[CentOS] cyrus: socket options

Sat Mar 17 11:26:30 UTC 2018
hw <hw at gc-24.de>

On 03/16/2018 08:14 PM, Alexander Dalloz wrote:
> Am 16.03.2018 um 13:07 schrieb hw:
>> Hi,
>> what are the following messages supposed to tell me and does this 
>> indicate a problem?
>> # systemctl status cyrus-imapd
>> [...]
>> master[3766]: unable to setsocketopt(IP_TOS): Operation not supported
>> master[3766]: unable to setsocketopt(IP_TOS): Operation not supported
>> [...]
> That's cyrus-imapd itself failing and has nothing to do with Exim.

Well, it probably means that a socket option can not be set.  That can 
mean that the socket can not be used at all or that the socket can be 
used just not as well.

That socket option makes it so that the TOS bit on all packets is being 
set.  I don´t see how that would be required here, so maybe the socket 
works nonetheless.

>> Exim says it can not connect to the lmtp socket even when selinux 
>> doesn´t get in the way.  The configuration looks like this:
>> cyrus.conf (none of the two options work):
>> [...]
>>    # lmtp                cmd="lmtpd -a" listen="lmtp:" prefork=4
>>    lmtpunix      cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp" 
>> prefork=4
>> [...]
> Providing just a snipped from the complete configuration of cyrus-imapd 
> is insufficient.

It´s currently this:

# standard standalone server implementation 

   # do not delete this entry! 

   recover       cmd="ctl_cyrusdb -r"

   # this is only necessary if using idled for IMAP IDLE 

   idled         cmd="idled"

# UNIX sockets start with a slash and are put into /var/lib/imap/sockets 

   # add or remove based on preferences 

   # imap                cmd="imapd" listen="" prefork=2 

   imaps         cmd="imapd -s" listen="imaps" prefork=1
   # pop3                cmd="pop3d" listen="pop3" prefork=3 

   # pop3s               cmd="pop3d -s" listen="pop3s" prefork=1 

   sieve cmd="timsieved" listen="gupta:sieve" prefork=0
   # managesieve cmd="timsieved" listen="gupta:sieve" prefork=0 

   # sieve               cmd="timsieved" listen="4190" prefork=1 

   # these are only necessary if receiving/exporting usenet via NNTP 

   #  nntp               cmd="nntpd" listen="nntp" prefork=3 

   #  nntps              cmd="nntpd -s" listen="nntps" prefork=1 

   # at least one LMTP is required for delivery 

   lmtp          cmd="lmtpd -a" listen="lmtp" prefork=1
   # lmtpunix    cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp" 

   # this is only necessary if using notifications 

   notify        cmd="notifyd" listen="/var/lib/imap/socket/notify" 
proto="udp" prefork=1

   # this is required 

   checkpoint    cmd="ctl_cyrusdb -c" period=30

   # this is only necessary if using duplicate delivery suppression, 

   # Sieve or NNTP 

   delprune      cmd="cyr_expire -E 3" at=0400

   # this is only necessary if caching TLS sessions 

   tlsprune      cmd="tls_prune" at=0400

Apparently exim can not use the lmtp socket because of a permissions 
problem.  Not using the socket works except that timsieved appears not 
to be able to find any authentication mechanics.  I can connect to it 
but not authenticate:

# sivtest -u hw -v gupta
S: "IMPLEMENTATION" "Cyrus timsieved v2.4.17-Fedora-RPM-2.4.17-13.el7"
S: "SIEVE" "comparator-i;ascii-numeric fileinto reject vacation 
imapflags notify envelope relational regex subaddress copy"
Authentication failed. generic failure
Security strength factor: 0
OK "Logout Complete"
Connection closed.

I didn´t get to figure this out yet.

>> exim.conf:
>> [...]
>> begin transports
>> # cyrus_ltcp:
>> #   driver = smtp
>> #   protocol = lmtp
>> #   delivery_date_add
>> #   envelope_to_add
>> #   return_path_add
>> #   hosts = localhost
>> #   allow_localhost
>> lmtp_socket:
>>    driver = lmtp
>>    socket = /var/lib/imap/socket/lmtp
>>    delivery_date_add
>>    envelope_to_add
>>    return_path_add
>> # ls -la /var/lib/imap/socket/lmtp
>> srwxrwxrwx. 1 root root 0 Mar 16 12:58 /var/lib/imap/socket/lmtp
>> I have this working on the old server (which doesn´t run Centos) and 
>> am trying to migrate it to the new one (which runs Centos 7.4).  The 
>> version of cyrus and sasl are the same on both machines.
> So cyrus-imapd and cyrus-sasl are not the ones shipped by CentOS?

They are from packages installed by yum and just happen to be the same 
versions as on the old server.  I can´t tell if the same compiling 
options were used, though.

>> What´s the problem with Centos that these things don´t just work as 
>> they usually do?
> It works on CentOS, I can assure you that.

Hopefully so ...

> Alexander
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos