[Dovecot] auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied

mailing at securitylabs.it mailing at securitylabs.it
Tue Nov 9 18:18:50 EET 2010 

Hello, just upgraded one of my testing machine from dovecot 1.2.15 to 
2.0.7. After some trouble with permissions now all seems working, but 
when I stop dovecot I have these errors in log:

Nov  9 17:08:07 in dovecot: master: Warning: Killed with signal 15 (by 
pid=20362 uid=0 code=kill)
Nov  9 17:08:07 in dovecot: pop3-login: Error: read(anvil) failed: EOF
Nov  9 17:08:07 in dovecot: imap-login: Error: read(anvil) failed: EOF
Nov  9 17:08:07 in dovecot: imap(mailing at securitylabs.it): Server 
shutting down. bytes=410/59361
Nov  9 17:08:07 in dovecot: imap(mailing at securitylabs.it): Server 
shutting down. bytes=79/26605
Nov  9 17:08:07 in dovecot: imap(mailing at securitylabs.it): Server 
shutting down. bytes=802/55708
Nov  9 17:08:07 in dovecot: imap(mailing at securitylabs.it): Server 
shutting down. bytes=258/1242
Nov  9 17:08:07 in dovecot: auth: Error: read(anvil-auth-penalty) 
failed: EOF
Nov  9 17:08:07 in dovecot: auth: Error: 
net_connect_unix(anvil-auth-penalty) failed: Permission denied

dovecot -n:

# 2.0.7: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-xen-686 i686 Debian squeeze/sid
auth_cache_negative_ttl = 2 mins
auth_cache_size = 1000 M
auth_cache_ttl = 2 mins
auth_master_user_separator = *
auth_username_chars = 
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@&
disable_plaintext_auth = no
dotlock_use_excl = yes
first_valid_uid = 100
last_valid_uid = 105
lock_method = dotlock
log_timestamp = "%Y-%m-%d %H:%M:%S "
login_greeting = Server ready.
mail_fsync = never
mail_gid = Debian-exim
mail_location = maildir:~/Maildir:INDEX=/var/indexes/%d/%n
mail_privileged_group = Debian-exim
mail_uid = Debian-exim
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables 
body                           enotify environment mailbox date
namespace {
   inbox = yes
   location =
   prefix =
   separator = /
   type = private
}
namespace {
   location = maildir:~/Maildir/expunged
   prefix = EXPUNGED/
   separator = /
   type = private
}
namespace {
   location = maildir:~/Maildir/deleted
   prefix = DELETED/
   separator = /
   type = private
}
namespace {
   location = maildir:~/Maildir/deleted/expunged
   prefix = DELETED/EXPUNGED/
   separator = /
   type = private
}
passdb {
   args = /usr/local/etc/dovecot-sql.conf
   driver = sql
}
passdb {
   args = /usr/local/etc/passwd.masterusers
   driver = passwd-file
   master = yes
   pass = yes
}
plugin {
   lazy_expunge = EXPUNGED/ DELETED/ DELETED/EXPUNGED/
   mail_log_events = delete expunge
   mail_log_group_events =
   quota = maildir
   quota_warning = storage=80%% /usr/local/bin/dovecot-quota-warning.sh 80
   quota_warning2 = storage=90%% /usr/local/bin/dovecot-quota-warning.sh 90
   sieve = ~/.dovecot.sieve
}
pop3_no_flag_updates = yes
protocols = imap pop3
service auth {
   unix_listener auth-userdb {
     group = Debian-exim
     mode = 0600
     user = Debian-exim
   }
}
service imap-login {
   client_limit = 256
   process_limit = 128
   process_min_avail = 3
   service_count = 1
}
service imap {
   drop_priv_before_exec = yes
   process_limit = 256
   vsz_limit = 256 B
}
service pop3-login {
   client_limit = 256
   process_limit = 128
   process_min_avail = 3
   service_count = 1
}
service pop3 {
   drop_priv_before_exec = yes
   process_limit = 256
   vsz_limit = 256 B
}
ssl_cert = </usr/local/etc/dovecot.crt
ssl_key = </usr/local/etc/dovecot.key
userdb {
   args = /usr/local/etc/dovecot-sql.conf
   driver = sql
}
protocol imap {
   mail_max_userip_connections = 10
   mail_plugins = " notify quota imap_quota mail_log lazy_expunge"
}
protocol pop3 {
   mail_max_userip_connections = 3
   mail_plugins = " notify quota mail_log"
   pop3_uidl_format = %08Xu%08Xv
}
protocol lda {
   mail_plugins = quota sieve
   postmaster_address = postmaster at securitylabs.it
}

My /usr/local/var/run/dovecot directory:

4 drwxr-sr-x 4 root        staff       4096 Nov  9 17:08 .
4 drwxrwsrwx 3 root        staff       4096 Nov  9 17:05 ..
0 srw------- 1 root        staff          0 Nov  9 17:05 anvil
0 srw------- 1 root        staff          0 Nov  9 17:05 anvil-auth-penalty
0 srw------- 1 root        staff          0 Nov  9 17:05 auth-client
0 srw------- 1 dovecot     staff          0 Nov  9 17:05 auth-login
0 srw------- 1 root        staff          0 Nov  9 17:05 auth-master
0 srw------- 1 Debian-exim Debian-exim    0 Nov  9 17:05 auth-userdb
0 srw------- 1 dovecot     staff          0 Nov  9 17:05 auth-worker
0 srw------- 1 root        staff          0 Nov  9 17:05 config
0 srw------- 1 root        staff          0 Nov  9 17:05 dict
0 srw------- 1 root        staff          0 Nov  9 17:05 director-admin
0 srw-rw-rw- 1 root        staff          0 Nov  9 17:05 dns-client
0 srw------- 1 root        staff          0 Nov  9 17:05 doveadm-server
0 lrwxrwxrwx 1 root        staff         35 Nov  9 17:05 dovecot.conf -> 
/usr/local/etc/dovecot/dovecot.conf
4 drwxr-xr-x 2 root        root        4096 Nov  9 17:05 empty
4 drwxr-x--- 2 root        dovenull    4096 Nov  9 17:05 login

My emails are delivered as user Debian-exim and users are virtual in a 
MySQL DB. This system is behind a proxy (so the master user)

More information about the dovecot mailing list