Op 2/11/2017 om 3:24 PM schreef dovelist:
OK, I've figured it out:
In the dovecot profile for apparmor the sieve directory is not confgured. I solved it this way:
To configure only one directory in the apparmor profile, I placed the active-script link inside the .sieve directory. Keeping the scripts separate in a store subdirectory, like this: In /etc/dovecot/conf.d/90-sieve.conf :
sieve = file:~/.sieve/store;active=~/.sieve/active.sieve
Then dovecot is granted access by adding the .sieve directory in the apparmor profile. The dovecot file in the tunables directory seems to be a neat way to that: In /etc/apparmor.d/tunables/dovecot :
@{DOVECOT_MAILSTORE}=@{HOME}/Maildir/ /var/spool/mail/ @{HOME}/.sieve/
Ofcourse the .sieve directory is not really a MAILSTORE. But this way, the configuration stays close to the defaults. I didn't find something like DOVECOT_SIEVESTORE, which would be more appropriate.
After restart of apparmor and dovecot, it works!
@Stephan: thanks for the advice - it did help to pinpoint the problem!
I have no experience with AppArmor. I assume these profile configuration files are created by the packagers for your distribution. You could talk to them to get this fixed in general.
Regards,
Stephan.