Re: [Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted

Am 12.04.2008 20:07 schrieb Gert Cuykens:

[…] Now the security part, i was thinking that this would work also

root@localhost:~# ls -al /usr/lib/dovecot/deliver -rws------ 1 mail mail 563112 2008-03-31 21:05 /usr/lib/dovecot/deliver root@localhost:~#

but it doesnt, changing it to user postfix also doesnt work ?

OK, step by step.

1. chown 0.0 /usr/lib/dovecot/deliver
2. chmod 755 /usr/lib/dovecot/deliver
3. find out the user from postfix's master.cf (... flags=DRhu user=nobody:mail argv=/usr/.../deliver) ^^^^^^ NOT: root, dovecot or postfix!
4. mkdir /usr/local/lib/dovecot
5. chmod 700 /usr/local/lib/dovecot
6. chown nobody /usr/local/lib/dovecot
7. cp -p /usr/lib/dovecot/deliver /usr/local/lib/dovecot
8. chmod u+s /usr/local/lib/dovecot/deliver
9. apply the path from 8. to argv from service dovecot in postfix's master.cf
10. restart postfix and enjoy

HTH Pascal