[Dovecot] File Permissions and delivery

Simon Brereton simon.brereton at buongiorno.com
Mon Aug 29 18:14:15 EEST 2011


> -----Original Message-----
> From: Timo Sirainen [mailto:tss at iki.fi]
> Sent: Sunday, August 28, 2011 11:25 PM

> On Fri, 2011-08-26 at 13:10 -0400, Simon Brereton wrote:
> > mail:~# ls /var/spool/mail/virtual/domain.net/simon/new/
> > -rwxrwx---  1 postfix mailsystem 2.5K Aug 26 03:33
> > 1314326000.V801I1666018M803015.mail.net,S=2461:2,
> > -rwxrwx---  1 postfix mailsystem 2.5K Aug 26 03:36
> > 1314326209.V801I1666019M447273.mail.net,S=2460:2,
> > -rw-rw----  1 postfix mailsystem 2.5K Aug 26 04:00
> > 1314327630.V801I166601aM308173.mail.net,S=2477:2,
> > -rw-------  1 postfix mailsystem 2.5K Aug 26 04:22
> > 1314328966.V801I166601bM756462.mail.net,S=2461:2,
> > -rw-------  1 postfix mailsystem 1.1K Aug 26 16:28
> > 1314372534.V801I166601cM615258.mail.net,S=1097:2,
> > -rw-------  1 postfix mailsystem 1.1K Aug 26 16:31
> > 1314372685.V801I166601dM264242.mail.net,S=1097:2,
> >
> > Mails are being delivered with 0600 permissions and not 0660 (the
> mails from courier seem to have all been 0770 as you can see).  If I
> manually change the permission (to 0660) then I can see the mail in
> the MUA.
> 
> If /var/spool/mail/virtual/domain.net/simon has 0770 permissions, the
> new mails should be delivered with 0660 permissions. (I don't
> remember if having g+s makes any difference in the directory like you
> have in the domain dir.)
> 
> In any case, it would be better if mails were delivered as
> mailsystem:mailsystem 0600 since that's what you're reading them as.
> Unless you have some other good reason for requiring mailsystem group
> to be able to read them.

So mean I should change client to mailsystem/mailsystem in the dovecot.conf too?  I'm also not sure what (if any) effect the g+s has - that's just how it was (and how it is on the test installation).  As per my previous note to Patrick, I think I've fixed the delivery issue, but now I have these in the log again:

Aug 29 15:59:14 mail dovecot: deliver(simon at lydiard.net): chdir(/var/spool/mail/virtual/domain.net/simon) failed: Permission denied
Aug 29 15:59:14 mail dovecot: deliver(simon at lydiard.net): stat(/var/spool/mail/virtual/domain.net/simon) failed: Permission denied
Aug 29 15:59:14 mail dovecot: deliver(simon at lydiard.net): stat(/var/spool/mail/virtual/domain.net/simon/tmp) failed: Permission denied (euid=999(mailsystem) egid=115(mailsystem) missing +x perm: /var/spool/mail/virtual)

Even if I make EVERTHING under /var/spool/mail/virtual/* owned by mailsystem:mailsystem - and reload postfix and restart doevcot.

And even if I remove the sticky bit.

mail:~# ls /var/spool/mail/virtual/domain.net/simon/
total 880K
drwxrwx--- 13 mailsystem mailsystem 4.0K Aug 26 16:53 ./
drwxrwx---  5 mailsystem mailsystem 4.0K Aug 26 00:39 ../
drwxrwx---  2 mailsystem mailsystem 4.0K Dec  3  2007 courierimaphieracl/
drwxrwx---  2 mailsystem mailsystem 4.0K Aug 25 18:57 courierimapkeywords/
-rwxrwx---  1 mailsystem mailsystem   67 Nov 30  2007 courierimapsubscribed
-rwxrwx---  1 mailsystem mailsystem  15K Aug 25 20:45 courierimapuiddb
-rwxrwx---  1 mailsystem mailsystem  20K Aug 25 20:38 courierpop3dsizelist
drwxrwx---  2 mailsystem mailsystem  32K Aug 26 16:43 cur/
-rwxrwx---  1 mailsystem mailsystem 3.5K Aug 26 03:37 dovecot.index
-rwxrwx---  1 mailsystem mailsystem 697K Aug 26 16:44 dovecot.index.cache
-rwxrwx---  1 mailsystem mailsystem 8.5K Aug 26 16:53 dovecot.index.log
-rw-rwx---  1 mailsystem mailsystem  25K Aug 26 16:44 dovecot-uidlist
-rwxrwx---  1 mailsystem mailsystem    8 Aug 25 23:14 dovecot-uidvalidity
-rwxrwx---  1 mailsystem mailsystem    0 Aug 25 23:14 dovecot-uidvalidity.4e56c938
drwxrwx---  6 mailsystem mailsystem 4.0K Aug 26 03:10 .Drafts/
drwxrwx---  6 mailsystem mailsystem 4.0K Nov 30  2007 .Junk E-mail/
-rwxrwx---  1 mailsystem mailsystem    7 Aug 26 22:05 maildirsize
drwxrwx---  2 mailsystem mailsystem 4.0K Aug 26 22:05 new/
drwxrwx---  6 mailsystem mailsystem 4.0K Aug 25 23:14 .Outbox/
drwxrwx---  6 mailsystem mailsystem 4.0K Aug 26 00:17 .Sent/
drwxrwx---  6 mailsystem mailsystem 4.0K Aug 25 23:14 .Sent Items/
-rwxrwx---  1 mailsystem mailsystem   37 Aug 25 22:26 subscriptions
drwxrwx---  2 mailsystem mailsystem 4.0K Aug 26 22:05 tmp/
drwxrwx---  6 mailsystem mailsystem 4.0K Aug 25 22:26 .Trash/

Any ideas?

Simon






More information about the dovecot mailing list