dovecot-lda can't create /var/mail dotlocks on debian

Larry Rosenman larryrtx at gmail.com
Tue Nov 3 20:12:30 UTC 2015 

Hrm.  if you turn up the debug on lda, do you get any more of a clue?

Those permissions look fine to me.


On Tue, Nov 3, 2015 at 2:10 PM, John Clements <johnbclements at gmail.com>
wrote:

> clements at desmond:/var/log$ ls -lda /var/mail
> drwxrwsr-x 2 root mail 4096 Nov  2 22:07 /var/mail
>
>
> Best,
>
> John Clements
>
> On Tue, Nov 3, 2015 at 11:52 AM, Larry Rosenman <larryrtx at gmail.com>
> wrote:
>
>> what is the full permissions of /var/mail?
>>
>>
>> ls -lda /var/mail
>>
>> On Tue, Nov 3, 2015 at 1:49 PM, John Clements <johnbclements at gmail.com>
>> wrote:
>>
>>> I've been using dovecot+postfix happily for many years, and I'm now
>>> configuring it for a new machine. However, I'm running into an old
>>> problem
>>> again, and thinking that there must be a better solution.
>>>
>>> The problem is that dovecot-lda is unable to create dotlock files in the
>>> /var/mail directory.
>>>
>>> Dovecot version: 1:2.2.13-12~deb8u1 (I'm guessing this is upstream
>>> version
>>> 2.2.13)
>>> OS: Debian Jessie
>>>
>>> Currently, my mail directory has these permissions:
>>>
>>> clements at desmond:~$ ls -ld /var/mail
>>> drwxrwsr-x 2 root mail 4096 Nov  2 22:07 /var/mail
>>> clements at desmond:~$ ls -l /var/mail
>>> total 8
>>> -rw------- 1 clements   mail 1382 Nov  2 21:59 clements
>>> -rw------- 1 granitemon mail  530 Nov  2 22:07 granitemon
>>>
>>> I've added
>>> mail_privileged_group = mail
>>> to allow creation of the dotlock files.
>>>
>>> When I configure postfix to deliver using dovecot-lda, I get logs that
>>> look
>>> like this:
>>>
>>> Nov  3 11:12:20 desmond dovecot: lda(granitemon): Error:
>>> setegid(privileged) failed: Operation not permitted
>>> Nov  3 11:12:20 desmond dovecot: lda(granitemon): msgid=<
>>> 20151103181306.A4B5B5FF32 at desmond.XXXDOMAIN.org>: save failed to INBOX:
>>> BUG: Unknown internal error
>>>
>>> In order to isolate the error, I took postfix out of the equation, and
>>> called dovecot-lda directly:
>>>
>>> clements at desmond:/tmp$ cat bogusmail
>>> From: clements at XXXDOMAIN.org
>>> To: granitemon at localhost
>>> Date: November 3 2015
>>> Subject: graaaah
>>>
>>> this is the body
>>> clements at desmond:/tmp$ /usr/lib/dovecot/dovecot-lda -e -d clements <
>>> bogusmail
>>> BUG: Unknown internal error
>>> clements at desmond:/tmp$
>>>
>>> In response to this, mail.log now contains this similar error:
>>>
>>> Nov  3 11:34:57 desmond dovecot: lda(clements): msgid=unspecified: save
>>> failed to INBOX: BUG: Unknown internal error
>>> Nov  3 11:34:57 desmond dovecot: lda(clements): Error:
>>> setegid(privileged)
>>> failed: Operation not permitted
>>>
>>>
>>> I've tried a number of "random internet search" solutions, including
>>> - changing perms on mail files from 660 to 600
>>> - enabling 'mail_access_groups=mail' in 10-mail.conf
>>> - adding individual users to the mail group.
>>>
>>> I guess I'm pretty confident that if dovecot is writing "BUG: Unknown
>>> internal error" in the logs, that this is is actually a bug in dovecot.
>>>
>>> OBresearch: I read through the release notes of 2.2.14 -- 2.2.19 to see
>>> if
>>> a relevant-looking bug had been fixed, but nothing jumped out at me.
>>> OBresearch: searching the dovecot mailing list, I found one *extremely*
>>> relevant thread called "Re: [Dovecot] started with dovecot sieve
>>> <http://dovecot.markmail.org/message/kgd34wberxuvmrsa?q=setegid>", but
>>> there didn't seem to be a solution contained in the thread.
>>>
>>> Final note: this doesn't appear to be confined to debian jessie: I took a
>>> look at my existing installation, and I see that in fact I just went
>>> ahead
>>> and made /var/mail world-writeable, which seems... sub-optimal. I'm sure
>>> I
>>> could do that here, too, but I'd certainly rather not.
>>>
>>> Thanks in advance, and let me know if I've left out relevant crucial
>>> information.
>>>
>>> Best,
>>>
>>> John Clements
>>>
>>
>>
>>
>> --
>> Larry Rosenman                     http://www.lerctr.org/~ler
>> Phone: +1 214-642-9640 (c)     E-Mail: larryrtx at gmail.com
>> US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961
>>
>
>


-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640 (c)     E-Mail: larryrtx at gmail.com
US Mail: 7011 W Parmer Ln, Apt 1115, Austin, TX 78729-6961

More information about the dovecot mailing list