After upgrading Ubuntu Dovecot fails to start with a fatal error: Argument list too long

Alex

7/22/24, 11:34 AM

After upgrading Ubuntu from 20.04 to 22.04 I'm having a problem with starting dovecot and I'm getting the following error:

$ sudo dovecot -F
doveconf: Fatal: execvp(/usr/sbin/dovecot) failed: Argument list too long

After some searching I found out that you have to raise the ARG_MAX variable, but I don't know how.

I have tried finding solutions in ulimit, sysconf and exec.

$ sudo getconf ARG_MAX
2097152
$ getconf ARG_MAX
6291456

I have added the following to /etc/secutiry/limits.conf:

root    soft    nofile      65535
root    hard    nofile      65535

LimitNOFILE=65536 in dovecot.service but it still throws the same error!

$ sudo doveconf -n

auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = PLAIN
auth_verbose = yes
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
mail_home = /home/vmail/%d/%u
mail_location = maildir:~
passdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
protocols = imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  user = root
}
ssl = required
ssl_ca = </etc/ssl/certs/ca-certificates.crt
ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_prefer_server_ciphers = yes
userdb {
  args = /etc/dovecot/dovecot-sql.conf
  driver = sql
}
local_name mail.*.nl {
  protocol imap {
    ssl_ca = </etc/ssl/certs/ca-certificates.crt
    ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
    ssl_key = # hidden, use -P to show it
  }
}
local_name mail.*.nl {
  protocol pop3 {
    ssl_ca = </etc/ssl/certs/ca-certificates.crt
    ssl_cert = </etc/letsencrypt/live/*.nl/fullchain.pem
    ssl_key = # hidden, use -P to show it
  }
}

Exit code: 89

1 + 2

dovecot

ubuntu-22.04

anx

7/22/24, 11:41 AM

With Ubuntu you cannot trust that your system-wide limit configuration is honoured, because some systemD fuckery could interfere. Can you see resource limits applied when dumping the unit configuration like `systemctl show dovecot.service`?

Alex

7/22/24, 4:22 PM

Yes, `LimitNOFILE=65535`, `LimitNOFILESoft=65535`, `LimitNPROC=124116`, `LimitNPROCSoft=124116`, `LimitMEMLOCK=65536`, `LimitMEMLOCKSoft=65536`, `LimitSIGPENDING=124116`, `LimitSIGPENDINGSoft=124116`, `LimitMSGQUEUE=819200`, `LimitMSGQUEUESoft=819200`

Score:2

Server

anx

7/22/24, 11:46 AM

What if reasonable limit are effective.. but you are really passing something inappropriately large in an unexpected place?

I can see one potential candidate: I do not think this is what you meant to configure:

ssl_ca = </etc/ssl/certs/ca-certificates.crt

That is for verification of client certificates sent to you. If you even used that, it would still not contain a substantial number of certificates.

If you wanted to override what is used to verify only certificates when connecting in a client role, you would use ssl_client_ca_dir, but that already should have sensible defaults, so no need to.

+ 1

Alex

7/22/24, 6:21 PM

God bless you! It fixed it! Thank you! I commented out the line and it started.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: After upgrading Ubuntu Dovecot fails to start with a fatal error: Argument list too long

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.