[Dovecot] Operation not permitted
Hi all, Slowly but surely moving forward, I hope... I get the following error (in the maillog file) after I've installed Managesieve: *Aug 13 10:13:52 li73-31 dovecot: deliver(andre at paranoidandroid.co.za): Fatal: setgid(501(paranoidandroid)) failed with euid=104(vmail), gid=106(vmail), egid=106(vmail): Operation not permitted* /Does anybody know what this means and how to fix it?/ Don't know if it has anything to do with sieve (I've changed the /usr/etc/dovecot.conf file from mail_plugins = cmusieve to mail_plugins = sieve) My config is below: dovecot config: -- # 1.2.1: /usr/etc/dovecot.conf # OS: Linux 2.6.18.8-x86_64-linode1 x86_64 CentOS release 5.3 (Final) protocols: imap imaps pop3 pop3s ssl_cert_file: /etc/pki/paranoidandroidCA/server.crt ssl_key_file: /etc/pki/paranoidandroidCA/server.key login_dir: /usr/var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: mechanisms: plain login cram-md5 ntlm passdb: driver: sql args: /etc/dovecot/dovecot_sql_passdb.conf userdb: driver: sql args: /etc/dovecot/dovecot_sql_userdb.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /usr/var/run/dovecot/auth-master mode: 384 user: vmail postfix config: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man mydestination = localhost mydomain = paranoidandroid.co.za myhostname = mail.paranoidandroid.co.za mynetworks_style = host myorigin = $myhostname newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_limit = 500 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf virtual_mailbox_base = / virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot master.cf: - pickupfifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scacheunix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
Re: [Dovecot] Operation not permitted
Thank you for your response. It helped a lot. The contents of the conf file is: connect = host=localhost dbname=[db] user=[*] password=[*] user_query = SELECT CONCAT('maildir:', domain.home_dir, '/mail/', mailbox.maildir, 'mail') as mail, domain.uid, domain.gid, CONCAT('quota=maildir:storage=', mailbox.quota) AS quota, CONCAT(domain.home_dir, '/mail/', mailbox.maildir) as home FROM domain JOIN mailbox ON domain.domain = mailbox.domain WHERE mailbox.username = '%u'; [*] is not vmail :) Ok there are two entries in the domain table; one for ALL uid gid = null and one for paranoidandroid.co.za having uid and gid of 501. I'm not sure how these entries are created, I guess it is by mail admin. Should I hack it to 104? or make a new entry? If new entry, then through mail admin, and how? My apologies for all the questions I'm new to Linux and would really like to learn... Best regards, Andre Timo Sirainen wrote: On Aug 14, 2009, at 9:01 AM, André Labuschagné wrote: *Aug 13 10:13:52 li73-31 dovecot: deliver(andre at paranoidandroid.co.za): Fatal: setgid(501(paranoidandroid)) failed with euid=104(vmail), gid=106(vmail), egid=106(vmail): Operation not permitted* This means that you start deliver as vmail:vmail (which I guess is intended), but userdb lookup says that this user should have GID paranoidandroid. So deliver tries to change the proces's GID, but isn't allowed to because it's not running as root. userdb: driver: sql args: /etc/dovecot/dovecot_sql_userdb.conf What do you have in user_query? Is it intended that different users have different gids (and maybe uids)?
Re: [Dovecot] Mail not begin processed
Thank you for the response postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname mail_owner = postfix mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man mydestination = localhost mydomain = paranoidandroid.co.za myhostname = mail.paranoidandroid.co.za mynetworks_style = host myorigin = $myhostname newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_recipient_limit = 500 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf virtual_mailbox_base = / virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot master.cf: -- pickupfifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o smtp_fallback_relay= showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scacheunix - - n - 1 scache dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient} Many thanx Timo Sirainen wrote: On Sat, 2009-08-08 at 14:57 +0200, André Labuschagné wrote: Aug 8 14:55:02 li73-31 postfix/qmgr[20163]: warning: connect to transport private/dovecot: Connection refused What does master.cf contain? Or postconf -n? This is anyway Postfix configuration problem, nothing really to do with Dovecot (your transport name just happens to be dovecot).
Re: [Dovecot] Mail not begin processed
Hi Thank you for the response. The dovecot's config is: --- # 1.2.1: /usr/etc/dovecot.conf # OS: Linux 2.6.18.8-x86_64-linode1 x86_64 CentOS release 5.3 (Final) protocols: imap imaps pop3 pop3s ssl_cert_file: /etc/pki/paranoidandroidCA/server.crt ssl_key_file: /etc/pki/paranoidandroidCA/server.key login_dir: /usr/var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(pop3): /usr/libexec/dovecot/pop3-login mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(pop3): /usr/libexec/dovecot/pop3 mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(pop3): /usr/lib/dovecot/pop3 auth default: mechanisms: plain login cram-md5 ntlm passdb: driver: sql args: /etc/dovecot/dovecot_sql_passdb.conf userdb: driver: sql args: /etc/dovecot/dovecot_sql_userdb.conf socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /usr/var/run/dovecot/auth-master mode: 384 user: vmail The log file snippet is: - Aug 8 14:54:51 li73-31 postfix/smtpd[25196]: connect from mail-ew0-f209.google.com[209.85.219.209] Aug 8 14:54:51 li73-31 postfix/smtpd[25196]: E571527388: client=mail-ew0-f209.google.com[209.85.219.209] Aug 8 14:54:52 li73-31 postfix/cleanup[25202]: E571527388: hold: header Received: from mail-ew0-f209.google.com (mail-ew0-f209.google.com [209.85.219.209])??by mail.paranoidandroid.co.za (Postfix) with ESMTP id E571527388??for an...@paranoidandroid.co.za; Sat, 8 Aug 20 from mail-ew0-f209.google.com[209.85.219.209]; from=tungste...@gmail.com to=an...@paranoidandroid.co.za proto=ESMTP helo=mail-ew0-f209.google.com Aug 8 14:54:52 li73-31 postfix/cleanup[25202]: E571527388: message-id=898bcad90908080554i45eb5dfakad36de457c2ba...@mail.gmail.com Aug 8 14:54:52 li73-31 MailScanner[24606]: New Batch: Scanning 1 messages, 2705 bytes Aug 8 14:55:02 li73-31 MailScanner[24606]: Virus and Content Scanning: Starting Aug 8 14:55:02 li73-31 MailScanner[24606]: Requeue: E571527388.AC203 to 9C2282738E Aug 8 14:55:02 li73-31 MailScanner[24606]: Uninfected: Delivered 1 messages Aug 8 14:55:02 li73-31 postfix/qmgr[20163]: 9C2282738E: from=tungste...@gmail.com, size=1981, nrcpt=1 (queue active) Aug 8 14:55:02 li73-31 postfix/qmgr[20163]: warning: connect to transport private/dovecot: Connection refused Aug 8 14:55:02 li73-31 postfix/error[25208]: 9C2282738E: to=an...@paranoidandroid.co.za, relay=none, delay=11, delays=11/0.01/0/0.15, dsn=4.3.0, status=deferred (mail transport unavailable) Aug 8 14:55:02 li73-31 MailScanner[24606]: Deleted 1 messages from processing-database Aug 8 14:55:22 li73-31 postfix/smtpd[25196]: disconnect from mail-ew0-f209.google.com[209.85.219.209] Timo Sirainen wrote: On Fri, 2009-08-07 at 15:39 +0200, Andre Labuschagne wrote: Good day all, [Dovecot version 1.2.1] I've set up postfix and dovecot on Centos. I have a problem with the mail, it is begin received but not processed by dovecot. I've looked in the maillog file and found two problems; the first is that private/dovecot directory (I think it should be a directory) did not exist and the second problem is mail transport unavailable. private/dovecot is typically dovecot authentication socket for SMTP AUTH. deliver doesn't need it. I've create a directory called /var/spool/postfix/private/dovecot but I get the following error in the log file: Connection refused (Is this an ownership issue? I've made the owner postfix) As for the second problem, I've spend the most of the past 3 days googling the error and found very little useful information. Do I need to supply more info? Yeah. Postfix configuration, dovecot -n output and exact log messages what happens when you try to deliver a mail.