Re: [Dovecot] Permission error
Op 23-09-13 10:22, Reindl Harald schreef:
Am 23.09.2013 09:33, schrieb Koenraad Lelong:
Op 16-09-13 11:48, Koenraad Lelong schreef:
I just tried with chown nobody:nogroup auth-worker
Now the error is gone.
The question remains : what does create auth-worker ? The installer ?
then I think ubuntu does it wrong.
I'm sorry for the late reply but I'm not working full time on this migration.
Unfortunately, I now experienced and remembered the fact that the /run or
/var/run directories are temporary
directories, i.e. they are recreated on boot. Which means that the ownership is
recreated on boot and in this case
set to dovecot:root. Which means dovecot can't access the file
sounds like a systemd distribution
man tmpfiles.d
[root@srv-rhsoft:~]$ cat /etc/tmpfiles.d/dovecot.conf
d /run/dovecot 0775 dovecot dovecot -
Thanks for the reply.
I don't know if Ubuntu 12.04 is systemd based. I didn't find tmpfiles.d
so I looked further. In dovecot.conf I finally found :
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
user = nobody
}
Notice that user=nobody. I commented that out, now it works.
Regards,
Koenraad Lelong
Re: [Dovecot] Permission error
Op 16-09-13 11:48, Koenraad Lelong schreef:
Hi,
I just tried with chown nobody:nogroup auth-worker
Now the error is gone.
The question remains : what does create auth-worker ? The installer ?
then I think ubuntu does it wrong.
Any comments ?
Regards,
Koenraad.
Hi,
I'm sorry for the late reply but I'm not working full time on this
migration.
Unfortunately, I now experienced and remembered the fact that the /run
or /var/run directories are temporary directories, i.e. they are
recreated on boot. Which means that the ownership is recreated on boot
and in this case set to dovecot:root. Which means dovecot can't access
the file.
I googled and found I needed a section :
service auth-worker {
# Auth worker process is run as root by default, so that it can access
# /etc/shadow. If this isn't necessary, the user should be changed to
# $default_internal_user.
user = $default_internal_user
}
This does not work, also setting the user to dovecot gives the same result :
2013-09-23 09:28:08 auth: Fatal: net_connect_unix(auth-worker) in
directory /run/dovecot failed: Permission denied (euid=65534(nobody)
egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned
by 0:0 mode=0755)
2013-09-23 09:28:08 master: Error: service(auth): command startup
failed, throttling
I'm stuck, can anyone please point me into the right direction ?
Thanks,
Koenraad Lelong
Re: [Dovecot] Permission error
Am 23.09.2013 09:33, schrieb Koenraad Lelong: Op 16-09-13 11:48, Koenraad Lelong schreef: I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong. I'm sorry for the late reply but I'm not working full time on this migration. Unfortunately, I now experienced and remembered the fact that the /run or /var/run directories are temporary directories, i.e. they are recreated on boot. Which means that the ownership is recreated on boot and in this case set to dovecot:root. Which means dovecot can't access the file sounds like a systemd distribution man tmpfiles.d [root@srv-rhsoft:~]$ cat /etc/tmpfiles.d/dovecot.conf d /run/dovecot 0775 dovecot dovecot - signature.asc Description: OpenPGP digital signature
[Dovecot] Permission error
Hi,
I'm migrating an existing dovecot (1. series) to new hardware. The new
dovecot is a 2. series.
I copied the old config and did a
doveconf -n -c /etc/dovecot/dovecot.conf dovecot-2.conf
Then I moved the dovecot-2.conf to dovecot.conf and restarted dovecot.
When Postfix tries to deliver a message I get this error :
2013-09-16 11:00:10 auth: Fatal: net_connect_unix(auth-worker) in
directory /run/dovecot failed: Permission denied (euid=65534(nobody)
egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned
by 0:0 mode=0755)
2013-09-16 11:00:10 master: Error: service(auth): command startup
failed, throttling
I tried different things with /run/dovecot/auth-worker, but the error
remains. I tried to chmod 777 the socket, I chown-ed to dovecot:dovecot,
vmail:vmail.
What am I missing ? AFAIK the sql-tables are OK.
Thanks.
doveconf -n is this :
# 2.0.19: /etc/dovecot/dovecot.conf
# OS: Linux 3.5.0-39-generic x86_64 Ubuntu 12.04.3 LTS
auth_debug = yes
auth_mechanisms = plain login
auth_verbose = yes
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
first_valid_uid = 499
info_log_path = /var/log/dovecot.debug
last_valid_uid = 499
log_path = /var/log/dovecot
log_timestamp = %Y-%m-%d %H:%M:%S
mail_debug = yes
mail_location = maildir:/var/vmail/%u
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-master {
group = vmail
mode = 0660
user = vmail
}
user = nobody
}
service imap-login {
executable = /usr/lib/dovecot/imap-login
inet_listener imap {
address = *
port = 143
}
inet_listener imaps {
address = *
port = 993
}
}
service imap {
executable = /usr/lib/dovecot/imap
}
service pop3-login {
executable = /usr/lib/dovecot/pop3-login
inet_listener pop3 {
address = *
port = 110
}
}
service pop3 {
executable = /usr/lib/dovecot/pop3
}
ssl_ca = /etc/postfix/certificate/cacert.org.pem
ssl_cert = /etc/postfix/certificate/mailbox.pem
ssl_key = /etc/postfix/certificate/mailboxkey.pem
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
verbose_ssl = yes
protocol imap {
imap_max_line_length = 64 k
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
protocol sieve {
managesieve_logout_format = bytes ( in=%i : out=%o )
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
info_log_path = /var/log/dovecot-lda.log
log_path = /var/log/dovecot-lda-err.log
mail_plugins = sieve
postmaster_address = some-...@ace-electronics.be
sendmail_path = /usr/lib/sendmail
}
Re: [Dovecot] Permission error
Op 16-09-13 11:28, Koenraad Lelong schreef: Hi, I'm migrating an existing dovecot (1. series) to new hardware. The new dovecot is a 2. series. I copied the old config and did a doveconf -n -c /etc/dovecot/dovecot.conf dovecot-2.conf Then I moved the dovecot-2.conf to dovecot.conf and restarted dovecot. When Postfix tries to deliver a message I get this error : 2013-09-16 11:00:10 auth: Fatal: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +r perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755) 2013-09-16 11:00:10 master: Error: service(auth): command startup failed, throttling I tried different things with /run/dovecot/auth-worker, but the error remains. I tried to chmod 777 the socket, I chown-ed to dovecot:dovecot, vmail:vmail. What am I missing ? AFAIK the sql-tables are OK. Hi, I just tried with chown nobody:nogroup auth-worker Now the error is gone. The question remains : what does create auth-worker ? The installer ? then I think ubuntu does it wrong. Any comments ? Regards, Koenraad.
