[Dovecot] [Bug] doveadm pw Fatal: open(/etc/dovecot/dovecot.conf) failed: Permission denied

Dwain Blazej dwain.blazej at gmail.com
Tue Apr 1 06:56:23 UTC 2014


I'm writing some code for Posty, a Postfix and Dovecot Administration App.
One way to support all of dovecot's password hashes is to have "dovecot pw"
do the work, however I don't want to run the web facing Posty as root or
the same user as Dovecot.

Is the output of "dovecot pw" is effected by the contents of the
configuration files?  What in the configuration file does "dovecot pw"
require to operate?

I personally care about SHA512-crypt support, so I just called an outside
library to generate the hash. However, others might want to use a different
scheme, or Dovecot might not have support for SHA512-crypt on other systems
(I think Mac OS X is an example).  Hence the elegance of using dovecot pw
to do all the work.  If a normal user can call dovecot pw, then I'll add
back in that code.




On Sat, Mar 29, 2014 at 3:06 PM, Reindl Harald <h.reindl at thelounge.net>wrote:

>
>
> Am 29.03.2014 22:51, schrieb Dwain Blazej:
> > dovecot --version => 2.1.7
> >
> > When I as a normal user the command:
> >
> > doveadm pw -s sha512-crypt -p example_password
> >
> > the command exit with return code 89 and the message
> >
> > doveconf: Fatal: open(/etc/dovecot/dovecot.conf) failed: Permission
> denied
> >
> > If I make Dovecot's configuration files world readable the error goes
> away
>
> what about calling administrative commands not as normal user?
>
> > Please remove configuration file dependencies from "doveadm pw"
>
> and how is it supposed to work without the configuration?
>
> how do you come to the conclusion that a command called "doveadm"
> is supposed to be started as non-admin?
>
>
>


More information about the dovecot mailing list