Daniel,
thanks so much for the detailed pointers. So it turns out to be both the evil that is systemd and an overzealous upgrade script. Apollon, should I raise a Debian bug for this? As for reasons, how do 50k proxy session on the proxy servers and 25k imap processes on the mailbox servers sound? Even on a server with just 6k users and 7k imap processes that causes a massive load spike and a far longer service interruption (about 50 seconds) than I'm happy with. Penultimately if people do set "shutdown_clients = no" they hopefully know what they are doing and do expect that to work. Regards, Christian On Fri, 30 Aug 2019 17:44:23 +0200 Daniel Lange via dovecot wrote: > Am 30.08.19 um 17:38 schrieb Daniel Lange via dovecot: > > Am 30.08.19 um 10:00 schrieb Christian Balzer via dovecot: > >> When upgrading on Debian Stretch with the security fix packages all > >> dovecot processes get killed and then restarted despite having > >> "shutdown_clients = no" set. > > > > This is systemd doing its "magic" (kill all control group processes), > > see https://dovecot.org/pipermail/dovecot/2016-June/104546.html > > for a potential fix. > > Actually that will not be enough in the upgrade case as the maintainer > script calls > deb-systemd-invoke stop dovecot.socket dovecot.service > > I personally think re-connecting clients are normal operations so I > wouldn't bother. But you could override the stop action in the systemd > unit if you have local reasons that warrant such a hack. > -- Christian Balzer Network/Systems Engineer ch...@gol.com Rakuten Mobile Inc.
