[Dovecot] auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied
Hello, just upgraded one of my testing machine from dovecot 1.2.15 to 2.0.7. After some trouble with permissions now all seems working, but when I stop dovecot I have these errors in log:
Nov 9 17:08:07 in dovecot: master: Warning: Killed with signal 15 (by pid=20362 uid=0 code=kill) Nov 9 17:08:07 in dovecot: pop3-login: Error: read(anvil) failed: EOF Nov 9 17:08:07 in dovecot: imap-login: Error: read(anvil) failed: EOF Nov 9 17:08:07 in dovecot: imap(mailing@securitylabs.it): Server shutting down. bytes=410/59361 Nov 9 17:08:07 in dovecot: imap(mailing@securitylabs.it): Server shutting down. bytes=79/26605 Nov 9 17:08:07 in dovecot: imap(mailing@securitylabs.it): Server shutting down. bytes=802/55708 Nov 9 17:08:07 in dovecot: imap(mailing@securitylabs.it): Server shutting down. bytes=258/1242 Nov 9 17:08:07 in dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF Nov 9 17:08:07 in dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied
dovecot -n:
2.0.7: /usr/local/etc/dovecot/dovecot.conf
OS: Linux 2.6.32-5-xen-686 i686 Debian squeeze/sid
auth_cache_negative_ttl = 2 mins auth_cache_size = 1000 M auth_cache_ttl = 2 mins auth_master_user_separator = * auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@& disable_plaintext_auth = no dotlock_use_excl = yes first_valid_uid = 100 last_valid_uid = 105 lock_method = dotlock log_timestamp = "%Y-%m-%d %H:%M:%S " login_greeting = Server ready. mail_fsync = never mail_gid = Debian-exim mail_location = maildir:~/Maildir:INDEX=/var/indexes/%d/%n mail_privileged_group = Debian-exim mail_uid = Debian-exim managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = / type = private } namespace { location = maildir:~/Maildir/expunged prefix = EXPUNGED/ separator = / type = private } namespace { location = maildir:~/Maildir/deleted prefix = DELETED/ separator = / type = private } namespace { location = maildir:~/Maildir/deleted/expunged prefix = DELETED/EXPUNGED/ separator = / type = private } passdb { args = /usr/local/etc/dovecot-sql.conf driver = sql } passdb { args = /usr/local/etc/passwd.masterusers driver = passwd-file master = yes pass = yes } plugin { lazy_expunge = EXPUNGED/ DELETED/ DELETED/EXPUNGED/ mail_log_events = delete expunge mail_log_group_events = quota = maildir quota_warning = storage=80%% /usr/local/bin/dovecot-quota-warning.sh 80 quota_warning2 = storage=90%% /usr/local/bin/dovecot-quota-warning.sh 90 sieve = ~/.dovecot.sieve } pop3_no_flag_updates = yes protocols = imap pop3 service auth { unix_listener auth-userdb { group = Debian-exim mode = 0600 user = Debian-exim } } service imap-login { client_limit = 256 process_limit = 128 process_min_avail = 3 service_count = 1 } service imap { drop_priv_before_exec = yes process_limit = 256 vsz_limit = 256 B } service pop3-login { client_limit = 256 process_limit = 128 process_min_avail = 3 service_count = 1 } service pop3 { drop_priv_before_exec = yes process_limit = 256 vsz_limit = 256 B } ssl_cert = </usr/local/etc/dovecot.crt ssl_key = </usr/local/etc/dovecot.key userdb { args = /usr/local/etc/dovecot-sql.conf driver = sql } protocol imap { mail_max_userip_connections = 10 mail_plugins = " notify quota imap_quota mail_log lazy_expunge" } protocol pop3 { mail_max_userip_connections = 3 mail_plugins = " notify quota mail_log" pop3_uidl_format = %08Xu%08Xv } protocol lda { mail_plugins = quota sieve postmaster_address = postmaster@securitylabs.it }
My /usr/local/var/run/dovecot directory:
4 drwxr-sr-x 4 root staff 4096 Nov 9 17:08 . 4 drwxrwsrwx 3 root staff 4096 Nov 9 17:05 .. 0 srw------- 1 root staff 0 Nov 9 17:05 anvil 0 srw------- 1 root staff 0 Nov 9 17:05 anvil-auth-penalty 0 srw------- 1 root staff 0 Nov 9 17:05 auth-client 0 srw------- 1 dovecot staff 0 Nov 9 17:05 auth-login 0 srw------- 1 root staff 0 Nov 9 17:05 auth-master 0 srw------- 1 Debian-exim Debian-exim 0 Nov 9 17:05 auth-userdb 0 srw------- 1 dovecot staff 0 Nov 9 17:05 auth-worker 0 srw------- 1 root staff 0 Nov 9 17:05 config 0 srw------- 1 root staff 0 Nov 9 17:05 dict 0 srw------- 1 root staff 0 Nov 9 17:05 director-admin 0 srw-rw-rw- 1 root staff 0 Nov 9 17:05 dns-client 0 srw------- 1 root staff 0 Nov 9 17:05 doveadm-server 0 lrwxrwxrwx 1 root staff 35 Nov 9 17:05 dovecot.conf -> /usr/local/etc/dovecot/dovecot.conf 4 drwxr-xr-x 2 root root 4096 Nov 9 17:05 empty 4 drwxr-x--- 2 root dovenull 4096 Nov 9 17:05 login
My emails are delivered as user Debian-exim and users are virtual in a MySQL DB. This system is behind a proxy (so the master user)
On Tue, 2010-11-09 at 17:18 +0100, mailing@securitylabs.it wrote:
Hello, just upgraded one of my testing machine from dovecot 1.2.15 to 2.0.7. After some trouble with permissions now all seems working, but when I stop dovecot I have these errors in log:
Nov 9 17:08:07 in dovecot: master: Warning: Killed with signal 15 (by pid=20362 uid=0 code=kill) Nov 9 17:08:07 in dovecot: pop3-login: Error: read(anvil) failed: EOF
http://hg.dovecot.org/dovecot-2.0/rev/67fbf09d3fa5 fixes these.
Nov 9 17:08:07 in dovecot: auth: Error: read(anvil-auth-penalty) failed: EOF Nov 9 17:08:07 in dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied
http://hg.dovecot.org/dovecot-2.0/rev/3e4a65a74c40 fixes this so that if anvil actually does die too early, auth process kills itself.
Hi All,
I think this bug is back in dovecot 2.4.1.
I'm getting:-
lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I run following post service start to fix it, I set: chmod 666 /var/run/dovecot/anvil
I tried setting mode = 0666 in config and it didn't work :-
service anvil { process_limit = 1 client_limit = 50000 unix_listener anvil-auth-penalty { mode = 0666 } }
Thanks anyways.
You should try this settings :
service anvil { unix_listener anvil { user = dovecot group = dovecot mode = 0660 } }
-- Bruno
You should try this settings :
service anvil {
unix_listener anvil {
user = dovecot
group = dovecot
mode = 0660
}
}
--
Bruno
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak.
On 2025-09-30 22:02, Felix Geyer via dovecot wrote:
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak.
On 2025-09-30 22:02, Felix Geyer via dovecot wrote:
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Or just
service anvil { unix_listener anvil { mode = 0666 } }
Aki
On 01/10/2025 11:16 EEST Zakaria via dovecot <dovecot@dovecot.org> wrote:
I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak.
On 2025-09-30 22:02, Felix Geyer via dovecot wrote:
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak.
On 2025-09-30 22:02, Felix Geyer via dovecot wrote:
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Right, that technically just works of course. Giving every user on the system access to the anvil service seems like a proper bad idea to me though.
The better workaround would be to give just the group of the lmtp process access to the socket like
service anvil { unix_listener anvil { group = vmail mode = 0660 } }
Since there is clear intent in the code to avoid this problem I would maintain that this is a bug and ideally should be fixed there.
Cheers, Felix
On 01.10.25 10:25, Aki Tuomi wrote:
Or just
service anvil { unix_listener anvil { mode = 0666 } }
Aki
On 01/10/2025 11:16 EEST Zakaria via dovecot <dovecot@dovecot.org> wrote:
I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak.
On 2025-09-30 22:02, Felix Geyer via dovecot wrote:
I think this bug is back in dovecot 2.4.1. I'm getting:- lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied
I get the same error with Dovecot 2.4.1. This is caused by running lmtp as non-root, i.e. with a configuration like
service lmtp { user = vmail }
src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code:
/* Connect to anvil before dropping privileges */ lmtp_anvil_init();
However if I got this right
a) This code is called after dropping privileges, so would not have the permissions. b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect()
Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach.
Cheers, Felix
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org I think you can fix this using systemd service. Post Start run script that adjusts anvil file, in /var/run, chmod to 666.
Zak. On 2025-09-30 22:02, Felix Geyer via dovecot wrote: >> I think this bug is back in dovecot 2.4.1. >> I'm getting:- >> lmtp(15118): Error: conn unix:/run/dovecot/anvil: net_connect_unix(/run/dovecot/anvil) failed: Permission denied > > I get the same error with Dovecot 2.4.1. > This is caused by running lmtp as non-root, i.e. with a configuration like > > service lmtp { > user = vmail > } > > src/lmtp/lmtp-commands.c client_default_cmd_mail() has this code: > > /* Connect to anvil before dropping privileges */ > lmtp_anvil_init(); > > However if I got this right > > a) This code is called after dropping privileges, so would not have the permissions. > b) It doesn't actually connect to the anvil socket since lmtp_anvil_init() doesn't call anvil_client_connect() > > Adding lmtp_anvil_init(); anvil_client_connect() calls in src/lmtp/main.c main() before drop_privileges() fixes the error but I don't know if that's the right approach. > > Cheers, > Felix > > _______________________________________________ > dovecot mailing list -- dovecot@dovecot.org > To unsubscribe send an email to dovecot-leave@dovecot.org
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
participants (7)
-
Aki Tuomi
-
Bruno Patri
-
Felix Geyer
-
hi@zakaria.website
-
mailing@securitylabs.it
-
Timo Sirainen
-
Zakaria