Apparent Maildir permission issue

Mark Foley mfoley at ohprs.org
Wed Jan 25 15:28:06 UTC 2017


On Wed, 25 Jan 2017 08:01:00 +0100 (CET) Steffen Kaiser <skdovecot at smail.inf.fh-brs.de> wrote:

> 1) Why does both UIDs 3000026 and 10001 translate back to HPRS\mark ? 
> What HPRS\mark translates to?
>
> > Permission on that folder are:
> >
> > $ ls -ld /home/HPRS/mark/Maildir
> > drwx------ 17 HPRS\mark domusers 4096 Dec  7 23:07 /home/HPRS/mark/Maildir/
>
> 2) I guess this HPRS\mark is 10001 ? (And not 3000026)
>
> > Permissions are unchanged since before the backup.
>
> "backup"? You've restored the Maildir's from somewhere else? What was the 
> _numerical_ UID within the backup and what is it now?

"backup" meaning I looked at the permissions on an older routine, backup.  No, I did not
restore anything. 

BUT ... I found the problem.  I upgraded Samba4 10 days ago from version 4.2.12 to 4.4.8 and,
in the course of researching this problem, I found that the A/D authentication was broken:

with 4.2.12 on AD/DC:
$ getent passwd mark
HPRS\mark:*:10001:10000:Mark Foley:/home/HPRS/mark:/bin/false

With 4.4.8 on AD/DC:
$ getent passwd mark
HPRS\mark:*:3000026:100:Mark Foley:/home/HPRS/mark:/bin/bash

The new version of Samba is giving me this bogus UID:GID. I've no idea why. I have posted
messages on the Samba List asking for help on this.

Email clients authenticate with Dovecot via Kerberos/GSSAPI and Dovecot was therefore trying to
use 3000026:100 to access Maildir files/directories created with owner 10001:10000.

I've done a workaround by added the correct UID, GID for this user to /etc/passwd, although one
is not suppose to have AD users in /etc/passwd. However, that is working for the time being.

If anyone on this list has had this experience and knows what needs to be fixed, please let me know!

Thanks -- Mark


More information about the dovecot mailing list