Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
On 17.10.2012, at 2.18, Daniel Parthey wrote: > doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A > shows the following message in the log when iterating the 49th user: > > Oct 17 00:47:17 10.129.3.233 dovecot: doveadm: Error: purge: invalid option > -- 'e' > Oct 17 00:47:17 10.129.3.233 dovecot: doveadm(someu...@example-ll.org): > Error: doveadm purge: Client sent unknown parameter: ? > > Any ideas on how this error gets triggered? Not sure. There's no valid 'e' option anywhere. I guess one of the non-option parameters begin with "-e" and it think it's an option. But I can't really think of how that would happen with purge either. So it would be helpful to look at what exactly the doveadms are talking to each others. Could you get the network traffic from them? Or strace -s 1000 doveadm purge should show it somewhere too.
[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
# 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-44-server x86_64 Ubuntu 10.04.4 LTS doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A shows the following message in the log when iterating the 49th user: Oct 17 00:47:17 10.129.3.233 dovecot: doveadm: Error: purge: invalid option -- 'e' Oct 17 00:47:17 10.129.3.233 dovecot: doveadm(someu...@example-ll.org): Error: doveadm purge: Client sent unknown parameter: ? Any ideas on how this error gets triggered? Regards Daniel -- https://plus.google.com/103021802792276734820
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Hi Timo and list members, Timo Sirainen wrote: > On 1.8.2012, at 23.25, Daniel Parthey wrote: > > >> The error is still the same "config permission denied" shown above? I > >> found that also from my server and added a debug patch, but it hasn't > >> crashed yet. Could you try the attached patch and getting a gdb backtrace > >> from the resulting core file? (Or at least the raw backtrace - getting a > >> core file might be tricky.) > > > > Running command on a four host setup with mailbox+director instance each: > > /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A > > > > dovecot: doveadm(usern...@example.org): Error: userdb lookup: > > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > > (euid=501(vmail) egid=123(vmail) missing +r perm: > > /var/run/dovecot/auth-userdb, we're not in group 122(dovecot), dir owned by > > 0:0 mode=0755) > > Ah, so the original patch helped! This is a different error. > > > srw-rw 1 dovecot dovecot 0 2012-07-11 18:35 auth-userdb > > Simplest solution now would be to make this world-rw, see the auth-userdb > socket configuration in http://wiki2.dovecot.org/LDA#Virtual_users > > But I guess this should also be fixed by doveadm-server. Although I don't > think this should be happening by default anyway. Maybe this is also solved > by the http://hg.dovecot.org/dovecot-2.1/rev/476381017ec7 patch? I finally found time to update from 2.1.8 to 2.1.10 and change service auth-user db socket to default mode of 0666. Unfortunately, the issue is still not solved and I did not manage to get a gdb backtrace, since it does not crash or assert. Current configuration of both mailbox and director is attached. The error "Permission denied" from the mailbox logs is gone, but the director doveadm command: /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A still throws the error message: doveadm(usern...@example.org): Error: doveadm server failure doveadm: Error: Failed to iterate through some users Any idea what I could do in addition to making /var/run/dovecot/auth-userdb world-rw? Regards Daniel -- https://plus.google.com/103021802792276734820 # 2.1.10: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-43-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = imapc_features = rfc822.size imapc_host = local-mailbox imapc_port = 18143 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota stats mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave mdbox_rotate_interval = 1 weeks mdbox_rotate_size = 50 M mmap_disable = yes passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { quota = dict:User quota::proxy::quota quota_rule = *:storage=10G quota_rule2 = Trash:storage=+100M quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve stats_refresh = 30 secs stats_track_cmds = yes } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = dovecot user = dovecot } } service dict { unix_listener dict { group = vmail mode = 0660 } } service doveadm { inet_listener doveadm-server { port = 19000 } } service imap-login { inet_listener imap { port = 19143 } } service imap-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service imap { executable = imap imap-postlogin } service lmtp { inet_listener lmtp { address = * port = 19024 } } service managesieve-login { inet_listener sieve { port = 19200 } } service pop3-login { inet_listener pop3 { port = 19110 } } service pop3-postlogin { executable = script-login /usr/local/bin/dovecot-postlogin user = $default_internal_user } service pop3 { executable = pop3 pop3-postlogin } service quota-warning { executable = script /usr/local/bin/quota-warning extra_groups = dovecot unix_listener quota-warning { user = vmail } user = vmail } service stats { fifo_listener stats-mail { mode = 0600
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
On 1.8.2012, at 23.25, Daniel Parthey wrote: >> The error is still the same "config permission denied" shown above? I found >> that also from my server and added a debug patch, but it hasn't crashed yet. >> Could you try the attached patch and getting a gdb backtrace from the >> resulting core file? (Or at least the raw backtrace - getting a core file >> might be tricky.) > > Running command on a four host setup with mailbox+director instance each: > /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A > > dovecot: doveadm(usern...@example.org): Error: userdb lookup: > connect(/var/run/dovecot/auth-userdb) failed: Permission denied > (euid=501(vmail) egid=123(vmail) missing +r perm: > /var/run/dovecot/auth-userdb, we're not in group 122(dovecot), dir owned by > 0:0 mode=0755) Ah, so the original patch helped! This is a different error. > srw-rw 1 dovecot dovecot 0 2012-07-11 18:35 auth-userdb Simplest solution now would be to make this world-rw, see the auth-userdb socket configuration in http://wiki2.dovecot.org/LDA#Virtual_users But I guess this should also be fixed by doveadm-server. Although I don't think this should be happening by default anyway. Maybe this is also solved by the http://hg.dovecot.org/dovecot-2.1/rev/476381017ec7 patch?
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Timo Sirainen wrote: > On 1.8.2012, at 22.32, Daniel Parthey wrote: > > Jun 29 15:40:31 10.129.3.249 dovecot: > doveadm(use...@domain1.example.org): > Error: user use...@domain1.example.org: Error reading configuration: > net_connect_unix(/var/run/dovecot/config) failed: Permission denied > > The change in 2.1.8 didn't fix it and still does not iterate *all* users. > > My current workaround is to list all users, run a for-loop over the userlist > > and flush one mailbox after another via the director. > > > > Any hints how to solve this? > > The error is still the same "config permission denied" shown above? I found > that also from my server and added a debug patch, but it hasn't crashed yet. > Could you try the attached patch and getting a gdb backtrace from the > resulting core file? (Or at least the raw backtrace - getting a core file > might be tricky.) Running command on a four host setup with mailbox+director instance each: /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A Output is: doveadm(usern...@example.org): Error: doveadm server failure doveadm: Error: Failed to iterate through some users Log says: dovecot: doveadm(usern...@example.org): Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=501(vmail) egid=123(vmail) missing +r perm: /var/run/dovecot/auth-userdb, we're not in group 122(dovecot), dir owned by 0:0 mode=0755) dovecot: doveadm(usern...@example.org): Error: purge: User lookup failed: Internal error occurred. Refer to server log for more information. Here are the directory permissions: mail01:~# id vmail uid=501(vmail) gid=123(vmail) groups=123(vmail) mail01:~# id dovecot uid=120(dovecot) gid=122(dovecot) groups=122(dovecot) mail01:~# ls -ld /var/run/dovecot drwxr-xr-x 4 root root 660 2012-07-11 18:35 /var/run/dovecot mail01:~# ls -l /var/run/dovecot total 8 srw--- 1 rootroot 0 2012-07-10 18:29 anvil srw--- 1 rootroot 0 2012-07-10 18:29 anvil-auth-penalty srw--- 1 rootroot 0 2012-07-11 18:35 auth-client srw--- 1 dovecot root 0 2012-07-11 18:35 auth-login srw--- 1 rootroot 0 2012-07-11 18:35 auth-master srw-rw 1 dovecot dovecot 0 2012-07-11 18:35 auth-userdb srw--- 1 dovecot root 0 2012-07-11 18:35 auth-worker srw--- 1 rootroot 0 2012-07-11 18:35 config srw-rw 1 rootvmail 0 2012-07-11 18:35 dict srw--- 1 rootroot 0 2012-07-11 18:35 director-admin srw--- 1 rootroot 0 2012-07-10 10:19 director-userdb srw-rw-rw- 1 rootroot 0 2012-07-11 18:35 dns-client srw--- 1 rootroot 0 2012-07-11 18:35 doveadm-server lrwxrwxrwx 1 rootroot 25 2012-07-10 18:29 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 rootroot 40 2012-07-10 10:19 empty srw--- 1 rootroot 0 2012-07-11 18:35 imap-postlogin srw-rw-rw- 1 rootroot 0 2012-07-11 18:35 indexer srw--- 1 dovecot root 0 2012-07-11 18:35 indexer-worker srw--- 1 rootroot 0 2012-07-11 18:35 ipc srw-rw-rw- 1 rootroot 0 2012-07-11 18:35 lmtp srw--- 1 rootroot 0 2012-07-11 18:35 log-errors drwxr-x--- 2 rootnogroup 180 2012-07-11 18:35 login -rw--- 1 rootroot 5 2012-07-10 18:29 master.pid -rw-r--r-- 1 rootroot 71 2012-07-10 18:29 mounts srw--- 1 rootroot 0 2012-07-11 18:35 pop3-postlogin srw--- 1 vmail root 0 2012-07-11 18:35 quota-warning srw--- 1 rootroot 0 2012-07-11 18:35 replication-notify prw--- 1 rootroot 0 2012-07-11 18:35 replication-notify-fifo srw--- 1 dovecot root 0 2012-07-11 18:35 replicator srw--- 1 rootroot 0 2012-07-11 18:35 stats prw--- 1 vmail root 0 2012-08-01 22:20 stats-mail Please see mailbox and director config attached. Any help is appreciated. Regards Daniel -- https://plus.google.com/103021802792276734820 # 2.1.8: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-40-server x86_64 Ubuntu 10.04.4 LTS auth_cache_negative_ttl = 0 auth_cache_size = 10 M auth_cache_ttl = 1 mins auth_verbose = yes auth_verbose_passwords = sha1 deliver_log_format = mailbox: deliver: msgid=%m from=%f: %$ dict { quota = mysql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext } disable_plaintext_auth = no doveadm_password = xxx imapc_features = rfc822.size imapc_host = local-mailbox imapc_port = 18143 instance_name = dovecot-mailbox lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes login_greeting = Mailbox login_log_format = mailbox: login: %$: %s login_trusted_networks = 10.129.3.0/24 mail_debug = yes mail_fsync = always mail_gid = vmail mail_home = /mail/dovecot/%d/%n mail_location = mdbox:~/mail mail_log_prefix = "mailbox: mail: %s(%u): " mail_plugins = quota stats mail_privileged_group = vmail mail_uid = vmail managesieve_implementation_string = Sieve managesieve_notify_capability = mailto managesieve_sieve_ca
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
On 1.8.2012, at 22.56, Timo Sirainen wrote: > On 1.8.2012, at 22.32, Daniel Parthey wrote: > > Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(use...@domain1.example.org): > Error: user use...@domain1.example.org: Error reading configuration: > net_connect_unix(/var/run/dovecot/config) failed: Permission denied >> The change in 2.1.8 didn't fix it and still does not iterate *all* users. >> My current workaround is to list all users, run a for-loop over the userlist >> and flush one mailbox after another via the director. >> >> Any hints how to solve this? > > The error is still the same "config permission denied" shown above? I found > that also from my server and added a debug patch, but it hasn't crashed yet. > Could you try the attached patch and getting a gdb backtrace from the > resulting core file? (Or at least the raw backtrace - getting a core file > might be tricky.) Also I wonder if this helps (at least it fixes a crash I managed to cause): http://hg.dovecot.org/dovecot-2.1/rev/476381017ec7
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
On 1.8.2012, at 22.32, Daniel Parthey wrote: Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(use...@domain1.example.org): Error: user use...@domain1.example.org: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied > The change in 2.1.8 didn't fix it and still does not iterate *all* users. > My current workaround is to list all users, run a for-loop over the userlist > and flush one mailbox after another via the director. > > Any hints how to solve this? The error is still the same "config permission denied" shown above? I found that also from my server and added a debug patch, but it hasn't crashed yet. Could you try the attached patch and getting a gdb backtrace from the resulting core file? (Or at least the raw backtrace - getting a core file might be tricky.) diff Description: Binary data
[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Daniel Parthey wrote: > Timo Sirainen wrote: > > On 29.6.2012, at 19.21, Daniel Parthey wrote: > > > > > Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(use...@domain1.example.org): > > > Error: user use...@domain1.example.org: Error reading configuration: > > > net_connect_unix(/var/run/dovecot/config) failed: Permission denied > > > > I've noticed a similar problem happening somewhat randomly, but I still > > haven't looked into why exactly it happens. Anyway the attached patch should > > fix this specific error, but I'm not sure if there isn't another one. Try > > and > > let me know? :) > > Unfortunately, the problem still persists with dovecot 2.1.8, > which already contains the following code: > > enum master_service_flags service_flags = > MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; > const char *error; > master_service = master_service_init("doveadm", service_flags, > &argc, &argv, NULL); > if (master_getopt(master_service) > 0) > return FATAL_DEFAULT; > > The command > /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A > still generates the following errors after iterating some dozen users: > > doveadm(nag...@metaways.de): Error: doveadm server failure > doveadm: Error: Failed to iterate through some users > > Which information should I provide to help debugging the problem? The change in 2.1.8 didn't fix it and still does not iterate *all* users. My current workaround is to list all users, run a for-loop over the userlist and flush one mailbox after another via the director. Any hints how to solve this? Regards Daniel -- https://plus.google.com/103021802792276734820
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Timo Sirainen wrote: > On 29.6.2012, at 19.21, Daniel Parthey wrote: > > > Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(use...@domain1.example.org): > > Error: user use...@domain1.example.org: Error reading configuration: > > net_connect_unix(/var/run/dovecot/config) failed: Permission denied > > I've noticed a similar problem happening somewhat randomly, but I still > haven't looked into why exactly it happens. Anyway the attached patch should > fix this specific error, but I'm not sure if there isn't another one. Try and > let me know? :) Unfortunately, the problem still persists with dovecot 2.1.8, which already contains the following code: enum master_service_flags service_flags = MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN; const char *error; master_service = master_service_init("doveadm", service_flags, &argc, &argv, NULL); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; The command /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A still generates the following errors after iterating some dozen users: doveadm(nag...@metaways.de): Error: doveadm server failure doveadm: Error: Failed to iterate through some users Which information should I provide to help debugging the problem? Kind regards Daniel -- https://plus.google.com/103021802792276734820
Re: [Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
On 29.6.2012, at 19.21, Daniel Parthey wrote: > Jun 29 15:40:31 10.129.3.249 dovecot: doveadm(use...@domain1.example.org): > Error: user use...@domain1.example.org: Error reading configuration: > net_connect_unix(/var/run/dovecot/config) failed: Permission denied I've noticed a similar problem happening somewhat randomly, but I still haven't looked into why exactly it happens. Anyway the attached patch should fix this specific error, but I'm not sure if there isn't another one. Try and let me know? :) diff Description: Binary data
[Dovecot] doveadm purge -A via doveadm-proxy director fails after some users
Hi, we have configured userdb and passdb in the director and try to iterate all users and pass the "purge" command via doveadm proxy to port 19000 on the correct director backend host. A single purge -u usern...@example.org via doveadm-proxy works correctly, but iterating over some users with -A fails. Note: users/domains have been anonymized in output: mail04:~# /usr/bin/doveadm -c /etc/dovecot-director/dovecot-director.conf -D purge -A 2>&1 doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm doveadm(root): Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_lookup (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_quota_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol: quota_user_module (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_zlib_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_zlib_plugin.so: undefined symbol: i_stream_create_deflate (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_list_backend (this is usually intentional, so just ignore this message) doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain2.example.org): Debug: auth input: user=use...@domain2.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 10 / 94doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.190 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.191 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.192 proxy_refresh=86400 20 / 94doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193 proxy_refresh=86400 doveadm(use...@domain1.example.org): Debug: auth input: user=use...@domain1.example.org proxy host=10.129.3.193