Re: Install locks up my server
On 06/26/17 14:42, Timo Sirainen wrote: On 26 Jun 2017, at 23.19, Marc Perkelwrote: Ever since 2.26 I haven't been able to upgrade. In fact the install locks up my server. I get into and infinite recursive loop where the config-guess program calls itself until the server locks up from overload. I'm running Centos 6 under OpenVZ. What am I missing? I think there's a serious bug. 31233 pts/3S 0:00 /bin/sh ./config.guess 31235 pts/3S 0:00 \_ /bin/sh ./config.guess 31238 pts/3S 0:00 \_ /bin/sh ./config.guess 31240 pts/3S 0:00 \_ /bin/sh ./config.guess I think I remember seeing this before, but unfortunately can't remember what the solution was. Maybe it was something something messed up in the OS or in the build directory. Are you compiling from the tarballs? So it's the "configure" that fails? Also if you run "./config.guess" manually? What's the output if you run "bash -x ./config.guess"? bash -x ./config.guess + timestamp=2015-08-20 ++ sed -e 's,.*/,,' ++ echo ./config.guess + me=config.guess + usage='Usage: ./config.guess [OPTION] Output the configuration name of the system `config.guess'\'' is run on. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to .' + version='GNU config.guess (2015-08-20) Originally written by Per Bothner. Copyright 1992-2015 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.' + help=' Try `config.guess --help'\'' for more information.' + test 0 -gt 0 + test 0 '!=' 0 + trap 'exit 1' 1 2 15 + set_cc_for_build=' trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; : ${TMPDIR=/tmp} ; { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; dummy=$tmp/dummy ; tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; case $CC_FOR_BUILD,$HOST_CC,$CC in ,,)echo "int x;" > $dummy.c ; for c in cc gcc c89 c99 ; do if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then CC_FOR_BUILD="$c"; break ; fi ; done ; if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found ; fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; esac ; set_cc_for_build= ;' + UNAME_MACHINE=x86_64 + UNAME_RELEASE=2.6.32-042stab123.3 + UNAME_SYSTEM=Linux + UNAME_VERSION='#1 SMP Fri May 5 12:29:05 MSK 2017' + case "${UNAME_SYSTEM}" in + LIBC=gnu + eval trap '"exitcode=\$?;' '(rm' -f '\$tmpfiles' '2>/dev/null;' rmdir '\$tmp' '2>/dev/null)' '&&' exit '\$exitcode"' 0 ';' trap '"rm' -f '\$tmpfiles' '2>/dev/null;' rmdir '\$tmp' '2>/dev/null;' exit '1"' 1 2 13 15 ';' : '${TMPDIR=/tmp}' ';' '{' 'tmp=`(umask' 077 '&&' mktemp -d '"$TMPDIR/cgXX")' '2>/dev/null`' '&&' test -n '"$tmp"' '&&' test -d '"$tmp"' ';' '}' '||' '{' test -n '"$RANDOM"' '&&' 'tmp=$TMPDIR/cg$$-$RANDOM' '&&' '(umask' 077 '&&' mkdir '$tmp)' ';' '}' '||' '{' 'tmp=$TMPDIR/cg-$$' '&&' '(umask' 077 '&&' mkdir '$tmp)' '&&' echo '"Warning:' creating insecure temp 'directory"' '>&2' ';' '}' '||' '{' echo '"$me:' cannot create a temporary directory in '$TMPDIR"' '>&2' ';' exit 1 ';' '}' ';' 'dummy=$tmp/dummy' ';' 'tmpfiles="$dummy.c' '$dummy.o' '$dummy.rel' '$dummy"' ';' case '$CC_FOR_BUILD,$HOST_CC,$CC' in ',,)' echo '"int' 'x;"' '>' '$dummy.c' ';' for c in cc gcc c89 c99 ';' do if '($c' -c -o '$dummy.o' '$dummy.c)' '>/dev/null' '2>&1' ';' then 'CC_FOR_BUILD="$c";' break ';' fi ';' done ';' if test 'x"$CC_FOR_BUILD"' = x ';' then CC_FOR_BUILD=no_compiler_found ';' fi ';;' ',,*)' 'CC_FOR_BUILD=$CC' ';;' ',*,*)' 'CC_FOR_BUILD=$HOST_CC' ';;' esac ';' set_cc_for_build= ';' ++ trap 'exitcode=$?; (rm -f $tmpfiles 2>/dev/null; rmdir $tmp 2>/dev/null) && exit $exitcode' 0 ++ trap 'rm -f $tmpfiles 2>/dev/null; rmdir $tmp 2>/dev/null; exit 1' 1 2 13 15 ++ : /tmp ++ tmp=/tmp/cgpmW24a ++ test -n /tmp/cgpmW24a ++ test -d /tmp/cgpmW24a ++ dummy=/tmp/cgpmW24a/dummy ++ tmpfiles='/tmp/cgpmW24a/dummy.c /tmp/cgpmW24a/dummy.o /tmp/cgpmW24a/dummy.rel /tmp/cgpmW24a/dummy' ++ case $CC_FOR_BUILD,$HOST_CC,$CC in ++ echo 'int x;' ++ for c in cc gcc c89 c99
Re: Install locks up my server
On 26 Jun 2017, at 23.19, Marc Perkelwrote: > > Ever since 2.26 I haven't been able to upgrade. In fact the install locks up > my server. > > I get into and infinite recursive loop where the config-guess program calls > itself until the server locks up from overload. > > I'm running Centos 6 under OpenVZ. > > What am I missing? I think there's a serious bug. > > 31233 pts/3S 0:00 /bin/sh ./config.guess > 31235 pts/3S 0:00 \_ /bin/sh ./config.guess > 31238 pts/3S 0:00 \_ /bin/sh ./config.guess > 31240 pts/3S 0:00 \_ /bin/sh ./config.guess I think I remember seeing this before, but unfortunately can't remember what the solution was. Maybe it was something something messed up in the OS or in the build directory. Are you compiling from the tarballs? So it's the "configure" that fails? Also if you run "./config.guess" manually? What's the output if you run "bash -x ./config.guess"?
[Dovecot-news] Released Pigeonhole v0.4.19 for Dovecot v2.2.31.
Hello Dovecot users, Here's the definitive 0.4.19 release. There is one additional fix. Changelog v0.4.19: * This release adjusts Pigeonhole to several changes in the Dovecot API, making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole will produce compile warnings with the recent Dovecot releases (but still work ok). - Fixed bug in handling of implicit keep in some cases. Implicit side-effects, such as assigned flags, were not always applied correctly. This is in essence a very old bug, but it was exposed by recent changes. - include extension: Fixed segfault that (sometimes) occurred when the global script location was left unconfigured. The release is available as follows: https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for more information. Have fun testing this release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch step...@rename-it.nl ___ Dovecot-news mailing list Dovecot-news@dovecot.org https://dovecot.org/mailman/listinfo/dovecot-news
Install locks up my server
Ever since 2.26 I haven't been able to upgrade. In fact the install locks up my server. I get into and infinite recursive loop where the config-guess program calls itself until the server locks up from overload. I'm running Centos 6 under OpenVZ. What am I missing? I think there's a serious bug. 31233 pts/3S 0:00 /bin/sh ./config.guess 31235 pts/3S 0:00 \_ /bin/sh ./config.guess 31238 pts/3S 0:00 \_ /bin/sh ./config.guess 31240 pts/3S 0:00 \_ /bin/sh ./config.guess 31241 pts/3S 0:00 \_ /bin/sh ./config.guess 31267 pts/3S 0:00 \_ /bin/sh ./config.guess 31272 pts/3S 0:00 \_ /bin/sh ./config.guess 31279 pts/3S 0:00 \_ /bin/sh ./config.guess 31280 pts/3S 0:00 \_ /bin/sh ./config.guess 31281 pts/3S 0:00 \_ /bin/sh ./config.guess 31283 pts/3S 0:00 \_ /bin/sh ./config.guess 31284 pts/3S 0:00 \_ /bin/sh ./config.guess 31285 pts/3S 0:00 \_ /bin/sh ./config.guess 31292 pts/3S 0:00 \_ /bin/sh ./config.guess 31303 pts/3S 0:00 \_ /bin/sh ./config.guess 31304 pts/3S 0:00 \_ /bin/sh ./config.guess 31305 pts/3S 0:00 \_ /bin/sh ./config.guess 31306 pts/3S 0:00 \_ /bin/sh ./config.guess 31307 pts/3S 0:00 \_ /bin/sh ./config.guess 31321 pts/3S 0:00 \_ /bin/sh ./config.guess 31340 pts/3S 0:00 \_ /bin/sh ./config.guess 31341 pts/3S 0:00 \_ /bin/sh ./config.guess 31426 pts/3S 0:00 \_ /bin/sh ./config.guess 31530 pts/3S 0:00 \_ /bin/sh ./config.guess
Released Pigeonhole v0.4.19 for Dovecot v2.2.31.
Hello Dovecot users, Here's the definitive 0.4.19 release. There is one additional fix. Changelog v0.4.19: * This release adjusts Pigeonhole to several changes in the Dovecot API, making it depend on Dovecot v2.2.31. Previous versions of Pigeonhole will produce compile warnings with the recent Dovecot releases (but still work ok). - Fixed bug in handling of implicit keep in some cases. Implicit side-effects, such as assigned flags, were not always applied correctly. This is in essence a very old bug, but it was exposed by recent changes. - include extension: Fixed segfault that (sometimes) occurred when the global script location was left unconfigured. The release is available as follows: https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.19.tar.gz.sig Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for more information. Have fun testing this release and don't hesitate to notify me when there are any problems. Regards, -- Stephan Bosch step...@rename-it.nl
Re: localhost logins
On 2017-06-23 15:09, Marcus Rueckert wrote: On Fri, 23 Jun 2017 11:38:28 -0700 Daniel Millerwrote: While auditing my logs after an account was compromised, I see a number of entries like: Jun 23 11:32:18 bubba dovecot: auth: ldap("one-of-my-accounts",127.0.0.1): invalid credentials webmail? I thought that as well - because I do have a webmail service - but that's on a separate virtual server (admittedly, running on this host). So that shouldn't give me a localhost IP. I also don't see anything in the webmail logs corresponding to the dovecot logs. --- Daniel
[Dovecot-news] v2.2.31 released
https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz.sig This should be a great and stable release for the summer :) v2.2.32 is planned for the end of August. Hopefully soon afterwards we can get back to v2.3. * LMTP: Removed "(Dovecot)" from added Received headers. Some installations want to hide it, and there's not really any good reason for anyone to have it. + Add ssl_alt_cert and ssl_alt_key settings to add support for having both RSA and ECDSA certificates. + dsync/imapc, pop3-migration plugin: Strip trailing whitespace from headers when matching mails. This helps with migrations from Zimbra. + acl: Add acl_globals_only setting to disable looking up per-mailbox dovecot-acl files. + Parse invalid message addresses better. This mainly affects the generated IMAP ENVELOPE replies. - v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly. It could have deleted wrong mail's cache or assert-crashed. - v2.2.30 mail-crypt-acl plugin was assert-crashing - v2.2.30 welcome plugin wasn't working - Various fixes to handling mailbox listing. Especially related to handling nonexistent autocreated/autosubscribed mailboxes and ACLs. - Global ACL file was parsed as if it was local ACL file. This caused some of the ACL rule interactions to not work exactly as intended. - auth: forward_* fields didn't work properly: Only the first forward field was working, and only if the first passdb lookup succeeded. - Using mail_sort_max_read_count sometimes caused "Broken sort-* indexes, resetting" errors. - Using mail_sort_max_read_count may have caused very high CPU usage. - Message address parsing could have crashed on invalid input. - imapc_features=fetch-headers wasn't always working correctly and caused the full header to be fetched. - imapc: Various bugfixes related to connection failure handling. - quota=imapc sent unnecessary FETCH RFC822.SIZE to server when expunging mails. - quota=count: quota_warning = -storage=.. was never executed - quota=count: Add support for "ns" parameter - dsync: Fix incremental syncing for mails that don't have Date or Message-ID headers. - imap: Fix hang when client sends pipelined SEARCH + EXPUNGE/CLOSE/LOGOUT. - oauth2: Token validation didn't accept empty server responses. - imap: NOTIFY command has been almost completely broken since the beginning. I guess nobody has been trying to use it. ___ Dovecot-news mailing list Dovecot-news@dovecot.org https://dovecot.org/mailman/listinfo/dovecot-news
v2.2.31 released
https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz https://dovecot.org/releases/2.2/dovecot-2.2.31.tar.gz.sig This should be a great and stable release for the summer :) v2.2.32 is planned for the end of August. Hopefully soon afterwards we can get back to v2.3. * LMTP: Removed "(Dovecot)" from added Received headers. Some installations want to hide it, and there's not really any good reason for anyone to have it. + Add ssl_alt_cert and ssl_alt_key settings to add support for having both RSA and ECDSA certificates. + dsync/imapc, pop3-migration plugin: Strip trailing whitespace from headers when matching mails. This helps with migrations from Zimbra. + acl: Add acl_globals_only setting to disable looking up per-mailbox dovecot-acl files. + Parse invalid message addresses better. This mainly affects the generated IMAP ENVELOPE replies. - v2.2.30 wasn't fixing corrupted dovecot.index.cache files properly. It could have deleted wrong mail's cache or assert-crashed. - v2.2.30 mail-crypt-acl plugin was assert-crashing - v2.2.30 welcome plugin wasn't working - Various fixes to handling mailbox listing. Especially related to handling nonexistent autocreated/autosubscribed mailboxes and ACLs. - Global ACL file was parsed as if it was local ACL file. This caused some of the ACL rule interactions to not work exactly as intended. - auth: forward_* fields didn't work properly: Only the first forward field was working, and only if the first passdb lookup succeeded. - Using mail_sort_max_read_count sometimes caused "Broken sort-* indexes, resetting" errors. - Using mail_sort_max_read_count may have caused very high CPU usage. - Message address parsing could have crashed on invalid input. - imapc_features=fetch-headers wasn't always working correctly and caused the full header to be fetched. - imapc: Various bugfixes related to connection failure handling. - quota=imapc sent unnecessary FETCH RFC822.SIZE to server when expunging mails. - quota=count: quota_warning = -storage=.. was never executed - quota=count: Add support for "ns" parameter - dsync: Fix incremental syncing for mails that don't have Date or Message-ID headers. - imap: Fix hang when client sends pipelined SEARCH + EXPUNGE/CLOSE/LOGOUT. - oauth2: Token validation didn't accept empty server responses. - imap: NOTIFY command has been almost completely broken since the beginning. I guess nobody has been trying to use it.
Re: acl shared maildir with virtual users
Did you try closing & opening the tree in thunderbird's UI? On 24.06.2017 01:11, Rich Simcox wrote: > Can anyone point out where i'm going wrong with my dovecot sharedinbox setup > with ACL i'm contemplating giving up with dovecot alltogether i've spent 3 > days trying different paths to the virtual users mailboxes > > I seem to have two issues > > my acls are getting written to my sql db fine > > in roundcube i can see the shared folder but cant subscribe to it > > in thunderbird if i go to namespaces it sees the shared. namespace but its > not listing anything in it even though my acls are written to the db > > please someone tell me what i'm missing i'm betting its something silly but > i've been over and over the wiki > > here is my conf and below it an extract of my debug log > > i see this alot > > Debug: acl vfile: reading file > /home/server/mail/website2.com/sales/.ebay.Sent/dovecot-acl > > this is how my path currently looks in debug but i've tried all sorts > > Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: Namespace : > type=shared, prefix=Shared.%u., sep=., inbox=no, hidden=no, list=yes, > subscriptions=no > location=maildir:%h/Maildir:INDEXPVT=~/mail/virtual/sa...@website2.com/shared/%u > > this is what my private namespace paths relate to > > Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: Namespace > sent: type=private, prefix=sent, sep=., inbox=no, hidden=yes, list=no, > subscriptions=yes > location=virtual:/usr/local/cpanel/etc/dovecot/virtual/sent:INDEX=~/mail/virtual/sa...@website2.com > Jun 23 22:32:47 ssd99 dovecot: imap(sa...@website2.com): Debug: fs: > root=/usr/local/cpanel/etc/dovecot/virtual/sent, > index=/home/server/mail/website2.com/sales/mail/virtual/sa...@website2.com, > indexpvt=, control=, inbox=, alt= > > please someone must know the answer Those look ok. Aki
Re: Limit IMAP/IMAPS listening IPs
This is why sane admins don't use the *EVIL* systemd Thankfully there are still some modern distros that refuse to touch it. Name sounds cute, the idea sounded OK, but the reality is, its a _REDACTED_ useless pile of REDACTED REDACTED REDACTED On Sun, Jun 25, 2017 at 3:59 AM, Dudi Goldenbergwrote: > Hello list. > > I am running dovecot v2.2.13 on debian 8.8; > > I tried to add a "address =" statement for only localhost and one private > IP, but then I got a complaint from system: > > dovecot[20515]: Error: systemd listens on port 143, but it's not > configured in Dovecot. Closing. > > What is the proper way to resolve this? > > TIA & Regards, > > Dudi >
ACL problems on shared folder
Hello, I've a Dovecot Server Version 2.2.30.2 running on CentOS 6.9 and there's a problem with acls on shared folder. We have some mailboxes which are shared and used as a "group mailbox" and also some user who share their inbox and only the inbox when they are on holiday e.g.. When I set "acl_defaults_from_inbox = yes" it's not possible to restrict the access to only the inbox, meaning that the user who wants to share only their inbox have to share the whole mailbox. On the other hand when I set "acl_defaults_from_inbox = no" it is not possible to create a folder direct under the inbox of a "group mailbox" and one gets a "permission denied" message. Is this the normal behavior normal? Although the user who wants to create the folder has all rights he gets a "permission denied" message? Why? Am I missing something important? Does anyone who uses shared mailboxes had the same problem and solved this? Any suggestion or information, that I probably miss is welcome. If needed here's my Dovecot configuration: > # 2.2.30.2 (c0c463e): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.18 (29cc74d) > # OS: Linux 2.6.32-696.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) ext4 > auth_debug = yes > auth_master_user_separator = * > auth_mechanisms = plain login > auth_verbose = yes > disable_plaintext_auth = no > mail_debug = yes > mail_location = maildir:/export/home/imap/%Lu/Maildir > mail_plugins = acl zlib mail_log notify > mailbox_idle_check_interval = 10 secs > mailbox_list_index = yes > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope encoded-character > vacation subaddress comparator-i;ascii-numeric relational regex imap4flags > copy include variables body enotify environment mailbox date index ihave > duplicate mime foreverypart extracttext > mbox_write_locks = fcntl > namespace { > hidden = no > ignore_on_failure = no > inbox = no > list = children > location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u > prefix = shared/%%u/ > separator = / > subscriptions = yes > type = shared > } > namespace inbox { > hidden = no > inbox = yes > list = yes > location = > mailbox Drafts { > special_use = \Drafts > } > mailbox Junk { > special_use = \Junk > } > mailbox Sent { > special_use = \Sent > } > mailbox "Sent Messages" { > special_use = \Sent > } > mailbox Trash { > special_use = \Trash > } > prefix = INBOX/ > separator = / > type = private > } > passdb { > args = /etc/dovecot/master-users > driver = passwd-file > master = yes > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf.ext > driver = ldap > } > plugin { > acl = vfile:/etc/dovecot/global-acls:cache_secs=300 > acl_shared_dict = file:/export/home/shared-db/shared-mailboxes > mail_log_events = append delete undelete expunge copy mailbox_delete > mailbox_rename flag_change > mail_log_fields = uid box msgid size from flags > sieve = ~/.dovecot.sieve > sieve_dir = ~/sieve > sieve_global = /var/lib/dovecot/sieve/global/ > sieve_user_log = ~/.dovecot.sieve.log > zlib_save = gz > zlib_save_level = 6 > } > protocols = imap pop3 lmtp sieve > service auth { > unix_listener /var/spool/postfix/private/auth { > mode = 0666 > } > unix_listener auth-userdb { > group = vmail > mode = 0660 > user = vmail > } > } > service imap-login { > process_limit = 500 > process_min_avail = 20 > } > service lmtp { > inet_listener lmtp { > address = 127.0.0.1 > port = 24 > } > } > service managesieve-login { > inet_listener sieve { > port = 4190 > } > inet_listener sieve_deprecated { > port = 2000 > } > } > ssl = required > ssl_cert = ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!EXPORT > ssl_key = # hidden, use -P to show it > ssl_protocols = !SSLv3 !SSLv2 > syslog_facility = local6 > userdb { > args = /etc/dovecot/dovecot-ldap-userdb.conf.ext > driver = ldap > } > protocol lmtp { > mail_plugins = acl zlib mail_log notify sieve > } > protocol imap { > mail_max_userip_connections = 100 > mail_plugins = acl zlib mail_log notify imap_zlib imap_acl > } TIA & Regards, Thomas