Heiko Schlittermann (Do 25 Feb 2021 10:36:21 CET):

...

within a small timeframe returns a subset of the local users only (the say count(); I suppose the following would fix the issue: (not tested yet)

diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c index 70b9969f6..4682dc873 100644 --- a/src/auth/userdb-passwd.c +++ b/src/auth/userdb-passwd.c @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct userdb_iterate_context *_ctx) cur_userdb_iter_to = timeout_add(0, passwd_iterate_next_timeout, NULL); } + endpwent(); return ret; } -- Heiko

On 25/02/2021 13:06 Aki Tuomi wrote:

...

On 25/02/2021 11:41 Heiko Schlittermann wrote:

Heiko Schlittermann (Do 25 Feb 2021 10:36:21 CET):

...

...

within a small timeframe returns a subset of the local users only (the say count(); I suppose the following would fix the issue: (not tested yet)

diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c index 70b9969f6..4682dc873 100644 --- a/src/auth/userdb-passwd.c +++ b/src/auth/userdb-passwd.c @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct userdb_iterate_context *_ctx) cur_userdb_iter_to = timeout_add(0, passwd_iterate_next_timeout, NULL); } + endpwent(); return ret; }

-- Heiko

Hi!

We'll look into it, might be that we are missing endpwent() there indeed.

Aki

Tracking as DOP-2284. Aki

On 25/02/2021 13:17 Heiko Schlittermann wrote:

Aki Tuomi (Do 25 Feb 2021 12:06:43 CET):

...

...

diff --git a/src/auth/userdb-passwd.c b/src/auth/userdb-passwd.c index 70b9969f6..4682dc873 100644 --- a/src/auth/userdb-passwd.c +++ b/src/auth/userdb-passwd.c @@ -208,6 +208,7 @@ static int passwd_iterate_deinit(struct userdb_iterate_context *_ctx) cur_userdb_iter_to = timeout_add(0, passwd_iterate_next_timeout, NULL); } + endpwent(); return ret; }

-- Heiko

Hi! We'll look into it, might be that we are missing endpwent() there indeed.

I'm not sure about the semantics of setpwent()/endpwent(), mayb the nss plugin (here sssd) should gracefully handle a missing endwent() if it sees a new setpwent(). But I think, it can't harm to call endpwent() on the dovecot side.

I deployed a debian package with the above patch added onto my system, and it seems to work.

So, should I file a bug report against dovecot?

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann

You can consider it being filed. Aki