[Dovecot] LDA and auth-userdb socket permissions

a.smith at ukgrid.net a.smith at ukgrid.net
Mon Aug 22 14:22:55 EEST 2011


Hi,

   just wanted to check this as the wiki seems to have contradictory  
information. With respect to running the LDA as multiple UIDs the wiki  
says:

[QUOTE]If you're using more than one UID for users, you're going to  
have problems running dovecot-lda, as most MTAs won't let you run  
dovecot-lda as root[/QUOTE]

But in the example for the config file the text reads:

[QUOTE]
service auth {
   unix_listener auth-userdb {
     mode = 0600
     user = vmail # User running dovecot-lda
     #group = vmail # Or alternatively mode 0660 + dovecot-lda user in  
this group
   }
}
[/QUOTE]

So it says you can stick the LDA user just in the (vmail or whatever)  
group and that is enough. So you aren't restricted to a single UID for  
access anymore...

I tested this and the later did not work, that is if I put my LDA user  
in the group for the auth-userdb socket with permissions 0660 I got an  
error back from dovecot saying that the owner was incorrect.

So, as it stands I guess the bit about setting group should be removed  
from the wiki?
Secondly, why doesn't this currently work? Why is the owner all important?

thanks Andy.






More information about the dovecot mailing list