Doveadm error since 2.3.11.3 when run as unprivileged user
Arjen de Korte
build+dovecot at de-korte.org
Thu Aug 13 22:55:24 EEST 2020
Citeren Josef 'Jeff' Sipek <jeff.sipek at open-xchange.com>:
> On Thu, Aug 13, 2020 at 21:16:42 +0200, Arjen de Korte wrote:
>> Citeren Timo Sirainen <timo at sirainen.com>:
>> > !include_try ssl-keys.conf
>>
>> That will only work to include an optional configuration file and
>> suppress errors if it doesn't exist. I put
>>
>> ssl_key = </etc/ssl/private/de-korte.org.key
>>
>> in a separate configuration file and it failed in a similar fashion,
>> just with another filename.
>
> I think the idea was that the file with the ssl_key line was only
> root-readable. That way, non-privilged users will fail to include the file.
>
> Is that what you tried?
No, but you put me on the right track.
What is needed is to !include_try the whole previous SSL configuration
file only for root and to precede this by an include for a new one
which disables SSL completely. So first SSL will be disabled for all
users (including root) and only for root, the SSL configuration will
be loaded after that.
More information about the dovecot
mailing list