Re: Dovecot 2.1.7 random login fails

2015-02-23 Thread Dario Meloni 
On Wed, 18 Feb 2015 09:38:22 +, Dario Meloni wrote:

 did you've verified that the file exists and has a reasonable file
 size?
 
 The file in question is actually a unix socket that I guess is used to
 refresh the SSL data from the main privileged process.
 I don't know which process is actually logging the error, but the ssl-
 params file is root owned and is readable and writable by everyone.

No one has any idea why the ssl-param socket might not be working?

I tried also different distributions (centos, ubuntu, debian) and the 
dovecot repositories (to try the latest stable, 2.2) and I routinely get 
that error.

Re: Dovecot 2.1.7 random login fails

2015-02-18 Thread Dario Meloni 
On Wed, 18 Feb 2015 07:49:04 +0100, Steffen Kaiser wrote:
 
 did you've verified that the file exists and has a reasonable file size?

The file in question is actually a unix socket that I guess is used to 
refresh the SSL data from the main privileged process.
I don't know which process is actually logging the error, but the ssl-
params file is root owned and is readable and writable by everyone.

Re: Dovecot 2.1.7 random login fails

2015-02-17 Thread Steffen Kaiser 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Tue, 17 Feb 2015, Dario Meloni wrote:


Feb 17 07:48:32 pop3-login: Fatal: read(ssl-params) failed: Permission
denied

I checked in the code and found that the issue is from ssl-params.c
apparently not being able to read from a file descriptor that it already
opened...


did you've verified that the file exists and has a reasonable file size?

- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEVAwUBVOQ14Hz1H7kL/d9rAQICRAf/fX8WD3zgwdae+U2IH/PHkbiEuIcFrSjh
nqtjpBQ8zcKLfGpVV13+okJ+Yt0uQDGXLoXmwrDuQD0IGZKwpFxAJXzZn1xzG7GM
kma3jtUE5Jw//eTk2e3dLCsnYPU8XA8/pi5zYzpgITtScAA3LitLApT4uGfgLtMD
GHZlxVxryHrRllYlkO8gECeuBBaDwpPHGz6cgImReTrHk1OEAoc61TOlamPxbIR/
PEWrEoohUNqbXY81qsdqtyrRbzmHWpMcJlFT6JvaCIXIZgFzbmIayE54klYSfSqh
J9etOQz/gKdwT1QXT4w6DeVJUbvCTNGv6ZNT+CYDBVr7+DhpnTBjmg==
=krXV
-END PGP SIGNATURE-

Re: Dovecot 2.1.7 random login fails

2015-02-17 Thread Dario Meloni 
On Tue, 17 Feb 2015 10:17:21 +, Dario Meloni wrote:


 Dovecot version 2.1.7, running in a debian:stable docker container.
[..]

I also tried using the backport packages and I have the same issues on 
version 2.2.13

Dovecot 2.1.7 random login fails

2015-02-17 Thread Dario Meloni 
From: Dario Meloni mello...@gmail.com
Subject: Dovecot 2.1.7 intermittent login issues
Newsgroups: gmane.mail.imap.dovecot
X-Draft-Attribution: 
X-Draft-Attribution-Author: 
X-Draft-Attribution-Date: 
X-Draft-Attribution-Id: 
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Hello,

Dovecot version 2.1.7, running in a debian:stable docker container.

I am having a weird issues with dovecot failing randomly sometimes with 
pop3 sometimes with imap but only in case of SSL for example from the 
logs I can see this:

Feb 17 07:48:32 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 
write session ticket A [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 
write change cipher spec A [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 
write finished A [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL: where=0x2001, ret=1: SSLv3 
flush data [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL: where=0x20, ret=1: SSL 
negotiation finished successfully [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL: where=0x2002, ret=1: SSL 
negotiation finished successfully [172.17.2.5]
Feb 17 07:48:32 imap-login: Warning: SSL alert: where=0x4008, ret=256: 
warning close notify [172.17.2.5]
Feb 17 07:48:32 pop3-login: Fatal: read(ssl-params) failed: Permission 
denied



and from the debug log:

Feb 17 07:48:32 auth: Debug: auth client connected (pid=21)
Feb 17 07:48:32 auth: Debug: client in: AUTH1   PLAIN   
service=pop3session=[REDACTED]lip=172.17.2.11 rip=172.17.2.5  
lport=110   rport=38967 resp=[REDACTED]
Feb 17 07:48:32 auth-worker(16): Debug: pam(test,172.17.2.5): lookup 
service=dovecot
Feb 17 07:48:32 auth-worker(16): Debug: pam(test,172.17.2.5): #1/1 
style=1 msg=Password:
Feb 17 07:48:32 auth: Debug: client out: OK 1   user=test
Feb 17 07:48:32 auth: Debug: master in: REQUEST 951582721   21  
1   1fb51b26a3656db28fa3d333bd7568a4
Feb 17 07:48:32 auth: Debug: passwd(test,172.17.2.5,[REDACTED]): lookup
Feb 17 07:48:32 auth: Debug: master out: USER   951582721   test
system_groups_user=test uid=1000gid=8   home=/home/test
Feb 17 07:48:32 pop3(test): Debug: Effective uid=1000, gid=8, home=/home/
test
Feb 17 07:48:32 pop3(test): Debug: Namespace inbox: type=private, 
prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes 
location=mbox:~/mail:INBOX=/var/mail/test
Feb 17 07:48:32 pop3(test): Debug: fs: root=/home/test/mail, index=, 
control=, inbox=/var/mail/test, alt=
Feb 17 07:48:32 pop3(test): Debug: Namespace : Using permissions from /
home/test/mail: mode=0700 gid=-1
Feb 17 07:48:32 auth: Debug: auth client connected (pid=23)


I checked in the code and found that the issue is from ssl-params.c 
apparently not being able to read from a file descriptor that it already 
opened...

Any idea?