Since changeset 8a63f621bd2e I'm one step closer to the perfect working
setup. I'm sharing one GID per domain, all it's alias names and accounts.
So I can use: mail_attachment_dir = /srv/mail/.SiS/%{gid}
In order to avoid permission trouble I've set fs ACL on the .SiS dir:
,--[ getfacl srv/mail/.SiS ]--
| # file: srv/mail/.SiS
| # owner: root
| # group: root
| user::rwx
| group::--x
| mask::--x
| other::-wx
| default:user::rwx
| default:group::rwx
| default:mask::rwx
| default:other::---
`--
OK, lets test the setup:
dsync -u tes...@example.com mirror maildir:/tmp/Maildir
rm -rf Maildir && cp -a Maildir_org Maildir && chown -R 70010:70002 Maildir
dsync -vu tes...@example.com mirror maildir:/tmp/Maildir
dsync(tes...@example.com): Info: Drafts: only in dest
(guid=b6a53627f3cbe24e33030000850d2fad)
dsync(tes...@example.com): Info: Sent: only in dest
(guid=b7a53627f3cbe24e33030000850d2fad)
dsync(tes...@example.com): Info: Junk-E-Mail: only in dest
(guid=b8a53627f3cbe24e33030000850d2fad)
dsync(tes...@example.com): Info: Trash: only in dest
(guid=b9a53627f3cbe24e33030000850d2fad)
dsync(tes...@example.com): Info: INBOX: only in dest
(guid=baa53627f3cbe24e33030000850d2fad)
dsync(tes...@example.com): Error:
stat(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.4f06409857c627e0) failed:
Permission denied
dsync(tes...@example.com): Error:
safe_mkstemp(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.) failed: Permission
denied
dsync(tes...@example.com): Panic: file dsync-worker-local.c: line 1644
(local_worker_save_msg_continue): assertion failed: (ret == -1)
dsync(tes...@example.com): Error: Raw backtrace:
/usr/local/lib/dovecot/libdovecot.so.0(+0x4faf1) [0x7f4db31f4af1] ->
/usr/local/lib/dovecot/libdovecot.so.0(default_error_handler+0)
[0x7f4db31f4b7d] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0)
[0x7f4db31f4e01] -> dsync() [0x416af8] -> dsync() [0x416e46] ->
dsync(dsync_worker_msg_save+0x82) [0x412cb2] -> dsync() [0x40b7e0] -> dsync()
[0x417286] -> dsync() [0x417324] -> dsync(dsync_worker_msg_get+0xa8) [0x412dd4]
-> dsync() [0x40bbf3] -> dsync() [0x40bd62] -> dsync() [0x40c106] -> dsync()
[0x40c318] -> dsync(dsync_brain_msg_sync_new_msgs+0x1c) [0x40c336] ->
dsync(dsync_brain_msg_sync_more+0x1ae) [0x40b15e] -> dsync() [0x409b88] ->
dsync(dsync_brain_sync+0x231) [0x40a074] -> dsync() [0x4084fb] -> dsync()
[0x408729] -> dsync(dsync_brain_sync+0x1a7) [0x409fea] -> dsync() [0x408238] ->
dsync() [0x408388] -> dsync(dsync_brain_sync+0x10b) [0x409f4e] ->
dsync(dsync_brain_sync_all+0x24) [0x40a16b] -> dsync(main+0x680) [0x407b2b
] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f4db2e3fead]
-> dsync() [0x406e09]
Aborted (core dumped)
Looks like Dovecot ignores the ACL. I think a mail_attachment_dir_mode
setting could help to work around this problem. Dunno what would be a
good default value. But I would set mail_attachment_dir_mode = 0770
The attachment files have mode 0660, that's perfect in my setup.
Regards,
Pascal
--
The trapper recommends today: c01dcafe.1134...@localdomain.org
# 2.1.rc1 (8a63f621bd2e): /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.1.0-1-amd64 x86_64 Debian wheezy/sid
auth_mechanisms = plain login
debug_log_path = /var/log/dovecot_dbg.log
dict {
quota = pgsql:/usr/local/etc/dovecot/dovecot-dict-sql.conf.ext
}
first_valid_gid = 70000
first_valid_uid = 70000
hostname = orange.example.com
listen = 203.0.113.168, 2001:db8:436d:eaff:587:995:0:ffff
lmtp_save_to_detail_mailbox = yes
login_access_sockets = tcpwrap
mail_attachment_dir = /srv/mail/.SiS/%{gid}
mail_attachment_hash = %{sha256}
mail_location = mdbox:~/mdbox
mail_plugins = quota zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
}
passdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = dict:user:%{uid}:noenforcing:proxy::quota
quota_rule = *:storage=2G:messages=0
quota_rule2 = Trash:storage=+100M
recipient_delimiter = +
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
zlib_save = bz2
zlib_save_level = 6
}
postmaster_address = postmas...@example.com
protocols = imap lmtp sieve
service auth-worker {
unix_listener auth-worker {
group = $default_internal_user
mode = 0660
user = doveauth
}
user = doveauth
}
service auth {
client_limit = 1425
unix_listener /var/spool/postfix-orange/private/dovecot-auth {
group = postfix
mode = 0600
user = postfix
}
user = doveauth
}
service dict {
unix_listener dict {
mode = 0666
}
}
service lmtp {
executable = lmtp -D
unix_listener /var/spool/postfix-blau/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
unix_listener /var/spool/postfix-orange/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service tcpwrap {
unix_listener login/tcpwrap {
group = $default_login_user
mode = 0600
user = $default_login_user
}
}
ssl = required
ssl_cert = </etc/ssl/certs/STAR_example.com_complete.crt
ssl_key = </etc/ssl/private/wildcard.example.com.key
submission_host = orange.example.com:587
userdb {
args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
verbose_proctitle = yes
protocol lda {
mail_plugins = quota zlib sieve
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags
imap_id_log = *
imap_id_send = name
mail_plugins = quota zlib imap_quota imap_zlib
}
protocol lmtp {
mail_plugins = quota zlib sieve
}
#0 0x00007f4db2e53405 in raise () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1 0x00007f4db2e56680 in abort () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#2 0x00007f4db31f4b18 in default_fatal_finish (type=LOG_TYPE_PANIC, status=0)
at failures.c:187
backtrace = 0xfbd158 "/usr/local/lib/dovecot/libdovecot.so.0(+0x4faf1)
[0x7f4db31f4af1] ->
/usr/local/lib/dovecot/libdovecot.so.0(default_error_handler+0)
[0x7f4db31f4b7d] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+"...
#3 0x00007f4db31f4b7d in default_fatal_handler (ctx=0x7fff849ac7f0,
format=0x419368 "file %s: line %d (%s): assertion failed: (%s)",
args=0x7fff849ac7d8) at failures.c:201
status = 0
#4 0x00007f4db31f4e01 in i_panic (format=0x419368 "file %s: line %d (%s):
assertion failed: (%s)") at failures.c:259
ctx = {type = LOG_TYPE_PANIC, exit_status = 0, timestamp = 0x0}
args = {{gp_offset = 40, fp_offset = 48, overflow_arg_area =
0x7fff849ac8c0, reg_save_area = 0x7fff849ac800}}
#5 0x0000000000416af8 in local_worker_save_msg_continue (worker=0xfe4020) at
dsync-worker-local.c:1644
dest_box = 0xff6250
callback = 0x1046020
ret = 8192
__FUNCTION__ = "local_worker_save_msg_continue"
#6 0x0000000000416e46 in local_worker_msg_save (_worker=0xfe4020,
msg=0x7f4db39629e8, data=0x7fff849aca50, callback=0x40b685 <msg_save_callback>,
context=0x104edd0) at dsync-worker-local.c:1713
worker = 0xfe4020
dest_box = 0xff6250
save_ctx = 0x103cfa0
__FUNCTION__ = "local_worker_msg_save"
#7 0x0000000000412cb2 in dsync_worker_msg_save (worker=0xfe4020,
msg=0x7f4db39629e8, data=0x7fff849aca50, callback=0x40b685 <msg_save_callback>,
context=0x104edd0) at dsync-worker.c:234
_data_stack_cur_id = 3
#8 0x000000000040b7e0 in msg_get_callback
(result=DSYNC_MSG_GET_RESULT_SUCCESS, data=0x7fff849aca50, context=0x104edd0)
at dsync-brain-msgs-new.c:78
ctx = 0x104edd0
mailbox = 0x7f4db3962150
input = 0x1046080
__FUNCTION__ = "msg_get_callback"
#9 0x0000000000417286 in local_worker_msg_get_next (worker=0xfedcc0,
get=0x7fff849acab0) at dsync-worker-local.c:1814
data = {pop3_uidl = 0xfbcc60 "", received_date = 1301263892, input =
0x1046080}
trans = 0x10135c0
box = 0xff7cb0
__FUNCTION__ = "local_worker_msg_get_next"
#10 0x0000000000417324 in local_worker_msg_get (_worker=0xfedcc0,
mailbox=0x7f4db3962169, uid=7, callback=0x40b6ff <msg_get_callback>,
context=0x104edd0) at dsync-worker-local.c:1835
worker = 0xfedcc0
get = {mailbox = {guid =
"\267\245\066'\363\313\342N3\003\000\000\205\r/\255"}, uid = 7, callback =
0x40b6ff <msg_get_callback>, context = 0x104edd0}
#11 0x0000000000412dd4 in dsync_worker_msg_get (worker=0xfedcc0,
mailbox=0x7f4db3962169, uid=7, callback=0x40b6ff <msg_get_callback>,
context=0x104edd0) at dsync-worker.c:261
_data_stack_cur_id = 2
__FUNCTION__ = "dsync_worker_msg_get"
#12 0x000000000040bbf3 in dsync_brain_msg_sync_add_new_msg
(dest_iter=0x7f4db3962330, src_mailbox=0x7f4db3962169, msg_idx=10,
msg=0x10a6d50) at dsync-brain-msgs-new.c:180
save_ctx = 0x104edd0
copy_ctx = 0x10
src_iter = 0x7f4db39623b8
inst = 0x0
inst_box = 0x7fff849acbb4
#13 0x000000000040bd62 in dsync_brain_mailbox_add_new_msgs
(iter=0x7f4db3962330, mailbox_guid=0x7f4db3962169) at dsync-brain-msgs-new.c:215
msg = 0x10a6d50
msgs = 0x10a6cb0
msg_count = 3025
ret = true
__FUNCTION__ = "dsync_brain_mailbox_add_new_msgs"
#14 0x000000000040c106 in dsync_brain_msg_sync_add_new_msgs
(iter=0x7f4db3962330) at dsync-brain-msgs-new.c:314
mailbox = 0x7f4db3962150
mailbox_guid = 0x7f4db3962169
#15 0x000000000040c318 in dsync_brain_msg_iter_sync_new_msgs
(iter=0x7f4db3962330) at dsync-brain-msgs-new.c:385
No locals.
#16 0x000000000040c336 in dsync_brain_msg_sync_new_msgs (sync=0x7f4db3962050)
at dsync-brain-msgs-new.c:390
No locals.
#17 0x000000000040b15e in dsync_brain_msg_sync_more (sync=0x7f4db3962050) at
dsync-brain-msgs.c:430
mailboxes = 0x7f4db39620d8
count = 5
mailbox_idx = 5
#18 0x0000000000409b88 in dsync_brain_sync_msgs (brain=0xfec300) at
dsync-brain.c:735
mailboxes = {arr = {buffer = 0x1048750, element_size = 120}, v =
0x1048750, v_modifiable = 0x1048750}
pool = 0x1048730
ret = false
#19 0x000000000040a074 in dsync_brain_sync (brain=0xfec300) at dsync-brain.c:856
__FUNCTION__ = "dsync_brain_sync"
#20 0x00000000004084fb in dsync_brain_subs_list_finished (brain=0xfec300) at
dsync-brain.c:170
No locals.
#21 0x0000000000408729 in dsync_worker_subs_input (context=0x1043720) at
dsync-brain.c:223
list = 0x1043720
subs = {vname = 0x0, storage_name = 0x0, ns_prefix = 0x0, last_change =
0}
unsubs = {name_sha1 = {guid = '\000' <repeats 15 times>}, ns_prefix =
0x0, last_change = 0}
ret = -1
#22 0x0000000000409fea in dsync_brain_sync (brain=0xfec300) at dsync-brain.c:841
__FUNCTION__ = "dsync_brain_sync"
#23 0x0000000000408238 in dsync_brain_mailbox_list_finished (brain=0xfec300) at
dsync-brain.c:99
No locals.
#24 0x0000000000408388 in dsync_worker_mailbox_input (context=0xffe8d0) at
dsync-brain.c:126
list = 0xffe8d0
dsync_box = {name = 0x0, name_sep = 0 '\000', name_sha1 = {guid =
'\000' <repeats 15 times>}, mailbox_guid = {guid = '\000' <repeats 15 times>},
uid_validity = 0, uid_next = 0, message_count = 0,
first_recent_uid = 0, highest_modseq = 0, last_change = 0, flags = 0,
cache_fields = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, v_modifiable =
0x0}}
dup_box = 0xfff7b8
ret = -1
#25 0x0000000000409f4e in dsync_brain_sync (brain=0xfec300) at dsync-brain.c:832
__FUNCTION__ = "dsync_brain_sync"
#26 0x000000000040a16b in dsync_brain_sync_all (brain=0xfec300) at
dsync-brain.c:896
old_state = DSYNC_STATE_GET_MAILBOXES
__FUNCTION__ = "dsync_brain_sync_all"
#27 0x0000000000407b2b in main (argc=5, argv=0xfc2370) at dsync.c:308
set_parser = 0xfda330
set_line = 0xfbb9b0 "mail_location=maildir:/tmp/Maildir"
ssflags = 130
brain_flags = DSYNC_BRAIN_FLAG_VERBOSE
storage_service = 0xfc3ea0
service_user = 0xfc4830
input = {module = 0x4176f4 "mail", service = 0x4175c2 "dsync", username
= 0xfc23aa "tes...@example.com", local_ip = {family = 0, u = {ip6 = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0,
0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = {ip6 = {__in6_u =
{__u6_addr8 = '\000' <repeats 15 times>,
__u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0,
0, 0}}}, ip4 = {s_addr = 0}}}, local_port = 0, remote_port = 0, userdb_fields =
0x0, flags_override_add = 0,
flags_override_remove = 0, no_userdb_lookup = 0}
mail_user = 0xfddbe0
mail_user2 = 0xfe7c70
worker1 = 0xfe4020
worker2 = 0xfedcc0
workertmp = 0x7fff00000001
error = 0x0
username = 0xfc23aa "tes...@example.com"
cmd_name = 0xfc23bd "mirror"
mailbox = 0x0
local_location = 0xfc23c4 "maildir:/tmp/Maildir"
remote_cmd_args = 0x0
path1 = 0xfbc760 "/srv/mail/e/70002/70010/mdbox/mailboxes"
path2 = 0xfed700 "/tmp/Maildir"
dsync_server = false
unexpected_changes = false
dsync_debug = false
reverse_workers = false
alt_char = 95 '_'
c = -1
ret = 32767
fd_in = 0
fd_out = 1
__FUNCTION__ = "main"
