Am 03.01.2020 um 03:27 schrieb Mark ADAMS:
Jan 02 18:47:37 shuttle dovecot[6744]: lda(root@shuttle)<6744><>: Error: auth-master: userdb lookup(root@shuttle): connect(/run/dovecot/auth-userdb) failed: Permission denied (euid=8(mail) egid=12(mail) missing +r perm: /run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
Run "namei -lv /run/dovecot/auth-userdb" to check the permissions of the
complete path. The auth-userdb socket actually is owned mail:mail
according to your error logging. Is dovecot member of the mail group?
Actually it does not match the config details you have pasted:
unix_listener auth-userdb { group = dovecot mode = 0600 user = vmail }
On my side it looks like this and I have not custom configured that
part. The defaults are:
unix_listener auth-userdb { group = mode = 0666 user = $default_internal_user }
So on my system the permissions look like this:
# namei -lv /var/run/dovecot/auth-userdb f: /var/run/dovecot/auth-userdb dr-xr-xr-x root root / drwxr-xr-x root root var drwxr-xr-x root root run drwxr-xr-x root dovecot dovecot srw-rw-rw- dovecot root auth-userdb
Jan 02 18:47:37 shuttle dovecot[6744]: lda: Fatal: Internal error occurred. Refer to server log for more information. Jan 02 18:47:37 shuttle postfix/pipe[6743]: 6345D4A4A97: to=<root@shuttle>, relay=dovecot, delay=1.1, delays=1.1/0.01/0/0.06, dsn=4.3.0, status=deferred (temporary failure. Command output: lda(root@shuttle): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied ) ^C
Note: this error references "/run/dovecot/auth-userdb". That isn't even supposed to be the location of that file. I have no idea why that location shows up. The correct location should be "/etc/dovecot/auth-userdb". The file does exist at that location.
Mark,
I have no idea why you expect the dovecot sockets to be located inside
/etc/dovecot/. /etc is the FHS location for configurations. /run or
/var/run (typically a symlink on modern linux distributions) is the
right location for runtime files like service sockets.
You say /etc/dovecot/auth-userdb exists. Am I correct to guess that you
have created that manually with whatever content?
Alexander