doveadm: Error: open(/proc/self/io) failed
Timo Sirainen
timo at sirainen.com
Thu Aug 1 16:36:49 EEST 2019
On 31 Jul 2019, at 20.45, A. Schulze via dovecot <dovecot at dovecot.org> wrote:
>
>
>
> Am 31.07.19 um 08:27 schrieb Sami Ketola via dovecot:
>> service lmtp {
>> user = vmail
>> }
>>
>> please remove user = vmail from here or change it to root.
>>
>> for security reasons lmtp service must be started as root since version 2.2.36. lmtp will drop root privileges after initialisation but it needs to open /self/proc/io as root before that.
>
> Hello Sami,
>
> I don't read "root is required for lmtp" in https://wiki.dovecot.org/LMTP#Security neither does https://dovecot.org/doc/NEWS-2.2 say so.
> Could you proof that statement somehow?
Alternative is:
service lmtp {
user = vmail
drop_priv_before_exec = yes
}
I'm not sure if you run into other problems with that.
More information about the dovecot
mailing list