Dovecot sieve pigeonhole permission

Gerhard Wiesinger lists at wiesinger.com
Tue Aug 4 18:19:41 UTC 2015


Hello,

I'm running dovecot in a classical vmail.vmail setup with pigeonhole and 
LMTP. Permission worked well in the initial setup but currently (maybe 
after Fedora 22 update) I'm having the following permission issue:

lmtp(root): Error: 7fPZFOL9wFXePQAABcdabc: sieve: binary open: failed to 
open: open(/etc/dovecot/sieve_after.svbin) failed: Permission denied 
(euid=9999(vmail) egid=9999(vmail) missing +r perm: 
/etc/dovecot/sieve_after.svbin, we're not in group 0(root), dir owned by 
0:0 mode=0755)
lmtp(root): Error: 7fPZFOL9wFXePQAABcdabc: sieve: binary save: failed to 
create temporary file: 
open(/etc/dovecot/sieve_after.svbin.myserver.mydomain.15838.) failed: 
Permission denied (euid=9999(vmail) egid=9999(vmail) missing +w perm: 
/etc/dovecot, dir owned by 0:0 mode=0755)
lmtp(root): Error: 7fPZFOL9wFXePQAABcdcbc: sieve: The LDA Sieve plugin 
does not have permission to save global Sieve script binaries; global 
Sieve scripts like `/etc/dovecot/sieve_after.sieve' need to be 
pre-compiled using the sievec tool

rpm -V dovecot dovecot-pigeonhole
doesn't report any permission issues

Versions:
dovecot-2.2.18-2.fc22.x86_64
dovecot-pigeonhole-2.2.18-2.fc22.x86_64

Relevant config parts:
mail_gid = vmail
mail_uid = vmail

plugin {
   sieve = ~/.dovecot.sieve
   sieve_after = /etc/dovecot/sieve_after.sieve
   sieve_dir = ~/sieve
}

ls -lad /etc/dovecot/
drwxr-xr-x. 3 root root 4096 Jul 30 18:13 /etc/dovecot/
ls -la /etc/dovecot/*sieve*
-rwxr-x--- 1 vmail vmail 288 Aug  8  2014 /etc/dovecot/sieve_after.sieve
-rw-r----- 1 root  root  355 Jul 30 18:13 /etc/dovecot/sieve_after.svbin

What's are the recommended permissions for the files/directories (also 
for root service startup of dovecot)?
Did something change in permissions management?

Thanx.

Ciao,
Gerhard

--
http://www.wiesinger.com/



More information about the dovecot mailing list