Andreas Ntaflos
2009-Aug-28 00:46 UTC
[Dovecot] Crash: imap process, Dovecot 1.2.4, related to ACLs (backtrace included)
Hi, I started experimenting with ACLs and found I could reliably and reproducibly crash the IMAP process when trying to create a subfolder of a folder that has has ACLs set. The folder is called "Sent" with an ACL of "owner lrwstipke". I wanted to be able to have certain folders the the user cannot delete but where subfolders can be created freely. Relevant information follows and I hope the backtrace is useful (lots of "value optimized out" entries). You can also find everything from below on <https://daff.pseudoterminal.org/misc/dovecot/>. Please tell me if I can provide more information. dovecot -n: ==========# 1.2.4: /usr/local/etc/dovecot.conf # OS: Linux 2.6.26-2-686 i686 Debian 5.0.2 log_timestamp: %Y-%m-%d %H:%M:%S protocols: managesieve imap imaps pop3 pop3s login_dir: /usr/local/var/run/dovecot/login login_executable(default): /usr/local/libexec/dovecot/imap-login login_executable(imap): /usr/local/libexec/dovecot/imap-login login_executable(pop3): /usr/local/libexec/dovecot/pop3-login login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login mail_access_groups: mail mail_privileged_group: mail mail_location: maildir:~/Maildir mail_drop_priv_before_exec: yes mail_executable(default): /usr/local/libexec/dovecot/imap mail_executable(imap): /usr/local/libexec/dovecot/imap mail_executable(pop3): /usr/local/libexec/dovecot/pop3 mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve mail_plugins(default): autocreate acl mail_plugins(imap): autocreate acl mail_plugins(pop3): mail_plugins(managesieve): mail_plugin_dir(default): /usr/local/lib/dovecot/imap mail_plugin_dir(imap): /usr/local/lib/dovecot/imap mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3 mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve namespace: type: public separator: . prefix: Public. location: maildir:/var/mail/public:CONTROL=~/Maildir/control/public:INDEX=~/Maildir/index/public list: yes namespace: type: private separator: . prefix: Backup. location: maildir:~/Maildir-backup hidden: yes list: no namespace: type: private separator: . inbox: yes list: yes subscriptions: yes lda: log_path: info_log_path: auth_socket_path: /var/run/dovecot/auth-master postmaster_address: postmaster at mailtest0.rise-s.com mail_plugins: sieve acl auth default: mechanisms: plain login passdb: driver: pam passdb: driver: sql args: /etc/dovecot/dovecot-sql.conf userdb: driver: passwd userdb: driver: static args: uid=vmail gid=vmail home=/var/vmail/%Ld/%Ln allow_all_users=yes socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/auth-master mode: 384 user: vmail plugin: sieve: ~/.dovecot.sieve sieve_dir: ~/sieve sieve_global_path: /etc/dovecot/sieve/default.sieve sieve_global_dir: /etc/dovecot/sieve/global/ sieve_before: /etc/dovecot/sieve/before/ autocreate: Trash autocreate2: Drafts autocreate3: Sent autocreate4: INBOX.Spam autosubscribe: Trash autosubscribe2: Drafts autosubscribe3: Sent autosubscribe4: INBOX.Spam acl: vfile:/etc/dovecot/acl Log entry: ========= Aug 28 01:08:01 mailtest0 dovecot: IMAP(andreas.ntaflos at example1.rise-s.com): Panic: file acl-backend-vfile.c: line 1124 (acl_backend_vfile_object_update): assertion failed: (!update->rights.global) Aug 28 01:08:01 mailtest0 dovecot: IMAP(andreas.ntaflos at example1.rise-s.com): Raw backtrace: imap [0x80f1ec1] -> imap [0x80f1f42] -> imap [0x80f18c9] -> /usr/local/lib/dovecot/imap/lib01_acl_plugin.so [0xb7dddcf6] -> /usr/local/lib/dovecot/imap/lib01_acl_plugin.so(acl_object_update+0x18) [0xb7ddb1a8] -> /usr/local/lib/dovecot/imap/lib01_acl_plugin.so [0xb7de2ac7] -> imap(cmd_create+0xf9) [0x80618d9] -> imap [0x80679fc] -> imap [0x8067a99] ->imap(client_handle_input+0x2d) [0x8067c0d] -> imap(client_input+0x5f) [0x806856f] -> imap(io_loop_handler_run+0xe0) [0x80fac40] -> imap(io_loop_run+0x20) [0x80fa0b0] -> imap(main+0x5ea) [0x807104a] -> /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7e15455] -> imap [0x8060291] Aug 28 01:08:01 mailtest0 dovecot: dovecot: child 1588 (imap) killed with signal 6 (core dumped) Backtrace: ========= #0 0xb7f70424 in __kernel_vsyscall () No symbol table info available. #1 0xb7e2a640 in raise () from /lib/i686/cmov/libc.so.6 No symbol table info available. #2 0xb7e2c018 in abort () from /lib/i686/cmov/libc.so.6 No symbol table info available. #3 0x080f1ed5 in default_fatal_finish (type=<value optimized out>, status=0) at failures.c:160 backtrace = 0x93e5628 "imap [0x80f1ec1] -> imap [0x80f1f42] -> imap [0x80f18c9] -> /usr/local/lib/dovecot/imap/lib01_acl_plugin.so [0xb7dddcf6] -> /usr/local/lib/dovecot/imap/lib01_acl_plugin.so(acl_object_update+0x18) [0xb"... #4 0x080f1f42 in i_internal_fatal_handler (type=LOG_TYPE_PANIC, status=0, fmt=0xb7de3094 "file %s: line %d (%s): assertion failed: (%s)", args=0xbff8b9c4 "?3?d\004") at failures.c:440 No locals. #5 0x080f18c9 in i_panic (format=0xb7de3094 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:207 No locals. #6 0xb7dddcf6 in acl_backend_vfile_object_update (_aclobj=0x942c270, update=0xbff8bad0) at acl-backend-vfile.c:1124 dotlock = <value optimized out> path = <value optimized out> i = <value optimized out> fd = <value optimized out> changed = <value optimized out> __PRETTY_FUNCTION__ = "acl_backend_vfile_object_update" #7 0xb7ddb1a8 in acl_object_update (aclobj=0x942c270, update=0xbff8bad0) at acl-api.c:122 No locals. #8 0xb7de2ac7 in acl_mailbox_create (storage=0x93f2c88, name=0x93f9d98 "Sent.2008", directory=false) at acl-storage.c:160 astorage = <value optimized out> ret = <value optimized out> #9 0x080618d9 in cmd_create (cmd=0x93f4ce0) at cmd-create.c:42 ns = <value optimized out> mailbox = 0x93f9d98 "Sent.2008" full_mailbox = 0x93f9d98 "Sent.2008" directory = <value optimized out> #10 0x080679fc in client_command_input (cmd=0x93f4ce0) at client.c:611 client = (struct client *) 0x93f48a0 command = <value optimized out> __PRETTY_FUNCTION__ = "client_command_input" #11 0x08067a99 in client_command_input (cmd=0x93f4ce0) at client.c:660 client = (struct client *) 0x93f48a0 command = <value optimized out> __PRETTY_FUNCTION__ = "client_command_input" #12 0x08067c0d in client_handle_input (client=0x93f48a0) at client.c:701 _data_stack_cur_id = 3 ret = false remove_io = <value optimized out> handled_commands = false __PRETTY_FUNCTION__ = "client_handle_input" #13 0x0806856f in client_input (client=0x93f48a0) at client.c:752 cmd = <value optimized out> output = (struct ostream *) 0x93f4a54 bytes = <value optimized out> __PRETTY_FUNCTION__ = "client_input" #14 0x080fac40 in io_loop_handler_run (ioloop=0x93ed9b0) at ioloop-epoll.c:208 ctx = (struct ioloop_handler_context *) 0x93edab8 event = (const struct epoll_event *) 0x93edaf8 list = (struct io_list *) 0x93f4ab0 io = (struct io_file *) 0x942c888 tv = {tv_sec = 1799, tv_usec = 999357} t_id = 2 msecs = <value optimized out> ret = 1 i = 0 j = 0 call = <value optimized out> #15 0x080fa0b0 in io_loop_run (ioloop=0x93ed9b0) at ioloop.c:335 No locals. #16 0x0807104a in main (argc=Cannot access memory at address 0x634 ) at main.c:327 No locals.
Timo Sirainen
2009-Aug-28 17:42 UTC
[Dovecot] Crash: imap process, Dovecot 1.2.4, related to ACLs (backtrace included)
On Fri, 2009-08-28 at 02:46 +0200, Andreas Ntaflos wrote:> Hi, > > I started experimenting with ACLs and found I could reliably and reproducibly > crash the IMAP process when trying to create a subfolder of a folder that has > has ACLs set. The folder is called "Sent" with an ACL of "owner lrwstipke". I > wanted to be able to have certain folders the the user cannot delete but where > subfolders can be created freely...> acl: vfile:/etc/dovecot/aclYou created a global ACL, right? So /etc/dovecot/acl/Sent? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20090828/5f2070e3/attachment-0002.bin>
Timo Sirainen
2009-Sep-14 01:11 UTC
[Dovecot] Crash: imap process, Dovecot 1.2.4, related to ACLs (backtrace included)
On Fri, 2009-08-28 at 02:46 +0200, Andreas Ntaflos wrote:> Aug 28 01:08:01 mailtest0 dovecot: IMAP(andreas.ntaflos at example1.rise-s.com): > Panic: file acl-backend-vfile.c: line 1124 (acl_backend_vfile_object_update): > assertion failed: (!update->rights.global)Finally had time to look at this. I think the fix should be that global ACLs simply shouldn't be copied to child mailboxes. Is this also what you want? i.e. user can't delete mails from "Sent", but can delete from "Sent/child". http://hg.dovecot.org/dovecot-1.2/rev/6df681067e0a -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20090913/81a2bcb2/attachment-0002.bin>
Apparently Analagous Threads
- Global ACL configuration problems: mailboxes not visible, set ACLs not honoured
- Dovecot v1.2 assert() in ACL
- Expire plugin: wrong mailbox separators in database?
- Global ACL configuration problems: mailboxes not visible , set ACLs not honoured
- mail archiving (Andreas Ntaflos)