[Dovecot] quota sql dict permissions dilemma
Miha Vrhovnik
miha.vrhovnik at cordia.si
Sat Oct 16 20:09:12 EEST 2010
"LEVAI Daniel" <leva at ecentrum.hu> wrote on 16.10.2010 10:15:45:
>Hi!
>
>
>I'm trying to set up SQL based dict quota. The quota is working, gets
>updated but I had to configure really loose file permission to make it
>work:
>
>dovecot.conf:
>dict {
> quota = pgsql:/etc/dovecot/dovecot_dict-sql.conf
>}
>
>service dict {
> unix_listener dict {
> mode = 0660
> group = vmail
> # sidenote: I noticed that writing the number equivalent
> # of 'vmail' here does not work. Why?
> }
>}
>
>
># ~ls -la /etc/dovecot/dovecot_dict-sql.conf
>-rw-r----- root vmail dovecot_dict-sql.conf
>
># ~ls -la /var/dovecot/dict
>srw-rw---- root vmail /var/dovecot/dict=
>
>
>Every virtual user lookup returns a 'gid' field, and it is always
>'vmail' (actually it is the number equivalent of 'vmail').
>Despite that the imap process should run as the 'uid' and 'gid' values
>returned from the userdb, it can not read the dict config file:
>
>dovecot.log:
>dict: Error: Can't open configuration file /etc/dovecot/dovecot_dict-sql.conf: Permission denied
>dict: Error: Failed to initialize dictionary 'quota'
>lda(<username>): Error: read(/var/dovecot//dict) failed: Remote disconnected
>
>
>Now I must set o+r to the config file, which I really don't want to,
>given that it contains the db username and password.
>Strange thing is that the group r/w permission is enough for the dict=
>socket, and it doesn't need world-wide permissions at all.
>
>
>
>Daniel
>
Hi,
this are my settings:
service dict {
unix_listener dict {
mode = 0600
group = vmail
}
}
The owner of dovecot-dict-sql.conf.ext is root:dovecot with read permissions for the group.
Reposted to group...
Regards,
Miha
--
It's time to get rid of your current e-mail client ...
... and start using si.Mail.
It's small & free. ( http://www.simail.si/ )
More information about the dovecot
mailing list