[Dovecot] Problem with ldap error logging
I configured dovecot to authenticate through ldap. When for some reason the ldap server is not working dovecot writes this message to the system log:
dovecot: auth(default): accept(type 1) failed: Too many open files
"Too many open files" is caused by an openldap bug. The serious problem is that dovecot repeats that message a huge number of times, something like 20000 times per second, until the ldap daemon starts working or, more likely, no more disk space remains.
-- // Stefano Fedrigo - Develer S.r.l. \X/ http://www.develer.com
On Mon, 2009-08-24 at 11:07 +0200, Stefano Fedrigo wrote:
I configured dovecot to authenticate through ldap. When for some reason the ldap server is not working dovecot writes this message to the system log:
dovecot: auth(default): accept(type 1) failed: Too many open files
"Too many open files" is caused by an openldap bug.
Do you know what bug? What does Dovecot log before those errors? I haven't had this problem when LDAP server goes down.
The serious problem is that dovecot repeats that message a huge number of times, something like 20000 times per second, until the ldap daemon starts working or, more likely, no more disk space remains.
I guess I could work around it, but then again no one else has had this problem.. It'll be fixed in v2.0 in any case.
Timo Sirainen wrote:
On Mon, 2009-08-24 at 11:07 +0200, Stefano Fedrigo wrote:
I configured dovecot to authenticate through ldap. When for some reason the ldap server is not working dovecot writes this message to the system log:
dovecot: auth(default): accept(type 1) failed: Too many open files
"Too many open files" is caused by an openldap bug.
Do you know what bug? What does Dovecot log before those errors? I haven't had this problem when LDAP server goes down.
Openldap opens many times /lib/libnspr4.so, until hits the max open files limit. I suspect the problem is this one:
https://bugzilla.mozilla.org/show_bug.cgi?id=496997
But applying the suggested patch doesn't resolve it.
This patch seems to be the cause:
https://bugzilla.redhat.com/show_bug.cgi?id=502133#c19
The version of dovecot is on Fedora 11, 1.2.3-1.
I see nothing strange in logs before the errors. I turned on "auth_verbose" and "auth_debug" options in case it happens again.
The serious problem is that dovecot repeats that message a huge number of times, something like 20000 times per second, until the ldap daemon starts working or, more likely, no more disk space remains.
I guess I could work around it, but then again no one else has had this problem.. It'll be fixed in v2.0 in any case.
Of course the main problem is with Openldap, but such a fix could be very useful to improve system's reliability when using Dovecot.
-- // Stefano Fedrigo - Develer S.r.l. \X/ http://www.develer.com
El Mon, 24-08-2009 a las 18:27 +0200, Stefano Fedrigo escribió:
I guess I could work around it, but then again no one else has had this problem.. It'll be fixed in v2.0 in any case.
Of course the main problem is with Openldap, but such a fix could be very useful to improve system's reliability when using Dovecot.
I'd also like to report something that smells very much like a bug in Dovecot's delivery agent /usr/libexec/dovecot/deliver.
On upgrading to Dovecot 1.2.3, the "cmusieve" plugin was replaced by "sieve", so I started getting these errors in my maillog until I fixed the configuration:
Aug 19 11:33:26 trinity dovecot: deliver(bernie): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/lda
A lot of people told me they did not receive bounces from my MTA, which I'm sure would have happened if the deliver command returned an error to its parent process (procmail, which in turn would have propagated the error to qmail-local).
Better yet, Dovecot's deliver agent should return a temporary failure, although I'm not sure if there's a conventional exit code to propagate this condition to the parent process.
-- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/
On Tue, 2009-08-25 at 00:29 -0400, Bernie Innocenti wrote:
On upgrading to Dovecot 1.2.3, the "cmusieve" plugin was replaced by "sieve", so I started getting these errors in my maillog until I fixed the configuration:
Aug 19 11:33:26 trinity dovecot: deliver(bernie): Fatal: Plugin cmusieve not found from directory /usr/lib/dovecot/lda .. Better yet, Dovecot's deliver agent should return a temporary failure, although I'm not sure if there's a conventional exit code to propagate this condition to the parent process.
That's what it does..:
% ./deliver % echo $? 75 % tail -1 /var/log/dovecot.log Aug 25 09:24:01 deliver(tss): Fatal: Plugin asdf not found from directory /usr/local/lib/dovecot/lda % grep define.*EX_TEMPFAIL /usr/include/sysexits.h #define EX_TEMPFAIL 75 /* temp failure; user is invited to retry */
El Tue, 25-08-2009 a las 09:25 -0400, Timo Sirainen escribió:
That's what it does..:
% ./deliver % echo $? 75 % tail -1 /var/log/dovecot.log Aug 25 09:24:01 deliver(tss): Fatal: Plugin asdf not found from directory /usr/local/lib/dovecot/lda % grep define.*EX_TEMPFAIL /usr/include/sysexits.h #define EX_TEMPFAIL 75 /* temp failure; user is invited to retry */
I checked, qmail-lspawn handles 75 as a temporary failure.
Then I dunno what happened in my case, but some mail definitely went into a black hole.
-- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/
On Mon, 2009-08-24 at 11:07 +0200, Stefano Fedrigo wrote:
I configured dovecot to authenticate through ldap. When for some reason the ldap server is not working dovecot writes this message to the system log:
dovecot: auth(default): accept(type 1) failed: Too many open files
"Too many open files" is caused by an openldap bug. The serious problem is that dovecot repeats that message a huge number of times, something like 20000 times per second, until the ldap daemon starts working or, more likely, no more disk space remains.
participants (3)
-
Bernie Innocenti
-
Stefano Fedrigo
-
Timo Sirainen