Unable to change 'sieve' annotation of shared mailbox on 3.6.1
Opened this issue · 2 comments
I have issue on debian 12 version 3.6.1 of cyrus imapd. I unable to execute mboxcfg on any shared mailbox. But on user's mailbox I can change with mboxcfg a comment, for example.
I have sasl_pwcheck_method: saslauthd settings and run saslauthd -a kerberos5 to auth via AD domain. So my imap admins are: admins: cyrus kerbcyrusadm.
I have admin.sieve.script and compiled admin.sieve.bc in /var/spool/cyrus/sieve/global. When I login via cyradm and try to change sieve annotation of shared mailbox admin the imapd terminates.
mailbox:~# cyradm -u kerbcyrusadm -w MY_CYRUS_ADMIN_PASSWORD localhost
localhost> info admin
{admin}:
private:
check: NIL
checkperiod: NIL
comment: NIL
sort: NIL
specialuse: NIL
thread: NIL
archive: NIL
delete: NIL
expire: NIL
news2mail: NIL
search-fuzzy-always: NIL
sieve: NIL
sortorder: NIL
squat: NIL
shared:
check: NIL
checkperiod: NIL
comment: NIL
sort: NIL
specialuse: NIL
thread: NIL
annotsize: 15
archive: NIL
delete: NIL
duplicatedeliver: false
expire: NIL
foldermodseq: 117177
hasalarms: false
lastpop: NIL
lastupdate: 11-Jul-2023 13:47:24 +0500
news2mail: NIL
partition: default
pop3newuidl: true
pop3showafter: NIL
search-fuzzy-always: NIL
sharedseen: false
sieve: sysadmins.sieve
size: 229028
sortorder: NIL
squat: NIL
synccrcs: 1196931241 750665476
uniqueid: 44e651304e5b0a6b
localhost> mboxcfg admin sieve "admin.sieve"
mboxconfig:
localhost> info admin
mailbox:~#
mailbox:~# journalctl -u cyrus-imapd.service -e
[...]
Jul 11 14:12:31 mailbox cyrus/imap[143813]: Fatal error: Internal error: assertion failed: imap/mboxlist.c: 1088: user_isnamespacelocked(userid)
Jul 11 14:12:31 mailbox cyrus/imap[143813]: twoskip: /var/lib/cyrus/annotations.db closed while still locked
Jul 11 14:12:31 mailbox cyrus/master[102064]: process type:SERVICE name:imap path:/usr/lib/cyrus/bin/imapd age:45.312s pid:143813 exited, status 70
mailbox:~# ll /var/lib/cyrus
total 600
-rw------- 1 cyrus mail 616 Jul 6 15:37 annotations.db
-rw------- 1 cyrus mail 920 Jun 6 2018 annotations.db.OLD
-rw------- 1 cyrus mail 16384 Mar 29 2021 caldav_alarm.sqlite3
drwx------ 2 cyrus mail 4096 Mar 20 2021 db
drwx------ 2 cyrus mail 4096 Jul 11 14:07 db.backup1
drwx------ 2 cyrus mail 4096 Jul 11 13:37 db.backup2
-rw------- 1 cyrus mail 58800 Jul 11 14:12 deliver.db
drwx------ 3 cyrus mail 4096 Jul 31 2018 domain
drwx------ 28 cyrus mail 4096 Jul 31 2018 lock
drwx------ 2 cyrus mail 4096 Jul 31 2018 log
-rw------- 1 cyrus mail 238216 Jul 11 13:29 mailboxes.db
drwx------ 2 cyrus mail 4096 Jul 31 2018 msg
drwx------ 2 cyrus mail 49152 Jul 31 2018 proc
drwx------ 28 cyrus mail 4096 Jul 31 2018 quota
-rw------- 1 cyrus mail 94208 Jul 10 14:33 shared.dav
drwxr-x--- 2 cyrus mail 32768 Jul 11 14:13 socket
-rw------- 1 cyrus mail 336 Jun 6 2018 statuscache.db
-rw------- 1 cyrus mail 49512 Jul 11 13:55 tls_sessions.db
drwx------ 28 cyrus mail 4096 Jul 31 2018 user
-rw------- 1 cyrus mail 0 Oct 12 2016 user_deny.db
mailbox:~# sudo -u cyrus /usr/lib/cyrus/bin/cyr_dbtool /var/lib/cyrus/annotations.db twoskip consistent
Yes, consistent
Full restart of cyrus-imapd service doesn't help also. What's wrong with my installation?
I've tried to change ACL for kerbcyrusadm user to all on the mailbox, doesn't matter.
I update from version 3.2.6 in debian 11 to 3.6.1 in debian 12 and add mailbox_legacy_dirs: yes into imapd.conf.
I applied PR #4613 and the error has gone. Now I can apply sieve script to any shared folder again.
This bug is still present on cyrus 3.8.3 :
grep ^admins /etc/imapd.conf
admins: admin
sieveshell -u admin -a admin localhost
connecting to localhost
Please enter your password:
Please enter your password: ^C
logs :
2024-06-25T11:16:16.753483+02:00 cyrus-backend-pers-2-18 cyrus/sieve[3852426]: Falling back to using legacy location for admin.dav
2024-06-25T11:16:16.755271+02:00 cyrus-backend-pers-2-18 cyrus/sieve[3852426]: IOERROR: failed to create user.admin.#sieve (Permission denied)
2024-06-25T11:16:16.755558+02:00 cyrus-backend-pers-2-18 cyrus/sieve[3852426]: error in actions_setuser()
2024-06-25T11:16:19.640788+02:00 cyrus-backend-pers-2-18 cyrus/sieve[3852426]: Lost connection to client -- exiting
cyrus 3.8.3 doesn't recognize the administrator user and try to create user.admin.#sieve mailbox.
I did managed to create "global scripts" in /var/spool/sieve/global, and compile them and attach them to shared mailboxes. But they are not used by lmtp to deliver mails.
I (or cyrus) should certainly create shared-box.#sieve, but I don't know how to do that.
Sincerly,
Jean Charles Delépine