dovecot-lda core-dumps when antispam pipe script calls it
ben at indietorrent.org
ben at indietorrent.org
Fri Aug 19 16:35:28 UTC 2016
On 2016-08-19 12:17, ben at indietorrent.org wrote:
> Aha! Clearly, the vmail user cannot read from nor write to /tmp. (Why
> that is, I have no idea, as the /tmp directory's permissions certainly
> allow for both; maybe Dovecot implements this as a security measure.)
>
> This prompted me to change all references to /tmp in the pipe script
> to ~/tmp, and create this directory:
>
> $ whoami
> vmail
> $ mkdir ~/tmp && chmod 770 ~/tmp
> $ /bin/bash /usr/local/bin/sa-learn-pipe.sh --ham <
> /var/vmail/gtube.txt
>
> No errors this time (at least not on the console).
>
> But I do get this in /var/log/mail.err:
>
> Aug 19 12:04:24 example.com dovecot: lda(sa-training at example.com):
> Fatal: Can't open delivery mail as raw: Permission denied
>
> I'm not sure how to interpret this message. Where is permission being
> denied? More importantly, what's the fix?
>
> Thanks for any hints!
>
> -Ben
Apologies for the rapid-fire replies here.
The strace output that I'm capturing in the pipe script pinpointed the
problem:
open("/root/~/tmp/sendmail-msg-26272.txt", O_RDONLY) = -1 EACCES
(Permission denied)
There seems to be some expansion occurring that assumes the root user,
despite executing the pipe script as the vmail user, so I changed all
references to ~/tmp in the pipe script to /var/vmail/tmp and permission
is no longer denied.
But, now dovecot-lda is core-dumping. Here is the strace output:
http://pastebin.com/RrKmFhzC
So, I'm back to where I was with this problem two years ago.
At that time, I gave-up, because I couldn't invest the time required to
compile the latest versions of Dovecot and all plugins from scratch in
an effort to prove that the bug exists in the latest source.
"Dovecot always logs a detailed error message if something goes wrong.
If it doesn't, it's considered a bug and will be fixed." -
http://wiki2.dovecot.org/Logging
I'm happy to help identify the root-cause, but I need some guidance
here.
Thank you,
-Ben
More information about the dovecot
mailing list