Mailboxes with group: ACLs crashing imapd on delivery
simon.matter at invoca.ch
Fri May 29 12:08:16 EDT 2009
> Hi guys,
> I am upgrading our Cyrus installation from 2.2.12 to 2.3.14 and just
> started looking at ACLs.
> When I attempt to deliver to a mailbox with "group:" ACLs, LMTP crashes
> and will not deliver the message.
> Here's the ACLs for the mailbox:
> timaphost.bath.ac.uk> lam user.exim
> exim lrswipkxtecda
> ma9djm lrs
> group:exim lrs
> This is a grab of me doing an LMTP session to the frontend:
> 220 timaphost.bath.ac.uk Cyrus LMTP Murder v2.3.14 server ready
> LHLO timaphost.bath.ac.uk
> 250-AUTH EXTERNAL
> 250 IGNOREQUOTA
> MAIL FROM:<>
> 250 2.1.0 ok
> RCPT TO:<exim at timaps.bath.ac.uk>
> Connection to localhost closed by foreign host.
> Relevant imapd.log lines:
> May 29 15:57:53 sauber-z1.bath.ac.uk master: [ID 970914
> mail.error] process 16674 exited, signaled to death by 11
> May 29 15:57:53 sauber-z1.bath.ac.uk master: [ID 621917
> mail.debug] service lmtp pid 16674 in BUSY state: terminated abnormally
> If I take the group:exim ACL off the mailbox, it delivers fine. The Unix
> group exists on the MUPDATE master and the backend.
> Relevant bits of imapd.conf:
> seenstate_db: skiplist
> duplicate_db: skiplist
> subscription_db: skiplist
> quota_db: skiplist
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: plain gssapi
> allowanonymouslogin: no
> allowplaintext: yes
> auth_mech: unix
> We are using Cyrus-SASL/GSSAPI for authentication. We built imapd-2.2.12
> with --with-auth=unix but configure-2.3.14 does not have this option so
> we've set the auth_mech option in imapd.conf as above. Do any other
> values need to be set in configure or imapd.conf for this to work?
> Can anyone suggest how to make this work and/or where to look for more
> information about why it's failing so horribly.
Could you try 2.3.13?
Would be very interesting to see whether it makes a difference.
More information about the Info-cyrus