Dovecot 2.3 - using doveadm as non-root?

[Timo Sirainen]

On 3 Jan 2018, at 11.38, Rob Hoelz <rob+dovecot at hoelz.ro> wrote:
> 
> Hi dovecot developers and users,
> 
> I recently upgraded my server running Arch Linux to dovecot 2.3.0, and I
> noticed some of my cron jobs started issuing me error messages.  These
> cron jobs run as a non-root user associated with my mail account, and
> they use doveadm to tidy things up (ex. purging the trash, moving
> old mail in certain folders into the trash).  The error message is:
> 
>> Error: net_connect_unix(/var/run/dovecot/stats-writer) failed:
>> Permission denied
> 
> I assume this is doveadm trying to participate in the new 2.3 stats
> process, and after reading the code a bit, I can't see way to tell
> doveadm to not connect to the stats writer.  The socket is owned by
> root with 600 permissions.
> 
> What would be the right way to remedy this?  AFAICT, I could potentially
> run doveadm as root (which I would prefer to avoid), or I could change
> the permissions on the stats writer socket, but I would hate to
> introduce any sort of security vulnerability by doing so.  I currently
> have a scrappy Perl script that just runs doveadm and filters out the
> error message (it doesn't seem to affect the behavior of doveadm other
> than the message), but that feels dirty and I would prefer a cleaner
> solution.  Any advice?

I was wondering what to do about this while developing it. I think you can disable this by clearing out the socket path:

doveadm -o stats_writer_socket_path=

But .. I think the changing the socket permissions is the better solution. The new stats process should know about everything that is going on in the system, and these doveadm calls are part of that. So if they're excluded then the stats aren't exactly correct. The stats-writer can't do all that much harm other than messing up the statistics or probably crashing stats process by using up all of its memory.