[Dovecot] Finally upgrading from v1.0.15 to v1.2.16 -- advice please
It's long over due, but now I finally plan on upgrading from v1.0.15 to v1.2.16 on our servers. Would appreciate any comments!
We have 7 servers, all running of the same GPFS filesystem. Both maildirs and indexes are stored here. We use dovecot for POP/IMAP and deliver. Currently we're using mysql as authentication source, but want to move to using ldap instead.
Can we upgrade one server at a time, or do we need to upgrade all servers at the same time ? http://wiki2.dovecot.org/Upgrading/1.1 says "Index files have slightly changed as well. Upgrading to v1.1 should go transparently, but moving back to v1.0 might again cause some errors." which makes me think we can't have both versions running against the same users ?
Also, if we upgrade only one server, should we switch to "mmap_disable=no" on this one, or keep running with "mmap_disable=yes" on all servers ?
"NFS users should now set mail_nfs_storage=yes and mail_nfs_index=yes." Does this apply to any shared/networked filesystems, and is this relevant for GPFS ?
The sql queries we're doing now is:
password_query = select U.Account as user,S.Password as password from Users U, UserSession S where U.Account=S.Account and U.Account='%u'
user_query = SELECT 3000 as uid, 3000 as gid, concat(concat('maildir:', MailDir), concat(':INDEX=', replace(MailDir, '/usr/local/atmail/users', '/usr/local/atmail/users/indexes'))) as mail, concat('maildir:storage=', UserQuota) as quota FROM Users WHERE Account = '%u'I plan on doing ldap bind() for authentication:
hosts = maildb3.example.net:389
auth_bind = yes
ldap_version = 3
base = ou=people,o=%d,o=ISP,o=example,c=net
deref = never
scope = onelevel
user_filter = (&(objectClass=altiboxperson)(uid=%n))
default_pass_scheme = SSHAbut the user_query is a challenge.. In LDAP we have:
uid = janfrode, ou=people,o=domain1.net,o=ISP,o=example,c=net
mail = janfrode@domain1.net
mailMessageStore = /usr/local/atmail/users/j/a/janfrode@domain1.net
mailQuota = 1000000
domain = domain1.net
userPassword = SSHA-stringSo, outside of the user_attrs we need:
mail_uid = 3000
mail_gid = 3000But I'm having a hard time understanding how I can use the ldap value mail=/usr/local/atmail/users/j/a/janfrode@domain1.net to translate into dovecot's "mail" containing both "maildir:" and "INDEX=".
Does the below look correct ?
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u, mailQuota=quota_rule=*:storage=%$i.e. will it point dovecot at:
mail = maildir:/usr/local/atmail/users/j/a/janfrode@domain1.net:INDEX=/usr/local/atmail/users/indexes/j/a/janfrode@domain1.net
quota_rule=*:storage=1000000-jf
On Mon, 2011-01-03 at 14:06 +0100, Jan-Frode Myklebust wrote:
It's long over due, but now I finally plan on upgrading from v1.0.15 to v1.2.16 on our servers. Would appreciate any comments!
We have 7 servers, all running of the same GPFS filesystem. Both maildirs and indexes are stored here. We use dovecot for POP/IMAP and deliver. Currently we're using mysql as authentication source, but want to move to using ldap instead.
Can we upgrade one server at a time, or do we need to upgrade all servers at the same time ?
You could have upgraded from v1.0 to v1.1 or v1.1 to v1.2 incrementally, but v1.2's index changes haven't been backported to v1.0, so if v1.0 accesses indexes modified by v1.2 you'll probably get some errors.
Also, if we upgrade only one server, should we switch to "mmap_disable=no" on this one, or keep running with "mmap_disable=yes" on all servers ?
Keep it as "yes" always.
"NFS users should now set mail_nfs_storage=yes and mail_nfs_index=yes." Does this apply to any shared/networked filesystems, and is this relevant for GPFS ?
Probably not. If it worked fine with v1.0 then you don't need these.
Does the below look correct ?
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u, mailQuota=quota_rule=*:storage=%$
i.e. will it point dovecot at:
mail = maildir:/usr/local/atmail/users/j/a/janfrode@domain1.net:INDEX=/usr/local/atmail/users/indexes/j/a/janfrode@domain1.net quota_rule=*:storage=1000000
Yes. Although if the mail directory can be created by such a template, you could do it without having the directory in ldap at all..
On Tue, Jan 04, 2011 at 11:35:42AM +0200, Timo Sirainen wrote:
You could have upgraded from v1.0 to v1.1 or v1.1 to v1.2 incrementally, but v1.2's index changes haven't been backported to v1.0, so if v1.0 accesses indexes modified by v1.2 you'll probably get some errors.
I think we'll just jump in with both feet, and upgrade them all to v1.2 at the same time. If, in worst case, we need to downgrade, do we need to delete all indexes first, or will the errors resolve themselves ?
I just tested accessing the same mailbox over imap first against v1.2 then against v1.0.15, and didn't see any problems logged. But maybe that was too light testing to reveal any problems..
Does the below look correct ?
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u, mailQuota=quota_rule=*:storage=%$
i.e. will it point dovecot at:
mail = maildir:/usr/local/atmail/users/j/a/janfrode@domain1.net:INDEX=/usr/local/atmail/users/indexes/j/a/janfrode@domain1.net quota_rule=*:storage=1000000
Yes. Although if the mail directory can be created by such a template, you could do it without having the directory in ldap at all..
What would I then have on the left hand side of the expression instead of ldap attribute ? Hmm, I think I'll stick with the ldap attribute, to force us to keep the ldap data correct in case we ever want to replace some parts of dovecot with something that doesn't allow such templating.
-jf
On Tue, 2011-01-04 at 11:40 +0100, Jan-Frode Myklebust wrote:
On Tue, Jan 04, 2011 at 11:35:42AM +0200, Timo Sirainen wrote:
You could have upgraded from v1.0 to v1.1 or v1.1 to v1.2 incrementally, but v1.2's index changes haven't been backported to v1.0, so if v1.0 accesses indexes modified by v1.2 you'll probably get some errors.
I think we'll just jump in with both feet, and upgrade them all to v1.2 at the same time. If, in worst case, we need to downgrade, do we need to delete all indexes first, or will the errors resolve themselves ?
They should resolve automatically, but there may be bugs which cause crashes and those might not get resolved automatically.
I just tested accessing the same mailbox over imap first against v1.2 then against v1.0.15, and didn't see any problems logged. But maybe that was too light testing to reveal any problems..
If you expunge messages in v1.2 I think v1.0 won't understand those.
Does the below look correct ?
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u, mailQuota=quota_rule=*:storage=%$
i.e. will it point dovecot at:
mail = maildir:/usr/local/atmail/users/j/a/janfrode@domain1.net:INDEX=/usr/local/atmail/users/indexes/j/a/janfrode@domain1.net quota_rule=*:storage=1000000
Yes. Although if the mail directory can be created by such a template, you could do it without having the directory in ldap at all..
What would I then have on the left hand side of the expression instead of ldap attribute ? Hmm, I think I'll stick with the ldap attribute, to force us to keep the ldap data correct in case we ever want to replace some parts of dovecot with something that doesn't allow such templating.
I meant that you'd remove "mail" entirely from ldap stuff, and use mail_location setting instead.
On Tue, Jan 04, 2011 at 12:44:26PM +0200, Timo Sirainen wrote:
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u, mailQuota=quota_rule=*:storage=%$
i.e. will it point dovecot at:
mail = maildir:/usr/local/atmail/users/j/a/janfrode@domain1.net:INDEX=/usr/local/atmail/users/indexes/j/a/janfrode@domain1.net quota_rule=*:storage=1000000
The maildir and indexes seems OK, but the quota doesn't work. I have confirmed that this user has a "mailQuota: 1000000" in LDAP, but no quota is reported trough IMAP:
. getquotaroot inbox
. OK No quota.while for the same user, under v1.0 running against mysql I see:
. getquotaroot inbox
* QUOTAROOT "inbox" ""
* QUOTA "" (STORAGE 539 1000000)
. OK Getquotaroot completed.I've tried both:
user_attrs = mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u,mailQuota=quota_rule=*:storage=%$
user_attrs = mailQuota=quota_rule=*:storage=1G,mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%uFull config:
# 1.2.16: /usr/local/dovecot-1.2.16/etc/dovecot.conf # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server # release 5.5 (Tikanga) protocols: imap pop3 listen(default): *:143 listen(imap): *:143 listen(pop3): *:110 ssl: no disable_plaintext_auth: no login_dir: /usr/local/dovecot-1.2.16/var/run/dovecot/login login_executable(default): /usr/local/dovecot-1.2.16/libexec/dovecot/imap-login login_executable(imap): /usr/local/dovecot-1.2.16/libexec/dovecot/imap-login login_executable(pop3): /usr/local/dovecot-1.2.16/libexec/dovecot/pop3-login max_mail_processes: 300 mail_uid: 3000 mail_gid: 3000 mmap_disable: yes mail_executable(default): /usr/local/dovecot/sbin/imap-wrapper.sh mail_executable(imap): /usr/local/dovecot/sbin/imap-wrapper.sh mail_executable(pop3): /usr/local/dovecot/sbin/pop-wrapper.sh mail_plugins(default): quota imap_quota mail_plugins(imap): quota imap_quota mail_plugins(pop3): quota mail_plugin_dir(default): /usr/local/dovecot-1.2.16/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/dovecot-1.2.16/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/dovecot-1.2.16/lib/dovecot/pop3 imap_client_workarounds(default): outlook-idle delay-newmail imap_client_workarounds(imap): outlook-idle delay-newmail imap_client_workarounds(pop3): pop3_uidl_format(default): %08Xu%08Xv pop3_uidl_format(imap): %08Xu%08Xv pop3_uidl_format(pop3): UID%u-%v pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh namespace: type: private prefix: INBOX. inbox: yes list: yes subscriptions: yes lda: postmaster_address: MAILER-DAEMON@example.net mail_plugins: quota auth_socket_path: /var/run/dovecot/auth-master sendmail_path: /usr/sbin/sendmail auth default: user: dovecot-auth passdb: driver: ldap args: /usr/local/dovecot/etc/dovecot-ldap.conf userdb: driver: ldap args: /usr/local/dovecot/etc/dovecot-ldap.conf socket: type: listen master: path: /var/run/dovecot/auth-master mode: 432 user: root group: atmail
$ grep -v ^# dovecot-ldap.conf |grep -v ^$ hosts = ldapm1.example.net:389 ldapm2.example.net:389 maildb.example.net:389 auth_bind = yes auth_bind_userdn = uid=%n,ou=people,o=%d,o=ISP,o=example,c=NO base = ou=people,o=%d,o=ISP,o=example,c=NO deref = never scope = onelevel user_filter = (&(objectClass=examplePerson)(uid=%n)) user_attrs = mailQuota=quota_rule=*:storage=1G,mailMessageStore=mail=maildir:%$:INDEX=/usr/local/atmail/users/indexes/%1u/%1.1u/%u
-jf
On Tue, 2011-01-04 at 14:33 +0100, Jan-Frode Myklebust wrote:
The maildir and indexes seems OK, but the quota doesn't work. I have confirmed that this user has a "mailQuota: 1000000" in LDAP, but no quota is reported trough IMAP:
. getquotaroot inbox . OK No quota.
You don't have
plugin { quota=maildir }
?
On Tue, Jan 04, 2011 at 03:37:47PM +0200, Timo Sirainen wrote:
You don't have
plugin { quota=maildir }
We didn't have any plugin-setting for this with v1.0, and it wasn't obvious to me that we also needed this plugin-definition in addition to the quota_rule string per user. Works now, thank you!
-jf
participants (2)
-
Jan-Frode Myklebust
-
Timo Sirainen