[Dovecot] public folders fchown error

junk at mc1.mccarthy.ac junk at mc1.mccarthy.ac
Tue Mar 25 23:37:09 EET 2008


At first glance, that appears to have worked.  I made a new group
mailpublic, I've chown'd all dovecot-shared and the entire public mail
folder to root.mailpublic, set the mail_access_groups to mailpublic, and
that seems to have worked.

Just out of curiousity, is there a place this is documented that I should
have found?  I coulnd't find it in the wiki, and if there was more info on
it, I'd be happy to put something together for the shared mailboxes page.

Thanks again for the help.


> On Tue, 2008-03-25 at 10:29 -0600, junk at mc1.mccarthy.ac wrote:
>> Here are some examples... from what I can tell in google, dovecot is
>> failing trying to change these files to the mail group dovecot is
>> running
>> under?  I've manually changed everything under these folders to be 777,
>> as
>> well as root.mail permissions, they just change back to being owned by
>> the
>> user, and then dovecot can't change them to mail... at least I think
>> that's what's happening.
>>
>> dovecot: IMAP(admin):
>> fchown(/home/admin/Mail/public/public/.SpamReport/dovecot-uidlist)
>> failed:
>> Operation not permitted
>
> Dovecot tries to change the created dovecot-uidlist's group to the same
> group as "dovecot-shared" file has. If its group is "mail", then:
>
>> mail_privileged_group: mail
>
> This isn't enough, because it grants access to mail group only while
> dotlocking mboxes. Use mail_access_groups=mail instead. Or probably a
> better idea would be to use a newly greated group instead of the mail
> group to make sure your users don't get accidentally access to
> unintended files.
>
> (If you'd just want everyone to be able to read/write to the public
> mailboxes, with v1.1 you could mark the dovecot-shared file 02666 and
> Dovecot wouldn't try to change the group).
>
>



More information about the dovecot mailing list