[Dovecot] Dovecot 2, Imap service, client_limit
Mark Moseley
moseleymark at gmail.com
Wed Jul 20 02:08:24 EEST 2011
On Tue, Jul 19, 2011 at 3:56 PM, Steve Fatula <compconsultant at yahoo.com> wrote:
> I see back in November of last year, a thread about using client_limit in the
> imap service (not imap-login) that would allow each imap process serve more than
> one connection. Sounded good, until I tried it!
>
> When I did, unlike the OP of that thread, I got:
>
> dovecot: imap(submit.user): Fatal: setuid(503(submit.user) from userdb lookup)
> failed with euid=501(links): Operation not permitted (This binary should
> probably be called with process user set to 503(submit.user) instead of
> 501(links))
>
> So, it would appear that this does not work. Still, the thread was posting
> results of their testing even that showed it worked.
>
> Sample message within the thread, read for more:
>
> http://www.dovecot.org/list/dovecot/2010-November/054893.html
>
> I'd love to be able to use a single imap process for more than one connection.
> Is this still possible, or, not? If so, how?
>
> Steve
>
>
In my case, we use a single shared user for all mailboxes, so there's
no UID issue. The imap process is always running as that one UID, so
it doesn't ever try to setuid to something else.
Timo, is there some way/setting to only let client_limit != 1 apply to
processes running as the same user? I.e. if a imap process (with
client_limit > 1) was running as UID 501 (to use the OP's uids), and
imap-login needed to send UID 503 to an imap process, it wouldn't send
it to the one running as UID 501, but rather either create new imap
proc or if UID 503 already had a imap proc running, then send UID 503
to that one. (I realize that makes almost no grammatical sense, but
hopefully you know what I mean).
More information about the dovecot
mailing list