dovecot cannot drop privileges inside singularity container

[cesco]

Hi all

I'm facing an issue while running dovecot inside a singularity
(https://sylabs.io/singularity/) container

dovecot version is 2.3.4.1 (configuration below) running on debian
buster, inside a container made with singularity version 3.4.2

unfortunately, when I try to start dovecot, it gives:
Singularity test.sif:~> cat /var/log/mail.log
Dec 30 17:23:38 testnode dovecot: master: Dovecot v2.3.4.1 (f79e8e7e4)
starting up for imap, lmtp, sieve, pop3, submission (core dumps disabled)
Dec 30 17:23:38 testnode dovecot: anvil: Fatal: We couldn't drop root
privileges
Dec 30 17:23:38 testnode dovecot: master: Error: service(anvil): command
startup failed, throttling for 2 secs

the same happens on singularity containers based on debian bullseye or
alpine linux 3.9.2

many thanks!
nzasch

Singularity test.sif:~> doveconf -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-6-amd64 x86_64 Debian 10.2
# Hostname: testnode.example.net
mail_location = mbox:~/mail:INBOX=/var/mail/%u
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap lmtp sieve pop3 submission"
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = passwd
}