[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Daniel Parthey
daniel.parthey at informatik.tu-chemnitz.de
Sat Oct 6 18:53:53 EEST 2012
Hi Timo and list members,
Timo Sirainen wrote:
> On 1.8.2012, at 23.25, Daniel Parthey wrote:
>
> >> The error is still the same "config permission denied" shown above? I found that also from my server and added a debug patch, but it hasn't crashed yet. Could you try the attached patch and getting a gdb backtrace from the resulting core file? (Or at least the raw backtrace - getting a core file might be tricky.)
> >
> > Running command on a four host setup with mailbox+director instance each:
> > /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A
> >
> > dovecot: doveadm(username at example.org): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=501(vmail) egid=123(vmail) missing +r perm: /var/run/dovecot/auth-userdb, we're not in group 122(dovecot), dir owned by 0:0 mode=0755)
>
> Ah, so the original patch helped! This is a different error.
>
> > srw-rw---- 1 dovecot dovecot 0 2012-07-11 18:35 auth-userdb
>
> Simplest solution now would be to make this world-rw, see the auth-userdb socket configuration in http://wiki2.dovecot.org/LDA#Virtual_users
>
> But I guess this should also be fixed by doveadm-server. Although I don't think this should be happening by default anyway. Maybe this is also solved by the http://hg.dovecot.org/dovecot-2.1/rev/476381017ec7 patch?
I finally found time to update from 2.1.8 to 2.1.10 and change
service auth-user db socket to default mode of 0666.
Unfortunately, the issue is still not solved and I did not
manage to get a gdb backtrace, since it does not crash or assert.
Current configuration of both mailbox and director is attached.
The error "Permission denied" from the mailbox logs is gone,
but the director doveadm command:
/usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A
still throws the error message:
doveadm(username at example.org): Error: doveadm server failure
doveadm: Error: Failed to iterate through some users
Any idea what I could do in addition to making
/var/run/dovecot/auth-userdb world-rw?
Regards
Daniel
--
https://plus.google.com/103021802792276734820
-------------- next part --------------
# 2.1.10: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-43-server x86_64 Ubuntu 10.04.4 LTS
auth_cache_negative_ttl = 0
auth_cache_size = 10 M
auth_cache_ttl = 1 mins
auth_verbose = yes
auth_verbose_passwords = sha1
deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$
dict {
quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
doveadm_password = <password>
imapc_features = rfc822.size
imapc_host = local-mailbox
imapc_port = 18143
instance_name = dovecot-mailbox
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
login_greeting = Mailbox
login_log_format = mailbox: login: %$: %s
login_trusted_networks = 10.129.3.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "mailbox: mail: %s(%u): "
mail_plugins = quota stats
mail_privileged_group = vmail
mail_uid = vmail
managesieve_implementation_string = Sieve
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mdbox_rotate_interval = 1 weeks
mdbox_rotate_size = 50 M
mmap_disable = yes
passdb {
args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = dict:User quota::proxy::quota
quota_rule = *:storage=10G
quota_rule2 = Trash:storage=+100M
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
stats_refresh = 30 secs
stats_track_cmds = yes
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener auth-userdb {
group = dovecot
user = dovecot
}
}
service dict {
unix_listener dict {
group = vmail
mode = 0660
}
}
service doveadm {
inet_listener doveadm-server {
port = 19000
}
}
service imap-login {
inet_listener imap {
port = 19143
}
}
service imap-postlogin {
executable = script-login /usr/local/bin/dovecot-postlogin
user = $default_internal_user
}
service imap {
executable = imap imap-postlogin
}
service lmtp {
inet_listener lmtp {
address = *
port = 19024
}
}
service managesieve-login {
inet_listener sieve {
port = 19200
}
}
service pop3-login {
inet_listener pop3 {
port = 19110
}
}
service pop3-postlogin {
executable = script-login /usr/local/bin/dovecot-postlogin
user = $default_internal_user
}
service pop3 {
executable = pop3 pop3-postlogin
}
service quota-warning {
executable = script /usr/local/bin/quota-warning
extra_groups = dovecot
unix_listener quota-warning {
user = vmail
}
user = vmail
}
service stats {
fifo_listener stats-mail {
mode = 0600
user = vmail
}
}
ssl = no
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
driver = sql
}
verbose_proctitle = yes
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_plugins = quota stats imap_quota imap_stats
}
protocol lmtp {
mail_plugins = quota stats sieve
}
-------------- next part --------------
# 2.1.10: /etc/dovecot-director/dovecot-director.conf
# OS: Linux 2.6.32-43-server x86_64 Ubuntu 10.04.4 LTS
auth_verbose = yes
auth_verbose_passwords = sha1
base_dir = /var/run/dovecot-director
deliver_log_format = director: deliver: msgid=%m from=%f: %$
director_doveadm_port = 20000
director_mail_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190
director_servers = 10.129.3.193 10.129.3.192 10.129.3.191 10.129.3.190
director_user_expire = 2 days
disable_plaintext_auth = no
doveadm_password = <password>
doveadm_proxy_port = 19000
instance_name = dovecot-director
lmtp_proxy = yes
login_greeting = Mail Balancer
login_log_format = director: login: %$: %s
login_trusted_networks = 10.129.3.0/24
mail_debug = yes
mail_fsync = always
mail_gid = vmail
mail_home = /mail/dovecot/%d/%n
mail_location = mdbox:~/mail
mail_log_prefix = "director: mail: %s(%u): "
mail_max_userip_connections = 20
mail_privileged_group = vmail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
mmap_disable = yes
passdb {
args = /etc/dovecot-director/conf.d/dovecot-sql.conf.ext
driver = sql
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener auth-userdb {
user = dovecot
}
}
service director {
fifo_listener login/proxy-notify {
mode = 0666
}
inet_listener {
port = 9090
}
unix_listener director-userdb {
mode = 0600
}
unix_listener login/director {
mode = 0666
}
}
service doveadm {
executable = doveadm-server director
inet_listener doveadm-server {
port = 20000
}
}
service imap-login {
executable = imap-login director
inet_listener imap {
port = 20143
}
inet_listener imaps {
port = 20993
ssl = yes
}
}
service ipc {
unix_listener ipc {
user = dovecot
}
}
service lmtp {
inet_listener lmtp {
address = *
port = 20024
}
}
service managesieve-login {
executable = managesieve-login director
inet_listener sieve {
port = 20200
}
}
service pop3-login {
executable = pop3-login director
inet_listener pop3 {
port = 20110
}
inet_listener pop3s {
port = 20995
ssl = yes
}
}
ssl_cert = </etc/certs/wildcard.crt
ssl_key = </etc/certs/wildcard.key
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot-director/conf.d/dovecot-sql.conf.ext
driver = sql
}
verbose_proctitle = yes
protocol lmtp {
auth_socket_path = director-userdb
}
protocol sieve {
auth_socket_path = director-userdb
}
protocol doveadm {
auth_socket_path = director-userdb
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
}
More information about the dovecot
mailing list