mail_crypt module and error with tmp directory

Fiorenza Meini fmeini at esseweb.eu
Tue May 4 13:30:14 EEST 2021 


Il 03/05/21 12:21, Aki Tuomi ha scritto:
> 
>> On 03/05/2021 13:14 Fiorenza Meini <fmeini at esseweb.eu> wrote:
>>
>>   
>> Il 03/05/21 11:37, Aki Tuomi ha scritto:
>>>
>>>> On 03/05/2021 11:53 Fiorenza Meini <fmeini at esseweb.eu> wrote:
>>>>
>>>>    
>>>> Il 03/05/21 10:42, Aki Tuomi ha scritto:
>>>>>
>>>>>> On 03/05/2021 11:16 Fiorenza Meini <fmeini at esseweb.eu> wrote:
>>>>>>
>>>>>>     
>>>>>> Il 03/05/21 09:47, Aki Tuomi ha scritto:
>>>>>>>
>>>>>>>> On 03/05/2021 10:42 Fiorenza Meini <fmeini at esseweb.eu> wrote:
>>>>>>>>
>>>>>>>>      
>>>>>>>> Hi,
>>>>>>>> I successfully enable mail_crypt module but I'm experiencing a strange
>>>>>>>> behaviour with tmp directory while accessing with POP3 protocol:
>>>>>>>>
>>>>>>>> I see in log file:
>>>>>>>> Error: istream-seekable: safe_mkstemp(/tmp/dovecot.pop3.) failed:
>>>>>>>> Permission denied
>>>>>>>>
>>>>>>>> I changed tmp directory configuration (mail_temp_dir variable) and
>>>>>>>> setting it with 777 permission, but the error is the same.
>>>>>>>>
>>>>>>>> On client side it's working everything, but I'd like to understand the
>>>>>>>> error and if I have to be worried about it.
>>>>>>>>
>>>>>>>> Thank you and regards
>>>>>>>> Fiorenza
>>>>>>>>
>>>>>>>> -- 
>>>>>>>> Fiorenza Meini/Spazio Web
>>>>>>>>
>>>>>>>
>>>>>>> Are you by chance using selinux or apparmor there which could prevent this? Also Dovecot's stock systemd unit prevenst you from writing into random locations, /tmp should be fine though.
>>>>>>>
>>>>>>> Aki
>>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>> I have apparmor installed on the machine, but even if stopped it the
>>>>>> problem didn't solved.
>>>>>>
>>>>>> I think dovecot's systemd unit file configuration is this
>>>>>> one:/usr/lib/tmpfiles.d/dovecot.conf
>>>>>>
>>>>>> It's content is this:
>>>>>> # Type Path                    Mode UID  GID     Age Argument
>>>>>> d      /var/run/dovecot/       0755 root root    -   -
>>>>>> d      /var/run/dovecot/login/ 0750 root dovecot -   -
>>>>>>
>>>>>> Should I insert here a line for /tmp directory ?
>>>>>>
>>>>>> Thank you and regards
>>>>>>
>>>>>> Fiorenza
>>>>>
>>>>> I don't think you need to do that.
>>>>>
>>>>> Also note that since you're using systemd, dovecot has PrivateTmp=yes, which means that /tmp is actually /tmp/*service*dovecot*/tmp
>>>>>
>>>>> Aki
>>>>>
>>>>
>>>> Hi,
>>>> thank you.
>>>> I can't see that directory under /tmp.... Is there a way to create it?
>>>>
>>>> Regards
>>>> Fiorenza
>>>
>>> Depends a lot on your setup. I see I got the mask wrong, it's really
>>>
>>>    /tmp/*systemd*dovecot*/tmp
>>>
>>> Aki
>>>
>>
>> Hi, I tried to create manually /tmp/*systemd*dovecot*/tmp and I set 777
>> on these directory.  Restarted dovecot, nothing changed and the error is
>> the same.
>>
>> Trying to understand which is exactly the tmp directory used by dovecot,
>> I configured the variable mail_temp_dir, and I saw that dovecot used the
>> directory configured, which was different from /tmp.
>>
>> Under what conditions does dovecot use the temporary directory?
>>
>> Thank you and regards
>>
>> Fiorenza
> 
> You cannot create the directory by hand, it's managed by systemd. If you do not have that directory you are either not using systemd, or you have disabled PrivateTmp=yes.
> 
> Dovecot uses mail_temp_dir when it needs to "buffer" data to disk when reading/writing mails.
> 
> Aki
> 

Hi,
thank you for your response.
The problem was with apparmor which was enabled for Dovecot but probably 
for POP3 protocol wasn't configured correctly.
I disabled apparmor and it seems that problem is disappeared.... 
Crossing my fingers..... :) :)

Regards

Fiorenza

More information about the dovecot mailing list