Ubuntu
dovecot package

dovecot failed to load private "snakeoil" key after release upgrade

Bug #1930189 reported by Kai
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
dovecot (Ubuntu)
New
High
Unassigned

Bug Description

I got this issue message after upgrading from Ubuntu 20.04 to 20.10

ProblemType: Package
DistroRelease: Ubuntu 20.10
Package: dovecot-core 1:2.3.11.3+dfsg1-2ubuntu0.1
ProcVersionSignature: Ubuntu 5.8.0-53.60-generic 5.8.18
Uname: Linux 5.8.0-53-generic x86_64
ApportVersion: 2.20.11-0ubuntu50.7
Architecture: amd64
CasperMD5CheckResult: skip
Date: Mon May 31 08:12:40 2021
ErrorMessage: »installiertes dovecot-core-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück
InstallationDate: Installed on 2011-01-09 (3794 days ago)
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
Python3Details: /usr/bin/python3.8, Python 3.8.6, python3-minimal, 3.8.6-0ubuntu1
PythonDetails: /usr/bin/python2.7, Python 2.7.18, python-is-python2, 2.7.17-4
RelatedPackageVersions:
 dpkg 1.20.5ubuntu2
 apt 2.1.10ubuntu0.3
SourcePackage: dovecot
Title: package dovecot-core 1:2.3.11.3+dfsg1-2ubuntu0.1 failed to install/upgrade: »installiertes dovecot-core-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zurück
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Kai (fountaink) wrote :
Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

Hello Kai,

Thank you for taking the time to file a bug report.

While checking the attached logs, I noticed that the dpkg logs contain

Mai 31 08:12:31 kai-desktop dovecot[220659]: doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 13: ssl_key: Can't open file /etc/dovecot/private/dovecot.key: No such file or directory

That file is a symlink to /etc/ssl/private/ssl-cert-snakeoil.key, which is generated by the ssl-cert package

Have you modified/removed /etc/ssl/private/ssl-cert-snakeoil.key or the ssl-cert package from your system?

Since there is not enough information in your report to begin triage or to
differentiate between a local configuration problem and a bug in Ubuntu, I
am marking this bug as "Incomplete". We would be grateful if you would:
provide a more complete description of the problem, explain why you
believe this is a bug in Ubuntu rather than a problem specific to your
system, and then change the bug status back to "New".

For local configuration issues, you can find assistance here:
http://www.ubuntu.com/support/community

Changed in dovecot (Ubuntu):
status: New → Incomplete
Revision history for this message
Kai (fountaink) wrote :

Hello Athos,

I took a system upgrade from Ubunto 2020.04 -> 2020.10 -> 2021.04 on May 31. The same date and time as the key file was created.

The file is there:
sudo ls -all /etc/ssl/private/
insgesamt 16
drwx--x--- 2 root ssl-cert 4096 Jun 4 05:32 .
drwxr-xr-x 4 root root 4096 Mai 31 22:19 ..
-rw------- 1 root dovecot 1704 Jun 7 2012 dovecot.pem
-rw-r----- 1 root ssl-cert 1704 Mai 31 22:28 ssl-cert-snakeoil.key

and the key information is on the file.

The private folder is only for this user group:
/etc/ssl$ ls -all
insgesamt 72
drwxr-xr-x 4 root root 4096 Mai 31 22:19 .
drwxr-xr-x 291 root root 20480 Jun 1 05:12 ..
drwxr-xr-x 3 root root 28672 Mai 31 22:59 certs
-rw-r--r-- 1 root root 10909 Mär 6 2020 openssl.cnf
drwx--x--- 2 root ssl-cert 4096 Jun 4 05:32 private

Do you need more information?

Revision history for this message
Robie Basak (racb) wrote :

Thank you for your report. I wonder if something's going on here in relation to the snakeoil certificate and how its handling has changed in behaviour since 12.04. If you could provide exact steps to reproduce, that would be very helpful. Also, does /etc/dovecot/private/dovecot.key exist at all on your system?

Otherwise, I've added this to our backlog to look at.

Changed in dovecot (Ubuntu):
importance: Undecided → High
status: Incomplete → New
summary: - package dovecot-core 1:2.3.11.3+dfsg1-2ubuntu0.1 failed to
- install/upgrade: »installiertes dovecot-core-Skript des Paketes post-
- installation«-Unterprozess gab den Fehlerwert 1 zurück
+ dovecot failed to load private "snakeoil" key after release upgrade
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.