I found an error in my log today...
Dec 17 12:03:30 bubba dovecot: imap(user1@amfes.com)<23017><VzQFnjx9WNAKO2EC>: Error: fts_solr: received invalid uid '0' Dec 17 12:04:44 bubba dovecot: imap(user2@amfes.com)<25004><FeHDSj19i2ysOCn7>: Fatal: master: service(imap): child 25004 killed with signal 11 (core dumps disabled - https://dovecot.org/bugreport.html#coredumps)
I've now enabled core dumps (I think) and restarted - if it comes back hopefully I can get a backtrace. But reading that fts_solr message, and some other comments, leads me to wonder - could this be caused by someone/thing trying to authenticate as root?
On that theory - I tried doing so via telnet - and received:
Dec 17 15:06:02 bubba dovecot: auth: Error: plain(ultradeitytypeperson@amfes.com,127.0.0.1,<4kQr0z99UMZ/AAAB>): user not found from any userdbs Dec 17 15:06:02 bubba dovecot: imap: Error: Authenticated user not found from userdb, auth lookup id=3522297857 (auth connected 1 msecs ago, handshake 0 msecs ago, request took 1 msecs, client-pid=29572 client-id=1)
I have root's email aliased to a valid user's email. I'm not sure how I'm able to authenticate as root - there isn't a root user defined in my LDAP database and that should be the only auth backend enabled for Dovecot. Or do I need to explicitly block local users from /etc/passwd on the server? The only auth databases shown in doveconf -n:
userdb { driver = prefetch } userdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { args = /usr/local/etc/dovecot/master-users driver = passwd-file master = yes } passdb { args = /usr/local/etc/dovecot/dovecot-ldap.conf.ext driver = ldap }
and "master-users" doesn't list root either.
-- Daniel
participants (1)
-
Daniel Miller