> On 08/12/2023 14:45 EET John Fawcett wrote:
>
>
> Hi
>
> does anyone happen to know the username under which dovecot accesses the
> certificate and key files when connecting to a mariadb database with
> ssl? I can't seem to get dovecot to read the files without a "other"
> readable bit
Hi
does anyone happen to know the username under which dovecot accesses the
certificate and key files when connecting to a mariadb database with
ssl? I can't seem to get dovecot to read the files without a "other"
readable bit set.
I have dovecot users in mysql with the following connect
On 08/12/2023 14:18, Aki Tuomi via dovecot wrote:
The group depends on process, usually dovecot uses four different identities:
root, dovecot:dovecot, dovenull:dovenull and vmail:vmail (or per-user identity).
Any extra groups are removed during execution, but if you want, you can use
John Fawcett skrev den 2023-12-08 13:45:
I realize it only adds marginal security to not have these files world
readable, but still it is puzzling why dovecot cannot read them in that
case. Can anyone see what I am missing?
dovecot does imho not run anywhere with users group ?
default in
Aki Tuomi via dovecot skrev den 2023-12-08 14:18:
service imap {
...
extra_groups = users
}
to grant the process users membership during execution.
secureity ?, oh no :/
___
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an
John Fawcett skrev den 2023-12-08 15:06:
Thanks Aki, with this info I solved it. I didn't get to the bottom of
which process needed the extra_groups attribute, but changing the files
group ownership to dovecot was just as good.
false security even if it works :/
