Exclude userdb from iterate users

Ángel L. Mateo amateo at um.es
Thu Oct 25 13:59:43 EEST 2018 

	I'm trying to configure an iterate_filter returning an empty result. So 
I have configured:

iterate_filter = (objectClass=objectClassNoExiste)

	My question is, why I'm having this log in ldap?

Oct 25 12:46:41 canis30 slapd[25736]: conn=1192459 op=1 SRCH 
base="ou=Correo,ou=Groups,dc=Telematica" scope=2 deref=0 
filter="(?objectClass=objectClassNoExiste)"

	It is adding a question mark ("?" char) at the beginning of the search. 
The problem is that sometimes dovecot auth is crashing with:

Oct 25 12:57:13 myotisfa61 dovecot: auth-worker(24036): Debug: ldap: 
iterate: base=ou=Correo,ou=Groups,dc=Telematica scope=subtree 
filter=(objectClass=objectClassNoExiste) fields=uid
Oct 25 12:57:13 myotisfa61 dovecot: auth-worker(24036): Panic: file 
db-ldap.c: line 844 (db_ldap_result_unref): assertion failed: 
(res->refcount > 0)
Oct 25 12:57:13 myotisfa61 dovecot: auth-worker(24036): Error: Raw 
backtrace: /usr/lib/dovecot/libdovecot.so.0(+0x9cdc2) [0x7fc9f1225dc2] 
-> /usr/lib/dovecot/libdovecot.so.0(+0x9cead) [0x7fc9f1225ead] -> 
/usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7fc9f11b6761] -> 
/usr/lib/dovecot/modules/auth/libauthdb_ldap.so(+0x3928) 
[0x7fc9f0141928] -> 
/usr/lib/dovecot/modules/auth/libauthdb_ldap.so(+0x5bf4) 
[0x7fc9f0143bf4] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_call_io+0x52) [0x7fc9f123bca2] 
-> /usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run_internal+0x109) 
[0x7fc9f123d399] -> 
/usr/lib/dovecot/libdovecot.so.0(io_loop_handler_run+0x3c) 
[0x7fc9f123bd3c] -> /usr/lib/dovecot/libdovecot.so.0(io_loop_run+0x38) 
[0x7fc9f123bee8] -> 
/usr/lib/dovecot/libdovecot.so.0(master_service_run+0x13) 
[0x7fc9f11c1023] -> dovecot/auth(main+0x39c) [0x564e91363ecc] -> 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0) [0x7fc9f0795830] 
-> dovecot/auth(_start+0x29) [0x564e913640d9]
Oct 25 12:57:13 myotisfa61 dovecot: auth: Error: auth worker: Aborted 
LIST request for *: Worker process died unexpectedly
Oct 25 12:57:13 myotisfa61 dovecot: auth-worker(24036): Fatal: master: 
service(auth-worker): child 24036 killed with signal 6 (core dumps disabled)

	and I don't know if this could be related with this empty search.

El 25/10/18 a las 10:51, Ángel L. Mateo escribió:
> Hi,
> 
>      I have a system with various userdbs defined, mostly all of them 
> based on ldap (and a few passwd-files).
> 
>      I want one of my ldap userdbs not to be used in "doveadm user -A" 
> commands, that is to be excluded in iterate searchs. I have no 
> iterate_filter neither iterate_attrs configured in that userdb, but it 
> is still used.
> 
>      Is it possible? How?
> 

-- 
Angel L. Mateo Martínez
Sección de Telemática
Área de Tecnologías de la Información
y las Comunicaciones Aplicadas (ATICA)
http://www.um.es/atica
Tfo: 868889150
Fax: 868888337

More information about the dovecot mailing list