vkosharskiy at gmail.com
2018-Jun-09 08:10 UTC
Doveadm sync: Can't create mailbox mail_public/public: Permission denied if synchronize all the available namespaces
I have old dovecot server: (# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 4.14.15-3.el7xen.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) and new dovecot server: # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.devel (61b47828) # OS: Linux 4.14.47-5.el7xen.x86_64 x86_64 CentOS Linux release 7.5.1804 (Core) I try to sync old server with doveadm sync with parameter -N (Synchronize all the available namespaces) Sync successfull in log, but destination server in log have "Can't create mailbox mail_public/public: Permission denied." Config dumps, logs in attaches. -------------- next part -------------- # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.devel (61b47828) # OS: Linux 4.14.47-5.el7xen.x86_64 x86_64 CentOS Linux release 7.5.1804 (Core) auth_cache_negative_ttl = 0 auth_cache_size = 1 k auth_cache_ttl = 30 mins auth_cache_verify_password_with_worker = yes auth_failure_delay = 10 secs auth_mechanisms = plain cram-md5 digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_stats = yes auth_worker_max_count = 20 disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it imap_client_workarounds = delay-newmail tb-extra-mailbox-sep lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * lmtp_rcpt_check_quota = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_attachment_dir = /srv/vmail/imap/attaches mail_attachment_min_size = 64 k mail_gid = 10000 mail_location = mdbox:~ mail_log_prefix = "%s(%u): " mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual" mail_temp_dir = /srv/vmail/imap/tmp mail_uid = 10000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify mbox_write_locks = fcntl namespace { hidden = no inbox = no list = children location = mdbox:/srv/vmail/imap/domains/%%d/%%u:INDEXPVT=~/mail_shared/%%u prefix = mail_shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no inbox = no list = children location = mdbox:/srv/vmail/imap/domains/%d/_mail_public:INDEXPVT=~/mail_public prefix = mail_public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe comment = Drafts special_use = \Drafts } mailbox Sent { auto = subscribe comment = Sent special_use = \Sent } mailbox Spam { auto = subscribe comment = Spam special_use = \Junk } mailbox Trash { auto = subscribe comment = Trash special_use = \Trash } mailbox VirusMail { auto = subscribe comment = VirusMail special_use = \Junk } mailbox virtual/All { special_use = \All } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap_pass.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/acl/global.acl:cache_secs=300 acl_shared_dict = file:/srv/vmail/imap/domains/%d/shared-acl.db fts = lucene fts_autoindex = yes fts_autoindex_exclude = \Junk fts_autoindex_exclude2 = \Trash fts_lucene = mime_parts mail_crypt_save_version = 0 quota = count:User quota quota_grace = 10%% quota_rule = *:storage=512M quota_rule2 = Trash:storage=+10%% quota_rule3 = Spam:storage=+10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = yes quota_warning = storage=95%% quota-warning 95 %u %d quota_warning1 = storage=100%% quota-exceeded 100 %u %d quota_warning2 = -storage=100%% quota-warning below %u %d recipient_delimiter = + sieve = file:~/sieve;active=~/.dovecot.sieve sieve_after = /srv/vmail/sieve/sieve.conf.d/after sieve_before = /srv/vmail/sieve/sieve.conf.d/before sieve_default = /srv/vmail/sieve/default.sieve sieve_extensions = +notify +imapflags +imap4flags sieve_global_dir = /srv/imap/sieve/global sieve_max_actions = 128 sieve_max_redirects = 16 sieve_max_script_size = 1M sieve_user_log = ~/.dovecot.sieve.log } protocols = imap lmtp pop3 sieve service auth { unix_listener /var/spool/postfix-external/private/dovecot-auth { group = postfix mode = 0600 user = postfix } user = $default_internal_user } service dict { unix_listener dict { mode = 0777 } } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 inet_listener { port = 41999 } privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 1 } service imap { process_limit = 1024 } service lmtp { unix_listener /var/spool/postfix-internal/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } service managesieve { process_limit = 128 } service old-stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = old-stats extra_groups = fifo_listener old-stats-mail { group = mode = 0600 user = } fifo_listener old-stats-user { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener old-stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { process_limit = 1024 } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { address = 127.0.0.1 port = 41900 } } service quota-warning { executable = script /usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { user = mail } user = mail } ssl_ca = </etc/dovecot/ssl/dummy.pem ssl_cert = </etc/dovecot/ssl/dummy.pem ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes submission_host = 127.0.0.1:25 userdb { args = /etc/dovecot/dovecot-ldap_user.conf.ext driver = ldap } protocol lmtp { mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual quota sieve" } protocol lda { mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual quota sieve acl" } protocol imap { mail_max_userip_connections = 10 mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual quota imap_quota imap_acl zlib imap_old_stats" } protocol sieve { mail_max_userip_connections = 5 managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o } protocol pop3 { mail_max_userip_connections = 10 mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual" } protocol doveadm { mail_plugins = " acl zlib mail_log notify old_stats fts fts_lucene virtual quota acl fts fts_lucene" } local_name imap.example.com { ssl_ca = </etc/dovecot/ssl/CA_mail.pem ssl_cert = </etc/dovecot/ssl/mail.pem ssl_key = # hidden, use -P to show it } -------------- next part -------------- # 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.21 (92477967) # OS: Linux 4.14.15-3.el7xen.x86_64 x86_64 CentOS Linux release 7.4.1708 (Core) auth_failure_delay = 10 secs auth_mechanisms = plain cram-md5 digest-md5 auth_socket_path = /var/run/dovecot/auth-userdb auth_stats = yes auth_worker_max_count = 20 disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it imap_client_workarounds = delay-newmail tb-extra-mailbox-sep lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = * lmtp_rcpt_check_quota = yes login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c mail_attachment_dir = /srv/vmail/imap/attaches mail_gid = 10000 mail_location = sdbox:~ mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual" mail_temp_dir = /srv/vmail/imap/tmp mail_uid = 10000 mailbox_list_index = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext imapflags notify mbox_write_locks = fcntl namespace { hidden = no inbox = no list = children location = sdbox:/srv/vmail/imap/domains/%%d/%%u:INDEXPVT=~/mail_shared/%%u prefix = mail_shared/%%u/ separator = / subscriptions = no type = shared } namespace { hidden = no inbox = no list = children location = sdbox:/srv/vmail/imap/domains/%d/_mail_public:INDEXPVT=~/mail_public prefix = mail_public/ separator = / subscriptions = no type = public } namespace inbox { hidden = no inbox = yes list = yes location = mailbox Drafts { auto = subscribe comment = Drafts special_use = \Drafts } mailbox Sent { auto = subscribe comment = Sent special_use = \Sent } mailbox Spam { auto = subscribe comment = Spam special_use = \Junk } mailbox Trash { auto = subscribe comment = Trash special_use = \Trash } mailbox VirusMail { auto = subscribe comment = VirusMail special_use = \Junk } mailbox virtual/All { special_use = \All } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-ldap_pass.conf.ext driver = ldap } plugin { acl = vfile:/etc/dovecot/acl/global.acl:cache_secs=300 acl_shared_dict = file:/srv/vmail/imap/domains/%d/shared-acl.db fts = lucene fts_autoindex = yes fts_lucene = mime_parts mail_crypt_save_version = 0 quota = count:User quota quota_grace = 10%% quota_rule = *:storage=512M quota_rule2 = Trash:storage=+10%% quota_rule3 = Spam:storage=+10%% quota_status_nouser = DUNNO quota_status_overquota = 552 5.2.2 Mailbox is full quota_status_success = DUNNO quota_vsizes = yes quota_warning = storage=95%% quota-warning 95 %u %d quota_warning1 = storage=100%% quota-exceeded 100 %u %d quota_warning2 = -storage=100%% quota-warning below %u %d recipient_delimiter = + sieve = file:~/sieve;active=~/.dovecot.sieve sieve_after = /srv/vmail/sieve/sieve.conf.d/after sieve_before = /srv/vmail/sieve/sieve.conf.d/before sieve_default = /srv/vmail/sieve/default.sieve sieve_extensions = +notify +imapflags +imap4flags sieve_global_dir = /srv/imap/sieve/global sieve_max_actions = 128 sieve_max_redirects = 16 sieve_max_script_size = 1M sieve_user_log = ~/.dovecot.sieve.log } protocols = imap lmtp pop3 sieve service auth { unix_listener /var/spool/postfix-external/private/dovecot-auth { group = postfix mode = 0600 user = postfix } user = $default_internal_user } service dict { unix_listener dict { mode = 0777 } } service doveadm { chroot = client_limit = 1 drop_priv_before_exec = no executable = doveadm-server extra_groups = group = idle_kill = 0 privileged_group = process_limit = 0 process_min_avail = 0 protocol = service_count = 1 type = unix_listener doveadm-server { group = mode = 0600 user = } user = vsz_limit = 18446744073709551615 B } service imap-login { inet_listener imap { port = 143 } inet_listener imaps { port = 993 ssl = yes } process_min_avail = 0 service_count = 1 } service imap { process_limit = 1024 } service lmtp { unix_listener /var/spool/postfix-internal/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } service managesieve-login { inet_listener sieve { port = 4190 } service_count = 1 } service managesieve { process_limit = 128 } service pop3-login { inet_listener pop3 { port = 110 } inet_listener pop3s { port = 995 ssl = yes } } service pop3 { process_limit = 1024 } service quota-status { client_limit = 1 executable = quota-status -p postfix inet_listener { address = 127.0.0.1 port = 41900 } } service quota-warning { executable = script /usr/libexec/dovecot/quota-warning.sh unix_listener quota-warning { user = mail } user = mail } service stats { chroot = empty client_limit = 0 drop_priv_before_exec = no executable = stats extra_groups = fifo_listener stats-mail { group = mode = 0600 user = } fifo_listener stats-user { group = mode = 0600 user = } group = idle_kill = 4294967295 secs privileged_group = process_limit = 1 process_min_avail = 0 protocol = service_count = 0 type = unix_listener stats { group = mode = 0600 user = } user = $default_internal_user vsz_limit = 18446744073709551615 B } ssl_ca = </etc/dovecot/ssl/dummy.pem ssl_cert = </etc/dovecot/ssl/dummy.pem ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 ssl_dh_parameters_length = 2048 ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes ssl_protocols = TLSv1 submission_host = 127.0.0.1:25 userdb { args = /etc/dovecot/dovecot-ldap_user.conf.ext driver = ldap } protocol lmtp { mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual quota sieve" } protocol lda { mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual quota sieve acl" } protocol imap { mail_max_userip_connections = 10 mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual quota imap_quota imap_acl zlib imap_stats" } protocol sieve { mail_max_userip_connections = 5 managesieve_implementation_string = Dovecot Pigeonhole managesieve_logout_format = bytes=%i/%o } protocol pop3 { mail_max_userip_connections = 10 mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual" } protocol doveadm { mail_plugins = " acl zlib mail_log notify stats fts fts_lucene virtual expire quota acl fts fts_lucene" } local_name imap.example.com { ssl_ca = </etc/dovecot/ssl/CA_mail.pem ssl_cert = </etc/dovecot/ssl/mail.pem ssl_key = # hidden, use -P to show it } -------------- next part -------------- A non-text attachment was scrubbed... Name: dovesync-src_all_namespaes.log Type: text/x-log Size: 30036 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20180609/6a02c393/attachment-0002.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: dovesync-dst_all_namespaces.log Type: text/x-log Size: 22696 bytes Desc: not available URL: <https://dovecot.org/pipermail/dovecot/attachments/20180609/6a02c393/attachment-0003.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 213 bytes Desc: This is a digitally signed message part. URL: <https://dovecot.org/pipermail/dovecot/attachments/20180609/6a02c393/attachment-0001.sig>