<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Nothing definitive. It's just that the socket expects certain
type of input, this is comparable of trying to configure postfix
to speak to imap-master socket. There is no reason why it should
work.<br>
</p>
<p>Aki<br>
</p>
<br>
<div class="moz-cite-prefix">On 26.03.2018 15:03, Vladimir Tiukhtin
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:65b5db21-2c21-31db-19e8-65e4e447949c@asergis.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<p>Hi</p>
<p>And why it is not working with that name? Do you have any
document describing "special" names? Thanks</p>
<p>Vladimir<br>
</p>
<br>
<div class="moz-cite-prefix">On 26/03/18 13:02, Aki Tuomi wrote:<br>
</div>
<blockquote type="cite"
cite="mid:1b7f180a-50e4-8ad7-b579-573ace4d26f3@dovecot.fi">
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8">
<p>Dovecot has some special socket names, auth-userdb is one of
those.</p>
<p>Aki<br>
</p>
<br>
<div class="moz-cite-prefix">On 26.03.2018 14:47, Vladimir
Tiukhtin wrote:<br>
</div>
<blockquote type="cite"
cite="mid:e85eaccc-c5bd-b8b3-6fba-a2e4458fcf60@asergis.com">
<p>Hi</p>
<p>What you have suggested works.</p>
<p>service auth {<br>
unix_listener /var/spool/postfix/private/auth {<br>
user = postfix<br>
group = postfix<br>
mode = 0600<br>
}<br>
}</p>
This works as well:<br>
<br>
service auth {<br>
unix_listener /var/run/dovecot/auth {<br>
owner = postfix<br>
group = postfix<br>
mode = 0600<br>
}<br>
}<br>
<br>
And this works as well:<br>
<br>
service auth {<br>
unix_listener /var/run/dovecot/auth-test-test {<br>
owner = postfix<br>
group = postfix<br>
mode = 0600<br>
}<br>
}<br>
<br>
And only when socket has name "auth-userdb"<br>
<br>
service auth {<br>
unix_listener auth-userdb {<br>
owner = postfix<br>
group = postfix<br>
mode = 0600<br>
}<br>
}<br>
<br>
it doesn't.<br>
<br>
When socket name is "auth-userdb" I can see in the log:<br>
<br>
Mar 26 11:43:59 mail-server postfix/smtpd[3648]: connect from
unknown[10.15.5.127]<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug:
Loading modules from directory: /usr/lib64/dovecot/auth<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Module
loaded: /usr/lib64/dovecot/auth/libdriver_mysql.so<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Module
loaded: /usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: Wrote
new auth token secret to
/var/run/dovecot//auth-token-secret.dat<br>
Mar 26 11:43:59 mail-server postfix/smtpd[3648]: fatal: no
SASL authentication mechanisms<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Debug: master
in: CPID 3648<br>
Mar 26 11:43:59 mail-server dovecot[3577]: auth: Error: BUG:
Unknown command in userdb socket: CPID?3648<br>
Mar 26 11:44:00 mail-server postfix/master[3644]: warning:
process /usr/libexec/postfix/smtpd pid 3648 exit status 1<br>
Mar 26 11:44:00 mail-server postfix/master[3644]: warning:
/usr/libexec/postfix/smtpd: bad command startup -- throttling<br>
<br>
Vladimir<br>
<br>
<div class="moz-cite-prefix">On 26/03/18 09:55, Aki Tuomi
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:094fd30c-57f4-9977-b1b5-5a8eaac797d4@dovecot.fi">
Ah i see.<br>
<br>
try this:<br>
<br>
dovecot.conf:<br>
<br>
service auth {<br>
unix_listener /var/spool/postfix/private/auth {<br>
owner = postfix<br>
group = postfix<br>
mode = 0600<br>
}<br>
}<br>
<br>
postfix.conf:<br>
<br>
smtpd_sasl_path = private/auth<br>
<br>
Aki<br>
<br>
<div class="moz-cite-prefix">On 26.03.2018 11:25, Vladimir
Tiukhtin wrote:<br>
</div>
<blockquote type="cite"
cite="mid:040acbc7-9949-f719-3f17-e14f2147cbea@asergis.com">
<p>Hello</p>
<p>Yes, please find my postfix config:</p>
<p>smtpd_sasl_type = dovecot<br>
#smtpd_sasl_path = /var/run/dovecot/auth<br>
smtpd_sasl_path = /var/run/dovecot/auth-userdb<br>
smtpd_sasl_auth_enable = yes<br>
smtpd_relay_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination<br>
</p>
<p>As I mentioned if I remove minus from socket name
everything works perfect. Thanks</p>
<p>Vladimir</p>
<br>
<div class="moz-cite-prefix">On 26/03/18 08:37, Aki Tuomi
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:16f52b0c-8d50-b46a-0cb7-4f6e949ed5f1@dovecot.fi">
<p>Did you tell postfix it's talking to dovecot?</p>
<p>Aki<br>
</p>
<br>
<div class="moz-cite-prefix">On 25.03.2018 20:29,
Vladimir Tiukhtin wrote:<br>
</div>
<blockquote type="cite"
cite="mid:020aa092-120f-43d0-e20c-c698539c35a8@asergis.com">
<p>Hi guys.</p>
<p>I am getting strange error:</p>
<p><br>
</p>
<p><font color="#ff0000">BUG: Unknown command in
userdb socket: CPID?2625</font></p>
<p><br>
</p>
<p>I am using service auth to authenticate users on
postfix.</p>
<p><b>My OS</b>:</p>
<p># cat /etc/os-release <br>
NAME="CentOS Linux"<br>
VERSION="7 (Core)"<br>
ID="centos"<br>
ID_LIKE="rhel fedora"<br>
VERSION_ID="7"<br>
PRETTY_NAME="CentOS Linux 7 (Core)"<br>
ANSI_COLOR="0;31"<br>
CPE_NAME="cpe:/o:centos:centos:7"<br>
HOME_URL=<a class="moz-txt-link-rfc2396E"
href="https://www.centos.org/"
moz-do-not-send="true">"https://www.centos.org/"</a><br>
BUG_REPORT_URL=<a class="moz-txt-link-rfc2396E"
href="https://bugs.centos.org/"
moz-do-not-send="true">"https://bugs.centos.org/"</a><br>
<br>
CENTOS_MANTISBT_PROJECT="CentOS-7"<br>
CENTOS_MANTISBT_PROJECT_VERSION="7"<br>
REDHAT_SUPPORT_PRODUCT="centos"<br>
REDHAT_SUPPORT_PRODUCT_VERSION="<br>
</p>
<p><b>My dovecot:</b></p>
<p># dovecot --version<br>
2.2.10<br>
</p>
<p><b>My config</b>:</p>
<p>service auth {<br>
unix_listener auth-userdb {<br>
mode = 0600<br>
user = postfix<br>
group = postfix<br>
}<br>
}</p>
<p><b>My Postfix:</b></p>
<p># rpm -qa | grep postf<br>
postfix-2.10.1-6.el7.x86_64<br>
</p>
<p><b>Log</b>:</p>
<p>Mar 25 16:52:33 mail-server postfix/smtpd[2625]:
connect from unknown[10.254.200.202]<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Debug: Loading modules from directory:
/usr/lib64/dovecot/auth<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_mysql.so<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Debug: Read auth token secret from
/var/run/dovecot//auth-token-secret.dat<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Debug: master in: CPID 2625<br>
Mar 25 16:52:33 mail-server dovecot[2621]: auth:
Error: BUG: Unknown command in userdb socket:
CPID?2625<br>
Mar 25 16:52:33 mail-server postfix/smtpd[2625]:
fatal: no SASL authentication mechanisms<br>
Mar 25 16:52:34 mail-server postfix/master[2424]:
warning: process /usr/libexec/postfix/smtpd pid 2625
exit status 1<br>
Mar 25 16:52:34 mail-server postfix/master[2424]:
warning: /usr/libexec/postfix/smtpd: bad command
startup -- throttling</p>
<p>The interesting thing is IF I am taking off "-"
(minus) from the socket name, everything works just
perfect! So if I change config to:<br>
<br>
</p>
<p>service auth {<br>
unix_listener blabla {<br>
mode = 0600<br>
user = postfix<br>
group = postfix<br>
}<br>
}</p>
<p>Mar 25 16:55:12 mail-server postfix/smtpd[2872]:
connect from unknown[10.254.200.202]<br>
Mar 25 16:55:12 mail-server dovecot[2786]: auth:
Debug: Loading modules from directory:
/usr/lib64/dovecot/auth<br>
Mar 25 16:55:12 mail-server dovecot[2786]: auth:
Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_mysql.so<br>
Mar 25 16:55:12 mail-server dovecot[2786]: auth:
Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
Mar 25 16:55:12 mail-server dovecot[2786]: auth:
Debug: Read auth token secret from
/var/run/dovecot//auth-token-secret.dat<br>
Mar 25 16:55:12 mail-server dovecot[2786]: auth:
Debug: auth client connected (pid=0)<br>
Mar 25 16:55:13 mail-server dovecot[2786]: auth:
Debug: client in: AUTH 1 PLAIN
service=smtp nologin
lip=192.168.101.24 rip=10.254.200.202
secured resp=<hidden><br>
Mar 25 16:55:13 mail-server dovecot[2786]: auth:
Debug: cache(<a class="moz-txt-link-abbreviated"
href="mailto:admin@asergis.com,10.254.200.202"
moz-do-not-send="true">admin@asergis.com,10.254.200.202</a>):
miss<br>
Mar 25 16:55:13 mail-server dovecot[2786]:
auth-worker(2878): Debug: Loading modules from
directory: /usr/lib64/dovecot/auth<br>
Mar 25 16:55:13 mail-server dovecot[2786]:
auth-worker(2878): Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_mysql.so<br>
Mar 25 16:55:13 mail-server dovecot[2786]:
auth-worker(2878): Debug: Module loaded:
/usr/lib64/dovecot/auth/libdriver_sqlite.so<br>
Mar 25 16:55:13 mail-server dovecot[2786]:
auth-worker(2878): Debug: sql(<a
class="moz-txt-link-abbreviated"
href="mailto:admin@asergis.com,10.254.200.202"
moz-do-not-send="true">admin@asergis.com,10.254.200.202</a>):
query: SELECT userid AS username, domain, password
FROM users WHERE userid = 'admin' AND domain =
'asergis.com'<br>
Mar 25 16:55:13 mail-server dovecot[2786]: auth:
Debug: client passdb out: OK 1 <a
class="moz-txt-link-abbreviated"
href="mailto:user=admin@asergis.com"
moz-do-not-send="true">user=admin@asergis.com</a><br>
Mar 25 16:55:13 mail-server postfix/smtpd[2872]:
5C63030208: client=unknown[10.254.200.202],
sasl_method=PLAIN, <a
class="moz-txt-link-abbreviated"
href="mailto:sasl_username=admin@asergis.com"
moz-do-not-send="true">sasl_username=admin@asergis.com</a><br>
Mar 25 16:55:13 mail-server postfix/cleanup[2881]:
5C63030208: message-id=<a
class="moz-txt-link-rfc2396E"
href="mailto:d7706aa7-a2ad-6890-5590-e6f83b5ec3af@asergis.com"
moz-do-not-send="true"><d7706aa7-a2ad-6890-5590-e6f83b5ec3af@asergis.com></a><br>
Mar 25 16:55:13 mail-server postfix/qmgr[2870]:
5C63030208: from=<a class="moz-txt-link-rfc2396E"
href="mailto:admin@asergis.com"
moz-do-not-send="true"><admin@asergis.com></a>,
size=622, nrcpt=1 (queue active)</p>
<p><br>
</p>
<p>P.s. I don't mind to use socket without minus on
its name. But this looks really strange. Thanks. You
are awesome<br>
</p>
<p><br>
</p>
<p>Vladimir<br>
</p>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>