Re: [Dovecot] fchown failed
On Sep 14, 2009, at 3:36 AM, Frank Bonnet wrote: Sep 14 09:20:48 IMAP(xxx): Error: fchown(/user/xxx/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=3420(math), group based on /var/mail/ xxx) chmod 0600 /var/mail/* should help. I'm trying to get distros and upstream to do that by default..
Re: [Dovecot] fchown failed
On Monday 14 September 2009 09.36.45 Frank Bonnet wrote: > Hello > > > I occasionally get the following error in dovecot log > I've replaced the username by xxx > > /user is the user's home directories place, does this means > it must be owned by the "mail" group ? > > > Sep 14 09:20:48 IMAP(xxx): Error: > fchown(/user/xxx/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: > Operation not permitted (egid=3420(math), group based on /var/mail/xxx) v1.2.0 2009-07-01 Timo Sirainen * When creating files or directories to mailboxes, Dovecot now uses the mailbox directory's permissions and GID for them. Previous versions simply used 0600 mode always. For backwards compatibility dovecot-shared file's permissions still override these with Maildir. / http://dovecot.org/doc/NEWS-1.2 / Also, searching for similar errors in the list archives yields very useful informations. Daniel -- LÉVAI Dániel PGP key ID = 0x4AC0A4B1 Key fingerprint = D037 03B9 C12D D338 4412 2D83 1373 917A 4AC0 A4B1
[Dovecot] fchown failed
Hello I occasionally get the following error in dovecot log I've replaced the username by xxx /user is the user's home directories place, does this means it must be owned by the "mail" group ? Sep 14 09:20:48 IMAP(xxx): Error: fchown(/user/xxx/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=3420(math), group based on /var/mail/xxx) Thanks
Re: [Dovecot] fchown() failed
On Mon, 2009-08-24 at 15:05 -0400, Timo Sirainen wrote: > On Wed, 2009-08-19 at 13:18 +0100, Arthur Dent wrote: > > dovecot: Dovecot v1.2.0 starting up (core dumps disabled): 1 Time(s) > > dovecot: IMAP(mark): fchown() failed with file > > /home/mark/Mail/.imap/INBOX/dovecot.index.log.newlock: Operation not > > permitted: 1 Time(s) > > v1.2.3+ would have given a bit better error message here. Ironically, since I posted my original message last week Fedora issued an updated Dovecot package, so here is yesterday's message in syslog: **Unmatched Entries** dovecot: Dovecot v1.2.3 starting up (core dumps disabled): 1 Time(s) dovecot: IMAP(helena): fchown(/home/wife/mail/.imap/INBOX/dovecot.index.cache.lock, -1, 12(mail)) failed: Operation not permitted (egid=501(helena), group based on /var/mail/helena): 1 Time(s) dovecot: IMAP(mark): chown(/home/mark/Mail/.imap/INBOX, -1, 12(mail)) failed: Operation not permitted (egid=500(mark), group based on /var/mail/mark): 1 Time(s) dovecot: IMAP(mark): fchown(/home/mark/Mail/.imap/INBOX/dovecot.index.cache.lock, -1, 12(mail)) failed: Operation not permitted (egid=500(mark), group based on /var/mail/mark): 1 Time(s) dovecot: IMAP(mark): fchown(/home/mark/Mail/.imap/INBOX/dovecot.index.log.newlock, -1, 12(mail)) failed: Operation not permitted (egid=500(mark), group based on /var/mail/mark): 1 Time(s) dovecot: IMAP(mark): fchown(/home/mark/Mail/.imap/INBOX/dovecot.index.tmp, -1, 12(mail)) failed: Operation not permitted (egid=500(mark), group based on /var/mail/mark): 1 Time(s) dovecot: IMAP(mark): mkdir(/home/mark/Mail/.imap/INBOX) failed: Operation not permitted: 1 Time(s) > Anyway the issue is that nowadays Dovecot tries to preserve mailbox's > permissions > so that shared mailboxes work properly. What permissions do you have in > the actual INBOX file? ls -la /var/mail/ total 202024 drwxrwxr-x. 2 root mail 4096 2009-08-26 10:30 . drwxr-xr-x. 15 root root 4096 2009-08-13 12:35 .. -rw-rw. 1 clamav mail 0 2009-08-12 12:40 clamav -rw-rw. 1 wife mail 190669010 2009-08-26 10:00 wife -rw-rw. 1 mark mail 8421931 2009-08-26 09:46 mark -rw---. 1 root root787636 2009-08-26 10:30 root -rw-rw. 1 rpcmail 0 2009-08-11 16:26 rpc -rw-rw. 1 sonmail 6750285 2009-08-26 00:39 son > > My guess is that you have 0660 permissions of /var/mail/$USER so Dovecot > tries to preserve the group. Easiest fix that also makes your system > more secure is to chmod 0600 it. Hmmm - OK, seems you're right about that. Will changing it break anything else? Why does group "mail" exist? I will try chmod 0600 and see what happens. > > > As I access my mailbox several times a day (and certainly did yesterday) > > from several different mail clients I am surprised that the error count > > is only 1 for most the above entries. Is this being caused by some sort > > of cron job (logrotate perhaps)? > > It happens only when index files are being created/rotated, which > happens automatically "every once in a while". Thanks very much. Your help is greatly appreciated... Mark signature.asc Description: This is a digitally signed message part
Re: [Dovecot] fchown() failed
On Wed, 2009-08-19 at 13:18 +0100, Arthur Dent wrote: > dovecot: Dovecot v1.2.0 starting up (core dumps disabled): 1 Time(s) > dovecot: IMAP(mark): fchown() failed with file > /home/mark/Mail/.imap/INBOX/dovecot.index.log.newlock: Operation not > permitted: 1 Time(s) v1.2.3+ would have given a bit better error message here. Anyway the issue is that nowadays Dovecot tries to preserve mailbox's permissions so that shared mailboxes work properly. What permissions do you have in the actual INBOX file? My guess is that you have 0660 permissions of /var/mail/$USER so Dovecot tries to preserve the group. Easiest fix that also makes your system more secure is to chmod 0600 it. > As I access my mailbox several times a day (and certainly did yesterday) > from several different mail clients I am surprised that the error count > is only 1 for most the above entries. Is this being caused by some sort > of cron job (logrotate perhaps)? It happens only when index files are being created/rotated, which happens automatically "every once in a while". signature.asc Description: This is a digitally signed message part
[Dovecot] fchown() failed
Hello all, I'm not sure if this question is better posed to a Fedora group because I have only had this problem since I upgraded from F9 to F11, but I figured that the specialised knowledge here might help me more... I have been getting these entries in syslog since upgrading. Today for instance I got: **Unmatched Entries** dovecot: Dovecot v1.2.0 starting up (core dumps disabled): 1 Time(s) dovecot: IMAP(mark): fchown() failed with file /home/mark/Mail/.imap/INBOX/dovecot.index.log.newlock: Operation not permitted: 1 Time(s) dovecot: IMAP(mark): fchown() failed with file /home/mark/Mail/.imap/INBOX/dovecot.index.tmp: Operation not permitted: 1 Time(s) and yesterday I had: **Unmatched Entries** dovecot: IMAP(helena): fchown() failed with file /home/wife/mail/.imap/INBOX/dovecot.index.tmp: Operation not permitted: 1 Time(s) dovecot: IMAP(toby): fchown() failed with file /home/son/mail/.imap/INBOX/dovecot.index.cache.lock: Operation not permitted: 1 Time(s) dovecot: IMAP(toby): fchown() failed with file /home/son/mail/.imap/INBOX/dovecot.index.log.newlock: Operation not permitted: 1 Time(s) dovecot: IMAP(toby): fchown() failed with file /home/son/mail/.imap/INBOX/dovecot.index.tmp: Operation not permitted: 3 Time(s) The permissions are as follows: ls -la /home/mark/Mail/.imap/INBOX/ total 328 drwx--. 2 mark mark 4096 2009-08-18 15:32 . drwx--. 84 mark mark 4096 2009-03-05 21:53 .. -rw---. 1 mark mark 7472 2009-08-18 15:32 dovecot.index -rw---. 1 mark mark 286720 2009-08-19 11:46 dovecot.index.cache -rw---. 1 mark mark 5380 2009-08-19 12:43 dovecot.index.log Those of wife and son are similar. As I access my mailbox several times a day (and certainly did yesterday) from several different mail clients I am surprised that the error count is only 1 for most the above entries. Is this being caused by some sort of cron job (logrotate perhaps)? Any ideas? All help / suggestions gratefully received... Thanks Mark signature.asc Description: This is a digitally signed message part