Re: Problem with Pigeonhole/Sieve

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Tue, 2 May 2017, Kamil Kapturkiewicz wrote:

248 is a dovecot, 202 is dovenull, both users are in theirs groups across. If I change ownership of /usr/local/dovecot to dovecot.dovecot, then dovecot is correcting it to root.root for some reason. Does it mean that dovecot should be running as root only?

you do not seem to run a root-less system, see https://wiki.dovecot.org/HowTo/Rootless (I never tried it).

What does it mean / here? is it / in filesystem or it is / for dovecot in /usr/local/dovecot ?

I suppose "/" refers to the login subdir in your base_dir drwxr-x--- 2 root dovenull 4096 Sep 10 2016 /var/run/dovecot2.2/login//

The login processes seem to chroot there. This dir would match the permissions described in the error message and your info that 202 is dovenull.

In fact, the login processes are to run as another user (dovenull), if you do not run without root at all, in order to increase security by separated privilege levels. I would drop the "user = dovecot" lines.

I guess, you need to rephrase the subject in order to catch the attention of somebody else. But, what's your intention?

May 01 14:36:00 master: Warning: Killed with signal 15 (by pid=37695 uid=0 code=kill) this was caused by restarting of Dovecot.

I thought the "reload" message reads something different.

On 02/05/17 09:13, Steffen Kaiser wrote:

...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Mon, 1 May 2017, Kamil Kapturkiewicz wrote:

...

Unfortunately I am getting following error in DoveCot log instead:

May 01 14:35:41 managesieve-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=248() egid=248() missing +x perm: /, we're not in group 202, dir owned by 0:202 mode=0750) May 01 14:35:41 managesieve-login: Error: auth: connect(login) in directory / failed: Permission denied (euid=248(<unknown>) egid=248(<unknown>) missing +x perm: /, we're not in group 202, dir owned by 0:202 mode=0750)

this error is pretty clear:

Directory "/" cannot be accessed by user 248:248

looks like a chroot'ed environment? Anyway, either:

• the accessing user ID of 248:248 is wrong,
• the owning user 0:202 is wrong or
• the access permissions should include "chmod o+x /"

...

May 01 14:36:00 master: Warning: Killed with signal 15 (by pid=37695 uid=0 code=kill)

This shouldn't happen.

• -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQEVAwUBWQg/rXz1H7kL/d9rAQL9Lwf5AUZX8VE4XX7b5hWWm7CkfcHJCnCuJy37 Hfw598Z+dljSAQ8Ki38vRtIKSSN7jVxOqiMPLKLh3+FcVVqOor/tbybDbV8rzhb5 u/+vynfvLENtwiEQAQ+4JjGOKQYX8rCU+Vz9Ft2my9ZR4qeUru4bxtduX/NI/GeZ YBnhQHZdX/2iAhW8MLX19aPEm7a82qBwdzv5BeQ3iFq56woYOFj+6peC710aY6uM 6wyURGoO3lvfaTnl4D1n3M6Nw7IuImHVtU1fLnUh8y+Z2Nv5cArxTWOpQFjzsVTS 3dDNchnDXym2xpjYM2IA/GGKAyYdbwSLTyvWGiEq8LtQQhAnnY425w== =sg2z -----END PGP SIGNATURE-----

Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQEVAwUBWQlswHz1H7kL/d9rAQIOQQf/W4/PrWAikuEA0nfyaHU+pZNK+HpJFKkw mz02uCG5mUDw5CaidmgMU2B7z67nw3pa2nSZYpUOdiPwhrS2alAxIV8UtNUFBuog SYotBvnJmD62NsIeKJ5VQna9lGAB41zEPI5bekzvLWTfo0oic7EmiVIHvYLpBQwb 80PwAaN5hPMZrPwq+1w3EJvOr7jckIwxxlDeQcawHprY2Hq4H8SSmDFgGN+1KwQ0 nW3YqIBrfaYprfRBXz2wgGICuYuF5t5WLShBYR14WybrSrIxW0Yjt+wz8lRP/IlP OhAqUj+6yU/11ILEUasjVrryZQkLDD6YtpgbDeuF0Rpi3Z11WSTC3g== =tBJC -----END PGP SIGNATURE-----