RE: Dovecot-lda permission errors or maybe authentication errors?

Wed, 05 Nov 2014 23:35:02 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 5 Nov 2014, Robert Kryger wrote:


I agree the error message is confusing.  As mentioned, I initially thought
the Maildir folder permissions were set wrong (since I transferred them over
from an older mail server) so I have tried many combinations including
setting full "rwx" permissions for everyone on the /home/user1 and
/home/user1/Maildir folders.  It doesn't seem to help which leads me to
suspect I might be mis-understanding the dovecot-lda error messages.


They are usually very clear and helpful.


To confirm as currently set:
User1 has full "rwx" permissions on the /home/user1 folder.
What filesystem /home/user1 is located on? E.g. AFS has yet another permission management. What happens if you try to access the folder as the system user: 

su - user1 id -a
su - user1 ls -ald /home/user1
The 1st command verifies, that su - user1 is using the same uid as Dovecot, the 2nd one probes the accessability. 


I am running a "plain" CentOS 6.5 installation.  No intentional protection
software like Apparmor, no SElinux features.


OK, first question answered. ;-)
What about the 2nd one about the permissions of / and /home?


-----Original Message-----
From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de]
Sent: Wednesday, November 05, 2014 9:24 AM
To: Robert Kryger
Cc: dovecot@dovecot.org
Subject: RE: Dovecot-lda permission errors or maybe authentication errors?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 5 Nov 2014, Robert Kryger wrote:


Output of ls -nal /home/user1:


Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
such file or directory, euid is not dir owner)



total 156
drwx------.  6 524 524  4096 Nov  5 08:27 .


This list doesn't seem to fit the error message, because user 524 is owning
this dir and has full access permissions. Maybe, are you running some
protection software, like SELinux, AppArmor, ..., which prevents access to
this directory?

Just to raise the obvious: "/" and "/home" do allow "x"-permission for user
#524, don't they?


drwxr-xr-x. 34   0   0  4096 Oct  4 14:06 ..
-rw-------.  1 524 524  1148 Oct 15 13:44 .bash_history
-rw-r--r--.  1 524 524    18 Sep 25 22:13 .bash_logout
-rw-r--r--.  1 524 524   176 Sep 25 22:13 .bash_profile
-rw-r--r--.  1 524 524   124 Sep 25 22:13 .bashrc
-rw-r--r--.  1   0   0  1362 Nov  4 08:45 config.txt
-rw-r--r--.  1 524 524    75 Oct  6 11:39 .forward_old
-rw-r--r--.  1   0   0    37 Oct 26 19:09 .forward_test_lda
-rw-------.  1 524 524    55 Oct 12 20:12 .lesshst
-rw-r--r--.  1   0   0  1062 Nov  4 08:50 log1.log
-rw-r--r--.  1   0   0  1246 Nov  4 08:49 log2.log
drwxrw----. 35 524 524  4096 Nov  5 08:24 Maildir
drwxr-----. 35   0   0  4096 Oct 29 09:03 Maildirsave
drwxr-xr-x.  4 524 524  4096 May  6  2014 .mozilla
-rw-r--r--.  1 524 524    92 Oct 12 20:20 .procmailrc
-rw-r--r--.  1 524 524  1213 Oct  5 19:56 .procmailrc_old
-rw-r--r--.  1 524 524    92 Oct  6 10:27 .procmailrc_old2
-rw-r--r--.  1   0   0     0 Nov  5 08:27 question1.txt
drwx------.  2 524 524  4096 Oct 14 16:02 .ssh
-rw-rw-r--.  1 524 524   152 Oct  6 10:25 testmessage.txt
-rwxr-xr-x.  1 524 524    87 Oct  6 13:59 testscript
-rw-rw-r--.  1 524 524 60810 Oct 27 16:57 top.log
-rw-r--r--.  1   0   0     6 Nov  4 08:45 version.txt
-rw-------.  1 524 524  3973 Oct 27 16:58 .viminfo

-----Original Message-----
From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de]
Sent: Wednesday, November 05, 2014 5:26 AM
To: Robert Kryger
Cc: dovecot@dovecot.org
Subject: Re: Dovecot-lda permission errors or maybe authentication errors?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 4 Nov 2014, Robert Kryger wrote:


I have tried to specify the dovecot-lda in two ways.  First, in the
/etc/postfix/main.cf file:

mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a
"$RECIPIENT"

or alternatively, I leave the mailbox_command blank and specify the
following in the .forward file of a test user:

| "/usr/libexec/dovecot/dovecot-lda"

Either approach gives me the same error(s).  When a mail message is
sent to the test user USER1, the following errors appear in the
dovecot-lda error
file:

Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
such file or directory, euid is not dir owner) Nov 04 08:47:29

lda(user1):

Error:

chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not
dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings.
Refer to server log for more information.

Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed:
Permission denied (euid=524(user1) egid=524(user1) stat() failed: No
such file or directory, euid is not dir owner) Nov 04 08:47:29

lda(user1):

Error:

chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not
dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings.
Refer to server log for more information.

At first, I interpreted this to mean the file permissions were not
set correctly on the home directory or the Maildir folder.  However,
I have opened these up to full rwx access for everyone and I still
get the same errors.  Alternatively, perhaps this is related somehow
to the dovecot-lda authentication process via the password or user
databases, but I can't make any sense of the documentation.


What's the output of:

ls -nal /home/user1

- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBVFn7O3z1H7kL/d9rAQLIkQf+NsVmLoWS4smKMBXs5auUQHEc7HNMucxa
rT9quBZ/0Xn2Gn4UQRTp/X3XO4UoHYHDigcYLRG0+v7qENfOIShbb4a747LX/BTE
JA+N4OfOWfSJGk+bz2qsxjXwMf0IGFqac1eZME41Qk6yn1CeWv4DTdY/tXmB+Cj+
qk/pUXcHCK/2ay6cYo9pXW3b3/VxPsLq3Q+vD9zJyFUZ5JMwAmk1zdEEPDVZGZ83
rmALm066qtuBePdsxrCuTEw2WyM/Zcgk6M4C40lWCWA/79PFv9FuFxAPIfjOpZaO
jMvzYCzCE4IdWm8dJJQ9+oe0/aO6muu5gvVgoZygsst99PUswjqFcg==
=YsBN
-----END PGP SIGNATURE-----
---------------Output of GPG------------------ Decryption of block
failed
gpg: Signature made Wed 05 Nov 2014 11:26:03 AM CET using RSA key ID
0BFDDF6B
gpg: BAD signature from "Steffen Kaiser <skdove...@smail.inf.fh-brs.de>"



- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBVFozAHz1H7kL/d9rAQLcYggAnP86Mvdnn4sKI4/t1j22/jAetIGuA6hW
r+BFoLtugkp/829TtNnh2FvqF6uWBo38qcni4Qa7FLKGvNOnyaW11YbzVxcvH+lS
+58Ln5SJbAWOhbVTdLusvJZNqJIFUTQPJdx924ohDWndqcUPWdeDUDilegPm9kFS
z6XPTE3gsrqeggGRkD0FyYcDcvO8JuDieLmZnINvJ6bAiOCJ6dgJdNt64DLSbKtk
EMsj5Ix49m219NhkzNTrMXmlT6s/dZqO+/8B1MZ9S/w0KDGwZzYmV86hFlL3ImRp
G5cilKZbsNuGkL0PBHFbUqPrZeAnI93hMI2SszH5cV2dbQkYUqMIew==
=ggMr
-----END PGP SIGNATURE-----
---------------Output of GPG------------------
Decryption of block failed
gpg: Signature made Wed 05 Nov 2014 03:24:00 PM CET using RSA key ID 0BFDDF6B
gpg: BAD signature from "Steffen Kaiser <skdove...@smail.inf.fh-brs.de>"
- -- Steffen Kaiser 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBVFsku3z1H7kL/d9rAQLz6wf+OHrqvMkrdU2Pkq6pZsa4qI0zx4tVM/+i
1BlbxZ1Nk530edO46CKcpRkW8qtU657cYxWNaqpGkYpFUUnKcGtxKhna+tI+pxCe
xdkAtah0Ept1BAGfc3HAgXILkH2akJPxR5R5opqtYFmMAYA65+cDSZ2UfWy/g68n
C9zI6QejLFZ5xhPctL9twrpNZJ2lLScQq/GFr72sXqvIr9oQtNKGxCiHFMAG8IyK
bYsQDju+FZXLgdvndm7VqgxC1/88chYkUcxnbHcr4a49ueXSrytyTrVOlgL5LjZU
Tk+TaD2bBg+YGfF4dQ2IweC7v4oH4XxZA+CaihKeAq/AXfMgmAnQLg==
=fhZe
-----END PGP SIGNATURE-----

Reply via email to