Re: dovecot-lda can't create /var/mail dotlocks on debian
Yep, yep, yep, consider this solved. I believe I understand the issues involved, now. Many thanks for your help! John Clements On Tue, Nov 3, 2015 at 12:44 PM, Larry Rosenman wrote: > Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Effective > uid=1003, gid=1003, home=/home/granitemon > > > Nov 3 12:23:05 desmond dovecot: lda(granitemon): Error: > setegid(privileged) failed: Operation not permitted > > > so it's running as the normal user, and NOT with the mail group. > > I'm using exim with LMTP. LMTP is NOT a bad thing, and might make your > life easier. It does allow you to add sieve scripting if you want to via > pigeonhole. > > Sorry, I'm at a loss, as I do NOT run postfix. I'm not sure what it needs > to invoke dovecot-lda with gid mail in the group list. > > > > On Tue, Nov 3, 2015 at 2:40 PM, John Clements > wrote: > >> Well, first, here are the logs I generated: >> >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Effective >> uid=1003, gid=1003, home=/home/granitemon >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Namespace inbox: >> type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, >> subscriptions=yes location=mbox:~/mail:INBOX=/var/mail/granitemon >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: fs: >> root=/home/granitemon/mail, index=, indexpvt=, control=, >> inbox=/var/mail/granitemon, alt= >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: userdb lookup >> skipped, username taken from USER environment >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: none: root=, >> index=, indexpvt=, control=, inbox=, alt= >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Destination >> address: granite...@desmond.brinckerhoff.org (source: user@hostname) >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Error: >> setegid(privileged) failed: Operation not permitted >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): msgid=< >> 20151103202305.88be05f...@desmond.brinckerhoff.org>: save failed to >> INBOX: BUG: Unknown internal error >> Nov 3 12:23:05 desmond dovecot: lda(granitemon): Error: >> setegid(privileged) failed: Operation not permitted >> Nov 3 12:23:05 desmond postfix/local[26490]: 88BE05FF39: >> to=, relay=local, delay=0.04, >> delays=0.01/0.01/0/0.02, dsn=4.3.0, status=deferred (temporary failure) >> >> At this point... well, I don't understand why dovecot signals an "Unknown >> internal error," but I think I understand that even if I *do* get this >> working, I'm pretty much throwing in the towel, because since postfix >> invokes the lda as the user receiving the mail, then this only works if all >> users receiving mail are in the mail group, which means any of them can >> mess up any other's mbox. >> >> So, it looks like even if this bug is fixed, I'm left with two obvious >> choices: >> - make /var/mail writeable by all users that receive mail, or >> - use LMTP instead. >> >> Many thanks for your help, >> >> John Clements >> >> >> On Tue, Nov 3, 2015 at 12:13 PM, Larry Rosenman >> wrote: >> >>> and, are you SURE that dovecot-lda has mail in it's group list when it >>> is executing? >>> >>> On Tue, Nov 3, 2015 at 2:12 PM, Larry Rosenman >>> wrote: >>> >>>> Hrm. if you turn up the debug on lda, do you get any more of a clue? >>>> >>>> Those permissions look fine to me. >>>> >>>> >>>> On Tue, Nov 3, 2015 at 2:10 PM, John Clements >>>> wrote: >>>> >>>>> clements@desmond:/var/log$ ls -lda /var/mail >>>>> drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail >>>>> >>>>> >>>>> Best, >>>>> >>>>> John Clements >>>>> >>>>> On Tue, Nov 3, 2015 at 11:52 AM, Larry Rosenman >>>>> wrote: >>>>> >>>>>> what is the full permissions of /var/mail? >>>>>> >>>>>> >>>>>> ls -lda /var/mail >>>>>> >>>>>> On Tue, Nov 3, 2015 at 1:49 PM, John Clements < >>>>>> johnbcleme...@gmail.com> wrote: >>>>>> >>>>>>> I've been using dovecot+postfix happily for many years, and I'm now >>>>>>> configuring it for a new machine. However, I'm running into an old >>>>>>> problem >>>>>&
Re: dovecot-lda can't create /var/mail dotlocks on debian
Well, first, here are the logs I generated: Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Effective uid=1003, gid=1003, home=/home/granitemon Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:~/mail:INBOX=/var/mail/granitemon Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: fs: root=/home/granitemon/mail, index=, indexpvt=, control=, inbox=/var/mail/granitemon, alt= Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: userdb lookup skipped, username taken from USER environment Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Nov 3 12:23:05 desmond dovecot: lda(granitemon): Debug: Destination address: granite...@desmond.brinckerhoff.org (source: user@hostname) Nov 3 12:23:05 desmond dovecot: lda(granitemon): Error: setegid(privileged) failed: Operation not permitted Nov 3 12:23:05 desmond dovecot: lda(granitemon): msgid=< 20151103202305.88be05f...@desmond.brinckerhoff.org>: save failed to INBOX: BUG: Unknown internal error Nov 3 12:23:05 desmond dovecot: lda(granitemon): Error: setegid(privileged) failed: Operation not permitted Nov 3 12:23:05 desmond postfix/local[26490]: 88BE05FF39: to=, relay=local, delay=0.04, delays=0.01/0.01/0/0.02, dsn=4.3.0, status=deferred (temporary failure) At this point... well, I don't understand why dovecot signals an "Unknown internal error," but I think I understand that even if I *do* get this working, I'm pretty much throwing in the towel, because since postfix invokes the lda as the user receiving the mail, then this only works if all users receiving mail are in the mail group, which means any of them can mess up any other's mbox. So, it looks like even if this bug is fixed, I'm left with two obvious choices: - make /var/mail writeable by all users that receive mail, or - use LMTP instead. Many thanks for your help, John Clements On Tue, Nov 3, 2015 at 12:13 PM, Larry Rosenman wrote: > and, are you SURE that dovecot-lda has mail in it's group list when it is > executing? > > On Tue, Nov 3, 2015 at 2:12 PM, Larry Rosenman wrote: > >> Hrm. if you turn up the debug on lda, do you get any more of a clue? >> >> Those permissions look fine to me. >> >> >> On Tue, Nov 3, 2015 at 2:10 PM, John Clements >> wrote: >> >>> clements@desmond:/var/log$ ls -lda /var/mail >>> drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail >>> >>> >>> Best, >>> >>> John Clements >>> >>> On Tue, Nov 3, 2015 at 11:52 AM, Larry Rosenman >>> wrote: >>> >>>> what is the full permissions of /var/mail? >>>> >>>> >>>> ls -lda /var/mail >>>> >>>> On Tue, Nov 3, 2015 at 1:49 PM, John Clements >>>> wrote: >>>> >>>>> I've been using dovecot+postfix happily for many years, and I'm now >>>>> configuring it for a new machine. However, I'm running into an old >>>>> problem >>>>> again, and thinking that there must be a better solution. >>>>> >>>>> The problem is that dovecot-lda is unable to create dotlock files in >>>>> the >>>>> /var/mail directory. >>>>> >>>>> Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream >>>>> version >>>>> 2.2.13) >>>>> OS: Debian Jessie >>>>> >>>>> Currently, my mail directory has these permissions: >>>>> >>>>> clements@desmond:~$ ls -ld /var/mail >>>>> drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail >>>>> clements@desmond:~$ ls -l /var/mail >>>>> total 8 >>>>> -rw--- 1 clements mail 1382 Nov 2 21:59 clements >>>>> -rw--- 1 granitemon mail 530 Nov 2 22:07 granitemon >>>>> >>>>> I've added >>>>> mail_privileged_group = mail >>>>> to allow creation of the dotlock files. >>>>> >>>>> When I configure postfix to deliver using dovecot-lda, I get logs that >>>>> look >>>>> like this: >>>>> >>>>> Nov 3 11:12:20 desmond dovecot: lda(granitemon): Error: >>>>> setegid(privileged) failed: Operation not permitted >>>>> Nov 3 11:12:20 desmond dovecot: lda(granitemon): msgid=< >>>>> 20151103181306.a4b5b5f...@desmond.xxxdomain.org>: save failed to >>>>> INBOX: >>>>> BUG: Unknown interna
Re: dovecot-lda can't create /var/mail dotlocks on debian
clements@desmond:/var/log$ ls -lda /var/mail drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail Best, John Clements On Tue, Nov 3, 2015 at 11:52 AM, Larry Rosenman wrote: > what is the full permissions of /var/mail? > > > ls -lda /var/mail > > On Tue, Nov 3, 2015 at 1:49 PM, John Clements > wrote: > >> I've been using dovecot+postfix happily for many years, and I'm now >> configuring it for a new machine. However, I'm running into an old problem >> again, and thinking that there must be a better solution. >> >> The problem is that dovecot-lda is unable to create dotlock files in the >> /var/mail directory. >> >> Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream version >> 2.2.13) >> OS: Debian Jessie >> >> Currently, my mail directory has these permissions: >> >> clements@desmond:~$ ls -ld /var/mail >> drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail >> clements@desmond:~$ ls -l /var/mail >> total 8 >> -rw--- 1 clements mail 1382 Nov 2 21:59 clements >> -rw--- 1 granitemon mail 530 Nov 2 22:07 granitemon >> >> I've added >> mail_privileged_group = mail >> to allow creation of the dotlock files. >> >> When I configure postfix to deliver using dovecot-lda, I get logs that >> look >> like this: >> >> Nov 3 11:12:20 desmond dovecot: lda(granitemon): Error: >> setegid(privileged) failed: Operation not permitted >> Nov 3 11:12:20 desmond dovecot: lda(granitemon): msgid=< >> 20151103181306.a4b5b5f...@desmond.xxxdomain.org>: save failed to INBOX: >> BUG: Unknown internal error >> >> In order to isolate the error, I took postfix out of the equation, and >> called dovecot-lda directly: >> >> clements@desmond:/tmp$ cat bogusmail >> From: cleme...@xxxdomain.org >> To: granitemon@localhost >> Date: November 3 2015 >> Subject: grh >> >> this is the body >> clements@desmond:/tmp$ /usr/lib/dovecot/dovecot-lda -e -d clements < >> bogusmail >> BUG: Unknown internal error >> clements@desmond:/tmp$ >> >> In response to this, mail.log now contains this similar error: >> >> Nov 3 11:34:57 desmond dovecot: lda(clements): msgid=unspecified: save >> failed to INBOX: BUG: Unknown internal error >> Nov 3 11:34:57 desmond dovecot: lda(clements): Error: setegid(privileged) >> failed: Operation not permitted >> >> >> I've tried a number of "random internet search" solutions, including >> - changing perms on mail files from 660 to 600 >> - enabling 'mail_access_groups=mail' in 10-mail.conf >> - adding individual users to the mail group. >> >> I guess I'm pretty confident that if dovecot is writing "BUG: Unknown >> internal error" in the logs, that this is is actually a bug in dovecot. >> >> OBresearch: I read through the release notes of 2.2.14 -- 2.2.19 to see if >> a relevant-looking bug had been fixed, but nothing jumped out at me. >> OBresearch: searching the dovecot mailing list, I found one *extremely* >> relevant thread called "Re: [Dovecot] started with dovecot sieve >> <http://dovecot.markmail.org/message/kgd34wberxuvmrsa?q=setegid>", but >> there didn't seem to be a solution contained in the thread. >> >> Final note: this doesn't appear to be confined to debian jessie: I took a >> look at my existing installation, and I see that in fact I just went ahead >> and made /var/mail world-writeable, which seems... sub-optimal. I'm sure I >> could do that here, too, but I'd certainly rather not. >> >> Thanks in advance, and let me know if I've left out relevant crucial >> information. >> >> Best, >> >> John Clements >> > > > > -- > Larry Rosenman http://www.lerctr.org/~ler > Phone: +1 214-642-9640 (c) E-Mail: larry...@gmail.com > US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961 >
dovecot-lda can't create /var/mail dotlocks on debian
I've been using dovecot+postfix happily for many years, and I'm now configuring it for a new machine. However, I'm running into an old problem again, and thinking that there must be a better solution. The problem is that dovecot-lda is unable to create dotlock files in the /var/mail directory. Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream version 2.2.13) OS: Debian Jessie Currently, my mail directory has these permissions: clements@desmond:~$ ls -ld /var/mail drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail clements@desmond:~$ ls -l /var/mail total 8 -rw--- 1 clements mail 1382 Nov 2 21:59 clements -rw--- 1 granitemon mail 530 Nov 2 22:07 granitemon I've added mail_privileged_group = mail to allow creation of the dotlock files. When I configure postfix to deliver using dovecot-lda, I get logs that look like this: Nov 3 11:12:20 desmond dovecot: lda(granitemon): Error: setegid(privileged) failed: Operation not permitted Nov 3 11:12:20 desmond dovecot: lda(granitemon): msgid=< 20151103181306.a4b5b5f...@desmond.xxxdomain.org>: save failed to INBOX: BUG: Unknown internal error In order to isolate the error, I took postfix out of the equation, and called dovecot-lda directly: clements@desmond:/tmp$ cat bogusmail From: cleme...@xxxdomain.org To: granitemon@localhost Date: November 3 2015 Subject: grh this is the body clements@desmond:/tmp$ /usr/lib/dovecot/dovecot-lda -e -d clements < bogusmail BUG: Unknown internal error clements@desmond:/tmp$ In response to this, mail.log now contains this similar error: Nov 3 11:34:57 desmond dovecot: lda(clements): msgid=unspecified: save failed to INBOX: BUG: Unknown internal error Nov 3 11:34:57 desmond dovecot: lda(clements): Error: setegid(privileged) failed: Operation not permitted I've tried a number of "random internet search" solutions, including - changing perms on mail files from 660 to 600 - enabling 'mail_access_groups=mail' in 10-mail.conf - adding individual users to the mail group. I guess I'm pretty confident that if dovecot is writing "BUG: Unknown internal error" in the logs, that this is is actually a bug in dovecot. OBresearch: I read through the release notes of 2.2.14 -- 2.2.19 to see if a relevant-looking bug had been fixed, but nothing jumped out at me. OBresearch: searching the dovecot mailing list, I found one *extremely* relevant thread called "Re: [Dovecot] started with dovecot sieve <http://dovecot.markmail.org/message/kgd34wberxuvmrsa?q=setegid>", but there didn't seem to be a solution contained in the thread. Final note: this doesn't appear to be confined to debian jessie: I took a look at my existing installation, and I see that in fact I just went ahead and made /var/mail world-writeable, which seems... sub-optimal. I'm sure I could do that here, too, but I'd certainly rather not. Thanks in advance, and let me know if I've left out relevant crucial information. Best, John Clements
Re: [Dovecot] occasional dovecot crash, core captured but no symbol table info?
On Aug 26, 2011, at 10:30 PM, mail...@securitylabs.it wrote: > Il 26/08/2011 20:38, John Clements ha scritto: >> Dovecot is crashing occasionally for me. Today it crashed six times in >> quick succession, as I fired up a computer (Mac) I hadn't used in a while, >> and my mail application (Apple Mail) tried to synchronize many large >> mailboxes. >> >> The log entries look like this: >> >> Aug 26 10:26:15 computer dovecot: dovecot: child 23223 (imap) killed with >> signal 6 (core dumped) >> Aug 26 10:26:30 computer dovecot: IMAP(granitemon): Panic: file >> istream-raw-mbox.c: line 583 (istream_raw_mbox_get_body_size): assertion >> failed: (rstream->body_offset != (uoff_t)-1) > > Hello, > > http://www.dovecot.org/list/dovecot/2010-March/047426.html > > dunno if it has been fixed in 1.2.16 or 1.2.17, you may try to upgrade to > 1.2.17 or apply the above patch. Thanks for googling that for me... :) The tone of that message suggests that this core dump is probably not associated with data loss; any idea if that's true? Thanks and apologies for not doing enough homework, John Clements
[Dovecot] occasional dovecot crash, core captured but no symbol table info?
6/cmov/libnss_compat.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/i686/cmov/libnss_compat.so.2 Reading symbols from /lib/i686/cmov/libnsl.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/i686/cmov/libnsl.so.1 Reading symbols from /lib/i686/cmov/libnss_nis.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/i686/cmov/libnss_nis.so.2 Reading symbols from /lib/i686/cmov/libnss_files.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/i686/cmov/libnss_files.so.2 Reading symbols from /lib/libgcc_s.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libgcc_s.so.1 Core was generated by `imap'. Program terminated with signal 6, Aborted. #0 0xb7788424 in __kernel_vsyscall () (gdb) bt full #0 0xb7788424 in __kernel_vsyscall () No symbol table info available. #1 0xb7607751 in raise () from /lib/i686/cmov/libc.so.6 No symbol table info available. #2 0xb760ab82 in abort () from /lib/i686/cmov/libc.so.6 No symbol table info available. #3 0x080f0e2e in ?? () No symbol table info available. #4 0x080f0e82 in ?? () No symbol table info available. #5 0x080f0809 in i_panic () No symbol table info available. #6 0x08092f47 in istream_raw_mbox_get_body_size () No symbol table info available. #7 0x08093025 in istream_raw_mbox_next () No symbol table info available. #8 0x08093323 in istream_raw_mbox_seek () No symbol table info available. #9 0x08093745 in mbox_file_seek () No symbol table info available. #10 0x08095852 in ?? () No symbol table info available. #11 0x08095c8d in ?? () No symbol table info available. #12 0x080a35c3 in index_mail_set_seq () No symbol table info available. #13 0x08095fb9 in ?? () No symbol table info available. #14 0x080a763b in index_storage_search_next_nonblock () No symbol table info available. #15 0x080b5c1a in mailbox_search_next_nonblock () No symbol table info available. #16 0x080b5c68 in mailbox_search_next () No symbol table info available. #17 0x0806a4c4 in imap_fetch_more () No symbol table info available. #18 0x08062665 in ?? () No symbol table info available. #19 0x0806753f in ?? () No symbol table info available. #20 0x0806862b in client_output () No symbol table info available. #21 0x0810007e in ?? () No symbol table info available. #22 0x080f9aa6 in io_loop_handler_run () ---Type to continue, or q to quit--- No symbol table info available. #23 0x080f8f20 in io_loop_run () No symbol table info available. #24 0x08070f24 in main () No symbol table info available. (gdb) q Does anyone have any suggestions, here? Many thanks in advance; let me know if I can provide more information! All the best, John Clements smime.p7s Description: S/MIME cryptographic signature
Re: [Dovecot] sieve on debian squeeze
On Jul 27, 2011, at 12:09 PM, Andrea Ganduglia wrote: > On Wed, Jul 27, 2011 at 5:28 PM, Remy Zandwijk wrote: >> On 27.07.2011 17:22 , Andrea Ganduglia wrote: >>> >>> On Wed, Jul 27, 2011 at 5:18 PM, Antoine Nguyen >>> wrote: >>>> >>>> 2011/7/27 Andrea Ganduglia >>>>> >>>>> On Wed, Jul 27, 2011 at 4:33 PM, Antoine Nguyen >>>>> wrote: >>>>>> >>>>>> 2011/7/27 Andrea Ganduglia >>>>>> >>>>>>> Hi. I have a quite problem with dovecot and sieve on Debian Squeeze. >>>>>>> >>>>>>> I'm trying to enable sieve plugin into dovecot, but something is >>>>>>> deeply wrong. I hope that this is the right place to give some help. >>>>>>> >>>>>>> There are no errors or warning messages, simply sieve don't works. >>>>>> >>>>>> I think you need to use dovecot as the LDA if you want sieve filters to >>>>>> be >>>>>> applied. >>>>>> >>>>>> Have you tried to replace virtual_tranport in the main.cf file? (ie. >>>>>> virtual_transport = dovecot) >>>>>> >>>>>> Antoine >> >> Is this helping you? >> >> http://tech.groups.yahoo.com/group/postfix-users/message/274981 > > > OK. I tried all. It just doesn't works. virtual_transport = dovecot > (or maildrop) return relay=none. Now I want work out how I can add a > relay into chain, I think that is the base of this issue. I'm certain that others on the list are better at reading between the lines than I am, but you really need to be more explicit about what's happening; provide a sequence of operations, the resulting behavior, and the behavior you expect. Apologies in advance if this message comes across as rude, or if I've missed something obvious. All the best, John Clements smime.p7s Description: S/MIME cryptographic signature
