RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1494430 - Incompatibility between dovecot/systemd/XFS
Summary: Incompatibility between dovecot/systemd/XFS
Keywords:
Status: CLOSED DUPLICATE of bug 1493047
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: dovecot
Version: 7.4
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Michal Hlavinka
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-22 09:00 UTC by Didier
Modified: 2017-11-03 11:56 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-10-05 12:58:20 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Didier 2017-09-22 09:00:11 UTC 
Description of problem:

Due to the current dovecot version (1:2.2.10-7.el7) dating back to 2014, I started compiling (COPR) & testing more current (Fedora-based src.rpm) dovecot versions for the EL7.4 platform.

Up to version "1:2.2.21-3.fc23", dovecot works without issues on EL7.4.

Starting from version "1:2.2.22-1.fc23", dovecot is unable to deliver mail on XFS-formatted storage (error message : "Read-only file system").

This is due to "ProtectSystem=full" being enabled in /usr/lib/systemd/system/dovecot.service (with dovecot apparently acting as if "ProtectSystem=strict", according to https://www.freedesktop.org/software/systemd/man/systemd.exec.html).

With EXT4-formatted storage, dovecot-2.2.22-1 works as expected.

I am not sure whether this is a dovecot, a systemd or an xfs bug.



Version-Release number of selected component (if applicable):

kernel.x86_64     3.10.0-693.2.2.el7      @updates
systemd.x86_64    219-42.el7_4.1          @updates
xfsprogs.x86_64   4.5.0-12.el7            @base

dovecot.x86_64    1:2.2.22-1.el7.centos   @ifas-dovecot


How reproducible:

Always


Steps to Reproduce:

1. compile/install a dovecot version with systemd dovecot.service "ProtectSystem=full"
2. configure dovecot for "mail_location = maildir:~/Maildir" delivery
3. confirm that mail location (/home/) is XFS-formatted


Actual results:

Docecot mail delivery fails :

==> /var/log/dovecot/dovecot.log <==
Sep 22 09:49:24 lmtp(test): Error: open() failed with file /home/test/Maildir/dovecot.index.log: Read-only file system
Sep 22 09:49:24 lmtp(test): Error: open(/home/test/Maildir/dovecot-uidlist) failed: Read-only file system
Sep 22 09:49:24 lmtp(test): Error: open(/home/test/Maildir/tmp/1506066564.M179943P13513.virt-74-2) failed: Read-only file system

==> /var/log/dovecot/dovecot-info.log <==
Sep 22 09:49:24 lmtp(test): Info: msgid=<20170922074924.1C09B11366D>: save failed to INBOX: open(/home/test/Maildir/tmp/1506066564.M179943P13513.virt-74-2) failed: Read-only file system


Expected results:

==> /var/log/dovecot/dovecot-debug.log <==
Sep 22 10:01:25 auth: Debug: userdb out: USER	1	test	system_groups_user=test	uid=1000	gid=1000	home=/home/test
Sep 22 10:01:25 lmtp(test): Debug: auth USER input: test system_groups_user=test uid=1000 gid=1000 home=/home/test
Sep 22 10:01:25 lmtp(test): Debug: changed username to test
Sep 22 10:01:25 lmtp(15399, test): Debug: Effective uid=1000, gid=1000, home=/home/test
Sep 22 10:01:25 lmtp(15399, test): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir
Sep 22 10:01:25 lmtp(15399, test): Debug: maildir++: root=/home/test/Maildir, index=, indexpvt=, control=, inbox=/home/test/Maildir, alt=
Sep 22 10:01:25 lmtp(test): Debug: INBOX: Mailbox opened because: lib-lda delivery
Sep 22 10:01:25 lmtp(test): Debug: Mailbox <lmtp DATA>: Opened mail UID=1 because: copying

==> /var/log/dovecot/dovecot-info.log <==
Sep 22 10:01:25 lmtp(test): Info: msgid=<20170922075514.9242C11366E>: saved mail to INBOX


Additional info:

Mail is delivered :
- with "ProtectSystem=full" and mail location = EXT4
- with "ProtectSystem=no" and mail location = XFS

Due to time constraints (tracing this took 3 days of my life), I have not tested this behaviour on Fedora.
Comment 2 Didier 2017-10-03 07:31:47 UTC 
ACK?

Is there any value in reporting these kinds of bugs, or should we just let them slip between the cracks ?
Comment 3 Michal Hlavinka 2017-10-05 12:58:20 UTC 
Hi, thanks for reporting this. It's a bug in systemd. You can track the progress in bug #1493047

*** This bug has been marked as a duplicate of bug 1493047 ***
Note You need to log in before you can comment on or make changes to this bug.