Hi Timo,
Am 20.06.22 um 12:17 schrieb Timo Sirainen:
On 20. Jun 2022, at 10.03, Ralf Becker <[email protected]> wrote:
Fixes: Panic: file userdb-blocking.c: line 125 (userdb_blocking_iter_next):
assertion failed: (ctx->conn != NULL)
As the above Panic is fixed I tried again (see my attached mail to the 2.3.19
release) and I can confirm to no longer get the Panic, BUT authentication is
NOT working either :(
Reverting back to a container with Dovecot 2.3.16, get's everything working
again.
We use a hourly updated local SQLight database and a dict for user- and passdb.
Is the usage of multiple backends no longer supported, or did something in that
regard changed between 2.3.16 and 2.3.19.1?
We have lots of tests using multiple backends for authentication, and lots of
people are using many passdbs/userdbs in production. I was only aware of
iteration being broken with multiple userdbs, since that's not used so much.
And we added a test to verify that multiple userdb iteration is actually
returning results from both userdbs, so that shouldn't be completely broken
either.
So I'd need more details of what exactly goes wrong and how. Is it the
authentication or the iteration that is now broken?
I only seen authentication errors in doveadm log errors and our
montioring trying to access the backend with user credentials.
Logs with auth_debug=yes would likely help.
I will get you the logs tonight, don't want to switch (one leg of) the
production system during daytime.
I can then also try eg. doveadm user -A to check the iteration.
Also:
Here's the relevant part of my config (full doveadm config -n is attached):
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
userdb {
args = /etc/dovecot/dovecot-dict-auth.conf
driver = dict
}
passdb {
args = /etc/dovecot/dovecot-dict-master-auth.conf
driver = dict
master = yes
}
passdb {
args = /etc/dovecot/dovecot-dict-auth.conf
driver = dict
}
What do these external conf files contain?
/etc/dovecot/dovecot-sql.conf:
driver = sqlite
connect = /etc/dovecot/users.sqlite
#password_query = SELECT userid AS username, domain, password \
# FROM users WHERE userid = '%n' AND domain = '%d'
#user_query = SELECT home, uid, gid FROM users WHERE userid = '%n' AND
domain = '%d'
# return no userdb, as db contains only user-names
#user_query = SELECT home,NULL AS uid,NULL AS gid FROM users WHERE
userid = '%n' AND domain = '%d'
user_query = SELECT home,NULL AS uid,NULL AS gid, \
'*:bytes='||(quota*1048576) AS quota_rule, \
userid||'@'||domain AS master_user, \
LOWER(REPLACE(groups||',', ',', '@'||domain||',')) AS acl_groups \
FROM users WHERE userid = '%n' AND domain = '%d'
# For using doveadm -A:
iterate_query = SELECT userid AS username, domain FROM users
/etc/dovecot/dovecot-dict-auth.conf:
uri = proxy:/var/run/dovecot_auth_proxy/socket:somewhere
#uri = proxy:10.44.99.180:2001:somewhere
password_key = passdb/%u/%w
user_key = userdb/%u
iterate_disable = yes
#iterate_disable = no
#iterate_prefix = userdb/
default_pass_scheme = md5
/etc/dovecot/dovecot-dict-master-auth.conf:
uri = proxy:/var/run/dovecot_auth_proxy/socket:somewhere
#uri = proxy:10.44.99.180:2001:somewhere
#password_key = master/%{login_domain}/%u/%w
password_key = master/%{login_user}/%u/%w
iterate_disable = yes
default_pass_scheme = md5
Thanks :)
Ralf
--
Ralf Becker
EGroupware GmbH [www.egroupware.org]
Handelsregister HRB Kaiserslautern 3587
Geschäftsführer Birgit und Ralf Becker
Leibnizstr. 17, 67663 Kaiserslautern, Germany
Telefon +49 631 31657-0
