On 8/1/2011 10:11 PM, Thomas Harold wrote:
How do you compile global scripts using the sievec command without
making the script directory owned (and group writable) by the vmail user?
http://wiki2.dovecot.org/Pigeonhole/Sieve/Usage
# cd /etc/dovecot/sieve/before/
# (edit some script like spam.sieve that runs for everyone)
# /usr/local/bin/sievec spam.sieve spam.svbin
sievec(root): Error: sieve: binary save: failed to create temporary
file: open(spam.svbin.hostname.26921.) in directory
/etc/dovecot/sieve/before failed: Permission denied (euid=5000(vmail)
egid=5000(vmail) missing +w perm: /etc/dovecot/sieve/before, euid is
not dir owner)
Why are you executing sievec as vmail in the first place? You should be
able to run it as root or any other user you use to manage global sieve
scripts.
# ls -la /etc/dovecot/sieve/before/
drwxrwxr-x 2 root root 4096 Aug 1 15:56 .
drwxr-xr-x 5 root root 4096 Aug 1 13:23 ..
-rw-rw-r-- 1 root root 477 Aug 1 15:33 spam.sieve
Or do I just make the /etc/dovecot/sieve/ tree owned and writable by
the vmail:vmail user? (Which worked, but seems like a bad idea.)
It is a bad idea. Vmail would only need read access.
Regards,
Stephan
