- Package:
- dovecot-core
- Source:
- dovecot
- Description:
- secure POP3/IMAP server - core files
- Submitter:
- Marcus Frings
- Date:
- 2022-05-08 20:09:03 UTC
- Severity:
- important
Since dovecot 2.3 has entered sid, my nightly cron runs of doveadm (as user) produce the error message, which is shown in the subject. This has already been reported upstream: https://www.dovecot.org/list/dovecot/2018-January/110549.html (My situation is the same as described in the original upstream report!) A solution has also been provided by the developers: https://www.dovecot.org/list/dovecot/2018-January/110552.html Hence, please consider changing the socket permissions (as suggested by upstream) in the next package upgrade of dovecot.
Hi, Thanks for the report and apologies for the late response. The issue described in the upstream mailing list is a bit different, as it applies to dovecot 2.3.1. Dovecot 2.3.1 by default set the stats-writer permissions to root:root, 0600. In 2.3.2 this was relaxed to root:dovecot, 0660, which means that if you add your plain user to the dovecot group, doveadm should work fine. Can you try this out? If it works, I'll add a note in README.Debian about running doveadm as non-root. Thanks, Apollon
Hi Apollon, I reverted my manual change of permissions for /var/run/dovecot/stats-writer from 666 (suggested at the dovecot mailing list) to 660 (Debian's current default) and added my user to the dovecot group: I can confirm that running doveadm as normal user now allows the nightly maintenance work (such as expunging mails). Hence, it seems to work fine. But do you think that this is the way to go (to add ordinary users to the dovecot group)? Best regards, Marcus
system to submit dovecot stats or not? For some people it might be okay
to just change permissions to 0666. OTOH, upstream seems to be more
conservative about this.
Regarding the dovecot group, upstream notes the following:
commit 5cf6951e37bd37bb11b3335a3dbd029065143454
Author: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Wed Feb 7 13:03:23 2018 +0200
master: Add default_internal_group setting, defaulting to "dovecot"
It's expected that this is the primary group of the default_internal_user.
This group will be used to provide access to sockets that are generally
required by all Dovecot processes, but aren't safe enough to be allowed
completely open access from untrusted processes.
So, it looks like the intention is precisely to allow more fine-grained
access control for certain sockets.
Finally, bear in mind that doveadm is an administrative tool and not
meant to be run by "regular" users. For instance, it will fail if the
user invoking it does not have read permissions on all files under
/etc/dovecot/conf.d.
Regards,
Apollon
Hi Apollon, On Mon, 26 Nov 2018 12:57:08 +0200, Apollon Oikonomopoulos <apoikos@debian.org> wrote: Yes, I agree and see your point. Thanks for the additional information by providing the upstream commit notes with respect to this issue. So maybe it's the best solution to add a few lines to README.Debian as you initially suggested. Best regards, Marcus
Please also see related documentation bug ticket #933330
I ran into a similar issue here, whenever I ran the "deliver" process as
a user to deliver mail into IMAP folders (invoked from getmail).
"deliver" delivered the mail but then produces the error about writing
statistics, so getmail correctly concluded that the process errored.
I don't want to make statistics-writing available to all users. I don't
actually care about the statistics. So I figured out how to disable
statistics.
I found this commit in the changelog:
2017-12-22 13:27:48 +0200 Timo Sirainen <timo.sirainen@dovecot.fi> (aa572aa74)
lib-master: Hide connect(stats-writer) errors when running via CLI
Only hide errors that occur if the stats process isn't running, i.e. when
socket isn't found or there's no listener. This way e.g. permission errors
are still logged, which points to a wrong configuration.
So if the stats sockets don't exist at *all*, deliver won't complain.
To disable those stats sockets, add the following configuration to a
file in /etc/dovecot/conf.d/ :
service stats {
unix_listener stats-reader {
mode = 0
}
unix_listener stats-writer {
mode = 0
}
}
service old-stats {
fifo_listener old-stats-mail {
mode = 0
}
fifo_listener old-stats-user {
mode = 0
}
unix_listener old-stats {
mode = 0
}
}
(Per https://wiki2.dovecot.org/Services , setting mode to 0 disables the
socket entirely.)
Then restart dovecot, and then delete /run/dovecot/stats-* and
/run/dovecot/old-stats-*. You can then run deliver without errors.
Hope that helps.
spurious errors in the logs: Aug 28 17:54:27 cloud dovecot[3168]: imap-login: Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or directory Aug 28 17:54:27 cloud dovecot[3168]: auth: Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or directory Aug 28 17:54:27 cloud dovecot[3168]: auth: Error: stats: open(old-stats-user) failed: No such file or directory Aug 28 17:54:28 cloud dovecot[3168]: auth: Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or directory Aug 28 17:54:28 cloud dovecot[3168]: auth-worker(3182): Error: stats: open(old-stats-user) failed: No such file or directory Aug 28 17:54:28 cloud dovecot[3168]: imap: Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: No such file or directory So while deliver has no problem ignoring such errors, the rest of dovecot unfortunately doesn't like that configuration. I'd like to have a "disable all stats" configuration, rather than having to make a stats socket available to the user running deliver.
Interesting! I'll try that and see how it goes.
I tried the different methods suggested in this bug report, but had
no success with any of them.
Using
stats_writer_socket_path=
causes "doveadm index" to fail with
bjorn@canardo:~$ doveadm index -q -u bjorn INBOX.Spam
doveadm(bjorn): Error: net_connect_unix() failed: Connection refused
This can probably be worked around. But I'd prefer too many hacks just
to make stuff work again...
For now I ended up using:
service stats {
unix_listener stats-writer {
mode = 0666
}
}
I don't want to add mail users to the dovecot group. It's unclear to me
what privileges this will result in now and in the future. And I don't
want to maintain yet another mail user group anyway.
This mess should really be sorted out. Either there should be a way to
easily disable the stats service, or using it should be allowed for all
currently unprivileged operations. By default.
Bjørn
I use Dovecot 1:2.3.4.1-5+deb10u1 on Debian 10. Setting "stats_writer_socket_path=" does not resolve the issue in my case, I also get "net_connect_unix() failed". The following patch is supposed to fix the issue: https://dovecot.org/pipermail/dovecot/2019-January/114170.html https://github.com/dovecot/core/commit/3fdb968687bf896a3e13c846e5eb6f0310dff65b Can this patch be included in Dovecot on Debian 10? Best regards.
https://github.com/dovecot/core/commit/3fdb968687bf896a3e13c846e5eb6f0310dff65b Has there been any updates that should fix this issue? Thanks.