How do you compile global scripts using the sievec command without making the script directory owned (and group writable) by the vmail user?
http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage
# cd /etc/dovecot/sieve/before/ # (edit some script like spam.sieve that runs for everyone) # /usr/local/bin/sievec spam.sieve spam.svbin
sievec(root): Error: sieve: binary save: failed to create temporary file: open(spam.svbin.hostname.26921.) in directory /etc/dovecot/sieve/before failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +w perm: /etc/dovecot/sieve/before, euid is not dir owner)
# ls -la /etc/dovecot/sieve/before/ drwxrwxr-x 2 root root 4096 Aug 1 15:56 . drwxr-xr-x 5 root root 4096 Aug 1 13:23 .. -rw-rw-r-- 1 root root 477 Aug 1 15:33 spam.sieve
Or do I just make the /etc/dovecot/sieve/ tree owned and writable by the vmail:vmail user? (Which worked, but seems like a bad idea.)
Output of dovecot -n
# 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.18-274.el5 x86_64 Red Hat Enterprise Linux Server release 5.7 (Tikanga) auth_verbose_passwords = sha1 lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes listen = 127.0.0.1, 1.2.3.4 mail_gid = vmail mail_home = /var/vmail/%d/%n mail_location = maildir:~/Maildir mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl passdb { args = /etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_after = /etc/dovecot/sieve/after/ sieve_before = /etc/dovecot/sieve/before/ sieve_dir = ~/sieve sieve_global_dir = /etc/dovecot/sieve/globalinclude/ } protocols = imap pop3 lmtp sieve service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } unix_listener auth-userdb { group = vmail user = vmail } } service imap-login { process_min_avail = 5 } service pop3-login { inet_listener pop3 { address = 1.2.3.4 } inet_listener pop3s { address = 1.2.3.4 } } ssl = required ssl_cert = </etc/pki/tls/private/certs/example_com.crt ssl_key = </etc/pki/tls/private/example_com.key protocol lda { log_path = /var/log/dovecot/dovecot-lda mail_plugins = " sieve" }