[Dovecot] Problem with virtual mail user login users uid not permitted
Hello,
I am trying to run exim 4.68 and dovecot 1.0.13 on Solaris 10 x86 5/08
using dovecot lda and sieve with virtual users and domains, tls and
ssl. At the moment certificates are from my internal CA Exim and
Dovecot, dovecot lda and dovecot sieve were downloaded and installed
from Blastwave. Mail delivery (ie from Exim to dovecot via dovecot
lda) is working correctly but when I try to access mail using imap
from a client (eg. Thunderbird) the login fails. My mail user for
accessing virtual user mail is vmail (uid=954, gid=954). I have
attached the messages from dovecot.log and the output of dovecot -n
below as well as contents from the passdb file.
Can anyone point me to where I've gone wrong, I've had this working
fine on Linux but Solaris just doesn't seem to want to play :-)
Thanks,
Neil
-- E neil@neologix.net
My passdb file contents:
lothar# cat /opt/csw/etc/vmail/comms.neologix/passwd
neil:{MD5-CRYPT}$1$Lik.5MFj$PJKYoXEfADgTiK1PI6aa01:954:954::/export/
home/vmail/comms.neologix/users/
neil::userdb_quota=maildir:storage=10240
mail_plugins=cmusieve,quota,imap_quota sieve=.dovecot.sieve
Contents of dovecot.log:
dovecot: May 12 15:13:45 Info: auth(default): passwd-file /opt/csw/etc/
vmail/comms.neologix/passwd: Read 2 users
dovecot: May 12 15:13:45 Info: auth(default): passwd-file(neil@comms.neologix
,192.168.1.100): lookup: user=neil file=/opt/csw/etc/vmail/
comms.neologix/passwd
dovecot: May 12 15:13:45 Info: auth(default): client out: OK
1 user=neil@comms.neologix
mail_plugins=cmusieve,quota,imap_quota sieve=.dovecot.sieve
dovecot: May 12 15:13:45 Error: user neil@comms.neologix: Logins with
login_user's UID 954 not permitted (see http://wiki.dovecot.org/
UserIds).
dovecot: May 12 15:13:45 Info: auth(default): master in:
REQUEST 1 16850 1
dovecot: May 12 15:13:45 Info: auth(default):
passwd(neil@comms.neologix,192.168.1.100): lookup
dovecot: May 12 15:13:45 Info: auth(default):
passwd(neil@comms.neologix,192.168.1.100): unknown user
dovecot: May 12 15:13:45 Info: auth(default): passwd-file(neil@comms.neologix
,192.168.1.100): lookup: user=neil file=/opt/csw/etc/vmail/
comms.neologix/passwd
dovecot: May 12 15:13:45 Info: auth(default): master out: USER
1 neil@comms.neologix uid=954 gid=954 home=/export/home/
vmail/comms.neologix/users/neil quota=maildir:storage=10240
dovecot: May 12 15:13:45 Info: imap-login: Internal login failure:
user=neil@comms.neologix, method=PLAIN, rip=192.168.1.100,
lip=192.168.1.229, TLS
The output from dovecot -n is:
lothar# dovecot -n # 1.0.13: /opt/csw/etc/dovecot.conf base_dir: /opt/csw/var/run/dovecot/ log_path: /opt/csw/var/log/dovecot.log ssl_cert_file: /opt/csw/ssl/certs/dovecot-cert.pem ssl_key_file: /opt/csw/ssl/private/dovecot-key-np.pem verbose_ssl: yes login_dir: /opt/csw/var/run/dovecot//login login_executable: /opt/csw/libexec/dovecot/imap-login login_user: vmail first_valid_uid: 900 last_valid_uid: 1900 first_valid_gid: 900 last_valid_gid: 1900 mail_location: maildir:%h/Maildir mail_debug: yes auth default: username_format: %Lu verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /opt/csw/etc/vmail/%d/passwd userdb: driver: passwd userdb: driver: passwd-file args: /opt/csw/etc/vmail/%d/passwd socket: type: listen client: path: /opt/csw/var/run/dovecot/auth-client mode: 432 master: path: /opt/csw/var/run/dovecot/auth-master mode: 384 user: vmail group: vmail plugin: sieve: %h/.dovecot.sieve quota: maildir
Unfortunately, I received no replies on this problem so I guess that
there are very few people using Dovecot and Exim with virtual users on
Solaris 10 :=( ...
... I do now have a working mail system of sorts but with real unix
users so the virtual mail domains issues still remains for me to
solve. I'm running Exim with clamav, spamassassin, rbl checking etc
(and dovecot of course). If anyone wants to know more about my
configuration then I am happy to talk off list.
Neil
E neil@neologix.net
Hello,
I am trying to run exim 4.68 and dovecot 1.0.13 on Solaris 10 x86
5/08 using dovecot lda and sieve with virtual users and domains, tls
and ssl. At the moment certificates are from my internal CA Exim and
Dovecot, dovecot lda and dovecot sieve were downloaded and installed
from Blastwave. Mail delivery (ie from Exim to dovecot via dovecot
lda) is working correctly but when I try to access mail using imap
from a client (eg. Thunderbird) the login fails. My mail user for
accessing virtual user mail is vmail (uid=954, gid=954). I have
attached the messages from dovecot.log and the output of dovecot -n
below as well as contents from the passdb file.
<snip> doveco
At 9:12 AM +1000 5/14/08, Neil Muller wrote:
Unfortunately, I received no replies on this problem so I guess that there are very few people using Dovecot and Exim with virtual users on Solaris 10 :=(
Or the list just doesn't always respond in a swift manner...
You problem is fully expressed in the log message you posted:
At 3:19 PM +1000 5/12/08, Neil Muller wrote:
dovecot: May 12 15:13:45 Error: user neil@comms.neologix: Logins with login_user's UID 954 not permitted (see http://wiki.dovecot.org/UserIds).
login_user is the user that the imap-login and pop3-login processes run as, by default 'dovecot'
The page cited in that log message says it all:
Dovecot user
dovecot user is used internally for processing users' logins. It shouldn't have access to any files or anything else either. It should belong to its own private dovecot group where no-one else belongs to, and which doesn't have access to any files either (other than what Dovecot internally creates).
dovecot user isn't used for any kind of mail processing - don't store users' mails as dovecot, and don't put dovecot user to mail or any other groups.
You can change the default dovecot user to something else from login_user setting.
Your config shows that you set login_user to 'vmail' which is the user you are using for your virtual users. That is wrong.
-- Bill Cole bill@scconsult.com
participants (2)
-
Bill Cole
-
Neil Muller