Kolab 3.4 on CentOS 6.6 (ptload completely failed)

Soliva Andrea soliva at comcept.ch
Tue Sep 22 13:16:40 CEST 2015


Hi

ok now it works....I disabled canonification and disabled ptloader and 
all works as desigend. Below again a Output of the debug after creation 
of the user if canonification is enabled as ptloader is running. The 
issue is clearly that the ptloader receives no information data back 
from dirsrv and from this no Mailbox will be created etc. Authentication 
test works for the user (see below). In pykolab.log even debug is enable 
absolutly no error etc. I do not understand it. What I do also not 
understand at the moment is the advantage/disadvantage of cononification 
disable/enable and using ptloader or not. I confiused.....! I do not see 
any performance Impact by not using ptloader etc. in both cases using 
memcached or not memcached (db mysql). Any hints on this...?

==> /var/log/imapd/imapd.log <==
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): pinging ptloader
Sep 22 10:03:05 kolab imap/imaps[24421]: connected with no delay
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): connected
Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp = 
0x0, wp = 0xbfd472c8, sec = 30
Sep 22 10:03:05 kolab imap/ptloader[24784]: accepted connection
Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r = 1; 
errno = 2
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload sent data
Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select: sock = 16, rp = 
0xbfd47348, wp = 0x0, sec = 30
Sep 22 10:03:05 kolab imap/ptloader[24784]: Attempting to get domain for 
deaduser at domain.ch from cn=kolab,cn=config
Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain filter: 
(&(objectclass=domainrelatedobject)(associateddomain=domain.ch))
Sep 22 10:03:05 kolab imap/ptloader[24784]: Domain domain.ch is an alias 
domain for parent domain domain.ch
Sep 22 10:03:05 kolab imap/ptloader[24784]: ptsmodule_standard_root_dn 
called for domain domain.ch
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=ch
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now ,dc=domain,dc=ch
Sep 22 10:03:05 kolab imap/ptloader[24784]: Root DN now dc=domain,dc=ch
Sep 22 10:03:05 kolab imap/ptloader[24784]: Continuing with ptsm->base: 
dc=domain,dc=ch
Sep 22 10:03:05 kolab imap/imaps[24421]: timeout_select exiting. r = 1; 
errno = 2
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload read data back
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload(): empty response from 
ptloader server
Sep 22 10:03:05 kolab imap/imaps[24421]: No data available at all from 
ptload()
Sep 22 10:03:05 kolab imap/imaps[24421]: ptload completely failed: 
unable to canonify identifier: deaduser at domain.ch
Sep 22 10:03:05 kolab imap/imaps[24421]: SASL bad userid authenticated
Sep 22 10:03:05 kolab imap/imaps[24421]: badlogin: kolab [127.0.0.1] 
PLAIN [SASL(-13): authentication failure: bad userid authenticated]

==> /var/log/postfix/postfix.log <==
Sep 22 10:03:05 kolab imap/master[23912]: process type:SERVICE 
name:ptloader path:/usr/lib/cyrus-imapd/ptloader age:3.776s pid:24784 
signaled to death by signal 6 (Aborted)
Sep 22 10:03:05 kolab imap/master[23912]: service ptloader/unix pid 
24784 in READY state: terminated abnormally
Sep 22 10:03:05 kolab imap/master[23912]: too many failures for service 
ptloader/unix, disabling until next SIGHUP

==> /var/log/messages <==
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to 
ptloader server: Connection refused
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed: 
unable to canonify identifier: deaduser at domain.ch
Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated

==> /var/log/imapd/imapd.log <==
Sep 22 10:03:09 kolab imap/imaps[23925]: accepted connection
Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() incomplete -> wait
Sep 22 10:03:09 kolab imap/imaps[23925]: SSL_accept() succeeded -> done
Sep 22 10:03:09 kolab imap/imaps[23925]: starttls: TLSv1.2 with cipher 
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): fetched cache record 
(cyrus-admin)(mark 1442905202, current 1442908989, limit 1442898189)
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload returning data
Sep 22 10:03:09 kolab imap/imaps[23925]: canonified cyrus-admin -> 
cyrus-admin
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): pinging ptloader
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload(): can't connect to 
ptloader server: Connection refused
Sep 22 10:03:09 kolab imap/imaps[23925]: No data available at all from 
ptload()
Sep 22 10:03:09 kolab imap/imaps[23925]: ptload completely failed: 
unable to canonify identifier: deaduser at domain.ch
Sep 22 10:03:09 kolab imap/imaps[23925]: SASL bad userid authenticated
Sep 22 10:03:09 kolab imap/imaps[23925]: badlogin: kolab [127.0.0.1] 
PLAIN [SASL(-13): authentication failure: bad userid authenticated]


# testsaslauthd -u deaduser at domain.ch -p ********
0: OK "Success."

---
Kind regards

Andrea

Email: andrea.soliva at comcept.ch

Am 22-09-2015 00:49, schrieb signaldeveloper at gmail.com:
> Andrea,
> 
> Do you have canonification on or off? I had a similar issue. Note that
> when you create a user on kolab web admin you may need to wait for up
> to 30 seconds for it to be created fully. If you log in too fast it
> will give you this error. Watch maillog as soon as you create a user
> and you'll see what I mean. Take a minute sometimes.
> 
> Otherwise I would run testsaslauth commands (can't think of them off
> the top of my head) and see if you can log in. What's your pykolab log
> say? If your SASL fails (which it is showing it is) then it won't be
> created in IMAP. Again try running the test sasl commands and see if
> you can log in with the user.
> 
> Depending on your canonification I would also try logging in with both
> the FULL email and the name to see what happens.
> 
> In kolab conf ensure your Python is correct for primary_mail as if you
> change this it will cause problems. Kolab doesn't accept the general
> python syntax.
> 
> 
> 
> - Paul
> 
>> On Sep 21, 2015, at 4:46 PM, Soliva Andrea <soliva at comcept.ch> wrote:
>> 
>> Hi all
>> 
>> after several hours debugging and looking to this issue I do not have 
>> anymore any ideas how to proceed:
>> 
>> I have a installation with 5 main Domains and 1 domain with a 
>> associated domain. For this installation I have created in the last 
>> two month about 25 users without any problems. I was in the last two 
>> weeks in holidays from this point of view it did not change anyhting 
>> on the config :-) Specially one domain was new created as the users 
>> before I left to holidays. All is working fine also for the domain for 
>> the users created before leaving to holidays. From this point of view 
>> it can be actually not a config issue because as mentioned for all 
>> existing user absolutly no problems for connection and authentication.
>> 
>> Today I created a new main domain as one user for this domain. The 
>> domain was created in dirsrv without any Errors (debug). Actually the 
>> user was also created in dirsrv but the mailbox etc could not be 
>> created. In a later phase I saw in debug the reason which means:
>> 
>> Even all other users can be verified as the Domains for this specific 
>> Domain as user ptload gets no data back from dirsrv!
>> 
>> the debug of dirsrv Shows to 100% that the search for the new Domain 
>> is successful (canonify) but it shows also "not data back" message 
>> from ptload which means for some reason ptload can not get from dirsrv 
>> for this particular domain as this user any Information. This will be 
>> also shown in the logs with:
>> 
>> ==> /var/log/imapd/imapd.log <==
>> Sep 21 21:58:26 kolab imap/imaps[12877]: accepted connection
>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() incomplete -> 
>> wait
>> Sep 21 21:58:26 kolab imap/imaps[12877]: SSL_accept() succeeded -> 
>> done
>> Sep 21 21:58:26 kolab imap/imaps[12877]: starttls: TLSv1.2 with cipher 
>> ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication
>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload(): fetched cache 
>> record (cyrus-admin)(mark 1442861102, current 1442865506, limit 
>> 1442854706)
>> Sep 21 21:58:26 kolab imap/imaps[12877]: ptload returning data
>> Sep 21 21:58:26 kolab imap/imaps[12877]: canonified cyrus-admin -> 
>> cyrus-admin
>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): pinging ptloader
>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload(): can't connect to 
>> ptloader server: Connection refused
>> Sep 21 21:58:27 kolab imap/imaps[12877]: No data available at all from 
>> ptload()
>> Sep 21 21:58:27 kolab imap/imaps[12877]: ptload completely failed: 
>> unable to canonify identifier: deaduser at domain.ch
>> Sep 21 21:58:27 kolab imap/imaps[12877]: SASL bad userid authenticated
>> Sep 21 21:58:27 kolab imap/imaps[12877]: badlogin: kolab [127.0.0.1] 
>> PLAIN [SASL(-13): authentication failure: bad userid authenticated]
>> Sep 21 21:58:27 kolab imap/imap[12577]: accepted connection
>> Sep 21 21:58:27 kolab imap/imap[12577]: TLS Server Name Indication 
>> (SNI) Extension: "localhost"
>> 
>> Again to have no misunderstanding: it Looks like ptloader can not 
>> connect but for all other Domains as users no Problems works. As soon 
>> as this happens to often the ptloader goes to a Segmentation fault 
>> which is shown under dmesg. But even this happens all other user can 
>> connect without Problems!
>> 
>> I saw on the list some old messages pointing to the same issue which 
>> should happen from time to time which means that this happens always. 
>> The orkaround which is listed in this message is following as to reach 
>> the goal to clean up the new domain and user to beginn from scratch:
>> 
>> 
>> # service kolabd stop
>> 
>> Delete User from LDAP:
>> 
>> # /usr/lib/mozldap/ldapdelete -D cn="Directory Manager" -w [Your 
>> Password] uid=deaduser,ou=People,dc=domain,dc=ch
>> 
>> Delete IMAP Mailbox (even this is not existing):
>> 
>> # kolab dm user/deaduser at domain.ch
>> 
>> # service cyrus-imapd stop
>> 
>> # pkill idled
>> 
>> # service cyrus-imapd start
>> 
>> # service kolabd start
>> 
>> Clean-Up all DELETED stuff (carefull alsl DELETED marked stuff as 
>> deleted Messages etc will be removed):
>> 
>> # /usr/lib/cyrus-imapd/cyr_expire -D 0 -E 0 -X 0
>> 
>> Delete new created Domain:
>> 
>> # cd /usr/share/kolab-webadmin/lib/
>> 
>> # /usr/bin/php domain_delete.php
>> 
>> 
>> I tried several times also with restarting all Services etc. but no 
>> success. I have no more ideas how to proceed with this new Domain 
>> and/or user to get it working!
>> 
>> Any help really appriciated!
>> 
>> --
>> Kind regards
>> 
>> Andrea
>> 
>> Email: andrea.soliva at comcept.ch
>> _______________________________________________
>> users mailing list
>> users at lists.kolab.org
>> https://lists.kolab.org/mailman/listinfo/users


More information about the users mailing list