[Dovecot] localhost deliver(root at vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted

Pascal Volk user+dovecot at localhost.localdomain.org
Sat Apr 12 21:25:29 EEST 2008


Am 12.04.2008 20:07 schrieb Gert Cuykens:
> […]
> Now the security part, i was thinking that this would work also
> 
> root at localhost:~# ls -al /usr/lib/dovecot/deliver
> -rws------ 1 mail mail 563112 2008-03-31 21:05 /usr/lib/dovecot/deliver
> root at localhost:~#
> 
> but it doesnt, changing it to user postfix also doesnt work ?

OK, step by step.

 1. chown 0.0 /usr/lib/dovecot/deliver
 2. chmod 755 /usr/lib/dovecot/deliver
 3. find out the user from postfix's master.cf
    (... flags=DRhu user=nobody:mail argv=/usr/.../deliver)
                         ^^^^^^
    NOT: root, dovecot or postfix!
 4. mkdir /usr/local/lib/dovecot
 5. chmod 700 /usr/local/lib/dovecot
 6. chown nobody /usr/local/lib/dovecot
 7. cp -p /usr/lib/dovecot/deliver /usr/local/lib/dovecot
 8. chmod u+s /usr/local/lib/dovecot/deliver
 9. apply the path from 8. to argv from service dovecot in postfix's
    master.cf
10. restart postfix and enjoy


HTH
Pascal


More information about the dovecot mailing list