将 Ubuntu 从 20.04 升级到 22.04 后,我在启动 dovecot 时遇到问题,并出现以下错误:
$ sudo dovecot -F
doveconf: Fatal: execvp(/usr/sbin/dovecot) failed: Argument list too long
经过一番搜索,我发现你必须提高ARG_MAX
变量,但我不知道如何做。
我曾尝试在和中寻找解决方案ulimit
。sysconf
exec
$ sudo getconf ARG_MAX
2097152
$ getconf ARG_MAX
6291456
我已将以下内容添加到/etc/secutiry/limits.conf
:
root soft nofile 65535
root hard nofile 65535
LimitNOFILE=65536
但dovecot.service
它仍然抛出同样的错误!
$ sudo doveconf -n
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = PLAIN
auth_verbose = yes
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_home = /home/vmail/%d/%u
mail_location = maildir:~
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocols = imap pop3
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
user = root
}
ssl = required
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
local_name mail.*.nl {
protocol imap {
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
ssl_key = # hidden, use -P to show it
}
}
local_name mail.*.nl {
protocol pop3 {
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
ssl_key = # hidden, use -P to show it
}
}
退出代码:89
答案1
如果合理的限制有效.. 但你真的在意想不到的地方传递了一些不合适的大东西吗?
我可以看到一个潜在的候选人:我不认为这是你想要配置的:
ssl_ca = </etc/ssl/certs/ca-certificates.crt
这是为了验证发送给您的客户端证书。即使您使用了它,它也不会包含大量的证书。
如果您想覆盖在客户端角色连接时仅用于验证证书的内容,您可以使用ssl_client_ca_dir
,但它应该已经有合理的默认值,所以不需要。