[Dovecot] Ownership and permissions for the index directory/filesystem
I recently upgraded from DC 1.1.15 to 1.2.6. The /var/dcindx index root directory is:
drwxrwsrwt 3962 root sys 192512 Nov 13 11:56 ./
thus 3777.
It appears that the user index directories created under DC1.1 look like this (here for /var/dcindx/cep):
drwx--S--- 5 cep sys 256 Nov 13 14:26 cep/
while those created under V1.2 look like:
drwx------ 3 lrenart sys 256 Nov 12 14:59 lrenart/
It seems that the first time that DC goes to do indexing, I now see this error msg:
Nov 12 11:45:15 mercury mail:err|error dovecot: IMAP(bpyi): open(/var/spool/mail/bpyi) failed: Permission denied (euid=2586(bpyi) egid=2000(bard2) missing +w perm: /var/spool/mail)
...but never again...
Questions: directory ideal or should they be something else?
- Are the ownership and permissions on the /var/dcindx index root
- Ideally what should the ownership and permissions be for individual user subdirs? I create the user mail directories when creating a new account, so it would be little extra trouble to create and set the ownership and permissions.
I am currently using mbox mailbox format but will be migrating to maildir over the next some months. Dovecot -n
# 1.2.6: /usr/local/etc/dovecot.conf # OS: AIX 3 0001378F4C00
listen: *:143 ssl_listen: *:993 disable_plaintext_auth: no verbose_ssl: yes login_dir: /var/run/dovecot/login login_executable: /usr/local/libexec/dovecot/imap-login login_processes_count: 12 login_max_processes_count: 774 max_mail_processes: 1280 mail_max_userip_connections: 12 verbose_proctitle: yes first_valid_uid: 200 mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=/var/dcindx/%u mbox_write_locks: fcntl mbox_dirty_syncs: no lda: postmaster_address: postmaster@example.com auth default: passdb: driver: pam userdb: driver: passwd
-- ==== Once upon a time, the Internet was a friendly, neighbors-helping-neighbors small town, and no one locked their doors. Now it's like an apartment in Bed-Stuy: you need three heavy duty pick-proof locks, one of those braces that goes from the lock to the floor, and bars on the windows.... ==== Stewart Dean, Unix System Admin, Bard College, New York 12504 sdean@bard.edu voice: 845-758-7475, fax: 845-758-7035
On Fri, 2009-11-13 at 15:27 -0500, Stewart Dean wrote:
Nov 12 11:45:15 mercury mail:err|error dovecot: IMAP(bpyi): open(/var/spool/mail/bpyi) failed: Permission denied (euid=2586(bpyi) egid=2000(bard2) missing +w perm: /var/spool/mail)
It's trying to create bpyi user's INBOX that doesn't exist yet, but fails because it doesn't have write access to /var/spool/mail/ directory. Probably gets fixed by the time the user gets the first mail and your MTA creates the file.
Questions: directory ideal or should they be something else?
- Are the ownership and permissions on the /var/dcindx index root
They're fine.
- Ideally what should the ownership and permissions be for individual user subdirs? I create the user mail directories when creating a new account, so it would be little extra trouble to create and set the ownership and permissions.
0700, owned by the user.
participants (2)
-
Stewart Dean
-
Timo Sirainen