[Dovecot] Permission Denied - cannot create inbox

Joseph Tam jtam.home at gmail.com
Fri Apr 8 02:43:25 EEST 2011


tlmoore at gmail.com writes:

> Apr  7 07:44:51 fs1 dovecot: imap(tim): Error:
> chown(/home/tim/mail/.imap/INBOX, -1, 97(dovecot)) failed: Operation not
> permitted (egid=500(tim), group based on /var/mail/tim)
> 
> How do I give permissions to dovecot program to create these?  I am trying
> not to chmod 777 every mailbox.

I was going to write about the same problem.  This got me over the
hump:

 	chmod 0600 /var/spool/mail/*

All my user's mailboxes used to be group=mail mode=0660.  I think these
settings were left over from Solaris' mail.local: I can't reproduce
these permissions now, even for new mailboxes.  Maybe it's because the
spool directory is now mode=1777 (not g+s mail).  Not too keen on
these permissions either, but it seems to work.

Dovecot seems to transfer group permissions of the mailbox to its
corresponding cache.  If it can't set group ownership, you get
the fatal error message above.	If the original mailbox is mode
0600, dovecot is smart enough not to set group ownership.

I couldn't find this information: shouldn't it be documented here?

 	http://wiki2.dovecot.org/SharedMailboxes/Permissions

This situation could also happen if a user is revoked from a group's
membership.

Would it be useful to make this a configurable behaviour whereby a
chgrp() failure of cache files will fall back to chown'ing to user=owner,
mode=0600 instead?  Or just leave the user to scratch their head?

Joseph Tam <tam at math.ubc.ca>


More information about the dovecot mailing list