Hello together,
I have a qmail server running binc imap since more than two years and had no problems. Recently after deleting thousands of mails the system became unstable (when opening Thunderbird I did see new mails which disappeared a few seconds later and reappeared some when... after a couple of minutes or hours). There where a few problems in my network which are now sorted. My main problem is now I cannot access the binc server anymore. When I run
Code:
qmail:/var# mconnect 127.0.0.1 143
* OK Welcome to Binc IMAP Copyright (C) 2002-2005 Andreas Aardal Hanssen at 2011-06-23 18:04:39 +0000
01 LOGIN user password
* BYE The server died unexpectedly. Please contact your system administrator for more information.
below is what happens when I use a wrong password:
Code:
qmail:/var# mconnect 127.0.0.1 143
* OK Welcome to Binc IMAP Copyright (C) 2002-2005 Andreas Aardal Hanssen at 2011-06-23 18:06:10 +0000
001 LOGIN user wrongpassword
001 NO LOGIN failed: Login failed. Either your user name or your password was wrong. Please try again, and if the problem persists, please contact your system administrator.
Here comes the config I use
Code:
Authentication {
allow plain auth in non ssl = "yes",
auth penalty = 4,
disable starttls = "yes"
}
Log {
type = "multilog",
environment ip variable = "TCPREMOTEIP"
}
Security {
jail path = "/var/qmail/bincimap",
jail user = nobody,
jail group = nogroup
}
Mailbox {
depot = "Maildir++",
type = "Maildir",
path = "MAIL.IMAP",
auto create inbox = "yes",
auto subscribe mailboxes = "Inbox",
umask = "077"
}
Session {
idle timeout = 1860,
auth timeout = 60,
transfer timeout = 1200,
transfer buffer size = 1024
}
SSL {
pem file = "/root/ssl_certificates.d/newreq.pem",
cipher list = "!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP",
verify peer = "no"
}
I ran a trace using wireshark and see each command appears twice (BINC sends two welcome messages etc) but the service is only running once.
According to the binc log the authentication for the user fails
Code:
2011-06-23 18:29:20.158340500 tcpserver: status: 1/51
2011-06-23 18:29:20.158340500 tcpserver: pid 18738 from 127.0.0.1
2011-06-23 18:29:20.158340500 tcpserver: ok 18738 0:127.0.0.1:143 :127.0.0.1::40658
2011-06-23 18:29:20.158340500 18738 0 [unknown@127.0.0.1:] connection from 127.0.0.1
2011-06-23 18:29:26.730569500 18738 1 [unknown@127.0.0.1:] <user> authentication failed: server returned 111 (internal error)
2011-06-23 18:29:26.730569500 18738 2 [unknown@127.0.0.1:] shutting down - read:25 bytes, wrote:259 bytes.
2011-06-23 18:29:26.730569500 tcpserver: end 18738 status 0
2011-06-23 18:29:26.730569500 tcpserver: status: 0/51
The credentials are correct, I tested them with below command
Code:
printf "%s\0%s\0%s\0" user password Y123456 | /bin/checkpassword id 3<&0
I searched the net but did not find any helpful information so far and hope someone can point me to right direction :-)
UPDATE:
since the logoutput was not helpful I found what I was looking for. Below was a comment from the developer to troubleshoot another (different) issue
Quote:
Could you try an strace? Try connecting to bincimap-up's pid when you've
connected with telnet (strace -s 128 -f -p <pid>). Note the -f argument to
follow bincimapd
|
strace then showed the system tried to change ownership and the group and afterwards access the folder where bincimapd is located. Here is the relevant part
Code:
[pid 2167] open("/etc/passwd", O_RDONLY|0x80000) = 3
[pid 2167] fcntl64(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
[pid 2167] _llseek(3, 0, [0], SEEK_CUR) = 0
[pid 2167] fstat64(3, {st_mode=S_IFREG|0644, st_size=1351, ...}) = 0
[pid 2167] mmap2(NULL, 1351, PROT_READ, MAP_SHARED, 3, 0) = 0xb7ee8000
[pid 2167] _llseek(3, 1351, [1351], SEEK_SET) = 0
[pid 2167] munmap(0xb7ee8000, 1351) = 0
[pid 2167] close(3) = 0
[pid 2167] open("/etc/shadow", O_RDONLY|0x80000) = 3
[pid 2167] _llseek(3, 0, [0], SEEK_CUR) = 0
[pid 2167] fstat64(3, {st_mode=S_IFREG|0640, st_size=951, ...}) = 0
[pid 2167] mmap2(NULL, 951, PROT_READ, MAP_SHARED, 3, 0) = 0xb7ee8000
[pid 2167] _llseek(3, 951, [951], SEEK_SET) = 0
[pid 2167] munmap(0xb7ee8000, 951) = 0
[pid 2167] close(3) = 0
[pid 2167] setgroups32(1, [100]) = 0
[pid 2167] setgid32(100) = 0
[pid 2167] setuid32(1002) = 0
[pid 2167] chdir("/home/oliver") = 0
[pid 2167] execve("/var/qmail/bin/bincimapd", ["/var/qmail/bin/bincimapd"], [/* 41 vars */]) = -1 EACCES (Permission denied)
I am sure that has not changed in the last two years and have no idea why it did not work... but before raising the thread I noticed a few mails disappeared form my server and also files created did not exist after the reboot. My server is running on a vm so I guess that is not a general problem...
To make it short, the folder /var/qmail/bin/bincimapd was not accessible by the user nor the group shown in the strace above. After modifying the access rights I can see my mails again :-) The multiple login attempts also disappeared
