[Dovecot] More Dovecot 2.0 permissions issues
Hi Timo,
ok, using the latest 2.0beta6...
I can't figure out the settings for the log file to have the correct permissions. When the log file is created, it is created owned by root and 0600 permissions, which doesn't allow the lda to write to it if I use different users and groups for that main config...
If I then chmod the log file to 666, then everything is happy, but again, if that log file is removed and created by dovecot, it will create it back with 0600 and the lda will error and not deliver mail because of it...
I was not able to find anywhere else to set the mode of the log files or the mask that is used...
here is the current config :
# 2.0.beta6: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.0-RELEASE-p3 i386 auth_username_format = %Lu auth_username_translation = %@ auth_verbose = yes disable_plaintext_auth = no dotlock_use_excl = yes first_valid_uid = 100 listen = * lock_method = dotlock log_path = /local/logs/dovecot.errors mail_gid = 100 mail_location = maildir:%h/Maildir mail_nfs_index = yes mail_nfs_storage = yes mail_uid = 100 mmap_disable = yes passdb { args = /bin/checkpassword_dovecot_auth driver = checkpassword } plugin { quota = maildir sieve = ~/.dovecot.sieve sieve_dir = ~/Maildir/sieve } protocols = imap pop3 managesieve quota_full_tempfail = yes service auth { unix_listener auth-userdb { mode = 0660 } } ssl_cert =
Thanks,
Tim.
Timo,
any thoughts on this one? is there a setting that I am missing for ownership or permissions of the log files?
Thanks,
Tim.
On 6/18/2010 10:42 PM, Tim Traver wrote:
Hi Timo,
ok, using the latest 2.0beta6...
I can't figure out the settings for the log file to have the correct permissions. When the log file is created, it is created owned by root and 0600 permissions, which doesn't allow the lda to write to it if I use different users and groups for that main config...
If I then chmod the log file to 666, then everything is happy, but again, if that log file is removed and created by dovecot, it will create it back with 0600 and the lda will error and not deliver mail because of it...
I was not able to find anywhere else to set the mode of the log files or the mask that is used...
here is the current config :
# 2.0.beta6: /usr/local/etc/dovecot/dovecot.conf # OS: FreeBSD 8.0-RELEASE-p3 i386 auth_username_format = %Lu auth_username_translation = %@ auth_verbose = yes disable_plaintext_auth = no dotlock_use_excl = yes first_valid_uid = 100 listen = * lock_method = dotlock log_path = /local/logs/dovecot.errors mail_gid = 100 mail_location = maildir:%h/Maildir mail_nfs_index = yes mail_nfs_storage = yes mail_uid = 100 mmap_disable = yes passdb { args = /bin/checkpassword_dovecot_auth driver = checkpassword } plugin { quota = maildir sieve = ~/.dovecot.sieve sieve_dir = ~/Maildir/sieve } protocols = imap pop3 managesieve quota_full_tempfail = yes service auth { unix_listener auth-userdb { mode = 0660 } } ssl_cert =
Thanks,
Tim.
On Fri, 2010-06-18 at 22:42 -0700, Tim Traver wrote:
I can't figure out the settings for the log file to have the correct permissions. When the log file is created, it is created owned by root and 0600 permissions, which doesn't allow the lda to write to it if I use different users and groups for that main config...
Right.
If I then chmod the log file to 666, then everything is happy, but again, if that log file is removed and created by dovecot, it will create it back with 0600 and the lda will error and not deliver mail because of it...
Right.
I was not able to find anywhere else to set the mode of the log files or the mask that is used...
There is none. Why are you deleting the log file?
Another possibility would be to have lda log into a different file http://wiki.dovecot.org/LDA#logging
On 6/21/2010 12:44 PM, Timo Sirainen wrote:
On Fri, 2010-06-18 at 22:42 -0700, Tim Traver wrote:
I can't figure out the settings for the log file to have the correct permissions. When the log file is created, it is created owned by root and 0600 permissions, which doesn't allow the lda to write to it if I use different users and groups for that main config...
Right.
If I then chmod the log file to 666, then everything is happy, but again, if that log file is removed and created by dovecot, it will create it back with 0600 and the lda will error and not deliver mail because of it...
Right.
I was not able to find anywhere else to set the mode of the log files or the mask that is used...
There is none. Why are you deleting the log file?
Another possibility would be to have lda log into a different file http://wiki.dovecot.org/LDA#logging
Timo,
thanks for that info...I would not normally remove the log file, but if for some reason it was not there anymore and dovecot got restarted, then errors would occur and mail would fail to be delivered...
So, I took your advice and logged the lda stuff to a separate file.
Thanks,
Tim.
participants (2)
-
Tim Traver
-
Timo Sirainen