I'm still trying to fix this problem. Hopefully someone can help.
I've upgraded dovecot to 2.3.3
# dovecot --version
2.3.3 (dcead646b)
That didn't help.
Next I switched 10-auth.conf to use a local password file (instead of LDAP)
===
# cache all authentication results for one hour
auth_cache_size = 10M
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
# only use plain username/password auth - OK since everything is over TLS
auth_mechanisms = plain
passdb {
driver = passwd-file
args = scheme=ssha username_format=%n /usr/local/etc/dovecot/passwd
}
userdb {
driver = passwd-file
args = username_format=%n /usr/local/etc/dovecot/passwd
}
==
The /usr/local/etc/dovecot/passwd file is in the following format
userA:{SSHA}hash:1000:1000::/home/userA
Authentication works, and mail gets delivered. But I'm still getting the
same intermitted errors.
Sep 28 00:03:24 mailserver dovecot: imap(userD)<14864>:
Fatal: setgid(1012(userD) from userdb lookup) failed with
euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
permitted (This binary should probably be called with process group set to
1012(userD) instead of 1011(userA))
Also tried disabling the cache in 10-auth.conf, at no avail.
I'm a bit at loss :(
Regards,
J. de Meijer
> Hi,
>
> I'm getting errors with my IMAP setup.
> Basically, everything seems to work.
> Mail is delivered nicely from Postfix to Dovecot via LMTP. Dovecot does
> the authentication to LDAP (also for Postfix). Users are able to send mail
> via authenticated submission (Postfix) and login into IMAP and POP.
>
> However, IMAP connections are dropped frequently with an "ERROR:
> Connection dropped by IMAP server.". After pressing reload on the webmail,
> or refreshing in the client might help for a short period. So it fails
> intermittently.
>
> The errors in the maillog are below. It seems to be mixing up users kind
> of randomly. I think when multiple connections are made at the same time.
> Did a lot of searching, put couldn't find an answer to this problem. All I
> can find is related to LDA, which I'm not using.
>
> Any help would be appreciated.
>
> Errors from the log:
> Sep 28 00:03:24 mailserver dovecot: imap(userD)<14864>:
> Fatal: setgid(1012(userD) from userdb lookup) failed with
> euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
> permitted (This binary should probably be called with process group set to
> 1012(userD) instead of 1011(userA))
> Sep 28 00:03:24 mailserver dovecot: imap(userD)<17009>:
> Fatal: setgid(1012(userD) from userdb lookup) failed with
> euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
> permitted (This binary should probably be called with process group set to
> 1012(userD) instead of 1011(userA))
> Sep 28 00:03:26 mailserver dovecot: imap(userD)<12807><8T0iguF2NspUUoaT>:
> Fatal: setgid(1012(userD) from userdb lookup) failed with
> euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
> permitted (This binary should probably be called with process group set to
> 1012(userD) instead of 1011(userA))
> Sep 28 00:06:59 mailserver dovecot: imap(userD)<15661>:
> Fatal: setgid(1012(userD) from userdb lookup) failed with
> euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
> permitted (This binary should probably be called with process group set to
> 1012(userD) instead of 1011(userA))
> Sep 28 00:07:54 mailserver dovecot: imap(userA)<45614>:
> Fatal: setgid(1011(userA) from userdb lookup) failed with
> euid=1012(userD), gid=1012(userD), egid=1012(userD): Operation not
> permitted (This binary should probably be called with process group set to
> 1011(userA) instead of 1012(userD))
> Sep 28 00:08:08 mailserver dovecot: imap(userF)<45055>:
> Fatal: setgid(1033(userF) from userdb lookup) failed with
> euid=1012(userD), gid=1012(userD), egid=1012(userD): Operation not
> permitted (This binary should probably be called with process group set to
> 1033(userF) instead of 1012(userD))
> Sep 28 00:08:08 mailserver dovecot: imap(userF)<46412><87ntkuF2JvptSCYM>:
> Fatal: setgid(1033(userF) from userdb lookup) failed with
> euid=1011(userA), gid=1011(userA), egid=1011(userA): Operation not
> permitted (This binary should probably be called with process group set to
> 1033(userF) instead of 1011(userA))
> Sep 28 00:08:08 mailserver dovecot: imap(userF)<44858><0nXzkuF2KfptSCYM>:
> Fatal: setgid(1033(userF) from userdb lookup) failed with
> euid=1012(userD), gid=1012(userD), egid=1012(userD): Operation not
> permitted (This binary should probably be called with process group set to
> 1033(userF) instead of 1012(userD))
> Sep 28 00:08:14 mailserver dovecot: imap(userF)<36517>:
> Fatal: setgid(1033(userF) from userdb lookup) failed with
> euid=1017(userC), gid=1017(userC), egid=1017(userC): Operation not
> permitted (This binary should probably be called with process group set to
> 1033(userF) instead of