You are correct that the problem is not fully fixed yet. It, however, only affects practically cases where you do
doveadm -c /path <command> We will fix it properly in a future release, now it has been fixed to work as it used to before, so no new regression is introduced. Aki > On 03/11/2021 14:54 John Stoffel <j...@stoffel.org> wrote: > > > >>>>> "Aki" == Aki Tuomi <aki.tu...@open-xchange.com> writes: > > Aki> This issue is now fixed for Dovecot on master with > Aki> https://github.com/dovecot/core/compare/ca2237e%5E..6fff8d5.patch > > Looking at the patch, I've got a couple of comments. > > 1. Even your added comment says this issue could still happen is > doveadm reads the config setting through doveconf, instead of the > config socket. To me that smells like the problem isn't really where > you patched it, but more in the parsing of options in doveadm. > > 2. This is much more bike-shedding, but you have the following: > > - if (input->module != NULL || input->extra_modules != NULL) { > + if ((service->flags & MASTER_SERVICE_FLAG_DISABLE_SSL_SET) == > 0 && > + (input->module != NULL || input->extra_modules != NULL)) { > > And I would think that the last line would be more readable with: > > (input->module || input->extra_modules)) { > > The != NULL test just seems really redundant. I haven't looked at the > rest of the main.c to see if this pattern is repeated all over the > place or not. > > John > > > Aki> and for pigeonhole master with > > Aki> > https://github.com/dovecot/pigeonhole/commit/29750ba54c20eea0afd4ca436ddc1325723ce93f.patch > > Aki> Regards, > Aki> Aki > > >> On 01/11/2021 08:38 Aki Tuomi <aki.tu...@open-xchange.com> wrote: > >> > >> > >> Hi all! > >> > >> We are looking into this issue. > >> > >> Aki > >> > >> > On 30/10/2021 19:36 TG Servers <sr...@prvtmail.net> wrote: > >> > > >> > > >> > Thanks Robert, I read that. I will also wait for a patch and stay > >> > > >> > Cheers > >> > > >> > > >> > On 30/10/2021 12:59, Robert Nowotny wrote: > >> > > >> > > the reason is : > >> > > > >> > > ssl_ca = </etc/ssl/certs/ca-bundle.crt > >> > > > >> > > if "ca-bundle.crt"is too big, You will get that error. > >> > > this should be fixed, but as a workaround You might pull out the > >> > > certificates You need. > >> > > I personally wait for the patch and stay at 2.3.16 for the time > >> > > beeing. > >> > > > >> > > yours sincerely > >> > > Robert > >> > > > >> > > > >> > > > >> > > Am 30.10.2021 um 10:34 schrieb TG Servers: > >> > > > >> > > > Hello, > >> > > > > >> > > > tonight my dovecot upgraded to 2.3.17 and completely broke on > >> > > > recent CentOS 8 installation. > >> > > > > >> > > > I found the service in status > >> > > > > >> > > > [root@riot ~]# systemctl status dovecot > >> > > > ● dovecot.service - Dovecot IMAP/POP3 email server > >> > > > Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; > >> > > > vendor preset: disabled) > >> > > > Active: failed (Result: exit-code) since Sat 2021-10-30 09:59:11 > >> > > > CEST; 58s ago > >> > > > Docs: man:dovecot(1) > >> > > > https://doc.dovecot.org/ > >> > > > Process: 1515 ExecStart=/usr/sbin/dovecot -F (code=exited, > >> > > > status=89) > >> > > > Process: 1429 ExecStartPre=/usr/libexec/dovecot/prestartscript > >> > > > (code=exited, status=0/SUCCESS) > >> > > > Main PID: 1515 (code=exited, status=89) > >> > > > > >> > > > Oct 30 09:59:10 riot.<domain>.com systemd[1]: Starting Dovecot > >> > > > IMAP/POP3 email server... > >> > > > Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: > >> > > > execvp(/usr/libexec/dovecot/managesieve) failed: Argument list too > >> > > > long > >> > > > Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Error: > >> > > > managesieve-login: dump-capability process returned 89 > >> > > > Oct 30 09:59:11 riot.<domain>.com dovecot[1515]: doveconf: Fatal: > >> > > > execvp(/usr/sbin/dovecot) failed: Argument list too long > >> > > > Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: Main > >> > > > process exited, code=exited, status=89/n/a > >> > > > Oct 30 09:59:11 riot.<domain>.com systemd[1]: dovecot.service: > >> > > > Failed with result 'exit-code'. > >> > > > Oct 30 09:59:11 riot.<domain>.com systemd[1]: Failed to start > >> > > > Dovecot IMAP/POP3 email server. > >> > > > > >> > > > This seems to be like a bug as no configuration was changed by me > >> > > > in the middle of the night. > >> > > > I recall there were similar errors/bug reports in the past were it > >> > > > seemed it was managesieve but wasn't, people had some > >> > > > misconfigurations in the dovecot.conf. I did not change my > >> > > > dovecot.conf since April. > >> > > > But maybe here it is a pigeonhole issue. > >> > > > > >> > > > As I did not find any reason for it I changed the repo and > >> > > > downgraded to 2.3.16-2 now and it runs without any flaws, like all > >> > > > the time before. I had no time to investigate this any longer thand > >> > > > 2 hours with 2.3.17 installed as this is a production server and I > >> > > > need the email access. I also did not find anything adressable in > >> > > > the logs. > >> > > > > >> > > > [root@riot dovecot]# systemctl status dovecot > >> > > > ● dovecot.service - Dovecot IMAP/POP3 email server > >> > > > Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; > >> > > > vendor preset: disabled) > >> > > > Active: active (running) since Sat 2021-10-30 10:18:11 CEST; 2s ago > >> > > > Docs: man:dovecot(1) > >> > > > https://doc.dovecot.org/ > >> > > > Process: 32398 ExecStartPre=/usr/libexec/dovecot/prestartscript > >> > > > (code=exited, status=0/SUCCESS) > >> > > > Main PID: 32452 (dovecot) > >> > > > Status: "v2.3.16 (7e2e900c1a) running" > >> > > > Tasks: 4 (limit: 99912) > >> > > > Memory: 4.4M > >> > > > CGroup: /system.slice/dovecot.service > >> > > > ├─32452 /usr/sbin/dovecot -F > >> > > > ├─32507 dovecot/anvil > >> > > > ├─32508 dovecot/log > >> > > > └─32513 dovecot/config > >> > > > > >> > > > Oct 30 10:18:11 riot.<domain>.com systemd[1]: Starting Dovecot > >> > > > IMAP/POP3 email server... > >> > > > Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: Warning: > >> > > > Corrected permissions for login directory > >> > > > /var/run/dovecot/token-login > >> > > > Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Warning: > >> > > > Corrected permissions for login directory > >> > > > /var/run/dovecot/token-login > >> > > > Oct 30 10:18:11 riot.<domain>.com dovecot[32452]: master: Dovecot > >> > > > v2.3.16 (7e2e900c1a) starting up for imap, lmtp, sieve > >> > > > Oct 30 10:18:11 riot.<domain>.com systemd[1]: Started Dovecot > >> > > > IMAP/POP3 email server. > >> > > > > >> > > > > >> > > > This is the configuration > >> > > > # 2.3.16 (7e2e900c1a): /etc/dovecot/dovecot.conf > >> > > > # Pigeonhole version 0.5.16 (09c29328) > >> > > > # OS: Linux 4.18.0-305.19.1.el8_4.x86_64 x86_64 AlmaLinux release > >> > > > 8.4 (Electric Cheetah) > >> > > > # Hostname: riot.<domain>.com > >> > > > auth_mechanisms = plain login > >> > > > auth_verbose = yes > >> > > > listen = * > >> > > > mail_gid = vmail > >> > > > mail_home = /var/vmail/mailboxes/%d/%n > >> > > > mail_location = maildir:~/mail:LAYOUT=fs > >> > > > mail_plugins = " quota fts fts_solr" > >> > > > mail_privileged_group = vmail > >> > > > mail_uid = vmail > >> > > > managesieve_notify_capability = mailto > >> > > > managesieve_sieve_capability = fileinto reject envelope > >> > > > encoded-character vacation subaddress comparator-i;ascii-numeric > >> > > > relational regex imap4flags copy include variables body enotify > >> > > > environment mailbox date index ihave duplicate mime foreverypart > >> > > > extracttext imapsieve vnd.dovecot.imapsieve > >> > > > namespace inbox { > >> > > > inbox = yes > >> > > > location = > >> > > > mailbox Drafts { > >> > > > auto = subscribe > >> > > > special_use = \Drafts > >> > > > } > >> > > > mailbox Sent { > >> > > > auto = subscribe > >> > > > special_use = \Sent > >> > > > } > >> > > > mailbox Spam { > >> > > > auto = subscribe > >> > > > special_use = \Junk > >> > > > } > >> > > > mailbox Trash { > >> > > > auto = subscribe > >> > > > special_use = \Trash > >> > > > } > >> > > > prefix = > >> > > > separator = . > >> > > > type = private > >> > > > } > >> > > > passdb { > >> > > > args = /etc/dovecot/dovecot-sql.conf > >> > > > driver = sql > >> > > > } > >> > > > plugin { > >> > > > fts = solr > >> > > > fts_autoindex = yes > >> > > > fts_solr = url=http://localhost:<solr_port>/solr/dovecot/ > >> > > > imapsieve_mailbox1_before = > >> > > > file:/var/vmail/sieve/global/learn-spam.sieve > >> > > > imapsieve_mailbox1_causes = COPY > >> > > > imapsieve_mailbox1_name = Spam > >> > > > imapsieve_mailbox2_before = > >> > > > file:/var/vmail/sieve/global/learn-ham.sieve > >> > > > imapsieve_mailbox2_causes = COPY > >> > > > imapsieve_mailbox2_from = Spam > >> > > > imapsieve_mailbox2_name = * > >> > > > quota = maildir:User quota > >> > > > quota_exceeded_message = User %u is over the storage quota > >> > > > sieve = > >> > > > file:/var/vmail/sieve/%d/%n/scripts;active=/var/vmail/sieve/%d/%n/active-script.sieve > >> > > > sieve_before = /var/vmail/sieve/global/spam-global.sieve > >> > > > sieve_global_extensions = +vnd.dovecot.pipe > >> > > > sieve_pipe_bin_dir = /usr/bin > >> > > > sieve_plugins = sieve_imapsieve sieve_extprograms > >> > > > } > >> > > > protocols = imap lmtp sieve > >> > > > service auth { > >> > > > unix_listener /var/spool/postfix/private/auth { > >> > > > group = postfix > >> > > > mode = 0660 > >> > > > user = postfix > >> > > > } > >> > > > unix_listener auth-userdb { > >> > > > group = vmail > >> > > > mode = 0660 > >> > > > user = vmail > >> > > > } > >> > > > } > >> > > > service imap-login { > >> > > > inet_listener imap { > >> > > > port = 0 > >> > > > } > >> > > > inet_listener imaps { > >> > > > port = 993 > >> > > > } > >> > > > } > >> > > > service lmtp { > >> > > > unix_listener /var/spool/postfix/private/dovecot-lmtp { > >> > > > group = postfix > >> > > > mode = 0660 > >> > > > user = postfix > >> > > > } > >> > > > user = vmail > >> > > > } > >> > > > service managesieve-login { > >> > > > inet_listener sieve { > >> > > > port = 4190 > >> > > > } > >> > > > } > >> > > > ssl = required > >> > > > ssl_ca = </etc/ssl/certs/ca-bundle.crt > >> > > > ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt > >> > > > ssl_cipher_list = > >> > > > TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:EECDH+AESGCM:EDH+AESGCM:@SECLEVEL=2 > >> > > > ssl_client_ca_dir = /etc/ssl/certs > >> > > > ssl_client_ca_file = /etc/ssl/certs/ca-bundle.crt > >> > > > ssl_dh = # hidden, use -P to show it > >> > > > ssl_key = # hidden, use -P to show it > >> > > > ssl_prefer_server_ciphers = yes > >> > > > userdb { > >> > > > args = /etc/dovecot/dovecot-sql.conf > >> > > > driver = sql > >> > > > } > >> > > > protocol imap { > >> > > > imap_idle_notify_interval = 24 mins > >> > > > mail_max_userip_connections = 20 > >> > > > mail_plugins = " quota fts fts_solr imap_quota imap_sieve" > >> > > > } > >> > > > protocol lmtp { > >> > > > mail_plugins = " quota fts fts_solr sieve" > >> > > > postmaster_address = postmaster@<domain>.com > >> > > > } > >> > > > local_name mail.<domain_3>.com { > >> > > > ssl_cert = </etc/ssl/certs/<domain_3>.com_chain.crt > >> > > > ssl_key = # hidden, use -P to show it > >> > > > } > >> > > > local_name mail.<domain_2>.net { > >> > > > ssl_cert = </etc/ssl/certs/<domain_2>.net_chain.crt > >> > > > ssl_key = # hidden, use -P to show it > >> > > > } > >> > > > local_name mail.<domain>.com { > >> > > > ssl_cert = </etc/ssl/certs/<domain>.com_chain.crt > >> > > > ssl_key = # hidden, use -P to show it > >> > > > } > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > >> > > > >> > > >> >
