind 10.0.1.10 \
-connect remote-imap.example.com:993 \
-cert /sec/vmail/client.EC.crt.pem \
-key /sec/vmail/client.EC.key.pem \
-CAfile /sec/vmail/CA.crt.pem
a1 login "testuser@example.net" "my!secret"
a1 OK [CAPABILITY IMAP4rev1 ACL BINARY CATENATE CHILDREN CONDSTORE ENABLE ESEARCH ESORT I18NLEVEL=1 ID IDLE LIST-EXTENDED LIST-STATUS LITERAL+ LOGIN-REFERRALS MULTIAPPEND NAMESPACE QRESYNC QUOTA RIGHTS=ektx SASL-IR SEARCHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST] LOGIN completed
atm, my dovecot config includes the following, matching the ssl config above,
ssl_client_ca_file = /sec/vmail/CA.crt.pem
ssl_client_require_valid_cert = yes
ssl_client_cert = < /sec/vmail/client.EC.crt.pem
ssl_client_key = < /sec/vmail/client.EC.key.pem
protocol doveadm {
mail_plugins = virtual
}
imapc_host = remote-imap.example.com
imapc_features = rfc822.size
imapc_features = $imapc_features fetch-headers
mail_prefetch_count = 20
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
dsync_features = empty-header-workaround
dsync_commit_msgs_interval = 100 # default in v2.2.30+
dsync_hashed_headers = Date Message-ID
and
grep users.conf /etc/dovecot/conf.d/*
/etc/dovecot/conf.d/10-auth.conf: args = scheme=ARGON2ID /etc/dovecot/sec/users.conf
_USER="testuser@example.net"
_PASS="my!secret"
_PASS_ENC=$( doveadm pw -s ARGON2ID -p ${_PASS} )
echo "${_USER}:${_PASS_ENC}::::" >> /etc/dovecot/sec/users.conf
grep testuser@example.net /etc/dovecot/sec/users.conf
testuser@example.net:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$...qY::::
on exec
doveadm -D -o mail_fsync=never backup -R -u "testuser@example.net" imapc:
returns/fails,
Debug: Loading modules from directory: /usr/lib64/dovecot
Debug: Module loaded: /usr/lib64/dovecot/lib20_virtual_plugin.so
Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm
Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message)
Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib64/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message)
doveadm(testuser@example.net)<>: Debug: auth-master: userdb lookup(testuser@example.net): Started userdb lookup
doveadm(testuser@example.net)<>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb: Connecting
doveadm(testuser@example.net)<>: Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=10517,uid=0): Client connected (fd=10)
doveadm(testuser@example.net)<>: Debug: auth-master: userdb lookup(testuser@example.net): auth USER input: testuser@example.net uid=5000 gid=5000 home=/data/vmail/example.net/testuser/Maildir
doveadm(testuser@example.net)<>: Debug: auth-master: userdb lookup(testuser@example.net): Finished userdb lookup (username=testuser@example.net uid=5000 gid=5000 home=/data/vmail/example.net/testuser/Maildir)
doveadm(testuser@example.net): Debug: Effective uid=5000, gid=5000, home=/data/vmail/example.net/testuser/Maildir
doveadm(testuser@example.net): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/data/vmail/example.net/testuser/Maildir:CONTROL=/data/vmail/example.net/testuser/_control:INDEX=/var/vmail-index/example.net/testuser:LAYOUT=fs:UTF-8
doveadm(testuser@example.net): Debug: fs: root=/data/vmail/example.net/testuser/Maildir, index=/var/vmail-index/example.net/testuser, indexpvt=, control=/data/vmail/example.net/testuser/_control, inbox=/data/vmail/example.net/testuser/Maildir, alt=
doveadm(testuser@example.net): Debug: Namespace shared: type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=maildir:/data/vmail/example.net/testuser/Maildir:INDEXPVT=/var/vmail-index/shared/%u
doveadm(testuser@example.net): Debug: shared: root=/run/dovecot/, index=, indexpvt=, control=, inbox=, alt=
doveadm(testuser@example.net): Debug: Namespace virtual: type=private, prefix=virtual/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=yes location=virtual:/data/vmail/virtual:INDEX=MEMORY
doveadm(testuser@example.net): Debug: fs: root=/data/vmail/virtual, index=, indexpvt=, control=, inbox=, alt=
doveadm(testuser@example.net): Debug: brain M: Namespace has location maildir:/data/vmail/example.net/testuser/Maildir:CONTROL=/data/vmail/example.net/testuser/_control:INDEX=/var/vmail-index/example.net/testuser:LAYOUT=fs:UTF-8
doveadm(testuser@example.net): Debug: Namespace : Using permissions from /data/vmail/example.net/testuser/Maildir: mode=0700 gid=default
dsync(testuser@example.net): Debug: Effective uid=5000, gid=5000, home=/data/vmail/example.net/testuser/Maildir
dsync(testuser@example.net): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=imapc:
dsync(testuser@example.net): Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password
dsync(testuser@example.net): Debug: auth-master: conn unix:/run/dovecot/auth-userdb (pid=10517,uid=0): Disconnected: Connection closed (fd=10)
what needs to change in this^ config so that 'dsync' successfully gets/uses the "missing imapc_password" from the existing users.conf file?
On 7/23/20 11:12 AM, PGNet Dev wrote:
what needs to change in this^ config so that 'dsync' successfully gets/uses the "missing imapc_password" from the existing users.conf file?
red-herring; not a password issue at all
seems the remote offers ciphers provided by JSSE without BouncyCastle, not OpenSSL, and doesn't manage with the ECDSA/CHACHA20 cert/cipher.
loosening,
- ssl_cipher_list = TTLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305
- ssl_cipher_list = TLS_CHACHA20_POLY1305_SHA256:ECDHE
gets the connection to work, using
ECDHE-RSA-AES256-GCM-SHA384
i still have a sync issue w/ INBOX deletion, but that's another matter ...
On 23/07/2020 21:12 PGNet Dev pgnet.dev@gmail.com wrote:
<snip>
i'm attempting to dsync from a remote/other IMAP store to my > what needs to change in this^ config so that 'dsync' successfully gets/uses the "missing imapc_password" from the existing users.conf file?
userdb_imapc_password into users.conf? or alternatively set it in dovecot.conf.
Aki
participants (2)
-
Aki Tuomi
-
PGNet Dev