[Dovecot] Access filesystem (NFS) as some user
Manao ahoana, Hello, Bonjour,
My Dovecot server has to access the users Maildirs. Maildirs are on a NFS mount that only a user (vmail/500) may read and write. No one else.
How to configure Dovecot so that at least disk read-write are performed as a "vmail" user (that I have created with the right attributes)?
Is the workaround of changing dovecot's system UID/GID a not-so-bad one? (I am trying to see if it works, at least...)
Misaotra, Thanks, Merci.
-- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche & Developpement +261 34 29 155 34 / +261 33 11 207 36
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, 4 May 2010, Mihamina Rakotomandimby wrote:
How to configure Dovecot so that at least disk read-write are performed as a "vmail" user (that I have created with the right attributes)?
Is the workaround of changing dovecot's system UID/GID a not-so-bad one? (I am trying to see if it works, at least...)
Do you encounter any problems? I thought the access is always performed with the proper UID/GID.
There is: http://wiki.dovecot.org/MainConfig?highlight=mail_drop_priv_before_exec
the mail_drop_priv_before_exec setting, too.
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS+An4b+Vh58GPL/cAQJQuwgAynW/YR04tAKiKqn93xfNISe4z+Jjxzg/ S8z1HkoVmahzZJIeSEaTkcyvW4DlLnhNdKHEOML/5TiDClFad85/kdkdO+1Wy3Jb W7pqqy56zz1Oyw2tJV8qoePDTN5AckPCzGB6SXr+NRl5H+HpSWRmtiY9L7HOBpYt NuZZmyFcWf2nerqaO7QMN0Ipae5yyJJJ63h0hZ6ueZ6avsQ0Cq/vZkvHejOMoWlB nKHqoHZW+3uLvEhmxpEHZqYtBpVi2ecqT9qtbhnfVax2tIKTEQjK9MTma5dh/rCi 4UzwSSTGvTrOIYv95bB4ZF8ShfdABgj1inkiICqUgAc9EdTv0ze7Lw== =bqXW -----END PGP SIGNATURE-----
Mihamina Rakotomandimby <mihamina@gulfsat.mg> : My Dovecot server has to access the users Maildirs. Maildirs are on a NFS mount that only a user (vmail/500) may read and write. No one else.
My user_query returns: +--------------------------------------+-----+-----+ | home | uid | gid | +--------------------------------------+-----+-----+ | /data/mailaka/gulfsat.mg/m/mihamina/ | 500 | 500 | +--------------------------------------+-----+-----+
So, I expect Dovecot to be vmail/500 when accessing the home, but the error (syslog):
May 4 16:55:04 hostname dovecot: stat(/data/mailaka/gulfsat.mg/m/mihamina/) failed: Permission denied
/data/mailaka/gulfsat.mg/m/mihamina/ is on a NFS mount:
192.168.1.69:/data/mail on /data/mailaka type nfs
Is the workaround of changing dovecot's system UID/GID a not-so-bad one? (I am trying to see if it works, at least...)
Bad. Gave up.
-- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche & Developpement +261 34 29 155 34 / +261 33 11 207 36
Mihamina Rakotomandimby <mihamina@gulfsat.mg> : My user_query returns: +--------------------------------------+-----+-----+ | home | uid | gid | +--------------------------------------+-----+-----+ | /data/mailaka/gulfsat.mg/m/mihamina/ | 500 | 500 | +--------------------------------------+-----+-----+
This was the faulty. Explanations: http://www.rktmb.org/post/2010/05/05/dovecot-mysql-nfs
-- Architecte Informatique chez Blueline/Gulfsat: Administration Systeme, Recherche & Developpement +261 34 29 155 34 / +261 33 11 207 36
participants (2)
-
Mihamina Rakotomandimby
-
Steffen Kaiser