[Dovecot] This binary should probably be called with process group set to (vmail) instead of (userid)
Im sorry to ask another basic question, but Ive tried to find this answer for several hours now and it eludes me. Im getting the following when dovecot tries to deliver an email:
May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff))
I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at? AFAIK Ive set everything up to use/deliver as 'vmail'. 'jeff' is the only person on this box with a unix account which is uid 500, but how do I make it use vmail instead?
Thanks for the help! Jeff
postfix master.cf:
virtual_transport = vmail mailbox_command=/opt/dovecot/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
dovecot -n:
# 2.1.5: /opt/dovecot/etc/dovecot/dovecot.conf # OS: Linux 2.6.35.14-106.fc14.x86_64 x86_64 Fedora release 14 (Laughlin) ext4 auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_socket_path = /opt/dovecot215/var/run/dovecot/auth-userdb auth_verbose = yes auth_verbose_passwords = plain default_client_limit = 225 default_internal_user = vmail disable_plaintext_auth = no first_valid_gid = 999 first_valid_uid = 999 listen = * lock_method = flock mail_debug = yes mail_gid = vmail mail_home = /opt/imapdata/vmailhome mail_location = mbox:/opt/imapdata/%1n/%n:INDEX=/opt/imapdata/%1n/%n mail_privileged_group = vmail mail_uid = vmail mbox_lock_timeout = 1 mins mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = / type = private } passdb { args = /opt/dovecot/etc/dovecot/conf.d/dovecot-sql.conf.ext driver = sql } plugin { mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename mail_log_fields = uid box msgid size } protocols = imap service auth { inet_listener { port = 12345 } unix_listener auth-userdb { group = vmail mode = 0666 user = vmail } user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } service_count = 1 } ssl_cert =
/mf/home/jeep/shell/.signature
Im sorry to ask another basic question, but Ive tried to find this answer for several hours now and it eludes me. Im getting the following when dovecot tries to deliver an email:
May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff))
I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at? AFAIK Ive set everything up to use/deliver as 'vmail'. 'jeff' is the only person on this box with a unix account which is uid 500, but how do I make it use vmail instead?
I forgot to show my dovecot-lda, it seems correct and its setuid as well:
-rwsr-x--x 1 vmail vmail 75789 Apr 28 08:15 dovecot-lda*
Anyone? I seem to be in permissions hell trying to set things up. Thank you
/mf/home/jeep/shell/.signature
On 7.5.2012, at 22.11, Jeff Lacki wrote:
Im sorry to ask another basic question, but Ive tried to find this answer for several hours now and it eludes me. Im getting the following when dovecot tries to deliver an email:
May 6 19:29:21 mydomain dovecot: lda: Debug: auth input: jeff home=/opt/imapdata/j/jeff/INBOX uid=1001 gid=999 May 6 19:29:21 mydomain dovecot: lda(jeff): Fatal: setgid(999(vmail) from userdb lookup) failed with euid=999(vmail), gid=500(jeff), egid=500(jeff): Operation not permitted (This binary should probably be called with process group set to 999(vmail) instead of 500(jeff))
I cannot seem to find where its trying to call dovecot-lda with uid(jeff) at?
Postfix is calling dovecot-lda as jeff.
I forgot to show my dovecot-lda, it seems correct and its setuid as well:
-rwsr-x--x 1 vmail vmail 75789 Apr 28 08:15 dovecot-lda*
You shouldn't make it setuid in a vmail setup. And by removing the suid bit from it I'm guessing the error message will also change to say that euid=jeff.
postfix master.cf:
virtual_transport = vmail mailbox_command=/opt/dovecot/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"
mailbox_command shouldn't be used to deliver mails to virtual users. Use http://wiki2.dovecot.org/LDA/Postfix#Virtual_users instead.
participants (2)
-
jeep@rahul.net
-
Timo Sirainen