what is the full permissions of /var/mail?
ls -lda /var/mail
On Tue, Nov 3, 2015 at 1:49 PM, John Clements johnbclements@gmail.com wrote:
I've been using dovecot+postfix happily for many years, and I'm now configuring it for a new machine. However, I'm running into an old problem again, and thinking that there must be a better solution.
The problem is that dovecot-lda is unable to create dotlock files in the /var/mail directory.
Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream version 2.2.13) OS: Debian Jessie
Currently, my mail directory has these permissions:
clements@desmond:~$ ls -ld /var/mail drwxrwsr-x 2 root mail 4096 Nov 2 22:07 /var/mail clements@desmond:~$ ls -l /var/mail total 8 -rw------- 1 clements mail 1382 Nov 2 21:59 clements -rw------- 1 granitemon mail 530 Nov 2 22:07 granitemon
I've added mail_privileged_group = mail to allow creation of the dotlock files.
When I configure postfix to deliver using dovecot-lda, I get logs that look like this:
Nov 3 11:12:20 desmond dovecot: lda(granitemon): Error: setegid(privileged) failed: Operation not permitted Nov 3 11:12:20 desmond dovecot: lda(granitemon): msgid=< 20151103181306.A4B5B5FF32@desmond.XXXDOMAIN.org>: save failed to INBOX: BUG: Unknown internal error
In order to isolate the error, I took postfix out of the equation, and called dovecot-lda directly:
clements@desmond:/tmp$ cat bogusmail From: clements@XXXDOMAIN.org To: granitemon@localhost Date: November 3 2015 Subject: graaaah
this is the body clements@desmond:/tmp$ /usr/lib/dovecot/dovecot-lda -e -d clements < bogusmail BUG: Unknown internal error clements@desmond:/tmp$
In response to this, mail.log now contains this similar error:
Nov 3 11:34:57 desmond dovecot: lda(clements): msgid=unspecified: save failed to INBOX: BUG: Unknown internal error Nov 3 11:34:57 desmond dovecot: lda(clements): Error: setegid(privileged) failed: Operation not permitted
I've tried a number of "random internet search" solutions, including
- changing perms on mail files from 660 to 600
- enabling 'mail_access_groups=mail' in 10-mail.conf
- adding individual users to the mail group.
I guess I'm pretty confident that if dovecot is writing "BUG: Unknown internal error" in the logs, that this is is actually a bug in dovecot.
OBresearch: I read through the release notes of 2.2.14 -- 2.2.19 to see if a relevant-looking bug had been fixed, but nothing jumped out at me. OBresearch: searching the dovecot mailing list, I found one *extremely* relevant thread called "Re: [Dovecot] started with dovecot sieve http://dovecot.markmail.org/message/kgd34wberxuvmrsa?q=setegid", but there didn't seem to be a solution contained in the thread.
Final note: this doesn't appear to be confined to debian jessie: I took a look at my existing installation, and I see that in fact I just went ahead and made /var/mail world-writeable, which seems... sub-optimal. I'm sure I could do that here, too, but I'd certainly rather not.
Thanks in advance, and let me know if I've left out relevant crucial information.
Best,
John Clements
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 214-642-9640 (c) E-Mail: larryrtx@gmail.com US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961