Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cyrus/http HTTP/1.1 403 Forbidden #5106

Open
chittaranjan870 opened this issue Oct 26, 2024 · 15 comments
Open

cyrus/http HTTP/1.1 403 Forbidden #5106

chittaranjan870 opened this issue Oct 26, 2024 · 15 comments

Comments

@chittaranjan870
Copy link

chittaranjan870 commented Oct 26, 2024
edited
Loading

Webdav not working in version 3.0.13-5
@dilyanpalauzov
Copy link
Contributor

The description is unclear. Which HTTP request receives 403 Forbidden reply and why do you use such old Cyrus Imap version?

@chittaranjan870
Copy link
Author

I configured Webdav on cyrus imap 3.0.13

Webdav is accessing, also successfully mounted using mount.davfs.

But unable to sync/create/modify within dav directory

Following errors are found in the syslog for reference..

Oct 15 20:14:34 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "LOCK /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" (depth=0) => "HTTP/1.1 201 Created" (location=/dav/drive/user/[email protected]/file1.txt)
Oct 15 20:14:34 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:34 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "HEAD /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" => "HTTP/1.1 200 OK"
Oct 15 20:14:34 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:34 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "GET /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" (if-modified-since=Tue, 15 Oct 2024 14:44:34 GMT) => "HTTP/1.1 304 Not Modified"
Oct 15 20:14:35 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:35 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "PROPFIND /dav/drive/user/user2%40domain.com/ HTTP/1.1" (type=prop; depth=1) => "HTTP/1.1 207 Multi-Status"
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0001 Id
Oct 15 20:14:42 mail cyrus/imap[3681]: client id sessionid=: "name" "Roundcube/Kolab" "version" "1.4.9"
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0002 Authenticate
Oct 15 20:14:42 mail cyrus/imap[3681]: login: localhost [127.0.0.1] [email protected] PLAIN User logged in SESSIONID=
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0003 Status
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0004 Select
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0005 Uid
Oct 15 20:14:42 mail cyrus/imap[3681]: command: A0006 Logout
Oct 15 20:14:42 mail cyrus/imap[3681]: USAGE [email protected] user: 0.003251 sys: 0.000000
Oct 15 20:14:45 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:45 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "HEAD /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" => "HTTP/1.1 200 OK"
Oct 15 20:14:45 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:45 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "PUT /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" (if=http://192.168.10.191:8008/dav/drive/user/user2%40domain.com/file1.txt (http://cyrusimap.org/ns/lock/yhnxe048f85elpvakh4829fr-8c28-0)) => "HTTP/1.1 403 Forbidden"
Oct 15 20:14:45 mail cyrus/http[3733]: login: [192.168.10.147] [email protected] Basic User logged in SESSIONID=
Oct 15 20:14:45 mail cyrus/http[3733]: [192.168.10.147] as "[email protected]" with "davfs2/1.5.5 neon/0.30.2"; "UNLOCK /dav/drive/user/user2%40domain.com/file1.txt HTTP/1.1" (lock-token=http://cyrusimap.org/ns/lock/yhnxe048f85elpvakh4829fr-8c28-0) => "HTTP/1.1 204 No Content"

@dilyanpalauzov
Copy link
Contributor

This works on the master branch

$ mkdir /home/z/dav
$ sudo bash
$ mount -t davfs http://127.0.0.3/dav/drive/user/aaa@bbb/  /home/z/dav
$ cp file /home/z/dav/
$ umount dav

@dilyanpalauzov
Copy link
Contributor

The log above is copied from #5105.

@chittaranjan870 chittaranjan870 mentioned this issue Oct 28, 2024
Closed
@chittaranjan870
Copy link
Author

This works on the master branch

$ mkdir /home/z/dav
$ sudo bash
$ mount -t davfs http://127.0.0.3/dav/drive/user/aaa@bbb/  /home/z/dav
$ cp file /home/z/dav/
$ umount dav

You are saying, will I upgrade it to latest version ?

@chittaranjan870
Copy link
Author

chittaranjan870 commented Oct 28, 2024
edited
Loading

Same issue are facing in Cyrus IMAP Version: 3.4.3

Oct 28 10:30:44 ubuntu cyrus/http[13571]: localhost [127.0.0.1] as "[email protected]" with "davfs2/1.6.1 neon/0.32.2" via SESSIONID=; "PUT /dav/drive/user/ux1%40domain.com/faillog HTTP/1.1" (auth=Basic; if=http://localhost:8008/dav/drive/user/ux1%40domain.com/faillog (urn:uuid:fv7nofio7s302u4yh8vx0u9w)) => "HTTP/1.1 403 Forbidden" [timing: cmd=0.004088 net=0.000018 total=0.004106]

Oct 28 10:30:44 ubuntu cyrus/http[13571]: localhost [127.0.0.1] as "[email protected]" with "davfs2/1.6.1 neon/0.32.2" via SESSIONID=; "UNLOCK /dav/drive/user/ux1%40domain.com/faillog HTTP/1.1" (auth=Basic; lock-token=urn:uuid:fv7nofio7s302u4yh8vx0u9w) => "HTTP/1.1 405 Method Not Allowed" (error=The requested method is not allowed for the URL.) [timing: cmd=0.000078 net=0.000005 total=0.000083]

403 & 405 not allowed, may be some misconfiguration I have done. cloud you please check my current configuration.

imapd.conf

configdirectory: /var/lib/cyrus
proc_path: /run/cyrus/proc
mboxname_lockpath: /run/cyrus/lock
defaultpartition: default
partition-default: /var/spool/cyrus/mail
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news
altnamespace: no
unixhierarchysep: 1
lmtp_downcase_rcpt: yes
admins: cyrusadm
servername: mailsrvr.domain.com
allowanonymouslogin: no
popminpoll: 1
umask: 077
sieveusehomedir: false
sievedir: /var/spool/sieve
httpmodules: caldav carddav ischedule webdav
caldav_allowattach: 1
caldav_allowcalendaradmin: 1
caldav_allowscheduling: on
caldav_create_attach: 1
caldav_create_default: 1
caldav_create_sched: 1
calendar_component_set: VEVENT VTODO VJOURNAL VFREEBUSY VAVAILABILITY VPOLL
calendar_user_address_set: domain.com
carddav_allowaddressbookadmin: 1
chatty: 1
carddav_realm:
hashimapspool: true
allowplaintext: yes
sasl_mech_list: PLAIN
loginrealms: domain.com
virtdomains: userid
sasl_pwcheck_method: saslauthd auxprop
sasl_auto_transition: no
tls_session_timeout: 1440
lmtpsocket: /run/cyrus/socket/lmtp
idlesocket: /run/cyrus/socket/idle
notifysocket: /run/cyrus/socket/notify
syslog_prefix: cyrus

cyrus.conf

START {

recover		cmd="/usr/sbin/cyrus ctl_cyrusdb -r"

delprune cmd="/usr/sbin/cyrus expire -E 3"
tlsprune cmd="/usr/sbin/cyrus tls_prune"
}

SERVICES {

imap		cmd="imapd -U 30" listen="imap" prefork=0 maxchild=100
pop3		cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=50
nntp		cmd="nntpd -U 30" listen="nntp" prefork=0 maxchild=100
http		cmd="httpd -U 30" listen="8008" prefork=0 maxchild=100
    lmtpunix	cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=0 maxchild=20
    sieve		cmd="timsieved" listen="localhost:sieve" prefork=0 maxchild=100
   notify		cmd="notifyd" listen="/run/cyrus/socket/notify" proto="udp" prefork=1

}

EVENTS {
checkpoint cmd="/usr/sbin/cyrus ctl_cyrusdb -c" period=30
delprune cmd="/usr/sbin/cyrus expire -E 3" at=0401
tlsprune cmd="/usr/sbin/cyrus tls_prune" at=0401
deleteprune cmd="/usr/sbin/cyrus expire -E 4 -D 28" at=0430
expungeprune cmd="/usr/sbin/cyrus expire -E 4 -X 28" at=0445

}

@dilyanpalauzov
Copy link
Contributor

It is possible, but unlikely, that somebody will investigate problems reported for the 3.0 versions.

@dilyanpalauzov
Copy link
Contributor

I tried again

$ mkdir /home/z/dav
$ sudo bash
$ mount -t davfs http://127.0.0.3/dav/drive/user/aaa@bbb/  /home/z/dav
$ cp file /home/z/dav/
$ umount dav

using Cyrus IMAP 3.4.9 (actually at commit 547827b). I compiled from the source code, created a completely new setup. For me the above commands then work.

@dilyanpalauzov
Copy link
Contributor

cyrus.conf:

SERVICES {
    imap        cmd="imapd -U 30 -C /etc/cyrus34/imapd.conf" listen="imap" prefork=0
    notify      cmd="notifyd -C /etc/cyrus34/imapd.conf" listen="/etc/cyrus34/socket/notify" proto="udp" prefork=1
    httpd       cmd="httpd -C /etc/cyrus34/imapd.conf" listen="[127.0.0.3]:80" maxchild=3 prefork=2
}

START {
    recover	cmd="ctl_cyrusdb -r -C /etc/cyrus34/imapd.conf"
}

imapd.conf:

# sasl_pwcheck_method: saslauthd
httpprettytelemetry: 1
fastmailsharing: 1
caldav_allowcalendaradmin: 1
caldav_allowscheduling: 1
carddav_allowaddressbookadmin: 1
allowusermoves: 1
loginrealms: D1 D2 D3
conversations: 1
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
sasl_mech_list: PLAIN LOGIN
allowplaintext: 1
allowanonymouslogin: 1
admins: a a@d a@D3
configdirectory:/etc/cyrus34
partition-default:/etc/cyrus34/part1
defaultdomain: d
httpmodules: freebusy admin caldav carddav jmap rss  tzdist webdav
virtdomains: userid
zoneinfo_dir: /etc/cyrus/timezones

@chittaranjan870
Copy link
Author

Checked with Cyrus IMAP 3.8.2

mkdir /home/sinu/dav
mount -t davfs http://localhost:8008/dav/drive/user/[email protected]/ /home/sinu/dav/
cp file1.txt /home/sinu/dav/

But still same issue occurring. please find log for reference..

2024-10-29T13:23:07.917072+00:00 srv cyrus/http[6780]: login: localhost [127.0.0.1] [email protected] Basic User logged in SESSIONID=
2024-10-29T13:23:07.919518+00:00 srv cyrus/http[6780]: localhost [127.0.0.1] as "[email protected]" with "davfs2/1.7.0 neon/0.33.0" via SESSIONID=; "HEAD /dav/drive/user/ux1%40example.in/file1.txt HTTP/1.1" (te=trailers; auth=Basic) => "HTTP/1.1 200 OK" [timing: cmd=0.063364 net=0.000009 total=0.063373]
2024-10-29T13:23:08.001584+00:00 srv cyrus/http[6780]: login: localhost [127.0.0.1] [email protected] Basic User logged in SESSIONID=
2024-10-29T13:23:08.002742+00:00 srv cyrus/http[6780]: localhost [127.0.0.1] as "[email protected]" with "davfs2/1.7.0 neon/0.33.0" via SESSIONID=; "PUT /dav/drive/user/ux1%40example.in/file1.txt HTTP/1.1" (te=trailers; auth=Basic; if=http://localhost:8008/dav/drive/user/ux1%40example.in/file1.txt (urn:uuid:6t5ld1knkjw65teu0r6ugxgs)) => "HTTP/1.1 403 Forbidden" (precond=CALDAV:calendar-collection-location-ok) [timing: cmd=0.083159 net=0.000005 total=0.083164]
2024-10-29T13:23:08.063699+00:00 srv cyrus/http[6780]: login: localhost [127.0.0.1] [email protected] Basic User logged in SESSIONID=
2024-10-29T13:23:08.076410+00:00 srv cyrus/http[6780]: localhost [127.0.0.1] as "[email protected]" with "davfs2/1.7.0 neon/0.33.0" via SESSIONID=; "UNLOCK /dav/drive/user/ux1%40example.in/file1.txt HTTP/1.1" (te=trailers; auth=Basic; lock-token=urn:uuid:6t5ld1knkjw65teu0r6ugxgs) => "HTTP/1.1 204 No Content" [timing: cmd=0.072713 net=0.000021 total=0.072734]
2024-10-29T13:23:34.756696+00:00 srv cyrus/http[6786]: idle for too long, closing connection

@dilyanpalauzov
Copy link
Contributor

Version 3.4.3 lacks commit 9b38d20 (included in 3.4.9); version 3.8.2 lacks commit 72b6ca1 with identical content (included in 3.8.4). This change is likely relevant for your case.

You do not write down which command you execute to reproduce the problem; include a log, which misses the XML content of the requests and replies; and try out with not current enough versions.

In any case, unless you use the latest version on a series (3.8, 3.6, 3.10) there is no point to write down, that the old version you use is problematic.

@chittaranjan870
Copy link
Author

chittaranjan870 commented Oct 29, 2024
edited
Loading

please suggest specific version, I will check ?

Because I have checked with below version
Ubuntu 20 default repository available Cyrus version 3.0.13
Ubuntu 22 default repository available Cyrus version 3.4.3
Ubuntu 24 default repository available Cyrus version 3.8.2

@dilyanpalauzov
Copy link
Contributor

As I wrote, I tried with the 3.4.9 version and it worked.

@chittaranjan870
Copy link
Author

which OS you have installed 3.4.9 version because I am using ubuntu 20/22/24 but unable to install, it requires so many dependency also errors to make build.

cloud you share the 3.4.9 installation steps ?

@dilyanpalauzov
Copy link
Contributor

I built Cyrus IMAP 3.4.9 using ./configure --enable-http --enable-autocreate --disable-pcre && make && make install.

As I have installed my system long time ago with the right dependencies, I cannot advice you which system to take as start. It will be not very useful to communicate my OS, as many things I have compiled myself. While I have written that it works for 3.4.9, based on your try with 3.4.3, I recommend you install newer version (but the last version of a branch).

https://www.cyrusimap.org/dev/imap/developer/compiling.html describes how to compile Cyrus IMAP, it assumes some experience with compiling software in general.

The current ticket does not indicate problems with the source code of Cyrus IMAP, so it can be closed. Support for installing Cytus IMAP from some compiled code, or how to compile Cyrus IMAP, can be found elsewhere - free or paid.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dilyanpalauzov @chittaranjan870