[Dovecot] public folders fchown error
I was hoping this would be the right place to look for some help, I cannot make public folders get the right permissions. I continually get the fchown error in logs, and have googled high an low to find multiple solutions that do not work for me.
I'm using maildir. I have sendmail with postfix distributing my mail. I created maildir's in each users personal directory. I then thought it would be neat to set up a public folder that people could dump spam and ham into, then have a cron script go through the directory and automatically sort it for bayes. However, when I put a file in the public folder, the permissions do not seem to work.
I've put a dovecot-shared file with root.mail permissions, 660, in just about every directory (all the public folder directories, and every personal user's control and index location), I've chmod'd to 777 each file and folder to test, etc, and no matter what, the dovecot.index.tmp in the user's index folder comes through with their permissions, and this error shows up.
Am I thinking this is something different then what it is or am I completely off base?
Thanks in advance, Bob
dovecot 1.0.13 (debian install)
# 1.0.13: /etc/dovecot/dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap imaps pop3 pop3s login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login login_executable(pop3): /usr/lib/dovecot/pop3-login mail_privileged_group: mail mail_location: maildir:/home/%u/Mail/Inbox umask: 7 mail_executable(default): /usr/lib/dovecot/imap mail_executable(imap): /usr/lib/dovecot/imap mail_executable(pop3): /usr/lib/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/modules/imap mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3 pop3_uidl_format(default): pop3_uidl_format(imap): pop3_uidl_format(pop3): %08Xu%08Xv namespace: type: public separator: / prefix: Public/ location: maildir:/var/mail/public:CONTROL=~/Mail/public/public:INDEX=~/Mail/public/index namespace: type: private separator: / inbox: yes auth default: mechanisms: plain login passdb: driver: pam userdb: driver: passwd
Yep, I'm an idiot... it was a late night. I meant to say procmail as the local mailer to get the maildirs instead of mbox.
On 3/24/2008, junk@mc1.mccarthy.ac (junk@mc1.mccarthy.ac) wrote:
I have sendmail with postfix distributing my mail.
???
Is it sendmail or postfix?
--
Best regards,
Charles
On Mon, 2008-03-24 at 20:47 -0600, junk@mc1.mccarthy.ac wrote:
I was hoping this would be the right place to look for some help, I cannot make public folders get the right permissions. I continually get the fchown error in logs, and have googled high an low to find multiple solutions that do not work for me.
What exactly is the fchown error message?
Here are some examples... from what I can tell in google, dovecot is failing trying to change these files to the mail group dovecot is running under? I've manually changed everything under these folders to be 777, as well as root.mail permissions, they just change back to being owned by the user, and then dovecot can't change them to mail... at least I think that's what's happening.
dovecot: IMAP(admin): fchown(/home/admin/Mail/public/public/.SpamReport/dovecot-uidlist) failed: Operation not permitted dovecot: IMAP(bob): fchown(/home/bob/Mail/public/public/.SpamReport/dovecot-uidlist) failed: Operation not permitted dovecot: IMAP(bob): fchown() failed with file /home/bob/Mail/public/index/.SpamReport/dovecot.index.tmp: Operation not permitted dovecot: IMAP(mike): fchown() failed with file /home/mike/Mail/public/index/.Contacts/dovecot.index.log: Operation not permitted
On Mon, 2008-03-24 at 20:47 -0600, junk@mc1.mccarthy.ac wrote:
I was hoping this would be the right place to look for some help, I cannot make public folders get the right permissions. I continually get the fchown error in logs, and have googled high an low to find multiple solutions that do not work for me.
What exactly is the fchown error message?
On Tue, 2008-03-25 at 10:29 -0600, junk@mc1.mccarthy.ac wrote:
Here are some examples... from what I can tell in google, dovecot is failing trying to change these files to the mail group dovecot is running under? I've manually changed everything under these folders to be 777, as well as root.mail permissions, they just change back to being owned by the user, and then dovecot can't change them to mail... at least I think that's what's happening.
dovecot: IMAP(admin): fchown(/home/admin/Mail/public/public/.SpamReport/dovecot-uidlist) failed: Operation not permitted
Dovecot tries to change the created dovecot-uidlist's group to the same group as "dovecot-shared" file has. If its group is "mail", then:
mail_privileged_group: mail
This isn't enough, because it grants access to mail group only while dotlocking mboxes. Use mail_access_groups=mail instead. Or probably a better idea would be to use a newly greated group instead of the mail group to make sure your users don't get accidentally access to unintended files.
(If you'd just want everyone to be able to read/write to the public mailboxes, with v1.1 you could mark the dovecot-shared file 02666 and Dovecot wouldn't try to change the group).
At first glance, that appears to have worked. I made a new group mailpublic, I've chown'd all dovecot-shared and the entire public mail folder to root.mailpublic, set the mail_access_groups to mailpublic, and that seems to have worked.
Just out of curiousity, is there a place this is documented that I should have found? I coulnd't find it in the wiki, and if there was more info on it, I'd be happy to put something together for the shared mailboxes page.
Thanks again for the help.
On Tue, 2008-03-25 at 10:29 -0600, junk@mc1.mccarthy.ac wrote:
Here are some examples... from what I can tell in google, dovecot is failing trying to change these files to the mail group dovecot is running under? I've manually changed everything under these folders to be 777, as well as root.mail permissions, they just change back to being owned by the user, and then dovecot can't change them to mail... at least I think that's what's happening.
dovecot: IMAP(admin): fchown(/home/admin/Mail/public/public/.SpamReport/dovecot-uidlist) failed: Operation not permitted
Dovecot tries to change the created dovecot-uidlist's group to the same group as "dovecot-shared" file has. If its group is "mail", then:
mail_privileged_group: mail
This isn't enough, because it grants access to mail group only while dotlocking mboxes. Use mail_access_groups=mail instead. Or probably a better idea would be to use a newly greated group instead of the mail group to make sure your users don't get accidentally access to unintended files.
(If you'd just want everyone to be able to read/write to the public mailboxes, with v1.1 you could mark the dovecot-shared file 02666 and Dovecot wouldn't try to change the group).
junk@mc1.mccarthy.ac wrote:
At first glance, that appears to have worked. I made a new group mailpublic, I've chown'd all dovecot-shared and the entire public mail folder to root.mailpublic, set the mail_access_groups to mailpublic, and that seems to have worked.
Just out of curiousity, is there a place this is documented that I should have found? I coulnd't find it in the wiki, and if there was more info on it, I'd be happy to put something together for the shared mailboxes page.
Did you see this one? http://wiki.dovecot.org/SharedMailboxes
Mark
participants (4)
-
Charles Marcus
-
junk@mc1.mccarthy.ac
-
Mark Nienberg
-
Timo Sirainen