On Mon, Oct 29, 2007 at 05:10:44PM -0400, Adam McDougall wrote:
On Mon, Oct 29, 2007 at 10:49:34PM +0200, Timo Sirainen wrote:
On Sun, 2007-10-28 at 15:37 -0400, Adam McDougall wrote:
> Oct 28 11:01:40 gribble dovecot: IMAP(mcdouga9): fchown(/egr/mail/shared/decs/temp.gribble.97159.dc6633e16f47011d)
> failed: Operation not permitted
>
> >From the name, I can't even tell what its for, what dovecot-shared might be causing it, etc.
>
> I did some hunting because I was curious (I assume you would know right away) and its from
> lib/safe-mkstemp.c which dotlock uses.
It's used for creating dovecot-acl-list. Hmm. Looks like there are now
two places where Dovecot takes permissions from: dovecot-shared file and
the directory where it exists. If you set g+s to the dir too this error
goes away. I'll have to think a bit more what I'll do about this. Maybe
dovecot-shared file just could go away and only the dir permissions
would be used.That reminds me, I do think I put dovecot-shared in that directory just to satisfy 1.1. The group owner on /egr/mail/shared/decs/ is the group I am using to restrict entry into the directory (it is mode 770) so all of the users using folders inside are part of the group, so I'm not sure why the fchown would fail?
Also just a note (if I remember correctly) the existance of dovecot-shared causes dovecot+acl to treat the folder flags as private unless the code is modified (I still use that hack locally) so its not just the permissions of an object (presently dovecot-shared) that have an affect. Its seems like this is alot of functionality to load onto just the existance and permissions of a file :)
I did set g+s on /egr/mail/shared/decs/ and relogged in with thunderbird but got the error right away:
Oct 29 17:02:55 gribble dovecot: IMAP(mcdouga9): fchown(/egr/mail/shared/decs/temp.gribble.65681.2a5ad23c6e8cd308) failed: Operation not permitted
Lately I have been getting:
Nov 17 08:24:36 hill dovecot: IMAP(mcdouga9): open(/egr/mail/shared/decs/temp.hill.80542.6d06d40810d76654) failed: Permission denied Nov 17 08:24:36 hill dovecot: IMAP(mcdouga9): safe_mkstemp(/egr/mail/shared/decs/temp.hill.80542.6d06d40810d76654) failed: Permission denied Nov 17 08:25:18 hill dovecot: IMAP(mcdouga9): open(/egr/mail/shared/decs/temp.hill.80542.1f3d606a7fa4a3cc) failed: Permission denied Nov 17 08:25:18 hill dovecot: IMAP(mcdouga9): safe_mkstemp(/egr/mail/shared/decs/temp.hill.80542.1f3d606a7fa4a3cc) failed: Permission denied
Right now I have /egr/mail/shared/decs/ unwritable to users. Some of these errors still happen when the directory is writable, but I am also concerned if it will cause these temp files to be renamed to dovecot-acl-list, which I assume would conflict with other users if created by one user.
Should I worry about these errors? Does it impair caching of folder lists or something? Thanks.