mail_crypt module and error with tmp directory

Aki Tuomi aki.tuomi at open-xchange.com
Mon May 3 11:42:58 EEST 2021


> On 03/05/2021 11:16 Fiorenza Meini <fmeini at esseweb.eu> wrote:
> 
>  
> Il 03/05/21 09:47, Aki Tuomi ha scritto:
> > 
> >> On 03/05/2021 10:42 Fiorenza Meini <fmeini at esseweb.eu> wrote:
> >>
> >>   
> >> Hi,
> >> I successfully enable mail_crypt module but I'm experiencing a strange
> >> behaviour with tmp directory while accessing with POP3 protocol:
> >>
> >> I see in log file:
> >> Error: istream-seekable: safe_mkstemp(/tmp/dovecot.pop3.) failed:
> >> Permission denied
> >>
> >> I changed tmp directory configuration (mail_temp_dir variable) and
> >> setting it with 777 permission, but the error is the same.
> >>
> >> On client side it's working everything, but I'd like to understand the
> >> error and if I have to be worried about it.
> >>
> >> Thank you and regards
> >> Fiorenza
> >>
> >> -- 
> >> Fiorenza Meini/Spazio Web
> >>
> > 
> > Are you by chance using selinux or apparmor there which could prevent this? Also Dovecot's stock systemd unit prevenst you from writing into random locations, /tmp should be fine though.
> > 
> > Aki
> > 
> 
> Hi,
> I have apparmor installed on the machine, but even if stopped it the 
> problem didn't solved.
> 
> I think dovecot's systemd unit file configuration is this 
> one:/usr/lib/tmpfiles.d/dovecot.conf
> 
> It's content is this:
> # Type Path                    Mode UID  GID     Age Argument
> d      /var/run/dovecot/       0755 root root    -   -
> d      /var/run/dovecot/login/ 0750 root dovecot -   -
> 
> Should I insert here a line for /tmp directory ?
> 
> Thank you and regards
> 
> Fiorenza

I don't think you need to do that.

Also note that since you're using systemd, dovecot has PrivateTmp=yes, which means that /tmp is actually /tmp/*service*dovecot*/tmp

Aki


More information about the dovecot mailing list