Re: [Dovecot] started with dovecot sieve
Rolf wrote:
Jun 25 20:22:54 rolf14 dovecot: lda(rolf): Error: setegid(privileged) failed: Operation not permitted
Manual page "man 2 setegid" states that
setegid() sets the effective group ID of the calling process. Unprivi- leged user processes may only set the effective group ID to the real group ID, the effective group ID or the saved set-group-ID.
Your "postfix" user is a member of group "mail", but "mail" which you configured as "mail_privileged_group = vmail" is neither the primary group of user "postfix", nor is it the effective group id of the calling postfix process.
Therefore you might get the error as documented in the manpage setegid(2):
EPERM The calling process is not privileged (Linux: does not have the CAP_SETUID capability in the case of seteuid(), or the CAP_SET- GID capability in the case of setegid()) and euid (respectively, egid) is not the real user (group) ID, the effective user (group) ID, or the saved set-user-ID (saved set-group-ID).
Regards Daniel
Am 2012-06-26 23:47, schrieb Daniel Parthey:
Yes, thank you Daniel for pointing me to this subjects. Now I got a bit a deeper understanding how a file gets executed. My problem is that I do not exactly know from the error message who is starting what by which effective group id and to what group id it tries to switch. All guessing did not lead to a result.
I tried: postfix is starting deliver with the effective group id "postfix" and wants to set the group id either to "mail" or to "rolf". But no success.
participants (2)
-
Daniel Parthey
-
mailinglist