[Dovecot] permissions on auth-userdb

spamvoll at googlemail.com spamvoll at googlemail.com
Tue Aug 31 03:13:59 EEST 2010


Hi..

im still trying to upgrade to 2.0.
Im getting:
dovecot: lda: Error: userdb lookup:
connect(/var/run/dovecot/auth-userdb) failed: Permission denied
(euid=10000(vmail) egid=10000(vmail) missing +r perm:
/var/run/dovecot/auth-userdb, euid is not dir owner)

the error is correct caus its owned by root. My Questions is who should own it ?
Im not sure how that works, what process/user calls the auth-userdb ?
The auth-userdb returns the args generated in master.conf, right ?

i think comment out the user and group setting in master.conf will fix
it but im not sure if that is the securest way.

the mails come from postfix via dovecot-lda

Hans

master.conf
service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
  # permissions make it readable only by root, but you may need to relax these
  # permissions. Users that have access to this socket are able to get a list
  # of all usernames and get results of everyone's userdb lookups.
  unix_listener auth-userdb {
    mode = 0600
    #user = vmail
    #group = vmail
  }

auth-ldap.conf.ext
passdb {
  driver = ldap
  args = /etc/dovecot/dovecot-ldap.conf.ext
}
userdb {
  driver = static
  args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/
mail=/home/MAILBOXES/%u/mail
}


More information about the dovecot mailing list