Date: Fri, 16 Jul 2010 04:10:00 -0700 From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: Reko Turja <reko.turja@liukuma.net> Cc: "Mikhail T." <mi+thun@aldan.algebra.com>, freebsd-stable@freebsd.org, Henrik /KaarPoSoft <henrik@kaarposoft.dk> Subject: Re: openldap client GSSAPI authentication segfaults in fbsd8stablei386 Message-ID: <20100716111000.GA2501@icarus.home.lan> In-Reply-To: <20100716110427.GA1939@icarus.home.lan> References: <4C3CC831.7040005@kaarposoft.dk> <20100713210729.GA11943@icarus.home.lan> <0228E401B70A4023A6F86A2ADAE59EF9@rivendell> <008D0251AE4F4A2DBAA1369410565B61@rivendell> <20100715162251.GA73929@icarus.home.lan> <20100716083617.GA97981@icarus.home.lan> <3FE6787E5CAC4C108C031CA6C8044FE4@rivendell> <20100716092512.GA99365@icarus.home.lan> <EF24D143F0AF49AD9B27F838AFA0A6F4@rivendell> <20100716110427.GA1939@icarus.home.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 16, 2010 at 04:04:27AM -0700, Jeremy Chadwick wrote: > On Fri, Jul 16, 2010 at 12:43:22PM +0300, Reko Turja wrote: > > >This doesn't help. The problem is that Cyrus imapd is completely > > >freaking out, continually dying and re-forking itself, with my > > >kernel > > >message buffer filling rapidly + all.log filling. So, there is > > >further > > >configuration of this daemon that's needed (meaning it does not work > > >"straight out of the box"), and I need those configuration details. > > > > Below is the relevant parts of my config that should get you going: > > [...] > > Thanks. Most of this worked, except the following: > > > And /usr/local/etc/imapd.conf > > [...] > > partition-default: /usr/local/imap > > [...] > > Change to the Cyrus user and use the tool "tools/mkimap" to create > > the rest of the directories (subdirectories of the directories you > > just created). > > su cyrus > > tools/mkimap > > exit > > I changed partition-default to /var/spool/imap, which I think is what > was needed, otherwise mkimap complained about being unable to create > /usr/local/imap. > > Also, for the su portion, I had to do: > > # su cyrus > % cd /usr/local/cyrus > % bin/mkimap > > Which worked. I hope this was the right thing to do. > > However, upon startup, I now see the following in all.log: > > Jul 16 03:56:12 testbox master[1521]: process started > Jul 16 03:56:12 testbox master[1522]: about to exec /usr/local/cyrus/bin/ctl_cyrusdb > Jul 16 03:56:12 testbox ctl_cyrusdb[1522]: recovering cyrus databases > Jul 16 03:56:12 testbox ctl_cyrusdb[1522]: done recovering cyrus databases > Jul 16 03:56:12 testbox master[1523]: about to exec /usr/local/cyrus/bin/idled > Jul 16 03:56:12 testbox master[1523]: can't exec /usr/local/cyrus/bin/idled for startup: No such file or directory > Jul 16 03:56:12 testbox kernel: Jul 16 03:56:12 testbox master[1523]: can't exec /usr/local/cyrus/bin/idled for startup: No such file or directory > Jul 16 03:56:12 testbox master[1521]: process 1523 exited, status 71 > Jul 16 03:56:12 testbox kernel: Jul 16 03:56:12 testbox master[1521]: process 1523 exited, status 71 > > Which is true: > > testbox# find /usr/local -name "idled" -follow -ls > testbox# > > I'm not sure if this feature is needed for reproducing the crash, so I > modified cyrus.conf and commented the line out, then restarted imapd, > which got me: > > Jul 16 04:00:22 testbox master[1594]: process started > Jul 16 04:00:22 testbox master[1595]: about to exec /usr/local/cyrus/bin/ctl_cyrusdb > Jul 16 04:00:22 testbox ctl_cyrusdb[1595]: recovering cyrus databases > Jul 16 04:00:22 testbox ctl_cyrusdb[1595]: skiplist: checkpointed /var/imap/mailboxes.db (0 records, 144 bytes) in 0 seconds > Jul 16 04:00:22 testbox ctl_cyrusdb[1595]: skiplist: checkpointed /var/imap/annotations.db (0 records, 144 bytes) in 0 seconds > Jul 16 04:00:22 testbox ctl_cyrusdb[1595]: done recovering cyrus databases > Jul 16 04:00:22 testbox master[1594]: ready for work > Jul 16 04:00:22 testbox master[1596]: about to exec /usr/local/cyrus/bin/ctl_cyrusdb > Jul 16 04:00:22 testbox master[1597]: about to exec /usr/local/cyrus/bin/notifyd > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: checkpointing cyrus databases > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving database file: /var/imap/annotations.db > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving log file: /var/imap/db/log.0000000001 > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving log file: /var/imap/db/log.0000000001 > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving database file: /var/imap/mailboxes.db > Jul 16 04:00:22 testbox notify[1597]: executed > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving log file: /var/imap/db/log.0000000001 > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: archiving log file: /var/imap/db/log.0000000001 > Jul 16 04:00:22 testbox ctl_cyrusdb[1596]: done checkpointing cyrus databases > Jul 16 04:00:22 testbox master[1594]: process 1596 exited, status 0 > > testbox# ps -auxw | grep cyrus > cyrus 1594 0.0 0.4 22376 3916 ?? Ss 4:00AM 0:00.01 /usr/local/cyrus/bin/master -d > cyrus 1597 0.0 0.4 53292 4412 ?? I 4:00AM 0:00.01 notifyd > > testbox# sockstat -l | grep cyrus > cyrus notifyd 1597 4 dgram /var/imap/socket/notify > cyrus master 1594 7 tcp4 *:143 *:* > cyrus master 1594 10 tcp4 *:4190 *:* > cyrus master 1594 13 stream /var/imap/socket/lmtp > cyrus master 1594 16 dgram /var/imap/socket/notify > > Then for the final test: > > testbox# cyradm > cyradm> quit > testbox# cyradm localhost > Password: > > Where I hit enter/blank, which got me: > > Login disabled. > cyradm: cannot authenticate to server with as root > testbox# > > And no sign of a crash. > > So what's next? I forgot to check all.log. It contains errors. Hopefully someone will know what to do about this: Jul 16 04:03:50 testbox imap[1619]: executed Jul 16 04:03:50 testbox imap[1619]: accepted connection Jul 16 04:03:50 testbox imap[1619]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jul 16 04:03:50 testbox kernel: Jul 16 04:03:50 testbox imap[1619]: OTP unavailable because can't read/write key database /etc/opiekeys: Permission denied Jul 16 04:03:50 testbox perl: GSSAPI Error: Miscellaneous failure (see text) (unknown mech-code 2 for mech unknown) Jul 16 04:03:50 testbox kernel: Jul 16 04:03:50 testbox perl: GSSAPI Error: Miscellaneous failure (see text) (unknown mech-code 2 for mech unknown) Jul 16 04:03:50 testbox perl: DIGEST-MD5 client step 2 Jul 16 04:04:00 testbox imap[1619]: badlogin: localhost [127.0.0.1] DIGEST-MD5 [SASL(-17): One time use of a plaintext password will enable requested mechanism for user: no secret in database] Jul 16 04:04:03 testbox perl: NTLM client step 1 Jul 16 04:04:03 testbox imap[1619]: NTLM server step 1 Jul 16 04:04:03 testbox imap[1619]: client flags: 207 Jul 16 04:04:03 testbox perl: NTLM client step 2 Jul 16 04:04:03 testbox perl: No worthy mechs found Jul 16 04:04:03 testbox kernel: Jul 16 04:04:03 testbox perl: No worthy mechs found But like I said, no segfault/crash. -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100716111000.GA2501>