[Dovecot] 2.1.rc1 (8a63f621bd2e): SiS permission issue + crash

Sat Dec 10 05:35:56 EET 2011

Since changeset 8a63f621bd2e I'm one step closer to the perfect working
setup. I'm sharing one GID per domain, all it's alias names and accounts.
So I can use: mail_attachment_dir = /srv/mail/.SiS/%{gid}

In order to avoid permission trouble I've set fs ACL on the .SiS dir:

,--[ getfacl srv/mail/.SiS ]--
| # file: srv/mail/.SiS
| # owner: root
| # group: root
| user::rwx
| group::--x
| mask::--x
| other::-wx
| default:user::rwx
| default:group::rwx
| default:mask::rwx
| default:other::---
`--

OK, lets test the setup:

dsync -u test-0 at example.com mirror maildir:/tmp/Maildir
rm -rf Maildir && cp -a Maildir_org Maildir && chown -R 70010:70002 Maildir
dsync -vu test-1 at example.com mirror maildir:/tmp/Maildir
dsync(test-1 at example.com): Info: Drafts: only in dest (guid=b6a53627f3cbe24e33030000850d2fad)
dsync(test-1 at example.com): Info: Sent: only in dest (guid=b7a53627f3cbe24e33030000850d2fad)
dsync(test-1 at example.com): Info: Junk-E-Mail: only in dest (guid=b8a53627f3cbe24e33030000850d2fad)
dsync(test-1 at example.com): Info: Trash: only in dest (guid=b9a53627f3cbe24e33030000850d2fad)
dsync(test-1 at example.com): Info: INBOX: only in dest (guid=baa53627f3cbe24e33030000850d2fad)
dsync(test-1 at example.com): Error: stat(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.4f06409857c627e0) failed: Permission denied
dsync(test-1 at example.com): Error: safe_mkstemp(/srv/mail/.SiS/70002/a2/7b/.temp.blau.819.) failed: Permission denied
dsync(test-1 at example.com): Panic: file dsync-worker-local.c: line 1644 (local_worker_save_msg_continue): assertion failed: (ret == -1)
dsync(test-1 at example.com): Error: Raw backtrace: /usr/local/lib/dovecot/libdovecot.so.0(+0x4faf1) [0x7f4db31f4af1] -> /usr/local/lib/dovecot/libdovecot.so.0(default_error_handler+0) [0x7f4db31f4b7d] -> /usr/local/lib/dovecot/libdovecot.so.0(i_fatal+0) [0x7f4db31f4e01] -> dsync() [0x416af8] -> dsync() [0x416e46] -> dsync(dsync_worker_msg_save+0x82) [0x412cb2] -> dsync() [0x40b7e0] -> dsync() [0x417286] -> dsync() [0x417324] -> dsync(dsync_worker_msg_get+0xa8) [0x412dd4] -> dsync() [0x40bbf3] -> dsync() [0x40bd62] -> dsync() [0x40c106] -> dsync() [0x40c318] -> dsync(dsync_brain_msg_sync_new_msgs+0x1c) [0x40c336] -> dsync(dsync_brain_msg_sync_more+0x1ae) [0x40b15e] -> dsync() [0x409b88] -> dsync(dsync_brain_sync+0x231) [0x40a074] -> dsync() [0x4084fb] -> dsync() [0x408729] -> dsync(dsync_brain_sync+0x1a7) [0x409fea] -> dsync() [0x408238] -> dsync() [0x408388] -> dsync(dsync_brain_sync+0x10b) [0x409f4e] -> dsync(dsync_brain_sync_all+0x24) [0x40a16b] -> dsync(main+0x680) [0x407b2b
] -> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd) [0x7f4db2e3fead] -> dsync() [0x406e09]
Aborted (core dumped)

Looks like Dovecot ignores the ACL. I think a mail_attachment_dir_mode
setting could help to work around this problem. Dunno what would be a
good default value. But I would set mail_attachment_dir_mode = 0770
The attachment files have mode 0660, that's perfect in my setup.

Regards,
Pascal
-- 
The trapper recommends today: c01dcafe.1134404 at localdomain.org
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: doveconf.txt
URL: <http://dovecot.org/pipermail/dovecot/attachments/20111210/2e9dd868/attachment-0004.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dsync_bt.txt
URL: <http://dovecot.org/pipermail/dovecot/attachments/20111210/2e9dd868/attachment-0005.txt>