[Dovecot] file rights for dictionary file
Timo Sirainen
tss at iki.fi
Mon Jun 6 17:43:10 EEST 2011
On Sun, 2011-06-05 at 22:02 +0200, Michael Köhler wrote:
> I use Debian Squeeze and the sources from Stephan Bosch. A few weeks ago I´ve upgraded from 2.0.11 to 2.0.13 and got an error
Well, I haven't done any changes..
> May 29 20:01:53 mailserver dovecot: dict: Error: Can't open configuration file /etc/dovecot/dovecot-dict-sql.conf.ext: Permission denied
With the current design this config file is opened late after dropping
privileges.
> and I could see that /etc/dovecot/dovecot-dict-sql.conf.ext is owning by root:root with 600. After changing to root:root 644 all works, but after each upgrade all files in /etc/dovecot will be set to 600.
This config file contains sql password, so it shouldn't be
world-readable. Maybe it should be root:dovecot 640, because "dict"
process runs as dovecot user by default (and I'd guess dovecot group).
More information about the dovecot
mailing list