Can not grab the user info and login to the mail account : doveadm returned non-zero exit status

After the recent upgrade I am unable to fetch the user info and not able to login my mail server or receive any email to the server.

yunohost user  info anmol
Traceback (most recent call last):
  File "/usr/bin/yunohost", line 214, in <module>
    timeout=opts.timeout,
  File "/usr/lib/python2.7/dist-packages/moulinette/__init__.py", line 135, in cli
    moulinette.run(args, output_as=output_as, password=password, timeout=timeout)
  File "/usr/lib/python2.7/dist-packages/moulinette/interfaces/cli.py", line 424, in run
    ret = self.actionsmap.process(args, timeout=timeout)
  File "/usr/lib/python2.7/dist-packages/moulinette/actionsmap.py", line 527, in process
    return func(**arguments)
  File "/usr/lib/moulinette/yunohost/user.py", line 482, in user_info
    shell=True)
  File "/usr/lib/python2.7/subprocess.py", line 219, in check_output
    raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'doveadm -f flow quota get -u anmol' returned non-zero exit status 67

Try to restart dovecot ?

Restarted dovecot and postfix, but no change.

Have you some log if you run this command ?

Debug: Loading modules from directory: /usr/lib/dovecot/modules
Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so
Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm
Debug: Skipping module doveadm_acl_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so: undefined symbol: acl_lookup_dict_iterate_visible_next (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message)
Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so
Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so
Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message)
Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message)
doveadm(anmol): Error: User doesn't exist

Follow-up on the chat, this was a complex issue …

did_it_ever_happen_to_you_when_01

  • We identified that the issues lied in slapd and the fact that a backport version of it was installed. You can identify this running ‘dpkg --list | grep slapd’ which showed a version with “deb10~bpo9” (instead of deb9)
  • This in turns trigger this issue about member overlay being broken with the new slapd version (or maybe that’s just yunohost doing something bad, we don’t know yet)
  • Can be confirmed by running 'grep -nr "MemberOfMemberAD:" /etc/ldap' (which should return three lines about inheritPermission, groupPermission and member, but doesn’t when the bug happens). Hence the group permission system is broken - not just “doveadm”
  • Tried to identify where the initial backport issue was coming from by running 'for FILE in $(ls /var/log/apt/history*); do zgrep -C3 "deb10\|~bpo9" $FILE; done', and looking for lines related to ldap/slapd. Unfortunatenly the logs were not going far enough in the past (the system deletes logs older than 1 year apparently?) to identify the moment these backports were installed…
  • Anyway, we finally downgraded the slapd packages to the non-backport version with:
# This version numbers comes from `apt policy slapd`. Might be different on another system / arch
VERSION=2.4.44+dfsg-5+deb9u3
apt install slapd=$VERSION libldap-2.4-2=$VERSION ldap-utils=$VERSION libldap2-dev=$VERSION
# apt will display a warning ... gotta check that nothing fucky is going to be done...
  • Had to extra-force the regen-conf of slapd
echo " " >> /etc/slapd/slapd.conf
yunohost tools regen-conf slapd --force
  • Then force-refresh the group permissions which can be achieved like this:
yunohost user permission update mail.main --remove all_users
yunohost user permission update mail.main --add all_users

3c498n

3 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.