Maple Thorpe
2010-Nov-02 09:34 UTC
[Dovecot] Converting to 2.0 and LMTP have userdb and auth-worker complaints
Using rpms and converted dovecot.conf with doveconf. Need assistance to
determine how to resolve 'auth-worker' and userdb complaint.
logging into mysql from commandline with mail admin acct and using
dovecot sql query is successful but the following fails:
doveadm auth -x service=imap -x lip=127.0.0.1 john
Password:
passdb: john auth failed
extra fields:
temp
doveadm(root): Fatal: Couldn't connect to auth socket
sudo /usr/libexec/dovecot/imap -u john
Error: userdb lookup(john): Disconnected unexpectedly
Fatal: Internal error occurred. Refer to server log for more
information.
sudo /usr/libexec/dovecot/imap -u john at homenet.lan
Error: userdb lookup(john at homenet.lan): Disconnected unexpectedly
Fatal: Internal error occurred. Refer to server log for more
information.
Additional info:
------------------
dovecot log messages
------------------
Nov 02 03:27:39 master: Info: Dovecot v2.0.1 starting up (core dumps
disabled)
Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=,
inboxNov 02 03:27:50 lmtp(17281): Info: Connect from local
Nov 02 03:27:50 auth: Fatal: net_connect_unix(auth-worker) failed:
Permission denied
Nov 02 03:27:50 lmtp(17281): Error: userdb lookup(john at homenet.lan):
Disconnected unexpectedly
Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=,
inboxNov 02 03:27:50 lmtp(17281): Info: Connect from local
Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=,
inboxNov 02 03:27:50 lmtp(17281): Info: Connect from local
Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=,
inboxNov 02 03:27:50 lmtp(17281): Info: Connect from local
Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=,
inboxNov 02 03:27:50 lmtp(17281): Info: Connect from local
Nov 02 03:27:50 master: Error: service(auth): command startup failed,
throttling
Nov 02 03:28:50 auth: Fatal: net_connect_unix(auth-worker) failed:
Permission denied
Nov 02 03:28:50 lmtp(17281): Error: userdb lookup(john at homenet.lan):
Disconnected unexpectedly
Nov 02 03:28:51 master: Error: service(auth): command startup failed,
throttling
------------------
postfix log messages
------------------
Nov 2 03:27:50 roxie postfix/lmtp[17342]: 98F39122892:
to=<john at homenet.lan>, relay=mail.homenet.lan[private/dovecot-lmtp],
conn_use=8, delay=38251, delays=38069/182/0.01/0.07, dsn=4.3.0,
status=deferred (host mail.homenet.lan[private/dovecot-lmtp] said: 451
4.3.0 <john at homenet.lan> Internal error occurred. Refer to server log
for more information. (in reply to RCPT TO command))
------------------
doveconf -n
------------------
# 2.0.1: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.35.6-48.fc14.i686 i686 Fedora release 14 (Laughlin)
auth_mechanisms = plain login cram-md5
listen = *
log_path = /var/log/dovecot.log
mail_debug = yes
mail_location = maildir:%h/Maildir/
passdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
plugin {
trash = /etc/dovecot/trash.conf
}
protocols = imap lmtp
service auth-worker {
group = postfix
user = postfix
}
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
user = postfix
}
service imap {
executable = imap
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
shutdown_clients = no
ssl_cert = </etc/pki/tls/certs/mail-server-ssl.cert
ssl_cipher_list = ALL:!LOW:!SSLv2
ssl_key = </etc/pki/tls/private/mail-server-ssl.key
userdb {
args = /etc/dovecot/dovecot-mysql.conf
driver = sql
}
userdb {
driver = prefetch
}
protocol imap {
imap_max_line_length = 65536
}
------------------
dovecot-mysql.conf
------------------
driver = mysql
connect = "host=127.0.0.1 dbname=virtual user=virt password=letmein
password_query = \
SELECT userid AS user, password, \
home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
FROM vusers WHERE userid = '%Ln' AND domain = '%Ld'
# For deliver lookups:
user_query = \
SELECT home, uid, gid FROM vusers WHERE userid = '%Ln' AND domain
'%Ld'
# For using doveadm -A:
iterate_query = SELECT userid AS username, domain FROM users
------------------
dirs
------------------
ls -l /var/spool/postfix/private/
total 0
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 anvil
srw-rw---- 1 postfix postfix 0 Nov 2 03:27 auth
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 bounce
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 defer
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 discard
srw-rw-rw- 1 postfix postfix 0 Nov 1 07:46 dovecot
srw-rw---- 1 postfix postfix 0 Nov 2 03:27 dovecot-lmtp
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 error
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 lmtp
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 local
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 proxymap
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 proxywrite
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 relay
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 retry
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 rewrite
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 scache
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 smtp
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 smtp-amavis
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 tlsmgr
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 trace
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 verify
srw-rw-rw- 1 postfix postfix 0 Nov 1 16:18 virtual
ls -l /var/run/dovecot/
total 12
srw------- 1 root root 0 Nov 2 03:27 anvil
srw------- 1 root root 0 Nov 2 03:27 anvil-auth-penalty
srw------- 1 root root 0 Nov 2 03:27 auth-client
srw------- 1 dovecot root 0 Nov 2 03:27 auth-login
srw------- 1 root root 0 Nov 2 03:27 auth-master
srw------- 1 root root 0 Nov 2 03:27 auth-userdb
srw------- 1 dovecot root 0 Nov 2 03:27 auth-worker
srw------- 1 root root 0 Nov 2 03:27 config
srw------- 1 root root 0 Nov 2 03:27 dict
srw------- 1 root root 0 Nov 2 03:27 director-admin
srw-rw-rw- 1 root root 0 Nov 2 03:27 dns-client
srw------- 1 root root 0 Nov 2 03:27 doveadm-server
lrwxrwxrwx 1 root root 25 Nov 2 03:27 dovecot.conf
-> /etc/dovecot/dovecot.conf
drwxr-xr-x 2 root root 4096 Aug 25 08:12 empty
srw-rw-rw- 1 root root 0 Nov 2 03:27 lmtp
drwxr-x--- 2 root dovenull 4096 Nov 2 03:27 login
-rw------- 1 root root 6 Nov 2 03:27 master.pid
A nudge into the right direction would be greatly appreciated.
Thanks
Daniel Luttermann
2010-Nov-02 10:26 UTC
[Dovecot] Converting to 2.0 and LMTP have userdb and auth-worker complaints
Maple Thorpe wrote on 11/02/2010:> Additional info: > ------------------ > dovecot log messages > ------------------ > Nov 02 03:27:39 master: Info: Dovecot v2.0.1 starting up (core dumps > disabled) > Nov 02 03:27:50 lmtp(17281): Debug: none: root=, index=, control=, > inbox> Nov 02 03:27:50 lmtp(17281): Info: Connect from local > Nov 02 03:27:50 auth: Fatal: net_connect_unix(auth-worker) failed: > Permission denied > Nov 02 03:27:50 lmtp(17281): Error: userdb lookup(john at homenet.lan): > Disconnected unexpectedlyOK, you get a "permission denied" error...> ------------------ > doveconf -n > ------------------ > # 2.0.1: /etc/dovecot/dovecot.conf > # OS: Linux 2.6.35.6-48.fc14.i686 i686 Fedora release 14 (Laughlin) > auth_mechanisms = plain login cram-md5 > listen = * > log_path = /var/log/dovecot.log > mail_debug = yes > mail_location = maildir:%h/Maildir/ > passdb { > args = /etc/dovecot/dovecot-mysql.conf > driver = sql > } > plugin { > trash = /etc/dovecot/trash.conf > } > protocols = imap lmtp > service auth-worker { > group = postfix > user = postfix > } > service auth { > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0660 > user = postfix > } > user = postfix > }Why do you use "group = postfix and "user = postfix" for the auth-worker? This user needs access to your password and user database. See: http://wiki2.dovecot.org/UserIds I mean the default user/group is "root".> ls -l /var/run/dovecot/ > total 12 > srw------- 1 root root 0 Nov 2 03:27 anvil > srw------- 1 root root 0 Nov 2 03:27 anvil-auth-penalty > srw------- 1 root root 0 Nov 2 03:27 auth-client > srw------- 1 dovecot root 0 Nov 2 03:27 auth-login > srw------- 1 root root 0 Nov 2 03:27 auth-master > srw------- 1 root root 0 Nov 2 03:27 auth-userdb > srw------- 1 dovecot root 0 Nov 2 03:27 auth-worker > srw------- 1 root root 0 Nov 2 03:27 config > srw------- 1 root root 0 Nov 2 03:27 dict > srw------- 1 root root 0 Nov 2 03:27 director-admin > srw-rw-rw- 1 root root 0 Nov 2 03:27 dns-client > srw------- 1 root root 0 Nov 2 03:27 doveadm-server > lrwxrwxrwx 1 root root 25 Nov 2 03:27 dovecot.conf > -> /etc/dovecot/dovecot.conf > drwxr-xr-x 2 root root 4096 Aug 25 08:12 empty > srw-rw-rw- 1 root root 0 Nov 2 03:27 lmtp > drwxr-x--- 2 root dovenull 4096 Nov 2 03:27 login > -rw------- 1 root root 6 Nov 2 03:27 master.pidHmm, this is a bit curious because auth-worker runs as user "dovecot" and group "root" but above you've set "postfix/postfix"... Is the socket "auth-worker" re-created with different permissions if you restart Dovecot? Have you tried to use the default permissions (root/root instead of postfix/postfix)? -- Daniel
Maple Thorpe
2010-Nov-02 12:23 UTC
[Dovecot] ***SPAM*** Re: Converting to 2.0 and LMTP have userdb and auth-worker complaints
On Tue, 2010-11-02 at 11:26 +0100, Daniel Luttermann wrote:> Maple Thorpe wrote on 11/02/2010: >> Why do you use "group = postfix and "user = postfix" for the > auth-worker? This user needs access to your password and user > database. See: > http://wiki2.dovecot.org/UserIds > > -- > Daniel >Thanks for the pointer. I have been at the wiki for two days, thought I had read every page (what seemed like a 100 times), but, somehow missed UserIds. Thanks again.