This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.
Differences between revisions 9 and 10
Revision 9 as of 2006-06-04 08:39:45
Size: 7591
Editor: ChaseTec
Comment:
Revision 10 as of 2006-06-05 21:41:09
Size: 8062
Comment: revise spelling and formatting
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
[[TableOfContents]]
Line 3: Line 5:
For most people it's enough to do: For most people it is enough to do:
Line 8: Line 10:
sudo make install
}}}
sudo make install }}}
Line 11: Line 12:
That installs Dovecot under the `/usr/local` directory. The configuration file is in `/usr/local/etc/dovecot.conf`. Logging goes to syslog's mail facility by default, which typically goes to `/var/log/mail.log` or something similar. If you're in a hurry, you can then jump to QuickConfiguration. That installs Dovecot under the `/usr/local` directory. The configuration file is in `/usr/local/etc/dovecot.conf`. Logging goes to syslog's mail facility by default, which typically goes to `/var/log/mail.log` or something similar. If you are in a hurry, you can then jump to QuickConfiguration.
Line 13: Line 14:
If you have installed some libraries into locations which require special include or library paths, you can give them in the `CPPFLAGS` and `LDFLAGS` environment variables. For example: [[Anchor(nonstdpaths)]]
If you have installed some libraries into locations which require special include or library paths, you can pass them in the `CPPFLAGS` and `LDFLAGS` environment variables. For example:
Line 16: Line 18:
CPPFLAGS=-I/opt/openssl/include LDFLAGS=-L/opt/openssl/lib ./configure
}}}
CPPFLAGS=-I/opt/openssl/include LDFLAGS=-L/opt/openssl/lib ./configure }}}
Line 19: Line 20:
Solaris 10 includes a bundled openssl that does not function correctly with Dovecot 1 Beta 8 when attempting to use TLS/SSL(imaps). The bundled version of openssl can't be removed. Installing a newer openssl from source or package(sunfreeware.com) will enable Dovecot to work correctly as long as you link against the new openssl. Assuming you are building with the built-in ld, make, and gcc then your build should go something like(notice the -R required by Sun's linker): Solaris 10 includes a bundled OpenSSL that does not function correctly with Dovecot 1.0beta8 when attempting to use TLS/SSL. The bundled version of OpenSSL cannot be removed. Installing a newer OpenSSL from source or package (for instance, from http://sunfreeware.com/) will enable Dovecot to work correctly as long as you link against the new OpenSSL. Assuming you are building with the built-in ld, make and gcc, then your build should go something like this (notice the -R required by Sun's linker that sets the so-called `rpath`, so that the resulting programs load the libraries from `/usr/local/ssl/lib`):
Line 26: Line 27:
make install
}}}
make install }}}
Line 29: Line 29:
= CVS = = Compiling Dovecot From CVS =
Line 31: Line 31:
If you got Dovecot from CVS, you'll first need to run `./autogen.sh` to generate the `configure` script. This also requires that you have the `pkg-config` package installed (`/usr/share/aclocal/pkg.m4` file is needed). If you got Dovecot from CVS, you will first need to run `./autogen.sh` to generate the `configure` script. This also requires that you have the `pkg-config` package installed (its `/usr/share/aclocal/pkg.m4` file is needed).
Line 35: Line 35:
Dovecot initially was built to support both OpenSSL and GNUTLS. GNUTLS however had some problems and nowadays it doesn't work anymore. Patches to fix it are welcome. Dovecot was initially built to support both OpenSSL and GNUTLS. GNUTLS has however had some problems and nowadays it does not work any more. Patches to fix it are welcome.
Line 37: Line 37:
OpenSSL is used by default now, and it should be automatically detected. If it's not, you're missing some header files or libraries, or they're just in a nonstandard path. Make sure you have the `openssl-dev` or a similar package installed, and if it's not in the standard location set `CPPFLAGS` and `LDFLAGS` as shown in the first section above. OpenSSL is used by default now, and it should be automatically detected. If it is not, you are missing some header files or libraries, or they are just in a non-standard path. Make sure you have the `openssl-dev` or a similar package installed, and if it is not in the standard location, set `CPPFLAGS` and `LDFLAGS` as shown in [#nonstdpaths the first section above.]
Line 39: Line 39:
By default the SSL certificate is read from `/etc/ssl/certs/dovecot.pem` and the private key from `/etc/ssl/private/dovecot.pem`. The `/etc/ssl` directory can be changed using `--with-ssldir=DIR` configure option. Both can of course be overridden from the configuration file. By default the SSL certificate is read from `/etc/ssl/certs/dovecot.pem` and the private key from `/etc/ssl/private/dovecot.pem`. The `/etc/ssl` directory can be changed using the `--with-ssldir=DIR` configure option. Both can of course be overridden from the configuration file.
Line 41: Line 41:
[[Anchor(notify)]]
Line 43: Line 44:
Note that current inotify is in the kernel since 2.6.13-rc3 and it's preferred over dnotify. If your distribution does not have the required header file, get them from the inotify maintainer: == Linux ==

Note that current `inotify` is in the Linux kernel since version 2.6.13 and it is preferred over `dnotify`. If your distribution does not have the required `inotify` header file, you can get it from the inotify maintainer (this example requires [http://curl.haxx.se/ cURL]):
Line 49: Line 52:
curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify-syscalls.h >> inotify.h
}}}
curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify-syscalls.h >> inotify.h }}}
Line 54: Line 56:
`--help` gives a full list of available options.  --help:: gives a full list of available options

 --help=short:: just lists the options added by the particular package (= Dovecot)
Line 58: Line 62:
Here's a list of options that Dovecot adds. You shouldn't usually have to change these, but they're described here just for completeness: Here is a list of options that Dovecot adds. You should not usually have to change these, but they are described here just for completeness:
Line 60: Line 64:
`--enable-ipv6` Enable IPv6 support. This is enabled by default if the system is detected to support it.  --enable-ipv6:: Enable IPv6 support. This is enabled by default if the system is detected to support it.
Line 62: Line 66:
`--enable-debug` Enables some extra checks for debugging. This is mostly useful for developers. It does quite a lot of unnecessary work but should catch some programming mistakes more quickly.  --enable-debug:: Enables some extra checks for debugging. This is mostly useful for developers. It does quite a lot of unnecessary work but should catch some programming mistakes more quickly.
Line 64: Line 68:
`--enable-asserts` Enable assertion checks, enabled by default. Disabling them may slightly save some CPU, but if there are bugs they can cause more problems since they aren't detected as early.  --enable-asserts:: Enable assertion checks, enabled by default. Disabling them may slightly save some CPU, but if there are bugs they can cause more problems since they are not detected as early.
Line 66: Line 70:
`--with-file-offset-size=BITS` Specifies if we use 32bit or 64bit file offsets. 64bit is the default if the system supports it (Linux and Solaris do). Dropping this to 32bit may save some memory, but it prevents accessing any file larger than 2GB.  --with-file-offset-size=BITS:: Specifies if we use 32bit or 64bit file offsets. 64bit is the default if the system supports it (Linux and Solaris do). Dropping this to 32bit may save some memory, but it prevents accessing any file larger than 2 GB.
Line 68: Line 72:
`--with-mem-align=BYTES` Specifies memory alignment used for memory allocations. It's needed with many non-x86 systems and doing it should speed up x86 systems too. Default is 8 to make sure 64bit memory accessing works.  --with-mem-align=BYTES:: Specifies memory alignment used for memory allocations. It is needed with many non-x86 systems and it should speed up x86 systems too. Default is 8, to make sure 64bit memory accessing works.
Line 70: Line 74:
`--with-ioloop=IOLOOP` Specifies what I/O loop method to use. Possibilities are `select`, `poll` and `epoll`. Default is to use `poll` if possible and fallback to `select`. `epoll` is faster than either of them, but it works only only on Linux 2.6 kernels.  --with-ioloop=IOLOOP:: Specifies what I/O loop method to use. Possibilities are `select`, `poll` and `epoll`. Default is to use `poll` if possible and fallback to `select`. `epoll` is faster than either of them, but it works only on Linux 2.6 kernels.
Line 72: Line 76:
`--with-notify=NOTIFY` Specifies what file system notification method to use. Possibilities are `dnotify`, `inotify` (both on Linux), `kqueue` (FreeBSD) and `none`. Default is to use dnotify if it is compilable, otherwise none. See ''Notify method'' above for more information.  --with-notify=NOTIFY:: Specifies what file system notification method to use. Possibilities are `dnotify`, `inotify` (both on Linux), `kqueue` (FreeBSD) and `none`. Default is to use dnotify if it is compilable, otherwise none. See [#notify Notify method] above for more information.
Line 74: Line 78:
`--with-pop3d` Build POP3 server binary as well as IMAP server (default). It still has to be separately enabled from the configuration file before it's actually used.  --with-pop3d:: Build POP3 server binary as well as IMAP server (default). It still has to be separately enabled from the configuration file before it is actually used.
Line 76: Line 80:
`--with-storages=FORMATS` Specifies what mailbox formats to support. Default is `maildir,mbox`.  --with-storages=FORMATS:: Specifies what mailbox formats to support. Default is `maildir,mbox`.
Line 78: Line 82:
= Authentication Backend Options = == Authentication Backend Options ==
Line 90: Line 94:
  --with-vpopmail Build with vpopmail support (default)
}}}
  --with-vpopmail Build with vpopmail support (default)}}}
Line 93: Line 96:
Some backends require extra libraries and aren't necessarily wanted, so they're built only if specifically enabled: Some backends require extra libraries and are not necessarily wanted, so they are built only if specifically enabled:
Line 98: Line 101:
  --with-mysql Build with MySQL support
}}}
  --with-mysql Build with MySQL support}}}
Line 103: Line 105:
Dovecot can also dynamically load authentication modules from the $prefix/lib/dovecot/auth/ directory. Binary packages builders should use them for authentication modules which require external libraries (eg. LDAP and vpopmail). There's no standard way to build them as modules currently, but something like this should work: Dovecot can also dynamically load authentication modules from the $prefix/lib/dovecot/auth/ directory. Binary packages builders should use them for authentication modules which require external libraries (e. g. LDAP and vpopmail). There is no standard way to build them as modules currently, but something like this should work:
Line 118: Line 120:
-lvpopmail
}}}
-lvpopmail }}}
Line 121: Line 122:
Including libsettings.a in ldap.so and pgsql.so is kind of annoying, but it's not needed elsewhere in dovecot-auth. Including `libsettings.a` in `ldap.so` and `pgsql.so` is kind of annoying, but it is not needed elsewhere in dovecot-auth.
Line 125: Line 126:
If `imap_use_modules` or `pop3_use_modules` is set to yes, Dovecot will load all `*.so` modules from the directory pointed to by the `mail_modules` setting. These modules can do anything, they're only expected to contain `<module name>_init` and `<module name>_deinit` functions which are called. If `imap_use_modules` or `pop3_use_modules` is set to `yes`, Dovecot will load all `*.so` modules from the directory pointed to by the `mail_modules` setting. These modules can do anything, they are only expected to contain `<module name>_init` and `<module name>_deinit` functions which are called.

TableOfContents

Compiling Dovecot From Sources

For most people it is enough to do:

./configure
make
sudo make install 

That installs Dovecot under the /usr/local directory. The configuration file is in /usr/local/etc/dovecot.conf. Logging goes to syslog's mail facility by default, which typically goes to /var/log/mail.log or something similar. If you are in a hurry, you can then jump to QuickConfiguration.

Anchor(nonstdpaths) If you have installed some libraries into locations which require special include or library paths, you can pass them in the CPPFLAGS and LDFLAGS environment variables. For example:

CPPFLAGS=-I/opt/openssl/include LDFLAGS=-L/opt/openssl/lib ./configure 

Solaris 10 includes a bundled OpenSSL that does not function correctly with Dovecot 1.0beta8 when attempting to use TLS/SSL. The bundled version of OpenSSL cannot be removed. Installing a newer OpenSSL from source or package (for instance, from http://sunfreeware.com/) will enable Dovecot to work correctly as long as you link against the new OpenSSL. Assuming you are building with the built-in ld, make and gcc, then your build should go something like this (notice the -R required by Sun's linker that sets the so-called rpath, so that the resulting programs load the libraries from /usr/local/ssl/lib):

PATH=$PATH:/usr/sfw/bin:/usr/ccs/bin
export PATH
CPPFLAGS=-I/usr/local/ssl/include LDFLAGS='-L/usr/local/ssl/lib -R/usr/local/ssl/lib' ./configure --with-ssl=openssl
make
make install 

Compiling Dovecot From CVS

If you got Dovecot from CVS, you will first need to run ./autogen.sh to generate the configure script. This also requires that you have the pkg-config package installed (its /usr/share/aclocal/pkg.m4 file is needed).

SSL/TLS Support

Dovecot was initially built to support both OpenSSL and GNUTLS. GNUTLS has however had some problems and nowadays it does not work any more. Patches to fix it are welcome.

OpenSSL is used by default now, and it should be automatically detected. If it is not, you are missing some header files or libraries, or they are just in a non-standard path. Make sure you have the openssl-dev or a similar package installed, and if it is not in the standard location, set CPPFLAGS and LDFLAGS as shown in [#nonstdpaths the first section above.]

By default the SSL certificate is read from /etc/ssl/certs/dovecot.pem and the private key from /etc/ssl/private/dovecot.pem. The /etc/ssl directory can be changed using the --with-ssldir=DIR configure option. Both can of course be overridden from the configuration file.

Anchor(notify)

Notify method

Linux

Note that current inotify is in the Linux kernel since version 2.6.13 and it is preferred over dnotify. If your distribution does not have the required inotify header file, you can get it from the inotify maintainer (this example requires [http://curl.haxx.se/ cURL]):

mkdir -p /usr/local/include/sys
cd /usr/local/include/sys
curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify.h -O
curl ftp://ftp.kernel.org/pub/linux/kernel/people/rml/inotify/headers/inotify-syscalls.h >> inotify.h 

Optional Configure Options

--help
gives a full list of available options
--help=short
just lists the options added by the particular package (= Dovecot)

Options are usually listed as --with-something or --enable-something. If you want to disable them, do it as --without-something or --disable-something. There are many default options that come from autoconf, automake or libtool. They are explained elsewhere.

Here is a list of options that Dovecot adds. You should not usually have to change these, but they are described here just for completeness:

--enable-ipv6
Enable IPv6 support. This is enabled by default if the system is detected to support it.
--enable-debug
Enables some extra checks for debugging. This is mostly useful for developers. It does quite a lot of unnecessary work but should catch some programming mistakes more quickly.
--enable-asserts
Enable assertion checks, enabled by default. Disabling them may slightly save some CPU, but if there are bugs they can cause more problems since they are not detected as early.
--with-file-offset-size=BITS
Specifies if we use 32bit or 64bit file offsets. 64bit is the default if the system supports it (Linux and Solaris do). Dropping this to 32bit may save some memory, but it prevents accessing any file larger than 2 GB.
--with-mem-align=BYTES
Specifies memory alignment used for memory allocations. It is needed with many non-x86 systems and it should speed up x86 systems too. Default is 8, to make sure 64bit memory accessing works.
--with-ioloop=IOLOOP

Specifies what I/O loop method to use. Possibilities are select, poll and epoll. Default is to use poll if possible and fallback to select. epoll is faster than either of them, but it works only on Linux 2.6 kernels.

--with-notify=NOTIFY

Specifies what file system notification method to use. Possibilities are dnotify, inotify (both on Linux), kqueue (FreeBSD) and none. Default is to use dnotify if it is compilable, otherwise none. See [#notify Notify method] above for more information.

--with-pop3d
Build POP3 server binary as well as IMAP server (default). It still has to be separately enabled from the configuration file before it is actually used.
--with-storages=FORMATS

Specifies what mailbox formats to support. Default is maildir,mbox.

Authentication Backend Options

The basic backends are built if the system is detected to support them:

  --with-passwd           Build with /etc/passwd support (default)
  --with-passwd-file      Build with passwd-like file support (default)
  --with-shadow           Build with shadow password support (default)
  --with-pam              Build with PAM support (default)
  --with-checkpassword    Build with checkpassword support (default)
  --with-bsdauth          Build with BSD authentication support (default)
  --with-static-userdb    Build with static userdb support (default)
  --with-vpopmail         Build with vpopmail support (default)

Some backends require extra libraries and are not necessarily wanted, so they are built only if specifically enabled:

  --with-ldap             Build with LDAP support
  --with-pgsql            Build with PostgreSQL support
  --with-mysql            Build with MySQL support

Dynamic Authentication Modules

Dovecot can also dynamically load authentication modules from the $prefix/lib/dovecot/auth/ directory. Binary packages builders should use them for authentication modules which require external libraries (e. g. LDAP and vpopmail). There is no standard way to build them as modules currently, but something like this should work:

gcc -shared -fPIC -DHAVE_CONFIG_H -DUSERDB_LDAP -DPASSDB_LDAP \
-I../.. -I../lib -I../lib-settings \
db-ldap.c userdb-ldap.c passdb-ldap.c -o ldap.so \
../lib-settings/libsettings.a -lldap

gcc -shared -fPIC -DHAVE_CONFIG_H -DUSERDB_PGSQL -DPASSDB_PGSQL \
-I../.. -I../lib -I../lib-settings -I/usr/include/postgresql \
db-pgsql.c userdb-pgsql.c passdb-pgsql.c -o pgsql.so \
../lib-settings/libsettings.a -L/usr/lib/postgresql -lpq

gcc -shared -fPIC -DHAVE_CONFIG_H -DUSERDB_VPOPMAIL -DPASSDB_VPOPMAIL \
-I../.. -I../lib userdb-vpopmail.c passdb-vpopmail.c -o vpopmail.so \
-lvpopmail 

Including libsettings.a in ldap.so and pgsql.so is kind of annoying, but it is not needed elsewhere in dovecot-auth.

Dynamic IMAP and POP3 Modules

If imap_use_modules or pop3_use_modules is set to yes, Dovecot will load all *.so modules from the directory pointed to by the mail_modules setting. These modules can do anything, they are only expected to contain <module name>_init and <module name>_deinit functions which are called.

None: CompilingSource (last edited 2017-02-24 09:40:01 by TimoSirainen)