disable sieve replication with dsync
Hi,
I think I got dsync working for mail, but I'm getting these errors:
Error: sieve: file storage:
mkdir_parents_chgrp(/usr/local/etc/mail/mandelberg.org/david/sieve/tmp)
failed: Read-only file system
I'm managing sieve files externally, and I don't want any part of
dovecot writing to them. Is there any way to configure dsync to not
replicate them? I looked at doveadm-sync(1) to see about adding a flag
to replication_dsync_parameters, but the closest thing I see is -x for
excluding mailboxes. Or maybe -o? Is there a way to specify a nested
setting to -o, so I could do something like `plugin { sieve = }` for dsync?
Re: dsync error: Received unexpected input d != N
Op 02-11-2021 om 22:43 schreef David Mandelberg:
Hi,
I'm trying to set up replication with dsync, and I'm getting errors like
this:
I figured it out :)
dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received
unexpected input d != N
To debug this, I changed dsync_remote_cmd to a script with these contents:
#!/bin/sh
tee /tmp/tmp.MsfWIQCvNk/outbound.log | nc.openbsd -U
/run/dovecot/dovecot-replication-client | tee
/tmp/tmp.MsfWIQCvNk/inbound.log
Then looking at the inbound.log file, the lines that seemed to be
causing the "d != N" errors looked like this:
dsync-remote(da...@mandelberg.org)<...>: Error: dsync(local): Remote
dsync doesn't use compatible protocol
I had written a wrapper script in python that did this:
username = sys.stdin.readline().rstrip('\n')
os.execvp('doveadm', ('doveadm', 'dsync-server', '-u', username))
Apparently sys.stdin.readline() reads more than just the one line from
stdin, so it was consuming the VERSION line.
The actual issue was totally my fault for the wrapper script, but is
there any chance dovecot could log the "Remote dsync doesn't use
compatible protocol" lines instead of (or in addition to) sending them
to the other end? That would have saved some debugging effort.
dsync error: Received unexpected input d != N
Hi,
I'm trying to set up replication with dsync, and I'm getting errors like
this:
dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received
unexpected input d != N
I tried the `doveadm -D sync` command from
https://doc.dovecot.org/configuration_manual/replication/#administration
and its output looked like:
...
dsync-local(da...@mandelberg.org)<...>: Debug: brain M: Locking done by
remote (local hostname=..., remote hostname=...)
dsync-local(da...@mandelberg.org)<...>: Debug: brain M: Local mailbox
tree: ...
[line above repeated many times for different mailboxes]
dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received
unexpected input d != N
dsync-local(da...@mandelberg.org)<...>: Error: dsync(...): Received
unexpected input d != N
dsync-local(da...@mandelberg.org)<...>: Debug: auth-master: conn
unix:/run/dovecot/auth-userdb (pid=47097,uid=0): Disconnected:
Connection closed (fd=8)
I'm a bit stuck. Does anybody have any ideas what's going on? The output
of `doveconf -n` is attached.
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.10.0-9-amd64 x86_64 Debian 11.1 ext4
# Hostname: mail-storage-bbf78862.virgo.mandelberg.org
auth_username_chars =
+-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
dsync_remote_cmd = nc.openbsd -U /run/dovecot/dovecot-replication-client
lda_mailbox_autosubscribe = yes
mail_gid = vmail
mail_home = /var/cache/mail/%{domain}/%{username}/dovecot-home
mail_location =
maildir:/var/local/mail/persistent/mail/%{domain}/%{username}/Maildir
mail_plugins = listescape notify replication
mail_uid = vmail
namespace inbox {
inbox = yes
location =
mailbox Archive {
special_use = \Archive
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
}
passdb {
args = /etc/dovecot/conf.d/10-passwd.passdb
driver = passwd-file
}
plugin {
mail_replica = remoteprefix:f...@mail-storage-acadbae1.fornax.mandelberg.org
sieve =
file:/usr/local/etc/mail/%{domain}/%{username}/sieve;active=/var/cache/mail/%{domain}/%{username}/active.sieve;bindir=/var/cache/mail/%{domain}/%{username}/sieve
sieve_before = file:/etc/dovecot/sieve-before
sieve_filter_bin_dir = /etc/dovecot/sieve-filter-bin
sieve_filter_exec_timeout = 540s
sieve_global_extensions = +vnd.dovecot.filter
sieve_plugins = sieve_extprograms
sieve_user_log =
/var/local/mail/persistent/mail/%{domain}/%{username}/sieve.log
}
postmaster_address = postmaster@%{hostname}
protocols = " imap lmtp"
service aggregator {
fifo_listener replication-notify-fifo {
user = vmail
}
unix_listener replication-notify {
user = vmail
}
}
service auth-worker {
user = $default_internal_user
}
service auth {
unix_listener auth-userdb {
group = vmail
mode = 0660
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
group = stunnel4
mode = 0660
}
user = vmail
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
mode = 0600
user = vmail
}
}
service stats {
unix_listener stats-writer {
mode = 0666
}
}
ssl = required
ssl_cert =
Re: writing Maildir subscriptions file outside of dovecot
Op 07-10-2021 om 02:33 schreef Aki Tuomi:
On 06/10/2021 22:52 David Mandelberg wrote:
Hi,
Is it safe to write to the Maildir subscriptions file directly?
I'm trying to figure out a way to make sure the subscriptions match the
actual folders exactly. I know how to subscribe to existing mailboxes
with `doveadm mailbox list` and `doveadm mailbox subscribe`, but the
latter seems to only accept mailboxes on the command line, and any local
user can see the command line of any other user's commands. Also, that
doesn't handle unsubscribing from non-existent mailboxes. I think
unsubscribing from any mailboxes listed in `doveadm mailbox list -s` but
not in `doveadm mailbox list` would work, but it has the same issue of
mailboxes on the command line.
It looks like I could do what I want with something like this command,
but I'm not sure if it's safe to write directly to the subscriptions file:
{ echo INBOX; ls -1A | grep '^\.' | cut -c 2-; } > subscriptions
(I was also thinking about using `doveadm mailbox list` to write the
subscriptions file directly, but it looks like they use different
separators and encodings.)
You could also use the doveadm HTTP API to handle subscription changes? It
should be safe to modify that file though, especially if the user is not logged
in.
That API looks easy to use, thanks for the pointer! Though I'd rather
not add credentials for it, and I don't see an easy way to make HTTP
requests over a unix socket in Python. Oh well.
I also realized that if/when I set up dsync replication, writing
directly to a file could get complicated. Maybe I'll just make a cron
job to compare `doveadm mailbox list` and `doveadm mailbox list -s`, and
send an email if there's any difference.
writing Maildir subscriptions file outside of dovecot
Hi,
Is it safe to write to the Maildir subscriptions file directly?
I'm trying to figure out a way to make sure the subscriptions match the
actual folders exactly. I know how to subscribe to existing mailboxes
with `doveadm mailbox list` and `doveadm mailbox subscribe`, but the
latter seems to only accept mailboxes on the command line, and any local
user can see the command line of any other user's commands. Also, that
doesn't handle unsubscribing from non-existent mailboxes. I think
unsubscribing from any mailboxes listed in `doveadm mailbox list -s` but
not in `doveadm mailbox list` would work, but it has the same issue of
mailboxes on the command line.
It looks like I could do what I want with something like this command,
but I'm not sure if it's safe to write directly to the subscriptions file:
{ echo INBOX; ls -1A | grep '^\.' | cut -c 2-; } > subscriptions
(I was also thinking about using `doveadm mailbox list` to write the
subscriptions file directly, but it looks like they use different
separators and encodings.)
Re: sieve: active= doesn't seem to use bindir=
Op 05-10-2021 om 15:03 schreef dove...@ptld.com:
It looks like dovecot is trying to save the
compiled active script to the same directory as the source file,
instead of to bindir. Am I missing something?
sieve =
file:/usr/local/etc/mail/%{domain}/%{username}/sieve;
active=/usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve;
bindir=/var/cache/mail/%{domain}/%{username}/sieve
Active= tells where to save the complied active script. In the above
config it is being told to save to
/usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve;
I thought active was where to read the active source script from? I'm
not using managesieve, so I wouldn't expect dovecot to try writing to
that file. I don't see anything in
https://doc.dovecot.org/configuration_manual/sieve/configuration/ about
active pointing at a compiled file, just stuff about it pointing at a
source file.
Which is the same directory as the scripts set with file:
/usr/local/etc/mail/%{domain}/%{username}/sieve
If you want the compiled to save in same path as bindir then change
active to match
active=/var/cache/mail/%{domain}/%{username}/sieve/.active.sieve;
Yup, I did that and it worked, but it doesn't seem to match the
documentation. It's also slightly (but only slightly) annoying to have
to write to the cache dir from my configuration management system,
instead of writing to the source dir.
sieve: active= doesn't seem to use bindir=
Hi,
I'm trying to set up dovecot to read sieve source files from a read-only
directory, and save compiled binaries to a separate directory with the
bindir option. That worked when I pointed the sieve option at a single
file, but I just changed it to point at a directory and added the
active= option, also pointing at a symlink in a read-only directory. It
looks like dovecot is trying to save the compiled active script to the
same directory as the source file, instead of to bindir. Am I missing
something?
$ doveconf -n
# 2.3.13 (89f716dc2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.13 (cdd19fe3)
# OS: Linux 5.10.0-8-amd64 x86_64 Debian 11.0 ext4
...
plugin {
sieve =
file:/usr/local/etc/mail/%{domain}/%{username}/sieve;active=/usr/local/etc/mail/%{domain}/%{username}/sieve/.active.sieve;bindir=/var/cache/mail/%{domain}/%{username}/sieve
sieve_before = file:/etc/dovecot/sieve-before
sieve_filter_bin_dir = /etc/dovecot/sieve-filter-bin
sieve_filter_exec_timeout = 30s
sieve_global_extensions = +vnd.dovecot.filter
sieve_plugins = sieve_extprograms
sieve_user_log =
/var/local/mail/persistent/mail/%{domain}/%{username}/sieve.log
}
...
Relevant logs:
lmtp(da...@mandelberg.org)<90751>: Error:
open(/usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin.mail-storage-bbf78862.90751.be1286bb0bf97ee9)
failed: Read-only file system
lmtp(da...@mandelberg.org)<90751>: Error: sieve:
binary /usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin:
save: failed to create temporary file:
open(/usr/local/etc/mail/mandelberg.org/david/sieve/.active.svbin.)
failed: Read-only file system
\Noselect isn't set on namespace prefix mailbox that can't be selected
Hi,
I tried using Nextcloud's Mail app to access my dovecot server (version:
2.2.27 (c0f36b0)), and got an error. The relevant imap log is:
C: 3 LIST () "" (*) RETURN (SPECIAL-USE)
...
S: * LIST () "/" Archives
...
C: 6 STATUS Archives (MESSAGES)
S: 6 NO Mailbox isn't selectable (0.000 + 0.000 secs).
>> Command 6 took 0.0014 seconds.
C: 7 LOGOUT
S: * BYE Logging out
S: 7 OK Logout completed (0.000 + 0.000 secs).
>> Command 7 took 0.0021 seconds.
And the relevant part of my dovecot config:
namespace archives {
disabled = no
hidden = no
ignore_on_failure = no
inbox = no
list = yes
location = mbox:~/.mbox-archives
order = 0
prefix = Archives/
separator = /
subscriptions = yes
type = private
}
Since ~/.mbox-archives is a directory, not a regular file, I'd expect
dovecot to set the \Noselect attribute on the Archives folder. Is there
something I'm missing? I tried using special_use, but that didn't accept
\Noselect as an option.
