[Dovecot] permissions on auth-userdb Error: userdb lookup
Hello,
first sorry for this question. I already found many threads about this problem including a thread in this list from August 2010, but nothing helped :(
Here is the error: 2010-09-20 06:28:04 lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules/ 2010-09-20 06:28:04 lda: Debug: Module loaded: /usr/lib/dovecot/modules//lib90_sieve_plugin.so 2010-09-20 06:28:04 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner) 2010-09-20 06:28:04 lda: Fatal: Internal error occurred. Refer to server log for more information.
srw------- 1 root root 0 20. Sep 06:21 auth-userdb
It worked fine with Dovecot 1.x, i use a static userdb.
vmail(5000):vmail(5000) is my standard user/group for /home/vmail/
Here is the config:
listen = 92.198.xx.xx log_path = /var/log/dovecot.log log_timestamp = "%Y-%m-%d %H:%M:%S " mail_debug = yes mail_gid = 5000 mail_location = maildir:/home/vmail/%d/%n:INDEX=/home/vmail-indexes/%d/%n mail_privileged_group = vmail mail_uid = 5000 managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = INBOX. separator = . type = private } passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } plugin { sieve = /home/vmail-sieve/%u/main.sieve sieve_before = /home/vmail/global/before.sieve sieve_dir = /home/vmail-sieve/%u/ sieve_global_dir = /home/vmail-sieve/global/ } protocols = imap service auth { unix_listener auth-master { mode = 0600 } } service imap-login { inet_listener imap { port = 0 } inet_listener imaps { address = 92.198.xx.xx } } service pop3-login { inet_listener pop3s { address = 92.198.xx.xx } } ssl_cert =
Any idea what's wrong? I already removed the permissions from the "service auth"-part (there was user/group=vmail)
Thanks
On Mon, Sep 20, 2010 at 06:34:01 +0200, Dieter Knopf wrote:
Hello,
first sorry for this question. I already found many threads about this problem including a thread in this list from August 2010, but nothing helped :(
Here is the error: 2010-09-20 06:28:04 lda: Debug: Loading modules from directory: /usr/lib/dovecot/modules/ 2010-09-20 06:28:04 lda: Debug: Module loaded: /usr/lib/dovecot/modules//lib90_sieve_plugin.so 2010-09-20 06:28:04 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner) 2010-09-20 06:28:04 lda: Fatal: Internal error occurred. Refer to server log for more information.
srw------- 1 root root 0 20. Sep 06:21 auth-userdb
Dovecot tries to open that file with the "default_internal_user" user, which is configurable in dovecot.conf. See # doveconf -h default_internal_user what is the current user for you.
Daniel
-- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
2010/9/20 LEVAI Daniel leva@ecentrum.hu:
Dovecot tries to open that file with the "default_internal_user" user, which is configurable in dovecot.conf. See # doveconf -h default_internal_user what is the current user for you.
Default user is dovecot like it was with 1.2, but there is a new user dovenull
# doveconf -h default_internal_user dovecot
Thanks
On Mon, 2010-09-20 at 08:55 +0200, LEVAI Daniel wrote:
2010-09-20 06:28:04 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner)
Dovecot tries to open that file with the "default_internal_user" user,
No, it's trying to open it as the mail user, and above shows that it's vmail. So make the socket accessible to vmail:
service auth { unix_listener auth-userdb { user = vmail } }
On Mon, Sep 20, 2010 at 14:59:20 +0100, Timo Sirainen wrote:
On Mon, 2010-09-20 at 08:55 +0200, LEVAI Daniel wrote:
2010-09-20 06:28:04 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner)
Dovecot tries to open that file with the "default_internal_user" user,
No, it's trying to open it as the mail user, and above shows that it's vmail. So make the socket accessible to vmail:
Sorry, I wasn't paying enough attention.
Daniel
-- LÉVAI Dániel PGP key ID = 0x83B63A8F Key fingerprint = DBEC C66B A47A DFA2 792D 650C C69B BE4C 83B6 3A8F
2010/9/20 Timo Sirainen tss@iki.fi:
No, it's trying to open it as the mail user, and above shows that it's vmail. So make the socket accessible to vmail:
service auth { unix_listener auth-userdb { user = vmail } }
Thanks for the tipp, i added this (again) and still have the error :( I tested with with group=vmail too. (and restarted after it).
It worked fine after i changed the permissions manually (chmod), but this can't be the solution :(
2010-09-20 18:22:50 lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner)
Thanks
On Mon, 2010-09-20 at 18:26 +0200, Dieter Knopf wrote:
2010/9/20 Timo Sirainen tss@iki.fi:
No, it's trying to open it as the mail user, and above shows that it's vmail. So make the socket accessible to vmail:
service auth { unix_listener auth-userdb { user = vmail } }
Thanks for the tipp, i added this (again) and still have the error :( I tested with with group=vmail too. (and restarted after it).
And when you set those, does auth-userdb socket's owner/group change or is it still root?
2010/9/20 Timo Sirainen tss@iki.fi:
And when you set those, does auth-userdb socket's owner/group change or is it still root?
Nope :( srw------- 1 root root 0 20. Sep 19:28 auth-client srw------- 1 dovecot root 0 20. Sep 19:28 auth-login srw------- 1 vmail vmail 0 20. Sep 19:28 auth-master srw------- 1 root root 0 20. Sep 19:28 auth-userdb srw------- 1 dovecot root 0 20. Sep 19:28 auth-worker
Config is: service auth { unix_listener auth-master { group = vmail user = vmail mode = 0600
} }
Seems like my config part is for the auth-master-sock only. So i need to at a unix_listener auth-userdb? (static)
Thanks
On Mon, 2010-09-20 at 19:32 +0200, Dieter Knopf wrote:
service auth { unix_listener auth-master {
You need to change auth-userdb, not auth-master
group = vmail user = vmail mode = 0600} }
Seems like my config part is for the auth-master-sock only. So i need to at a unix_listener auth-userdb? (static)
Or just change the auth-master name to auth-userdb. You're unlikely to need auth-master anyway.
participants (3)
-
Dieter Knopf
-
LEVAI Daniel
-
Timo Sirainen