Re: Maildir permissions on creation?
The main reason is that I don't want to provide backup user with unnecessary write permissions within maildirs and mail user within backup logs dir. I was talking about mail_user:mail_group 0750 on dirs and 0640 on files. (Or, possibly, mail_user:backup_group 2750 and 2640.)
26.12.2014, 11:19, "Tobi" tobster@brain-force.ch:
Whats the reason you do not want to use default dovecot user. Your idea would assume that at least the group must have write access. For me a no-go on mailboxes.
Am 24. Dezember 2014 13:21:15 MEZ, schrieb Von Random von@vdrandom.org:
Hello.
In my configuration dovecot reads home from mysql and uses no variables within it. It uses Maildir++ storage with virtual users. I also happen to use LMTP.
I want to use a backup solution that does not involve running itself as root. Neither do I want to run it as dovecot's mail user.
And there lies the problem: dovecot creates maildirs with 0700 and files within them inherit that set of permissions. And there seems to be no sane way to control it. I think I've figured out what to patch in order to change that default, but if possible, I'd like to avoid doing that.
tl;dr: is it possible to change the default set of permissions for new maildirs created by dovecot?
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-----BEGIN PGP SIGNATURE----- Version: APG v1.1.1
iQI7BAEBCgAlBQJUnRoiHhxUb2JpIDx0b2JzdGVyQGJyYWluLWZvcmNlLmNoPgAK CRA1HOYlqGik5L9iD/9FIE2JzWfB7fWJEbI3vVg+ar4LRGwW1xNIf8ahlytPbsmH D9dFP3kWpJH6TO41AksNjz/FxHcUqSrlsKYTFUsDZCyb9Zyxd8Jv+dH04FwUzw+y kq+ayoylnTN7Q8mQnqkUpWEuYd5ohWbbUUSguwzN8Zd1T4jCFR9/Lvu0cweE6meu mBGwvXBbfBP4El+mAM2lKnoMXQpMycS6aX7FwQ/fBaoWSkzg/2az69UtqG6LLF67 ZhJkbn17cpT3y/l/2nV5urdcFVh8RoSXNuYyMN4r7IDKQ6BPsneD+839LS9X/gP/ QMuo5nO5xdx4q1bT9gtv1zz5eKAJ1f3R2oPZyxdpiV5PruSY3J3kvu0cF0aJvQF6 +s0iDsoDBcueB6JEUnYAarteWvBvxRnqb8ytju1xbIEkKLZtaS8Gf2cpZ8eA+Ha/ D0zkYfq7bt+Ra7BY6Qh7XMfiN5z9eWe5RqOmVLZRLf9N75U6wWa+fmXpvlqEtGNV pKsgif/ivCHiA24+JSJ1PBRjwO36Tu4MsSlT2WnkvyFBQzFzg9T00fl+uTXzgNEz SBta2wmXk9XVJ9mPzfNrAaAA3+T6H90Sj1CbRt7NZx30UdwYoIL5XXEtnG0p1XdS moe91H2UE+NT+jgj7emAOLxJf86vIwiHCqI0Zl/7wVNJEnKBXJP5WIHcdEDEHg== =Tl/z -----END PGP SIGNATURE-----
Err, my bad, of course 0640 on files in case of setgid on directories.
26.12.2014, 11:36, "Von Random" von@vdrandom.org:
The main reason is that I don't want to provide backup user with unnecessary write permissions within maildirs and mail user within backup logs dir. I was talking about mail_user:mail_group 0750 on dirs and 0640 on files. (Or, possibly, mail_user:backup_group 2750 and 2640.)
26.12.2014, 11:19, "Tobi" tobster@brain-force.ch:
Whats the reason you do not want to use default dovecot user. Your idea would assume that at least the group must have write access. For me a no-go on mailboxes.
Am 24. Dezember 2014 13:21:15 MEZ, schrieb Von Random von@vdrandom.org:
Hello.
In my configuration dovecot reads home from mysql and uses no variables within it. It uses Maildir++ storage with virtual users. I also happen to use LMTP.
I want to use a backup solution that does not involve running itself as root. Neither do I want to run it as dovecot's mail user.
And there lies the problem: dovecot creates maildirs with 0700 and files within them inherit that set of permissions. And there seems to be no sane way to control it. I think I've figured out what to patch in order to change that default, but if possible, I'd like to avoid doing that.
tl;dr: is it possible to change the default set of permissions for new maildirs created by dovecot? - -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1
iQI7BAEBCgAlBQJUnRoiHhxUb2JpIDx0b2JzdGVyQGJyYWluLWZvcmNlLmNoPgAK CRA1HOYlqGik5L9iD/9FIE2JzWfB7fWJEbI3vVg+ar4LRGwW1xNIf8ahlytPbsmH D9dFP3kWpJH6TO41AksNjz/FxHcUqSrlsKYTFUsDZCyb9Zyxd8Jv+dH04FwUzw+y kq+ayoylnTN7Q8mQnqkUpWEuYd5ohWbbUUSguwzN8Zd1T4jCFR9/Lvu0cweE6meu mBGwvXBbfBP4El+mAM2lKnoMXQpMycS6aX7FwQ/fBaoWSkzg/2az69UtqG6LLF67 ZhJkbn17cpT3y/l/2nV5urdcFVh8RoSXNuYyMN4r7IDKQ6BPsneD+839LS9X/gP/ QMuo5nO5xdx4q1bT9gtv1zz5eKAJ1f3R2oPZyxdpiV5PruSY3J3kvu0cF0aJvQF6 +s0iDsoDBcueB6JEUnYAarteWvBvxRnqb8ytju1xbIEkKLZtaS8Gf2cpZ8eA+Ha/ D0zkYfq7bt+Ra7BY6Qh7XMfiN5z9eWe5RqOmVLZRLf9N75U6wWa+fmXpvlqEtGNV pKsgif/ivCHiA24+JSJ1PBRjwO36Tu4MsSlT2WnkvyFBQzFzg9T00fl+uTXzgNEz SBta2wmXk9XVJ9mPzfNrAaAA3+T6H90Sj1CbRt7NZx30UdwYoIL5XXEtnG0p1XdS moe91H2UE+NT+jgj7emAOLxJf86vIwiHCqI0Zl/7wVNJEnKBXJP5WIHcdEDEHg== =Tl/z -----END PGP SIGNATURE-----
participants (1)
-
Von Random