Re: [Dovecot] chdir failed, but requires group permissions
Thanks for the suggestion, That's a good idea, but unfortunately where the home directories lie, the users actually need to be members of 2 groups - so they both can't be primary. However, it seems odd to me that Dovecot would REQUIRE access to the $HOME directory, when I am only using it to pop mail from /var/mail (which it has full access to) - and I am not using imap access at all. Brent. -Original Message- From: Timo Sirainen [mailto:[EMAIL PROTECTED] Sent: Fri 4/6/2007 1:01 AM To: Brent Nesbitt Cc: dovecot@dovecot.org Subject: Re: [Dovecot] chdir failed, but requires group permissions On 4.4.2007, at 1.48, Brent Nesbitt wrote: My home directories are set up with 770 permissions as follows: /home/group name/user name Using this method, users MUST be a member of the appropriate group to access their own home directory. If they are not, they can't chdir past /home. Could the group be the user's primary group? Then it works. Otherwise there's not much else you can do except modify the sources.
Re: [Dovecot] chdir failed, but requires group permissions
On 7.4.2007, at 20.35, Brent Nesbitt wrote: However, it seems odd to me that Dovecot would REQUIRE access to the $HOME directory, when I am only using it to pop mail from /var/ mail (which it has full access to) - and I am not using imap access at all. Well, you don't HAVE to give Dovecot any home directory at all. See the bottom of http://wiki.dovecot.org/MailLocation/Mbox PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] chdir failed, but requires group permissions
Thanks - I hadn't seen that before. If I'm understanding what you're getting at, you're referring to: Modify mail_location setting so that the mail root directory is also the empty directory and append :INDEX=MEMORY to it. For example: mail_location = mbox:/var/empty:INBOX=/var/mail/%u:INDEX=MEMORY Which unfortunately, doesn't work. Even with these settings, or putting mbox, INBOX, INDEX all in /var/mail - dovecot still fails after successful authentication with an error that it can't chdir to the mail user's home directory; which, of course, it can't - but again, it shouldn't need to. -Original Message- From: Timo Sirainen [mailto:[EMAIL PROTECTED] Sent: Sat 4/7/2007 10:43 AM To: Brent Nesbitt Cc: dovecot@dovecot.org Subject: Re: [Dovecot] chdir failed, but requires group permissions On 7.4.2007, at 20.35, Brent Nesbitt wrote: However, it seems odd to me that Dovecot would REQUIRE access to the $HOME directory, when I am only using it to pop mail from /var/ mail (which it has full access to) - and I am not using imap access at all. Well, you don't HAVE to give Dovecot any home directory at all. See the bottom of http://wiki.dovecot.org/MailLocation/Mbox
Re: [Dovecot] chdir failed, but requires group permissions
On 7.4.2007, at 21.56, Brent Nesbitt wrote: Which unfortunately, doesn't work. Even with these settings, or putting mbox, INBOX, INDEX all in /var/mail - dovecot still fails after successful authentication with an error that it can't chdir to the mail user's home directory; which, of course, it can't - but again, it shouldn't need to. Yes, but I meant that you could change the userdb not to return a home directory at all for users. Or are you using passwd as userdb? Then it gets trickier.. PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] chdir failed, but requires group permissions
On 7.4.2007, at 22.36, Brent Nesbitt wrote: Yes, I am using passwd - as I also have webmail using these same logins - so changing the actual home directory won't work either. At this point I am using popa3d instead of dovecot - but Dovecot is a much more capable program, so I thought it SHOULD have worked. Dovecot doesn't work that great with multiple groups currently. You could always modify the sources to just disable the chdir(). It's not that important. Perhaps I should just move it later after the privileges are really dropped. I'm not actually sure why it's done earlier. The code related to it is pretty huge already. PGP.sig Description: This is a digitally signed message part
Re: [Dovecot] chdir failed, but requires group permissions
On 4.4.2007, at 1.48, Brent Nesbitt wrote: My home directories are set up with 770 permissions as follows: /home/group name/user name Using this method, users MUST be a member of the appropriate group to access their own home directory. If they are not, they can't chdir past /home. Could the group be the user's primary group? Then it works. Otherwise there's not much else you can do except modify the sources. PGP.sig Description: This is a digitally signed message part
[Dovecot] chdir failed, but requires group permissions
Using Debian Etch package dovecot-common and dovecot-pop3d, based on 1.0.rc15-2 My home directories are set up with 770 permissions as follows: /home/group name/user name Using this method, users MUST be a member of the appropriate group to access their own home directory. If they are not, they can't chdir past /home. This appears to kill dovecot with a chdir failed with id : Permission Denied error, immediately after authenticating a pop3 user. I was able to make a user the owner of the group name directory, and dovecot succeeded But when the group name directory is owned by group name:group name and the user is a member of the group - the process dies. Any suggestions?