On 2/18/2024 1:36 AM, Christian Kivalo wrote
What's the value of first_valid_uid and last_valid_uid in 10-mail.conf?
Also including the output of doveconf -n with your question helps others help
you.
first_valid_uid is 500, last_valid_uid is unset. doveconf -n output
below. Sorry, I had stopped looking at the config after I found how that
error message was produced (not related to the first_valid/last_valid
check), but hadn't tracked down the exact cause yet last night.
The error I'm getting originates from (in the case of uid)
https://github.com/dovecot/core/blob/main/src/lib-auth-client/auth-master.c#L735,
which would produce it if the result of str_to_uid() is negative. That
function would return -1 if str_to_uintmax() or verify_xid() are
negative. This is where my rusty C shows but take a look at verify_xid()...
static int verify_xid(uintmax_t l, unsigned int result_size)
{
unsigned int result_bits;
/* we assume that result is a signed type,
but that it can never be negative */
result_bits = result_size*CHAR_BIT - 1;
if ((l >> result_bits) != 0)
return -1;
return 0;
}
(result_size will be sizeof a uid_t)
the -1 here gives me the feeling that this might reject UIDs in the
upper range of my system's uid_t, which is uint32 (e.g. it would reject
UIDs greater than max int 32 but less than max uint 32).
Assuming I'm interpreting this correctly (a plenty big if, check my
bitwise arithmetic), I would hesitate to call this a bug as it seems
rather intentional? I do know that some systems have historically used
int32 for UIDs but I think uint32 has been the case under Linux for time
immemorial. Perhaps this check is necessary to avoid problems on
platforms that do use a signed int for UIDs?
And just to check my work, I tried a user account that incidentally has
a lower uid. That account works fine. I could potentially renumber or
remap my UIDs but I am not too excited about doing that, on the other
hand I don't know how feasible it is to change this behavior in Dovecot.
doveconf -n:
# 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.20 (149edcf2)
# OS: Linux 6.5.6-300.fc39.x86_64 x86_64 Fedora release 39 (Thirty Nine) xfs
# Hostname: mx.waffle.tech
auth_default_realm = waffle.tech
auth_username_format = %n
hostname = mx.waffle.tech
mail_home = mbox:/var/mail/%n
mail_location = mbox:/var/mail/%n/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
mbox_write_locks = fcntl
namespace inbox {
inbox = yes
location =
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Junk {
auto = subscribe
special_use = \Junk
}
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
prefix =
}
passdb {
args = dovecot
driver = pam
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_before = /var/lib/dovecot/sieve.d/rejectspam.sieve
}
protocols = imap pop3 lmtp submission sieve
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0666
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 0
vsz_limit = 256 M
}
service managesieve {
process_limit = 1024
}
ssl = required
ssl_cert = </etc/dovecot/ssl/chain.pem
ssl_cipher_list = PROFILE=SYSTEM
ssl_key = # hidden, use -P to show it
submission_relay_host = mx.infra.waffle.tech
submission_relay_trusted = yes
userdb {
driver = passwd
}
protocol lmtp {
mail_plugins = " sieve"
}
protocol lda {
mail_plugins = " sieve"
}
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
