Dovecot sieve pigeonhole permission
Steffen Kaiser
skdovecot at smail.inf.fh-brs.de
Wed Aug 5 12:16:07 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 5 Aug 2015, Gerhard Wiesinger wrote:
> On 05.08.2015 13:06, Steffen Kaiser wrote:
>> On Tue, 4 Aug 2015, Gerhard Wiesinger wrote:
>>
>>>
>>> I'm running dovecot in a classical vmail.vmail setup with pigeonhole and
>>> LMTP. Permission worked well in the initial setup but currently (maybe
>>> after Fedora 22 update) I'm having the following permission issue:
>>>
>>> lmtp(root): Error: 7fPZFOL9wFXePQAABcdabc: sieve: binary open: failed to
>>> open: open(/etc/dovecot/sieve_after.svbin) failed: Permission denied
>>> (euid=9999(vmail) egid=9999(vmail) missing +r perm:
>>> /etc/dovecot/sieve_after.svbin, we're not in group 0(root), dir owned by
>>> 0:0 mode=0755)
>>
>> Did you honored the error log and added the read permission for the vmail
>> user, which most likely means:
>>
>> chmod a+r /etc/dovecot/sieve_after.svbin
>
> Yes, I read it but I didn't like to give read permissions for all. Isn't
well, what kind of users have shell or file level access to the server?
> there a better designed solution available?
> Nevertheless it works by setting the read permissions for all ...
> -rwxr-x--- 1 vmail vmail 288 Aug 8 2014 /etc/dovecot/sieve_after.sieve
> -rw-r----- 1 root root 355 Jul 30 18:13 /etc/dovecot/sieve_after.svbin
1st: sieve scripts are not executable.
2nd: it needs read perm for all your LMTP users, that probable means:
chown vmail /etc/dovecot/sieve_after.svbin
chmod o= /etc/dovecot/sieve_after.svbin
If you have some system users as well, you might need to chgrp as well.
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEVAwUBVcH+h3z1H7kL/d9rAQJ7FwgAmY9KMnl6D/aUu2zabT2tptauOItjN/Rs
hW9/Rkk15sRgsaqbVce+Qb/YMb80sH8VjdYQbtC9ea/PrwSoF/lDnp1W/ekJoc92
W8cQn1b6e+aoH2chUdw/sYGWuKEv8qpyzFmrxS8vGitcMzbICQcXh5WYxe0Ie19s
GqpPKlPRKI/X84slV3BDV6NWILovrDY/UIa2wt4vW2rlUVDpwN1Z6Wfk3ExxoVo/
http0vL6XgXdrDeQ8SyeT+atxdOyQ5bhr/u485Ix0vsWR7AXJG07x6Ul10d8th/i
nrTH6EfMCrLKdupD80lYhWUYvGZFmSm3dG+fbWKIgnd1YOr8Nth33Q==
=7oLN
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list