On Wednesday 20 May 2009 18:49:25 Steffen Kaiser wrote: > Well, there are lots of "permission denied" problems lately. > > Are you really absolutely sure that user with uid 5000 may chdir into > /home/vmail/example.com/john ?? > > I mean, make sure "su" may set uid to the user of UID 5000 (esp. the shell > is a real shell, so (as root) # su user -c "echo OK" > displays "OK", then do as root # > > su user -c 'cd /home/vmail/example.com/john && echo Dir:$(pwd)'
greenchilly:/home/lawgon# su vmail -c "echo OK" OK greenchilly:/home/lawgon# su vmail -c 'cd /home/vmail/example.com/john && echo Dir:$(pwd)' Dir:/home/vmail/example.com/john > > (and revert what you've did for testing on success) > > Do run some protection stuff, e.g. SELinux or AppArmor or the like? > Dovecot setuid()'s to uid 5000, then chdir()s there. Such stuff may > prohibit this. no - and note that I use dovecot for LDA and dovecot as vmail has no problem delivering mail (which means it can read and write in that directory) > > Or, do you have ACLs enabled in the filesystem? Or do you use a remote > filesystem, which permissions probably lie to the client. no - of course this is a VPS on a Gandi xen setup, but I do not see how anything is affected by this > > Are all files in /home/vmail/example.com/john owned by uid 5000 and r/w? yes > No dead sym links, etc.pp? no. -- regards Kenneth Gonsalves Associate NRC-FOSS http://nrcfosshelpline.in/web/