[Dovecot] dovecot transaction log permissions
Jordan Tardif
jordan at hq.newdream.net
Thu Jun 3 22:00:27 EEST 2010
> On Wed, Jun 2, 2010 at 7:12 PM, Jordan Tardif <jordan at hq.newdream.net> wrote:
>>
>> So after some problems with NFS and transaction logs getting corrupted. Im
>> tyring out storing them localy. via..
>>
>> mail_location: maildir:~/Maildir:INDEX=/var/dovecot/indexes/%u
>>
>> the problem is with a large amount of users.. the indexes dir becomes huge
>> with this setup. So a change to make this better is...
>>
>> mail_location: maildir:~/Maildir:INDEX=/var/dovecot/indexes/%d/%n
>>
>> to seperate the users dir's into domains. What seems to happen is dovecot
>> creates the index's folder automaticly and its owned by that user.. eg..
>>
>> drwx------ 3 10651674 2598184 4096 2010-06-02 19:08 domain.com
>>
>>
>> this makes it so no other user of domain.com can get their transaction logs
>> created cause the dir is owned by another user at that domain. Is there
>> anyway around this? I see there used to be a umask option but that is gone
>> in 1.2.x.
>
> Why not split it up a bit more? I use something like this:
>
> INDEX=/var/dovecot/Indexes/%2Mu/%2.2Mu/%u
>
> That keeps directories from ever getting big, though at the cost of a
> lot of inodes.
>
> BTW, that's an impressively large UID and GID :)
Well that what I planned doing but there are permissions issues with the
dir's created when doing this.
a36:/var/dovecot/indexes# ls -al
total 592
drwxrwxrwx 3 dhmail dhmail 593920 2010-06-03 11:55 .
drwxr-xr-x 3 dhmail dhmail 4096 2010-06-02 19:02 ..
drwx------ 3 mailtest nogroup 4096 2010-06-03 11:55 d5
a36:/var/dovecot/indexes# ls -al d5/
total 592
drwx------ 3 mailtest nogroup 4096 2010-06-03 11:55 .
drwxrwxrwx 3 dhmail dhmail 593920 2010-06-03 11:55 ..
drwx------ 3 mailtest nogroup 4096 2010-06-03 11:55 26
The first dir is created with the fist user to connect, making it not
possible for the next user to create a dir in there since he has another
uid. resulting in an error like..
/var/dovecot/indexes/d5/26/othertestuser/.INBOX) failed: Permission
denied (euid=10464950(othertestuser) egid=othergroup(162776) missing +x
perm: /var/dovecot/indexes/d5
So kinda makes it impossible to put them in any sort of organized dir
structure unless they all have the same uid... unless im missing something
here.
--
Jordan Tardif
More information about the dovecot
mailing list