|Summary:||networking/dovecot - changed default first_valid_uid since rhel-7.3|
|Product:||Red Hat Enterprise Linux 6||Reporter:||Petr Stodulka <pstodulk>|
|Component:||preupgrade-assistant-el6toel7||Assignee:||Jakub Mazanek <jmazanek>|
|Status:||CLOSED ERRATA||QA Contact:||Alois Mahdal <amahdal>|
|Severity:||medium||Docs Contact:||Lenka Špačková <lkuprova>|
|Version:||6.9||CC:||jhornice, jmazanek, msvistun, ovasik, redhat-bugzilla|
|Fixed In Version:||preupgrade-assistant-el6toel7-0.7.1-1.el6||Doc Type:||Release Note|
Users with any UID are now able to log in after the update to RHEL 7 Since Red Hat Enterprise Linux 7.3, the default value of the "first_valid_uid" configuration option of Dovecot changed from "500" in Red Hat Enterprise Linux 6 to "1000" in Red Hat Enterprise Linux 7. Consequently, if a Red Hat Enterprise Linux 6 installation did not have "first_valid_uid" explicitly defined, the Dovecot configuration did not allow users with UID less than "1000" to log in after the update to Red Hat Enterprise Linux 7. Note that only installations where "first_valid_uid" was not explicitly defined were affected. This problem has been addressed by the post-upgrade script, which now changes the "first_valid_uid" value from "1000" to the original value on the source system. As a result, users with any UID are able to log in after the update to Red Hat Enterprise Linux 7.
|Last Closed:||2017-11-14 20:40:58 UTC||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
|Bug Depends On:|
Description Petr Stodulka 2016-10-26 15:12:11 UTC
Description of problem: Since RHEL-7.3, dovecot-2.2.10-7 changed default value first_valid_uid from 500 to 1000, because of regular users on rhel-7 start at UID 1000. See bug #1280433 We currently inform users about different ranges for system,reserved and reg. users on rhel-7 according to ranges on rhel-6. However, this is another change and as I remember, we don't move users to different UIDs - as this is completely in hands of admins now. So after upgrade to rhel-7, dovecot will not be usable for all users with lower UID then used first_valid_uid. Known issue: For bug #1280433 will be created known issue, which will include upgrades from rhel-6 too. Expected solution: * in case the first_valid_uid is set, we don't have to do anything, but we could print log_info probably that the default value is changed - just for theirs info * in case the first_valid_uid is not set: - should print slight risk or info, - exit status will be fixed or failed (it depends on another already created checks of the module, important part is, that exit will not be passed), - the postupgrade script will set "first_valid_uid=500" inside /etc/dovecot/conf.d/10-mail.conf
Comment 1 Petr Stodulka 2016-10-26 15:15:12 UTC
And of course, a info in solution text will be added.
Comment 2 Alois Mahdal 2016-12-06 16:50:40 UTC
For QA: Talk to jmazanek about exact details of the change.
Comment 11 Alois Mahdal 2017-11-11 01:54:49 UTC
Test passed with new build.
Comment 13 errata-xmlrpc 2017-11-14 20:40:58 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:3212