Authentication problems due to file ownership issue.

C. Petro petro at cpetro.us
Tue Oct 12 06:49:25 EEST 2021 

This is a late response, sorry--it got pushed down the stack.

> Not sure what you are trying to do, but another option

I am trying to get postfix + postfixadmin working with Dovecot.

All of the user and domain configuration is in Mysqldb, and the mail
directories in /var/mail/vmail are owned by vmail:
root at mailserver:/var/mail# ls -l
total 20
drwx------ 2 root  root  16384 Sep 12 17:30 lost+found
drwxr-xr-x 3 vmail vmail  4096 Sep 26 00:00 vmail

> might be give user vmail dovecot group access so vmail
> can access files with a dovecot group read permission.

THe process in /run/dovecot is:

srw------- 1 vmail   root       0 Oct 12 03:12 auth-userdb
srw------- 1 dovecot root       0 Oct 12 03:12 auth-worker
Oddly enough the auth-userdb is owned by vmail.

I tried setting
service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  user = $default_internal_user
}

and it didn't help.



On Sun, Oct 3, 2021 at 5:02 PM <dovecot at ptld.com> wrote:

> > Oct 03 20:19:52 auth: Error: net_connect_unix(auth-worker) in directory
> > /run/dovecot failed: Permission denied (euid=5000(vmail)
> > egid=5000(vmail) missing +r perm: /run/dovecot/auth-worker, dir owned
> > by 0:0 mode=0755)
>
> > I set this about an hour ago, then applied some security patches and
> > restarted
>
> Files and directories inside of /run/ are created every time you reboot
> the server. If you manually change the owner or permissions it will only
> stay that way until next reboot. You have to edit config settings for
> the service in question for how you want those directories / files
> created on reboot. I do not know how to do that in ubuntu but in RHEL
> you edit (or create) config files in /etc/tmpfiles.d/
>
> Package installed default on RHEL
>     /usr/lib/tmpfiles.d/dovecot.conf
>     "d /var/run/dovecot 0755 root dovecot -"
>
> Not sure what you are trying to do, but another option might be give
> user vmail dovecot group access so vmail can access files with a dovecot
> group read permission.
>      usermod -a -G dovecot vmail
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20211011/ffbf4c28/attachment.html>

More information about the dovecot mailing list