[Dovecot] Too many open files
Hello, I have dovecot installed and it works for about 3 hours then I get this error (in /var/log/maillog): Jan 8 08:42:53 stu dovecot: auth(default): pam(grossmsm,69.131.100.47): pipe() failed: Too many open files I set pam_limits.so to allow the user 'dovecot' to have 8192 open files, and I also changed: login_process_size = 512 However, it still wont work for more than a few hours. When I run: lsof -p `ps -o pid= -C dovecot-auth` I get: [...] dovecot-a 1385 root 248u sock0,5 374241289 can't identify protocol dovecot-a 1385 root 249u sock0,5 374241391 can't identify protocol dovecot-a 1385 root 250u sock0,5 374243642 can't identify protocol dovecot-a 1385 root 251u sock0,5 374241701 can't identify protocol [...] And the number followed by a u keeps growing. As of writing this email that number is now at 274u. Is dovecot not closing its fd's or something? Harrison Metzger
Re: [Dovecot] Ldap Proxy
I turned auth_bind off by commenting it out. Here is what my logs show: Nov 26 07:40:56 holiday dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFwcGxlc2VqAHRhYmxl Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): pass search: base=dc=beloit,dc=edu scope=subtree filter=((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1 Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): No password in reply Nov 26 07:40:57 holiday dovecot: auth(default): client out: FAIL 1 user=applesejtemphost=144.89.40.1 Nov 26 07:40:59 holiday dovecot: pop3-login: Aborted login: user=applesej, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured When auth_bind = yes, it simply allows the user to login and reads from their local mailbox. Harrison Metzger On Nov 26, 2007 7:33 AM, Timo Sirainen [EMAIL PROTECTED] wrote: On Tue, 2007-11-20 at 21:08 -0600, Harrison Metzger wrote: Hello I'm trying to do an ldap proxy but it is not working, it just continues to access the user's mailbox. I was able to do a proxy with a user in a passwd-file, but not ldap directory. Here is part my args file on the passdb ldap stanza: auth_bind = yes I'm not sure if this affects it. It shouldn't, but you could try if it works without. pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host This looks ok. I've turned on auth_verbose, debug, etc and still can't figure out why it wont proxy. Ive tried adding user_attrs (the same as the pass attrs). I've even just put nologin in the pass_attrs but the user is still able to login, its like that field is not being processed. What do the logs show with auth_debug=yes?
Re: [Dovecot] Ldap Proxy
I changed it so that proxy would be populated by an existing ldap attribute. Here are what my logs show now: Nov 26 08:42:01 holiday dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 secured lip=127.0.0.1 rip=127.0.0.1 resp=AGFwcGxlc2VqAHRhYmxl Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): bind search: base=dc=beloit,dc=edu filter=((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): result: uid(user)=applesej cn(proxy)=John Applesead BCMailDovecotProxyHost(host)=144.89.40.1 Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1): bind: dn=uid=applesej,ou=People,dc=beloit,dc=edu Nov 26 08:42:01 holiday dovecot: auth(default): client out: OK 1 user=applesej proxy host=144.89.40.1pass=xx Nov 26 08:42:01 holiday dovecot: auth(default): master in: REQUEST 1 212091 Nov 26 08:42:01 holiday dovecot: auth(default): Master request 21209.1 not found Nov 26 08:42:01 holiday dovecot: auth(default): master out: NOTFOUND1 Nov 26 08:42:01 holiday dovecot: pop3-login: Internal login failure: user=applesej, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I know this user can proxy because when I set it up to do it by passwd-file it works. On Nov 26, 2007 8:07 AM, Timo Sirainen [EMAIL PROTECTED] wrote: On Mon, 2007-11-26 at 07:46 -0600, Harrison Metzger wrote: pass search: base=dc=beloit,dc=edu scope=subtree filter=((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej,127.0.0.1 ): result: uid(user)=applesej BCMailDovecotProxyHost(host)=144.89.40.1 It looks for proxy field, but it doesn't get proxy field on return. So I guess it doesn't exist in LDAP? If you want to proxy all users, you could use for example uid=proxy in pass_attrs.
Re: [Dovecot] Ldap Proxy
Ok. I got it to work. I changed this: pass_attrs = uid=user,cn=proxy,BCMailDovecotProxyHost=host,gidNumber=nologin,uidNumber=nodelay By adding nologin and nodelay it seems to work. Also, I have to have each map to a unique ldap field or it won't like that. (If people have less than 4 entries in their ldap entry it may actually be a problem then. haha) The static fields would be really nice, Once redhat decides to put 1.1 in their repository it will wind up on the machine. Until then, this way seems to work. Thanks for your help. Harrison Metzger On Nov 26, 2007 8:50 AM, Harrison Metzger [EMAIL PROTECTED] wrote: I changed it so that proxy would be populated by an existing ldap attribute. Here are what my logs show now: Nov 26 08:42:01 holiday dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 secured lip= 127.0.0.1 rip=127.0.0.1 resp=AGFwcGxlc2VqAHRhYmxl Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej,127.0.0.1 ): bind search: base=dc=beloit,dc=edu filter=((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej, 127.0.0.1): result: uid(user)=applesej cn(proxy)=John Applesead BCMailDovecotProxyHost(host)=144.89.40.1 Nov 26 08:42:01 holiday dovecot: auth(default): ldap(applesej, 127.0.0.1): bind: dn=uid=applesej,ou=People,dc=beloit,dc=edu Nov 26 08:42:01 holiday dovecot: auth(default): client out: OK 1 user=applesej proxy host=144.89.40.1pass=xx Nov 26 08:42:01 holiday dovecot: auth(default): master in: REQUEST 1 212091 Nov 26 08:42:01 holiday dovecot: auth(default): Master request 21209.1 not found Nov 26 08:42:01 holiday dovecot: auth(default): master out: NOTFOUND1 Nov 26 08:42:01 holiday dovecot: pop3-login: Internal login failure: user=applesej, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured I know this user can proxy because when I set it up to do it by passwd-file it works. On Nov 26, 2007 8:07 AM, Timo Sirainen [EMAIL PROTECTED] wrote: On Mon, 2007-11-26 at 07:46 -0600, Harrison Metzger wrote: pass search: base=dc=beloit,dc=edu scope=subtree filter=((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=applesej)) fields=uid,proxy,nologin,nodelay,BCMailDovecotProxyHost Nov 26 07:40:56 holiday dovecot: auth(default): ldap(applesej, 127.0.0.1): result: uid(user)=applesej BCMailDovecotProxyHost(host)= 144.89.40.1 It looks for proxy field, but it doesn't get proxy field on return. So I guess it doesn't exist in LDAP? If you want to proxy all users, you could use for example uid=proxy in pass_attrs.
[Dovecot] Ldap Proxy
Hello I'm trying to do an ldap proxy but it is not working, it just continues to access the user's mailbox. I was able to do a proxy with a user in a passwd-file, but not ldap directory. Here is part my args file on the passdb ldap stanza: base = dc=example,dc=com auth_bind = yes pass_filter = ((objectClass=BCMailAccount)(BCMailEnable=true)(BCMailDovecotEnable=true)(uid=%u)(BCMailDovecotProxyHost=*)) pass_attrs = uid=user,proxy,BCMailDovecotProxyHost=host I've turned on auth_verbose, debug, etc and still can't figure out why it wont proxy. Ive tried adding user_attrs (the same as the pass attrs). I've even just put nologin in the pass_attrs but the user is still able to login, its like that field is not being processed. Harrison Metzger
[Dovecot] passdb ldap static values
Hello, In the pass_attrs field one can map ldap attributes to dovecot attributes. I'm wondering if I can map both ldap attribuets and static attributes to a dovecot value in the same passdb section. Also, I can't seem to find what other values (if any) can belong in the: passdb ldap { args = /path/filename } stanza. Are there any other options I can put in that stanza, I can't seem to find any on the wiki. Harrison Metzger