[Dovecot] 2.0: deliver run from multiple uids and configuration files
Timo Sirainen
tss at iki.fi
Fri Jun 3 14:54:48 EEST 2011
On Thu, 2011-06-02 at 23:20 +0200, Arkadiusz Miskiewicz wrote:
> I'm trying to run deliver from exim transport in a way that it doesn't need to
> query userdb AND doesn't need to read configuration files.
>
> The problem is that config files are readable for root only and if I run
> deliver with multiple UIDs then I would have to allow reading config files for
> everyone. Of course that's not a option because configs contain database
> passwords and such stuff.
Database passwords should be in in the dovecot-sql.conf.ext or
something, which LDA (or doveconf, really) doesn't even try to read.
If there are other secrets, you could put them to a separate file, which
you:
!include_try /etc/dovecot/secrets.conf
LDA will just ignore it.
> I wonder if it is possible to avoid reading config files by deliver?
With -O parameter it doesn't read config, but I don't really recommend
that..
More information about the dovecot
mailing list