[Dovecot] Get rid of inotify in 2.1.15

Martin Rabl martin.rabl at rablnet.de
Tue Feb 19 13:23:08 EET 2013


Hi,

after update to Dovecot 2.1.5 (Ubuntu 12.04, dovecot from 
https://launchpad.net/~kokelnet/+archive/dovecot21) we are getting a 
huge ;-) bunch of log entries about " imap(USERNAME): Warning: Inotify 
instance limit for user 5000 (UID vmail)".

At last I did an
    echo 512 > /proc/sys/fs/inotify/max_user_instances

but the logentries did appear again after some minutes.

Maybe you have a hint for me? Thank you!

At the bottom my current configuration.


-- 
Greetings,

    Martin Rabl





# 2.1.15: /etc/dovecot/dovecot.conf
# OS: Linux 3.2.0-36-generic x86_64 Ubuntu 12.04.2 LTS
auth_anonymous_username = anonymous
auth_cache_negative_ttl = 1 hours
auth_cache_size = 0
auth_cache_ttl = 1 hours
auth_debug = no
auth_debug_passwords = no
auth_default_realm =
auth_failure_delay = 2 secs
auth_first_valid_uid = 500
auth_gssapi_hostname =
auth_krb5_keytab =
auth_last_valid_uid = 0
auth_master_user_separator = *
auth_mechanisms = plain login
auth_proxy_self =
auth_realms =
auth_socket_path = /var/run/dovecot/auth-userdb
auth_ssl_require_client_cert = no
auth_ssl_username_from_cert = no
auth_use_winbind = no
auth_username_chars = 
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
auth_username_format = %Lu
auth_username_translation =
auth_verbose = no
auth_verbose_passwords = no
auth_winbind_helper_path = /usr/bin/ntlm_auth
auth_worker_max_count = 30
base_dir = /var/run/dovecot
config_cache_size = 1 M
debug_log_path =
default_client_limit = 1000
default_idle_kill = 1 mins
default_internal_user = vmail
default_login_user = vmail
default_process_limit = 100
default_vsz_limit = 256 M
deliver_log_format = msgid=%m: %$
dict {
   acl = mysql:/etc/dovecot/dovecot-dict-acl-sql.conf.ext
}
dict_db_config =
director_doveadm_port = 0
director_mail_servers =
director_servers =
director_user_expire = 15 mins
director_username_hash = %u
disable_plaintext_auth = yes
dotlock_use_excl = yes
doveadm_allowed_commands =
doveadm_password =
doveadm_proxy_port = 0
doveadm_socket_path = doveadm-server
doveadm_worker_count = 0
dsync_alt_char = _
dsync_remote_cmd = ssh -l%{login} %{host} doveadm dsync-server -u%u 
-l%{lock_timeout} -n%{namespace}
first_valid_gid = 1
first_valid_uid = 500
hostname =
imap_capability =
imap_client_workarounds =
imap_id_log =
imap_id_send =
imap_idle_notify_interval = 2 mins
imap_logout_format = in=%i out=%o
imap_max_line_length = 64 k
imapc_features =
imapc_host =
imapc_list_prefix =
imapc_master_user =
imapc_max_idle_time = 29 mins
imapc_password =
imapc_port = 143
imapc_rawlog_dir =
imapc_ssl = no
imapc_ssl_ca_dir =
imapc_ssl_verify = yes
imapc_user = %u
import_environment = TZ
info_log_path =
instance_name = dovecot
last_valid_gid = 0
last_valid_uid = 0
lda_mailbox_autocreate = no
lda_mailbox_autosubscribe = no
lda_original_recipient_header =
libexec_dir = /usr/lib/dovecot
listen = *
lmtp_address_translate =
lmtp_proxy = no
lmtp_rcpt_check_quota = no
lmtp_save_to_detail_mailbox = no
lock_method = fcntl
log_path = syslog
log_timestamp = "%Y-%m-%d %H:%M:%S "
login_access_sockets =
login_greeting = Dovecot ready.
login_log_format = %$: %s
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
login_trusted_networks =
mail_access_groups = vmail
mail_attachment_dir =
mail_attachment_fs = sis posix
mail_attachment_hash = %{sha1}
mail_attachment_min_size = 128 k
mail_cache_fields = flags
mail_cache_min_mail_count = 0
mail_chroot =
mail_debug = no
mail_fsync = optimized
mail_full_filesystem_access = no
mail_gid =
mail_home =
mail_location = maildir:~/Maildir:INBOX=~/Maildir/INBOX:LAYOUT=fs
mail_log_prefix = "%s(%u): "
mail_max_keyword_length = 50
mail_max_lock_timeout = 0
mail_max_userip_connections = 10
mail_never_cache_fields = imap.envelope
mail_nfs_index = no
mail_nfs_storage = no
mail_plugin_dir = /usr/lib/dovecot/modules
mail_plugins =
mail_prefetch_count = 0
mail_privileged_group = vmail
mail_save_crlf = no
mail_shared_explicit_inbox = yes
mail_temp_dir = /tmp
mail_temp_scan_interval = 1 weeks
mail_uid = vmail
mailbox_idle_check_interval = 30 secs
mailbox_list_index = no
maildir_broken_filename_sizes = no
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no
maildir_very_dirty_syncs = no
managesieve_client_workarounds =
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_logout_format = bytes=%i/%o
managesieve_max_compile_errors = 5
managesieve_max_line_length = 65536
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave imapflags notify
master_user_separator =
mbox_dirty_syncs = yes
mbox_dotlock_change_timeout = 2 mins
mbox_lazy_writes = yes
mbox_lock_timeout = 5 mins
mbox_md5 = apop3d
mbox_min_index_size = 0
mbox_read_locks = fcntl
mbox_very_dirty_syncs = no
mbox_write_locks = dotlock fcntl
mdbox_preallocate_space = no
mdbox_rotate_interval = 0
mdbox_rotate_size = 2 M
mmap_disable = no
namespace {
   disabled = no
   hidden = no
   ignore_on_failure = no
   inbox = no
   list = yes
   location = 
maildir:%%Lh/Maildir/:INDEX=%%Lh/shared-idx/%%u:INBOX=%%Lh/Maildir/INBOX:LAYOUT=fs
   prefix = shared/%%u/
   separator = /
   subscriptions = no
   type = shared
}
namespace {
   disabled = no
   hidden = no
   ignore_on_failure = no
   inbox = no
   list = yes
   location = maildir:/srv/vmail/public:LAYOUT=fs
   prefix = public/
   separator = /
   subscriptions = no
   type = public
}
namespace inbox {
   disabled = no
   hidden = no
   ignore_on_failure = no
   inbox = yes
   list = yes
   location =
   mailbox Drafts {
     auto = no
     special_use = \Drafts
   }
   mailbox Junk {
     auto = no
     special_use = \Junk
   }
   mailbox Sent {
     auto = no
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     auto = no
     special_use = \Sent
   }
   mailbox Trash {
     auto = no
     special_use = \Trash
   }
   prefix =
   separator = /
   subscriptions = yes
   type = private
}
passdb {
   args = /etc/dovecot/passwd.masterusers
   default_fields =
   deny = no
   driver = passwd-file
   master = yes
   override_fields =
   pass = no
}
passdb {
   args = /etc/dovecot/dovecot-ldap.conf.ext
   default_fields =
   deny = no
   driver = ldap
   master = no
   override_fields =
   pass = no
}
passdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   default_fields =
   deny = no
   driver = sql
   master = no
   override_fields =
   pass = no
}
plugin {
   acl = vfile
   acl_shared_dict = proxy::acl
   autocreate = Trash
   autocreate2 = Spam
   autocreate3 = Sent
   autocreate4 = Drafts
   autosubscribe = Trash
   autosubscribe2 = Spam
   autosubscribe3 = Sent
   autosubscribe4 = Drafts
   autosubscribe5 = public/Files
   autosubscribe6 = public/Groupware
   autosubscribe7 = public/EXAMPLE
   sieve = ~/.dovecot.sieve
   sieve_after = /srv/vmail/sieve/after.sieve
   sieve_before = /srv/vmail/sieve/before.sieve
   sieve_dir = ~/sieve
   sieve_extensions = +notify +imapflags
   sieve_global_dir = /srv/vmail/sieve
   sieve_global_path = /srv/vmail/sieve/globalsieverc
}
pop3_client_workarounds =
pop3_enable_last = no
pop3_fast_size_lookups = no
pop3_lock_session = no
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
pop3_no_flag_updates = no
pop3_reuse_xuidl = no
pop3_save_uidl = no
pop3_uidl_duplicates = allow
pop3_uidl_format = %08Xu%08Xv
pop3c_host =
pop3c_master_user =
pop3c_password =
pop3c_port = 110
pop3c_rawlog_dir =
pop3c_ssl = no
pop3c_ssl_ca_dir =
pop3c_ssl_verify = yes
pop3c_user = %u
postmaster_address = postmaster at EXAMPLE.de
protocols = imap sieve
quota_full_tempfail = yes
recipient_delimiter = +
rejection_reason = Your message to <%t> was automatically rejected:%n%r
rejection_subject = Rejected: %s
replication_full_sync_interval = 12 hours
replication_max_conns = 10
replicator_host = replicator
replicator_port = 0
sendmail_path = /usr/sbin/sendmail
service aggregator {
   chroot = .
   client_limit = 0
   drop_priv_before_exec = no
   executable = aggregator
   extra_groups =
   fifo_listener replication-notify-fifo {
     group =
     mode = 0600
     user =
   }
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener replication-notify {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service anvil {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = anvil
   extra_groups =
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 1
   protocol =
   service_count = 0
   type = anvil
   unix_listener anvil-auth-penalty {
     group =
     mode = 0600
     user =
   }
   unix_listener anvil {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service auth-worker {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = auth -w
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 1
   type =
   unix_listener auth-worker {
     group =
     mode = 0600
     user = $default_internal_user
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service auth {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = auth
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener /var/spool/postfix/private/dovecot-auth {
     group = postfix
     mode = 0660
     user = postfix
   }
   unix_listener auth-client {
     group =
     mode = 0600
     user =
   }
   unix_listener auth-login {
     group =
     mode = 0600
     user = $default_internal_user
   }
   unix_listener auth-master {
     group = vmail
     mode = 0600
     user = vmail
   }
   unix_listener auth-userdb {
     group = vmail
     mode = 0600
     user = vmail
   }
   unix_listener login/login {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service config {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = config
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type = config
   unix_listener config {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service dict {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = dict
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener dict {
     group = vmail
     mode = 0660
     user = vmail
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service director {
   chroot = .
   client_limit = 0
   drop_priv_before_exec = no
   executable = director
   extra_groups =
   fifo_listener login/proxy-notify {
     group =
     mode = 00
     user =
   }
   group =
   idle_kill = 4294967295 secs
   inet_listener {
     address =
     port = 0
     ssl = no
   }
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener director-admin {
     group =
     mode = 0600
     user =
   }
   unix_listener director-userdb {
     group =
     mode = 0600
     user =
   }
   unix_listener login/director {
     group =
     mode = 00
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service dns_client {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = dns-client
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener dns-client {
     group =
     mode = 0666
     user =
   }
   unix_listener login/dns-client {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service doveadm {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = doveadm-server
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 1
   type =
   unix_listener doveadm-server {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service imap-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = imap-login
   extra_groups =
   group =
   idle_kill = 0
   inet_listener imap {
     address =
     port = 143
     ssl = no
   }
   inet_listener imaps {
     address =
     port = 993
     ssl = yes
   }
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = imap
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service imap {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = imap
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 2048
   process_min_avail = 0
   protocol = imap
   service_count = 1
   type =
   unix_listener login/imap {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service indexer-worker {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = indexer-worker
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 10
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener indexer-worker {
     group =
     mode = 0600
     user = $default_internal_user
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service indexer {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = indexer
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener indexer {
     group =
     mode = 0666
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service ipc {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = ipc
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener ipc {
     group =
     mode = 0600
     user =
   }
   unix_listener login/ipc-proxy {
     group =
     mode = 0600
     user = $default_login_user
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
service lmtp {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = lmtp
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = lmtp
   service_count = 0
   type =
   unix_listener lmtp {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service log {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = log
   extra_groups =
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type = log
   unix_listener log-errors {
     group =
     mode = 0600
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service managesieve-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = managesieve-login
   extra_groups =
   group =
   idle_kill = 0
   inet_listener sieve {
     address =
     port = 4190
     ssl = no
   }
   inet_listener sieve_deprecated {
     address =
     port = 2000
     ssl = no
   }
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = sieve
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service managesieve {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = managesieve
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = sieve
   service_count = 1
   type =
   unix_listener login/sieve {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service pop3-login {
   chroot = login
   client_limit = 0
   drop_priv_before_exec = no
   executable = pop3-login
   extra_groups =
   group =
   idle_kill = 0
   inet_listener pop3 {
     address =
     port = 110
     ssl = no
   }
   inet_listener pop3s {
     address =
     port = 995
     ssl = yes
   }
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type = login
   user = $default_login_user
   vsz_limit = 18446744073709551615 B
}
service pop3 {
   chroot =
   client_limit = 1
   drop_priv_before_exec = no
   executable = pop3
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 1024
   process_min_avail = 0
   protocol = pop3
   service_count = 1
   type =
   unix_listener login/pop3 {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service replicator {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = replicator
   extra_groups =
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener replicator {
     group =
     mode = 0600
     user = $default_internal_user
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service ssl-params {
   chroot =
   client_limit = 0
   drop_priv_before_exec = no
   executable = ssl-params
   extra_groups =
   group =
   idle_kill = 0
   privileged_group =
   process_limit = 0
   process_min_avail = 0
   protocol =
   service_count = 0
   type = startup
   unix_listener login/ssl-params {
     group =
     mode = 0666
     user =
   }
   user =
   vsz_limit = 18446744073709551615 B
}
service stats {
   chroot = empty
   client_limit = 0
   drop_priv_before_exec = no
   executable = stats
   extra_groups =
   fifo_listener stats-mail {
     group =
     mode = 0600
     user =
   }
   group =
   idle_kill = 4294967295 secs
   privileged_group =
   process_limit = 1
   process_min_avail = 0
   protocol =
   service_count = 0
   type =
   unix_listener stats {
     group =
     mode = 0600
     user =
   }
   user = $default_internal_user
   vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca = </etc/ssl/imap.EXAMPLE.de-20110527-20160525.pem
ssl_cert = </etc/ssl/imap.EXAMPLE.de-20110527-20160525.pem
ssl_cert_username_field = commonName
ssl_cipher_list = 
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_key = </etc/ssl/imap.EXAMPLE.de-20110527-20160525.pem
ssl_key_password =
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_require_crl = yes
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats_memory_limit = 16 M
stats_session_min_time = 15 mins
stats_user_min_time = 1 hours
submission_host =
syslog_facility = mail
userdb {
   args = /etc/dovecot/dovecot-sql.conf.ext
   default_fields =
   driver = sql
   override_fields =
}
valid_chroot_dirs =
verbose_proctitle = no
verbose_ssl = no
version_ignore = no
protocol imap {
   imap_client_workarounds = delay-newmail tb-lsub-flags tb-lsub-flags 
tb-extra-mailbox-sep
   mail_max_userip_connections = 10
   mail_plugins = acl imap_acl autocreate
}
protocol lda {
   deliver_log_format = msgid=%m: %$
   mail_plugins = sieve autocreate
   postmaster_address = postmaster at EXAMPLE.de
   quota_full_tempfail = yes
   rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol sieve {
   managesieve_notify_capability = mailto
   managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave imapflags
}



More information about the dovecot mailing list