PGNet Dev
2020-Jul-23 18:12 UTC
dsync fails for existing user: "Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password" ?
i'm attempting to dsync from a remote/other IMAP store to my current/new
dovecot instance
testing remote's IMAP access from the local/dovecot box, i can successfully
login
openssl s_client \
-crlf \
-4 \
-showcerts \
-bind 10.0.1.10 \
-connect remote-imap.example.com:993 \
-cert /sec/vmail/client.EC.crt.pem \
-key /sec/vmail/client.EC.key.pem \
-CAfile /sec/vmail/CA.crt.pem
a1 login "testuser at example.net" "my!secret"
a1 OK [CAPABILITY IMAP4rev1 ACL BINARY CATENATE CHILDREN CONDSTORE ENABLE
ESEARCH ESORT I18NLEVEL=1 ID IDLE LIST-EXTENDED LIST-STATUS LITERAL+
LOGIN-REFERRALS MULTIAPPEND NAMESPACE QRESYNC QUOTA RIGHTS=ektx SASL-IR
SEARCHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST] LOGIN
completed
atm, my dovecot config includes the following, matching the ssl config above,
ssl_client_ca_file = /sec/vmail/CA.crt.pem
ssl_client_require_valid_cert = yes
ssl_client_cert = < /sec/vmail/client.EC.crt.pem
ssl_client_key = < /sec/vmail/client.EC.key.pem
protocol doveadm {
mail_plugins = virtual
}
imapc_host = remote-imap.example.com
imapc_features = rfc822.size
imapc_features = $imapc_features fetch-headers
mail_prefetch_count = 20
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
dsync_features = empty-header-workaround
dsync_commit_msgs_interval = 100 # default in v2.2.30+
dsync_hashed_headers = Date Message-ID
and
grep users.conf /etc/dovecot/conf.d/*
/etc/dovecot/conf.d/10-auth.conf: args = scheme=ARGON2ID
/etc/dovecot/sec/users.conf
_USER="testuser at example.net"
_PASS="my!secret"
_PASS_ENC=$( doveadm pw -s ARGON2ID -p ${_PASS} )
echo "${_USER}:${_PASS_ENC}::::" >> /etc/dovecot/sec/users.conf
grep testuser at example.net /etc/dovecot/sec/users.conf
testuser at example.net:{ARGON2ID}$argon2id$v=19$m=65536,t=3,p=1$...qY::::
on exec
doveadm -D -o mail_fsync=never backup -R -u "testuser at example.net"
imapc:
returns/fails,
Debug: Loading modules from directory: /usr/lib64/dovecot
Debug: Module loaded: /usr/lib64/dovecot/lib20_virtual_plugin.so
Debug: Loading modules from directory: /usr/lib64/dovecot/doveadm
Debug: Skipping module doveadm_acl_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol:
acl_user_module (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_expire_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol:
expire_set_deinit (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_quota_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/lib10_doveadm_quota_plugin.so: undefined symbol:
quota_user_module (this is usually intentional, so just ignore this message)
Debug: Module loaded: /usr/lib64/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol:
lucene_index_iter_deinit (this is usually intentional, so just ignore this
message)
Debug: Skipping module doveadm_fts_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol:
fts_user_get_language_list (this is usually intentional, so just ignore this
message)
Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed:
/usr/lib64/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol:
mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this
message)
doveadm(testuser at example.net)<>: Debug: auth-master: userdb
lookup(testuser at example.net): Started userdb lookup
doveadm(testuser at example.net)<>: Debug: auth-master: conn
unix:/run/dovecot/auth-userdb: Connecting
doveadm(testuser at example.net)<>: Debug: auth-master: conn
unix:/run/dovecot/auth-userdb (pid=10517,uid=0): Client connected (fd=10)
doveadm(testuser at example.net)<>: Debug: auth-master: userdb
lookup(testuser at example.net): auth USER input: testuser at example.net
uid=5000 gid=5000 home=/data/vmail/example.net/testuser/Maildir
doveadm(testuser at example.net)<>: Debug: auth-master: userdb
lookup(testuser at example.net): Finished userdb lookup (username=testuser at
example.net uid=5000 gid=5000 home=/data/vmail/example.net/testuser/Maildir)
doveadm(testuser at example.net): Debug: Effective uid=5000, gid=5000,
home=/data/vmail/example.net/testuser/Maildir
doveadm(testuser at example.net): Debug: Namespace inbox: type=private,
prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
location=maildir:/data/vmail/example.net/testuser/Maildir:CONTROL=/data/vmail/example.net/testuser/_control:INDEX=/var/vmail-index/example.net/testuser:LAYOUT=fs:UTF-8
doveadm(testuser at example.net): Debug: fs:
root=/data/vmail/example.net/testuser/Maildir,
index=/var/vmail-index/example.net/testuser, indexpvt=,
control=/data/vmail/example.net/testuser/_control,
inbox=/data/vmail/example.net/testuser/Maildir, alt doveadm(testuser at
example.net): Debug: Namespace shared: type=shared, prefix=shared/%u/, sep=/,
inbox=no, hidden=no, list=children, subscriptions=yes
location=maildir:/data/vmail/example.net/testuser/Maildir:INDEXPVT=/var/vmail-index/shared/%u
doveadm(testuser at example.net): Debug: shared: root=/run/dovecot/, index=,
indexpvt=, control=, inbox=, alt doveadm(testuser at example.net): Debug:
Namespace virtual: type=private, prefix=virtual/, sep=/, inbox=no, hidden=no,
list=yes, subscriptions=yes location=virtual:/data/vmail/virtual:INDEX=MEMORY
doveadm(testuser at example.net): Debug: fs: root=/data/vmail/virtual, index=,
indexpvt=, control=, inbox=, alt doveadm(testuser at example.net): Debug: brain
M: Namespace has location
maildir:/data/vmail/example.net/testuser/Maildir:CONTROL=/data/vmail/example.net/testuser/_control:INDEX=/var/vmail-index/example.net/testuser:LAYOUT=fs:UTF-8
doveadm(testuser at example.net): Debug: Namespace : Using permissions from
/data/vmail/example.net/testuser/Maildir: mode=0700 gid=default
dsync(testuser at example.net): Debug: Effective uid=5000, gid=5000,
home=/data/vmail/example.net/testuser/Maildir
dsync(testuser at example.net): Debug: Namespace inbox: type=private, prefix=,
sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=imapc:
dsync(testuser at example.net): Error: Failed to initialize user: Namespace
'': Mailbox list driver imapc: missing imapc_password
dsync(testuser at example.net): Debug: auth-master: conn
unix:/run/dovecot/auth-userdb (pid=10517,uid=0): Disconnected: Connection closed
(fd=10)
what needs to change in this^ config so that 'dsync' successfully
gets/uses the "missing imapc_password" from the existing users.conf
file?
PGNet Dev
2020-Jul-24 14:02 UTC
dsync fails for existing user: "Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password" ?
On 7/23/20 11:12 AM, PGNet Dev wrote:> what needs to change in this^ config so that 'dsync' successfully gets/uses the "missing imapc_password" from the existing users.conf file?red-herring; not a password issue at all seems the remote offers ciphers provided by JSSE without BouncyCastle, not OpenSSL, and doesn't manage with the ECDSA/CHACHA20 cert/cipher. loosening, - ssl_cipher_list = TTLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305 + ssl_cipher_list = TLS_CHACHA20_POLY1305_SHA256:ECDHE gets the connection to work, using ECDHE-RSA-AES256-GCM-SHA384 i still have a sync issue w/ INBOX deletion, but that's another matter ...
Aki Tuomi
2020-Jul-27 14:37 UTC
dsync fails for existing user: "Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password" ?
> On 23/07/2020 21:12 PGNet Dev <pgnet.dev at gmail.com> wrote: > ><snip>> i'm attempting to dsync from a remote/other IMAP store to my > what needs to change in this^ config so that 'dsync' successfully gets/uses the "missing imapc_password" from the existing users.conf file?userdb_imapc_password into users.conf? or alternatively set it in dovecot.conf. Aki