[Dovecot] LDA and auth-userdb socket permissions
    a.smith at ukgrid.net 
    a.smith at ukgrid.net
       
    Tue Aug 23 21:27:23 EEST 2011
    
    
  
Quoting Timo Sirainen <tss at iki.fi>:
>> Hmmm, well in my setup dovecot-lda is called from Exim with "user="  
>> set to a MySQL query.
>
> Are you sure you even need Dovecot to do a userdb lookup then? If  
> Exim can set up also the other needed things (home dir?) it  
> shouldn't be necessary.
Yeah, I think I could do that. I followed the setup guide for Exim  
from the Dovecot wiki and this is the first config I arrived at, which  
works well apart from this little detail.
>
> Hmm. So if dovecot-lda is running as vmail group and  
> /var/run/dovecot/auth-userdb has group=vmail and 0660 permissions,  
> this error shouldn' t happen. Check two things:
>
> 1) ls -ln /var/run/dovecot/auth-userdb actually shows group as 25110  
> and mode being 0660
srw-rw----  1 root  mailnull  0 Aug 23 19:13 /var/run/dovecot/auth-userdb
>
> 2) If you've any SELinux or app-armor stuff enabled, try disabling them
Im running FreeBSD so no SELinux here.
In my test, actually what I have is a vmail user with primary group  
vmail and secondary group mailnull. Which as mentioned results in this  
error:
Aug 23 19:19:13 lda: Error: userdb lookup:  
connect(/var/run/dovecot/auth-userdb) failed: Permission denied  
(euid=25110(vmail) egid=25110(vmail) missing +r perm:  
/var/run/dovecot/auth-userdb, euid is not dir owner)
It did cross my mind it was a bug, but then I thought the  
documentation just was wrong on the wiki...
    
    
More information about the dovecot
mailing list