On 16.2.2011, at 22.49, Thomas Skowron wrote: > >> Another thing I thought of was chrooting, but I don't see any chrooting in >> your config. >> >> Maybe you could find out something interesting by starting Dovecot with >> "strace -f -o log dovecot". > > 15311 setresgid(-1, 5000, -1) = 0 > 15311 setresuid(-1, 5000, -1) = 0
So it changes uid and gid to 5000. > 15311 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) > 15311 open("/etc/group", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) > 15311 stat("/home", 0x7fffd3a4c4a0) = -1 EACCES (Permission denied) > 15311 stat("/etc/localtime", 0x7fffd3a4c100) = -1 EACCES (Permission denied) But that doesn't have permissions to do anything. If it's not because of filesystem permissions or SELinux/Apparmor, I don't know what it could be. > Is setresgid(-1,5000,-1) correct? I mean: -1!? Yes. -1 means it's not changed.