panic when doveadm sieve put between multiple hosts

Tyler Jachetta tjachetta at ltnglobal.com
Mon Jan 9 22:11:11 UTC 2017 

Dovecot version: 2.2.25 (7be1766)

I’m looking into an issue we’re having with a new setup. We have one fronted host with two backend hosts, and we’re attempting to use doveadm to allow us to administer sieve on the frontend and have it replicated to the backend hosts. 

When I attempt to use doveadm sieve put on the frontend host, i get the following on the frontend host:
frontend-machine $ cat /tmp/default.sieve | doveadm sieve put default
doveadm(root): Error: doveadm server disconnected before handshake: Connection reset by peer
doveadm(root): Error: 10.1.11.82:10993: Command sieve put failed for root: Connection reset by peer

when this happens, on the backend, I see this in /var/log/maillog:

Jan  9 17:00:35 was-imap1 dovecot: doveadm: Panic: epoll_ctl(add, 0) failed: Operation not permitted (fd doesn't support epoll - instead of '<file', try 'cat file|')
Jan  9 17:00:35 was-imap1 dovecot: doveadm: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x8d52e) [0x7f7a86ba952e] -> /usr/lib64/dovecot/libdovecot.so.0(+0x8d60e) [0x7f7a86ba960e] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f7a86b481b6] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_add+0x147) [0x7f7a86bbe067] -> /usr/lib64/dovecot/libdovecot.so.0(+0xa0311) [0x7f7a86bbc311] -> /usr/lib64/dovecot/libdovecot.so.0(io_add+0xd) [0x7f7a86bbc3bd] -> dovecot/doveadm-server(doveadm_mail_get_input+0xde) [0x7f7a875c53de] -> dovecot/doveadm-server(doveadm_mail_single_user+0x73) [0x7f7a875c5633] -> dovecot/doveadm-server(+0x2874d) [0x7f7a875c574d] -> dovecot/doveadm-server(doveadm_cmd_ver2_to_mail_cmd_wrapper+0x27d) [0x7f7a875c65fd] -> dovecot/doveadm-server(doveadm_cmd_run_ver2+0x50c) [0x7f7a875d492c] -> dovecot/doveadm-server(+0x3b223) [0x7f7a875d8223] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x4c) [0x7f7a86bbce8c] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0xff) [0x7f7a86bbe2ef] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0x25) [0x7f7a86bbcf15] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f7a86bbd0c8] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f7a86b4e613] -> dovecot/doveadm-server(main+0x186) [0x7f7a875b6276] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f7a8677bb15] -> dovecot/doveadm-server(+0x19321) [0x7f7a875b6321]
Jan  9 17:00:36 was-imap1 dovecot: doveadm: Fatal: master: service(doveadm): child 28542 killed with signal 6 (core dumped)

Now, if I log in to either of the backend hosts, I can run the sieve put command and it all works out fine, so it’s something in the communication between the frontend and backend. 

dovecot -n output for both a frontend and backend below

frontend-machine $ dovecot -n
# 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.15 (97b3da0)
# OS: Linux 3.10.0-327.18.2.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core)
auth_username_format = %Ln
director_mail_servers = 10.1.11.82 10.1.11.83
director_servers = 10.1.11.81
director_username_hash = %Ln
doveadm_port = 10993
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
mbox_write_locks = fcntl
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  args = proxy=y nopassword=y ssl=any-cert
  driver = static
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap pop3 lmtp sieve
service director {
  fifo_listener login/proxy-notify {
    mode = 0666
  }
  inet_listener {
    port = 1109
  }
  unix_listener director-userdb {
    mode = 0600
  }
  unix_listener login/director {
    mode = 0666
  }
}
service doveadm {
  inet_listener {
    port = 10993
  }
}
service imap-login {
  executable = imap-login director
}
service imap {
  process_limit = 250
}
service ipc {
  unix_listener ipc {
    user = dovecot
  }
}
service managesieve-login {
  executable = managesieve-login director
}
service pop3-login {
  executable = pop3-login director
}
ssl = required
ssl_ca = </etc/pki/CA/ca-cert-***.pem
ssl_cert = </etc/pki/tls/certs/dovecot.cert
ssl_client_ca_file = </etc/pki/CA/ca-cert-***.pem
ssl_key = </etc/pki/tls/private/dovecot.key
ssl_protocols = !SSLv2 !SSLv3
ssl_require_crl = no
userdb {
  driver = passwd
}
protocol doveadm {
  auth_socket_path = director-userdb
}
protocol sieve {
  passdb {
    args = proxy=y nopassword=y starttls=any-cert
    driver = static
    name =
  }
}
local 10.1.11.0/24 {
  doveadm_password =  # hidden, use -P to show it
}

backend-machine $ dovecot -n
# 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.15 (97b3da0)
# OS: Linux 3.10.0-327.18.2.el7.x86_64 x86_64 CentOS Linux release 7.2.1511 (Core)
auth_username_format = %Ln
default_vsz_limit = 2 G
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:~/Maildir
mail_plugins = " notify replication"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
mbox_write_locks = fcntl
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
  separator = /
}
passdb {
  driver = pam
}
plugin {
  mail_replica = tcp:10.1.11.82:10993
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap pop3 lmtp sieve
service aggregator {
  fifo_listener replication-notify-fifo {
    mode = 0666
  }
  unix_listener replication-notify {
    mode = 0666
  }
}
service doveadm {
  inet_listener {
    port = 10993
  }
}
service lmtp {
  inet_listener lmtp {
    port = 24
  }
}
service replicator {
  process_min_avail = 1
  unix_listener replicator-doveadm {
    mode = 0666
  }
}
ssl = required
ssl_ca = </etc/pki/CA/ca-cert-***.pem
ssl_cert = </etc/pki/tls/certs/dovecot.cert
ssl_client_ca_file = </etc/pki/CA/ca-cert-***.pem
ssl_key = </etc/pki/tls/private/dovecot.key
ssl_protocols = !SSLv2 !SSLv3
ssl_require_crl = no
userdb {
  driver = passwd
}
protocol lmtp {
  auth_username_format = %Ln
  info_log_path = /var/log/dovecot/lmtp.log
  mail_plugins = " notify replication sieve"
  postmaster_address = postmaster@***global.com
}
protocol sieve {
  passdb {
    args = proxy=y nopassword=y starttls=any-cert
    driver = static
    name =
  }
}
local 10.1.11.0/24 {
  doveadm_password =  # hidden, use -P to show it
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2235 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20170109/711cbfe0/attachment.p7s>

More information about the dovecot mailing list