Re: What does `iterate_query` for SQL want as output?
> On Aug 10, 2019, at 10:55 AM, Aki Tuomi wrote: > > >> On 10/08/2019 15:51 Coy Hile via dovecot < dovecot@dovecot.org> wrote: >> >> >>> Did you check your logs? >>> >> that’s just it. There’s nothing in syslog (which is logging at mail.debug). >> Not just nothing useful, absolutely _nothing_ logged when I run that. All I >> see is this (printed, I presume to STDERR): >> >> doveadm backup -D -A -R -f ssh -i id_rsa.dsync imap01.coyhile.com >> /opt/local/bin/doveadm dsync-server -A >> Error: User listing returned failure >> doveadm: Error: Failed to iterate through some users >> dsync-local( h...@coyhile.com): Error: read(remote) >> failed: EOF (version not received) >> >> The last line makes sense given the earlier failure. >> >> Should this log somewhere else besides syslog? And is there some way I can >> isolate and test _just_ the user iteration and enumeration code to prove out >> that the query is correct? Clearly, from output above, it should be. >> >> Thanks, >> -c > > Can you try doveadm -Dv backup ... > > note the -Dv goes before backup > Ok, that explains why I didn’t get anything useful as debug output. Right now, there’s only one user on either side (namely, me), so all of this seems to look sane to my (admittedly untrained) eye: doveadm(h...@coyhile.com)<63392><>: Debug: auth USER input: h...@coyhile.com password= home=/var/mail/vmail/coyhile.com/hile uid=1000 gid=1000 doveadm(h...@coyhile.com)<63392><>: Debug: Added userdb setting: plugin/password= doveadm(h...@coyhile.com): Debug: Effective uid=1000, gid=1000, home=/var/mail/vmail/coyhile.com/hile doveadm(h...@coyhile.com): Debug: acl: No acl setting - ACLs are disabled doveadm(h...@coyhile.com): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mdbox:~/mdbox doveadm(h...@coyhile.com): Debug: fs: root=/var/mail/vmail/coyhile.com/hile/mdbox, index=, indexpvt=, control=, inbox=, alt= doveadm(h...@coyhile.com): Debug: brain M: Namespace has location mdbox:~/mdbox doveadm(h...@coyhile.com): Debug: Namespace : Using permissions from /var/mail/vmail/coyhile.com/hile/mdbox: mode=0700 gid=default Error: User listing returned failure doveadm: Error: Failed to iterate through some users
Re: What does `iterate_query` for SQL want as output?
On 10/08/2019 15:51 Coy Hile via dovecot < dovecot@dovecot.org> wrote: Did you check your logs? that’s just it. There’s nothing in syslog (which is logging at mail.debug). Not just nothing useful, absolutely _nothing_ logged when I run that. All I see is this (printed, I presume to STDERR): doveadm backup -D -A -R -f ssh -i id_rsa.dsync imap01.coyhile.com /opt/local/bin/doveadm dsync-server -A Error: User listing returned failure doveadm: Error: Failed to iterate through some users dsync-local( h...@coyhile.com): Error: read(remote) failed: EOF (version not received) The last line makes sense given the earlier failure. Should this log somewhere else besides syslog? And is there some way I can isolate and test _just_ the user iteration and enumeration code to prove out that the query is correct? Clearly, from output above, it should be. Thanks, -c Can you try doveadm -Dv backup ... note the -Dv goes before backup --- Aki Tuomi
Re: What does `iterate_query` for SQL want as output?
> > Did you check your logs? > that’s just it. There’s nothing in syslog (which is logging at mail.debug). Not just nothing useful, absolutely _nothing_ logged when I run that. All I see is this (printed, I presume to STDERR): doveadm backup -D -A -R -f ssh -i id_rsa.dsync imap01.coyhile.com /opt/local/bin/doveadm dsync-server -A Error: User listing returned failure doveadm: Error: Failed to iterate through some users dsync-local(h...@coyhile.com): Error: read(remote) failed: EOF (version not received) The last line makes sense given the earlier failure. Should this log somewhere else besides syslog? And is there some way I can isolate and test _just_ the user iteration and enumeration code to prove out that the query is correct? Clearly, from output above, it should be. Thanks, -c
Re: Dovecot for imap with LDAP
On 2019-08-09, Joseph Mays via dovecot wrote: > I am looking at replacing our creaky old courier-imap server, which takes > authentication and user info from an LDAP database, with dovecot imap. Any > comments on the wisdom of this choice of action, or anything I should know > about the setting up before starting to work on it? Plenty of people have this type of setup, if you already know what you're doing with LDAP from the existing installation you shouldn't have any problem configuring it with Dovecot.
Re: What does `iterate_query` for SQL want as output?
On 09/08/2019 23:01 Coy Hile via dovecot < dovecot@dovecot.org> wrote: On Aug 9, 2019, at 3:45 PM, Aki Tuomi < aki.tu...@open-xchange.com> wrote: On 09/08/2019 22:16 Coy Hile via dovecot < dovecot@dovecot.org> wrote: Hi all, In an earlier thread, https://dovecot.org/pipermail/dovecot/2019-August/116694.html I got a lot of useful help about migration. On my older host, everything was static; on the newer host, I’m storing user information in Postgres. usernames are of the form , say ‘ h...@coyhile.com’ as basically a Kerberos principal, and authentication and individual lookups work. My `users` table looks thus: mail=> \d users Table "public.users" Column | Type | Modifiers --+--+--- username | text | not null domain | text | not null password | text | not null mail=> and contains, as an example: username | domain | password --+-+--- h...@coyhile.com | coyhile.com | [REDACTED] (1 row) Naively, I’d expect something this to work for the iteration query: iterate_query = SELECT username, domain FROM users But, when I do that, I end up doveadm backup -D -A -R -f ssh -i id_rsa.dsync imap01.coyhile.com /opt/local/bin/doveadm dsync-server -A doveadm( h...@coyhile.com@coyhile.com): Info: User no longer exists, skipping [root@81716ec5-bca4-6d53-ed81-bd1a55d46b4f /tmp]# Note the extra “@coyhile.com” in there. Thanks, — Coy Hile coy.h...@coyhile.com If your username field already contains domain, you do not need to return domain field separately. It is only needed if your username field only contains local part. That’s what I thought, and a simpler query returns the data I expect: mail=> select username from users; username -- h...@coyhile.com (1 row) mail=> Or SELECT username AS user FROM users; (if the iterate query is the column to be named `user`?) When I configure the iterate_query to be SELET username AS user FROM users; I get this: doveadm backup -D -A -R -f ssh -i id_rsa.dsync imap01.coyhile.com /opt/local/bin/doveadm dsync-server -A Error: User listing returned failure doveadm: Error: Failed to iterate through some users dsync-local( h...@coyhile.com): Error: read(remote) failed: EOF (version not received) Which brings up two questions: (1) Is there a way to get more useful debugging information than “failed to iterate through some users”? (FWIW there’s nothing relevant in syslog.) (2) Is there a way to isolate and exercise just that particular bit so that I know I’m giving it what it expects? The SQL documentation https://wiki.dovecot.org/AuthDatabase/SQL indicates that iterate_query = SELECT username AS user FROM users should return what it wants. — Coy Hile coy.h...@coyhile.com Did you check your logs? --- Aki Tuomi
