[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root

Timo Sirainen tss at iki.fi
Mon Aug 23 16:37:38 EEST 2010


On Sat, 2010-08-21 at 11:10 +0200, Ralph Seichter wrote:

> I made a small mistake during setup and had one of the id_dsa files
> owned by root instead of $user. This was deliberate, because the sync
> script is run by root and I thought that the SSH key should thus be
> owned by root aswell. 

Yeah, that's how I thought it should work too. Fixed:
http://hg.dovecot.org/dovecot-2.0/rev/83f98d61bea2

> The resulting error message was:
> 
>   Permission denied (publickey,keyboard-interactive).
>   dsync-local(foouser): Error: read() from worker server failed: EOF

This is ok.

>   dsync-local(foouser): Fatal: dsync backup: Looks like you're trying to run
>     backup in wrong direction. Source is empty and destination is not.

This should have been logged. Fixed:
http://hg.dovecot.org/dovecot-2.0/rev/6ef21adeb61d

> Do you think one should add an example for key-based authentication to
> http://wiki2.dovecot.org/Tools/Dsync ?

With the above changes, I guess all that's needed for that is to add "-i
id_dsa.backup" parameter to:

dsync -u username mirror ssh mailuser at example.com dsync -u username



More information about the dovecot mailing list