sievec drops privileges unexpectedly
Matthijs Kooijman
matthijs at stdin.nl
Wed Jun 25 12:53:47 UTC 2014
(Please keep me CC'd, I'm not subscribed)
Hi folks,
I'm using dovecot 2.1.7 (from Debian stable) with sieve. I have default
sieve script configured, which lives in /etc/dovecot/sieve. I use
dovecot-lda running under the virtual-mail user, which does not have
write access to the /etc/dovecot/sieve directory.
Now, when a mail gets delivered, I get the following message in my
logs.
Jun 25 14:29:43 mail dovecot: lda(2001): Error: sieve: binary save: failed to
create temporary file:
open(/etc/dovecot/sieve/default.svbin.mail.local.18902.) failed: Permission
denied (euid=2009(virtual-mail) egid=2009(virtual-mail) missing +w perm:
/etc/dovecot/sieve, dir owned by 0:0 mode=0755)
Jun 25 14:29:43 mail dovecot: lda(2001): Error: sieve: the lda sieve plugin
does not have permission to save global sieve script binaries; global sieve
scripts like /etc/dovecot/sieve/default need to be pre-compiled using the
sievec tool
Due to the lack of permissions, this is of course expected. However, when I
then try to precompile the script using sievec, that also fails:
# sievec /etc/dovecot/sieve/default
sievec(root): Error: sieve: binary save: failed to create temporary file:
open(/etc/dovecot/sieve/default.svbin.mail.local.18952.) failed: Permission
denied (euid=2009(virtual-mail) egid=2009(virtual-mail) missing +w perm:
/etc/dovecot/sieve, dir owned by 0:0 mode=0755)
So, apparently sievec drops privileges to the virtual-mail user. Why does this
happen? It seems kind of counter-productive - I don't see a way to properly run
sievec as root now? How is this supposed to work?
Now I wrote this, I realized that it might be related that I have
specified mail_uid and mail_gid globally in my dovecot.conf file.
Perhaps those are intended to only be put inside the protocol imap and
protocol lda blocks? This would mean duplicating of this bit of
configuration, which doesn't really sound nice.
Gr.
Matthijs
PS, here's my dovecot -n output:
# 2.1.7: /etc/dovecot/dovecot.conf
# OS: Linux 3.10-1-amd64 x86_64 Debian 7.5
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_access_groups = spamd-access
mail_debug = yes
mail_gid = virtual-mail
mail_location = Maildir:~/Folders:INBOX=~/INBOX:LAYOUT=fs
mail_uid = virtual-mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
plugin {
antispam_backend = pipe
antispam_pipe_program = /usr/bin/spamc
antispam_pipe_program_args = --socket=/var/run/spamd.socket
antispam_pipe_program_notspam_arg = --learntype=ham
antispam_pipe_program_spam_arg = --learntype=spam
antispam_spam = Spam
antispam_trash_pattern_ignorecase = trash;Deleted *;Prullenbak;Verwijderde *
sieve = ~/sieve
sieve_dir = ~/sieve.d
sieve_global_path = /etc/dovecot/sieve/default
}
protocols = imap sieve
service auth {
unix_listener auth-client {
group = Debian-exim
mode = 0600
user = Debian-exim
}
unix_listener auth-master {
group = virtual-mail
mode = 0600
user = virtual-mail
}
user = nobody
}
ssl_cert = <ssl/mail.tikatika.nl.crt-chain
ssl_key = <ssl/mail.tikatika.nl.key
userdb {
args = home=/data/mail/%u allow_all_users=yes uid=virtual-mail gid=virtual-mail
driver = static
}
protocol imap {
mail_plugins = antispam
}
protocol lda {
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_plugins = sieve
postmaster_address =
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140625/c83388e5/attachment.sig>
More information about the dovecot
mailing list