Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
On 06.03.2018 21:55, Yves Goergen wrote:
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
Your problem is that your Trash folder appears to be on different volume than the folder you are attempting to delete.
Aki
Ehm, really, no. There is only one volume and the entire directory structure in in the main file system. That clearly is not the case.
I'm wondering why the directories have different permissions in the first place. Where are they defined?
Yves
Von: Aki Tuomi Gesendet: Mi, 2018-03-07 10:50 +0100
On 06.03.2018 21:55, Yves Goergen wrote:
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
Your problem is that your Trash folder appears to be on different volume than the folder you are attempting to delete.
Aki
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox ---Aki TuomiDovecot oy -------- Original message --------From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore. This looks like a dovecot bug to me. -Yves ________________________________________ Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100 Hi there, I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018". What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)? Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10. -Yves
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.list@unclassified.de> wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
I couldn't find anything relevant between all the debug log lines. Is that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
Von: Aki Tuomi Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.list@unclassified.de> wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
I guess you have had different version(s) or setting(s) in the past, and you can probably fix this by setting perms to same as the new folders.
Aki
On 21.05.2018 11:46, Yves Goergen wrote:
I couldn't find anything relevant between all the debug log lines. Is that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
Von: Aki Tuomi Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.list@unclassified.de> wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
I've looked up the mode letters and tried this command:
chmod go-rx .Trash
The Trash subdirectories already have the same mode as the mailbox directory. With the changed mode on .Trash, the deletion did work. So I guess my maildirs were created with the wrong mode. I'm using this script to create them:
---8<---------
mkdir -p -m 700 "/var/mail/virtual" mkdir -p -m 700 "/var/mail/virtual/$1" mkdir -p -m 700 "/var/mail/virtual/$1/$2" mkdir -p -m 700 "/var/mail/virtual/$1/$2/cur" mkdir -p -m 700 "/var/mail/virtual/$1/$2/new" mkdir -p -m 700 "/var/mail/virtual/$1/$2/tmp"
# Create default folders mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/new" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/tmp" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/cur" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/new" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/tmp" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/cur" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/new" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/tmp"
# Set up subscriptions cat <<EOF >"/var/mail/virtual/$1/$2/subscriptions" Trash Sent Drafts EOF
---8<---------
Not sure why this doesn't work. It should create directories with drwx------ but it seems to result in the strange drwxr-sr-x. The SGID bit (sticky on group) seems to be inherited from the parent directory. Also not sure why I would need that.
Actually I believe that the mail user should have full access to all maildirs, and no other user. drwx------ should be perfectly sufficient for that.
Maybe Courier-IMAP (which I've used long long ago before Dovecot) needed these weird modes. Does anybody know something about that?
-Yves
Von: Aki Tuomi Gesendet: Mo, 2018-05-21 10:49 +0200
I guess you have had different version(s) or setting(s) in the past, and you can probably fix this by setting perms to same as the new folders.
Aki
On 21.05.2018 11:46, Yves Goergen wrote:
I couldn't find anything relevant between all the debug log lines. Is that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
Von: Aki Tuomi Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.list@unclassified.de> wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
In an effort to analyse this, I think I have found the cause for the inconsistent permissions.
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur"
will create .Trash/cur with mode 700. But if .Trash doesn't already exist, it will be created with some default mode which is not 700.
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash" mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur"
This creates both directories explicitly and with mode 700.
I could get a list of all directories with unexpected mode with
find /var/mail/virtual -perm -go=rx
And this command fixed the directories (tested in the range of a single domain for now):
find /var/mail/virtual -perm -go=rx |xargs chmod go-rx
Please let me know if there are any problems with this procedure. I don't expect having the initial issue again with corrected maildir folder permissions and the corrected maildir creation script.
-Yves
Von: Aki Tuomi Gesendet: Mo, 2018-05-21 10:49 +0200
I guess you have had different version(s) or setting(s) in the past, and you can probably fix this by setting perms to same as the new folders.
Aki
On 21.05.2018 11:46, Yves Goergen wrote:
I couldn't find anything relevant between all the debug log lines. Is that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
Von: Aki Tuomi Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.list@unclassified.de> wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.13 (7b14904) doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21: ssl_parameters_regenerate should have 'hours' suffix # OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS auth_mechanisms = plain login disable_plaintext_auth = no first_valid_uid = 8 imap_idle_notify_interval = 5 mins last_valid_uid = 8 listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1 log_timestamp = "%Y-%m-%d %H:%M:%S " mail_gid = 8 mail_plugins = quota mail_privileged_group = mail mail_uid = 8 namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { quota = maildir } protocols = imap pop3 service imap-login { process_limit = 300 } ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem ssl_cipher_list = ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048 ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem ssl_parameters_regenerate = 1 hours ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3 userdb { driver = prefetch } protocol imap { mail_max_userip_connections = 100 mail_plugins = quota imap_quota }
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/ drwxr-xr-x root root / drwxr-xr-x root root var drwxrwsr-x root mail mail drwx--S--- mail mail virtual drwx--S--- mail mail ****.de drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136 drwx--S--- 12 mail mail 4096 Mai 19 13:52 . drwx--S--- 4 mail mail 4096 Mär 4 12:23 .. drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur -rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index -rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache -rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log -rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords -rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log -rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist -rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity -r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk -rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize drwx--S--- 2 mail mail 4096 Mai 19 13:32 new drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent -rw------- 1 mail mail 62 Mai 16 17:42 subscriptions drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
Von: Aki Tuomi Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf -n and full output of namei -vl /full/path/to/mailbox
Aki Tuomi Dovecot oy
-------- Original message -------- From: Yves Goergen <nospam.list@unclassified.de> Date: 19/05/2018 18:51 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
Von: Yves Goergen Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a folder in Thunderbird I get the error message "renaming not supported across conflicting directory permissions". Looking up the error on the web led me to checking the mailbox directory's permissions. They're inconsistent in new mailboxes. While every single directory in an old mailbox has "drwx--S---", some of the directories in a new mailbox have "drwxr-sr-x" instead. I'm not sure what that means. The folders with the later permissions are "Drafts", "Sent" and "Trash". Folders with the first permissions are "Junk", "Archives" and "Archives.2018". All folders were created by Thunderbird automatically. Now I wanted to delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the same event on the same mail server have different permissions and why can't I delete one of them (which would probably move it into the trash folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on Windows 10.
-Yves
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 21 May 2018, Yves Goergen wrote:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
Well, there is the first error, too:
yg/.Test doesn't exist yet
is it possible, that you are subscribed to a non-existant folder? Thunderbird (or some versions anyway) will display any subscribed folder, regardless if it exists or not.
Dovecot fails to both delete or rename non-existant folders.
Checkout the local file "subscriptions" in your mailbox storage. (Close any mail client before).
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWwPXicQnQQNheMxiAQLGFAf/Wzy0BkUBTROoi5qxzk+kjCdLVfpWkuth l5ubst9ktPmMbE1M3TFyL05ovAH1FPn+ebYTYOAS6ge2qrtgZoejzvtOxZ34hCnV gHR7P6fDA/Kj+NCO0xRzS522K/Y42JSgkg1MDGkauiJ4R+RoUabo6Fbi+EToUOGy b/oE8iDvG2toL06zUj1vptpq1kCjNDO3WKfb9DeNJQq186fpudSuz2VaHgr8lpCF zbKooIPPLLn+0QIYPpusoJMz3nAqGNrZC+gKdmdB83nhogUi5jAzwBNGmA9I/5yn g3mx68jM9cdWquHJWpJpgAlvAMys0fqz5dnZx/zNNd6d2X5pYzRRtA== =UED3 -----END PGP SIGNATURE-----
On Tue, May 22, 2018 at 10:40, Steffen Kaiser <skdovecot@inf.h-brs.de> wrote:
Thunderbird (or some versions anyway) will display any subscribed folder, regardless if it exists or not.
Dovecot fails to both delete or rename non-existant folders.
Checkout the local file "subscriptions" in your mailbox storage. (Close any mail client before).
More explicitly, there are three possible actions here:
the postmaster edits a user's subscription file in the server :-((
the user edits the same file using their own client software (Thunderbird fails on this) :-(
Thunderbird is patched to automatically clear the subscription file from non-existent folders :-)
On Tue, May 22, 2018 at 13:58, Rupert Gallagher <ruga@protonmail.com> wrote:
On Tue, May 22, 2018 at 10:40, Steffen Kaiser <skdovecot@inf.h-brs.de> wrote:
Thunderbird (or some versions anyway) will display any subscribed folder, regardless if it exists or not.
Dovecot fails to both delete or rename non-existant folders.
Checkout the local file "subscriptions" in your mailbox storage. (Close any mail client before).
More explicitly, there are three possible actions here:
- the postmaster edits a user's subscription file in the server :-((
- the user edits the same file using their own client software (Thunderbird fails on this) :-(
- Thunderbird is patched to automatically clear the subscription file from non-existent folders :-)
There is a fourth possibility: dovecot is patched to clear the subscription file from non-existent folders. :-))
That must be a wrong observation. ".Trash.Test" didn't exist, because ".Test" should be moved there. That looks expected to me. ".Test" itself did exist and the log didn't say anything else.
But I've already found the issue. My maildirs (created by a system management script) had unexpected permissions. While everything worked, Dovecot denied deleting such a folder because it didn't have the exact same permissions, albeit both accessible.
-Yves
Von: Steffen Kaiser Gesendet: Di, 2018-05-22 10:40 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 21 May 2018, Yves Goergen wrote:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default permissions May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace : Using permissions from /var/mail/virtual/****.de/yg: mode=0700 gid=default May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace : /var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not supported across conflicting directory permissions (0.000 + 0.000 secs).
Well, there is the first error, too:
yg/.Test doesn't exist yet
is it possible, that you are subscribed to a non-existant folder? Thunderbird (or some versions anyway) will display any subscribed folder, regardless if it exists or not.
Dovecot fails to both delete or rename non-existant folders.
Checkout the local file "subscriptions" in your mailbox storage. (Close any mail client before).
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWwPXicQnQQNheMxiAQLGFAf/Wzy0BkUBTROoi5qxzk+kjCdLVfpWkuth l5ubst9ktPmMbE1M3TFyL05ovAH1FPn+ebYTYOAS6ge2qrtgZoejzvtOxZ34hCnV gHR7P6fDA/Kj+NCO0xRzS522K/Y42JSgkg1MDGkauiJ4R+RoUabo6Fbi+EToUOGy b/oE8iDvG2toL06zUj1vptpq1kCjNDO3WKfb9DeNJQq186fpudSuz2VaHgr8lpCF zbKooIPPLLn+0QIYPpusoJMz3nAqGNrZC+gKdmdB83nhogUi5jAzwBNGmA9I/5yn g3mx68jM9cdWquHJWpJpgAlvAMys0fqz5dnZx/zNNd6d2X5pYzRRtA== =UED3 -----END PGP SIGNATURE-----
On May 19, 2018, at 09:51, Yves Goergen <nospam.list@unclassified.de> wrote:
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? Every new folder that I create in the mailbox through Thunderbird (IMAP) has the wrong permission and cannot be deleted anymore.
I don’t see this behavior at all, but I don’t use Thunderbird. Folders I create via mail clients have the right permissions and I can delete them from the clients as well.
-- My main job is trying to come up with new and innovative and effective ways to reject even more mail. I'm up to about 97% now.
Yves Goergen wrote:
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? On a lark, I looked through my dirs @ permissions. Shorted lines a bit so they'd fit w/o extra lines between them using: (get rid of text before permissions, and shorten user/group to a few letter) find . -type d -ls|sed -r 's/^\s*\S+\s+\S+\s+// ; s/linda(group)?/usr/g'
Made it wasy to look down the 1st column and find where things were different. FWIW, using mbox format.
My base permissions were : drwxrwxr-x most were: : drwxrwsr-x I noticed that subdirs I created *by hand* (to later move folders into), often had different permissions : drwxrwsr--
The first auto-dir created by dovecot (.imap under top dir) had some perms drawn from the base : drwxrwxr-- First auto-subdir created (INBOX) had : drwxrwxr-x BUT...had a different group -- one that I used ages ago before making sure that the username based group took priority. (I make each user's primary group one based on their username).
Another imap created subdir (.imap/Junk) : drwxrwx---
took it's perms from the base file. Most of my mbox files have : -rw-rw-r-- but Junk was : -rw-rw---- (thus no 'r' bit on .imap/Junk)
In all the cases, the folders that were different derived from manually created mboxes, *OR* a few auto-created MBOXES (like INBOX ... and likely 'Trash' -- but before using dovecot, I already had a 'Trash' mbox, so it just used it w/the same perms.
In your case, the permissions likely derive from the umask that dovecot was(is?) running with when it created the 'builtin' files (like Trash, Inbox, etc..)
Does that fit your case?
To be honest, I can't follow you. I see that I have inconsistent permissions (but all the same owner and group). I did use a different mail server software in the past, but that's long ago and I can't even remember when I switched to Dovecot. I think it was Courier-IMAP before.
Maildirs for new mailboxes are still created by one of my own scripts so maybe that script creates the maildirs with some wrong permissions. I'll first have to look up what all those funny letters actually mean. They're too rare to remember.
-Yves
Von: Linda A. Walsh Gesendet: Mo, 2018-05-21 20:20 +0200
Yves Goergen wrote:
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? On a lark, I looked through my dirs @ permissions. Shorted lines a bit so they'd fit w/o extra lines between them using: (get rid of text before permissions, and shorten user/group to a few letter) find . -type d -ls|sed -r 's/^\s*\S+\s+\S+\s+// ; s/linda(group)?/usr/g'
Made it wasy to look down the 1st column and find where things were different. FWIW, using mbox format.
My base permissions were : drwxrwxr-x most were: : drwxrwsr-x I noticed that subdirs I created *by hand* (to later move folders into), often had different permissions : drwxrwsr--
The first auto-dir created by dovecot (.imap under top dir) had some perms drawn from the base : drwxrwxr-- First auto-subdir created (INBOX) had : drwxrwxr-x BUT...had a different group -- one that I used ages ago before making sure that the username based group took priority. (I make each user's primary group one based on their username).
Another imap created subdir (.imap/Junk) : drwxrwx---
took it's perms from the base file. Most of my mbox files have : -rw-rw-r-- but Junk was : -rw-rw---- (thus no 'r' bit on .imap/Junk)
In all the cases, the folders that were different derived from manually created mboxes, *OR* a few auto-created MBOXES (like INBOX ... and likely 'Trash' -- but before using dovecot, I already had a 'Trash' mbox, so it just used it w/the same perms.
In your case, the permissions likely derive from the umask that dovecot was(is?) running with when it created the 'builtin' files (like Trash, Inbox, etc..)
Does that fit your case?
Yves Goergen wrote:
To be honest, I can't follow you. I see that I have inconsistent permissions (but all the same owner and group). I did use a different mail server software in the past, but that's long ago and I can't even remember when I switched to Dovecot. I think it was Courier-IMAP before.
Maildirs for new mailboxes are still created by one of my own scripts so maybe that script creates the maildirs with some wrong permissions. I'll first have to look up what all those funny letters actually mean. They're too rare to remember.
hopefully quick explanation of letters
+-d=directory
| usr(me) (r=read,w=write,x=cross(ing)...allows
seeing things below this directory
but 'r' controls seeing things *in*
this directory)
| ||| group
| ||| ||| everyone else
My base permissions were : d rwx rwx r-x
most were: : d rwx rws r-x The 's' on the group-triplet means
set-group on files+dirs below this
The exact permissions aren't so important other than to know that permission set on a file. Those perms are in octal (0-7), with octal
- when it creates an internal directory (like .imap/whatever), those it followed the permissions on my original mbox.
- when it creats an internal mbox (like INBOX, Trash, Sent...etc) it may use whatever it's own umask allows. Umasks are often set to system defaults like 022 or 002 on 'friendly systems -- they *remove* a bit from a
you need 3 bits 0111 = 1*4 + 1*2 + 1*1 -- the high bit (multiplied by highest amount, in this case 4, corresponds to the read permission, the 2 corresponds to write permission and the 1 corresponds to execute on files files, or cross-through for directories. So a umask of 022 would filter out the 2nd bit in each permission mask (i.e. the write bit for groups (the middle number) and the write bit for 'other' (the 3rd group) Since I allow groups to write, I have 002 so people in the same group can write.
Windows will use something like 077 on your home directory -- only theuser has any access, by default. the 7's mask out access for any created files.
If the process that runs dovecot runs with a umask different from you, by default it might create differently permissioned files. If you create a directory manually, that also might be different from what you normally see.
In your case 'Trash' had different permissions -- a directory or file that would have been created by dovecot. so it may be running with different default permissions (settable via the usmask), than you.
Hope that helps some rather than confuses more...was a quick summary of stuff.
On Mon May 21 2018 14:20:51 GMT-0400 (Eastern Standard Time), Linda A. Walsh <dovecot@tlinx.org> wrote:
Yves Goergen wrote:
The issue still exists. Can anybody explain to me why dovecot creates IMAP folders with the wrong filesystem permissions? On a lark, I looked through my dirs @ permissions. Shorted lines a bit so they'd fit w/o extra lines between them using: (get rid of text before permissions, and shorten user/group to a few letter) find . -type d -ls|sed -r 's/^\s*\S+\s+\S+\s+// ; s/linda(group)?/usr/g'
I repeat something from a similar thread from last year...
It would be nice if Dovecot had something like Postfix's set-permissions command to automatically fix permissions issues.
Dovecot may be a little more complicated and have more possible ways things could be configured, but the possibilities are finite (aren't they?) so this could be handled by defining the different possibilities and having a conf option you can set to tell dovecot what scheme you are using (or if possible, some way to auto-detect it and fall back to spitting out an error asking you to define it manually if it can't).
participants (7)
-
Aki Tuomi
-
Linda A. Walsh
-
LuKreme
-
Rupert Gallagher
-
Steffen Kaiser
-
Tanstaafl
-
Yves Goergen