Apparent Maildir permission issue
Mark Foley
mfoley at ohprs.org
Wed Jan 25 15:28:06 UTC 2017
On Wed, 25 Jan 2017 08:01:00 +0100 (CET) Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:
> 1) Why does both UIDs 3000026 and 10001 translate back to HPRS\mark ?
> What HPRS\mark translates to?
>
> > Permission on that folder are:
> >
> > $ ls -ld /home/HPRS/mark/Maildir
> > drwx------ 17 HPRS\mark domusers 4096 Dec 7 23:07 /home/HPRS/mark/Maildir/
>
> 2) I guess this HPRS\mark is 10001 ? (And not 3000026)
>
> > Permissions are unchanged since before the backup.
>
> "backup"? You've restored the Maildir's from somewhere else? What was the
> _numerical_ UID within the backup and what is it now?
"backup" meaning I looked at the permissions on an older routine, backup. No, I did not
restore anything.
BUT ... I found the problem. I upgraded Samba4 10 days ago from version 4.2.12 to 4.4.8 and,
in the course of researching this problem, I found that the A/D authentication was broken:
with 4.2.12 on AD/DC:
$ getent passwd mark
HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/false
With 4.4.8 on AD/DC:
$ getent passwd mark
HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/bash
The new version of Samba is giving me this bogus UID:GID. I've no idea why. I have posted
messages on the Samba List asking for help on this.
Email clients authenticate with Dovecot via Kerberos/GSSAPI and Dovecot was therefore trying to
use 3000026:100 to access Maildir files/directories created with owner 10001:10000.
I've done a workaround by added the correct UID, GID for this user to /etc/passwd, although one
is not suppose to have AD users in /etc/passwd. However, that is working for the time being.
If anyone on this list has had this experience and knows what needs to be fixed, please let me know!
Thanks -- Mark
More information about the dovecot
mailing list