dovecot - Aug 2013 - Dsync confusion...

Hi,

Maybe I've been staring at config files and man pages too long, but the 
doc page for Dsync is a little confusing and I don't how to solve my 
problem.  I've probably missed something simple and stupid, but as I 
said, I've been staring at this problem too long and need a second pair 
of eyes on it !

Per doveconf below the user/owner for auth db is a user with shell 
/bin/false.  Root SSH login is also disabled on the target machine, so I 
need to use a script user to do the sync.

I installed dovecot on the target host and config'd it as per the second 
doveconf below

But all I ever get are errors such as :
su -c "dsync -u test at somewhere.example.com backup 
its-virtmail at somewhere.example.com" its_scripts
dsync(its_scripts): Fatal: setuid(1001(its-virtmail) from userdb lookup) 
failed with euid=1002(its_scripts): Operation not permitted (This binary 
should probably be called with process user set to 1001(its-virtmail) 
instead of 1002(its_scripts))
root at ukc-vm02-mx01:/etc/dovecot/conf.d# dsync(its_scripts): Error: 
userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission 
denied (euid=1002(its_scripts) egid=1002(its_scripts) missing +r perm: 
/var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)

Even if I temporarily give /bin/sh and an ssh key to the dovecot user, I 
still can't get it to work :

ssh its-virtmail at somewhere.example.com dsync -u test at example.com
dsync(its-virtmail): Error: user test at somewhere.example.com: 
Initialization failed: mail_location not set and autodetection failed: 
Mail storage autodetection failed with home=/srv/mail/example.com/test
dsync(its-virtmail): Fatal: User init failed
dsync-local(test at somewhere.example.com): Error: read() from worker 
server failed: EOF


# SOURCE HOST
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.0-37-generic x86_64 Ubuntu 12.04.2 LTS
auth_verbose = yes
auth_verbose_passwords = sha1
mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
passdb {
   args = scheme=CRYPT username_format=%u /etc/dovecot/users
   driver = passwd-file
}
plugin {
   fts = solr
   fts_solr = url=http://localhost:8080/solr/
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = imap lmtp sieve
service auth {
   unix_listener /var/spool/postfix/private/dovecot-auth {
     group = postfix
     mode = 0660
     user = postfix
   }
   unix_listener auth-userdb {
     group = its-virtmail
     mode = 0660
     user = its-virtmail
   }
}
service imap-login {
   process_min_avail = 3
}
service lmtp {
   process_min_avail = 5
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
     group = postfix
     mode = 0600
     user = postfix
   }
   user = its-virtmail
}
service managesieve-login {
   inet_listener sieve {
     port = 4190
   }
   inet_listener sieves {
     port = 5190
     ssl = yes
   }
   process_min_avail = 3
}
ssl = required
ssl_cert = </etc/ssl/certs/mx_example.com.pem
ssl_cipher_list = TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:!PSK:@STRENGTH
ssl_key = </etc/ssl/private/mx_example.com.key
userdb {
   args = username_format=%u /etc/dovecot/users
   driver = passwd-file
}
protocol imap {
   imap_client_workarounds = delay-newmail
   mail_max_userip_connections = 10
   mail_plugins = fts fts_solr
}
protocol pop3 {
   mail_max_userip_connections = 10
   pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
}
protocol lda {
   deliver_log_format = msgid=%m: %$
   mail_plugins = sieve
   postmaster_address = postmaster
   quota_full_tempfail = yes
   rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
protocol lmtp {
   mail_plugins = sieve
   postmaster_address = postmaster at example.com
}



#DEST HOST
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.0-37-generic x86_64 Ubuntu 12.04.2 LTS
auth_verbose = yes
auth_verbose_passwords = sha1
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
passdb {
   args = scheme=CRYPT username_format=%u /etc/dovecot/users
   driver = passwd-file
}
plugin {
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = " imap lmtp sieve"
service auth {
   unix_listener auth-userdb {
     group = its-virtmail
     user = its-virtmail
   }
}
service lmtp {
   process_min_avail = 3
   user = its-virtmail
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
   args = username_format=%u /etc/dovecot/users
   driver = passwd-file
}

On 2013-08-19 6:52 AM, Ben <ben+dovecot at mail-subs.com>
wrote:
> # SOURCE HOST
> # 2.0.19: /etc/dovecot/dovecot.conf
<snip>
> #DEST HOST
> # 2.0.19: /etc/dovecot/dovecot.conf 
First and foremost, you  need to update both to 2.2.5... dsync was 
completely overhauled and is much more reliable etc...

-- 

Best regards,

*/Charles/*