Re: Timo - is the v2.3.15 GCC limitation really necessarily or it's just a bug?
Hi,
Update:
1) Centos 5 and 6, compiled GCC 4.8.5 and successfully built Dovecot v2.3.15.
2) RedHat based customized build, first compiled GCC 4.7.4 and with it compiled
GCC 4.8.5, then added --disable-hardening to options, got new error:
In file included from /usr/include/sys/wait.h:79:0,
from db-checkpassword.c:21:
db-checkpassword.c: In function 'sigchld_handler':
db-checkpassword.c:426:6: error: assignment of read-only member '__in'
if (WIFSIGNALED(status->status)) {
^
...
As Docvecot does not support INC_PATH= and ignores --includedir= option, I
replaced the /usr/include/sys/wait.h file from the newer glibc-headers package
and successfully built Dovecot v2.3.15.
Old text:
Compiled GCC 4.7.4 with options:
--enable-languages=c,c++ --disable-multilib
Compiled Dovecot v2.3.15 wih options:
export CC=/usr/local/gcc-4.7.4/bin/gcc
export CXX=/usr/local/gcc-4.7.4/bin/g++
./configure --prefix=/usr --with-ssl=openssl --with-ssldir=/etc/ssl
--sysconfdir=/etc --with-pam --without-bsdauth --without-sql --without-nss
--without-ldap --without-pgsql --without-mysql --without-sqlite
--with-rundir=/var/run/dovecot --without-cassandra --without-lucene
--without-solr --without-textcat --without-libcap --without-stemmer
--disable-rpath --disable-dependency-tracking --disable-silent-rules
--without-gssapi --without-cdb
Got error:
configure: error: fd passing is required for Dovecot to work
Added --disable-hardening and got further, but then with GCC 4.7.4, now I'm
getting same old error, which I first got 4 years ago with version v2.2.30 and
which Timo fixed - https://dovecot.org/list/dovecot/2017-June/108418.html
db-checkpassword.c: In function 'sigchld_handler':
db-checkpassword.c:426:6: error: assignment of read-only member '__in'
db-checkpassword.c:427:3: error: assignment of read-only member '__in'
db-checkpassword.c:431:13: error: assignment of read-only member '__in'
db-checkpassword.c:432:26: error: assignment of read-only member '__in'
make[3]: *** [db-checkpassword.lo] Error 1
Due GCC segmentation faults during compilation, so far I'm unable to compile
any newer GCC, but got also same result with GCC 4.6.4.
Please advise?
Mart
Timo Sirainen wrote:
> On 29. Jul 2021, at 7.21, Mart Pirita <mailto:m...@e-positive.ee>> wrote:
>>
>> Hello.
>>
>> So far I have successfully built Dovecot until v2.3.14 on Centos 4-6 (yes I
>> know, they are old, but as they are remote servers, distros can't upgraded),
>> and sometimes I have also met compilation issues, but after highlighting
>> them, Timo have fixed the code.
>>
>> Found from similar thread (Dovecot 2.3.15 compilation fails
>> https://dovecot.org/list/dovecot/2021-June/122412.html ) that new GCC is
>> needed. However I can't find such requirement in v2.3.15 change log.
>
> Looks like we forgot to mention that.
>
>> As seems that I'm not the only one with compilation issues, then @Timo - can
>> You please fix the code so that also v2.3.15 can compiled on older distros?
>
> Sorry, it's no longer possible. The buffer.h API had to be changed to fix
> some real bugs:
> https://github.com/dovecot/core/commit/1d9b4e14008b15b7a34b5c633b09b9670e866256
>
> The original way I changed it would have made the code more complex and it
> was also a huge change. The final method was much simpler, but it requires
> now compiler support for anonymous unions and anonymous structs, i.e. C11.
> Although some older GCCs should also support it, but I guess you've a too old
> version.
>
Re: Timo - is the v2.3.15 GCC limitation really necessarily or it's just a bug?
Hi, Compiled GCC 4.7.4 with options: --enable-languages=c,c++ --disable-multilib Compiled Dovecot v2.3.15 wih options: export CC=/usr/local/gcc-4.7.4/bin/gcc export CXX=/usr/local/gcc-4.7.4/bin/g++ ./configure --prefix=/usr --with-ssl=openssl --with-ssldir=/etc/ssl --sysconfdir=/etc --with-pam --without-bsdauth --without-sql --without-nss --without-ldap --without-pgsql --without-mysql --without-sqlite --with-rundir=/var/run/dovecot --without-cassandra --without-lucene --without-solr --without-textcat --without-libcap --without-stemmer --disable-rpath --disable-dependency-tracking --disable-silent-rules --without-gssapi --without-cdb Got error: configure: error: fd passing is required for Dovecot to work Added --disable-hardening and got further, but then with GCC 4.7.4, now I'm getting same old error, which I first got 4 years ago with version v2.2.30 and which Timo fixed - https://dovecot.org/list/dovecot/2017-June/108418.html db-checkpassword.c: In function 'sigchld_handler': db-checkpassword.c:426:6: error: assignment of read-only member '__in' db-checkpassword.c:427:3: error: assignment of read-only member '__in' db-checkpassword.c:431:13: error: assignment of read-only member '__in' db-checkpassword.c:432:26: error: assignment of read-only member '__in' make[3]: *** [db-checkpassword.lo] Error 1 Due GCC segmentation faults during compilation, so far I'm unable to compile any newer GCC, but got also same result with GCC 4.6.4. Please advise? Mart Timo Sirainen wrote: > On 29. Jul 2021, at 7.21, Mart Pirita <mailto:m...@e-positive.ee>> wrote: >> >> Hello. >> >> So far I have successfully built Dovecot until v2.3.14 on Centos 4-6 (yes I >> know, they are old, but as they are remote servers, distros can't upgraded), >> and sometimes I have also met compilation issues, but after highlighting >> them, Timo have fixed the code. >> >> Found from similar thread (Dovecot 2.3.15 compilation fails >> https://dovecot.org/list/dovecot/2021-June/122412.html ) that new GCC is >> needed. However I can't find such requirement in v2.3.15 change log. > > Looks like we forgot to mention that. > >> As seems that I'm not the only one with compilation issues, then @Timo - can >> You please fix the code so that also v2.3.15 can compiled on older distros? > > Sorry, it's no longer possible. The buffer.h API had to be changed to fix > some real bugs: > https://github.com/dovecot/core/commit/1d9b4e14008b15b7a34b5c633b09b9670e866256 > > The original way I changed it would have made the code more complex and it > was also a huge change. The final method was much simpler, but it requires > now compiler support for anonymous unions and anonymous structs, i.e. C11. > Although some older GCCs should also support it, but I guess you've a too old > version. >
Re: Timo - is the v2.3.15 GCC limitation really necessarily or it's just a bug?
Hi, This is very bad news. I don't think that disto is old, if I can compile almost every software with it. So at the moment I have two choices, newer upgrade Dovecot or rollback the buffer_t changes and use latest version? Mart Timo Sirainen wrote: > On 29. Jul 2021, at 7.21, Mart Pirita <mailto:m...@e-positive.ee>> wrote: >> >> Hello. >> >> So far I have successfully built Dovecot until v2.3.14 on Centos 4-6 (yes I >> know, they are old, but as they are remote servers, distros can't upgraded), >> and sometimes I have also met compilation issues, but after highlighting >> them, Timo have fixed the code. >> >> Found from similar thread (Dovecot 2.3.15 compilation fails >> https://dovecot.org/list/dovecot/2021-June/122412.html ) that new GCC is >> needed. However I can't find such requirement in v2.3.15 change log. > > Looks like we forgot to mention that. > >> As seems that I'm not the only one with compilation issues, then @Timo - can >> You please fix the code so that also v2.3.15 can compiled on older distros? > > Sorry, it's no longer possible. The buffer.h API had to be changed to fix > some real bugs: > https://github.com/dovecot/core/commit/1d9b4e14008b15b7a34b5c633b09b9670e866256 > > The original way I changed it would have made the code more complex and it > was also a huge change. The final method was much simpler, but it requires > now compiler support for anonymous unions and anonymous structs, i.e. C11. > Although some older GCCs should also support it, but I guess you've a too old > version. >
Timo - is the v2.3.15 GCC limitation really necessarily or it's just a bug?
Hello. So far I have successfully built Dovecot until v2.3.14 on Centos 4-6 (yes I know, they are old, but as they are remote servers, distros can't upgraded), and sometimes I have also met compilation issues, but after highlighting them, Timo have fixed the code. Found from similar thread (Dovecot 2.3.15 compilation fails https://dovecot.org/list/dovecot/2021-June/122412.html ) that new GCC is needed. However I can't find such requirement in v2.3.15 change log. As seems that I'm not the only one with compilation issues, then @Timo - can You please fix the code so that also v2.3.15 can compiled on older distros? Compilation options: ./configure --prefix=/usr --with-ssl=openssl --with-ssldir=/etc/ssl --sysconfdir=/etc --with-pam --without-bsdauth --without-sql --without-nss --without-ldap --without-pgsql --without-mysql --without-sqlite --with-rundir=/var/run/dovecot --without-cassandra --without-lucene --without-solr --without-textcat --without-libcap --without-stemmer --disable-rpath --disable-dependency-tracking --disable-silent-rules --without-gssapi --without-cdb Compilation error: builtin-strftime -c -o test-smtp-params.o test-smtp-params.c test-smtp-params.c:29: error: unknown field `data' specified in initializer test-smtp-params.c:29: warning: missing braces around initializer test-smtp-params.c:29: warning: (near initialization for `test_params_buffer1.') test-smtp-params.c:30: warning: missing initializer test-smtp-params.c:30: warning: (near initialization for `test_params_buffer1...used') test-smtp-params.c:30: error: unknown field `used' specified in initializer test-smtp-params.c:31: warning: excess elements in struct initializer test-smtp-params.c:31: warning: (near initialization for `test_params_buffer1') test-smtp-params.c:33: error: unknown field `data' specified in initializer test-smtp-params.c:33: warning: missing braces around initializer test-smtp-params.c:33: warning: (near initialization for `test_params_buffer2.') test-smtp-params.c:34: warning: missing initializer test-smtp-params.c:34: warning: (near initialization for `test_params_buffer2...used') test-smtp-params.c:34: error: unknown field `used' specified in initializer test-smtp-params.c:35: warning: excess elements in struct initializer test-smtp-params.c:35: warning: (near initialization for `test_params_buffer2') make[3]: *** [test-smtp-params.o] Error 1 make[3]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.3.15/src/lib-smtp' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.3.15/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.3.15' make: *** [all] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.7364 (%build) -- Mart
Re: Cannot install 'libdcrypt_openssl.la' to a directory not ending in /usr/lib/dovecot
How this will fix x64 rpm build issues? Please stay in topic. Mart Benny Pedersen wrote: > Mart Pirita skrev den 2019-12-16 09:32: > >> So official EOL is just for dummies. :) > > maybe upgrade to gcc 9.x.x first ? > > or drop precompiled distros ! >
Re: Cannot install 'libdcrypt_openssl.la' to a directory not ending in /usr/lib/dovecot
Hi, I asked how to build x64 rpm, so discussion about EOL operating systems is totally off topic. :( FYI, I'm still managing 4 production RedHat 6.2 (Zoot relased year 2000) based MTA servers and they are using latest self compiled and updated kernel, latest dovecot, postfix, openssl, openssh, bind etc, so they are in top shape and working well. So official EOL is just for dummies. :) Mart @lbutlr wrote: > On 15 Dec 2019, at 15:19, Alexander Dalloz wrote: >> Am 15.12.2019 um 21:08 schrieb Mart Pirita: >>> Well, but not for centos 5 and also these rpm are including a lot stuff >>> what I don't need. But I will check the src rpm -s from repo and diff >>> these specs with my current ones. >>> Mart >> CentOS 5 is end of life since April 2017. Don't use it! There is no good >> reason to build anything for it. > And Centos 6 will be EOL in less than a year, so you probably shouldn’t move > to it either. > >
Re: Cannot install 'libdcrypt_openssl.la' to a directory not ending in /usr/lib/dovecot
Well, but not for centos 5 and also these rpm are including a lot stuff what I don't need. But I will check the src rpm -s from repo and diff these specs with my current ones. Mart Aki Tuomi wrote: > We provide rpm packages for centos 6&7 at https://repo.dovecot.org if you > want > to try them? > > Aki >> On 15/12/2019 13:01 Mart Pirita < m...@e-positive.ee >> <mailto:m...@e-positive.ee>> wrote: >> >> >> Hi, >> >> For some reason I've never been able to build x64 dovecot rpm package, >> no matter how I try, I'm still getting lib64 errors, first tried few >> years on centos 5, ok I know this is old distro, then few years tried >> with centos 6 (and wrote here also - CentOS x64 compilation fails), >> supported distro, no luck, now installed centos 7 and still no luck, so >> seems it's not about centos or rpm version. >> >> So I'm using option "rpmbuild -ba --target=i686 dovecot2.3.spec" to >> build it, and it works but I'd still like to build x64 version. Why >> libtool tries to install libdcrypt_openssl.la only instead >> /usr/lib/dovecot into /usr/lib64/dovecot? . But as I can compile fine >> postfix etc other openssl used app rpm -s, then is this some dovecot bug >> or what am I missing? >> >> Error: >> /usr/bin/mkdir -p >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot' >> /bin/sh ../../libtool --mode=install /usr/bin/install -c >> libssl_iostream_openssl.la >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot' >> libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.so >> /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.so >> >> >> libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.lai >> /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.la >> >> >> libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.a >> /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a >> >> >> libtool: install: chmod 644 >> /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a >> >> >> libtool: install: ranlib >> /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a >> >> >> libtool: warning: remember to run 'libtool --finish /usr/lib/dovecot' >> /usr/bin/mkdir -p >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/include/dovecot' >> /usr/bin/install -c -m 644 iostream-openssl.h iostream-ssl.h >> iostream-ssl-private.h iostream-ssl-test.h >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/include/dovecot' >> make[3]: Leaving directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-ssl-iostream' >> make[2]: Leaving directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-ssl-iostream' >> Making install in lib-dcrypt >> make[2]: Entering directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' >> make[3]: Entering directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' >> /usr/bin/mkdir -p >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib64/dovecot' >> /bin/sh ../../libtool --mode=install /usr/bin/install -c >> libdcrypt_openssl.la >> '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib64/dovecot' >> libtool: error: error: cannot install 'libdcrypt_openssl.la' to a >> directory not ending in /usr/lib/dovecot >> make[3]: *** [install-pkglibLTLIBRARIES] Error 1 >> make[3]: Leaving directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' >> make[2]: *** [install-am] Error 2 >> make[2]: Leaving directory >> `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' >> make[1]: *** [install-recursive] Error 1 >> make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src' >> make: *** [install-recursive] Error 1 >> error: Bad exit status from /var/tmp/rpm-tmp.EVWbif (%install) >> >> >> Options: >> ./configure \ >> --prefix=/usr \ >> --with-ssl=openssl \ >> --with-ssldir=/etc/ssl \ >> --sysconfdir=/etc \ >> --without-vpopmail \ >> --with-pam \ >> --without-bsdauth \ >> --without-sql \ >> --without-nss \ >> --without-ldap \ >> --without-pgsql \ >> --without-mysql \ >> --without-sqlite \ >> --with-rundir=/var/run/dovecot \ >> --without-sia \ >> --without-cassandra \ >> --without-lucene \ >> --without-solr \ >> --without-textcat \ >> --without-libcap \ >> --without-stemmer \ >> --disable-rpath \ >> --disable-dependency-tracking \ >> --disable-silent-rules \ >> --without-gssapi \ >> --without-cdb >> >> -- >> Mart > > --- > Aki Tuomi >
Cannot install 'libdcrypt_openssl.la' to a directory not ending in /usr/lib/dovecot
Hi, For some reason I've never been able to build x64 dovecot rpm package, no matter how I try, I'm still getting lib64 errors, first tried few years on centos 5, ok I know this is old distro, then few years tried with centos 6 (and wrote here also - CentOS x64 compilation fails), supported distro, no luck, now installed centos 7 and still no luck, so seems it's not about centos or rpm version. So I'm using option "rpmbuild -ba --target=i686 dovecot2.3.spec" to build it, and it works but I'd still like to build x64 version. Why libtool tries to install libdcrypt_openssl.la only instead /usr/lib/dovecot into /usr/lib64/dovecot? . But as I can compile fine postfix etc other openssl used app rpm -s, then is this some dovecot bug or what am I missing? Error: /usr/bin/mkdir -p '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot' /bin/sh ../../libtool --mode=install /usr/bin/install -c libssl_iostream_openssl.la '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot' libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.so /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.so libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.lai /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.la libtool: install: /usr/bin/install -c .libs/libssl_iostream_openssl.a /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a libtool: install: chmod 644 /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a libtool: install: ranlib /root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib/dovecot/libssl_iostream_openssl.a libtool: warning: remember to run 'libtool --finish /usr/lib/dovecot' /usr/bin/mkdir -p '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/include/dovecot' /usr/bin/install -c -m 644 iostream-openssl.h iostream-ssl.h iostream-ssl-private.h iostream-ssl-test.h '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/include/dovecot' make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-ssl-iostream' make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-ssl-iostream' Making install in lib-dcrypt make[2]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' make[3]: Entering directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' /usr/bin/mkdir -p '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib64/dovecot' /bin/sh ../../libtool --mode=install /usr/bin/install -c libdcrypt_openssl.la '/root/rpmbuild/BUILDROOT/dovecot-2.3.9.2-mp.x86_64/usr/lib64/dovecot' libtool: error: error: cannot install 'libdcrypt_openssl.la' to a directory not ending in /usr/lib/dovecot make[3]: *** [install-pkglibLTLIBRARIES] Error 1 make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' make[2]: *** [install-am] Error 2 make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src/lib-dcrypt' make[1]: *** [install-recursive] Error 1 make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.3.9.2/src' make: *** [install-recursive] Error 1 error: Bad exit status from /var/tmp/rpm-tmp.EVWbif (%install) Options: ./configure \ --prefix=/usr \ --with-ssl=openssl \ --with-ssldir=/etc/ssl \ --sysconfdir=/etc \ --without-vpopmail \ --with-pam \ --without-bsdauth \ --without-sql \ --without-nss \ --without-ldap \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot \ --without-sia \ --without-cassandra \ --without-lucene \ --without-solr \ --without-textcat \ --without-libcap \ --without-stemmer \ --disable-rpath \ --disable-dependency-tracking \ --disable-silent-rules \ --without-gssapi \ --without-cdb -- Mart
Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hmm, can this be related to SMTP brute force attack attempts and Postfix, using conf: smtpd_junk_command_limit = 2 smtpd_error_sleep_time = 15s smtpd_soft_error_limit = 5 smtpd_hard_error_limit = 10 smtpd_client_connection_count_limit = 5 smtpd_client_connection_rate_limit = 30 cuts connection and Dovecot gives error. But since Postfix conf have been same for a long time and these errors came with Dovecot 2.3.3, then seems I just must ignore them, however the error type is a bit spooky (like debug message), so maybe some human readable explanation in logs would be better. :). Timo Sirainen wrote: > On 26 Nov 2018, at 13.16, Mart Pirita wrote: >> Hi, >> >> Auth process is not constantly being shutdown and/or restarted and Dovecot >> is used for SMTP authentication (Postfix). >> >> Checked few servers logs, they are running v2.3.3, for example latest >> (some day none, some day a lot, some day few) logs: >> >> Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0 >> leaked (parent=(nil)): auth-client-connection.c:338 > I suppose these are happening because of: > >>>>>> dovecot: auth: Warning: auth client 0 disconnected with 1 pending >>>>>> requests: EOF: 12 Time(s) > Which probably happens when Postfix disconnects from Dovecot before the > authentication has finished. > > I can reproduce these if I set up PAM authentication and then do: > > doveadm auth test testuser wrongpass > > > Repeat the above a few times. Each time logs: > > Nov 26 13:36:13.588354 auth: Warning: auth client 0 disconnected with 1 > pending requests: EOF > > Then stop Dovecot (or auth process at least): > > Nov 26 13:36:23.403778 auth: Warning: Event 0x561565277db0 leaked > (parent=(nil)): auth-client-connection.c:338 > > -- Mart
Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hi,
Auth process is not constantly being shutdown and/or restarted and Dovecot is
used for SMTP authentication (Postfix).
Checked few servers logs, they are running v2.3.3, for example latest
(some day none, some day a lot, some day few) logs:
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250f15f0
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 18:48:11 server1 dovecot: auth: Warning: Event 0x2b79250ddc50
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 22:55:38 server1 dovecot: auth: Warning: Event 0x2b374a7bafb0
leaked (parent=(nil)): auth-client-connection.c:338
Nov 26 03:08:24 server1 dovecot: auth: Warning: Event 0x2b9b89e79040
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb1ac370
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb18eeb0
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb183490
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb18a900
leaked (parent=(nil)): auth-client-connection.c:338
Nov 25 04:38:04 server2 dovecot: auth: Warning: Event 0x2b4afb193d20
leaked (parent=(nil)): auth-client-connection.c:338
Conf:
# 2.3.3 (dcead646b): /etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-419.el5 x86_64 CentOS release 5.11 (Final)
auth_cache_size = 1 k
auth_failure_delay = 1 mins
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
listen = *
login_log_format_elements = %u %r %m %c
mail_location = maildir:~/Maildir
mail_log_prefix = "%s(%u): "
mail_plugins = " mail_log notify"
mbox_very_dirty_syncs = yes
passdb {
args = cache_key=#hidden_use-P_to_show# *
driver = pam
}
plugin {
autocreate = Drafts
autocreate2 = Sent Items
autosubscribe = Drafts
autosubscribe2 = Sent Items
fts_autoindex = yes
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = uid box msgid size from subject vsize flags
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
ssl_ca = On 3 Nov 2018, at 17.41, Mart Pirita wrote:
>> Hi,
>>
>>
>> But this harmless is spamming logs, so how to disable it:
>>
>> grep auth-client-connection.c:338 maillog | wc -l
>>1259
> Actually this specific event leak isn't a known issue. I don't really
> understand how it could happen. These event leaks are supposed to be checked
> only at process deinit. Is the auth process constantly being shutdown and
> restarted? What's your doveconf -n? Are you using Dovecot for SMTP
> authentication or some other external auth?
>
>
>> Aki Tuomi wrote:
>>>> On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee
>>>> <mailto:sysad...@e-positive.ee>
>>>> <mailto:sysad...@e-positive.ee <mailto:sysad...@e-positive.ee>>> wrote:
>>>>
>>>>
>>>> Hi,
>>>>
>>>>
>>>> Noticed with latest v2.3.3 some new warning in logs, for example:
>>>>
>>>> dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)):
>>>> auth-client-connection.c:338: 1 Time(s)
>>>> dovecot: auth: Warning: auth client 0 disconnected with 1 pending
>>>> requests: EOF: 12 Time(s)
>>>>
>>>>
>>>> What are they?
>>>>
>>>>
>>>> --
>>>> Mart
>>> Hi! It's harmless event leak. This is a known issue to us.
>>> ---
>>> Aki Tuomi
>> --
>> Mart
--
Mart
Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hi, FYI, this is not fixed in v2.3.4: Nov 23 16:03:24 xxx dovecot: master: Dovecot v2.3.4 (0ecbaf23d) starting up for imap, pop3, lmtp (core dumps disabled) Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c2f28 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80d71e0 leaked (parent=(nil)): auth-client-connection.c:338 Nov 23 16:03:53 xxx dovecot: auth: Warning: Event 0x80c3220 leaked (parent=(nil)): auth-client-connection.c:338 ... Aki Tuomi wrote: > It will be fixed. > > Aki > > On 6.11.2018 8.57, Mart Pirita wrote: >> Hi, >> >> >> I'm not using rsyslog and instead of hiding, this event leak should be >> fixed. >> >> >> >> Michael Slusarz wrote: >>>> On November 3, 2018 at 9:41 AM Mart Pirita wrote: >>>> >>>> >>>> Hi, >>>> >>>> >>>> But this harmless is spamming logs, so how to disable it: >>>> >>>> grep auth-client-connection.c:338 maillog | wc -l >>>> 1259 >>> If using something like rsyslog, it is trivial to filter out unwanted >>> entries. >>> >>> michael >>> >>> >>>> Aki Tuomi wrote: >>>>>> On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee >>>>>> <mailto:sysad...@e-positive.ee>> wrote: >>>>>> >>>>>> >>>>>> Hi, >>>>>> >>>>>> >>>>>> Noticed with latest v2.3.3 some new warning in logs, for example: >>>>>> >>>>>> dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): >>>>>> auth-client-connection.c:338: 1 Time(s) >>>>>> dovecot: auth: Warning: auth client 0 disconnected with 1 pending >>>>>> requests: EOF: 12 Time(s) >>>>>> >>>>>> >>>>>> What are they? >>>>>> >>>>>> >>>>>> -- >>>>>> Mart >>>>> Hi! It's harmless event leak. This is a known issue to us. -- Mart
Re: doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory
Hi, You are right, recompiled with correct path. Hajo Locke wrote: > Hello, > > > > Am 07.11.2018 um 14:04 schrieb Mart Pirita: >> Hi, >> >> >> >> Build options - --sysconfdir=/etc/dovecot > you should use --sysconfdir=/etc > sysconfig is path to sysconfig, not dovecotconfig. >> doveconf -Pn > dovecot-new.conf >> doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such >> file or directory >> >> I can make a symlink, but first I'd like to know is this a bug or >> misconfiguration. >> >> > Hajo -- Mart
doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory
Hi, Build options - --sysconfdir=/etc/dovecot doveconf -Pn > dovecot-new.conf doveconf: Fatal: open(/etc/dovecot/dovecot/dovecot.conf) failed: No such file or directory I can make a symlink, but first I'd like to know is this a bug or misconfiguration. -- Mart
Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hi, I'm not using rsyslog and instead of hiding, this event leak should be fixed. Michael Slusarz wrote: >> On November 3, 2018 at 9:41 AM Mart Pirita wrote: >> >> >> Hi, >> >> >> But this harmless is spamming logs, so how to disable it: >> >> grep auth-client-connection.c:338 maillog | wc -l >> 1259 > If using something like rsyslog, it is trivial to filter out unwanted entries. > > michael > > >> Aki Tuomi wrote: >>>> On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee >>>> <mailto:sysad...@e-positive.ee>> wrote: >>>> >>>> >>>> Hi, >>>> >>>> >>>> Noticed with latest v2.3.3 some new warning in logs, for example: >>>> >>>> dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): >>>> auth-client-connection.c:338: 1 Time(s) >>>> dovecot: auth: Warning: auth client 0 disconnected with 1 pending >>>> requests: EOF: 12 Time(s) >>>> >>>> >>>> What are they? >>>> >>>> >>>> -- >>>> Mart >>> Hi! It's harmless event leak. This is a known issue to us. -- Mart
Re: Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hi, But this harmless is spamming logs, so how to disable it: grep auth-client-connection.c:338 maillog | wc -l 1259 Aki Tuomi wrote: > > On 03 November 2018 at 12:12 Mart Pirita < sysad...@e-positive.ee > > <mailto:sysad...@e-positive.ee>> wrote: > > > > > > Hi, > > > > > > Noticed with latest v2.3.3 some new warning in logs, for example: > > > > dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): > > auth-client-connection.c:338: 1 Time(s) > > dovecot: auth: Warning: auth client 0 disconnected with 1 pending > > requests: EOF: 12 Time(s) > > > > > > What are they? > > > > > > -- > > Mart > > Hi! It's harmless event leak. This is a known issue to us. > --- > Aki Tuomi -- Mart
Event 0x2b1a5f270bd0 leaked (parent=(nil)): auth-client-connection.c:338
Hi, Noticed with latest v2.3.3 some new warning in logs, for example: dovecot: auth: Warning: Event 0x80a6fc0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa1c8 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80aa718 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80adac0 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80b6c38 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: Event 0x80c0e00 leaked (parent=(nil)): auth-client-connection.c:338: 1 Time(s) dovecot: auth: Warning: auth client 0 disconnected with 1 pending requests: EOF: 12 Time(s) What are they? -- Mart
Full text search indexing behavior and testing?
Hi,
I'm confused about FTS. https://wiki.dovecot.org/Tools/Doveadm/Index say's:
"Messages can also be added automatically to full text search index using:
plugin {
...
fts_autoindex = yes
}"
So I added "fts_autoindex = yes" into dovecot.conf (I'm using single
config file). That's it? How to test FTS? Or I still must use some
external indexing server?
--
Mart
Re: Limit IMAP/IMAPS listening IPs
Dudi Goldenberg wrote: > Hello list. > > I am running dovecot v2.2.13 on debian 8.8; > > I tried to add a "address =" statement for only localhost and one private IP, > but then I got a complaint from system: > > dovecot[20515]: Error: systemd listens on port 143, but it's not configured > in Dovecot. Closing. > > What is the proper way to resolve this? > I suggest to use iptables for this. -- Mart
Re: Dovecot 2.2.30* compiling error
Timo Sirainen wrote: > On 21 Jun 2017, at 16.42, Mart Pirita <sysad...@e-positive.ee> wrote: >> Timo Sirainen wrote: >>> On 21 Jun 2017, at 16.03, Mart Pirita <sysad...@e-positive.ee> wrote: >>>>>> ltest_lib-test-bits.o: In function `bits_required64': >>>>>> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >>>>>> reference to `__builtin_clzll' >>> This can be fixed with the attached patch. >> Thanks, got this time new error, do You have fix for this: >> >> >> test_lib-test-bits.o: In function `bits_required16': >> /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined >> reference to `bits_required8' > Oh, didn't notice that one. Add the attached patch on top of the other patch. > Timo - thank You! You fixed it, v2.2.30.2 compiled fine with gcc-3.3.6. Also please add both patches into v2.2.31. -- Mart
Re: Dovecot 2.2.30* compiling error
Timo Sirainen wrote: > On 21 Jun 2017, at 16.03, Mart Pirita <sysad...@e-positive.ee> wrote: >>>> ltest_lib-test-bits.o: In function `bits_required64': >>>> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >>>> reference to `__builtin_clzll' > This can be fixed with the attached patch. Thanks, got this time new error, do You have fix for this: test_lib-test-bits.o: In function `bits_required16': /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined reference to `bits_required8' /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined reference to `bits_required8' /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined reference to `bits_required8' /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined reference to `bits_required8' /usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: undefined reference to `bits_required8' test_lib-test-bits.o:/usr/src/redhat/BUILD/dovecot-2.2.30.2/src/lib/bits.h:41: more undefined references to `bits_required8' follow collect2: ld returned 1 exit status make[4]: *** [test-lib] Error 1 > > >> Edit, tested with newer gcc and got new error: >> >> db-checkpassword.c: In function 'sigchld_handler': >> db-checkpassword.c:434:6: error: assignment of read-only member '__in' >> db-checkpassword.c:437:26: error: assignment of read-only member '__in' >> db-checkpassword.c:439:13: error: assignment of read-only member '__in' >> db-checkpassword.c:440:26: error: assignment of read-only member '__in' > But this is weird. Why are your WIFSIGNALED(), WTERMSIG(), WIFEXITED() and > WEXITSTATUS() macros trying to write to the status variable? Also this code > hasn't even changed between 2.2.29 and 2.2.30. > Like the previously included url said - "looks like this might be a bug in glibc 2.3.3". The previous builds was all made with older gcc and no such error. -- Mart
Re: Dovecot 2.2.30* compiling error
Andrey Jr. Melnikov wrote: > Mart Pirita <sysad...@e-positive.ee> wrote: >> Hello. >> I cant build 2.2.30*, but I can build fine version 2.2.29* with same >> options: >> RedHat based customized distro, 2.6.28.10 kernel > [...] > >> Build error: >> ltest_lib-test-bits.o: In function `bits_required64': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >> reference to `__builtin_clzll' >> test_lib-test-bits.o: In function `test_bits_requiredXX': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> ./.libs/liblib.a(numpack.o): In function `numpack_decode': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/numpack.c:43: undefined >> reference to `__builtin_clz' >> collect2: ld returned 1 exit status >> Please advise? > Time to upgrade ancient GCC? Well, I know it's old, but I didn't notice in changelog that something special new was added, so maybe this is somekind of bug? Edit, tested with newer gcc and got new error: db-checkpassword.c: In function 'sigchld_handler': db-checkpassword.c:434:6: error: assignment of read-only member '__in' db-checkpassword.c:437:26: error: assignment of read-only member '__in' db-checkpassword.c:439:13: error: assignment of read-only member '__in' db-checkpassword.c:440:26: error: assignment of read-only member '__in' make[3]: *** [db-checkpassword.lo] Error 1 Seems this is quite old error - https://dovecot.org/list/dovecot/2012-October/086033.html
Re: Dovecot 2.2.30* compiling error
Andrey Jr. Melnikov wrote: > Mart Pirita <sysad...@e-positive.ee> wrote: >> Hello. >> I cant build 2.2.30*, but I can build fine version 2.2.29* with same >> options: >> RedHat based customized distro, 2.6.28.10 kernel > [...] > >> Build error: >> ltest_lib-test-bits.o: In function `bits_required64': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined >> reference to `__builtin_clzll' >> test_lib-test-bits.o: In function `test_bits_requiredXX': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined >> reference to `__builtin_clzll' >> ./.libs/liblib.a(numpack.o): In function `numpack_decode': >> /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/numpack.c:43: undefined >> reference to `__builtin_clz' >> collect2: ld returned 1 exit status >> Please advise? > Time to upgrade ancient GCC? Well, I know it's old, but I didn't notice in changelog that something special new was added, so maybe this is somekind of bug?
Dovecot 2.2.30* compiling error
Hello. I cant build 2.2.30*, but I can build fine version 2.2.29* with same options: RedHat based customized distro, 2.6.28.10 kernel Build options: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include LDFLAGS=-L/usr/local/ssl/lib ./configure \ --prefix=/usr \ --with-ssl=openssl \ --with-ssldir=/etc/ssl \ --sysconfdir=/etc \ --without-vpopmail \ --with-pam \ --without-bsdauth \ --without-sql \ --without-nss \ --without-ldap \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot\ --without-deliver \ --without-gssapi Build error: ltest_lib-test-bits.o: In function `bits_required64': /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined reference to `__builtin_clzll' /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/bits.h:33: undefined reference to `__builtin_clzll' test_lib-test-bits.o: In function `test_bits_requiredXX': /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined reference to `__builtin_clzll' /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined reference to `__builtin_clzll' /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/test-bits.c:74: undefined reference to `__builtin_clzll' ./.libs/liblib.a(numpack.o): In function `numpack_decode': /usr/src/redhat/BUILD/dovecot-2.2.30/src/lib/numpack.c:43: undefined reference to `__builtin_clz' collect2: ld returned 1 exit status Please advise? -- Mart
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Aki Tuomi wrote: > > Or spend 10 minutes to get one from LetsEncrypt for free? =) > > Yes and no. It requires after every 3 months renewing and hasse with dns, certbot etc. Sometimes, in own company, long and self-signed is more usable:). -- Mart
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Eric Broch wrote: > > Also, Outlook doesn't allow storage of a certificate like Thunderbird > but it does allow you to accept it (every time one opens Outlook) and open. Install certificate to the trusted root and no pop-ups -s anymore:). -- Mart
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Aki Tuomi wrote: > This sounds like issue with SSL itself. Is your certificate self-signed > or issued by some trusted CA? > Self-signed. -- Mart
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Edit: Maybe it's the DH file issue (like
https://i-mscp.net/index.php/Thread/10005-Notice-SSL-for-services-with-Courier-Windows-10-issue/),
so added to the conf:
ssl_dh_parameters_length = 2048
removed old file /usr/var/lib/dovecot/ssl-parameters.dat and dovecot
generated new file. Still same error.
Stared to look files timestaps and found the reason. I have a RH based
custom disto and I'm using self compiled openssl, simple make, without
any special options:
./config --prefix=/usr/local/ssl &&
make &&
make install
And at some point, after building dovecot 2.2.24, I built new openssl,
openssl-1.0.1t and with this and also with latest openssl-1.0.2j dovecot
builds fine but doesn't work with windows 10. So finally I built latest
openssl-0.9.8zh and dovecot 2.2.27 against it and windows 10 works like
a charm.
But I'm still curios, why latest openssl and latest dovecot doesn't work
for windows 10. As new openssl should even provide more options, than older.
/usr/local/ssl/bin/openssl version -a
OpenSSL 0.9.8za 5 Jun 2014
built on: Wed Aug 6 15:45:46 EEST 2014
platform: linux-elf
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
idea(int) blowfish(idx)
compiler: gcc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-Wa,--noexecstack -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
-DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM
-DRMD160_ASM -DAES_ASM
OPENSSLDIR: "/usr/local/ssl/ssl"
/usr/local/ssl/bin/openssl version -o
options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
idea(int) blowfish(idx)
##
/usr/local/ssl/bin/openssl version -a
OpenSSL 1.0.2j 26 Sep 2016
built on: reproducible build, date unspecified
platform: linux-elf
options: bn(64,32) rc4(1x,char) des(ptr,risc1,16,long) idea(int)
blowfish(idx)
compiler: gcc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -DL_ENDIAN -O3
-fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS
-DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m
-DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM
-DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
OPENSSLDIR: "/usr/local/ssl/ssl"
/usr/local/ssl/bin/openssl version -o
options: bn(64,32) rc4(1x,char) des(ptr,risc1,16,long) idea(int)
blowfish(idx)
###
Edit: When using win8, then logs started appear in dovecot.rawlog. But
as win10 gives error in ssl level, before user authentication, then no
debug logs will be written into user dovecot.rawlog folder.
So how to debug this ssl issue?
Aki Tuomi wrote:
> https://wiki2.dovecot.org/Debugging/Rawlog
>
> can you try this to get rawlogs to find out what happens?
>
> Aki
I'm bit confused, how this rawlog works. I did:
doveadm user -u kaka
userdb: kaka
user : kaka
system_groups_user: kaka
uid : 566
gid : 566
home : /home/kaka
ls -al /home/kaka
total 16
drwx--4 kaka kaka 4096 Dec 12 15:36 .
drwxr-xr-x 12 root root 4096 Dec 12 12:41 ..
drwx--2 kaka kaka 4096 Dec 12 12:41 dovecot.rawlog
drwx--2 kaka kaka 4096 Dec 12 12:41 Maildir
Added into dovecot.conf:
protocol imap {
rawlog_dir = /tmp/rawlog/%u
}
service imap {
executable = imap postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
But /tmp/rawlog/kaka/ and /home/kaka/dovecot.rawlog/ are empty. What did
I miss?
The whole conf:
listen = *
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_group_events = no
mail_log_fields = uid box msgid size from subject vsize
}
login_log_format_elements = %u %r %m %c
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
executable = imap postlogin
}
service pop3 {
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service auth {
unix_listener auth-userdb {
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
disable_plaintext_auth = no
auth_cache_size = 1024
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
auth_failure_delay = 60 secs
auth_mechanisms = plain login
passdb {
driver = pam
args = cache_key=%u%r%s *
}
userdb {
driver = passwd
}
mail_location = maildir:~/Maildir
mail_plugin_dir = /usr/lib/dovecot
mail_plugins = $mail_plugins mail_log notify
maildir_very_dirty_syncs = yes
protocol imap {
mail_max_userip_connections = 90
imap_logout_format = bytes=%i/%o
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
rawlog_dir = /tmp/rawlog/%u
}
protocol pop3 {
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Edit: When using win8, then logs started appear in dovecot.rawlog. But
as win10 gives error in ssl level, before user authentication, then no
debug logs will be written into user dovecot.rawlog folder.
So how to debug this ssl issue?
Aki Tuomi wrote:
> https://wiki2.dovecot.org/Debugging/Rawlog
>
> can you try this to get rawlogs to find out what happens?
>
> Aki
I'm bit confused, how this rawlog works. I did:
doveadm user -u kaka
userdb: kaka
user : kaka
system_groups_user: kaka
uid : 566
gid : 566
home : /home/kaka
ls -al /home/kaka
total 16
drwx--4 kaka kaka 4096 Dec 12 15:36 .
drwxr-xr-x 12 root root 4096 Dec 12 12:41 ..
drwx--2 kaka kaka 4096 Dec 12 12:41 dovecot.rawlog
drwx--2 kaka kaka 4096 Dec 12 12:41 Maildir
Added into dovecot.conf:
protocol imap {
rawlog_dir = /tmp/rawlog/%u
}
service imap {
executable = imap postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
But /tmp/rawlog/kaka/ and /home/kaka/dovecot.rawlog/ are empty. What did
I miss?
The whole conf:
listen = *
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_group_events = no
mail_log_fields = uid box msgid size from subject vsize
}
login_log_format_elements = %u %r %m %c
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
executable = imap postlogin
}
service pop3 {
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service auth {
unix_listener auth-userdb {
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
disable_plaintext_auth = no
auth_cache_size = 1024
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
auth_failure_delay = 60 secs
auth_mechanisms = plain login
passdb {
driver = pam
args = cache_key=%u%r%s *
}
userdb {
driver = passwd
}
mail_location = maildir:~/Maildir
mail_plugin_dir = /usr/lib/dovecot
mail_plugins = $mail_plugins mail_log notify
maildir_very_dirty_syncs = yes
protocol imap {
mail_max_userip_connections = 90
imap_logout_format = bytes=%i/%o
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
rawlog_dir = /tmp/rawlog/%u
}
protocol pop3 {
pop3_logout_format = bytes=%i/%o, del=%d/%m, size=%s
mail_max_userip_connections = 9
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
ssl_cert =
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Aki Tuomi wrote:
> https://wiki2.dovecot.org/Debugging/Rawlog
>
> can you try this to get rawlogs to find out what happens?
>
> Aki
I'm bit confused, how this rawlog works. I did:
doveadm user -u kaka
userdb: kaka
user : kaka
system_groups_user: kaka
uid : 566
gid : 566
home : /home/kaka
ls -al /home/kaka
total 16
drwx--4 kaka kaka 4096 Dec 12 15:36 .
drwxr-xr-x 12 root root 4096 Dec 12 12:41 ..
drwx--2 kaka kaka 4096 Dec 12 12:41 dovecot.rawlog
drwx--2 kaka kaka 4096 Dec 12 12:41 Maildir
Added into dovecot.conf:
protocol imap {
rawlog_dir = /tmp/rawlog/%u
}
service imap {
executable = imap postlogin
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
But /tmp/rawlog/kaka/ and /home/kaka/dovecot.rawlog/ are empty. What did
I miss?
The whole conf:
listen = *
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_group_events = no
mail_log_fields = uid box msgid size from subject vsize
}
login_log_format_elements = %u %r %m %c
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service lmtp {
unix_listener lmtp {
}
}
service imap {
executable = imap postlogin
}
service pop3 {
}
service postlogin {
executable = script-login -d rawlog
unix_listener postlogin {
}
}
service auth {
unix_listener auth-userdb {
}
unix_listener /var/spool/postfix/private/auth {
mode = 0666
user = postfix
group = postfix
}
}
service auth-worker {
}
service dict {
unix_listener dict {
}
}
disable_plaintext_auth = no
auth_cache_size = 1024
auth_cache_ttl = 1 hour
auth_cache_negative_ttl = 1 hour
auth_failure_delay = 60 secs
auth_mechanisms = plain login
passdb {
driver = pam
args = cache_key=%u%r%s *
}
userdb {
driver = passwd
}
mail_location = maildir:~/Maildir
mail_plugin_dir = /usr/lib/dovecot
mail_plugins = $mail_plugins mail_log notify
maildir_very_dirty_syncs = yes
protocol imap {
mail_max_userip_connections = 90
imap_logout_format = bytes=%i/%o
imap_client_workarounds = tb-extra-mailbox-sep delay-newmail
rawlog_dir = /tmp/rawlog/%u
}
protocol pop3 {
pop3_logout_format = bytes=%i/%o, del=%d/%m, size=%s
mail_max_userip_connections = 9
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
ssl_cert =
Re: Dovecot 2.2.27 > 2.2.24 downgrade errors
Aki Tuomi wrote: > Hi! > > Did you get a core file? Can you install debugging symbols and send > > gdb /path/to/bin /path/to/core > bt full > > to us? > Seems no cores, atleast in /usr/sbin/ ( binary is in /usr/sbin/dovecot) is none. -- Mart
Dovecot 2.2.27 > 2.2.24 downgrade errors
Hello. Due win10 issue I had to downgrade 2.2.27 > 2.2.24 and now some gettings errors for some users: Dec 12 14:42:17 server dovecot: imap(user): Panic: file mail-index-sync-keywords.c: line 227 (keywords_update_records): assertion failed: (data_offset >= sizeof(struct mail_index_record)) Dec 12 14:42:17 star dovecot: imap(senefelder): Error: Raw backtrace: /usr/lib/dovecot/libdovecot.so.0 [0x40185760] -> /usr/lib/dovecot/libdovecot.so.0 [0x401863a6] -> /usr/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x4018590c] -> /usr/lib/dovecot/libdovecot-storage.so.0 [0x400d80cf] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_keywords+0x182) [0x400d829a] -> /usr/lib/dovecot/libdovecot-storage.so.0 [0x400d9405] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_record+0x2f) [0x400d98cb] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_sync_map+0x31c) [0x400d9d24] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_map+0x9e) [0x400d17a2] -> /usr/lib/dovecot/libdovecot-storage.so.0 [0x400e5f3f] -> /usr/lib/dovecot/libdovecot-storage.so.0 [0x400e6241] -> /usr/lib/dovecot/libdovecot-storage.so.0(mail_index_open+0x86) [0x400e635e] -> /usr/lib/dovecot/libdovecot-storage.so.0(index_storage_mailbox_open+0xa4) [0x400c19e4] -> /usr/lib/dovecot/libdovecot-storage.so.0 [0x40076cce] -> /usr Dec 12 14:42:17 server dovecot: imap(user): Fatal: master: service(imap): child 1090 killed with signal 6 (core dumps disabled) I did stop dovecot, removed all dovecot-* and dovecot.* files from user Maildir, still sameerrors. Please advise? -- Mart
Re: Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Aki Tuomi wrote: > > Can you do > > doveconf -a | grep auth_mech > auth_mechanisms = plain login P.S. Seems this 2.2.24 is the last win10 compatible version (as my testserver doesn't have win10 users and thunderbird works well), any never version gives an error. However I didn't find any hint from http://www.dovecot.org/list/dovecot-news/2016-July/000324.html etc. -- Mart
Dovecot 2.2.27 & windows 10 outlook (no auth attempts in 0 secs) error.
Hello. Few days ago upgraded from v2.2.26.0 >v2.2.27 and now windows 10, with any outlook version (2007,2010,2013,2016) doesn't connect IMAP SSL: Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x10, ret=1: before/accept initialization [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: before/accept initialization [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 read client hello A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server hello A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write certificate A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write key exchange A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 write server done A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2001, ret=1: SSLv3 flush data [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL: where=0x2002, ret=-1: SSLv3 read client certificate A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Warning: SSL failed: where=0x2002: SSLv3 read client certificate A [x.x.x.x] Dec 12 12:29:35 server dovecot: imap-login: Debug: SSL error: Disconnected Dec 12 12:29:35 server dovecot: imap-login: Disconnected (no auth attempts in 0 secs): x.x.x.x, TLS handshaking: Disconnected Is this a bug or some new feature? How to fix it? -- Mart
Re: Dovecot 2.2.25 compiling error
Aki Tuomi wrote: > This has been now fixed in master-2.2 with > > https://github.com/dovecot/core/commit/20e802d6bbf4ddad3a2140a2f7812d01de0ec2ef > https://github.com/dovecot/core/commit/d9c865ce774aae9f2f17b89e7e94c3cfca29dea7 > > Our testings indicate that you can compile 2.2.25.1 on CentOS5 with > these applied. > Well, tried with or without patches, but got still same error: sha1.h:80: error: static or type qualifiers in abstract declarator Editing config.h, #define STATIC_ARRAY static > #define STATIC_ARRAY does help, but as configure generates via confdefs.h config.h file, then it's overwritten every time by configure: if test $i_cv_c99_static_arrays = yes; then static_value=static else static_value= fi cat >>confdefs.h <<_ACEOF #define STATIC_ARRAY $static_value _ACEOF So finally I just manually removed, as a dirty workaround, the STATIC_ARRAY value from test result "yes": if test $i_cv_c99_static_arrays = yes; then static_value= else static_value= fi And dovecot compiled fine from latest, unpatched dovecot-2.2.25.tar.gz source. During rpm install I got error, that this build depends on libstats_auth.so and found that it have to be in /usr/lib/dovecot/stats folder, so I included it in spec file and rebuilt rpm again and installed it. So far all OK. -- Mart
Re: Dovecot 2.2.25 compiling error
aki.tu...@dovecot.fi wrote: >> art > We are considering stopping support for old distros because maintaining > support for them is becoming increasingly difficult. > > Please consider upgrading your distribution instead? It is rather old. > Well, don't do it on the middle of the v2.2, this is not the nice way, changing in the middle of version distribution requirements. Be flexible, do it for example since v2.3 or something like this. -- Mart
Re: Dovecot 2.2.25 compiling error
Alexander Dalloz wrote: > Am 02.07.2016 um 17:56 schrieb Mart Pirita: >> Hello. >> >> I cant build 2.2.25, but I can build fine version 2.2.24 with same options: >> >> RedHat based customized distro, 2.6.28.10 kernel > http://dovecot.org/pipermail/dovecot/2016-July/104798.html > But config.h does contain #define STATIC_ARRAY and does not contain #define STATIC_ARRAY static And also src/lib/macros.h does include the fix - https://github.com/dovecot/core/commit/f54d511597447e40f5413716c10520a7229364f1 So older systems can't upgrade anymore? -- Mart
Dovecot 2.2.25 compiling error
Hello. I cant build 2.2.25, but I can build fine version 2.2.24 with same options: RedHat based customized distro, 2.6.28.10 kernel Build options: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include LDFLAGS=-L/usr/local/ssl/lib ./configure \ --prefix=/usr \ --with-ssl=openssl \ --with-ssldir=/etc/ssl \ --sysconfdir=/etc \ --without-vpopmail \ --with-pam \ --without-bsdauth \ --without-sql \ --without-nss \ --without-ldap \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot\ --without-deliver \ --without-gssapi Build error: libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../.. -I/usr/local/ssl/include -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -MT guid.lo -MD -MP -MF .deps/guid.Tpo -c guid.c -fPIC -DPIC -o .libs/guid.o In file included from guid.c:6: sha1.h:80: error: static or type qualifiers in abstract declarator make[4]: *** [guid.lo] Error 1 make[4]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.25/src/lib' make[3]: *** [all] Error 2 make[3]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.25/src/lib' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.25/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.25' make: *** [all] Error 2 Please advise? -- Mart
CentOS x64 compilation fails.
Hello. I have problems to compile Dovecot2.2.13 with rpmbuild using options: ./configure \ --prefix=/usr \ --with-ssl=openssl \ --with-ssldir=/etc/ssl \ --sysconfdir=/etc \ --without-vpopmail \ --with-pam \ --without-bsdauth \ --without-sql \ --without-nss \ --without-ldap \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot \ --without-deliver \ --without-gssapi make Using CentOS 5.11, option - rpmbuild -ba dovecot2.2.spec fails with error: /bin/mkdir -p '/var/tmp/dovecot-2.2.13-mp-root/usr/lib64/dovecot' /bin/sh ../../libtool --mode=install /usr/bin/install -c libdovecot-storage.la '/var/tmp/dovecot-2.2.13-mp-root/usr/lib64/dovecot' libtool: install: error: cannot install `libdovecot-storage.la' to a directory not ending in /usr/lib/dovecot make[4]: *** [install-pkglibLTLIBRARIES] Error 1 make[4]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.13/src/lib-storage' make[3]: *** [install-am] Error 2 make[3]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.13/src/lib-storage' make[2]: *** [install-recursive] Error 1 make[2]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.13/src/lib-storage' make[1]: *** [install-recursive] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.13/src' make: *** [install-recursive] Error 1 error: Bad exit status from /var/tmp/rpm-tmp.14076 (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.14076 (%install) But using CentOS 5.11with option- rpmbuild --target=i686 -ba dovecot2.2.spec works fine. However, using CentOS 6.5, with option - rpmbuild -ba dovecot2.2.spec fails with error: /bin/mkdir -p '/root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.x86_64/usr/lib64/dovecot' /bin/sh ../../libtool --mode=install /usr/bin/install -c libdovecot-storage.la '/root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.x86_64/usr/lib64/dovecot' libtool: install: error: cannot install `libdovecot-storage.la' to a directory not ending in /usr/lib/dovecot make[4]: *** [install-pkglibLTLIBRARIES] Error 1 make[4]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.13/src/lib-storage' make[3]: *** [install-am] Error 2 make[3]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.13/src/lib-storage' make[2]: *** [install-recursive] Error 1 make[2]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.13/src/lib-storage' make[1]: *** [install-recursive] Error 1 make[1]: Leaving directory `/root/rpmbuild/BUILD/dovecot-2.2.13/src' make: *** [install-recursive] Error 1 error: Bad exit status from /var/tmp/rpm-tmp.HP3meN (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.HP3meN (%install) But when CentOS 5.11with option rpmbuild --target=i686 -ba dovecot2.2.spec suceeds, CentOS 6.5still fails: cpio: dovecot-2.2.13/src/lib-compression/abspath.c: Cannot stat: No such file or directory cpio: dovecot-2.2.13/src/lib-compression/compat.h: Cannot stat: No such file or directory cpio: dovecot-2.2.13/src/lib-compression/lib.h: Cannot stat: No such file or directory 18096 blocks + /usr/lib/rpm/check-buildroot /root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.i386/usr/lib/dovecot/dovecot-config:LIBDOVECOT='-L/root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.i386/usr/lib/dovecot -ldovecot' /root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.i386/usr/lib/dovecot/dovecot-config:LIBDOVECOT_INCLUDE=-I/root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.i386/usr/include/dovecot Found '/root/rpmbuild/BUILDROOT/dovecot-2.2.13-mp.i386' in installed files; aborting error: Bad exit status from /var/tmp/rpm-tmp.69mGY0 (%install) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.69mGY0 (%install) How to fix these errors? -- Mart
Re: [Dovecot] Dovecot 2.2.2 compiling error
Timo Sirainen kirjutas: On 22.5.2013, at 20.31, Mart Pirita sysad...@e-positive.ee wrote: I cant build 2.2.2, but I can build fine version 2.1.16 with same options: RedHat based customized distro, 2.6.28.10 kernel What gcc version? gcc -v Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/3.3.6/specs Configured with: ../configure --prefix=/usr --with-slibdir=/lib --infodir=/usr/share/info --mandir=/usr/share/man --enable-shared --enable-threads=posix --enable-languages=c,c++,f77,java,objc --enable-__cxa_atexit --enable-c99 --enable-nls --enable-long-long --enable-multilib --with-gnu-as --with-gnu-ld --with-system-zlib --without-x i386-redhat-linux Thread model: posix gcc version 3.3.6 -- Mart
Re: [Dovecot] Dovecot 2.2.2 compiling error
Timo Sirainen kirjutas: gcc -v gcc version 3.3.6 Hmh. Does the attached patch help? Yes, it does, thanks! -- Mart
[Dovecot] Dovecot 2.2.2 compiling error
Hello. I cant build 2.2.2, but I can build fine version 2.1.16 with same options: RedHat based customized distro, 2.6.28.10 kernel Build options: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include LDFLAGS=-L/usr/local/ssl/lib ./configure \ --prefix=/usr \ --with-ssl=openssl \ --with-ssldir=/etc/ssl \ --sysconfdir=/etc \ --without-vpopmail \ --with-pam \ --without-bsdauth \ --without-sql \ --without-nss \ --without-ldap \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot\ --without-deliver \ --without-gssapi Build error: /bin/sh ../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib-test -I../../../src/lib-dict -I../../../src/lib-fs -I../../../src/lib-mail -I../../../src/lib-imap -I../../../src/lib-index -I../../../src/lib-storage -I/usr/local/ssl/include -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -MT index-search.lo -MD -MP -MF .deps/index-search.Tpo -c -o index-search.lo index-search.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../.. -I../../../src/lib -I../../../src/lib-test -I../../../src/lib-dict -I../../../src/lib-fs -I../../../src/lib-mail -I../../../src/lib-imap -I../../../src/lib-index -I../../../src/lib-storage -I/usr/local/ssl/include -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -fno-builtin-strftime -MT index-search.lo -MD -MP -MF .deps/index-search.Tpo -c index-search.c -fPIC -DPIC -o .libs/index-search.o index-search.c: In function `search_arg_match_text': index-search.c:715: error: size of array `type name' is negative make[5]: *** [index-search.lo] Error 1 make[5]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.2/src/lib-storage/index' make[4]: *** [all-recursive] Error 1 make[4]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.2/src/lib-storage/index' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.2/src/lib-storage' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.2/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/usr/src/redhat/BUILD/dovecot-2.2.2' make: *** [all] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.57532 (%build) Please advise? -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: Or there are some other parameters that conflict with it. Show the gcc command line when compiling ssl-proxy-openssl.c and when linking imap-login binary? If there is -I/usr/include that could explain it.. Can't find anything: [m...@tibu dovecot-1.2.16]# grep imap-login compile.log Making clean in imap-login make[2]: Entering directory `/usr/src/redhat/dovecot-1.2.16/src/imap-login' rm -f imap-login make[2]: Leaving directory `/usr/src/redhat/dovecot-1.2.16/src/imap-login' config.status: creating src/imap-login/Makefile Making all in imap-login make[3]: Entering directory `/usr/src/redhat/dovecot-1.2.16/src/imap-login' /bin/sh ../../libtool --tag=CC --mode=link gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -L/usr/local/ssl/lib -o imap-login client.o client-authenticate.o imap-proxy.o ../login-common/liblogin-common.a ../lib-imap/libimap.a ../lib-auth/libauth.a ../lib/liblib.a -lssl -lcrypto -ldl -lrt libtool: link: gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -o imap-login client.o client-authenticate.o imap-proxy.o -L/usr/local/ssl/lib ../login-common/liblogin-common.a ../lib-imap/libimap.a ../lib-auth/libauth.a ../lib/liblib.a -lssl -lcrypto -ldl -lrt make[3]: Leaving directory `/usr/src/redhat/dovecot-1.2.16/src/imap-login' [m...@tibu dovecot-1.2.16]# grep ssl-proxy-openssl.c compile.log gcc -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-auth -DPKG_RUNDIR=\/var/run/dovecot\ -DPKG_STATEDIR=\/usr/var/lib/dovecot\ -DSBINDIR=\/usr/sbin\ -I/usr/local/ssl/include/openssl -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -MT ssl-proxy-openssl.o -MD -MP -MF .deps/ssl-proxy-openssl.Tpo -c -o ssl-proxy-openssl.o ssl-proxy-openssl.c [m...@tibu dovecot-1.2.16]# grep /usr/include compile.log -e s|^dovecot_incdir=|dovecot_incdir=/usr/include/dovecot| dovecot-config Oh, right, v1.2 and not v2.0. So libssl was linked statically to imap-login, I guess? That explains why there were so many matches to the strings grep. I think so. -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: Still, it's increasingly looking like some kind of conflict between two OpenSSL versions and really nothing to do with Dovecot itself. Can't you just upgrade to a non-ancient OS with a newer OpenSSL? Actually this OS is quite a lot manually updated and so far all works well, and upgrade isn't so easy. So first I will search a way to upgrade built in OpenSSL and if this doesn't work, then the upgrade seems to be the only solution. -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: CPPFLAGS=-I/usr/local/ssl/include/openssl Try -I/usr/local/ssl/include Well, Timo - You did it again, small thing, but nobody, except You noticed. With: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include LDFLAGS=-L/usr/local/ssl/lib 1.2.16 from original (ssl-proxy-openssl.c:950 line is active) compiled fine, and also runs fine with openssl-0.9.8p (previous good one was openssl-0.9.8l). Again, thank You and Your patience. P.S. Maybe some hint into wiki about it would be good? -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: RedHat 9 based distro, 2.6.24.2 kernel, OpenSSL 1.0.0a 1 Jun 2010 Hmm. v1.0.0a, really?.. Yes - compiled manually from openssl-1.0.0a.tar.gz and I'm pointing in dovecot.spec dovecot to use it: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include/openssl LDFLAGS=-L/usr/local/ssl/lib /usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950: undefined reference to `OpenSSL_add_all_algorithms' I just hate OpenSSL. You can comment out that line from the code until I figure out what to do about this. That function was supposed to have existed since forever in OpenSSL. Maybe I should downgrade OpenSSL to 0.9.8*? Or did the compiling log any warnings? The all warnings are: configure: WARNING: unrecognized options: --with-rawlog, --disable-ipv6, --without-passdb-userdb, --without-deliver mail-index-map.c:175: warning: comparison between signed and unsigned mail-index-map.c:1121: warning: comparison between signed and unsigned mail-index-sync-ext.c:666: warning: comparison between signed and unsigned mail-index-modseq.h:34: warning: parameter has incomplete type mail-index-modseq.h:50: warning: parameter has incomplete type mail-index-modseq.h:34: warning: parameter has incomplete type mail-index-modseq.h:50: warning: parameter has incomplete type mail-index-sync-update.c:469: warning: comparison between signed and unsigned mail-transaction-log-file.c:785: warning: comparison between signed and unsigned mailbox-list-fs-iter.c:490: warning: `real_path' might be used uninitialized in this function maildir-sync-index.c:535: warning: comparison between signed and unsigned ../../../src/lib-index/mail-index-modseq.h:34: warning: parameter has incomplete type ../../../src/lib-index/mail-index-modseq.h:50: warning: parameter has incomplete type ../../../src/lib-index/mail-index-modseq.h:34: warning: parameter has incomplete type ../../../src/lib-index/mail-index-modseq.h:50: warning: parameter has incomplete type ssl-proxy-openssl.c:127: warning: passing arg 2 of `d2i_DHparams' from incompatible pointer type ssl-proxy-openssl.c:130: warning: passing arg 2 of `d2i_DHparams' from incompatible pointer type ssl-proxy-openssl.c:650: warning: implicit declaration of function `SSL_get_current_compression' ssl-proxy-openssl.c:650: warning: assignment makes pointer from integer without a cast ssl-proxy-openssl.c:652: warning: implicit declaration of function `SSL_COMP_get_name' ssl-proxy-openssl.c:915: warning: passing arg 1 of `OBJ_txt2nid' discards qualifiers from pointer target type -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: /usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950: undefined reference to `OpenSSL_add_all_algorithms' I just hate OpenSSL. You can comment out that line from the code until I figure out what to do about this. That function was supposed to have existed since forever in OpenSSL. Downgrading SSL didn't help, so I disabled this line and compiled 1.2.16, however, can't use it, as login fails: Dec 3 12:29:08 tibu dovecot: child 13821 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 12:29:09 tibu dovecot: child 13820 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 12:29:11 tibu dovecot: child 13826 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) # 1.2.16: /etc/dovecot.conf # OS: Linux 2.6.24.2 i686 Red Hat Linux release 8.0 (Psyche) protocols: imaps pop3 pop3s ssl_parameters_regenerate: 0 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_log_format_elements: %u [%r] %m %c mail_max_userip_connections(default): 90 mail_max_userip_connections(imap): 90 mail_max_userip_connections(pop3): 9 mail_location: maildir:~/Maildir maildir_copy_preserve_filename: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): bytes=%i/%o, del=%d/%m, size=%s lda: postmaster_address: postmas...@example.com auth default: mechanisms: plain login cache_size: 1024 failure_delay: 3 passdb: driver: pam args: cache_key=%u%r%s * userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: I wonder if this is the reason for all your trouble.. Are there some old OpenSSL versions still installed? Maybe it's mixing headers of old OpenSSL with libs of new, or vice versa. I did some tests, dovecot 1.2.15 compiles fine withh latest OpenSSL, but doesn't allow login at all: Dec 3 12:29:08 tibu dovecot: child 13821 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 12:29:09 tibu dovecot: child 13820 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 12:29:11 tibu dovecot: child 13826 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) And gives segfaults: Dec 3 12:29:08 tibu kernel: imap-login[13821]: segfault at 0044 eip 08074f9c esp bf9c7390 error 4 Dec 3 12:29:09 tibu kernel: imap-login[13820]: segfault at 0044 eip 08074f9c esp bf8f72c0 error 4 Dec 3 12:29:11 tibu kernel: imap-login[13826]: segfault at 0044 eip 08074f9c esp bfa2d3f0 error 4 The last good OpenSSL is openssl-0.9.8l.tar.gz , 1.2.15 compiles and runs fine, however 1.2.16 compiling still fails: /usr/src/redhat/BUILD/dovecot-1.2.16/src/login-common/ssl-proxy-openssl.c:950: undefined reference to `OpenSSL_add_all_algorithms' collect2: ld returned 1 exit status Disabling the line 950, allows build it and it also runs fine. So clearly something is done in 1.2.16 code, moreover, what is done in dovecot code, that at least in my case when using any newer than openssl-0.9.8l.tar.gz, builds fine, but gives segfaults when running it? -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Tom Talpey kirjutas: I built 1.2.16 against openssl-0.9.8p just last week; it linked and is running fine for me. Have you tried any version after 0.9.8l? Tested with openssl-0.9.8m, 0.9.8q, 1.0.0a, 1.0.0c, config options are simple: ./config --prefix=/usr/local/openssl make make install And linked in spec: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include/openssl LDFLAGS=-L/usr/local/ssl/lib I can test more versions, but first I'd like to know did Timo changed something in code, as it compiles fine, but fails to run. -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
David Ford kirjutas: openssl 0.9.8o and 1.0.0b are vulnerable to exploits. Yes I know, but ANY software is good until someone finds a bug in it. Theoretically some may trying exploit it, but I'm pretty sure there are a lot more interesting places to do that:). -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Mart Pirita kirjutas: ./config --prefix=/usr/local/openssl make make install And linked in spec: export CPPFLAGS export LDFLAGS CPPFLAGS=-I/usr/local/ssl/include/openssl LDFLAGS=-L/usr/local/ssl/lib Las message included typo, the real path is /usr/local/ssl, so this is not an issue:). -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: The only change to SSL code I've done for almost a year has been adding that OpenSSL_add_all_algorithms() call, because without it some other OpenSSL installations failed. Hmm, but if I'm comping Dovecot with special made OpenSSL, then if even RedHat -s old OpenSSL is still there, it should not be an issue? As usually, if something builds fine, it also runs fine. Just tested with openssl-0.9.8p, still errors: Dec 3 18:39:10 tibu dovecot: child 20632 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 18:39:11 tibu dovecot: child 20634 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 18:39:18 tibu dovecot: child 20642 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 18:39:24 tibu dovecot: child 20633 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 18:39:32 tibu dovecot: child 20643 (login) killed with signal 11 (core dumps disabled) (ip=195.50.217.142) Dec 3 18:39:10 tibu kernel: printk: 7 messages suppressed. Dec 3 18:39:10 tibu kernel: imap-login[20632]: segfault at 0044 eip 0807501c esp bfce4eb0 error 4 Dec 3 18:39:11 tibu kernel: imap-login[20634]: segfault at 0044 eip 0807501c esp bfcd7ea0 error 4 Dec 3 18:39:18 tibu kernel: imap-login[20642]: segfault at 0044 eip 0807501c esp bff82140 error 4 Dec 3 18:39:24 tibu kernel: imap-login[20633]: segfault at 0044 eip 0807501c esp bfcc3e90 error 4 Dec 3 18:39:32 tibu kernel: imap-login[20643]: segfault at 0044 eip 0807501c esp bfa4ec10 error 4 Dec 3 18:40:05 tibu kernel: imap-login[20644]: segfault at 0044 eip 0807501c esp bf88d250 error 4 How to find out the reason? -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Tom Talpey kirjutas: I assume that you re-ran configure in dovecot-1.2.16 and verified that it actually picked up the openssl libs from /usr/local afterwards? Beyond that, I guess I don't have a further suggestion. Yes, I did it multile times, and config.log seems also OK, so I also have no clue why it fails to run: configure:4567: checking whether the C compiler works configure:4589: gcc -I/usr/local/ssl/include/openssl -L/usr/local/ssl/lib conftest.c 5 configure:4593: $? = 0 configure:4642: result: yes configure:4645: checking for C compiler default output file name configure:4647: result: a.out configure:4653: checking for suffix of executables configure:4660: gcc -o conftest -I/usr/local/ssl/include/openssl -L/usr/local/ssl/lib conftest.c 5 configure:4664: $? = 0 configure:4686: result: configure:4708: checking whether we are cross compiling configure:4716: gcc -o conftest -I/usr/local/ssl/include/openssl -L/usr/local/ssl/lib conftest.c 5 configure:4720: $? = 0 configure:4727: ./conftest configure:4731: $? = 0 configure:4746: result: no configure:4751: checking for suffix of object files configure:4773: gcc -c -I/usr/local/ssl/include/openssl conftest.c 5 configure:4777: $? = 0 configure:4798: result: o configure:4802: checking whether we are using the GNU C compiler configure:4821: gcc -c -I/usr/local/ssl/include/openssl conftest.c 5 configure:4821: $? = 0 configure:4830: result: yes configure:4839: checking whether gcc accepts -g configure:4859: gcc -c -g -I/usr/local/ssl/include/openssl conftest.c 5 configure:4859: $? = 0 configure:4900: result: yes configure:4917: checking for gcc option to accept ISO C89 configure:4981: gcc -c -g -O2 -I/usr/local/ssl/include/openssl conftest.c 5 configure:4981: $? = 0 configure:4994: result: none needed configure:5016: checking dependency style of gcc configure:5126: result: gcc3 configure:5142: checking for library containing strerror configure:5173: gcc -o conftest -g -O2 -I/usr/local/ssl/include/openssl -L/usr/local/ssl/lib conftest.c 5 configure:5173: $? = 0 configure:5190: result: none required configure:5246: checking for gcc configure:5273: result: gcc configure:5502: checking for C compiler version configure:5511: gcc --version 5 gcc (GCC) 3.3.6 -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: Here's a way to find out for sure. Apply the attached patch, compile and check the resulting imap-login binary: Done: strings imap-login | grep OpenSSL [m...@tibu imap-login]# strings imap-login | grep OpenSSL OpenSSL 0.9.6b [engine] 9 Jul 2001 OpenSSL malloc() failed. You may need to increase login_process_size TLSv1 part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL 0.9.8l 5 Nov 2009 SSLv2 part of OpenSSL 0.9.8l 5 Nov 2009 SSLv3 part of OpenSSL 0.9.8l 5 Nov 2009 %s(%d): OpenSSL internal error, assertion failed: %s Big Number part of OpenSSL 0.9.8l 5 Nov 2009 EC part of OpenSSL 0.9.8l 5 Nov 2009 RSA part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL DH Method Diffie-Hellman part of OpenSSL 0.9.8l 5 Nov 2009 Stack part of OpenSSL 0.9.8l 5 Nov 2009 lhash part of OpenSSL 0.9.8l 5 Nov 2009 EVP part of OpenSSL 0.9.8l 5 Nov 2009 ASN.1 part of OpenSSL 0.9.8l 5 Nov 2009 X.509 part of OpenSSL 0.9.8l 5 Nov 2009 MD2 part of OpenSSL 0.9.8l 5 Nov 2009 MD5 part of OpenSSL 0.9.8l 5 Nov 2009 SHA1 part of OpenSSL 0.9.8l 5 Nov 2009 SHA-256 part of OpenSSL 0.9.8l 5 Nov 2009 SHA-512 part of OpenSSL 0.9.8l 5 Nov 2009 RC2 part of OpenSSL 0.9.8l 5 Nov 2009 RC4 part of OpenSSL 0.9.8l 5 Nov 2009 IDEA part of OpenSSL 0.9.8l 5 Nov 2009 DSA part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL DSA method ECDSA part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL ECDSA method ECDH part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL ECDH method RAND part of OpenSSL 0.9.8l 5 Nov 2009 You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html PEM part of OpenSSL 0.9.8l 5 Nov 2009 CONF part of OpenSSL 0.9.8l 5 Nov 2009 CONF_def part of OpenSSL 0.9.8l 5 Nov 2009 OpenSSL default OpenSSL default user interface OpenSSL 'dlfcn' shared library method m...@tibu imap-login]# ldd imap-login | grep libssl [m...@tibu imap-login]# [m...@tibu imap-login]# ldd imap-login libdl.so.2 = /lib/libdl.so.2 (0xb7fcb000) librt.so.1 = /lib/librt.so.1 (0xb7fb8000) libc.so.6 = /lib/libc.so.6 (0xb7e8d000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0xb7fd8000) libpthread.so.0 = /lib/libpthread.so.0 (0xb7e3c000) ldd imap-login | grep libssl Is the string correct, and does ldd point to the right libssl? Something is OK, something not? Please advise? -- Mart
Re: [Dovecot] Dovecot 1.2.16 compiling error
Timo Sirainen kirjutas: This looks messed up. Some part of OpenSSL is from 0.9.6b and some part is from 0.9.8l. Noticed too, seems dovecot doesn't fully trust export CPPFLAGS/LDFLAGS paths? BTW, why dovecot uses export CPPFLAGS/LDFLAGS and not typical --with-ssl=/usr/local/ssl etc style? No libssl.. I guess it's you then need to do: ldd src/login-common/.libs/libdovecot-login.so | grep libssl Hmm, no such dir or file: cd src/login-common/ [m...@tibu login-common]# ls -al total 848 drwxr-xr-x3 root root 4096 Dec 3 19:29 . drwxr-xr-x 26 root root 4096 Dec 3 19:26 .. -rw-r--r--1 root root 5481 May 24 2010 client-common.c -rw-r--r--1 root root 1747 May 24 2010 client-common.h -rw-r--r--1 root root27924 Dec 3 19:29 client-common.o -rw-r--r--1 root root 1073 May 24 2010 common.h drwxr-xr-x2 root root 4096 Dec 3 19:29 .deps -rw-r--r--1 root root 327160 Dec 3 19:29 liblogin-common.a -rw-r--r--1 root root11580 May 24 2010 login-proxy.c -rw-r--r--1 root root 2563 May 24 2010 login-proxy.h -rw-r--r--1 root root34080 Dec 3 19:29 login-proxy.o -rw-r--r--1 root root 1634 May 24 2010 login-proxy-state.c -rw-r--r--1 root root 519 May 24 2010 login-proxy-state.h -rw-r--r--1 root root19092 Dec 3 19:29 login-proxy-state.o -rw-r--r--1 root root13258 May 24 2010 main.c -rw-r--r--1 root root53840 Dec 3 19:29 main.o -rw-r--r--1 root root16420 Dec 3 19:26 Makefile -rw-r--r--1 root root 529 May 24 2010 Makefile.am -rw-r--r--1 root root16289 Nov 8 21:39 Makefile.in -rw-r--r--1 root root 7591 May 24 2010 master.c -rw-r--r--1 root root 734 May 24 2010 master.h -rw-r--r--1 root root39212 Dec 3 19:29 master.o -rw-r--r--1 root root 5717 May 24 2010 sasl-server.c -rw-r--r--1 root root 696 May 24 2010 sasl-server.h -rw-r--r--1 root root26868 Dec 3 19:29 sasl-server.o -rw-r--r--1 root root 1402 May 24 2010 ssl-proxy.c -rw-r--r--1 root root13005 May 24 2010 ssl-proxy-gnutls.c -rw-r--r--1 root root16936 Dec 3 19:29 ssl-proxy-gnutls.o -rw-r--r--1 root root 1261 May 24 2010 ssl-proxy.h -rw-r--r--1 root root10956 Dec 3 19:29 ssl-proxy.o -rw-r--r--1 root root23127 Dec 3 19:21 ssl-proxy-openssl.c -rw-r--r--1 root root95892 Dec 3 19:29 ssl-proxy-openssl.o -- Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. I think it is mostly a Entourage problem. I just decided to switch to Apple Mail since it works much better with IMAP than Entourage. I'm pretty sure, this is Entourage problem, as Apple Mail (IPhone -s too) works well, but as a lot clients using Entourage as calendar, etc, they just won't change the mail client. If proven, that Dovecot is act by standards, and Entourage does not, I must use Cyrus-sasl also in future but first I must be sure, that I haven't made any mistakes on my side. -- Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. Then it should show up.. Post dovecot -n output instead, that'll show what exactly Dovecot is reading from config file. Please: dovecot -n # 1.1.13: /etc/dovecot.conf # OS: Linux 2.6.24.2 i686 Red Hat Linux release 8.0 (Psyche) protocols: imaps pop3 pop3s ssl_parameters_regenerate: 0 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_log_format_elements: %u [%r] %m %c mail_max_userip_connections(default): 90 mail_max_userip_connections(imap): 90 mail_max_userip_connections(pop3): 9 maildir_copy_preserve_filename: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): bytes=%i/%o, del=%d/%m, size=%s auth default: cache_size: 1024 failure_delay: 3 passdb: driver: pam args: cache_key=%u%r%s dovecot userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix -- Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere.
On Thu, 2009-04-16 at 21:39 +0300, Mart Pirita wrote:
250-AUTH PLAIN
250-AUTH=PLAIN
You're missing LOGIN here, which is required by some MS clients
(although I thought Outlook belonged to that category too).
Yes, I noticed that too, as same test with cyrus-sasl shows:
250-PIPELINING
250-SIZE
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
But I have enabled login in dovecot.conf:
# Postfix - suggested configuration taken from SASL_README
(2.3.2).
mechanisms = plain
login
socket listen
{
client
{
path =
/var/spool/postfix/private/auth
mode =
0660
user =
postfix
group =
postfix
}
}
So something is still broken, but what? How can I make Doveco SASL
advertise auth login too?
--
Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere.
If you had changed the mechanisms=plain default, it would have shown
up here (and you can see that also with dovecot -a). So something's
wrong in that setting.
Hmm, You are right, postfix install inserted into config lines:
# Postfix - suggested configuration taken from SASL_README
(2.3.2).
mechanisms = plain
login
socket listen
{
client
{
path =
/var/spool/postfix/private/auth
mode =
0660
user =
postfix
group =
postfix
}
}
But right after this comes next, old part:
# Space separated list of wanted authentication
mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp
skey
#
gss-spnego
# NOTE: See also disable_plaintext_auth
setting.
mechanisms =
plain
And Dovecot accepts the last one:(.
So it's my mistake, but I was taught, that Dovecot always give error on
startup, if any double config lines exist.
Now dovecot -n looks better:
auth default:
mechanisms: plain login
cache_size: 1024
failure_delay: 3
passdb:
driver: pam
args: cache_key=%u%r%s dovecot
userdb:
driver: passwd
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
And also shows up:
50-PIPELINING
250-SIZE
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
And Entourage works fine. Also with smtpd_tls_auth_only = yes settings.
Super.
Thank You Timo!
--
Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. Are you saying that EHLO doesn't return anything when using Dovecot SASL? Yes. Something's very broken then. Hmm, but what? Dovecot is compiled with options: ./configure \ --prefix=/usr \ --with-ssl=/usr/local/ssl \ --with-ssldir=/etc/ssl \ --with-rawlog \ --sysconfdir=/etc \ --without-vpopmail \ --disable-ipv6 \ --with-pam \ --without-passwd-file \ --without-checkpassword \ --without-bsdauth \ --without-static-userdb \ --without-passdb-userdb \ --without-pgsql \ --without-mysql \ --without-sqlite \ --with-rundir=/var/run/dovecot \ --without-deliver \ --without-gssapi And runs with settings: dovecot -n # 1.1.13: /etc/dovecot.conf # OS: Linux 2.6.24.2 i686 Red Hat Linux release 8.0 (Psyche) protocols: imaps pop3 pop3s ssl_parameters_regenerate: 0 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_log_format_elements: %u [%r] %m %c mail_max_userip_connections(default): 90 mail_max_userip_connections(imap): 90 mail_max_userip_connections(pop3): 9 maildir_copy_preserve_filename: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): bytes=%i/%o, del=%d/%m, size=%s auth default: cache_size: 1024 failure_delay: 3 passdb: driver: pam args: cache_key=%u%r%s * userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix Postfix is compiled with options: CCARGS='-DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\dovecot\ -DUSE_TLS -DUSE_SSL -I/usr/local/ssl/include -DHAS_DB -I/usr/local/db4/include -I/usr/include' \ AUXLIBS=-L/usr/local/ssl/lib -lssl -lcrypto -L/usr/local/db4/lib -ldb -L/usr/lib -ldl \ And sasl and tls settings are: smtpd_sasl_auth_enable = yes smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth broken_sasl_auth_clients = yes smtpd_use_tls = yes smtp_use_tls = yes smtpd_tls_security_level = may smtpd_tls_auth_only = yes -- Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. But you said that other clients would still work? I don't see how that's possible if Postfix doesn't reply to EHLO. Well, I compiled postfix again and somehow now I can see more data using dovecot sasl, no idea, why I didn't see this before: Escape character is '^]'. 220 my.domain.ee ESMTP ehlo k.com 250-my.domain.ee 250-PIPELINING 250-SIZE 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN starttls 220 2.0.0 Ready to start TLS Using in main.cf smtpd_tls_auth_only = no Escape character is '^]'. 220 my.domain.ee ESMTP ehlo e.com 250-my.domain.ee 250-PIPELINING 250-SIZE 250-ETRN 250-STARTTLS 250-AUTH PLAIN 250-AUTH=PLAIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN Anyway, I guess you could see if auth_debug=yes logs something. Enabled, trying to send message with Entourage, SSL enabled, port 465, outgoing server requires authentication with same credentials as incoming servers: Apr 16 21:33:42 server postfix/smtpd[3909]: connect from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172] Apr 16 21:33:43 server postfix/smtpd[3909]: lost connection after EHLO from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172] Apr 16 21:33:43 server postfix/smtpd[3909]: disconnect from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172] Authentication failed because Entourage doesn't support any of the available authentication methods. Disabling Same settings, sending with with Thunderbird: Apr 16 21:34:10 server postfix/smtpd[3909]: connect from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172] Apr 16 21:34:10 server postfix/smtpd[3909]: 5548348C172: client=88-196-40-172-dsl.noe.estpak.ee[88.196.40.172], sasl_method=PLAIN, sasl_username=user Apr 16 21:34:10 server postfix/cleanup[3961]: 5548348C172: warning: header Subject: sasa from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172]; from=u...@mydomain.ee to=u...@mydomain.ee proto=ESMTP helo=[192.168.30.3] Apr 16 21:34:10 server postfix/smtpd[3909]: disconnect from 88-196-40-172-dsl.noe.estpak.ee[88.196.40.172] Message sent. -- Mart
Re: [Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. BTW. Is it possible that all other clients are using STARTTLS (or no encryption) and only Entourage is trying to use smtps port? No, all clients are using same settings. And all clients work with cyrus-sasl, but with Dovecot, Entourage won't work. -- Mart
[Dovecot] Postfix, Dovecot SASL and Entourage smtps authentication fails.
Tere. Recently just migrated from Sendmail 8.14.3 to Postfix 2.5.6 and switched from Cyrus-sasl 2.1.22 to Dovecot 1.1.13 sasl, all are compiled from source and I have used Dovecot for a long time, since alpha versions. Everything worked well for Outlook Express, Outlook and Thunderbird clients, but Microsoft Entourage 2004 or 2008 clients smtps fails - Authentication failed because Entourage doesn't support any of the available authentication methods. Similar case like - http://archives.neohapsis.com/archives/postfix/2008-09/thread.html#145 I tried everything, the config is like described in Postfix and Dovecot sites - http://wiki.dovecot.org/HowTo/PostfixAndDovecotSASL I also tried in main.cf smtpd_sasl_security_options =forward_secrecy like described in http://www.postfix.org/postconf.5.html#smtpd_sasl_security_options But none helped. So I switched back to Cyrus-sasl and Entourage works well like before with sendmail. I started to search what may be the reason, and seems with Dovecot sasl Postfix wont advertise needed stuff in ehlo: With Cyrus: telnet localhost 25 Trying 127.0.0.1... Connected to localdomain.localhost. Escape character is '^]'. 220 my.host.ee ESMTP EHLO example.com 250-my.host.ee 250-PIPELINING 250-SIZE 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN starttls 220 2.0.0 Ready to start TLS With dovecot: telnet localhost 25 Trying 127.0.0.1... Connected to localdomain.localhost. Escape character is '^]'. 220 my.host.ee ESMTP EHLO example.com starttls 220 2.0.0 Ready to start TLS Setting with Cyrus in main.cf smtpd_tls_auth_only = no gives even more but still nothing with Dovecot: telnet localhost 25 Trying 127.0.0.1... Connected to localdomain.localhost. Escape character is '^]'. 220 my.host.eeESMTP EHLO example.com 250-my.host.ee 250-PIPELINING 250-SIZE 250-ETRN 250-STARTTLS 250-AUTH PLAIN LOGIN 250-AUTH=PLAIN LOGIN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN So is this a Entourage or Dovecot or Postfix bug? I really like to drop the Cyrus and use only Dovecot sasl. Any hint is welcome. -- Mart
Re: [Dovecot] v1.1.beta8 released
Tere. I think we're getting closer to v1.1 RCs. I'm a little bit confused. Right now I'm using v.1.0.7, but I tried compile v1.1.beta8 with same options as v.1.0.7 and seems it's working fine like stable version does. But if v1.1 is beta then what is/will be v2? And what version should I use? -- Sysadmin
Re: [Dovecot] Dovecot push imap/imap notify support?
Tere. If you're looking for something iPhone-compatible, then no. Theirs is a proprietary system which from what I've read, seems to use SMS in combination with IMAP. Wacky. Yep, thats wacky. (If you aren't talking about iPhone compatibility, I'm less knowledgeable, but dovecot does support IDLE-style imap push style notification.) Hmm, seems yes. Osx Leopard built in Mail application have now the IDLE check box. Does it mean, that now need to use the classic check for new mail after xx minute at all? Btw, seems in Thunderbird this imap push works well. -- Mart
[Dovecot] Imap new messages listing is very slow with big meilbox - why?
Tere. I had impression, that Dovecot does cache the Maildir status, new and old messages and so checking (finding the new messages) the new emails is fast. But what is the truth? Latelly noticed, that using latest Thunderbird, 1 mb line, osx or xp, imap and maildir, if mailbox includes for example about 30 000 messages Thunderbird's command Get all new messages takes more than a minute and with mobile device (Nokia E50, Profimail) about 5-7 minutes. So I can log in and auth quick, I see that Inbox contains 30 000 messages but then new messages listing (sorting the new messages from whole messages without actual headers download) takes forever. Is this normal? How to speed it up? Is this email client or Dovecot issue? Dovecot runs on customized RedHat, 2.6.19 kernel, with settings: # 1.0.5: /etc/dovecot.conf protocols: pop3 pop3s imaps ssl_parameters_regenerate: 0 disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login login_log_format_elements: %u [%r] %m %c mail_location: maildir:~/Maildir mmap_disable: yes maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): outlook-idle pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): retr=%r/%R, del=%d/%m, size=%s auth default: cache_size: 1024 passdb: driver: pam args: cache_key=%u%r%s * userdb: driver: passwd -- Mart
Re: [Dovecot] PAM child process timed out, killing it.
Tere. Your PAM modules are getting stuck. Probably has nothing to do with Dovecot itself. But I haven't change/install/upgrade anything, but the Dovecot. And version 1.0.3 gives errors like crazy, 1.0.2 from time to time and older versions none? Seems something in new Dovecot versions drives PAM crazy. What userdb do you use? Hmm, passwd, dovecot -n: auth default: verbose: yes worker_max_count: 90 process_size: 512 passdb: driver: pam userdb: driver: passwd You could try adding blocking=yes to passdb pam's args or if you're using userdb passwd add blocking=yes to its args. So either passdb or userdb, but not to both? -- Mart
Re: [Dovecot] PAM child process timed out, killing it.
Tere. The only changes to dovecot-auth between 1.0.2 and 1.0.3 were for LDAP code, which you aren't using. So I think the problem has more to do with the binary getting compiled a bit differently, causing random problems in a buggy PAM module. Ok. So where do PAM and passwd do the lookups from? Lookups, hmm, do You mean where passwords are defined and stored. I'm using system accounts, /etc/passwd, /etc/shadow etc.. If you're using pam_ldap+nss_ldap you really need the blocking=yes for them to work right. I'm not using LDAP. Or both. If you're doing LDAP or other remote lookups it's a good idea to set it to both. Ok, I'll try tomorrow version 1.0.4 and blocking=yes in passdb: and userdb: -- Mart
Re: [Dovecot] PAM child process timed out, killing it.
Tere. can you tell us more about your config? what backends are you using? Debian Sarge, 64, reiser, dovecot -a: # 1.0.2: /etc/dovecot.conf base_dir: /var/run/dovecot/ log_path: info_log_path: log_timestamp: %b %d %H:%M:%S syslog_facility: mail protocols: imap imaps pop3 pop3s listen: * ssl_listen: ssl_disable: no ssl_ca_file: ssl_cert_file: /etc/ssl/certs/dovecot.pem ssl_key_file: /etc/ssl/private/dovecot.pem ssl_key_password: ssl_parameters_regenerate: 168 ssl_cipher_list: ssl_verify_client_cert: no disable_plaintext_auth: no verbose_ssl: no shutdown_clients: no nfs_check: yes version_ignore: no login_dir: /var/run/dovecot//login login_executable(default): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(imap): /usr/local/dovecot/libexec/dovecot/imap-login login_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3-login login_user: dovecot login_greeting: Dovecot ready. login_log_format_elements: %u %r %m %c login_log_format: %$: %s login_process_per_connection: yes login_chroot: yes login_greeting_capability: no login_process_size: 64 login_processes_count: 15 login_max_processes_count: 384 login_max_connections: 256 valid_chroot_dirs: mail_chroot: max_mail_processes: 3072 verbose_proctitle: yes first_valid_uid: 500 last_valid_uid: 0 first_valid_gid: 1 last_valid_gid: 0 mail_extra_groups: mail default_mail_env: maildir:%h/Maildir:INDEX=/var/spool/dovecot/index/%u:CONTROL=/var/spool/dovecot/co mail_location: maildir:%h/Maildir:INDEX=/var/spool/dovecot/index/%u:CONTROL=/var/spool/dovecot/contr mail_cache_fields: flags mail_never_cache_fields: imap.envelope mail_cache_min_mail_count: 0 mailbox_idle_check_interval: 30 mail_debug: no mail_full_filesystem_access: no mail_max_keyword_length: 50 mail_save_crlf: no mail_read_mmaped: no mmap_disable: no mmap_no_write: no dotlock_use_excl: no fsync_disable: no lock_method: fcntl maildir_stat_dirs: no maildir_copy_with_hardlinks: yes maildir_copy_preserve_filename: no mbox_read_locks: fcntl mbox_write_locks: dotlock fcntl mbox_lock_timeout: 180 mbox_dotlock_change_timeout: 180 mbox_min_index_size: 0 mbox_dirty_syncs: yes mbox_very_dirty_syncs: no mbox_lazy_writes: yes dbox_rotate_size: 2048 dbox_rotate_min_size: 16 dbox_rotate_days: 1 umask: 63 mail_drop_priv_before_exec: no mail_executable(default): /usr/local/dovecot/libexec/dovecot/imap mail_executable(imap): /usr/local/dovecot/libexec/dovecot/imap mail_executable(pop3): /usr/local/dovecot/libexec/dovecot/pop3 mail_process_size: 256 mail_plugins: mail_plugin_dir(default): /usr/local/dovecot/modules/imap mail_plugin_dir(imap): /usr/local/dovecot/modules/imap mail_plugin_dir(pop3): /usr/local/dovecot/modules/pop3 mail_log_prefix: %Us(%u): mail_log_max_lines_per_sec: 10 imap_max_line_length: 65536 imap_capability: imap_client_workarounds(default): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(imap): outlook-idle netscape-eoh tb-extra-mailbox-sep delay-newmail imap_client_workarounds(pop3): outlook-idle pop3_no_flag_updates: no pop3_enable_last: no pop3_reuse_xuidl: no pop3_lock_session: no pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv pop3_client_workarounds(default): pop3_client_workarounds(imap): pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh pop3_logout_format(default): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(imap): top=%t/%p, retr=%r/%b, del=%d/%m, size=%s pop3_logout_format(pop3): retr=%r/%R, del=%d/%m, size=%s auth default: mechanisms: plain realms: default_realm: cache_size: 0 cache_ttl: 3600 executable: /usr/local/dovecot/libexec/dovecot/dovecot-auth user: root chroot: username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ username_translation: username_format: master_user_separator: anonymous_username: anonymous krb5_keytab: gssapi_hostname: verbose: yes debug: no debug_passwords: no ssl_require_client_cert: no ssl_username_from_cert: no count: 1 worker_max_count: 90 process_size: 512 passdb: driver: pam args: deny: no pass: no master: no userdb: driver: passwd args: -- Mart
[Dovecot] Per user based protocol access and pause after failed login?
Hello. Tried search, no luck, sorry, if this is already answered, but I'm still looking a solution using pam_auth how to define in dovecot which user can access which protocol, for example, default is: protocols = pop3 pop3s imap imaps I'd like to use something like this: exclude_using_pop = user1, user2, @group exclude_using_pops = user1, user2, @group exclude_using_imap = user1, user2, @group exclude_using_imaps = user1, user2, @group The idea is security and also preventing imap user by accident logging in using pop3 and downloading (clearing inbox for imap) all inbox. And also some throttling, for example the adjustable time to pause access after failed login etc would be great. -- Mart
Re: [Dovecot] Per user based protocol access and pause after failed login?
Tere. http://wiki.dovecot.org/Authentication/RestrictAccess Thisone - authrequiredpam_listfile.so item=user sense=allow file=/etc/imapusers onerr=fail Ok, that is close, but how to allow some users use only imaps and not imap? Same question about pops/pop also. Or is it possible to force nonsecure to secure connection? -- Mart
Re: [Dovecot] dovecot under attack
Tere. Does anyone know what this is? Or someone I could ask? Normal dictionary attack? -- Mart
Re: [Dovecot] Per user based protocol access and pause after failed login?
Tere.
%c expands to secured or empty. So you could use eg.
passdb pam {
args = %s%c
}
and create imap, imapsecured, pop3, pop3secured
More better, so for example user1 can access only imaps, using Yous
suggestion, I have to list all users, except user1 in imap, pop3,
pop3secured.
But it should works also in other way, that by default all users are
allowed to use all protocols and then I exclude user1 from imap, pop3,
pop3secured. So I tried:
passdb pam {
args = %s%c
}
/etc/pam.d/ includes imap, imapsecured, pop3, pop3secured files which
includes:
auth required
pam_nologin.so
auth required pam_stack.so
service=system-auth
accountrequired pam_stack.so
service=system-auth
sessionrequired pam_stack.so service=system-auth
and only imapsecured has this line:
auth required pam_listfile.so item=user sense=deny file=/etc/imapsusers
onerr=succeed
and /etc/imapsusers includes user1
But now even pop user can't login:(.
--
Mart
[Dovecot] Old style qouta to new style convert?
Tere. I'm using Debian, postfix dovecot, with system quotas and settings in dovecot.conf: default_mail_env = maildir:%h/Maildir:INDEX=/var/spool/dovecot/index/%u:CONTROL=/var/spool/dovecot/control/%u But if system quota is full, users won't get new messages but won't get also any kind information, and also in mail.log is nothing. Is this normal? Should I use dovecot -s own quota with postfix or dovecot own LDA is needed? And how to convert these index and control files into users homedir? Just making changes in dovecot.conf seems not be good idea? Or it is and the control and indexes will be created again? -- Mart
[Dovecot] Maillog rotates, but dovecot still writes logs into old logfile?
Tere.
I use:
log_path = /var/log/maillog
info_log_path = /var/log/maillog
And into /var/log are:
maillog
maillog.1
maillog.2
maillog.3
Now when log files are rotating at 04:00 (maillog maillog.1) dovecot
still keeps login into maillog.1 and not into maillog, where sendmail,
etc writes logs.
The only solution I did found, is adding into /etc/logrotate.d/syslog
command to restart dovecot:
/var/log/maillog
{
postrotate
/usr/bin/killall -HUP
syslogd
/etc/rc.d/init.d/dovecot restart /dev/null
21
endscript
}
Any other solution?
--
Mart
Re: [Dovecot] Error - Mailbox conversion: Failed to create destination storage with data
Tere. On 6.4.2007, at 15.36, Mart Pirita wrote: dovecot: Apr 06 15:16:13 Error: POP3(spam): Mailbox conversion: Failed to create destination storage with data: maildir:/home/testMaildir This should fix it: http://dovecot.org/list/dovecot-cvs/2007-April/008619.html Pathed the v1.30 failed: patch -p0 paik patching file convert-storage.c Hunk #1 FAILED at 251. Hunk #2 succeeded at 278 with fuzz 2 (offset -3 lines). Hunk #3 succeeded at 289 with fuzz 2. 1 out of 3 hunks FAILED -- saving rejects to file convert-storage.c.rej But I added it manually, and it works great, Maildir will be automatically created thank You. -- Mart
[Dovecot] Error - Mailbox conversion: Failed to create destination storage with data
Tere. Using the latest v1.0.rc30, I'm trying to convert all users mbox -s to maildir with Dovecot -s convert plugin (setup from http://wiki.dovecot.org/Plugins/Convert). But seems Dovecot can't create the needed maildir folder into users homedir, as I'm getting the error: dovecot: Apr 06 15:16:13 Error: POP3(spam): Mailbox conversion: Failed to create destination storage with data: maildir:/home/testMaildir dovecot: Apr 06 15:16:13 Error: child 7290 (pop3) returned error 89 Creating manually the Maildir folder into user homedir, the conversation works. On the other hand, Dovecot is capable creating folder mail into users homedir? Any hint to fix it? And should the /var/spool/mail/test be automatically deleted by Dovecot after the conversation is done? -- Mart
Re: [Dovecot] Error - Mailbox conversion: Failed to create destination storage with data
Tere. Is the '/' really missing from test/Maildir or did you just break it when copypasting? It's a typo from copypaste correct is - dovecot: Apr 06 15:16:13 Error: POP3(spam): Mailbox conversion: Failed to create destination storage with data: maildir:/home/test/Maildir No. Ok. -- Mart
