<div dir="auto">You can setup the nfs users with NIS over idmapd. Then setup the dovecot server with NIS logins, so the the user login from any server over nis will get uid, gid, userhome etc, It mean it can read the nis users passwd and shadow. </div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 10 Sep, 2021, 2:49 pm Bernhard M. Wiedemann, <<a href="mailto:bwiedemann@suse.de">bwiedemann@suse.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
I am one of the people taking over our new <a href="http://suse.de" rel="noreferrer noreferrer" target="_blank">suse.de</a> email setup<br>
(consisting of dovecot+rspamd+postfix)<br>
and wanted to report some issues we experience:<br>
<br>
<br>
1.<br>
we use dovecot-director to distribute users between 2 backend servers<br>
that share an NFS mount.<br>
We found that it proxies lmtp to a different backend than imap of the<br>
same user and that caused NFS stale-filehandle errors on the<br>
dovecot-uidlist.<br>
It then proceeds to re-generate the dovecot-uidlist with new UIDs that<br>
creates trouble for users.<br>
<br>
a) shouldn't dovecot use locks (fcntl or flock) to protect such files<br>
from concurrent updates?<br>
<br>
b) could it generate uidlist in a way that re-generating it, assigns the<br>
same UIDs again? E.g. via hash over file content<br>
<br>
c) how to get dovecot-director to send all traffic for a user to one<br>
backend?<br>
<br>
<br>
2.<br>
We have 2 backends so that we can do maintenance on one of them while<br>
users can still access their emails through the other backend.<br>
However, we found that stopping dovecot on one backend left users unable<br>
to access their mails.<br>
Maybe this is related to how user auth works?<br>
How to get this HA setup right, so that we don't have a single point of<br>
failure?<br>
<br>
<br>
grep PRETTY /etc/os-release<br>
PRETTY_NAME="SUSE Linux Enterprise Server 15 SP3"<br>
<br>
rpm -q dovecot23<br>
dovecot23-2.3.15<br>
<br>
<a href="https://www.zq1.de/~bernhard/temp/dovecot/" rel="noreferrer noreferrer" target="_blank">https://www.zq1.de/~bernhard/temp/dovecot/</a> has some sysreports.<br>
<br>
Ciao<br>
Bernhard M.<br>
</blockquote></div>