> On Dec 6, 2014, at 8:36 AM, Jaldhar H. Vyas <jald...@debian.org> wrote: > > On Sat, 6 Dec 2014, Tony Mantler wrote: > >> >> I just tried upgrading from -7 to -8. I got a UCF dialog asking if I wanted >> to overwrite my ssl config file with one that has ssl turned off, and I >> declined. The installation then proceeded to hang after "Starting IMAP/POP3 >> mail server: dovecot." with the usual defunct postinst: > > You are seeing the ucf dialog which is a good sign. Can you send me > > 1. Your /etc/dovecot/conf.d/10-ssl.conf
# cat /etc/dovecot/conf.d/10-ssl.conf ## ## SSL settings ## # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> ssl = yes # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before # dropping root privileges, so keep the key file unreadable by anyone but # root. Included doc/mkcert.sh can be used to easily generate self-signed # certificate, just make sure to update the domains in dovecot-openssl.cnf ssl_cert = </etc/dovecot/dovecot.pem ssl_key = </etc/dovecot/private/dovecot.pem # If key file is password protected, give the password here. Alternatively # give it when starting dovecot with -p parameter. Since this file is often # world-readable, you may want to place this setting instead to a different # root owned 0600 file by using ssl_key_password = <path. #ssl_key_password = # PEM encoded trusted certificate authority. Set this only if you intend to use # ssl_verify_client_cert=yes. The file should contain the CA certificate(s) # followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem) #ssl_ca = # Require that CRL check succeeds for client certificates. #ssl_require_crl = yes # Directory and/or file for trusted SSL CA certificates. These are used only # when Dovecot needs to act as an SSL client (e.g. imapc backend). The # directory is usually /etc/ssl/certs in Debian-based systems and the file is # /etc/pki/tls/cert.pem in RedHat-based systems. #ssl_client_ca_dir = #ssl_client_ca_file = # Request client to send a certificate. If you also want to require it, set # auth_ssl_require_client_cert=yes in auth section. #ssl_verify_client_cert = no # Which field from certificate to use for username. commonName and # x500UniqueIdentifier are the usual choices. You'll also need to set # auth_ssl_username_from_cert=yes. #ssl_cert_username_field = commonName # DH parameters length to use. #ssl_dh_parameters_length = 1024 # SSL protocols to use #ssl_protocols = !SSLv2 # SSL ciphers to use #ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL # Prefer the server's order of ciphers over client's. #ssl_prefer_server_ciphers = no # SSL crypto device to use, for valid values run "openssl engine" #ssl_crypto_device = > 2. The output of this command: ucfq dovecot-core # ucfq dovecot-core Configuration file Package Exists Changed /etc/dovecot/conf.d/10-auth.conf dovecot-core Yes No /etc/dovecot/conf.d/10-director.conf dovecot-core Yes No /etc/dovecot/conf.d/10-logging.conf dovecot-core Yes No /etc/dovecot/conf.d/10-mail.conf dovecot-core Yes Yes /etc/dovecot/conf.d/10-master.conf dovecot-core Yes No /etc/dovecot/conf.d/10-ssl.conf dovecot-core Yes Yes /etc/dovecot/conf.d/10-tcpwrapper.conf dovecot-core Yes No /etc/dovecot/conf.d/15-lda.conf dovecot-core Yes No /etc/dovecot/conf.d/15-mailboxes.conf dovecot-core Yes No /etc/dovecot/conf.d/90-acl.conf dovecot-core Yes No /etc/dovecot/conf.d/90-plugin.conf dovecot-core Yes No /etc/dovecot/conf.d/90-quota.conf dovecot-core Yes No /etc/dovecot/conf.d/auth-checkpassword.conf.e dovecot-core Yes No /etc/dovecot/conf.d/auth-deny.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-master.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-passwdfile.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-sql.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-static.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-system.conf.ext dovecot-core Yes No /etc/dovecot/conf.d/auth-vpopmail.conf.ext dovecot-core Yes No /etc/dovecot/dovecot-db.conf.ext dovecot-core Yes No /etc/dovecot/dovecot-dict-sql.conf.ext dovecot-core Yes No /etc/dovecot/dovecot-sql.conf.ext dovecot-core Yes No /etc/dovecot/dovecot.conf dovecot-core Yes No /etc/ssl/certs/dovecot.pem dovecot-core /etc/ssl/private/dovecot.pem dovecot-core -- Tony 'Nicoya' Mantler - Master of Code-fu -- nic...@ubb.ca -- http://www.ubb.ca/ -- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
