[Dovecot] Random LDA failure to access auth socket

Daniel Parthey daniel.parthey at informatik.tu-chemnitz.de
Sat Mar 2 19:15:59 EET 2013


Chris Richards wrote:
> I've got a dovecot server running version 2.0.19 on Gentoo Hardened.  I
> have Postfix as my MTA, and it is calling the Dovecot LDA to deliver the
> mail.  Everything is working great, mail is being delivered, and the users
> are happy.
> 
> However, I am noticing that I have random entries like this:
> 
> Mar  1 20:19:23 hermes dovecot: lda: Error: userdb lookup:
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
> (euid=97(dovecot) egid=97(dovecot) missing +r perm:
> /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
> Mar  1 20:19:23 hermes dovecot: lda: Fatal: Internal error occurred. Refer
> to server log for more information.
> 
> In Postfix master.cf, I have the following:
> dovecot   unix -        n       n       -       -       pipe
>   flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f
> ${sender} -d ${user}@${nexthop}
> 
> Permissions on the socket are:
> srw------- 1 vmail   vmail      0 Feb 24 23:43 auth-userdb
> 
> Judging from the log, my problem is that the LDA appears to be trying to
> access the socket as the dovecot user (rather than the vmail user), but my
> question is why?  What logging can I use to tell me if postfix is calling
> with the wrong permissions or if the lda is somehow getting confused?

Have a look at
http://wiki2.dovecot.org/LDA
http://wiki2.dovecot.org/LDA/Postfix
Maybe there you will find some helpful hints.

Is /usr/libexec/dovecot/deliver or /usr/libexec/dovecot/dovecot-lda
somehow setuid or setgid and owner/group dovecot? Where does the
effective user euid=97(dovecot) and effective group egid=97(dovecot)
come from, is it somewhere your dovecot config?

Please show full output of
# doveconf -n
# stat /usr/libexec/dovecot/deliver
# stat /usr/libexec/dovecot/dovecot-lda

Regards
Daniel
-- 
https://plus.google.com/103021802792276734820


More information about the dovecot mailing list