[Dovecot] Dovecot-LDA & permissions
Duncan Hutty
dhutty+lists at ece.cmu.edu
Wed Apr 12 23:07:09 EEST 2006
I set up postfix/dovecot with the dovecot-LDA according to the dovecot
wiki, in particular:
http://wiki.dovecot.org/LDA#head-dacb9b9a1f19c3ea86bb6f8caa3d64e3ddad9ef8
For separation of privileges, I want to have one uid per virtual domain
rather than have the vmail user own all directories under the mailstore.
Therefore the LDA, deliver, in order to deliver must fulfill one of the
following:
a) it must be started as root
b) it must be setuid
c) it must have write access to the user's mailstore even as an
unprivileged user itself.
But
a) postfix declines to this: postfix/pipe[26267]: fatal: user=
command-line attribute specifies root privileges
which is probably a good thing.
b) will work, but I'm really wary of making anything setuid
c) could be done if the group that deliver runs as (as defined in the
user= attribute in master.cf) is the same as the group of each mailstore
directory and that this group has write permissions *and* the sticky bit
of each mailstore directory is set so that the file created by deliver
is owned by the uid of the mailstore owner not deliver's uid.
This is not exactly a question as such because I believe, subject to a
little testing, that I have a working mail setup. However, I believe in
doing things the right way wherever possible and I'm sure someone must
have come across this before, so I'm submitting to the list inviting
comment. How are most of you doing this? Are you just using a single uid
for all virtual users?
--
Duncan Hutty
System Administrator, ECE
Carnegie Mellon University
Please use informative subject lines
More information about the dovecot
mailing list