Javier de Miguel Rodríguez
2011-Jan-12 11:34 UTC
[Dovecot] Problem after migration dovecot 1.2 -> dovecot 2.0
I have migrated from dovecot 1.2 to dovecot 2.0. When I connect via telnet to 110 port of the dovecot server the client hangs: telnet 192.168.4.80 110 Trying 192.168.4.80... /Connected to 192.168.4.80. Escape character is '^]'./ In syslog I got the following error: /Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is not dir owner)/ My /var/run/dovecot directory listing is the following: ls -lhR /var/run/dovecot //var/run/dovecot: total 12K srw------- 1 root root 0 ene 12 11:40 anvil srw------- 1 root root 0 ene 12 11:40 anvil-auth-penalty srw------- 1 root root 0 ene 12 11:40 auth-client srw------- 1 dovecot root 0 ene 12 11:40 auth-login srw------- 1 entrega root 0 ene 12 11:40 auth-master srw------- 1 entrega root 0 ene 12 11:40 auth-userdb srw------- 1 dovecot root 0 ene 12 11:40 auth-worker srw------- 1 root root 0 ene 12 11:40 config srw------- 1 root root 0 ene 12 11:40 dict srwxrwxrwx 1 root root 0 dic 27 21:36 dict-server srw------- 1 root root 0 ene 12 11:40 director-admin srw------- 1 root root 0 ene 12 09:17 director-userdb srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw------- 1 root root 0 ene 12 11:40 doveadm-server lrwxrwxrwx 1 root root 25 ene 12 11:40 dovecot.conf -> /etc/dovecot/dovecot.conf drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty drwxr-x--- 2 root root 4,0K ene 12 11:40 login -rw------- 1 root root 6 ene 12 11:40 master.pid /var/run/dovecot/empty: total 0 /var/run/dovecot/login: total 4,0K srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client srw-rw-rw- 1 root root 0 ene 12 11:40 imap srw-rw-rw- 1 root root 0 ene 12 11:40 login srw-rw-rw- 1 root root 0 ene 12 11:40 pop3 srw-rw-rw- 1 root root 0 ene 12 11:40 sieve -rw-r--r-- 2 root root 230 ene 9 20:56 ssl-parameters.dat srw-rw-rw- 1 root root 0 ene 12 11:40 ssl-params / My doveconf -n is the following: / # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server release 5.5 (Tikanga) ext3 auth_debug = yes auth_master_user_separator = * auth_mechanisms = plain login base_dir = /var/run/dovecot/ default_client_limit = 4096 default_process_limit = 2500 disable_plaintext_auth = no dotlock_use_excl = yes mail_fsync = never mail_gid = entrega mail_location = maildir:/buzones/us.es/%2.26Hn/%2.200Hn/%n:INDEX=/buzones/ramdisk/%2.26Hn/%2.200Hn/%n mail_plugins = " zlib" mail_uid = entrega managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date passdb { driver = shadow } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } passdb { args = /etc/usuario_maestro.txt driver = passwd-file master = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } plugin { quota = maildir:Cuota de usuario quota_rule2 = Trash:storage=+10%% quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 sieve = /buzones/us.es/%2.26Hn/%2.200Hn/%n/dovecot.sieve sieve_dir = /buzones/us.es/%2.26Hn/%2.200Hn/%n/sieve/ zlib_save = gz zlib_save_level = 9 } protocols = pop3 imap sieve service auth { unix_listener auth-master { user = entrega } unix_listener auth-userdb { user = entrega } user = root } service imap-login { executable = /usr/libexec/dovecot/imap-login process_limit = 2000 } service imap { executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap process_limit = 2000 } service managesieve-login { executable = /usr/libexec/dovecot/managesieve-login inet_listener sieve { port = 2000 } process_limit = 2000 } service managesieve { executable = /usr/libexec/dovecot/managesieve process_limit = 2000 } service pop3-login { executable = /usr/libexec/dovecot/pop3-login process_limit = 2000 } service pop3 { executable = /usr/libexec/dovecot/pop3 process_limit = 2000 } ssl_ca = </etc/pki/generico/cacert.crt.pem ssl_cert = </etc/pki/generico/wildcard-us_es.crt ssl_key = </etc/pki/generico/wildcard-key.pem userdb { driver = passwd } userdb { args = /etc/dovecot/dovecot-ldap.conf driver = ldap } userdb { args = /etc/dovecot/dovecot-ldap-userdb.conf driver = ldap } verbose_proctitle = yes protocol sieve { managesieve_implementation_string = dovecot managesieve_logout_format = bytes=%i/%o managesieve_max_line_length = 65536 } protocol lda { hostname = us.es info_log_path log_path mail_fsync = optimized mail_plugins = quota sieve zlib postmaster_address = evcorreo at us.es syslog_facility = mail } protocol imap { mail_plugins = quota imap_quota zlib } protocol pop3 { mail_plugins = zlib pop3_enable_last = yes pop3_uidl_format = %08Xv%08Xu } /UID & GID of my users: [root at buzon login]# id entrega uid=500(entrega) gid=500(entrega) grupos=500(entrega) [root at buzon login]# id dovecot uid=104(dovecot) gid=107(dovecot) grupos=107(dovecot) [root at buzon login]# id dovenull uid=107(dovenull) gid=110(dovenull) grupos=110(dovenull) What am I doing wrong? I have migrated a identical server from dovecot 1.2 to dovecot 2.0 without this problem. Regards Javier
Javier de Miguel Rodríguez
2011-Jan-13 09:00 UTC
[Dovecot] Problem after migration dovecot 1.2 -> dovecot 2.0
Still no luck with this. I have followed the debuggind guidelines of dovecot wiki (http://wiki2.dovecot.org/Debugging/ProcessTracing) and executed the following: strace -f -tt -o strace_dovecot -p 15426 15426 is the PID os /usr/sbin/dovecot. I attach you compressed the log of the strace . Hope this help to solve this issue. Regards Javier> > telnet 192.168.4.80 110 > > Trying 192.168.4.80... > /Connected to 192.168.4.80. > Escape character is '^]'./ > > > In syslog I got the following error: > > > /Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: > connect(login) in directory / failed: Permission denied > (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is > not dir owner)/ > > > My /var/run/dovecot directory listing is the following: > > > ls -lhR /var/run/dovecot > > //var/run/dovecot: > total 12K > srw------- 1 root root 0 ene 12 11:40 anvil > srw------- 1 root root 0 ene 12 11:40 anvil-auth-penalty > srw------- 1 root root 0 ene 12 11:40 auth-client > srw------- 1 dovecot root 0 ene 12 11:40 auth-login > srw------- 1 entrega root 0 ene 12 11:40 auth-master > srw------- 1 entrega root 0 ene 12 11:40 auth-userdb > srw------- 1 dovecot root 0 ene 12 11:40 auth-worker > srw------- 1 root root 0 ene 12 11:40 config > srw------- 1 root root 0 ene 12 11:40 dict > srwxrwxrwx 1 root root 0 dic 27 21:36 dict-server > srw------- 1 root root 0 ene 12 11:40 director-admin > srw------- 1 root root 0 ene 12 09:17 director-userdb > srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client > srw------- 1 root root 0 ene 12 11:40 doveadm-server > lrwxrwxrwx 1 root root 25 ene 12 11:40 dovecot.conf -> > /etc/dovecot/dovecot.conf > drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty > drwxr-x--- 2 root root 4,0K ene 12 11:40 login > -rw------- 1 root root 6 ene 12 11:40 master.pid > > /var/run/dovecot/empty: > total 0 > > /var/run/dovecot/login: > total 4,0K > srw-rw-rw- 1 root root 0 ene 12 11:40 dns-client > srw-rw-rw- 1 root root 0 ene 12 11:40 imap > srw-rw-rw- 1 root root 0 ene 12 11:40 login > srw-rw-rw- 1 root root 0 ene 12 11:40 pop3 > srw-rw-rw- 1 root root 0 ene 12 11:40 sieve > -rw-r--r-- 2 root root 230 ene 9 20:56 ssl-parameters.dat > srw-rw-rw- 1 root root 0 ene 12 11:40 ssl-params > / > > > My doveconf -n is the following: > / > # OS: Linux 2.6.18-194.26.1.el5 x86_64 Red Hat Enterprise Linux Server > release 5.5 (Tikanga) ext3 > auth_debug = yes > auth_master_user_separator = * > auth_mechanisms = plain login > base_dir = /var/run/dovecot/ > default_client_limit = 4096 > default_process_limit = 2500 > disable_plaintext_auth = no > dotlock_use_excl = yes > mail_fsync = never > mail_gid = entrega > mail_location = > maildir:/buzones/us.es/%2.26Hn/%2.200Hn/%n:INDEX=/buzones/ramdisk/%2.26Hn/%2.200Hn/%n > mail_plugins = " zlib" > mail_uid = entrega > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date > passdb { > driver = shadow > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf > driver = ldap > } > passdb { > args = /etc/usuario_maestro.txt > driver = passwd-file > master = yes > } > passdb { > args = /etc/dovecot/dovecot-ldap.conf > driver = ldap > } > plugin { > quota = maildir:Cuota de usuario > quota_rule2 = Trash:storage=+10%% > quota_warning = storage=95%% /usr/local/bin/quota-warning.sh 95 > quota_warning2 = storage=80%% /usr/local/bin/quota-warning.sh 80 > sieve = /buzones/us.es/%2.26Hn/%2.200Hn/%n/dovecot.sieve > sieve_dir = /buzones/us.es/%2.26Hn/%2.200Hn/%n/sieve/ > zlib_save = gz > zlib_save_level = 9 > } > protocols = pop3 imap sieve > service auth { > unix_listener auth-master { > user = entrega > } > unix_listener auth-userdb { > user = entrega > } > user = root > } > service imap-login { > executable = /usr/libexec/dovecot/imap-login > process_limit = 2000 > } > service imap { > executable = /usr/libexec/dovecot/rawlog /usr/libexec/dovecot/imap > process_limit = 2000 > } > service managesieve-login { > executable = /usr/libexec/dovecot/managesieve-login > inet_listener sieve { > port = 2000 > } > process_limit = 2000 > } > service managesieve { > executable = /usr/libexec/dovecot/managesieve > process_limit = 2000 > } > service pop3-login { > executable = /usr/libexec/dovecot/pop3-login > process_limit = 2000 > } > service pop3 { > executable = /usr/libexec/dovecot/pop3 > process_limit = 2000 > } > ssl_ca = </etc/pki/generico/cacert.crt.pem > ssl_cert = </etc/pki/generico/wildcard-us_es.crt > ssl_key = </etc/pki/generico/wildcard-key.pem > userdb { > driver = passwd > } > userdb { > args = /etc/dovecot/dovecot-ldap.conf > driver = ldap > } > userdb { > args = /etc/dovecot/dovecot-ldap-userdb.conf > driver = ldap > } > verbose_proctitle = yes > protocol sieve { > managesieve_implementation_string = dovecot > managesieve_logout_format = bytes=%i/%o > managesieve_max_line_length = 65536 > } > protocol lda { > hostname = us.es > info_log_path > log_path > mail_fsync = optimized > mail_plugins = quota sieve zlib > postmaster_address = evcorreo at us.es > syslog_facility = mail > } > protocol imap { > mail_plugins = quota imap_quota zlib > } > protocol pop3 { > mail_plugins = zlib > pop3_enable_last = yes > pop3_uidl_format = %08Xv%08Xu > } > > > > /UID & GID of my users: > > [root at buzon login]# id entrega > uid=500(entrega) gid=500(entrega) grupos=500(entrega) > [root at buzon login]# id dovecot > uid=104(dovecot) gid=107(dovecot) grupos=107(dovecot) > [root at buzon login]# id dovenull > uid=107(dovenull) gid=110(dovenull) grupos=110(dovenull) > > > > > What am I doing wrong? I have migrated a identical server from > dovecot 1.2 to dovecot 2.0 without this problem. > > Regards > > Javier >-------------- next part -------------- A non-text attachment was scrubbed... Name: strace_dovecot.gz Type: application/x-gzip Size: 6101 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20110113/09618202/attachment-0002.gz>
Timo Sirainen
2011-Jan-13 09:57 UTC
[Dovecot] Problem after migration dovecot 1.2 -> dovecot 2.0
On 12.1.2011, at 13.34, Javier de Miguel Rodr? guez wrote:> /Jan 12 12:14:44 buzon dovecot: imap-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=107(<unknown>) egid=110(<unknown>) missing +x perm: /, euid is not dir owner)/Hmm.> ls -lhR /var/run/dovecot > > drwxr-xr-x 2 root root 4,0K ene 12 09:05 empty > drwxr-x--- 2 root root 4,0K ene 12 11:40 loginThese two directories should have "dovenull" as group.. It should have automatically figured this out by looking up dovenull's group. I could send some debug patches to figure out what the problem is.. But you should be able to work around it by setting: service imap-login { group = dovenull }
Possibly Parallel Threads
- Intermitent ldap auth problems benchmarking dovecot
- Mailbox INBOX: Opening INBOX failed: Mailbox doesn't exist: INBOX. Maybe master user + namespace problem?
- Question about index reset in dovecot 2.0.15
- Error logs with virtual folder after upgrading to 2.3.4
- Dot Lock timestmap, users disconnections from roundcube