我正在将dovecot安装到运行Ubuntu Server 64位14.04 guest虚拟机的Virtualbox VM上。 Dovecot本身正在被安装到一个Docker容器中(我不确定这是否与此有关,但为了以防万一)。 我无法让dovecot允许我通过telnetlogin来使用passwd文件testing用户身份validation。
鸽子似乎已经安装好了。 我已经用sudo dovecot启动了它,现在正在按照http://wiki2.dovecot.org/TestInstallation上的wiki指南进行testing。
在容器内,我inputtelnet localhost 143 。 Dovecot与* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.连接正确* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready. 。 然后我inputa login "test" "test" ,但得到以下输出: a NO [AUTHENTICATIONFAILED] Authentication failed.
我已经确认这个命令在一个现有的(工作的)Ubuntu 12.04 dovecot服务器上运行,在/ etc / dovecot / users中有一个类似的passwd文件。
/etc/dovecot/users文件包含以下行:
test:{SHA512-CRYPT}$6$PHmKiepXqf1vbk7u$.ruON3KVGW7LfuqxAFKG3kG5O0s3tocK5jpbaMH2Qh9scnjj.RENQ230ulYXgp9SEaZbJjFlD9HJdA6o4wVIJ1::::/home/dovecot-user/Maildir/test
这里的用户被称为“test”,密码是“test”。
dovecot日志文件包含这个:
Aug 04 08:49:18 imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Aug 04 08:49:18 imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges Aug 04 08:49:18 auth: Error: passwd-file: open(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?)) Aug 04 08:49:18 auth: Error: passwd-file: open(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?)) Aug 04 08:49:23 auth: Error: passwd-file(test,::1,<4V3V0Mn/5QAAAAAAAAAAAAAAAAAAAAAB>): stat(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?)) Aug 04 08:49:26 imap-login: Info: Disconnected: Too many invalid commands (auth failed, 1 attempts in 3 secs): user=<test>, method=PLAIN, rip=::1, lip=::1, secured, session=<4V3V0Mn/5QAAAAAAAAAAAAAAAAAAAAAB>
我还没有find任何解决这个问题的方法,包括更改/etc/dovecot/和/home/dovecot-user/Maildir/中的文件的chown ,使其尽可能地宽大,并将文件分配给dovecot:dovecot ,root:root,dovecot-user:dovecot-user。 当前的文件权限如下所示:
ls -lR /etc/dovecot :
/etc/dovecot/dovecot: -rwxrwx--- 1 dovecot dovecot 116 Aug 3 20:07 README drwxrwx--- 2 dovecot dovecot 4096 Aug 4 08:45 conf.d -rwxrwx--- 1 dovecot dovecot 410 Aug 3 20:07 dovecot-db.conf.ext -rwxrwx--- 1 dovecot dovecot 782 Aug 3 20:07 dovecot-dict-sql.conf.ext -rwxrwx--- 1 dovecot dovecot 5348 Aug 3 20:07 dovecot-sql.conf.ext -rwxrwx--- 1 dovecot dovecot 3794 Aug 3 20:07 dovecot.conf -rwxrwx--- 1 dovecot dovecot 3795 Aug 3 20:07 dovecot.conf.factory_settings -rw-r--r-- 1 dovecot dovecot 1314 Aug 3 22:02 dovecot.pem drwx------ 2 dovecot dovecot 4096 Aug 4 03:53 private -rwxr-xr-x 1 dovecot dovecot 357 Aug 4 08:23 users /etc/dovecot/conf.d: total 108 -rwxrwx--- 1 dovecot dovecot 5258 Aug 3 20:07 10-auth.conf -rwxrwx--- 1 dovecot dovecot 1691 Aug 3 20:07 10-director.conf -rwxrwx--- 1 dovecot dovecot 2650 Aug 4 03:50 10-logging.conf -rwxrwx--- 1 dovecot dovecot 14476 Aug 3 20:07 10-mail.conf -rwxrwx--- 1 dovecot dovecot 2920 Aug 3 20:07 10-master.conf -rwxrwx--- 1 dovecot dovecot 1654 Aug 3 20:07 10-ssl.conf -rwxrwx--- 1 dovecot dovecot 1654 Aug 3 20:07 10-ssl.conf.save -rw-r--r-- 1 dovecot dovecot 291 May 14 18:11 10-tcpwrapper.conf -rwxrwx--- 1 dovecot dovecot 1607 Aug 3 20:07 15-lda.conf -rw-r--r-- 1 dovecot dovecot 1137 May 14 18:11 15-mailboxes.conf -rwxrwx--- 1 dovecot dovecot 2402 Aug 3 20:07 20-imap.conf -rw-r--r-- 1 dovecot dovecot 4007 May 14 18:11 20-pop3.conf -rwxrwx--- 1 dovecot dovecot 676 Aug 3 20:07 90-acl.conf -rwxrwx--- 1 dovecot dovecot 292 Aug 3 20:07 90-plugin.conf -rwxrwx--- 1 dovecot dovecot 2251 Aug 3 20:07 90-quota.conf -rw-r--r-- 1 dovecot dovecot 499 May 14 18:11 auth-checkpassword.conf.ext -rwxrwx--- 1 dovecot dovecot 486 Aug 3 20:07 auth-deny.conf.ext -rwxrwx--- 1 dovecot dovecot 558 Aug 3 20:07 auth-master.conf.ext -rwxrwx--- 1 dovecot dovecot 329 Aug 4 03:45 auth-passwdfile.conf.ext -rw-r--r-- 1 dovecot dovecot 788 May 14 18:11 auth-sql.conf.ext -rwxrwx--- 1 dovecot dovecot 608 Aug 3 20:07 auth-static.conf.ext -rwxrwx--- 1 dovecot dovecot 2106 Aug 3 20:07 auth-system.conf.ext -rwxrwx--- 1 dovecot dovecot 327 Aug 3 20:07 auth-vpopmail.conf.ext
ls -lR /home/dovecot-user/Maildir/ :
/home/dovecot-user/Maildir/: total 4 drwx------ 10 dovecot-user dovecot-user 4096 Aug 4 03:45 test
/家庭/ dovecot的用户/ Maildir的/testing:
total 12 drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 cur drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 new drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 tmp
dovecot -n输出dovecot -n :
# 2.2.9: /etc/dovecot/dovecot.conf doveconf: Error: setmntent(/etc/mtab) failed: No such file or directory # OS: Linux 3.13.0-32-generic x86_64 Ubuntu 14.04.1 LTS first_valid_uid = 8 last_valid_uid = 1001 log_path = /testout mail_gid = 1000 mail_location = maildir:/home/dovecot-user/Maildir/%u mail_privileged_group = mail mail_uid = 1000 namespace { inbox = yes location = prefix = separator = / type = private } namespace inbox { location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = scheme=CRYPT username_format=%u /etc/dovecot/users driver = passwd-file } protocols = " imap pop3" ssl = required ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { args = username_format=%u /etc/dovecot/users driver = passwd-file } verbose_ssl = yes
我不确定这是一个文件权限问题,还是一个apparmor或selinux问题,以及如何去做debugging和修复它。 过去几年里,我已经看到了近十几个论坛post,但是没有很好的文档修复。 因此,我认为这个问题对我来说并不是独一无二的,我希望能在这里得到一些帮助,在未来将会有很好的logging。
我不确定这是否真的是一个AppArmor问题(遵循上面的@André-Daniel的评论),因为closures/卸载AppArmor并没有帮助错误消息。 但是,为了logging,我find了解决问题的方法之一。 修复涉及几个组件:
chown --recursive $(id -u):$(id -g) /home/username/Maildir ) namespace inbox {...部分添加inbox = yes namespace inbox {... /15-mailboxes.conf,并注释掉/etc/dovecot/conf.d/10-mail.conf中的整个namespace部分 在我的情况下,我解决了以下错误:
Mar 7 22:55:01 servername dovecot: pop3-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=996(<unknown>) egid=995(<unknown>) missing +w perm: //login, dir owned by 0:995 mode=0750) Mar 7 22:55:03 servername dovecot: pop3-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=996(<unknown>) egid=995(<unknown>) missing +w perm: //login, dir owned by 0:995 mode=0750) Mar 7 22:55:06 servername dovecot: imap-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=12.12.123.123, lip=12.12.123.124, session=<vzAfW30twwDVf4d6> Mar 7 22:55:11 servername dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=<8Z5uW30tLgB/AAAB> Mar 7 22:55:13 servername dovecot: pop3-login: Warning: Auth process not responding, delayed sending initial response (greeting): user=<>, rip=12.12.123.123, lip=12.12.123.124, session=<B9+JW30tAgBRBHv8>
通过运行:
setfacl -k /var/run/dovecot/login