dovecot.list.index.log owned by root: why?
I use these sql-queries to let all mailboxes be accessed by the uid=1001:
passdb sql {
default_password_scheme = MD5-CRYPT
passdb_sql_query = SELECT username as user, password, \
'/home/vmail/%{user | domain }/%{user}' as userdb_home, 'maildir:/home/vmail/%{user | domain }/%{user}' as userdb_mail,
1001 as userdb_uid, 1001 as userdb_gid FROM mailbox WHERE username =
'%{user}' AND active = '1'
}
userdb prefetch { }
( I assume this following query isn't used then anymore)
userdb sql {
userdb_sql_query = SELECT username as user, password,
'/home/vmail/%{user | domain }/%{user}' as userdb_home,
'maildir:/home/vmail/%{user | domain }/%{user}' as userdb_mail,
1001 as userdb_uid, 1001 as userdb_gid
FROM mailbox WHERE username = '%{user}' AND active = '1'
userdb_sql_iterate_query = SELECT userid AS username, domain FROM users
}
id 1001 uid=1001(vmail) gid=1001(vmail) groups=1001(vmail),118(dovecot)
I get errors like:
Apr 01 11:43:05 imap(logs@xunil.at)<1564491><N8oZ6WJO/uwgAQRwHwsMRX9ul+gRMpfY>: Error: open(/home/vmail/xunil.at/logs@xunil.at/dovecot.list.index.log) failed: Permission denied (euid=1001(vmail) egid=1001(vmail) missing +r perm: /home/vmail/xunil.at/logs@xunil.at/dovecot.list.index.log)
ls -l /home/vmail/xunil.at/logs@xunil.at/ total 944 drwx------ 2 vmail vmail 622592 Apr 1 11:43 cur -rw------- 1 vmail vmail 0 Jul 30 2021 dovecot-acl-list -rw------- 1 vmail vmail 3304 Apr 1 11:35 dovecot.index -rw------- 1 vmail vmail 202444 Apr 1 11:43 dovecot.index.cache -rw------- 1 vmail vmail 2908 Apr 1 11:43 dovecot.index.log -rw------- 1 vmail vmail 32892 Apr 1 11:35 dovecot.index.log.2 -rw------- 1 vmail vmail 91 Feb 9 2024 dovecot-keywords -rw------- 1 root root 5744 Apr 1 10:30 dovecot.list.index -rw------- 1 root root 480 Apr 1 10:52 dovecot.list.index.log
[..]
Why do these 2 files get owned by root now ... ?
All files below "/home/vmail" should be owned by vmail:vmail
I ran chown, and chgrp, sure .. but the errors return.
How to fix this? Thanks in advance!
On 1. Apr 2026, at 12.57, Stefan G. Weichinger via dovecot <dovecot@dovecot.org> wrote:
ls -l /home/vmail/xunil.at/logs@xunil.at/ total 944 drwx------ 2 vmail vmail 622592 Apr 1 11:43 cur -rw------- 1 vmail vmail 0 Jul 30 2021 dovecot-acl-list -rw------- 1 vmail vmail 3304 Apr 1 11:35 dovecot.index -rw------- 1 vmail vmail 202444 Apr 1 11:43 dovecot.index.cache -rw------- 1 vmail vmail 2908 Apr 1 11:43 dovecot.index.log -rw------- 1 vmail vmail 32892 Apr 1 11:35 dovecot.index.log.2 -rw------- 1 vmail vmail 91 Feb 9 2024 dovecot-keywords -rw------- 1 root root 5744 Apr 1 10:30 dovecot.list.index -rw------- 1 root root 480 Apr 1 10:52 dovecot.list.index.log
[..]
Why do these 2 files get owned by root now ... ?
That's very strange. It's not even supposed to be possible to configure Dovecot in a way that it writes to these files as root. If you look at your logs, can you see what process wrote these files at the time? imap, lmtp? Also what's your full doveconf -n output?
On 1. Apr 2026, at 13.17, Timo Sirainen via dovecot <dovecot@dovecot.org> wrote:
On 1. Apr 2026, at 12.57, Stefan G. Weichinger via dovecot <dovecot@dovecot.org> wrote:
ls -l /home/vmail/xunil.at/logs@xunil.at/ total 944 drwx------ 2 vmail vmail 622592 Apr 1 11:43 cur -rw------- 1 vmail vmail 0 Jul 30 2021 dovecot-acl-list -rw------- 1 vmail vmail 3304 Apr 1 11:35 dovecot.index -rw------- 1 vmail vmail 202444 Apr 1 11:43 dovecot.index.cache -rw------- 1 vmail vmail 2908 Apr 1 11:43 dovecot.index.log -rw------- 1 vmail vmail 32892 Apr 1 11:35 dovecot.index.log.2 -rw------- 1 vmail vmail 91 Feb 9 2024 dovecot-keywords -rw------- 1 root root 5744 Apr 1 10:30 dovecot.list.index -rw------- 1 root root 480 Apr 1 10:52 dovecot.list.index.log
[..]
Why do these 2 files get owned by root now ... ?
That's very strange. It's not even supposed to be possible to configure Dovecot in a way that it writes to these files as root. If you look at your logs, can you see what process wrote these files at the time? imap, lmtp? Also what's your full doveconf -n output?
Looking at your earlier mail, I see there is quota-status service, which apparently can run as root in some situations. So it's possibly somehow related to that, although I'm still not sure how that can happen.
Also does the problem go away if you simplify your config to:
mail_uid = 1001 mail_gid = 1001
passdb_sql_query = SELECT username as user, password FROM mailbox WHERE username = '%{user}' AND active = '1' userdb_sql_query = SELECT username as user FROM mailbox WHERE username = '%{user}' AND active = '1'
Am 01.04.26 um 12:24 schrieb Timo Sirainen:
That's very strange. It's not even supposed to be possible to configure Dovecot in a way that it writes to these files as root. If you look at your logs, can you see what process wrote these files at the time? imap, lmtp? Also what's your full doveconf -n output?
Seems you looked up my posting of the config from yesterday? great
Looking at your earlier mail, I see there is quota-status service, which apparently can run as root in some situations. So it's possibly somehow related to that, although I'm still not sure how that can happen.
Oh, didn't expect to create something that special ;-)
Also does the problem go away if you simplify your config to:
mail_uid = 1001 mail_gid = 1001
passdb_sql_query = SELECT username as user, password FROM mailbox WHERE username = '%{user}' AND active = '1' userdb_sql_query = SELECT username as user FROM mailbox WHERE username = '%{user}' AND active = '1'
Will try, but I am cautious: wouldn't I need userdb_home and userdb_mail also in my query?
Am 01.04.26 um 12:24 schrieb Timo Sirainen:
Also does the problem go away if you simplify your config to:
mail_uid = 1001 mail_gid = 1001
passdb_sql_query = SELECT username as user, password FROM mailbox WHERE username = '%{user}' AND active = '1' userdb_sql_query = SELECT username as user FROM mailbox WHERE username = '%{user}' AND active = '1'
Yes, that looks promising.
Edited my queries and mail_uid/mail_gid ... Permissions look better now, I click around in folders, send test mails ... so far no new such errors.
They will re-appear as soon I as I sent this message ;-)
thank you!
As I prepare the upgrade to 2.4 at a customer I work out all the details in my own setup ... and I prefer error-free setups, sure.
Am 01.04.26 um 12:17 schrieb Timo Sirainen via dovecot:
That's very strange. It's not even supposed to be possible to configure Dovecot in a way that it writes to these files as root. If you look at your logs, can you see what process wrote these files at the time? imap, lmtp? Also what's your full doveconf -n output?
ltmp and imap report problems accessing files (so they seem to run as user vmail, as intended).
I am unsure how to look up which process created the files. Maybe I can do that be rm-ing them and looking at the logs.
participants (2)
-
Stefan G. Weichinger
-
Timo Sirainen