[Dovecot] Testing 2.0b3 - problem with pop3
I am testing the version on FreeBSD 7.3-PRELEASE (I doubt it's the issue) and I am having a problem with pop3. Here is what I see in the log when I attempt to connect to port 110:
Feb 22 18:15:03 master: Warning: SIGHUP received - reloading configuration Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216 (login_settings_read): assertion failed: (input.roots[count] == NULL) Feb 22 18:15:08 master: Error: service(pop3-login): child 70115 killed with signal 6 (core dumped) Feb 22 18:15:08 master: Error: service(pop3-login): command startup failed, throttling
And the output of doveconf can be seen at http://62.8.64.102/~wash/2.0b3.txt
I've basically made my best effort to reflect the settings I had on 2.0b1 into this version.
What could the problem be?
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223
"If you have nothing good to say about someone, just shut up!." -- Lucky Dube
Odhiambo Washington wrote:
I am testing the version on FreeBSD 7.3-PRELEASE (I doubt it's the issue) and I am having a problem with pop3. Here is what I see in the log when I attempt to connect to port 110:
Feb 22 18:15:03 master: Warning: SIGHUP received - reloading configuration Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216 (login_settings_read): assertion failed: (input.roots[count] == NULL) Feb 22 18:15:08 master: Error: service(pop3-login): child 70115 killed with signal 6 (core dumped) Feb 22 18:15:08 master: Error: service(pop3-login): command startup failed, throttling
I see the same thing with pop3 and a different but apparently related symptom with imap. See <http://dovecot.org/pipermail/dovecot/2010-February/046989.html>
I don't have an answer though :(
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On 2010-02-22 10:30 AM, Odhiambo Washington wrote:
And the output of doveconf can be seen at http://62.8.64.102/~wash/2.0b3.txt
Please don't do that, just paste them inline...
--
Best regards,
Charles
On Mon, Feb 22, 2010 at 6:39 PM, Charles Marcus <CMarcus@media-brokers.com>wrote:
On 2010-02-22 10:30 AM, Odhiambo Washington wrote:
And the output of doveconf can be seen at http://62.8.64.102/~wash/2.0b3.txt
Please don't do that, just paste them inline...
Sorry. Here goes..
# 2.0.beta3: /opt/dovecot2/etc/dovecot/dovecot.conf # OS: FreeBSD 7.3-PRERELEASE i386 ufs auth_anonymous_username = anonymous auth_cache_negative_ttl = 86400 s auth_cache_size = 10485760 auth_cache_ttl = 3600 s auth_debug = no auth_debug_passwords = no auth_default_realm = auth_failure_delay = 2 s auth_gssapi_hostname = auth_krb5_keytab = auth_master_user_separator = auth_mechanisms = plain auth_realms = auth_socket_path = /opt/dovecot2/var/run/auth-userdb auth_ssl_require_client_cert = no auth_ssl_username_from_cert = no auth_use_winbind = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = auth_username_translation = auth_verbose = yes auth_verbose_passwords = no auth_winbind_helper_path = /usr/bin/ntlm_auth auth_worker_max_count = 30 base_dir = /opt/dovecot2/var/run/ config_cache_size = 1048576 debug_log_path = default_client_limit = 1000 default_internal_user = dovecot default_login_user = dovecot default_process_limit = 100 default_vsz_limit = 268435456 deliver_log_format = msgid=%m: %$ dict_db_config = disable_plaintext_auth = no dotlock_use_excl = no first_valid_gid = 26 first_valid_uid = 26 fsync_disable = no hostname = imap_capability = imap_client_workarounds = imap_id_log = imap_id_send = imap_idle_notify_interval = 120 s imap_logout_format = bytes=%i/%o imap_max_line_length = 65536 info_log_path = last_valid_gid = 0 last_valid_uid = 0 lda_mailbox_autocreate = no lda_mailbox_autosubscribe = no libexec_dir = /opt/dovecot2/libexec/dovecot listen = *, :: lmtp_proxy = no lock_method = fcntl log_path = /opt/dovecot2/var/log/dovecot.log log_timestamp = %b %d %H:%M:%S login_access_sockets = login_greeting = Dovecot-2.0 ready. login_log_format = %$: %s login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c login_trusted_networks = mail_access_groups = mailnull mail_cache_fields = flags mail_cache_min_mail_count = 0 mail_chroot = mail_debug = no mail_full_filesystem_access = no mail_gid = mail_home = mail_location = maildir:/var/spool/virtual/%d/%n/Maildir mail_log_prefix = %s(%u): mail_max_keyword_length = 50 mail_max_userip_connections = 10 mail_never_cache_fields = imap.envelope mail_nfs_index = no mail_nfs_storage = no mail_plugin_dir = /opt/dovecot2/lib/dovecot mail_plugins = mail_privileged_group = mailnull mail_save_crlf = no mail_uid = mailbox_idle_check_interval = 30 s mailbox_list_index_disable = no maildir_copy_with_hardlinks = yes maildir_stat_dirs = no maildir_very_dirty_syncs = no mbox_dirty_syncs = yes mbox_dotlock_change_timeout = 120 s mbox_lazy_writes = yes mbox_lock_timeout = 300 s mbox_min_index_size = 0 mbox_read_locks = fcntl mbox_very_dirty_syncs = no mbox_write_locks = dotlock fcntl mdbox_altmove = 604800 s mdbox_max_open_files = 64 mdbox_rotate_interval = 0 s mdbox_rotate_size = 2097152 mmap_disable = no passdb { args = /opt/dovecot2/etc/dovecot/dovecot-sql.conf deny = no driver = sql master = no pass = no } pop3_client_workarounds = pop3_enable_last = no pop3_lock_session = no pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_no_flag_updates = no pop3_reuse_xuidl = no pop3_save_uidl = no pop3_uidl_format = %08Xu%08Xv postmaster_address = postmaster@thisuglytest.name protocols = imap pop3 lmtp quota_full_tempfail = no recipient_delimiter = + rejection_reason = Your message to <%t> was automatically rejected:%n%r rejection_subject = Rejected: %s sendmail_path = /usr/sbin/sendmail service tcpwrap { chroot = client_limit = 1 drop_priv_before_exec = no executable = tcpwrap extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = user = $default_internal_user vsz_limit = 4294967295 } service ssl-params { chroot = client_limit = 0 drop_priv_before_exec = no executable = ssl-params extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener login/ssl-params { group = mode = 0666 user = } user = vsz_limit = 4294967295 } service config { chroot = client_limit = 0 drop_priv_before_exec = no executable = config extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = config unix_listener config { group = mode = 0600 user = } user = vsz_limit = 4294967295 } service auth { chroot = client_limit = 0 drop_priv_before_exec = no executable = auth extra_groups = group = privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener login/auth { group = mode = 0666 user = } unix_listener auth-userdb { group = mode = 0600 user = } unix_listener auth-master { group = mode = 0600 user = } user = vsz_limit = 4294967295 } service auth-worker { chroot = client_limit = 1 drop_priv_before_exec = no executable = auth -w extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener auth-worker { group = mode = 0600 user = } user = vsz_limit = 4294967295 } service anvil { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = anvil extra_groups = group = privileged_group = process_limit = 1 process_min_avail = 1 protocol = service_count = 0 type = anvil unix_listener anvil { group = mode = 0600 user = } unix_listener anvil-auth-penalty { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 4294967295 } service pop3 { chroot = client_limit = 0 drop_priv_before_exec = no executable = pop3 extra_groups = group = privileged_group = process_limit = 1024 process_min_avail = 0 protocol = pop3 service_count = 1 type = unix_listener login/pop3 { group = mode = 0666 user = } user = vsz_limit = 4294967295 } service pop3-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = pop3-login extra_groups = group = inet_listener pop3 { address = port = 110 ssl = no } inet_listener pop3s { address = port = 995 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = pop3 service_count = 1 type = login user = $default_login_user vsz_limit = 64 } service log { chroot = client_limit = 0 drop_priv_before_exec = no executable = log extra_groups = group = privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = log user = vsz_limit = 4294967295 } service lmtp { chroot = client_limit = 0 drop_priv_before_exec = no executable = lmtp extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = lmtp service_count = 0 type = unix_listener lmtp { group = mode = 0666 user = } user = vsz_limit = 0 } service imap { chroot = client_limit = 0 drop_priv_before_exec = no executable = imap extra_groups = group = privileged_group = process_limit = 1024 process_min_avail = 0 protocol = imap service_count = 1 type = unix_listener login/imap { group = mode = 0666 user = } user = vsz_limit = 4294967295 } service imap-login { chroot = login client_limit = 0 drop_priv_before_exec = no executable = imap-login extra_groups = group = inet_listener imap { address = port = 143 ssl = no } inet_listener imaps { address = port = 993 ssl = yes } privileged_group = process_limit = 0 process_min_avail = 0 protocol = imap service_count = 1 type = login user = $default_login_user vsz_limit = 64 } service dns_client { chroot = client_limit = 1 drop_priv_before_exec = no executable = dns-client extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dns-client { group = mode = 0666 user = } unix_listener login/dns-client { group = mode = 0666 user = } user = $default_internal_user vsz_limit = 4294967295 } service dict { chroot = client_limit = 0 drop_priv_before_exec = no executable = dict extra_groups = group = privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 0 type = unix_listener dict { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 4294967295 } shutdown_clients = yes ssl = yes ssl_ca = ssl_cert = </etc/ssl/dovecot/cert.pem ssl_cert_username_field = commonName ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_key = </etc/ssl/dovecot/key.pem ssl_key_password = ssl_parameters_file = ssl-parameters.dat ssl_parameters_regenerate = 168 ssl_require_client_cert = no ssl_username_from_cert = no ssl_verify_client_cert = no syslog_facility = mail userdb { args = /opt/dovecot2/etc/dovecot/dovecot-sql.conf driver = sql } valid_chroot_dirs = verbose_auth = no verbose_proctitle = no verbose_ssl = no version_ignore = no
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223
"If you have nothing good to say about someone, just shut up!." -- Lucky Dube
On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216 (login_settings_read): assertion failed: (input.roots[count] == NULL)
Looks like beta3 was a pretty horrible release. Fixed this bug too: http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb
Also dsync was crashing at startup. I think I'll do beta4 in a few days in case there are other bad bugs.
Timo Sirainen wrote:
On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216 (login_settings_read): assertion failed: (input.roots[count] =3D=3D NULL)
Looks like beta3 was a pretty horrible release. Fixed this bug too: http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb
It looks like that will fix the pop3 assertion panic, but I think I will still have issues with imap login with messages like
Feb 21 10:51:47 sbh16 dovecot: imap-login: Fatal: Can't load ssl_cert: There is no certificate.
Feb 21 10:51:47 sbh16 dovecot: master: service(imap-login): command startup failed, throttling
See <http://dovecot.org/pipermail/dovecot/2010-February/046989.html> for more detail on this.
I have
ssl_cert = /etc/postfix/sbh16-cert.pem ssl_key = /etc/postfix/sbh16-key.pem
and these are the same files that work with dovecot 1.2.10
I have also tried
ssl_cert = </etc/postfix/sbh16-cert.pem ssl_key = </etc/postfix/sbh16-key.pem
and I'm sure it didn't work, but it is possible I was confused by the pop3 assertion panic.
Also dsync was crashing at startup. I think I'll do beta4 in a few days in case there are other bad bugs.
I'll probably wait for beta4 before trying again.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
On Mon, Feb 22, 2010 at 6:55 PM, Timo Sirainen <tss@iki.fi> wrote:
On Mon, 2010-02-22 at 18:30 +0300, Odhiambo Washington wrote:
Feb 22 18:15:08 pop3-login: Panic: file login-settings.c: line 216 (login_settings_read): assertion failed: (input.roots[count] == NULL)
Looks like beta3 was a pretty horrible release. Fixed this bug too: http://hg.dovecot.org/dovecot-2.0/rev/32d6dd7ce7cb
Also dsync was crashing at startup. I think I'll do beta4 in a few days in case there are other bad bugs.
Now it starts normally, at least, but funnily, the auth mechanisms I am using in beta1 don't work with the same db in beta3. Unless I missed something, the following is what I get:
Feb 22 19:29:48 auth: Error: md5_verify(user@domain.tld): Not a valid MD5-CRYPT or PLAIN-MD5 password
Is there some inconsistency in my configuration I pasted earlier?
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223
"If you have nothing good to say about someone, just shut up!." -- Lucky Dube
On Mon, 2010-02-22 at 19:32 +0300, Odhiambo Washington wrote:
Now it starts normally, at least, but funnily, the auth mechanisms I am using in beta1 don't work with the same db in beta3. Unless I missed something, the following is what I get:
Feb 22 19:29:48 auth: Error: md5_verify(user@domain.tld): Not a valid MD5-CRYPT or PLAIN-MD5 password
What does it log with auth_debug_passwords=yes? I guess it's possible I broke something, but .. I don't think I really touched that part of the code..
BTW. doveconf -n output is better than the full output, no point in printing defaults.
Zitiere Timo Sirainen <tss@iki.fi>:
On Mon, 2010-02-22 at 19:32 +0300, Odhiambo Washington wrote:
Now it starts normally, at least, but funnily, the auth mechanisms I am using in beta1 don't work with the same db in beta3. Unless I missed something, the following is what I get:
Feb 22 19:29:48 auth: Error: md5_verify(user@domain.tld): Not a valid MD5-CRYPT or PLAIN-MD5 password
What does it log with auth_debug_passwords=yes? I guess it's possible I broke something, but .. I don't think I really touched that part of the code..
We've got the same problem with 2.0b4. The debug output with
auth_debug_passwords=yes is:
Apr 07 11:38:45 auth: Info: passwd(user1,10.1.1.99): Password mismatch Apr 07 11:38:45 auth: Debug: passwd(user1,10.1.1.99): CRYPT(password1) != 'x'
the config line for auth:
auth_mechanisms = login plain
is there any solution yet?
regards Arnold
BTW. doveconf -n output is better than the full output, no point in printing defaults.
On Wed, Apr 07, 2010 at 12:25:48PM +0200, Arnold Jäger wrote:
Apr 07 11:38:45 auth: Info: passwd(user1,10.1.1.99): Password mismatch Apr 07 11:38:45 auth: Debug: passwd(user1,10.1.1.99): CRYPT(password1) != 'x'
At a guess, it looks like it's trying to match against the password field in /etc/passwd (where the password field just contains 'x') instead of /etc/shadow (where the real crypted password lives)
What's your config?
Zitiere Brian Candler <B.Candler@pobox.com>:
On Wed, Apr 07, 2010 at 12:25:48PM +0200, Arnold Jäger wrote:
Apr 07 11:38:45 auth: Info: passwd(user1,10.1.1.99): Password mismatch Apr 07 11:38:45 auth: Debug: passwd(user1,10.1.1.99):
CRYPT(password1) != 'x'At a guess, it looks like it's trying to match against the password field in /etc/passwd (where the password field just contains 'x') instead of /etc/shadow (where the real crypted password lives)
uuuuh - yes, you're right. Shame on us.
driver should be shadow (not passwd).
regards Arnold
What's your config?
participants (7)
-
Arnold Jäger
-
Arnold Jäger
-
Brian Candler
-
Charles Marcus
-
Mark Sapiro
-
Odhiambo Washington
-
Timo Sirainen