I have Dovecot2 auth setup to run as
user = doveauth
group = dovecot
configured in,
vi conf.d/10-master.conf
...
service auth {
unix_listener /var/spool/postfix/private/auth {
user = postfix
group = postfix
mode = 0660
}
user = doveauth
group = dovecot
}
service auth-worker {
user = doveauth
group = dovecot
}
...
When I start Dovecot,
ls -al /var/run/dovecot/auth-*
/bin/ls: No match.
service dovecot-custom start
Starting Dovecot ... done
Dovect's auth-process sockets are created with different ownership than what I specified,
ls -al /var/run/dovecot/auth-*
srw------- 1 root root 0 Oct 11 19:30
/var/run/dovecot/auth-client
srw------- 1 dovecot root 0 Oct 11 19:30
/var/run/dovecot/auth-login
srw------- 1 root root 0 Oct 11 19:30
/var/run/dovecot/auth-master
srw------- 1 root root 0 Oct 11 19:30
/var/run/dovecot/auth-userdb
srw------- 1 dovecot root 0 Oct 11 19:30
/var/run/dovecot/auth-worker
Which causes problems when I test AUTH,
telnet 127.0.0.1 143
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR
LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot
ready.
a login "xxx@domain.loc" "testpass"
a NO [UNAVAILABLE] Temporary authentication failure.
* OK Waiting for authentication process to respond..
In logs,
==> /var/log/dovecot/dovecot-debug.log <==
Oct 11 19:32:11 auth: Debug: Loading modules from directory:
/usr/lib64/dovecot/modules/auth
Oct 11 19:32:11 auth: Debug: Module loaded:
/usr/lib64/dovecot/modules/auth/libauthdb_ldap.so
Oct 11 19:32:11 auth: Debug: Module loaded:
/usr/lib64/dovecot/modules/auth/libdriver_mysql.so
Oct 11 19:32:11 auth: Debug: Module loaded:
/usr/lib64/dovecot/modules/auth/libdriver_pgsql.so
Oct 11 19:32:11 auth: Debug: Module loaded:
/usr/lib64/dovecot/modules/auth/libdriver_sqlite.so
Oct 11 19:32:11 auth: Debug: Module loaded:
/usr/lib64/dovecot/modules/auth/libmech_gssapi.so
Oct 11 19:32:11 auth: Debug: auth client connected (pid=2397)
Oct 11 19:32:17 auth: Debug: client in: AUTH 1 PLAIN
service=imap secured lip=127.0.0.1 rip=127.0.0.1lport=143
rport=47016 resp=<hidden>
==> /var/log/dovecot/dovecot.log <== Oct 11 19:32:17 auth: Fatal: net_connect_unix(auth-worker) in directory /var/run/dovecot failed: Permission denied (euid=1101(doveauth) egid=305(dovecot) missing +r perm: /var/run/dovecot/auth-worker, dir owned by 305:305 mode=0755)
What needs to change to get those sockets created with correct/assigned ownership & perms?