<html>
<head>
<style type="text/css">
body,p,td,div,span{
font-size:13px; font-family:Arial, Helvetica, sans-serif;
};
body p{
margin:0px;
}
</style>
</head>
<body><br><div>Hi,</div><div><br></div><div>if i remember right there are several path changes in 90-sieve.conf. <br></div><div>did you check this?<br></div><div><br></div><br><br>--- Original Nachricht ---<br><b>Betreff: </b>Re: managesieve user<br><b>Von: </b>"André Rodier" <andre@rodier.me><br><b>An: </b>"dovecot" <dovecot@dovecot.org><br><b>Datum: </b>28-03-2020 16:29<br><br><br><br><blockquote style="border:0;border-left: 2px solid #22437f; padding:0px; margin:0px; padding-left:5px; margin-left: 5px; ">On Sat, 2020-03-28 at 15:14 +0000, André Rodier wrote:<br>
> Hello,<br>
> <br>
> I am updating dovecot, from Debian Stretch to Buster, and I have an<br>
> issue with the managesieve service:<br>
> <br>
> > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth:<br>
> > connect(login) in directory / failed: Permission denied<br>
> > (euid=120(<getpwuid() error>) egid=128(<getgrgid() error>) missing<br>
> > +x<br>
> > perm: /, we're not in group 127, dir owned by 0:127 mode=0770)<br>
> > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth:<br>
> > connect(login) in directory / failed: Permission denied<br>
> > (euid=120(<unknown>) egid=128(<unknown>) missing +x perm: /, we're<br>
> > not in group 127, dir owned by 0:127 mode=0770)<br>
> <br>
> The two folders I found with these permissions are /run/dovecot/login<br>
> and /run/dovecot/token-login.<br>
> Both folders belongs to root:dovecot<br>
> <br>
> If I change the permissions of the following folders, like this:<br>
> <br>
> chmod 0775 /run/dovecot/login<br>
> chmod 0775 /run/dovecot/token-login<br>
> <br>
> Then, dovecot managesieve is working, but this is just a test, I<br>
> suppose the service should run with a specific user?<br>
> <br>
> Do you have any idea on what is wrong here?<br>
> <br>
> If I restart dovecot, I have an error message that states the<br>
> permissions are wrong, and they are set again to 0770<br>
> <br>
> Thanks,<br>
> André Rodier<br>
> <br>
Hi again,<br>
<br>
I can fix it by using this:<br>
<br>
> service managesieve-login {<br>
> inet_listener sieve {<br>
> port = 4190<br>
> }<br>
> <br>
> # Run as an unprivileged user<br>
> group = dovecot<br>
> user = dovecot<br>
> }<br>
> <br>
<br>
Is it the right setting in term of security?<br>
<br>
Thanks again,<br>
André</blockquote></body></html>