[Dovecot] permissions on auth-userdb

Timo Sirainen tss at iki.fi
Thu Jun 28 09:49:10 EEST 2012


On Wed, 2012-06-27 at 08:34 -0400, Charles Marcus wrote:
> On 2012-06-27 8:29 AM, Timo Sirainen <tss at iki.fi> wrote:
> > On 23.6.2012, at 13.34, Charles Marcus wrote:
> >> It would be nice if there were a wiki page specifically describing
> >> how permissions should be set for all of the services/directories
> >> that dovecot uses.
> >>
> >> Even better would be a dovecot/doveconf command that would test the
> >> permissions and, if possible, even fix them (like the postfix
> >> 'set-permissions' command)...
> 
> > The problem with those is that it depends on the installation. Each
> > user may need different permissions. Many installations don't have a
> > way to list users to even do a userdb lookup. I guess it would be
> > possible to write such a tool for specific installations where it
> > could work, but it wouldn't work everywhere.
> 
> Hmmm... I wonder how postfix does it then... maybe it doesn't have as 
> many potential variations I guess?

Postfix internally doesn't really use anything except root and postfix
users. Dovecot can be configured in many different ways to handle mail
users and that configuration affects quite a many settings.

> Is there maybe just a basic/standard set of permissions that can work 
> for many installations, then have a way to detect non-standard installs 
> and just provide a link to a wiki page describing things in more detail?

I guess there could be two common settings described: Virtual users with
one UID, and system users with multiple UIDs.

> Is there a wiki page for this already? I didn't find one...

Maybe something could be written under http://wiki2.dovecot.org/UserIds




More information about the dovecot mailing list