Configuration problem for secure virtual server
Karsten Malcher
debian at home.decotrain.de
Thu Dec 15 17:17:42 UTC 2016
Hello,
i want to configure a virtual mailsystem on an debian server with exim and dovecot.
Because it is running on a V-Server, i want to store everythink in a LUKS encrypted contrainer.
So i created a group crypt with the members Debian-exim (107), dovecot, (other users with encrypted content)
All mails should be stored in /mail in the mounted container.
Dovecot has this configuration:
=======================================
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf
}
userdb {
driver = static
args = uid=Debian-exim gid=mail home=/mountpoint/mail/%d/%n
}
mail_uid = Debian-exim
first_valid_uid = 107
last_valid_uid = 107
first_valid_gid = 8
last_valid_gid = 9
mail_location = maildir:/mountpoint/mail/%d/%n
=======================================
The /mountpoint has the following rights:
drwxrwx--- 5 root crypt 4,0K Dez 13 19:05 mountpoint
The subdirectories are all owned by Debian-exim:
drwxrwx--- 4 Debian-exim mail 4,0K Okt 23 17:05 mail
The group mail has id 8 and the group crypt has id 9
The Problem is that dovecot will not go into the directory with group crypt!
I always get the following error message:
Dec 15 18:03:25 pop3(karsten at server): Error: user karsten at server: Initialization failed: Initializing mail storage from
mail_location setting failed: stat(/mountpoint/mail/server/karsten) failed: Permission denied (euid=107(Debian-exim)
egid=8(mail) missing +x perm: /mnt, we're not in group 9(crypt), dir owned by 0:9 mode=0770)
Dec 15 18:03:25 pop3(karsten at server): Error: Invalid user settings. Refer to server log for more information.
But dovecot is definitely in the group crypt!
What i am doing wrong?
Regards
Karsten
More information about the dovecot
mailing list