[Dovecot] TCP Cluster replication headache

FUSTE Emmanuel emmanuel.fuste at thalesgroup.com
Wed May 7 15:38:41 UTC 2014 

Hello,

After going crazy building a dovecot cluster, I finally see the light ;-))
But some things are "strange" and could probably be fixed/enhanced.

First :
I follow the wiki doc, setting global doveadm_port.
Things did not work, I've got:

dovecot: doveadm(X1234567): Error: sync: /var/run/dovecot/auth-userdb: Configured passdbs don't support crentials lookups (to see if user is proxied, because doveadm_port is set)

Same kind of error too when trying to use doveadm on the command line to 
get the replica status.
My user/auth db is LDAP with "auth_bind = yes", but I don't understand 
the message in these context and did'nt know how to fix this.
I tried to hardcode proxy/proxy_maybe property in the passdb declaration 
etc...
Finally, I remove the global "doveadm_port 12345" and add ":12345" at 
the end of my "mail_replica =" line and all began to work !
Is it a wanted and expected error/fix ?

Secondly:
Now all is working and "doveadm replicator status '*' " correctly list 
all my users and the status, but after a few seconds (after replication 
kick in), I see all user listed twice.
One time, as declared in the userdb with letters in uppercase  : "X1234567"
One time, in lowercase : "x1234567"
On disk, all is OK, with only one replica in an uppercase directory.
I initially think that it was a mismatch between userdb and passdb users 
return, but it was in fact the default value of auth_username_format 
that was the culprit. After going from the default %Lu to %u doveadm 
replicator status show only one entry per user as expected.
Is it wanted and expected too? why auth_username_format is used/interact 
with/in the replication process and/or the replicator status command ?

Not all is functionally tested, I go back to work.
My is conf at the end of this message.

Thanks Simo for this great piece of software.

Emmanuel

# 2.2.12.7 (f7731356530e+): /etc/dovecot/dovecot.conf
# OS: Linux 3.11.0-19-generic x86_64 Ubuntu 12.04.4 LTS
auth_master_user_separator = *
auth_username_format = %u
doveadm_password = xxxxxxxxxxx
lda_mailbox_autocreate = yes
listen = *
mail_gid = vmail
mail_location = maildir:~/Maildir
mail_plugins = quota notify replication
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
namespace {
   hidden = no
   inbox = yes
   list = yes
   location =
   prefix =
   separator = /
   subscriptions = yes
   type = private
}
namespace {
   hidden = no
   inbox = no
   list = children
   location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
   prefix = shared/%%u/
   separator = /
   subscriptions = no
   type = shared
}
passdb {
   args = /etc/dovecot/dovecot-ldap.conf.ext
   driver = ldap
}
plugin {
   acl = vfile
   acl_anyone = allow

   acl_shared_dict =file:/appli/vmail/shared-mailboxes
   mail_replica = tcp:thsmytmbx02p.online.corp.thales:12345
   quota = dict:userquota::file:/appli/vmail/local_userquota/%%h/dovecot-quota
   quota_rule = *:storage=100M
   quota_rule2 = INBOX:storage=+20%%
   quota_rule3 = Trash:storage=+10%%
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = imap sieve
service aggregator {
   fifo_listener replication-notify-fifo {
     user = vmail
   }
   unix_listener replication-notify {
     user = vmail
   }
}
service auth {
   unix_listener auth-userdb {
     group = vmail
     mode = 0660
   }
}
service doveadm {
   inet_listener {
     port = 12345
   }
   user = vmail
}
service replicator {
   process_min_avail = 1
   unix_listener replicator-doveadm {
     mode = 0666
   }
}
ssl = no
userdb {
   args = /etc/dovecot/dovecot-users-ldap.conf.ext
   driver = ldap
}
protocol lda {
   mail_plugins = quota sieve
}
protocol imap {
   mail_plugins = quota imap_quota
}



dovecot-users-ldap.conf.ext:
dovecot-ldap.conf.ext:

uris = ldapi:///
dn = uid=dovecot,dc=mydomain,dc=com
dnpass = xxxxxxxxxxxx
auth_bind = yes
ldap_version = 3
base = ou=users,dc=mydomain,dc=com
user_attrs = =home=/appli/vmail/%{ldap:uid}
user_filter = (&(objectClass=inetOrgPerson)(|(uid=%u)(mail=%u)))
pass_attrs = =user=%{ldap:uid}
pass_filter = (&(objectClass=inetOrgPerson)(uid=%u)(!(pwdReset=TRUE)))
iterate_attrs = uid=user
iterate_filter = (objectClass=inetOrgPerson)

More information about the dovecot mailing list