dovecot-lda can't create /var/mail dotlocks on debian

Larry Rosenman larryrtx at gmail.com
Tue Nov 3 20:13:50 UTC 2015


and, are you SURE that dovecot-lda has mail in it's group list when it is
executing?

On Tue, Nov 3, 2015 at 2:12 PM, Larry Rosenman <larryrtx at gmail.com> wrote:

> Hrm.  if you turn up the debug on lda, do you get any more of a clue?
>
> Those permissions look fine to me.
>
>
> On Tue, Nov 3, 2015 at 2:10 PM, John Clements <johnbclements at gmail.com>
> wrote:
>
>> clements at desmond:/var/log$ ls -lda /var/mail
>> drwxrwsr-x 2 root mail 4096 Nov  2 22:07 /var/mail
>>
>>
>> Best,
>>
>> John Clements
>>
>> On Tue, Nov 3, 2015 at 11:52 AM, Larry Rosenman <larryrtx at gmail.com>
>> wrote:
>>
>>> what is the full permissions of /var/mail?
>>>
>>>
>>> ls -lda /var/mail
>>>
>>> On Tue, Nov 3, 2015 at 1:49 PM, John Clements <johnbclements at gmail.com>
>>> wrote:
>>>
>>>> I've been using dovecot+postfix happily for many years, and I'm now
>>>> configuring it for a new machine. However, I'm running into an old
>>>> problem
>>>> again, and thinking that there must be a better solution.
>>>>
>>>> The problem is that dovecot-lda is unable to create dotlock files in the
>>>> /var/mail directory.
>>>>
>>>> Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream
>>>> version
>>>> 2.2.13)
>>>> OS: Debian Jessie
>>>>
>>>> Currently, my mail directory has these permissions:
>>>>
>>>> clements at desmond:~$ ls -ld /var/mail
>>>> drwxrwsr-x 2 root mail 4096 Nov  2 22:07 /var/mail
>>>> clements at desmond:~$ ls -l /var/mail
>>>> total 8
>>>> -rw------- 1 clements   mail 1382 Nov  2 21:59 clements
>>>> -rw------- 1 granitemon mail  530 Nov  2 22:07 granitemon
>>>>
>>>> I've added
>>>> mail_privileged_group = mail
>>>> to allow creation of the dotlock files.
>>>>
>>>> When I configure postfix to deliver using dovecot-lda, I get logs that
>>>> look
>>>> like this:
>>>>
>>>> Nov  3 11:12:20 desmond dovecot: lda(granitemon): Error:
>>>> setegid(privileged) failed: Operation not permitted
>>>> Nov  3 11:12:20 desmond dovecot: lda(granitemon): msgid=<
>>>> 20151103181306.A4B5B5FF32 at desmond.XXXDOMAIN.org>: save failed to INBOX:
>>>> BUG: Unknown internal error
>>>>
>>>> In order to isolate the error, I took postfix out of the equation, and
>>>> called dovecot-lda directly:
>>>>
>>>> clements at desmond:/tmp$ cat bogusmail
>>>> From: clements at XXXDOMAIN.org
>>>> To: granitemon at localhost
>>>> Date: November 3 2015
>>>> Subject: graaaah
>>>>
>>>> this is the body
>>>> clements at desmond:/tmp$ /usr/lib/dovecot/dovecot-lda -e -d clements <
>>>> bogusmail
>>>> BUG: Unknown internal error
>>>> clements at desmond:/tmp$
>>>>
>>>> In response to this, mail.log now contains this similar error:
>>>>
>>>> Nov  3 11:34:57 desmond dovecot: lda(clements): msgid=unspecified: save
>>>> failed to INBOX: BUG: Unknown internal error
>>>> Nov  3 11:34:57 desmond dovecot: lda(clements): Error:
>>>> setegid(privileged)
>>>> failed: Operation not permitted
>>>>
>>>>
>>>> I've tried a number of "random internet search" solutions, including
>>>> - changing perms on mail files from 660 to 600
>>>> - enabling 'mail_access_groups=mail' in 10-mail.conf
>>>> - adding individual users to the mail group.
>>>>
>>>> I guess I'm pretty confident that if dovecot is writing "BUG: Unknown
>>>> internal error" in the logs, that this is is actually a bug in dovecot.
>>>>
>>>> OBresearch: I read through the release notes of 2.2.14 -- 2.2.19 to see
>>>> if
>>>> a relevant-looking bug had been fixed, but nothing jumped out at me.
>>>> OBresearch: searching the dovecot mailing list, I found one *extremely*
>>>> relevant thread called "Re: [Dovecot] started with dovecot sieve
>>>> <http://dovecot.markmail.org/message/kgd34wberxuvmrsa?q=setegid>", but
>>>> there didn't seem to be a solution contained in the thread.
>>>>
>>>> Final note: this doesn't appear to be confined to debian jessie: I took
>>>> a
>>>> look at my existing installation, and I see that in fact I just went
>>>> ahead
>>>> and made /var/mail world-writeable, which seems... sub-optimal. I'm
>>>> sure I
>>>> could do that here, too, but I'd certainly rather not.
>>>>
>>>> Thanks in advance, and let me know if I've left out relevant crucial
>>>> information.
>>>>
>>>> Best,
>>>>
>>>> John Clements
>>>>
>>>
>>>
>>>
>>> --
>>> Larry Rosenman                     http://www.lerctr.org/~ler
>>> Phone: +1 214-642-9640 (c)     E-Mail: larryrtx at gmail.com
>>> US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961
>>>
>>
>>
>
>
> --
> Larry Rosenman                     http://www.lerctr.org/~ler
> Phone: +1 214-642-9640 (c)     E-Mail: larryrtx at gmail.com
> US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961
>



-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c)     E-Mail: larryrtx at gmail.com
US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961


More information about the dovecot mailing list