[Dovecot] permissions on auth-userdb

Timo Sirainen tss at iki.fi
Tue Aug 31 19:27:15 EEST 2010


On Tue, 2010-08-31 at 02:13 +0200, spamvoll at googlemail.com wrote:
> Hi..
> 
> im still trying to upgrade to 2.0.
> Im getting:
> dovecot: lda: Error: userdb lookup:
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
> (euid=10000(vmail) egid=10000(vmail) missing +r perm:
> /var/run/dovecot/auth-userdb, euid is not dir owner)

You're calling dovecot-lda as the user vmail:vmail, probably from your
MTA. Probably it's not being called by anyone else.

> service auth {
>   # auth_socket_path points to this userdb socket by default. It's typically
>   # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
>   # permissions make it readable only by root, but you may need to relax these
>   # permissions. Users that have access to this socket are able to get a list
>   # of all usernames and get results of everyone's userdb lookups.
>   unix_listener auth-userdb {
>     mode = 0600
>     #user = vmail
>     #group = vmail

Comment out the user/group lines above and that should work fine.



More information about the dovecot mailing list