In an effort to analyse this, I think I have found the cause for the
inconsistent permissions.
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur"
will create .Trash/cur with mode 700. But if .Trash doesn't already
exist, it will be created with some default mode which is not 700.
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash"
mkdir -p -m 700 "/var/mail/virtual/$1/$2/.Trash/cur"
This creates both directories explicitly and with mode 700.
I could get a list of all directories with unexpected mode with
find /var/mail/virtual -perm -go=rx
And this command fixed the directories (tested in the range of a single
domain for now):
find /var/mail/virtual -perm -go=rx |xargs chmod go-rx
Please let me know if there are any problems with this procedure. I
don't expect having the initial issue again with corrected maildir
folder permissions and the corrected maildir creation script.
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: Mo, 2018-05-21 10:49 +0200
I guess you have had different version(s) or setting(s) in the past, and
you can probably fix this by setting perms to same as the new folders.
Aki
On 21.05.2018 11:46, Yves Goergen wrote:
I couldn't find anything relevant between all the debug log lines. Is
that in /var/log/mail.log?
Here's the lines I think are related to creating and deleting the folder:
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
/var/mail/virtual/****.de/yg/.Test doesn't exist yet, using default
permissions
May 21 10:36:14 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
Using permissions from /var/mail/virtual/****.de/yg: mode=0700
gid=default
May 21 10:36:23 mond2 dovecot: imap(yg@****.de): Debug: Namespace :
/var/mail/virtual/****.de/yg/.Trash.Test doesn't exist yet, using
default permissions
That's it.
Thunderbird shows an error message with: [CANNOT] Renaming not
supported across conflicting directory permissions (0.000 + 0.000 secs).
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: So, 2018-05-20 16:00 +0200
Assuming '8' = mail, i cannot see anything wrong here...
Can you turn on 'mail_debug=yes' and attempt folder deletion, and
check logs after that?
Aki
On 20 May 2018 at 16:19 Yves Goergen <nospam.l...@unclassified.de>
wrote:
Here's the output of 'doveconf -n':
# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
doveconf: Warning: NOTE: You can get a new clean config file with:
doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/local.conf:21:
ssl_parameters_regenerate should have 'hours' suffix
# OS: Linux 4.4.0-124-generic x86_64 Ubuntu 16.04.3 LTS
auth_mechanisms = plain login
disable_plaintext_auth = no
first_valid_uid = 8
imap_idle_notify_interval = 5 mins
last_valid_uid = 8
listen = 5.9.48.194, 2a01:4f8:161:40c9::2, 127.0.0.1, ::1
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_gid = 8
mail_plugins = quota
mail_privileged_group = mail
mail_uid = 8
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
quota = maildir
}
protocols = imap pop3
service imap-login {
process_limit = 300
}
ssl_cert = </etc/letsencrypt/live/dotforward.de/fullchain.pem
ssl_cipher_list =
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
ssl_dh_parameters_length = 2048
ssl_key = </etc/letsencrypt/live/dotforward.de/privkey.pem
ssl_parameters_regenerate = 1 hours
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
driver = prefetch
}
protocol imap {
mail_max_userip_connections = 100
mail_plugins = quota imap_quota
}
And this is the 'namei' output:
f: /var/mail/virtual/****.de/yg/
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxrwsr-x root mail mail
drwx--S--- mail mail virtual
drwx--S--- mail mail ****.de
drwx--S--- mail mail yg
Here's also the 'ls -al' output of that mailbox directory:
insgesamt 136
drwx--S--- 12 mail mail 4096 Mai 19 13:52 .
drwx--S--- 4 mail mail 4096 Mär 4 12:23 ..
drwx--S--- 5 mail mail 4096 Mai 18 23:16 .Archives
drwx--S--- 5 mail mail 4096 Mai 17 16:22 .Archives.TestA
drwx--S--- 5 mail mail 4096 Mai 18 14:09 .Archives.TestB
drwx--S--- 2 mail mail 4096 Mai 19 13:32 cur
-rw------- 1 mail mail 736 Mai 16 15:23 dovecot.index
-rw------- 1 mail mail 22096 Mai 19 13:32 dovecot.index.cache
-rw------- 1 mail mail 27260 Mai 19 13:34 dovecot.index.log
-rw------- 1 mail mail 28 Mai 16 14:33 dovecot-keywords
-rw------- 1 mail mail 168 Mai 16 17:41 dovecot.mailbox.log
-rw------- 1 mail mail 406 Mai 19 13:32 dovecot-uidlist
-rw------- 1 mail mail 8 Mai 16 17:41 dovecot-uidvalidity
-r--r--r-- 1 mail mail 0 Feb 28 19:32 dovecot-uidvalidity.5a96f5de
drwxr-sr-x 5 mail mail 4096 Mai 18 14:09 .Drafts
drwx--S--- 5 mail mail 4096 Feb 28 19:42 .Junk
-rw------- 1 mail mail 4621 Mai 19 13:32 maildirsize
drwx--S--- 2 mail mail 4096 Mai 19 13:32 new
drwxr-sr-x 5 mail mail 4096 Mai 18 14:08 .Sent
-rw------- 1 mail mail 62 Mai 16 17:42 subscriptions
drwx--S--- 2 mail mail 4096 Mai 20 12:35 tmp
drwxr-sr-x 5 mail mail 4096 Mai 18 18:15 .Trash
-Yves
________________________________________
Von: Aki Tuomi
Gesendet: Sa, 2018-05-19 18:22 +0200
This sounds more like misconfiguration to me. Can you provide doveconf
-n and full output of namei -vl /full/path/to/mailbox
---
Aki Tuomi
Dovecot oy
-------- Original message --------
From: Yves Goergen <nospam.l...@unclassified.de>
Date: 19/05/2018 18:51 (GMT+02:00)
To: Dovecot Mailing List <dovecot@dovecot.org>
Subject: Re: Cannot delete folder
The issue still exists. Can anybody explain to me why dovecot creates
IMAP folders with the wrong filesystem permissions? Every new folder
that I create in the mailbox through Thunderbird (IMAP) has the wrong
permission and cannot be deleted anymore.
This looks like a dovecot bug to me.
-Yves
________________________________________
Von: Yves Goergen
Gesendet: Di, 2018-03-06 20:55 +0100
Hi there,
I cannot delete IMAP folders in new mailboxes. When trying to delete a
folder in Thunderbird I get the error message "renaming not supported
across conflicting directory permissions". Looking up the error on the
web led me to checking the mailbox directory's permissions. They're
inconsistent in new mailboxes. While every single directory in an old
mailbox has "drwx--S---", some of the directories in a new mailbox have
"drwxr-sr-x" instead. I'm not sure what that means. The folders with the
later permissions are "Drafts", "Sent" and "Trash". Folders with the
first permissions are "Junk", "Archives" and "Archives.2018". All
folders were created by Thunderbird automatically. Now I wanted to
delete "Archives.2018".
What's the issue here? Why do folders created by the same MUA in the
same event on the same mail server have different permissions and why
can't I delete one of them (which would probably move it into the trash
folder first)?
Dovecot version is 2.2.22 on Ubuntu 16.04, Thunderbird is 52.6.0 on
Windows 10.
-Yves
