Dovecot-lda permission errors or maybe authentication errors?

Robert Kryger rkryger at gate.net
Tue Nov 4 16:46:51 UTC 2014 

I am a new dovecot user who recently transitioned my old mailserver to a new
CentOS/Postfix/Dovecot system.  I am running a simple configuration with
about a dozen system users and Maildir folders.  The e-mail setup seems to
be running fine when I use the default local-delivery-agent in Postfix.
However, I am trying to use the dovecot-lda instead so I can take advantage
of the sieve functionality.  

 

I have tried to specify the dovecot-lda in two ways.  First, in the
/etc/postfix/main.cf file:

 

mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a
"$RECIPIENT"

 

or alternatively, I leave the mailbox_command blank and specify the
following in the .forward file of a test user:

 

| "/usr/libexec/dovecot/dovecot-lda"

 

Either approach gives me the same error(s).  When a mail message is sent to
the test user USER1, the following errors appear in the dovecot-lda error
file:

 

Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission
denied (euid=524(user1) egid=524(user1) stat() failed: No such file or
directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error:
chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to
server log for more information.

Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission
denied (euid=524(user1) egid=524(user1) stat() failed: No such file or
directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error:
chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to
server log for more information.

 

At first, I interpreted this to mean the file permissions were not set
correctly on the home directory or the Maildir folder.  However, I have
opened these up to full rwx access for everyone and I still get the same
errors.  Alternatively, perhaps this is related somehow to the dovecot-lda
authentication process via the password or user databases, but I can't make
any sense of the documentation.

 

Can anyone suggest what might be wrong or how to better diagnose?

 

For reference, I am running dovecot version 2.0.9.

 

The dovecot-lda process also outputs the following messages (not errors)
when a test message is sent to the USER1 account:

 

Nov 04 08:47:29 lda: Debug: Loading modules from directory:
/usr/lib64/dovecot Nov 04 08:47:29 lda: Debug: Module loaded:
/usr/lib64/dovecot/lib90_sieve_plugin.so

Nov 04 08:47:29 lda(user1): Debug: Effective uid=524, gid=524,
home=/home/user1 Nov 04 08:47:29 lda(user1): Debug: Namespace :
type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir Nov 04 08:47:29 lda(user1):
Debug: maildir++: root=/home/user1/Maildir, index=, control=,
inbox=/home/user1/Maildir Nov 04 08:47:29 lda: Debug: Loading modules from
directory: /usr/lib64/dovecot Nov 04 08:47:29 lda: Debug: Module loaded:
/usr/lib64/dovecot/lib90_sieve_plugin.so

Nov 04 08:47:29 lda(user1): Debug: Effective uid=524, gid=524,
home=/home/user1 Nov 04 08:47:29 lda(user1): Debug: Namespace :
type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir Nov 04 08:47:29 lda(user1):
Debug: maildir++: root=/home/user1/Maildir, index=, control=,
inbox=/home/user1/Maildir

 

The output of dovecot -n is:

 

# 2.0.9: /etc/dovecot/dovecot.conf

# OS: Linux 2.6.32-431.29.2.el6.x86_64 x86_64 CentOS release 6.5 (Final)
auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login
disable_plaintext_auth = no login_trusted_networks = 71.xx.xx.xx 71.xx.xx.xy
71.xx.xx.xz 71.xx.xx.yx mail_debug = yes mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto managesieve_sieve_capability =
fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify environment mailbox date mbox_write_locks = fcntl
namespace {

  inbox = yes

  location =

  prefix = INBOX.

  separator = .

}

passdb {

  driver = pam

}

plugin {

  sieve = ~/.dovecot.sieve

  sieve_dir = ~/sieve

  sieve_global_dir = home/sieve

  sieve_max_script_size = 1M

}

protocols = imap lmtp sieve

service auth {

  unix_listener /var/spool/postfix/private/auth {

    group = postfix

    mode = 0660

    user = postfix

  }

}

service managesieve-login {

  inet_listener sieve {

    port = 4190

  }

}

ssl_cert = </etc/pki/dovecot/certs/dovecot.pem

ssl_key = </etc/pki/dovecot/private/dovecot.pem

userdb {

  driver = passwd

}

protocol lda {

  info_log_path = /var/log/dovecot-lda.log

  log_path = /var/log/dovecot-lda-errors.log

  mail_plugins = sieve

  postmaster_address = postmaster at xxxxxxx.com }

More information about the dovecot mailing list