Permissions issue with doveadm mailbox command

James Moe moe.james at sma-inc.us
Fri Dec 30 22:15:14 UTC 2022 

I have been exploring dovecot and came across this:

$ sudo doveadm mailbox list
doveadm(root): Error: Mail access for users with UID 303 not permitted (see
first_valid_uid in config file, uid from mail_uid setting).

  Hmm. After setting "first_valid_uid = 300":

$ sudo doveadm mailbox list
doveadm(root)<4380><4VP8EENer2McEQAAvbJltg>: Error: chdir(/root/) failed:
Permission denied (euid=303(vmail) egid=303(vmail) missing +x perm: /root, dir
owned by 0:0 mode=0700)
INBOX

  I do not understand the error message.

  The current configuration. (Note I have changed first_valid_uid to its
original value.)
$ postconf -n
# 2.3.15 (0503334ab1): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.15 (e6a84e31)
# OS: Linux 5.14.21-150400.24.33-default x86_64  btrfs
# Hostname: sma-server3.sma.com
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
debug_log_path = /data01/var/log/dovecot/dovecot-debug.log
disable_plaintext_auth = no
first_valid_uid = 1001
info_log_path = /data01/var/log/dovecot/dovecot-info.log
log_path = /data01/var/log/dovecot/dovecot.log
log_timestamp = %Y-%m-%dT%H:%M:%S
mail_gid = vmail
mail_location = maildir:/var/mail/vmail/%u/
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date index ihave duplicate
mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  driver = pam
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = imap
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service log {
  group = users
  user = dovecot
}
ssl = no
ssl_cipher_list =
ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
  driver = passwd
}
userdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}


-- 
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.

More information about the dovecot mailing list