[Dovecot] How to disable Director service?
Hi All,
Does anyone know how to disable the Director service. In our current running Dovecot 2.2.4, if the director configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with gives out fatal errors. We have dedicated Dovecot Director servers that serve the public frontend and separate dedicated imap/pop3 servers on the backend internal network. With the new version, Dovecot is always trying to start Director service and I couldn't find a way to stop Dovecot from giving out errors.
- When the entire Director configuration block is commented out, there errors:
dovecot: director: Fatal: No inet_listeners defined for director service (for standalone keep director_servers empty) dovecot: master: Error: service(director): command startup failed, throttling for 2 secs
When the director_servers line is configured as "*director_servers = *", there errors: dovecot: director: Error: Empty server list dovecot: director: Fatal: Invalid value for director_mail_servers setting master: Error: service(director): command startup failed, throttling for 2 secs
If the director_servers and direcotr_mail_servers are configured the same as our Director servers, there errors: dovecot: director: Fatal: director_servers doesn't list ourself dovecot: master: Error: service(director): command startup failed, throttling for 2 secs
Does any one know how to disable this director service? We don't need the director service on the backend.
Cheers,
Wesley
Am 17.04.2014 20:35, schrieb Wesley Huang:
Does anyone know how to disable the Director service. In our current running Dovecot 2.2.4, if the director configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with gives out fatal errors. We have dedicated Dovecot Director servers that serve the public frontend and separate dedicated imap/pop3 servers on the backend internal network. With the new version, Dovecot is always trying to start Director service and I couldn't find a way to stop Dovecot from giving out errors.
- When the entire Director configuration block is commented out, there errors:
dovecot: director: Fatal: No inet_listeners defined for director service (for standalone keep director_servers empty) dovecot: master: Error: service(director): command startup failed, throttling for 2 secs
you must have done something wrong, that below is a production "dobecont.conf" with no config-includes and such crap running as imap/pop3-proxy as well as postfix-auth-service and there is no single bit for director, that config runs at least 4 years unchanged, saw 2.2.12 also as it runs currently on 2.2.13 while the last real config cahnge was 1.x to 2.x
so what about post output of "dovecont -n" to help people helping you even do yourself a "dovecot -n | grep director"
# provided services protocols = imap pop3
# configure ssl ssl = yes ssl_cert = </etc/postfix/certs/localhost.pem ssl_key = </etc/postfix/certs/localhost.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2 ssl_prefer_server_ciphers = yes ssl_parameters_regenerate = 0
# configure imap-proxy service imap-login { inet_listener imap { address = **.**.**.** port = 143 } inet_listener imaps { address = **.**.**.** port = 993 } vsz_limit = 64M service_count = 1 process_min_avail = 0 process_limit = 100 }
# configure pop3-proxy service pop3-login { inet_listener pop3 { address = **.**.**.** port = 110 } inet_listener pop3s { address = **.**.**.** port = 995 } vsz_limit = 64M service_count = 1 process_min_avail = 0 process_limit = 100 }
# default settings imap_capability = IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE login_greeting = login_log_format_elements = %u %r %m %k mail_max_userip_connections = 100 auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN disable_plaintext_auth = no shutdown_clients = no version_ignore = yes
# Logging syslog_facility = mail
# authentication process auth_worker_max_count = 50 auth_cache_size = 1024 auth_cache_ttl = 600 auth_cache_negative_ttl = 600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
# debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no
# configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf }
# we are not using local users userdb { driver = static args = static uid=10000 gid=10000 home=/dev/null }
# configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
Hi Reindl,
There was no configuration on director side.
======================================== # doveconf -n | grep director # # doveconf -a ........................... director_doveadm_port = 0 director_mail_servers = director_servers = director_user_expire = 15 mins director_username_hash = %Lu ...........................
service director { chroot = . client_limit = 0 drop_priv_before_exec = no executable = director extra_groups = fifo_listener login/proxy-notify { group = mode = 00 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener director-admin { group = mode = 0600 user = } unix_listener login/director { group = mode = 00 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } ...........................
# tail -n 20 /var/log/mail.log | grep -i 'director\:' dovecot: director: Error: Empty server list dovecot: director: Fatal: Invalid value for director_mail_servers setting dovecot: director: Error: Empty server list dovecot: director: Fatal: Invalid value for director_mail_servers setting dovecot: director: Error: Empty server list dovecot: director: Fatal: Invalid value for director_mail_servers setting dovecot: director: Error: Empty server list dovecot: director: Fatal: Invalid value for director_mail_servers setting
========================================
That said, I think I've found a configuration combination that works: configure the "director_mail_servers = <IP address>" on the backend server with all other director config commented out. But this is more a hacking way.
Cheers,
Wesley
On 14-04-17 02:41 PM, Reindl Harald wrote:
Does anyone know how to disable the Director service. In our current running Dovecot 2.2.4, if the director configuration is commented out and Dovecot has no errors nor warnings. But the version 2.2.12 I'm testing with gives out fatal errors. We have dedicated Dovecot Director servers that serve the public frontend and separate dedicated imap/pop3 servers on the backend internal network. With the new version, Dovecot is always trying to start Director service and I couldn't find a way to stop Dovecot from giving out errors.
- When the entire Director configuration block is commented out, there errors:
dovecot: director: Fatal: No inet_listeners defined for director service (for standalone keep director_servers empty) dovecot: master: Error: service(director): command startup failed, throttling for 2 secs you must have done something wrong, that below is a production "dobecont.conf" with no config-includes and such crap running as imap/pop3-proxy as well as
Am 17.04.2014 20:35, schrieb Wesley Huang: postfix-auth-service and there is no single bit for director, that config runs at least 4 years unchanged, saw 2.2.12 also as it runs currently on 2.2.13 while the last real config cahnge was 1.x to 2.x
so what about post output of "dovecont -n" to help people helping you even do yourself a "dovecot -n | grep director"
# provided services protocols = imap pop3
# configure ssl ssl = yes ssl_cert = </etc/postfix/certs/localhost.pem ssl_key = </etc/postfix/certs/localhost.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2 ssl_prefer_server_ciphers = yes ssl_parameters_regenerate = 0
# configure imap-proxy service imap-login { inet_listener imap { address = **.**.**.** port = 143 } inet_listener imaps { address = **.**.**.** port = 993 } vsz_limit = 64M service_count = 1 process_min_avail = 0 process_limit = 100 }
# configure pop3-proxy service pop3-login { inet_listener pop3 { address = **.**.**.** port = 110 } inet_listener pop3s { address = **.**.**.** port = 995 } vsz_limit = 64M service_count = 1 process_min_avail = 0 process_limit = 100 }
# default settings imap_capability = IMAP4 IMAP4rev1 ACL RIGHTS=texk NAMESPACE CHILDREN SORT QUOTA THREAD=ORDEREDSUBJECT UNSELECT IDLE login_greeting = login_log_format_elements = %u %r %m %k mail_max_userip_connections = 100 auth_mechanisms = CRAM-MD5 DIGEST-MD5 SCRAM-SHA-1 APOP LOGIN PLAIN disable_plaintext_auth = no shutdown_clients = no version_ignore = yes
# Logging syslog_facility = mail
# authentication process auth_worker_max_count = 50 auth_cache_size = 1024 auth_cache_ttl = 600 auth_cache_negative_ttl = 600 auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@% auth_username_translation = %@AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz
# debug options auth_debug = no auth_debug_passwords = no auth_verbose = no mail_debug = no verbose_ssl = no
# configure proxy-database passdb { driver = sql args = /etc/dovecot/sql.conf }
# we are not using local users userdb { driver = static args = static uid=10000 gid=10000 home=/dev/null }
# configure backend for postfix sasl-auth service auth { unix_listener /var/spool/postfix/private/auth { mode = 0660 user = postfix group = postfix } }
participants (2)
-
Reindl Harald
-
Wesley Huang