It would be nice if there were a wiki page specifically describing how permissions should be set for all of the services/directories that dovecot uses.
Even better would be a dovecot/doveconf command that would test the permissions and, if possible, even fix them (like the postfix 'set-permissions' command)...
On 2012-06-22 11:46 AM, robert coore <robertcoore@yahoo.com> wrote:
<spamvoll<at> googlemail.com> writes:
Hi..
im still trying to upgrade to 2.0. Im getting: dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=10000(vmail) egid=10000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner)
the error is correct caus its owned by root. My Questions is who should own
Im not sure how that works, what process/user calls the auth-userdb ? The auth-userdb returns the args generated in master.conf, right ?
i think comment out the user and group setting in master.conf will fix it but im not sure if that is the securest way.
the mails come from postfix via dovecot-lda
Hans
master.conf service auth { # auth_socket_path points to this userdb socket by default. It's typically # used by dovecot-lda, doveadm, possibly imap process, etc. Its default # permissions make it readable only by root, but you may need to relax
it ? these
# permissions. Users that have access to this socket are able to get a list # of all usernames and get results of everyone's userdb lookups. unix_listener auth-userdb { mode = 0600 #user = vmail #group = vmail }
auth-ldap.conf.ext passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = static args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ mail=/home/MAILBOXES/%u/mail }
Hi all was getting the same errors took me 2 days to understand what it was saying to me but i finally solved it
if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the owner and the premissions are srw-------- so vmail has not right to call or even use the process What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb I also did a chmod g+r /var/run/dovecot/auth-userdb ls -l /var/run/dovecot/auth-userdb srw----r-- 1 vmail vmail my unix_listener auth-userdb { mode = 600 {
protocol lda { auth_socket_path = /var/run/dovecot/auth-userdb log_path = /home/vmail/dovecot-deliver.log
that worked for me
- havent restarted the dovecot service dont know if it will keep the settings.
--
Best regards,
Charles Marcus I.T. Director Media Brokers International, Inc. 678.514.6200 x224 | 678.514.6299 fax