Re: Dovecot 2.2.25 fails on SSL
> On September 30, 2016 at 3:26 AM "Andreas M. Kirchwitz"> wrote: > > > Joseph Tam wrote: > > >>> OK, the origin of your problem becomes clearer. You can hardcode these > >>> paths into the executables by doing something like > >>> > >>> env CFLAGS='-I/my'ssl/include' \ > >>> LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ > >>> configure ... > >> > >> Based on your mail I've tried CFLAGS/LDFLAGS again, and > >> now Dovecot didn't even compile any longer. > > > > I don't use the same OS as you, but what errors dis you get? > > To be exact here, it's not the compiler but the linker failing > (of course, the whole problem is about the linking process). > > With "--as-needed", the crypto/ssl libraries are not linked at all with > the object files. I don't quite understand why it doesn't fall back to > the system crypto/ssl libraries because they are in the default pathes > with all other libraries. (That's basically what most other software > packages do if my custom pathes for "-L" "-Wl,-R" somehow get ignored > in the building process.) > > IMHO, the unusual option "--as-needed" should be removed. There seems > to be no benefit but it basically keeps Dovecot to be linked against > any custom-specified library. > > Maybe it's just a problem with RHEL/CentOS 6 and the GCC that ships > with it. I'm compiling a lot of software myself and link it against > my custom OpenSSL. Never had this problem before, otherwise I would > have known to specify "-Wl,--no-as-needed" to reverse ld's behavior > to the default. > > Well, at least I've learned something new. :-) > > Regards, Andreas Hi, The as-needed issue has been hopefully fixed in https://github.com/dovecot/core/commit/f49f1c5fa6a9a55a194e5ada042df134907278f4 Aki
Re: Dovecot 2.2.25 fails on SSL
Joseph Tamwrote: >>> OK, the origin of your problem becomes clearer. You can hardcode these >>> paths into the executables by doing something like >>> >>> env CFLAGS='-I/my'ssl/include' \ >>> LDFLAGS='-L/your/ssl/lib -Wl,-rpath,/my/ssl/lib' \ >>> configure ... >> >> Based on your mail I've tried CFLAGS/LDFLAGS again, and >> now Dovecot didn't even compile any longer. > > I don't use the same OS as you, but what errors dis you get? To be exact here, it's not the compiler but the linker failing (of course, the whole problem is about the linking process). With "--as-needed", the crypto/ssl libraries are not linked at all with the object files. I don't quite understand why it doesn't fall back to the system crypto/ssl libraries because they are in the default pathes with all other libraries. (That's basically what most other software packages do if my custom pathes for "-L" "-Wl,-R" somehow get ignored in the building process.) IMHO, the unusual option "--as-needed" should be removed. There seems to be no benefit but it basically keeps Dovecot to be linked against any custom-specified library. Maybe it's just a problem with RHEL/CentOS 6 and the GCC that ships with it. I'm compiling a lot of software myself and link it against my custom OpenSSL. Never had this problem before, otherwise I would have known to specify "-Wl,--no-as-needed" to reverse ld's behavior to the default. Well, at least I've learned something new. :-) Regards, Andreas
Re: Softlinks
Steffen Kaiser wrote: > On Wed, 28 Sep 2016, Chris wrote: >> I'm using Maildir. Is it possible to move all (or only some) maildirs >> with >> softlinks to another partition? > > I did this, but be prepared that you have left-overs when the user deletes > the mailbox (mail folder). Ok, thank you. I would just link top-level folders, e.g. /var/vmail/users/userA -> /data/vmail2/users/userA for some extra big mailboxes. - Chris
doveadm backup fails (compromised single attachment storage)
Hi, A couple of months ago I had a problem with Single Attachment Storage after infrastructure migration; All mailboxes were rsynced to another filesystem, and that may have broken Single Attachment Storage. Many, many (if not all) mailboxes show the below logs on dovecot: imap(f...@bar.com): Error: read(attachments-connector(zlib(/dovecotdir/mail/ bar.com/foo/mailboxes/INBOX/dbox-Mails/u.26426))) failed: read(/dovecotdir/attach/ bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c1495753619331bd36-43cea6154b3275573b089331bd36-26426[base64:19 b/l]) failed: open(/dovecotdir/attach/ bar.com/de/86/de8673894d6fb3f4460e3c26436eefa9a73517fa0f000452f553822367220761502e1d0ce220eee5aa9acf232df0adebf40cce90b57d2e60e1eb9c9ef21671fa-b0d3411772c1495753619331bd36-43cea6154b3275573b089331bd36-26426) failed: No such file or directory When that happens, the MUA keeps syncing forever. Now, I need to migrate all mailboxes (again) to another dovecot instance (with no SAS), which works perfectly for new users but when I try to migrate users from my current dovecot server for this new server, I get such errors again, and I can't migrate: 2016-09-29T12:20:50.995934059Z Sep 29 12:20:50 dsync-server(f...@bar.com): Error: dsync(cf7d091311eb): read(attachments-connector(zlib(/dovecotdir/mdbox/bar.com/foo/storage/m.1))) failed: read(/dovecotdir/attach/ bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba179331bd36[base64:18 b/l]) failed: open(/dovecotdir/attach/ bar.com/0c/df/0cdf86b1920938fe3a043f87e2ee9e63dda276bd5b9fba687e4a0c63d181c3b6ebdb96a9517f048c963db71404ad5d14e896e2e67b7abb0c9e107aed5c15ecf1-430ea904dff46757ba179331bd36) failed: No such file or directory (last sent=mail, last recv=mail_request (EOL)) Is there a way to fix the attachments problem? (I know I can't recover such files, that's Ok) Is there a way to migrate (dsync backup) ignoring such problems? Thanks in advance.
Re: Login just at special timeslots / working hours
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 27 Sep 2016, Aki Tuomi wrote: On September 27, 2016 at 5:42 PM Götz Reinicke - IT Koordinatorwrote: is there a dovecot feature I did not found yet, which can limit the access to the server to special timeslots like working hours? Or is that a serverside / sssd / auth / pam / account feature? Thanks for hints to some helpfull documentation and sugesstions. At least this is doable with PAM. See http://www.linux-pam.org/Linux-PAM-html/sag-pam_time.html Should be also doable with SQL-based passdb by adding the check to the WHERE clause - even by user. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV+zNiHz1H7kL/d9rAQL0Lwf8Ca4frRhb/99pLgFw90XcSnUqbT/AU2dw Nr4xb5uQaT3mkO67aME0jA+0yRW8Bz74qV+ULkC/KxzMo1Oh5f1t+4eeSseZWUBe TZik2z1ypzzAvMOdf8Z/ldkmNibAjiAdE1/WOioefTVL+LYmRwwrc4BBRQGXtLvO Ef3ZcHWPwPJ6JCji0GsYbfR8is2vNj9YJEdhjROAPokWQ6up5fpULWUAVvk5vTxd d6YGrmBpUFydgK36uxB11LefVawd0hFJN+ogFtFiP2J+gZEx+AQ0NgKA+CFwYGxL 4ltCEAN1NYbyuPTezZaZWZBBu2uUXwdXT7oxzzKhZqtpBIJXQUl/NA== =R0HA -END PGP SIGNATURE-
Re: Softlinks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 28 Sep 2016, Chris wrote: I'm using Maildir. Is it possible to move all (or only some) maildirs with softlinks to another partition? I did this, but be prepared that you have left-overs when the user deletes the mailbox (mail folder). I have mapped for instance SPAM / HAM reporting and some widely folders folders into user's Maildir, this works without any problems. Well, no user tried to delete those linked ones so far. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEVAwUBV+y9Anz1H7kL/d9rAQLkswf+K71RLMNh6DsehPjgd4jb8Rk9MvixcINa 1RYZqowHvfEf/zWGF+uOZxIycSTxf+84K3Qiac6EjHSQXsVbosy7o4v6S1EZOeAi n9mK9itDjXhDGnY1MlYgpJ1C/pK+UqbYzgelR1WgBH8AiI+zEzEHv4RCEvLaFSxB RfizZ66Nz2kaw9PnXkwmN5R8wzasdT3+1DKiekGzMRi4U/Rc61PuWEwNBZKllfnc 5jQAopi7PsEX8eO11xWtGbyTtLj2qm/k9odphiWl8fJlZpTICdtuyFxVpbsZf/t/ TRO5meXfIAHs4+BI/LYmHnCNiELUlwaGJAyRBzPNcMO7aDtANqSatw== =9vGQ -END PGP SIGNATURE-