postfix, dovecot-lda, /run/dovecot/stats-writer socket permision and local user delivery, again

Aki Tuomi aki.tuomi at open-xchange.com
Tue Feb 22 07:49:37 UTC 2022


> On 21/02/2022 23:24 Michael Tokarev <mjt at tls.msk.ru> wrote:
> 
>  
> Hi!
> 
> There are many questions on the 'net about the same theme:
> lda(mjt): Error: net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied
> 
> dovecot-lda is run from postfix as mailbox_command for local users.
> 
> There's even a suggestion on dovecot wiki to make dovecot-lda setgid
> (to mail) - for a different reason but people use this trick to shut
> this error message up.  See eg the last message at
> https://forum.zentyal.org/index.php?topic=35236.0 which points to
> https://wiki2.dovecot.org/LDA/Postfix .
> 
> But the thing is: mail delivery stops right after making dovecot-lda
> setgid, like this:
> 
> Feb 22 00:06:46 tsrv dovecot: lda(mjt)<253650><s+nnHub+E2LS3gMA7tuOMA>: \
>   Fatal: setresgid(914(dovecot),914(dovecot),8(mail)) failed with euid=1000(mjt): \
>   Operation not permitted
> 
> why the hell lda tries to setuid to dovecot user?
> It will definitely unable to write to the maildir since it is owned by
> user mjt, not by user dovecot!
> 
> And I *only* made it setgid, not setuid.
> 
> How to use dovecot-lda together with postfix, after all?
> 
> Thanks,
> 
> /mjt

The most simple fix which usually works is

service stats {
  unix_listener stats-writer {
    mode = 0666
  }
}

Aki


More information about the dovecot mailing list