Dovecot-lda permission errors or maybe authentication errors?
Robert Kryger
rkryger at gate.net
Thu Nov 6 13:40:15 UTC 2014
Steffen,
Problem was solved by Alexander.
I was running SElinux in enforcing mode without realizing it. When I
disabled SElinux, dovecot-lda started working.
Thanks for all your help!
Robert
-----Original Message-----
From: Steffen Kaiser [mailto:skdovecot at smail.inf.fh-brs.de]
Sent: Thursday, November 06, 2014 2:35 AM
To: Robert Kryger
Cc: dovecot at dovecot.org
Subject: RE: Dovecot-lda permission errors or maybe authentication errors?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 5 Nov 2014, Robert Kryger wrote:
> I agree the error message is confusing. As mentioned, I initially
> thought the Maildir folder permissions were set wrong (since I
> transferred them over from an older mail server) so I have tried many
> combinations including setting full "rwx" permissions for everyone on
> the /home/user1 and /home/user1/Maildir folders. It doesn't seem to
> help which leads me to suspect I might be mis-understanding the
dovecot-lda error messages.
They are usually very clear and helpful.
> To confirm as currently set:
> User1 has full "rwx" permissions on the /home/user1 folder.
What filesystem /home/user1 is located on? E.g. AFS has yet another
permission management.
What happens if you try to access the folder as the system user:
su - user1 id -a
su - user1 ls -ald /home/user1
The 1st command verifies, that su - user1 is using the same uid as Dovecot,
the 2nd one probes the accessability.
> I am running a "plain" CentOS 6.5 installation. No intentional
> protection software like Apparmor, no SElinux features.
OK, first question answered. ;-)
What about the 2nd one about the permissions of / and /home?
> -----Original Message-----
> From: Steffen Kaiser [mailto:skdovecot at smail.inf.fh-brs.de]
> Sent: Wednesday, November 05, 2014 9:24 AM
> To: Robert Kryger
> Cc: dovecot at dovecot.org
> Subject: RE: Dovecot-lda permission errors or maybe authentication errors?
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 5 Nov 2014, Robert Kryger wrote:
>
>> Output of ls -nal /home/user1:
>>
>>> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
>>> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
>>> such file or directory, euid is not dir owner)
>
>> total 156
>> drwx------. 6 524 524 4096 Nov 5 08:27 .
>
> This list doesn't seem to fit the error message, because user 524 is
> owning this dir and has full access permissions. Maybe, are you
> running some protection software, like SELinux, AppArmor, ..., which
> prevents access to this directory?
>
> Just to raise the obvious: "/" and "/home" do allow "x"-permission for
> user #524, don't they?
>
>> drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 ..
>> -rw-------. 1 524 524 1148 Oct 15 13:44 .bash_history
>> -rw-r--r--. 1 524 524 18 Sep 25 22:13 .bash_logout
>> -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile
>> -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc
>> -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt
>> -rw-r--r--. 1 524 524 75 Oct 6 11:39 .forward_old
>> -rw-r--r--. 1 0 0 37 Oct 26 19:09 .forward_test_lda
>> -rw-------. 1 524 524 55 Oct 12 20:12 .lesshst
>> -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log
>> -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log
>> drwxrw----. 35 524 524 4096 Nov 5 08:24 Maildir
>> drwxr-----. 35 0 0 4096 Oct 29 09:03 Maildirsave
>> drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla
>> -rw-r--r--. 1 524 524 92 Oct 12 20:20 .procmailrc
>> -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old
>> -rw-r--r--. 1 524 524 92 Oct 6 10:27 .procmailrc_old2
>> -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt
>> drwx------. 2 524 524 4096 Oct 14 16:02 .ssh
>> -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt
>> -rwxr-xr-x. 1 524 524 87 Oct 6 13:59 testscript
>> -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log
>> -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt
>> -rw-------. 1 524 524 3973 Oct 27 16:58 .viminfo
>>
>> -----Original Message-----
>> From: Steffen Kaiser [mailto:skdovecot at smail.inf.fh-brs.de]
>> Sent: Wednesday, November 05, 2014 5:26 AM
>> To: Robert Kryger
>> Cc: dovecot at dovecot.org
>> Subject: Re: Dovecot-lda permission errors or maybe authentication
errors?
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On Tue, 4 Nov 2014, Robert Kryger wrote:
>>
>>> I have tried to specify the dovecot-lda in two ways. First, in the
>>> /etc/postfix/main.cf file:
>>>
>>> mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a
>>> "$RECIPIENT"
>>>
>>> or alternatively, I leave the mailbox_command blank and specify the
>>> following in the .forward file of a test user:
>>>
>>> | "/usr/libexec/dovecot/dovecot-lda"
>>>
>>> Either approach gives me the same error(s). When a mail message is
>>> sent to the test user USER1, the following errors appear in the
>>> dovecot-lda error
>>> file:
>>>
>>> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
>>> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
>>> such file or directory, euid is not dir owner) Nov 04 08:47:29
> lda(user1):
>> Error:
>>> chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
>>> Error: user user1: Initialization failed: Namespace 'INBOX.':
>>> stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
>>> egid=524(user1) stat() failed: No such file or directory, euid is
>>> not dir
>>> owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings.
>>> Refer to server log for more information.
>>>
>>> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
>>> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
>>> such file or directory, euid is not dir owner) Nov 04 08:47:29
> lda(user1):
>> Error:
>>> chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
>>> Error: user user1: Initialization failed: Namespace 'INBOX.':
>>> stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
>>> egid=524(user1) stat() failed: No such file or directory, euid is
>>> not dir
>>> owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings.
>>> Refer to server log for more information.
>>>
>>> At first, I interpreted this to mean the file permissions were not
>>> set correctly on the home directory or the Maildir folder. However,
>>> I have opened these up to full rwx access for everyone and I still
>>> get the same errors. Alternatively, perhaps this is related somehow
>>> to the dovecot-lda authentication process via the password or user
>>> databases, but I can't make any sense of the documentation.
>>
>> What's the output of:
>>
>> ls -nal /home/user1
>>
>> - --
>> Steffen Kaiser
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.11 (GNU/Linux)
>>
>> iQEVAwUBVFn7O3z1H7kL/d9rAQLIkQf+NsVmLoWS4smKMBXs5auUQHEc7HNMucxa
>> rT9quBZ/0Xn2Gn4UQRTp/X3XO4UoHYHDigcYLRG0+v7qENfOIShbb4a747LX/BTE
>> JA+N4OfOWfSJGk+bz2qsxjXwMf0IGFqac1eZME41Qk6yn1CeWv4DTdY/tXmB+Cj+
>> qk/pUXcHCK/2ay6cYo9pXW3b3/VxPsLq3Q+vD9zJyFUZ5JMwAmk1zdEEPDVZGZ83
>> rmALm066qtuBePdsxrCuTEw2WyM/Zcgk6M4C40lWCWA/79PFv9FuFxAPIfjOpZaO
>> jMvzYCzCE4IdWm8dJJQ9+oe0/aO6muu5gvVgoZygsst99PUswjqFcg==
>> =YsBN
>> -----END PGP SIGNATURE-----
>> ---------------Output of GPG------------------ Decryption of block
>> failed
>> gpg: Signature made Wed 05 Nov 2014 11:26:03 AM CET using RSA key ID
>> 0BFDDF6B
>> gpg: BAD signature from "Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>"
>>
>
> - --
> Steffen Kaiser
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iQEVAwUBVFozAHz1H7kL/d9rAQLcYggAnP86Mvdnn4sKI4/t1j22/jAetIGuA6hW
> r+BFoLtugkp/829TtNnh2FvqF6uWBo38qcni4Qa7FLKGvNOnyaW11YbzVxcvH+lS
> +58Ln5SJbAWOhbVTdLusvJZNqJIFUTQPJdx924ohDWndqcUPWdeDUDilegPm9kFS
> z6XPTE3gsrqeggGRkD0FyYcDcvO8JuDieLmZnINvJ6bAiOCJ6dgJdNt64DLSbKtk
> EMsj5Ix49m219NhkzNTrMXmlT6s/dZqO+/8B1MZ9S/w0KDGwZzYmV86hFlL3ImRp
> G5cilKZbsNuGkL0PBHFbUqPrZeAnI93hMI2SszH5cV2dbQkYUqMIew==
> =ggMr
> -----END PGP SIGNATURE-----
> ---------------Output of GPG------------------ Decryption of block
> failed
> gpg: Signature made Wed 05 Nov 2014 03:24:00 PM CET using RSA key ID
> 0BFDDF6B
> gpg: BAD signature from "Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>"
>
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBVFsku3z1H7kL/d9rAQLz6wf+OHrqvMkrdU2Pkq6pZsa4qI0zx4tVM/+i
1BlbxZ1Nk530edO46CKcpRkW8qtU657cYxWNaqpGkYpFUUnKcGtxKhna+tI+pxCe
xdkAtah0Ept1BAGfc3HAgXILkH2akJPxR5R5opqtYFmMAYA65+cDSZ2UfWy/g68n
C9zI6QejLFZ5xhPctL9twrpNZJ2lLScQq/GFr72sXqvIr9oQtNKGxCiHFMAG8IyK
bYsQDju+FZXLgdvndm7VqgxC1/88chYkUcxnbHcr4a49ueXSrytyTrVOlgL5LjZU
Tk+TaD2bBg+YGfF4dQ2IweC7v4oH4XxZA+CaihKeAq/AXfMgmAnQLg==
=fhZe
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list