Since changeset 8a63f621bd2e I'm one step closer to the perfect working setup. I'm sharing one GID per domain, all it's alias names and accounts. So I can use: mail_attachment_dir = /srv/mail/.SiS/%{gid}
In order to avoid permission trouble I've set fs ACL on the .SiS dir:
,--[ getfacl srv/mail/.SiS ]-- | # file: srv/mail/.SiS | # owner: root | # group: root | user::rwx | group::--x | mask::--x | other::-wx | default:user::rwx | default:group::rwx | default:mask::rwx | default:other::--- `--
OK, lets test the setup:
dsync -u test-0@example.com mirror maildir:/tmp/Maildir rm -rf Maildir && cp -a Maildir_org Maildir && chown -R 70010:70002 Maildir dsync -vu test-1@example.com mirror maildir:/tmp/Maildir dsync(test-1@example.com): Info: Drafts: only in dest (guid=b6a53627f3cbe24e33030000850d2fad) dsync(test-1@example.com): Info: Sent: only in dest (guid=b7a53627f3cbe24e33030000850d2fad) dsync(test-1@example.com): Info: Junk-E-Mail: only in dest (guid=b8a53627f3cbe24e33030000850d2fad) dsync(test-1@example.com): Info: Trash: only in dest (guid=b9a53627f3cbe24e33030000850d2fad) dsync(test-1@example.com): Info: INBOX: only in dest (guid=baa53627f3cbe24e33030000850d2fad) dsync(test-1@example.com): Error: stat(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.4f06409857c627e0) failed: Permission denied dsync(test-1@example.com): Error: safe_mkstemp(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.) failed: Permission denied dsync(test-1@example.com): Panic: file dsync-worker-local.c: line 1644 (local_worker_save_msg_continue): assertion failed: (ret == -1) dsync(test-1@example.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x4faf1) [0x7f4db31f4af1] -> /usr/local/lib/dovecot/libdovecot.so.0(default_error_handler+0) [0x7f4db31f4b7d] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f4db31f4e01] -> dsync() [0x416af8] -> dsync() [0x416e46] -> dsync(dsync_worker_msg_save+0x82) [0x412cb2] -> dsync() [0x40b7e0] -> dsync() [0x417286] -> dsync() [0x417324] -> dsync(dsync_worker_msg_get+0xa8) [0x412dd4] -> dsync() [0x40bbf3] -> dsync() [0x40bd62] -> dsync() [0x40c106] -> dsync() [0x40c318] -> dsync(dsync_brain_msg_sync_new_msgs+0x1c) [0x40c336] -> dsync(dsync_brain_msg_sync_more+0x1ae) [0x40b15e] -> dsync() [0x409b88] -> dsync(dsync_brain_sync+0x231) [0x40a074] -> dsync() [0x4084fb] -> dsync() [0x408729] -> dsync(dsync_brain_sync+0x1a7) [0x409fea] -> dsync() [0x408238] -> dsync() [0x408388] -> dsync(dsync_brain_sync+0x10b) [0x409f4e] -> dsync(dsync_brain_sync_all+0x24) [0x40a16b] -> dsync(main+0x680) [0x407b2b ] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f4db2e3fead] -> dsync() [0x406e09] Aborted (core dumped)
Looks like Dovecot ignores the ACL. I think a mail_attachment_dir_mode setting could help to work around this problem. Dunno what would be a good default value. But I would set mail_attachment_dir_mode = 0770 The attachment files have mode 0660, that's perfect in my setup.
Regards, Pascal
The trapper recommends today: c01dcafe.1134404@localdomain.org