PostfixAdmin / Discussion / Postfix Admin Discussion: Unable to login to PFA

I found that I'm unable to login to my postfix instance.
No error message about a wrong password or anything, I just get thrown back into the login form with a new token.

[root@mail2:/tmp/systemd-private-8c563a8e318044c2b2758fdcf07af51b-phpfpm-postfixadmin_pool.service-eg53ej/tmp]# cat sess_0gggojrh3q8qate2u812014f9r
PFA_token|s:32:"6585c98681fd4671015f3e645c4ad1cd";
[root@mail2:/tmp/systemd-private-8c563a8e318044c2b2758fdcf07af51b-phpfpm-postfixadmin_pool.service-eg53ej/tmp]# cat sess_0gggojrh3q8qate2u812014f9r
PFA_token|s:32:"081a2575ea8e3435f945a473172e309e";

-------------------------

POST /users/login.php HTTP/1.1
Host: pfa.example.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: de-DE,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 151
Origin: https://pfa.example.com
DNT: 1
Connection: keep-alive
Referer: https://pfa.example.com/users/login.php
Cookie: postfixadmin_session=0gggojrh3q8qate2u812014f9r
Upgrade-Insecure-Requests: 1

token=6585c98681fd4671015f3e645c4ad1cd
fUsername=...
fPassword=...
lang=en
submit=Login

-------------------------

HTTP/2 200 OK
server: nginx
date: Thu, 20 Aug 2020 19:27:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.20
expires: Sun, 16 Mar 2003 05:00:00 GMT
last-modified: Thu, 20 Aug 2020 19:27:57 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
etag: "zcs303vc714fhnd26qzxg580gki1z8n3"
X-Firefox-Spdy: h2

...
<div id="login">
<form name="frmLogin" method="post" action="">
<input class="flat" type="hidden" name="token" value="081a2575ea8e3435f945a473172e309e" />
...

I haven't updated Postfixadmin or PHP, so I'm at a loss what's happening here.

Last edit: tokudan 2020-08-20

tokudan - 2020-08-20

I'm also unsure about what SF is doing to the HTML I posted... I didn't enter the .

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

tokudan - 2020-08-20

Ok, more updates: I guess dovecot is to blame.
Only dovecot has been updated recently and by rolloing back the update, I can see that the behaviour of doveadm pw has changed:
[pfadmin@mail2:~]$ /nix/store/rja6x096jiw4dcys8cg6rvhk57mzcczy-dovecot-2.3.10.1/bin/doveadm pw -r 12
doveadm(pfadmin): Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: Permission denied
Enter new password:
Retype new password:
{CRYPT}$2y$12$wnX8QMUr2uyFqsAjSDivSuBYsFfBJXzq7AJAG7Du6ia8TCPweqt5y

[pfadmin@mail2:~]$ /nix/store/g407qi3kzfs7wgh6z37zvgkayr2dkvwj-dovecot-2.3.11.3/bin/doveadm pw -r 12
doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf line 7: ssl_cert: Can't open file /var/lib/acme/pfa.example.com/fullchain.pem: Permission denied

I really don't want to run postfixadmin / PHP as root, so maybe I have to get creative...

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

tokudan - 2020-08-20

There's a somewhat complicated workaround here:
https://dovecot.org/pipermail/dovecot/2020-August/119642.html

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

GingerDog - 2020-08-21

Sounds relevant for https://github.com/postfixadmin/postfixadmin/issues/381

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rodrigo Cortes - 2020-09-02

Hi!

i have the same problem! but still cant fixed!

i have two server, one dont work and other work. Upgrade the second and dont work now lol!

all conf for dovecot is in the local.conf and login to imap work fine, only PFA dont work

the extract de conf.local.php for PFA is:

$CONF['encrypt'] = 'dovecot:BLF-CRYPT';
$CONF['dovecotpw'] = "/usr/bin/doveadm pw -r 12";

some tips how to debug in my case?

php7.2.33 from REMI
apache2.4.43 from IUS
dovecot2.3.11.3 fro dovecot

thx.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rodrigo Cortes - 2020-09-02

Hi!

work perfectly with downgrade to dovecot 2.3.10

i use centos7.8

Thx

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

tokudan - 2020-09-02

Rodrigo, you should still read and adapt your dovecot confi according the the workaround listed here:
https://dovecot.org/pipermail/dovecot/2020-August/119642.html
Dovecot may take a couple of versions to fix the issues and you probably don't want possible open security issues on a public server.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rodrigo Cortes - 2020-09-03

Tokudan,

I try with the ssl but in my case all conf are in the local.conf, i dont use any or touch any conf in dovecot.

i dont see any error with ssl in my case, doveadm work fine if call. Some other tips to search the error or debug?

Thx

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rodrigo Cortes - 2020-12-31

somebody have a working tips for postfixadmin over centos? i try but nothing work.

Thx

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rodrigo Cortes - 2021-02-13

Upgrade to 3.3.5 show the errors and now can fixed :) The new version work fine with some little tips and some conf in dovecot ^^

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Unable to login to PFA

Forums

Help

Unable to login to PFA

Unable to login to PFA

Forums

Help

Unable to login to PFA document.SUBSCRIPTION_OPTIONS = { "thing": "topic", "subscribed": false, "url": "subscribe", "icon": { "css": "fa fa-envelope-o" } };

Unable to login to PFA