Hi,
I'm migrating an existing dovecot (1. series) to new hardware. The new dovecot is a 2. series. I copied the old config and did a doveconf -n -c /etc/dovecot/dovecot.conf > dovecot-2.conf Then I moved the dovecot-2.conf to dovecot.conf and restarted dovecot. When Postfix tries to deliver a message I get this error :
2013-09-16 11:00:10 auth: Fatal: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755) 2013-09-16 11:00:10 master: Error: service(auth): command startup failed, throttling
I tried different things with /run/dovecot/auth-worker, but the error remains. I tried to chmod 777 the socket, I chown-ed to dovecot:dovecot, vmail:vmail.
What am I missing ? AFAIK the sql-tables are OK.
Thanks.
doveconf -n is this : # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.5.0-39-generic x86_64 Ubuntu 12.04.3 LTS auth_debug = yes auth_mechanisms = plain login auth_verbose = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no first_valid_uid = 499 info_log_path = /var/log/dovecot.debug last_valid_uid = 499 log_path = /var/log/dovecot log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_location = maildir:/var/vmail/%u managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } protocols = imap sieve service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } user = nobody } service imap-login { executable = /usr/lib/dovecot/imap-login inet_listener imap { address = * port = 143 } inet_listener imaps { address = * port = 993 } } service imap { executable = /usr/lib/dovecot/imap } service pop3-login { executable = /usr/lib/dovecot/pop3-login inet_listener pop3 { address = * port = 110 } } service pop3 { executable = /usr/lib/dovecot/pop3 } ssl_ca =
Op 16-09-13 11:28, Koenraad Lelong schreef:
Hi,
I'm migrating an existing dovecot (1. series) to new hardware. The new dovecot is a 2. series. I copied the old config and did a doveconf -n -c /etc/dovecot/dovecot.conf > dovecot-2.conf Then I moved the dovecot-2.conf to dovecot.conf and restarted dovecot. When Postfix tries to deliver a message I get this error :
2013-09-16 11:00:10 auth: Fatal: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755) 2013-09-16 11:00:10 master: Error: service(auth): command startup failed, throttling
I tried different things with /run/dovecot/auth-worker, but the error remains. I tried to chmod 777 the socket, I chown-ed to dovecot:dovecot, vmail:vmail.
What am I missing ? AFAIK the sql-tables are OK.
Hi,
I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong.
Any comments ?
Regards, Koenraad.
Op 16-09-13 11:48, Koenraad Lelong schreef:
Hi,
I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong.
Any comments ?
Regards, Koenraad.
Hi,
I'm sorry for the late reply but I'm not working full time on this migration.
Unfortunately, I now experienced and remembered the fact that the /run or /var/run directories are temporary directories, i.e. they are recreated on boot. Which means that the ownership is recreated on boot and in this case set to dovecot:root. Which means dovecot can't access the "file". I googled and found I needed a section : service auth-worker { # Auth worker process is run as root by default, so that it can access # /etc/shadow. If this isn't necessary, the user should be changed to # $default_internal_user. user = $default_internal_user } This does not work, also setting the user to dovecot gives the same result : 2013-09-23 09:28:08 auth: Fatal: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755) 2013-09-23 09:28:08 master: Error: service(auth): command startup failed, throttling
I'm stuck, can anyone please point me into the right direction ?
Thanks,
Koenraad Lelong
Am 23.09.2013 09:33, schrieb Koenraad Lelong:
Op 16-09-13 11:48, Koenraad Lelong schreef:
I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong.
I'm sorry for the late reply but I'm not working full time on this migration.
Unfortunately, I now experienced and remembered the fact that the /run or /var/run directories are temporary directories, i.e. they are recreated on boot. Which means that the ownership is recreated on boot and in this case set to dovecot:root. Which means dovecot can't access the "file"
sounds like a systemd distribution man tmpfiles.d
[root@srv-rhsoft:~]$ cat /etc/tmpfiles.d/dovecot.conf d /run/dovecot 0775 dovecot dovecot -
Op 23-09-13 10:22, Reindl Harald schreef:
Am 23.09.2013 09:33, schrieb Koenraad Lelong:
Op 16-09-13 11:48, Koenraad Lelong schreef:
I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong.
I'm sorry for the late reply but I'm not working full time on this migration.
Unfortunately, I now experienced and remembered the fact that the /run or /var/run directories are temporary directories, i.e. they are recreated on boot. Which means that the ownership is recreated on boot and in this case set to dovecot:root. Which means dovecot can't access the "file"
sounds like a systemd distribution man tmpfiles.d
[root@srv-rhsoft:~]$ cat /etc/tmpfiles.d/dovecot.conf d /run/dovecot 0775 dovecot dovecot -
Thanks for the reply.
I don't know if Ubuntu 12.04 is systemd based. I didn't find tmpfiles.d so I looked further. In dovecot.conf I finally found :
service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0660 user = postfix } unix_listener auth-master { group = vmail mode = 0660 user = vmail } user = nobody }
Notice that user=nobody. I commented that out, now it works.
Regards,
Koenraad Lelong
participants (2)
-
Koenraad Lelong
-
Reindl Harald