cyrus-imapd: DBERROR db4: Database handles still open at env
Hi, I've posted my problem in gentoo forums, but after few days I still have no response, so I decide to ask here, sorry for the cross-posting. I've updated my cyrus-imapd and now I'm not able to make it work again. Every time I try to fetch my mail (using pop3) I get an error in my MUA: Error occurred while processing mail: -ERR [SYS/PERM] Error initializing TLS and I see this in log files: Oct 5 18:22:21 afrodita pop3[14410]: DBERROR db4: Database handles still open at environment close Oct 5 18:22:21 afrodita pop3[14410]: DBERROR db4: Open database handle: /var/imap/tls_sessions.db This is my imapd.conf: # grep . /etc/imapd.conf|grep -v ^# configdirectory:/var/imap defaultpartition: default partition-default: /var/spool/imap partition-news: /var/spool/cyrus/news newsspool: /var/spool/news altnamespace: no unixhierarchysep: no lmtp_downcase_rcpt: yes sievedir: /var/imap/sieve tls_ca_path:/etc/ssl/postfix tls_cert_file: /etc/ssl/postfix/newcert.pem tls_key_file: /etc/ssl/postfix/newkey.pem tls_ca_file: /etc/ssl/postfix/cacert.pem admins: cyrus hashimapspool: yes allowanonymouslogin:no allowplaintext: yes popminpoll: 1 autocreatequota: 0 umask: 027 sasl_mech_list: PLAIN sasl_minimum_layer: 0 sasl_pwcheck_method: saslauthd sasl_auxprop_plugin: sasldb sasl_auto_transition: no tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH Notice I'm using postfix certs, cause I used: #tls_cert_file: /etc/ssl/cyrus/newcert.pem #tls_key_file: /etc/ssl/cyrus/newkey.pem #tls_ca_file: /etc/ssl/certs/cyrus-imapd-ca.pem and now /etc/ssl/certs/cyrus-imapd-ca.pem does not exist, but I'm not sure if this is really important, we're talking about self-generated self-signed certs... I can generate new ones, but old were fine... And those are cyrus' use flags: Código: [ebuild R ] net-mail/cyrus-imapd-2.2.13-r1 USE=ssl tcpd -afs -drac -idled -kerberos -pam -snmp -unsupported_8bit TIA, -- Arnau Bria http://blog.emergetux.net Bombing for peace is like fucking for virginity Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imapd: DBERROR db4: Database handles still open at env
On Mon, 08 Oct 2007 12:14:15 +0200 Rudy Gevaert wrote: Hi rudy, Oct 5 18:22:21 afrodita pop3[14410]: DBERROR db4: Database handles still open at environment close Oct 5 18:22:21 afrodita pop3[14410]: DBERROR db4: Open database handle: /var/imap/tls_sessions.db you can delete that db file, it will be recreated. I've done so, but it still shows the error afrodita imap # date lun oct 8 12:36:03 CEST 2007 afrodita imap # ls -lsa tls_sessions.db 8 -rw-r- 1 cyrus cyrus 8192 oct 8 12:35 tls_sessions.db M Thansk for your reply, Arnau PS: I don't know what's happening with my gmail account, I've sent this reply but I don't see it in list archive. So, I'd like to say sorry if you see this mail twice. I'm gonna unsuscribe from gmail. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Rw: DBERROR strange character: db4
HI,
first of all, apologies for breaking the threat, but I did not receive
my question.
Second, I have solved my problem, but I've lost all my mail, and I have
a question about what has happenend.
Third, list archieve does not work. I tried to contact webmaster, but
got no response.
Let's go with my explanation:
Here's what I have done:
I ignored strange character in error message and looked for similar
errors in gentoo forums and google, found many:
http://forums.gentoo.org/viewtopic-t-482191-highlight-dberror.html
http://forums.gentoo.org/viewtopic-t-499634-highlight-dberror.html
...
My first try was recovering /var/imap/db/* so I did:
db4.3_recover log.05
which said something about ignoring that log and looked for
log.0006 which did not exist, so I exited.
When I saw I could not recover (or I did not know how) my db, I decided
to delete all db:
687 rm /var/imap/*.db
688 rm /var/imap/db*/*
And restart cyrus. Fianlly, cyrus started fine.
So, and here comes my error, I flushed my postfix queue (postqueue -f)
and all mails were recieved by cyrus, but when I tried to recover my
mail with MUA (sylpheed) I got a Unable to locate maildrop:
Mailbox does not exist or something similar...
So, I start playing with imtest and checked if my user was correctly
created etc...
imtest -m login -a arnau localhost
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE
UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS LISTEXT
LIST-SUBSCRIBED X-NETSCAPE
S: C01 OK Completed
Please enter your password:
C: L01 LOGIN arnau {8}
S: + go ahead
C:
S: L01 OK User logged in
Authenticated.
Security strength factor: 0
And I, wrongly, assumed that my user was fine...
After a little playing with cyradm, I decided to delete my mailbox and
create it again:
cyradm -user cyrus localhost
lm
dm
cm ...
And here is when I deleted all my mail, deleting/creating my user. (I
suppose).
What I don't understand is why my old users was not able to receive my
mail at MUA level, and why postfix was able to dleiver mail to a user
that has no mailbox (or that is what cyrus says).
I don't remember previous lm output, but I prettty sure I created my
user with cm arnau (checking my notes) and now, I had to create my
user like cm user.arnau, why?
Anyone knows why happens this with a simple update? I did not see any
update notes in elog (package log saved by emerge)
Many thanks in advance,
--
Arnau Bria
http://blog.emergetux.net
Bombing for peace is like fucking for virginity
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
DBERROR strange character: db4
Hi, I've updated my gentoo, and when I restarted the service, I find that it does not work, and I find a very strange character in the error: a interrogation mark in a black circle... [...] Jun 13 19:10:45 afrodita master[20674]: service notify pid 995 in READY state: terminated abnormally Jun 13 19:10:45 afrodita master[20674]: service pop3 pid 996 in READY state: terminated abnormally Jun 13 19:10:45 afrodita notify[998]: DBERROR @: db4 Jun 13 19:10:45 afrodita master[20674]: service notify pid 998 in READY state: terminated abnormally Jun 13 19:10:45 afrodita lmtpunix[997]: DBERROR : db4 Jun 13 19:10:45 afrodita master[20674]: exiting on SIGTERM/SIGINT Jun 13 19:10:45 afrodita master[1037]: process started Jun 13 19:10:45 afrodita ctl_cyrusdb[1041]: DBERROR `�: db4 Jun 13 19:10:45 afrodita ctl_cyrusdb[1041]: recovering cyrus databases Jun 13 19:10:46 afrodita ctl_cyrusdb[1041]: skiplist: recovered /var/imap/mailboxes.db (6 records, 1016 bytes) in 1 second Jun 13 19:10:46 afrodita ctl_cyrusdb[1041]: skiplist: recovered /var/imap/annotations.db (0 records, 144 bytes) in 0 seconds Jun 13 19:10:46 afrodita ctl_cyrusdb[1041]: DBERROR `�: db4 Jun 13 19:10:46 afrodita ctl_cyrusdb[1041]: DBERROR `�: db4 Jun 13 19:10:46 afrodita cyr_expire[1050]: DBERROR ��: db4 Jun 13 19:10:46 afrodita tls_prune[1051]: DBERROR : db4 Jun 13 19:10:46 afrodita master[1037]: ready for work Jun 13 19:10:46 afrodita tls_prune[1076]: DBERROR : db4 Jun 13 19:10:46 afrodita cyr_expire[1077]: DBERROR ��: db4 Jun 13 19:10:46 afrodita ctl_cyrusdb[1078]: DBERROR `�: db4 Jun 13 19:10:46 afrodita notify[1079]: DBERROR @: db4 Jun 13 19:10:48 afrodita master[1037]: service notify pid 1079 in READY state: terminated abnormally Jun 13 19:10:48 afrodita notify[1081]: DBERROR @: db4 Jun 13 19:10:58 afrodita master[1037]: service notify pid 1081 in READY state: terminated abnormally Jun 13 19:10:58 afrodita notify[1082]: DBERROR @: db4 Jun 13 19:11:08 afrodita master[1037]: service notify pid 1082 in READY state: terminated abnormally Jun 13 19:11:08 afrodita notify[1083]: DBERROR @: db4 Jun 13 19:11:18 afrodita master[1037]: service notify pid 1083 in READY state: terminated abnormally Jun 13 19:11:18 afrodita notify[1085]: DBERROR @: db4 [...] I looked for it in google, but I found nothing, could someone help to find what is the service telling me? I'm using cyrus-imapd-2.2.12-r4 TIA, -- Arnau Bria http://blog.emergetux.net Bombing for peace is like fucking for virginity Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: listusers failed
On Fri, 01 Dec 2006 12:28:56 -0500 Kevin Kruzich wrote: Hi, I recently had to migrate a sasl auth db from GNU DBM to Berkeley DB. I used this: http://dcs.nac.uci.edu/~strombrg/convert-database Mmmm why do I need to migrate? I just wondered how to recover my broken db file. Also, there's a very clear and simple toolkit with python that can be used to break open these dbs. That is, if you're a programmer with a little python experience. It is not my case :-( Just a little of Perl ... Thanks for links, I learned something new. [...] Craig White wrote: I don't use sasldb but I would presume that it uses berkeley db4 and if that was the case, with their utilities, something like cd /whatever/directory/sasldb is stored and then something like db_recover should suffice. Yep, something like that, but did not work... More importantly, why not back it up once in a while? Yes, that's true, but I have no backup policy in my home server... Craig Thansk for both replies, -- Arnau Bria http://blog.emergetux.net Wiggum: Dispara a las ruedas Lou. Lou: eee, es un tanque jefe. Wiggum: Me tienes hartito con todas tus excusas. Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
cyrus-imap/pop certs problems
Hi, this is my first mail to list. I think this is the correct list from the ones I found in your web, and I think this more cyrus than openssl related issue... if not, please fell free to tell me. Well, I'm having problems with cyrus-imap and tls certs in my gentoo box. I've configured imap to use tls: (imapd.conf) [...] tls_ca_path:/etc/ssl/certs tls_cert_file: /var/imap/cyrus-global.pem tls_key_file: /var/imap/cyrus-global.key tls_cafile: /etc/ssl/certs/cyrus-imapd-ca.pem tls_require_cert: 1 tls_session_timeout:1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH [...] And I've used 3 different auto-signed certs: 1.-) The ones generated by gentoo by default for each app. 2.-) New ones created by myself (following several howtos) 3.-) Ones copied from my other mail server. With all cases I'm getting same error: [...] [pop3] TLS server engine: No CA file specified. Client side certs may not work [pop3] [pop3d] STARTTLS failed: localhost [127.0.0.1] [...] But all same certs that failed with cyrus, worked fine for postfix and apache2. And more strange cause third case uses same config and certs from my other mail server (Debian) which works pretty fine. I also tried to set log to a high level (adding -D to cyrusmaster), but I saw no difference in logs... /usr/lib/cyrus/master -C /etc/imapd.conf -M /etc/cyrus.conf -D and I set ca_file to a path where cyrus user is able to read (/var/imap/)... but I got same error. So, I'm quite lost about this problem... I don't know what is the exactly problem with cyrus and my certs... could someone help me to determinate the source of my problem? if any conf file / output is needed, please ask for it. Many thanks in advance! Cheers! -- Arnau Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: cyrus-imap/pop certs problems
On Wed, 26 Jul 2006 14:17:50 +0200 Phil Pennock wrote: On 2006-07-26 at 12:42 +0200, Arnau Bria wrote: [...] I have this working fine on Gentoo, for my personal mail. Except that I don't mandate that clients use certificates. do you mean tls_require_cert? Me neither... I've configured imap to use tls: (imapd.conf) [...] tls_ca_path:/etc/ssl/certs tls_cert_file: /var/imap/cyrus-global.pem tls_key_file: /var/imap/cyrus-global.key tls_cafile: /etc/ssl/certs/cyrus-imapd-ca.pem That should be tls_ca_file with an extra underscore. Yes I've looked so many times to this file and did not notice the missing underscore... thanks! tls_require_cert: 1 That requires a _client_ cert, for all TLS connections. That may restrict your choice of clients somewhat. It's more common to see this policy applied by clients to servers; what you have is not wrong, but means that you're debugging too many things at once because you're not sure where the problem is. Once you get SSL working, problems after setting that option would show that the only problem is with some certificate used for clients but not for the server, which would have been another clue. Ok, If I comment out tls_require_cert it works. I'm comparing it with my other mail server and I don't have this option set... So, I don't know why and when I set it to 1. Now, my server works fine. Otherwise, that config looks fine; be sure to use c_rehash to update the symlinks in /etc/ssl/certs/. Or that new tool imported from Debian, update-ca-certificates, which has its own peculiar ideas about where master copies of certs should live. Sure. thanks for the advice. Many thanks for your help! -- Arnau Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
