doveadm quota error output in some cases

Kai Schaetzl maillists at conactive.com
Fri Sep 28 00:05:41 EEST 2018 

I am testing a special setup on one machine where I want to put some local 
users that get mail locally to /home user directories via postfix 
transport map local: for historical and practical reasons. Other users are 
setup as virtual users.
The local users are *also* setup as virtual users for dovecot so that I 
can retrieve the mail via dovecot. I changed the SQL for dovecot 
user_query, so that it gets the local uid and gid (and doesn't use vmail) 
and also gets the home directory in /home for only those users. After a 
bit of experimenting this works fine and I can retrieve mail via dovecot.
However, there are two problems with quota and one of them has "doveadm 
get quota" spew out a lot of garbage that I think should actually go to a 
log and not to the program output.
When I run a doveadm quota get -A or -u user I get four errors of this 
kind (for user/domain storage and message limit) for each special user:

doveadm(user): Error: Failed to get quota resource STORAGE: quota-dict: 
dict_lookup(priv/quota/storage) failed: net_connect_unix
(/var/run/dovecot/dict) failed: Permission denied (euid=500(user) 
egid=200(vmail) missing +r perm: /var/run/dovecot/dict, dir owned by 0:0 
mode=0755) (reply took 0.000 secs (0.000 in dict wait, 0.000 in other 
ioloops, 0.000 in locks))

Then the normal program output follows, with error lines for these special 
users, of course:
user       STORAGE error error                       error

The reason is that /var/run/dovecot/dict is owned by vmail:vmail (not 
root:root as the 0:0 suggests). I don't see a way to change this without 
blocking the "real" virtual users that use vmail:vmail.

Shouldn't this massive error output rather go to a log? 
(dovecot/error.log)

Or: is there a way to avoid this? /var/run/dovecot/dict is a socket. I 
didn't want to fiddle with it.
Can I change the permissions so that it can also be accessed by other 
system users? Probably only to make it world-readable? If so, what are the 
implications of doing that?

Thanks,


Kai

More information about the dovecot mailing list