If you don't need the other groups in Dovecot you can get rid of them and
just have the process use the user's primary group and mail_extra_groups. I
think this should work:
userdb passwd {
args = system_user=
}Actually, yes I like this alot and put this change into production. I was planning on using some secondary groups to prevent filesystem access, but I can accomplish the same protection easier with this and mail_extra_groups. Thanks! I didn't test yet that the secondary groups aren't loaded but I will sometime.
According to my logs, it seems it does not prevent the secondary groups. I'd look at the code to see how it works, but I have to switch tasks and may not work more with dovecot until tomorrow. I suppose if I cannot get this to work, it sounds like I may be able to depend on the patch below.
With some recent permission changes I've done (affects dovecot 1.0 as well), I get a good amount of these fchown errors and I was thinking of muting them so they do not fill my log, since they are harmless in my setup.
If these errors happen for index files Dovecot currently fallbacks to using
in-memory indexes.Oh. Ugh. That might explain why the indexes don't always seem to load. For some reason I thought dovecot might print a message when it falls back to in-memory indexes; would that be possible?
Right now in my public folder permission scheme, the only thing I need dovecot-shared for (I think) is making client-added emails world-readable at least (currently actually mode 666). As long as the indexes are accessible by the user, I don't care what mode or group they are.
How about this: http://hg.dovecot.org/dovecot/rev/0dd9b91fd52cI will roll that in and test alongside the next patch you sent. Thanks.