I've looked up the mode letters and tried this command:
chmod go-rx .Trash
The Trash subdirectories already have the same mode as the mailbox
directory. With the changed mode on .Trash, the deletion did work. So I
guess my maildirs were created with the wrong mode. I'm using this
script to create them:
---8<---------
mkdir -p -m 700 "/var/mail/virtual"
mkdir -p -m 700 "/var/mail/virtual/$1"
mkdir -p -m 700 "/var/mail/virtual/$1/$2"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/cur"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/new"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/tmp"
# Create default folders
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/new"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/tmp"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/cur"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/new"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Sent/tmp"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/cur"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/new"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Drafts/tmp"
# Set up subscriptions
cat <<EOF >"/var/mail/virtual/$1/$2/subscriptions"
Trash
Sent
Drafts
EOF
---8<---------
Not sure why this doesn't work. It should create directories with
drwx------ but it seems to result in the strange drwxr-sr-x. The SGID
bit (sticky on group) seems to be inherited from the parent directory.
Also not sure why I would need that.
Actually I believe that the mail user should have full access to all
maildirs, and no other user. drwx------ should be perfectly sufficient
for that.
Maybe Courier-IMAP (which I've used long long ago before Dovecot) needed
these weird modes. Does anybody know something about that?
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: Mo, 2018-05-21 10:49 +0200
I guess you have had different version(s) or setting(s) in the past, and
you can probably fix this by setting perms to same as the new folders.
Aki
On 21.05.2018 11:46, Yves Goergen wrote:
I couldn't find anything relevant between all the debug log lines. Is
that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
/var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default
permissions
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
Using permissions from /var/mail/virtual/****.de/yg: mode=0700
gid=default
May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
/var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using
default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not
supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and
check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.l...@unclassified.de>
wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
doveconf: Warning: NOTE: You can get a new clean config file with:
doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21:
ssl_parameters_regenerate should have 'hours' suffix
# OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS
auth_mechanisms = plain login
disable_plaintext_auth = no
first_valid_uid = 8
imap_idle_notify_interval = 5 mins
last_valid_uid = 8
listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_gid = 8
mail_plugins = quota
mail_privileged_group = mail
mail_uid = 8
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir
}
protocols = imap pop3
service imap-login {
process_limit = 300
}
ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem
ssl_parameters_regenerate = 1 hours
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
driver = prefetch
}
protocol imap {
mail_max_userip_connections = 100
mail_plugins = quota imap_quota
}
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxrwsr-x root mail mail
drwx--S--- mail mail virtual
drwx--S--- mail mail ****.de
drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136
drwx--S--- 12 mail mail 4096 Mai 19 13:52 .
drwx--S--- 4 mail mail 4096 Mär 4 12:23 ..
drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives
drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA
drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB
drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur
-rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index
-rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache
-rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log
-rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords
-rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log
-rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist
-rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity
-r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de
drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts
drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk
-rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize
drwx--S--- 2 mail mail 4096 Mai 19 13:32 new
drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent
-rw------- 1 mail mail 62 Mai 16 17:42 subscriptions
drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp
drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf
-n and full output of namei -vl /full/path/to/mailbox
---
Aki Tuomi
Dovecot oy
-------- Original message --------
From: Yves Goergen <nospam.l...@unclassified.de>
Date: 19/05/2018 18:51 (GMT+02:00)
To: Dovecot Mailing List <dovecot@dovecot.org>
Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates
IMAP folders with the wrong filesystem permissions? Every new folder
that I create in the mailbox through Thunderbird (IMAP) has the wrong
permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
________________________________________
Von: Yves Goergen
Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a
folder in Thunderbird I get the error message "renaming not supported
across conflicting directory permissions". Looking up the error on the
web led me to checking the mailbox directory's permissions. They're
inconsistent in new mailboxes. While every single directory in an old
mailbox has "drwx--S---", some of the directories in a new mailbox have
"drwxr-sr-x" instead. I'm not sure what that means. The folders with the
later permissions are "Drafts", "Sent" and "Trash". Folders with the
first permissions are "Junk", "Archives" and "Archives.2018". All
folders were created by Thunderbird automatically. Now I wanted to
delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the
same event on the same mail server have different permissions and why
can't I delete one of them (which would probably move it into the trash
folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on
Windows 10.
-Yves