On Mon, 2007-03-19 at 19:10 +0100, Kevin Richter wrote: > dovecot: Mar 13 14:45:21 Info: created child process 17704 > dovecot: Mar 13 14:45:21 Info: pop3-login: Login: user=<ssal0041>, > method=PLAIN, rip=x.x.x.x, lip=x.x.x.x, TLS > dovecot: Mar 13 14:51:12 Info: execing mail process > dovecot: Mar 13 14:51:12 Info: execing mail process > dovecot: Mar 13 14:51:12 Info: POP3(ssal0041): Effective uid=3092, gid=1100
I bet this is an NFS problem too. It hangs there in chdir() dir. That's the only possibility I can think of. What happens with the attached patch? It should log a warning if chdir() takes more than 10 seconds, and if it takes more than 30 seconds it fallbacks to /tmp. > dovecot: Feb 27 19:01:08 Warning: pop3-login: SSL_accept() syscall > failed: Connection reset by peer [x.x.x.x] > dovecot: Mar 07 11:33:45 Warning: pop3-login: SSL_read() syscall failed: > Connection timed out [x.x.x.x] These are normal. It just means the connection died unexpectedly. verbose_ssl=yes logs all kinds of useless stuff. > dovecot: Mar 13 15:05:41 Fatal: chdir(/home/ssal0041) failed with uid > 3092: Permission denied Maybe related to the first problem. :)
? src/master/diff
? src/master/log
Index: src/master/mail-process.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/master/mail-process.c,v
retrieving revision 1.96.2.18
diff -u -r1.96.2.18 mail-process.c
--- src/master/mail-process.c 15 Mar 2007 15:52:56 -0000 1.96.2.18
+++ src/master/mail-process.c 21 Mar 2007 18:39:24 -0000
@@ -24,6 +24,9 @@
# include <sys/resource.h>
#endif
+#define CHDIR_TIMEOUT 30
+#define CHDIR_WARN_TIMEOUT (CHDIR_TIMEOUT - 10)
+
static unsigned int mail_process_count = 0;
static bool validate_uid_gid(struct settings *set, uid_t uid, gid_t gid,
@@ -431,8 +434,8 @@
uid_t uid;
gid_t gid;
array_t ARRAY_DEFINE(extra_args, const char *);
- unsigned int i, count;
- int ret, log_fd, nice;
+ unsigned int i, count, left;
+ int ret, log_fd, nice, chdir_errno;
bool home_given, nfs_check;
/* FIXME: per-group? */
@@ -603,7 +606,14 @@
if (seteuid(uid) < 0)
i_fatal("seteuid(%s) failed: %m", dec2str(uid));
}
+
+ alarm(CHDIR_TIMEOUT);
ret = chdir(full_home_dir);
+ chdir_errno = errno;
+ if ((left = alarm(0)) < CHDIR_WARN_TIMEOUT) {
+ i_warning("chdir(%s) blocked for %u secs",
+ full_home_dir, CHDIR_TIMEOUT - left);
+ }
/* Change UID back. No need to change GID back, it doesn't
really matter. */
@@ -614,8 +624,9 @@
trying to chroot anywhere, fallback to /tmp as the mails
could be stored elsewhere. The ENOTDIR check is mostly for
/dev/null home directory. */
- if (ret < 0 && ((errno != ENOENT && errno != ENOTDIR) ||
- *chroot_dir != '\0')) {
+ if (ret < 0 && (*chroot_dir != '\0' ||
+ !(ENOTFOUND(chdir_errno) ||
+ chdir_errno == EINTR))) {
i_fatal("chdir(%s) failed with uid %s: %m",
full_home_dir, dec2str(uid));
}
signature.asc
Description: This is a digitally signed message part
