I have just upgraded to dovecot 1.0.13.
All the documentation I can find in the example .conf file and the NEWS and ChangeLog files seems to say that the mail_privileged_group = mail setting is all I should need to make dovecot use group mail to create dotlock files.
My understanding from what I read is that mail_privileged_group is used to set the group used while creating dotlock files in (in my case) /var/spool/mail, and mail_access_groups is used to set the group used to actually access the mailbox.
In my case, /var/spool/mail is group 'mail and group writable/searchable
drwxrwxr-x 2 root mail 4096 May 7 08:35 /var/spool/mail
and the individual mailboxes are owned by the respective users. So it seems that I would need "mail_privileged_group = mail" do be able to create dotlock files in /var/spool/mail, and that I would not need any mail_access_groups as the users can access their own mailboxes.
But this doesn't work. With "mail_privileged_group = mail" and mail_access_groups unset, I get
May 6 12:48:54 sbh16 dovecot: POP3(xxx): file_lock_dotlock() failed with mbox file /var/spool/mail/xxx: Permission denied
Yet with "mail_access_groups = mail" and mail_privileged_group unset, it works with no problem.
Is my understanding wrong? Is the documentation wrong? Is the implementation wrong? Or is there just something wierd in my case (possibly pop3_lock_session = yes)?
# dovecot -n # 1.0.13: /usr/local/etc/dovecot.conf protocols: pop3 pop3s ssl_cert_file: /etc/postfix/grizz-cert.pem ssl_key_file: /etc/postfix/grizz-key.pem login_dir: /usr/local/var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/pop3-login mail_access_groups: mail mail_location: /var/spool/mail/%u mbox_write_locks: fcntl dotlock mail_executable: /usr/local/libexec/dovecot/pop3 mail_plugin_dir: /usr/local/lib/dovecot/pop3 pop3_lock_session: yes pop3_uidl_format: %08Xu%08Xv auth default: mechanisms: plain apop login worker_max_count: 5 passdb: driver: passwd-file args: /usr/local/etc/dovecot.passwd passdb: driver: pam userdb: driver: passwd socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan