On Oct 08, 2005, at 10:41 AM, Ignacio Vazquez-Abrams wrote:
On Fri, 2005-10-07 at 11:23 -0700, Jeff Ramsey wrote:
On Oct 06, 2005, at 11:16 AM, Ignacio Vazquez-Abrams wrote:
On Thu, 2005-10-06 at 10:28 -0700, Jeff Ramsey wrote:
/etc/pam.d/ssh, /etc/pam.d/login, and /etc/pam.d/gdm all have a
line calling mkhomedir.so, which is using the /etc/skel home directory skeleton to create the user's home dir upon successful login, however, when I add that line to /etc/pam.d/dovecot, I get a permission denied error in /var/log/maillog. I'm assuming this is because dovecot is running as the user at this point, and therefore does not have the necessary permissions to create a folder under / home/DOMAIN/, which is where the home dir is supposed to be. If I manually create the folder, and set it's permissions, or if the
user logs in via any of the before-mentioned methods, dovecot and
sendmail work great.Which section did you add it to?
Here is my /etc/pam.d/dovecot:
Based on what I've been able to find on the web it appears that your conjecture is correct. The dovecot daemon simply doesn't have the
proper permissions to create the home directory.AFAICT the only way to really fix this is to set the permissions on /home to 0777, which of course has security repercussions of its own.You could also write a daemon that creates home directories when a new user is created, but I don't know enough about your environment to give a starting point.
Thanks for assuring me that I was not losing my mind.
I'll study up on writing such a daemon. If I write a script that is
called from /etc/pam.d/dovecot, then uses 'su' to become a non-root
user with write permissions to /home, this seems like the best way to
do this, correct? Or are you suggesting that I write an actual daemon
that runs and waits for the users to login, and then creates the home
dir?
I've done the former once or twice, but never the latter. It may be
above my knowledge of Linux shell scripting. (Maybe another reason to
buy a new shell scripting book...)
Thanks again,
Jeff Ramsey MIS Administrator Tubafor Mill, Inc.