Am 19.09.17 um 00:03 schrieb Ralf Becker: > Hi Timo, > > update to 2.2.32 (suggested by Aki) did not change the situation ... > > Am 18.09.17 um 20:49 schrieb Timo Sirainen: >> On 18 Sep 2017, at 20.12, Ralf Becker <r...@egroupware.org >> <mailto:r...@egroupware.org>> wrote: >>> Hi Timo, >>> >>> Am 18.09.17 um 12:03 schrieb Timo Sirainen: >>>> On 18 Sep 2017, at 12.10, Ralf Becker <r...@egroupware.org >>>> <mailto:r...@egroupware.org> >>>> <mailto:r...@egroupware.org>> wrote: >>>>> Am 14.09.17 um 01:07 schrieb Timo Sirainen: >>>>>> On 7 Sep 2017, at 17.42, Ralf Becker <r...@egroupware.org >>>>>> <mailto:r...@egroupware.org> >>>>>> <mailto:r...@egroupware.org>> wrote: >>>>>>> Dovecot 2.2.31 with mailboxes in mdbox format. >>>>>>> >>>>>>> Since a couple of days some mailboxes have the problem, that sieve >>>>>>> rules >>>>>>> moving mails to folders stop working and .sieve.log in mailbox shows: >>>>>>> >>>>>>> sieve: info: started log at Sep 07 13:57:17. >>>>>>> error: >>>>>>> msgid=<20170907155704.egroupware.s4ythvjrr12wsijlpkbk...@somedomain.egroupware.de >>>>>>> <mailto:20170907155704.egroupware.s4ythvjrr12wsijlpkbk...@somedomain.egroupware.de> >>>>>>> <mailto:20170907155704.egroupware.s4ythvjrr12wsijlpkbk...@somedomain.egroupware.de>>: >>>>>>> failed to store into mailbox 'INBOX/Munser': Mailbox doesn't exist: >>>>>>> INBOX/Munser. >>>>>>> >>>>>>> When I do a doveadm mailbox list -s -u <user>@<domain> I get all >>>>>>> folders >>>>>>> incl. the one mentioned above, while doveadm mailbox list without -s >>>>>>> shows just >>>>>>> user >>>>>>> INBOX >>>>>> Subscriptions are stored independently from the actual folders. So >>>>>> it looks like the subscription file exists and is correct, but >>>>>> somehow you've lost all the folders. Do you see the folders in the >>>>>> filesystem under user/mailboxes/ directory? >>>>> Yes, the folders exist under >>>>> /var/dovecot/imap/<domain>/<user>/mdbox/mailboxes/. >>>>> Just doveadm mailbox list -u <user>@<domain> (without -s) does only >>>>> show >>>>> INBOX and user. >>>>> (I can send you the list of folders via private mail, but I can not >>>>> post >>>>> them on the list.) >>>>> >>>>> Anything I can do to get Dovecot to eg. rescan the folders from the >>>>> filesystem or any other way to fix that problem? >>>>> I have it with a couple of mailboxes, so I believe it's some kind of >>>>> systematic problem, nothing the users did. >>>> I can't really think of any reason why it wouldn't simply work. >>>> Especially since you're not using v2.2.32, the folder listing is >>>> always performed by listing the directories in filesystem, so there's >>>> nothing really to resync. What's your doveconf -n? You could try with >>>> mailbox_list_index=no if that happens to make any difference, but it >>>> shouldn't. >>>> >>>> You could also try what "strace -o log -s 100 doveadm mailbox list -u >>>> user@domain" shows. Is it opening the correct mailboxes/ directory? >>>> Maybe the path is just wrong for some reason (some typo added >>>> somewhere)? >>> >>> Nope it lstats the correct directories, but does not show them. >>> >>> I send you the strace / sysdig output per private mail, as it contains >>> private information of that user. >> Looks like you have some dovecot-acl and dovecot-acl-list files, so it >> has to be because Dovecot thinks the ACLs are preventing access to the >> user. Try deleting dovecot-acl-list to see if the problem is with >> that. If not, look at the dovecot-acl files and/or "doveadm acl debug >> -u user@domain <folder that's supposed to exist>" to figure out what's >> wrong. > > root@fra-nfs-mail:~# doveadm acl debug -u <user>@<domain> INBOX/AA > doveadm(<user>@<domain>): Info: Mailbox 'AA' is in namespace 'INBOX/' > doveadm(<user>@<domain>): Info: Mailbox path: > /var/dovecot/imap/<domain>/<user>/mdbox/mailboxes/AA/dbox-Mails > doveadm(<user>@<domain>): Info: All message flags are shared across > users in mailbox > doveadm(<user>@<domain>): Info: User <user>@<domain> has no rights for > mailbox > doveadm(<user>@<domain>): Error: User <user>@<domain> is missing > 'lookup' right > doveadm(<user>@<domain>): Info: Mailbox INBOX/AA is NOT visible in LIST > > Ok, but when I try to fix it: > > root@fra-nfs-mail:~# doveadm acl add -u <user>@<domain> INBOX/AA > user=<user>@<domain> admin create delete expunge insert lookup post read > write write-deleted write-seen > > root@fra-nfs-mail:~# doveadm acl add -u <user>@<domain> INBOX/AA owner > admin create delete expunge insert lookup post read write write-deleted > write-seen > > root@fra-nfs-mail:~# doveadm acl get -u <user>@<domain> INBOX/AA > ID Global Rights > owner admin create delete > expunge insert lookup post read write write-deleted write-seen > user=<user>@<domain> admin create delete expunge insert lookup > post read write write-deleted write-seen > > Nothing has changed :( > > root@fra-nfs-mail:~# doveadm acl debug -u <user>@<domain> INBOX/AA > doveadm(<user>@<domain>): Info: Mailbox 'AA' is in namespace 'INBOX/' > doveadm(<user>@<domain>): Info: Mailbox path: > /var/dovecot/imap/<domain>/<user>/mdbox/mailboxes/AA/dbox-Mails > doveadm(<user>@<domain>): Info: All message flags are shared across > users in mailbox > doveadm(<user>@<domain>): Info: User <user>@<domain> has no rights for > mailbox > doveadm(<user>@<domain>): Error: User <user>@<domain> is missing > 'lookup' right > doveadm(<user>@<domain>): Info: Mailbox INBOX/AA is NOT visible in LIST > > How to fix that situation? > > Is there a way to reset acl of all folders of a user to all rights for > the owner? > > root@fra-nfs-mail:/var/dovecot/imap/<domain>/<user># find -name > "dovecot-acl*" > ./mdbox/mailboxes/INBOX/dbox-Mails/dovecot-acl > ./mdbox/mailboxes/AA/dbox-Mails/dovecot-acl > ./mdbox/dovecot-acl-list > > Ralf
Here's my config:
root@fra-nfs-mail:~# doveadm config -n
# 2.2.32 (dfbe293d4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.20 (7cd71ba)
# OS: Linux 4.4.0-93-generic x86_64
auth_cache_negative_ttl = 2 mins
auth_cache_size = 10 M
auth_cache_ttl = 5 mins
auth_master_user_separator = *
auth_username_chars =
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@#"
default_client_limit = 3500
default_process_limit = 512
disable_plaintext_auth = no
doveadm_password = # hidden, use -P to show it
doveadm_port = 12345
first_valid_uid = 90
listen = *
log_path = /dev/stderr
mail_access_groups = dovecot
mail_gid = dovecot
mail_location = mdbox:~/mdbox
mail_log_prefix = "%s(%u %p): "
mail_max_userip_connections = 200
mail_plugins = acl quota notify replication mail_log
mail_uid = dovecot
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave vnd.dovecot.debug
mbox_min_index_size = 1000 B
mdbox_rotate_size = 50 M
namespace inboxes {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Templates {
auto = subscribe
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix = INBOX/
separator = /
subscriptions = no
}
namespace subs {
hidden = yes
list = no
location =
prefix =
separator = /
}
namespace users {
location = mdbox:%%h/mdbox:INDEXPVT=~/shared/%%u
prefix = user/%%n/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/dovecot-dict-master-auth.conf
driver = dict
master = yes
}
passdb {
args = /etc/dovecot/dovecot-dict-auth.conf
driver = dict
}
plugin {
acl = vfile
acl_shared_dict = file:/var/dovecot/imap/%d/shared-mailboxes.db
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename
mail_log_fields = uid box msgid size
mail_replica = tcp:10.44.99.1
quota = dict:User quota::ns=INBOX/:file:%h/dovecot-quota
quota_rule = *:storage=100GB
sieve = ~/sieve/dovecot.sieve
sieve_after = /var/dovecot/sieve/after.d/
sieve_before = /var/dovecot/sieve/before.d/
sieve_dir = ~/sieve
sieve_extensions = +editheader
sieve_user_log = ~/.sieve.log
}
postmaster_address = adm...@egroupware.org
protocols = imap pop3 lmtp sieve
quota_full_tempfail = yes
replication_dsync_parameters = -d -n INBOX -l 30 -U
service aggregator {
fifo_listener replication-notify-fifo {
user = dovecot
}
unix_listener replication-notify {
user = dovecot
}
}
service auth-worker {
user = $default_internal_user
}
service doveadm {
inet_listener {
port = 12345
}
inet_listener {
port = 26
}
vsz_limit = 512 M
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 993
ssl = yes
}
process_min_avail = 5
service_count = 1
vsz_limit = 64 M
}
service imap {
executable = imap
process_limit = 2048
vsz_limit = 512 M
}
service lmtp {
inet_listener lmtp {
port = 24
}
unix_listener lmtp {
mode = 0666
}
vsz_limit = 512 M
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
executable = pop3
}
service postlogin {
executable = script-login -d rawlog -b -t
}
service replicator {
process_min_avail = 1
unix_listener replicator-doveadm {
group = dovecot
mode = 0660
user = dovecot
}
}
ssl_cert = </etc/certs/mail.egroupware.org.pem
ssl_key = # hidden, use -P to show it
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-dict-auth.conf
driver = dict
}
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
verbose_proctitle = yes
protocol lda {
mail_plugins = acl quota notify replication mail_log acl sieve quota
}
protocol imap {
mail_max_userip_connections = 200
mail_plugins = acl quota notify replication mail_log acl imap_acl
quota imap_quota
}
protocol lmtp {
mail_max_lock_timeout = 25 secs
mail_plugins = acl quota notify replication mail_log acl sieve quota
}
--
Ralf Becker
EGroupware GmbH [www.egroupware.org]
Handelsregister HRB Kaiserslautern 3587
Geschäftsführer Birgit und Ralf Becker
Leibnizstr. 17, 67663 Kaiserslautern, Germany
Telefon +49 631 31657-0
signature.asc
Description: OpenPGP digital signature
