dovecot module edits wrong protocols line

when you edit protocols under "webmin -> servers -> dovecot -> networking and protocols" it actually writes it to the wrong file.

i copied the config folder structure and did a diff to see where it changed, and see that it touched the managesieve config file (that's a dovecot plugin whose protocols line SHOULD be saying "protocols = $protocols sieve" which means that it appends the protocol to the list of existing enabled protocols:

diff -ENwbur /tmp/dove/conf.d/20-managesieve.conf /etc/dovecot/conf.d/20-managesieve.conf
--- /tmp/dove/conf.d/20-managesieve.conf    2013-02-16 23:47:04.000000000 -0500
+++ /etc/dovecot/conf.d/20-managesieve.conf    2013-02-16 23:56:27.000000000 -0500
@@ -3,7 +3,7 @@
 ##

 # Uncomment to enable managesieve protocol:
-protocols = $protocols sieve
+protocols = imap lmtp sieve

so it edited /etc/dovecot/conf.d/20-managesieve.conf, but it SHOULD have edited /etc/dovecot/dovecot.conf, which contains this line:

protocols = imap pop3 lmtp

maybe this is like the postfix example where you use a tool to edit the config and it's out of your hands... i hope not. if you are using a tool then either look into a way to always edit the correct config file, or disable the feature...

Status: 
Active

Comments

also, the GUI doesn't understand enabled protocols properly.

here are my config files:

/etc/dovecot/dovecot.conf:
protocols = imap

/etc/dovecot/conf.d/20-managesieve.conf
protocols = $protocols sieve

in other words, IMAP + Sieve (managesieve), no other protocols are enabled.

the webmin gui however shows all 4 protocols as enabled (imap, pop3, lmtp, sieve) since it doesnt parse the configs correctly.

unfortunately this will be tricky for you to fix unless dovecot has some sort of mode that can dump a list of all config values. it's all caused by the fact that dovecot splits configs into multiple cumulative files that are parsed one after the other, overwriting or adding to the previous files... and that's not easy to parse, unless you take the same steps of first reading the /etc/dovecot/dovecot.conf file for its "protocols" line, and then cumulatively reading all files in the include-directory and overwriting/appending values to the "protocols" line until you know the truth...

to disable built-in protocols (pop, imap, lmtp) always use /etc/dovecot/dovecot.conf

to disable plugin protocols, comment out the "protocols = $protocols sieve"-type line in the corresponding /etc/dovecot/conf.d/20-managesieve.conf file (or whatever the plugin may be).

sigh... looks like a lot of work for very little gain to properly fix this bug, unfortunately.

i guess a simple bandaid would be to only support the main protocols (pop, imap and lmtp) in the "disable/enable protocols" GUI, and only ever read/modify /etc/dovecot/dovecot.conf. that way, plugin protocols won't be listed, but at least things won't break.

I think the best fix is for Webmin to update the first protocols line. However, as you said this isn't ideal either .. once config directives start to refer to each other, it is hard to figure out exactly which one should be updated.

exactly; it's a really tricky situation and it would be overkill to begin parsing in depth and doing variable substitution.

here is one way to do such in-depth parsing (but i do not recommend going down this path):

read the main config file at /etc/dovecot/dovecot.conf to get the main protocols line
look for all "!include <path>" lines in that file and build a sorted list of all files that match
  the pattern (such as "!include conf.d/*.conf")
loop through all lines of all files, looking for "^protocols ="
if you encounter a protocols line, store a reference to the exact file it was found in, and parse
  its contents (if it says "protocols = $protocols sieve" then it's adding to the current list; if it
  says "protocols = sieve" then it overwrites the entire list)
display an interface to the user that lets them enable/disable protocols, and upon doing so, webmin
  would have to see which file the line came from, and comment out the protocols line (in case
  of a plugin) or remove the protocol (in case of the main dovecot.conf)

see how much work that is! and it's just for 1 tiny feature.

so instead, i suggest you only read the main dovecot.conf and only support turning on/off the main imap/pop3/lmtp features and nothing else. if someone is smart enough to install plugins (which requires command line work and config editing) then they are smart enough to enable/disable them via the config files.

just change the main feature from "Serve mail protocols: [IMAP,POP3,LMTP,Sieve]" to "Serve mail protocols: [IMAP,POP3,LMTP]" and make the "serve mail protocols" clickable to a page noting that it only deals with the 3 main protocols and that any plugins need to be manually turned on/off via the respective config files.

this way you only have to bother parsing the main config file, which happens to be the only correct place to store the 3 main protocols. so at least the core features will work properly, and you save a boatload of work.

sure, it would be nice to manage plugins too, but the reality is that it takes a lot of knowledge to install plugins, and such power users will be used to installing and configuring things on the command line (which is how they got the plugin in the first place), so this is not a problem.

This issue has been discussed on multiple occasions (like for example: https://www.virtualmin.com/node/35299), but it's still not fixed. With every dovecot update, we need to go into the terminal to place the # before that line in /usr/share/dovecot/protocols.d/pop3d.protocol

Or was it /etc/dovecot/dovecot.conf ?

Or /etc/dovecot/conf.d/20-managesieve.conf ?

Can someone cut the wire on this issue and push the change into production, please?

This will be fixed in the next Webmin release.

I haven't had this issue in over almost a year now, so I consider it indeed to be fixed. Thank you JamieCameron for taking action!

Great, thanks for letting us know!