I am trying to get a shared folder to work. I created a directory /var/mail/CS:
drwxr-xr-x 3 root root 4096 Mar 10 16:09 /var/mail/CS
Inside of that I put
-rw-rw---- 1 root cs 0 Mar 10 16:49 dovecot-shared drwxrws--- 5 root cs 4096 Mar 10 16:09 .Incoming
When I try to subscribe to Incoming, I get the following error:
Mar 10 16:45:17 scacifs02-lnx dovecot: imap-login: Login: user=<stephen>, method=PLAIN, rip=10.212.202.63, lip=10.212.166.21, TLS Mar 10 16:45:17 scacifs02-lnx dovecot: IMAP(stephen): mkdir(/var/mail/CS/cur) failed: Permission denied Mar 10 16:45:28 scacifs02-lnx dovecot: IMAP(stephen): Connection closed
whats happening here? Why is dovecot even trying to create var/mail/CS/cur?
Version = 1.0.7
protocols: imaps listen: * ssl_cert_file: /etc/pki/dovecot/certs/scacifs02-lnx.dovecot.crt ssl_key_file: /etc/pki/dovecot/private/scacifs02-lnx.dovecot.key disable_plaintext_auth: yes login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login mail_location: maildir:~/Maildir maildir_copy_with_hardlinks: yes namespace: type: private separator: / inbox: yes namespace: type: public separator: / prefix: CS/ location: maildir:/var/mail/CS:CONTROL=~/Maildir/CS:INDEX=~/Maildir/CS auth default: passdb: driver: pam userdb: driver: passwd-file args: /etc/imap.passwd
-- Stephen Carville
On Mar 10, 2009, at 8:21 PM, Stephen Carville wrote:
Mar 10 16:45:17 scacifs02-lnx dovecot: IMAP(stephen): mkdir(/var/mail/CS/cur) failed: Permission denied Mar 10 16:45:28 scacifs02-lnx dovecot: IMAP(stephen): Connection
closedwhats happening here? Why is dovecot even trying to create var/mail/ CS/cur?
Version = 1.0.7
Because v1.0 is buggy here and always tries to create the Maildir
directories. Either create the cur/new/tmp for it or upgrade to v1.1.
On Tue, Mar 10, 2009 at 5:46 PM, Timo Sirainen tss@iki.fi wrote:
On Mar 10, 2009, at 8:21 PM, Stephen Carville wrote:
Mar 10 16:45:17 scacifs02-lnx dovecot: IMAP(stephen): mkdir(/var/mail/CS/cur) failed: Permission denied Mar 10 16:45:28 scacifs02-lnx dovecot: IMAP(stephen): Connection closed
whats happening here? Why is dovecot even trying to create var/mail/CS/cur?
Version = 1.0.7
Because v1.0 is buggy here and always tries to create the Maildir directories. Either create the cur/new/tmp for it or upgrade to v1.1.
Still no joy
My account on the imap server $ id stephen uid=501(stephen) gid=100(users) groups=10(wheel),100(users),1000(cs)
shared account user $ id cs uid=1000(cs) gid=1000(cs) groups=1000(cs)
as user=stephen (some hidden files removed from listing)
$ ls -lA /var/spool/mail/public total 20 drwxrwx--- 4 cs cs 4096 Mar 10 21:26 cs drwx------ 2 root root 16384 Mar 10 12:08 lost+found
$ ls -lA /var/spool/mail/public/cs total 40 drwxrwx--- 6 cs cs 4096 Mar 10 21:26 mail
$ ls -lA /var/spool/mail/public/cs/mail total 16 drwxrwx--- 2 cs cs 4096 Mar 10 21:09 cur -rw-rw---- 1 cs cs 0 Mar 10 19:56 dovecot-shared drwxrwx--- 5 cs cs 4096 Mar 10 21:01 .Incoming drwxrwx--- 2 cs cs 4096 Mar 10 21:09 new drwxrwx--- 2 cs cs 4096 Mar 10 21:09 tmp
$ ls -lA /var/spool/mail/public/cs/mail/.Incoming total 12 drwxrwx--- 2 cs cs 4096 Mar 10 21:01 cur -rw-rw---- 1 cs cs 0 Mar 10 21:01 dovecot-shared drwxrwx--- 2 cs cs 4096 Mar 10 21:01 new drwxrwx--- 2 cs cs 4096 Mar 10 21:01 tmp
Now when I try to subscribe
Mar 10 21:37:19 scacifs02-lnx dovecot: IMAP(stephen): opendir(/var/spool/mail/public/cs/mail) failed: Permission denied Mar 10 21:37:19 scacifs02-lnx dovecot: IMAP(stephen): Connection closed
This make no sense to me. I am a member if the cs group which has rwx perms for all the directories from cs on down. How can I not have permission to open the directory?
In fact:
$ perl -e 'opendir DIR,"/var/spool/mail/public/cs/mail" or die $!;@aa=readdir(DIR);close DIR;foreach(@aa){print "$_\n";}' . cur new .Incoming .. tmp
So I do have permission to open the directory but dovecot doesn't agree (Is this a sign I should just give up on 1.0.7? :-)
My config changed a bit:
# 1.0.7: /etc/dovecot.conf protocols: imaps listen: * ssl_cert_file: /etc/pki/dovecot/certs/scacifs02-lnx.dovecot.crt ssl_key_file: /etc/pki/dovecot/private/scacifs02-lnx.dovecot.key disable_plaintext_auth: yes login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login mail_location: maildir:~/Maildir maildir_copy_with_hardlinks: yes namespace: type: private separator: / inbox: yes namespace: type: public separator: / prefix: CS/ location: maildir:/var/spool/mail/public/cs/mail:CONTROL=~/Maildir/CS:INDEX=~/Maildir/CS auth default: debug: yes passdb: driver: pam userdb: driver: passwd-file args: /etc/imap.passwd
-- Stephen Carville
On Wed, Mar 11, 2009 at 4:02 AM, Charles Marcus CMarcus@media-brokers.com wrote:
So I do have permission to open the directory but dovecot doesn't agree (Is this a sign I should just give up on 1.0.7? :-)
Yes... 1.1 is much better, but 1.2 is getting very close and is even better still...
Personally, I'd just move on to 1.2...
I upgraded to 1.1.7 and still get the same error tho with a lot more log output:
Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=10.212.166.21#011rip=10.212.202.63#011lport=993#011rport=57543#011resp=<hidden> Mar 11 08:46:49 scacifs02-lnx dovecot: auth-worker(default): pam(stephen,10.212.202.63): lookup service=dovecot Mar 11 08:46:49 scacifs02-lnx dovecot: auth-worker(default): pam(stephen,10.212.202.63): #1/1 style=1 msg=Password: Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): client out: OK#0111#011user=stephen Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): master in: REQUEST#0112#01123763#0111 Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): passwd-file(stephen,10.212.202.63): lookup: user=stephen file=/etc/imap.passwd Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): master out: USER#0112#011stephen#011uid=501#011gid=10#011home=/home/stephen Mar 11 08:46:49 scacifs02-lnx dovecot: imap-login: Login: user=<stephen>, method=PLAIN, rip=10.212.202.63, lip=10.212.166.21, TLS Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): Effective uid=501, gid=10, home=/home/stephen Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): Namespace: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): maildir: data=~/Maildir Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): maildir++: root=/home/stephen/Maildir, index=, control=, inbox=/home/stephen/Maildir Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): Namespace: type=public, prefix=CS/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): maildir: data=/var/spool/mail/public/cs/mail:CONTROL=~/Maildir/CS:INDEX=~/Maildir/CS Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): maildir++: root=/var/spool/mail/public/cs/mail, index=/home/stephen/Maildir/CS, control=/home/stephen/Maildir/CS, inbox= Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): opendir(/var/spool/mail/public/cs/mail) failed: Permission denied Mar 11 08:46:49 scacifs02-lnx dovecot: IMAP(stephen): Connection closed bytes=42/1069 Mar 11 08:46:49 scacifs02-lnx dovecot: auth(default): new auth connection: pid=23773
Dovecot still insists I don't have permission to open the directory.
As an ordinary IMAP server Dovecot performs very well. It is only public/shared folders that are causing a problem. Unfortunately that is exactly what the boss wants now.
-- Stephen Carville
I did some more testing and it looks like "public" really means "public" !
For example:
$ id stephen uid=501(stephen) gid=100(users) groups=100(users),10(wheel),1000(cs)
Normally stephen should have rwx access to the following directory:
$ ls -ald /usr/mail/public/cs drwxrwx--- 4 cs cs 4096 Mar 11 07:22 /usr/mail/public/cs
But dovecot it insists
Mar 11 09:59:23 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs) failed: Permission denied
Id I change the permissions:
$ ls -ald /usr/mail/public/cs drwxrwxr-x 4 cs cs 4096 Mar 11 07:22 /usr/mail/public/cs
it now fails at:
Mar 11 10:07:02 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail) failed: Permission denied
If I change the permission on that directory
$ ls -lad /usr/mail/public/cs/mail drwxrwxr-x 3 cs cs 4096 Mar 10 22:07 /usr/mail/public/cs/mail
Mar 11 10:14:12 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail/.Incoming) failed: Permission denied
one more level
$ ls -lad /usr/mail/public/cs/mail/.Incoming drwxrwxr-x 5 cs cs 4096 Mar 10 21:01 /usr/mail/public/cs/mail/.Incoming
Mar 11 10:16:45 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail/.Incoming/new) failed: Permission denied
and again:
$ ls -lA /usr/mail/public/cs/mail/.Incoming total 12 drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 cur -rw-rw---- 1 cs cs 0 Mar 10 21:01 dovecot-shared drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 new drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 tmp
Now I try to move a mail into the Incoming folder:
Mar 11 10:20:50 scacifs02-lnx dovecot: IMAP(stephen): open(/usr/mail/public/cs/mail/.Incoming/tmp/1236792050.M931023P1390.scacifs02-lnx.totalflood.com) failed: Permission denied
The only two ways I can get public folders to work is to
set the directory perms to 777.
make sure all user have the same primary group and make that groups for the public folder.
Neither of the above are particularly desirable nor practical. Is there another way?
participants (3)
-
Charles Marcus
-
Stephen Carville
-
Timo Sirainen