Re: failed: read(/var/run/dovecot/dns-client)

> Sent with ProtonMail Secure Email. >>>>>>>>>>> ‐‐‐ Original Message ‐‐‐ >>>>>>>>>>> On Wednesday, April 10, 2019 8:20 PM, Aki Tuomi >>>>>>>>>>> aki.tu...@open-xchange.com wrote: >>>>>>>>>>> >>>>>>>>>>>>> On 10 April 2019 22:1

Re: failed: read(/var/run/dovecot/dns-client)

vecot > > > > > > > > > > > > dovecot@dovecot.org wrote: > > > > > > > > > > > > On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi > > > > > > > > > > > > aki.tu...@open-xchange.com wrote: > > >

Re: failed: read(/var/run/dovecot/dns-client)

dnesday, April 10, 2019 8:20 PM, Aki Tuomi >>>>>>>>> aki.tu...@open-xchange.com wrote: >>>>>>>>> >>>>>>>>>>> On 10 April 2019 22:13 Laura Smith via dovecot dovecot@dovecot.org >>>>>>>>>>> wrote: >>>>>>>>>>> On W

Re: failed: read(/var/run/dovecot/dns-client)

; Sent with ProtonMail Secure Email. >>>>>>>>>>> ‐‐‐ Original Message ‐‐‐ >>>>>>>>>>> On Wednesday, April 10, 2019 8:20 PM, Aki Tuomi >>>>>>>>>>> aki.tu...@open-xchange.com wrote: >>>>>>>>>>> >>>>>>>>>>>>>

Re: failed: read(/var/run/dovecot/dns-client)

vecot > > > > > > > > > > > > dovecot@dovecot.org wrote: > > > > > > > > > > > > On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi > > > > > > > > > > > > aki.tu...@open-xchange.com wrote: >

Re: failed: read(/var/run/dovecot/dns-client)

2019 22:13 Laura Smith via dovecot > > > > > > > > > > > dovecot@dovecot.org wrote: > > > > > > > > > > > On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi > > > > > > > > > > >

Re: failed: read(/var/run/dovecot/dns-client)

t; told me what was calling it instead of me having to > > > > > > > > > > > > un-necessarily spend time doing straces ! > > > > > > > > > > > > Also, should I be able to call dns-client directly > > > > > > > > > > > > myself ? (or is there a way to do so to enable testing ? > > > > > > > > > > > > It is started by dovecot's master process when you > > > > > > > > > > > > connect to dns-client unix socket. You can try > > > > > > > > > > > > socat stdio unix-connect:/var/run/dovecot/dns-client > > > > > > > > > > > > I thought apparmor tells when something is blocked into > > > > > > > > > > > > kernel log? have you checked dmesg? > > > > > > > > > > Apologies for your frustration. > > > > > > > > Yeah nothing in dmesg.  I'm still hunting around to find some log > > > > somewhere but so far silence. > > > > "socat stdio unix-connect:/var/run/dovecot/dns-client" runs but returns > > > > nothing. Is that expected ? > > > > When you say "dovecot's master process", so  doveadm sync talks to the > > > > master process ?  So in terms of apparmor I would therefore be looking > > > > at /usr/sbin/dovecot ?  If that's the case, the relevant apparmor > > > > permisssions are already provided : > > > >   /{,var/}run/dovecot/ rw, > > > >   /{,var/}run/dovecot/** rw, > > > > Laura > > > > > > Do the above apparmor settings give permission to dovecot to execute > > > /usr/lib/dovecot/dns-client, assuming that the user under which dovecot > > > is running already has file system permissions to do that? > > > John > > > > John, > > Here's the definitive answer to your question (and anyone else thinking of > > pointing the finger at apparmor): > > foo:/home/foo # sudo systemctl stop apparmor > > foo:/home/foo # doveadm -v -o mail_fsync=never backup -R -u > > foo...@example.com imapc: > > dsync(foo...@example.com): Error: imapc(foobar.example.com:993): > > dns_lookup(foobar.example.com) failed: DNS lookup timed out > > dsync(foo...@example.com): Error: Failed to initialize user: imapc: Login > > to foobar.example.com failed: Disconnected from server > > So. Can we move on from the "blame apparmor" ? ;-) > > Laura > > I'd suggest doing the test with a restart of dovecot in between stopping > apparmor and running the doveadm command. Check your logs to see if > there is no longer any message generated about not being able to execv > /usr/lib/dovecot/dns-client. > > foo:/home/foo # sudo systemctl stop apparmor > foo:/home/foo # sudo systemctl restart dovecot > foo:/home/foo # doveadm -v -o mail_fsync=never backup -R -u > foo...@example.com imapc: > > John Same again failed: read(/var/run/dovecot/dns-client) failed: read(size=512) failed: Connection reset by peer

Re: failed: read(/var/run/dovecot/dns-client)

gt; >>>>>>>>> On 10 April 2019 22:13 Laura Smith via dovecot dovecot@dovecot.org >>>>>>>>> wrote: >>>>>>>>> On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi >>>>>>>>> aki.tu...@open-xchange.com wrote: >>&

Re: failed: read(/var/run/dovecot/dns-client)

t; On 10 April 2019 21:26 Laura Smith via dovecot > > > > > > > > > > dovecot@dovecot.org wrote: > > > > > > > > > > > > > > > > > > > > ==

Re: failed: read(/var/run/dovecot/dns-client)

>>> wrote: >>>>>>> On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi >>>>>>> aki.tu...@open-xchange.com wrote: >>>>>>>>> On 10 April 2019 21:26 Laura Smith via dovecot dovecot@dovecot.org >>>>>>>>> w

Re: failed: read(/var/run/dovecot/dns-client)

day, April 10, 2019 7:57 PM, Aki Tuomi > > > > > > aki.tu...@open-xchange.com wrote: > > > > > > > > > > > > > On 10 April 2019 21:26 Laura Smith via dovecot > > > > > > > > dovecot@dovecot.org wrote: > > >

Re: failed: read(/var/run/dovecot/dns-client)

Error: imapc(foobar.example.com:993): dns_lookup(foobar.example.com) failed: read(/var/run/dovecot/dns-client) failed: read(size=512) failed: Connection reset by peer This is dovecot's internal dns-client, and something goes wrong when talki

Re: failed: read(/var/run/dovecot/dns-client)

change.com wrote: > > > > > > > > > > On 10 April 2019 21:26 Laura Smith via dovecot dovecot@dovecot.org > > > > > > wrote: > > > > > > ========== > > > &g

Re: failed: read(/var/run/dovecot/dns-client)

April 2019 21:26 Laura Smith via dovecot dovecot@dovecot.org > > > > > wrote: > > > > > > > > > > == > > > > > > > > > > dsync(foo...@example.com): Error: imapc(foobar.example.com:993): > > > > > dns_lookup(foobar.example.com) failed: > > > &

Re: failed: read(/var/run/dovecot/dns-client)

; > > dsync(foo...@example.com): Error: imapc(foobar.example.com:993): > > > > dns_lookup(foobar.example.com) failed: > > > > read(/var/run/dovecot/dns-client) failed: read(size=512) failed: > > > > Connection reset by peer > > > > > > This is

Re: failed: read(/var/run/dovecot/dns-client)

ple.com): Error: imapc(foobar.example.com:993): > > > dns_lookup(foobar.example.com) failed: read(/var/run/dovecot/dns-client) > > > failed: read(size=512) failed: Connection reset by peer > > > > This is dovecot's internal dns-client, and something goes wrong when &

Re: failed: read(/var/run/dovecot/dns-client)

On Wednesday, April 10, 2019 7:57 PM, Aki Tuomi wrote: > > On 10 April 2019 21:26 Laura Smith via dovecot dovecot@dovecot.org wrote: > > === > > dsync(foo...@example.com): Error: imapc(foobar.example.com:993): > > dns_lookup(foobar.example.com) failed: read(/va

Re: failed: read(/var/run/dovecot/dns-client)

> On 10 April 2019 21:26 Laura Smith via dovecot wrote: > > > === > dsync(foo...@example.com): Error: imapc(foobar.example.com:993): > dns_lookup(foobar.example.com) failed: read(/var/run/dovecot/dns-client) > failed: read(size=512) failed: Connection reset by peer

failed: read(/var/run/dovecot/dns-client)

=== dsync(foo...@example.com): Error: imapc(foobar.example.com:993): dns_lookup(foobar.example.com) failed: read(/var/run/dovecot/dns-client) failed: read(size=512) failed: Connection reset by peer dsync(foo...@example.com): Error: Failed to initialize user: imapc: Login to foobar.example.com