RE: Dovecot-lda permission errors or maybe authentication errors?
Steffen, Problem was solved by Alexander. I was running SElinux in enforcing mode without realizing it. When I disabled SElinux, dovecot-lda started working. Thanks for all your help! Robert -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Thursday, November 06, 2014 2:35 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: RE: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Robert Kryger wrote: > I agree the error message is confusing. As mentioned, I initially > thought the Maildir folder permissions were set wrong (since I > transferred them over from an older mail server) so I have tried many > combinations including setting full "rwx" permissions for everyone on > the /home/user1 and /home/user1/Maildir folders. It doesn't seem to > help which leads me to suspect I might be mis-understanding the dovecot-lda error messages. They are usually very clear and helpful. > To confirm as currently set: > User1 has full "rwx" permissions on the /home/user1 folder. What filesystem /home/user1 is located on? E.g. AFS has yet another permission management. What happens if you try to access the folder as the system user: su - user1 id -a su - user1 ls -ald /home/user1 The 1st command verifies, that su - user1 is using the same uid as Dovecot, the 2nd one probes the accessability. > I am running a "plain" CentOS 6.5 installation. No intentional > protection software like Apparmor, no SElinux features. OK, first question answered. ;-) What about the 2nd one about the permissions of / and /home? > -Original Message- > From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] > Sent: Wednesday, November 05, 2014 9:24 AM > To: Robert Kryger > Cc: dovecot@dovecot.org > Subject: RE: Dovecot-lda permission errors or maybe authentication errors? > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Wed, 5 Nov 2014, Robert Kryger wrote: > >> Output of ls -nal /home/user1: >> >>> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: >>> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No >>> such file or directory, euid is not dir owner) > >> total 156 >> drwx--. 6 524 524 4096 Nov 5 08:27 . > > This list doesn't seem to fit the error message, because user 524 is > owning this dir and has full access permissions. Maybe, are you > running some protection software, like SELinux, AppArmor, ..., which > prevents access to this directory? > > Just to raise the obvious: "/" and "/home" do allow "x"-permission for > user #524, don't they? > >> drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 .. >> -rw---. 1 524 524 1148 Oct 15 13:44 .bash_history >> -rw-r--r--. 1 524 52418 Sep 25 22:13 .bash_logout >> -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile >> -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc >> -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt >> -rw-r--r--. 1 524 52475 Oct 6 11:39 .forward_old >> -rw-r--r--. 1 0 037 Oct 26 19:09 .forward_test_lda >> -rw---. 1 524 52455 Oct 12 20:12 .lesshst >> -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log >> -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log >> drwxrw. 35 524 524 4096 Nov 5 08:24 Maildir >> drwxr-. 35 0 0 4096 Oct 29 09:03 Maildirsave >> drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla >> -rw-r--r--. 1 524 52492 Oct 12 20:20 .procmailrc >> -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old >> -rw-r--r--. 1 524 52492 Oct 6 10:27 .procmailrc_old2 >> -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt >> drwx--. 2 524 524 4096 Oct 14 16:02 .ssh >> -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt >> -rwxr-xr-x. 1 524 52487 Oct 6 13:59 testscript >> -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log >> -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt >> -rw---. 1 524 524 3973 Oct 27 16:58 .viminfo >> >> -Original Message- >> From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] >> Sent: Wednesday, November 05, 2014 5:26 AM >> To: Robert Kryger >> Cc: dovecot@dovecot.org >> Subject: Re: Dovecot-lda permission errors or maybe authentication errors? >> >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> On Tue, 4 Nov 2014, Robert Kryger wrote: >> >>> I have tried to specify the dovecot-lda in two ways. First, in the >>> /etc/postfix/main.cf file: >>> >>> mailbox_command
Re: Dovecot-lda permission errors or maybe authentication errors?
Am 06.11.2014 um 09:01 schrieb Steffen Kaiser: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Alexander Dalloz wrote: Dear Alexander, Run "sestatus" and you'll see. Run "grep -i AVC /var/log/audit/audit.log" to identify SELinux caused denials. because I saw this type of question quite too often, I added this info to the Wiki2 (to be revised by Timo): http://master.wiki2.dovecot.org/WhyDoesItNotWork I copy'n'pasted your sentences, if you don't mind. Kind regards, - -- Steffen Kaiser Hello Steffen, sure I am fine with that. Even better it would be to have a recipe for a custom SELinux policy to not be mislead switching off SELinux at all. Such a custom policy is necessary when storing mail in the user's homedir because files created there get a wrong SELinux context for that usecase by default. An general overview about this topic can be found on http://wiki.centos.org/HowTos/SELinux Kind regards Alexander
RE: Dovecot-lda permission errors or maybe authentication errors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Robert Kryger wrote: I agree the error message is confusing. As mentioned, I initially thought the Maildir folder permissions were set wrong (since I transferred them over from an older mail server) so I have tried many combinations including setting full "rwx" permissions for everyone on the /home/user1 and /home/user1/Maildir folders. It doesn't seem to help which leads me to suspect I might be mis-understanding the dovecot-lda error messages. They are usually very clear and helpful. To confirm as currently set: User1 has full "rwx" permissions on the /home/user1 folder. What filesystem /home/user1 is located on? E.g. AFS has yet another permission management. What happens if you try to access the folder as the system user: su - user1 id -a su - user1 ls -ald /home/user1 The 1st command verifies, that su - user1 is using the same uid as Dovecot, the 2nd one probes the accessability. I am running a "plain" CentOS 6.5 installation. No intentional protection software like Apparmor, no SElinux features. OK, first question answered. ;-) What about the 2nd one about the permissions of / and /home? -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Wednesday, November 05, 2014 9:24 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: RE: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Robert Kryger wrote: Output of ls -nal /home/user1: Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) total 156 drwx--. 6 524 524 4096 Nov 5 08:27 . This list doesn't seem to fit the error message, because user 524 is owning this dir and has full access permissions. Maybe, are you running some protection software, like SELinux, AppArmor, ..., which prevents access to this directory? Just to raise the obvious: "/" and "/home" do allow "x"-permission for user #524, don't they? drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 .. -rw---. 1 524 524 1148 Oct 15 13:44 .bash_history -rw-r--r--. 1 524 52418 Sep 25 22:13 .bash_logout -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt -rw-r--r--. 1 524 52475 Oct 6 11:39 .forward_old -rw-r--r--. 1 0 037 Oct 26 19:09 .forward_test_lda -rw---. 1 524 52455 Oct 12 20:12 .lesshst -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log drwxrw. 35 524 524 4096 Nov 5 08:24 Maildir drwxr-. 35 0 0 4096 Oct 29 09:03 Maildirsave drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla -rw-r--r--. 1 524 52492 Oct 12 20:20 .procmailrc -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old -rw-r--r--. 1 524 52492 Oct 6 10:27 .procmailrc_old2 -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt drwx--. 2 524 524 4096 Oct 14 16:02 .ssh -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt -rwxr-xr-x. 1 524 52487 Oct 6 13:59 testscript -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt -rw---. 1 524 524 3973 Oct 27 16:58 .viminfo -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Wednesday, November 05, 2014 5:26 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: Re: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Nov 2014, Robert Kryger wrote: I have tried to specify the dovecot-lda in two ways. First, in the /etc/postfix/main.cf file: mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" or alternatively, I leave the mailbox_command blank and specify the following in the .forward file of a test user: | "/usr/libexec/dovecot/dovecot-lda" Either approach gives me the same error(s). When a mail message is sent to the test user USER1, the following errors appear in the dovecot-lda error file: Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): Error: user user1: Initialization failed: Namespace 'INBOX.': stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to server log for more information. Nov 04 08:47:29 lda(user1): E
Re: Dovecot-lda permission errors or maybe authentication errors?
Alexander, You are absolutely right - I apologize for my confusion regarding SElinux. In fact, when I turn off SElinux in /etc/selinux/config (setting SELINUX=disabled, instead of =enforcing) then dovecot-lda starts working. Thanks for the advice - I have been fighting with this for several weeks without making headway! Robert
Re: Dovecot-lda permission errors or maybe authentication errors?
Am 05.11.2014 um 16:42 schrieb Robert Kryger:> Steffen, [ ... ] > I am running a "plain" CentOS 6.5 installation. No intentional protection > software like Apparmor, no SElinux features. That's obviously not true as your directory listing demonstrates. Run "sestatus" and you'll see. Run "grep -i AVC /var/log/audit/audit.log" to identify SELinux caused denials. And btw. CentOS 6.6 plus current updates is the to be updated version you should run. [ ... ] > Robert Alexander
RE: Dovecot-lda permission errors or maybe authentication errors?
Steffen, I agree the error message is confusing. As mentioned, I initially thought the Maildir folder permissions were set wrong (since I transferred them over from an older mail server) so I have tried many combinations including setting full "rwx" permissions for everyone on the /home/user1 and /home/user1/Maildir folders. It doesn't seem to help which leads me to suspect I might be mis-understanding the dovecot-lda error messages. To confirm as currently set: User1 has full "rwx" permissions on the /home/user1 folder. I am running a "plain" CentOS 6.5 installation. No intentional protection software like Apparmor, no SElinux features. If you google the dovecot errors I am seeing you get quite a few hits on people trying to send mail to the root user without aliasing the root to another user. But I can't find any hits for a similar problem with non-root user. Robert -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Wednesday, November 05, 2014 9:24 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: RE: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Robert Kryger wrote: > Output of ls -nal /home/user1: > >> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: >> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No >> such file or directory, euid is not dir owner) > total 156 > drwx--. 6 524 524 4096 Nov 5 08:27 . This list doesn't seem to fit the error message, because user 524 is owning this dir and has full access permissions. Maybe, are you running some protection software, like SELinux, AppArmor, ..., which prevents access to this directory? Just to raise the obvious: "/" and "/home" do allow "x"-permission for user #524, don't they? > drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 .. > -rw---. 1 524 524 1148 Oct 15 13:44 .bash_history > -rw-r--r--. 1 524 52418 Sep 25 22:13 .bash_logout > -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile > -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc > -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt > -rw-r--r--. 1 524 52475 Oct 6 11:39 .forward_old > -rw-r--r--. 1 0 037 Oct 26 19:09 .forward_test_lda > -rw---. 1 524 52455 Oct 12 20:12 .lesshst > -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log > -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log > drwxrw. 35 524 524 4096 Nov 5 08:24 Maildir > drwxr-. 35 0 0 4096 Oct 29 09:03 Maildirsave > drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla > -rw-r--r--. 1 524 52492 Oct 12 20:20 .procmailrc > -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old > -rw-r--r--. 1 524 52492 Oct 6 10:27 .procmailrc_old2 > -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt > drwx--. 2 524 524 4096 Oct 14 16:02 .ssh > -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt > -rwxr-xr-x. 1 524 52487 Oct 6 13:59 testscript > -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log > -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt > -rw---. 1 524 524 3973 Oct 27 16:58 .viminfo > > -Original Message- > From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] > Sent: Wednesday, November 05, 2014 5:26 AM > To: Robert Kryger > Cc: dovecot@dovecot.org > Subject: Re: Dovecot-lda permission errors or maybe authentication errors? > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, 4 Nov 2014, Robert Kryger wrote: > >> I have tried to specify the dovecot-lda in two ways. First, in the >> /etc/postfix/main.cf file: >> >> mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a >> "$RECIPIENT" >> >> or alternatively, I leave the mailbox_command blank and specify the >> following in the .forward file of a test user: >> >> | "/usr/libexec/dovecot/dovecot-lda" >> >> Either approach gives me the same error(s). When a mail message is >> sent to the test user USER1, the following errors appear in the >> dovecot-lda error >> file: >> >> Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: >> Permission denied (euid=524(user1) egid=524(user1) stat() failed: No >> such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): > Error: >> chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): >> Error: user user1: Initialization failed: Namespace 'INBOX.': >> stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) >> egid=524(user1) stat() failed: No such file or directory, euid is not >> di
RE: Dovecot-lda permission errors or maybe authentication errors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 5 Nov 2014, Robert Kryger wrote: Output of ls -nal /home/user1: Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) total 156 drwx--. 6 524 524 4096 Nov 5 08:27 . This list doesn't seem to fit the error message, because user 524 is owning this dir and has full access permissions. Maybe, are you running some protection software, like SELinux, AppArmor, ..., which prevents access to this directory? Just to raise the obvious: "/" and "/home" do allow "x"-permission for user #524, don't they? drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 .. -rw---. 1 524 524 1148 Oct 15 13:44 .bash_history -rw-r--r--. 1 524 52418 Sep 25 22:13 .bash_logout -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt -rw-r--r--. 1 524 52475 Oct 6 11:39 .forward_old -rw-r--r--. 1 0 037 Oct 26 19:09 .forward_test_lda -rw---. 1 524 52455 Oct 12 20:12 .lesshst -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log drwxrw. 35 524 524 4096 Nov 5 08:24 Maildir drwxr-. 35 0 0 4096 Oct 29 09:03 Maildirsave drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla -rw-r--r--. 1 524 52492 Oct 12 20:20 .procmailrc -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old -rw-r--r--. 1 524 52492 Oct 6 10:27 .procmailrc_old2 -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt drwx--. 2 524 524 4096 Oct 14 16:02 .ssh -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt -rwxr-xr-x. 1 524 52487 Oct 6 13:59 testscript -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt -rw---. 1 524 524 3973 Oct 27 16:58 .viminfo -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Wednesday, November 05, 2014 5:26 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: Re: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Nov 2014, Robert Kryger wrote: I have tried to specify the dovecot-lda in two ways. First, in the /etc/postfix/main.cf file: mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" or alternatively, I leave the mailbox_command blank and specify the following in the .forward file of a test user: | "/usr/libexec/dovecot/dovecot-lda" Either approach gives me the same error(s). When a mail message is sent to the test user USER1, the following errors appear in the dovecot-lda error file: Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): Error: user user1: Initialization failed: Namespace 'INBOX.': stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to server log for more information. Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): Error: user user1: Initialization failed: Namespace 'INBOX.': stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to server log for more information. At first, I interpreted this to mean the file permissions were not set correctly on the home directory or the Maildir folder. However, I have opened these up to full rwx access for everyone and I still get the same errors. Alternatively, perhaps this is related somehow to the dovecot-lda authentication process via the password or user databases, but I can't make any sense of the documentation. What's the output of: ls -nal /home/user1 - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVFn7O3z1H7kL/d9rAQLIkQf+NsVmLoWS4smKMBXs5auUQHEc7HNMucxa rT9quBZ/0Xn2Gn4UQRTp/X3XO4UoHYHDigcYLRG0+v7qENfOIShbb4a747LX/BTE JA+N4OfOWfSJGk+bz2qsxjXwMf0IGFqac1eZME41Qk6yn1CeWv4DTdY/tXmB+Cj+ qk/pUXcHCK/2ay6cYo9pXW3b3/VxPsLq3Q+vD9zJyFUZ5JMwAmk1zdEEPDVZGZ83 rmALm066qtuBePdsxrCuTEw2WyM/Zcgk6M4C40lWCWA/79PFv9FuFxAPIfjOpZaO jMvzYCzCE4IdWm8dJJQ
RE: Dovecot-lda permission errors or maybe authentication errors?
Output of ls -nal /home/user1: total 156 drwx--. 6 524 524 4096 Nov 5 08:27 . drwxr-xr-x. 34 0 0 4096 Oct 4 14:06 .. -rw---. 1 524 524 1148 Oct 15 13:44 .bash_history -rw-r--r--. 1 524 52418 Sep 25 22:13 .bash_logout -rw-r--r--. 1 524 524 176 Sep 25 22:13 .bash_profile -rw-r--r--. 1 524 524 124 Sep 25 22:13 .bashrc -rw-r--r--. 1 0 0 1362 Nov 4 08:45 config.txt -rw-r--r--. 1 524 52475 Oct 6 11:39 .forward_old -rw-r--r--. 1 0 037 Oct 26 19:09 .forward_test_lda -rw---. 1 524 52455 Oct 12 20:12 .lesshst -rw-r--r--. 1 0 0 1062 Nov 4 08:50 log1.log -rw-r--r--. 1 0 0 1246 Nov 4 08:49 log2.log drwxrw. 35 524 524 4096 Nov 5 08:24 Maildir drwxr-. 35 0 0 4096 Oct 29 09:03 Maildirsave drwxr-xr-x. 4 524 524 4096 May 6 2014 .mozilla -rw-r--r--. 1 524 52492 Oct 12 20:20 .procmailrc -rw-r--r--. 1 524 524 1213 Oct 5 19:56 .procmailrc_old -rw-r--r--. 1 524 52492 Oct 6 10:27 .procmailrc_old2 -rw-r--r--. 1 0 0 0 Nov 5 08:27 question1.txt drwx--. 2 524 524 4096 Oct 14 16:02 .ssh -rw-rw-r--. 1 524 524 152 Oct 6 10:25 testmessage.txt -rwxr-xr-x. 1 524 52487 Oct 6 13:59 testscript -rw-rw-r--. 1 524 524 60810 Oct 27 16:57 top.log -rw-r--r--. 1 0 0 6 Nov 4 08:45 version.txt -rw---. 1 524 524 3973 Oct 27 16:58 .viminfo -Original Message- From: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Sent: Wednesday, November 05, 2014 5:26 AM To: Robert Kryger Cc: dovecot@dovecot.org Subject: Re: Dovecot-lda permission errors or maybe authentication errors? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Nov 2014, Robert Kryger wrote: > I have tried to specify the dovecot-lda in two ways. First, in the > /etc/postfix/main.cf file: > > mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a > "$RECIPIENT" > > or alternatively, I leave the mailbox_command blank and specify the > following in the .forward file of a test user: > > | "/usr/libexec/dovecot/dovecot-lda" > > Either approach gives me the same error(s). When a mail message is > sent to the test user USER1, the following errors appear in the > dovecot-lda error > file: > > Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: > Permission denied (euid=524(user1) egid=524(user1) stat() failed: No > such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: > chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): > Error: user user1: Initialization failed: Namespace 'INBOX.': > stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) > egid=524(user1) stat() failed: No such file or directory, euid is not > dir > owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer > to server log for more information. > > Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: > Permission denied (euid=524(user1) egid=524(user1) stat() failed: No > such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: > chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): > Error: user user1: Initialization failed: Namespace 'INBOX.': > stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) > egid=524(user1) stat() failed: No such file or directory, euid is not > dir > owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer > to server log for more information. > > At first, I interpreted this to mean the file permissions were not set > correctly on the home directory or the Maildir folder. However, I > have opened these up to full rwx access for everyone and I still get > the same errors. Alternatively, perhaps this is related somehow to > the dovecot-lda authentication process via the password or user > databases, but I can't make any sense of the documentation. What's the output of: ls -nal /home/user1 - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVFn7O3z1H7kL/d9rAQLIkQf+NsVmLoWS4smKMBXs5auUQHEc7HNMucxa rT9quBZ/0Xn2Gn4UQRTp/X3XO4UoHYHDigcYLRG0+v7qENfOIShbb4a747LX/BTE JA+N4OfOWfSJGk+bz2qsxjXwMf0IGFqac1eZME41Qk6yn1CeWv4DTdY/tXmB+Cj+ qk/pUXcHCK/2ay6cYo9pXW3b3/VxPsLq3Q+vD9zJyFUZ5JMwAmk1zdEEPDVZGZ83 rmALm066qtuBePdsxrCuTEw2WyM/Zcgk6M4C40lWCWA/79PFv9FuFxAPIfjOpZaO jMvzYCzCE4IdWm8dJJQ9+oe0/aO6muu5gvVgoZygsst99PUswjqFcg== =YsBN -END PGP SIGNATURE-
Re: Dovecot-lda permission errors or maybe authentication errors?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 4 Nov 2014, Robert Kryger wrote: I have tried to specify the dovecot-lda in two ways. First, in the /etc/postfix/main.cf file: mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" or alternatively, I leave the mailbox_command blank and specify the following in the .forward file of a test user: | "/usr/libexec/dovecot/dovecot-lda" Either approach gives me the same error(s). When a mail message is sent to the test user USER1, the following errors appear in the dovecot-lda error file: Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): Error: user user1: Initialization failed: Namespace 'INBOX.': stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to server log for more information. Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1): Error: user user1: Initialization failed: Namespace 'INBOX.': stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1) egid=524(user1) stat() failed: No such file or directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to server log for more information. At first, I interpreted this to mean the file permissions were not set correctly on the home directory or the Maildir folder. However, I have opened these up to full rwx access for everyone and I still get the same errors. Alternatively, perhaps this is related somehow to the dovecot-lda authentication process via the password or user databases, but I can't make any sense of the documentation. What's the output of: ls -nal /home/user1 - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBVFn7O3z1H7kL/d9rAQLIkQf+NsVmLoWS4smKMBXs5auUQHEc7HNMucxa rT9quBZ/0Xn2Gn4UQRTp/X3XO4UoHYHDigcYLRG0+v7qENfOIShbb4a747LX/BTE JA+N4OfOWfSJGk+bz2qsxjXwMf0IGFqac1eZME41Qk6yn1CeWv4DTdY/tXmB+Cj+ qk/pUXcHCK/2ay6cYo9pXW3b3/VxPsLq3Q+vD9zJyFUZ5JMwAmk1zdEEPDVZGZ83 rmALm066qtuBePdsxrCuTEw2WyM/Zcgk6M4C40lWCWA/79PFv9FuFxAPIfjOpZaO jMvzYCzCE4IdWm8dJJQ9+oe0/aO6muu5gvVgoZygsst99PUswjqFcg== =YsBN -END PGP SIGNATURE-
Dovecot-lda permission errors or maybe authentication errors?
I am a new dovecot user who recently transitioned my old mailserver to a new
CentOS/Postfix/Dovecot system. I am running a simple configuration with
about a dozen system users and Maildir folders. The e-mail setup seems to
be running fine when I use the default local-delivery-agent in Postfix.
However, I am trying to use the dovecot-lda instead so I can take advantage
of the sieve functionality.
I have tried to specify the dovecot-lda in two ways. First, in the
/etc/postfix/main.cf file:
mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a
"$RECIPIENT"
or alternatively, I leave the mailbox_command blank and specify the
following in the .forward file of a test user:
| "/usr/libexec/dovecot/dovecot-lda"
Either approach gives me the same error(s). When a mail message is sent to
the test user USER1, the following errors appear in the dovecot-lda error
file:
Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission
denied (euid=524(user1) egid=524(user1) stat() failed: No such file or
directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error:
chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to
server log for more information.
Nov 04 08:47:29 lda(user1): Error: chdir(/home/user1/) failed: Permission
denied (euid=524(user1) egid=524(user1) stat() failed: No such file or
directory, euid is not dir owner) Nov 04 08:47:29 lda(user1): Error:
chdir(/home/user1) failed: Permission denied Nov 04 08:47:29 lda(user1):
Error: user user1: Initialization failed: Namespace 'INBOX.':
stat(/home/user1/Maildir) failed: Permission denied (euid=524(user1)
egid=524(user1) stat() failed: No such file or directory, euid is not dir
owner) Nov 04 08:47:29 lda(user1): Fatal: Invalid user settings. Refer to
server log for more information.
At first, I interpreted this to mean the file permissions were not set
correctly on the home directory or the Maildir folder. However, I have
opened these up to full rwx access for everyone and I still get the same
errors. Alternatively, perhaps this is related somehow to the dovecot-lda
authentication process via the password or user databases, but I can't make
any sense of the documentation.
Can anyone suggest what might be wrong or how to better diagnose?
For reference, I am running dovecot version 2.0.9.
The dovecot-lda process also outputs the following messages (not errors)
when a test message is sent to the USER1 account:
Nov 04 08:47:29 lda: Debug: Loading modules from directory:
/usr/lib64/dovecot Nov 04 08:47:29 lda: Debug: Module loaded:
/usr/lib64/dovecot/lib90_sieve_plugin.so
Nov 04 08:47:29 lda(user1): Debug: Effective uid=524, gid=524,
home=/home/user1 Nov 04 08:47:29 lda(user1): Debug: Namespace :
type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir Nov 04 08:47:29 lda(user1):
Debug: maildir++: root=/home/user1/Maildir, index=, control=,
inbox=/home/user1/Maildir Nov 04 08:47:29 lda: Debug: Loading modules from
directory: /usr/lib64/dovecot Nov 04 08:47:29 lda: Debug: Module loaded:
/usr/lib64/dovecot/lib90_sieve_plugin.so
Nov 04 08:47:29 lda(user1): Debug: Effective uid=524, gid=524,
home=/home/user1 Nov 04 08:47:29 lda(user1): Debug: Namespace :
type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/Maildir Nov 04 08:47:29 lda(user1):
Debug: maildir++: root=/home/user1/Maildir, index=, control=,
inbox=/home/user1/Maildir
The output of dovecot -n is:
# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-431.29.2.el6.x86_64 x86_64 CentOS release 6.5 (Final)
auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login
disable_plaintext_auth = no login_trusted_networks = 71.xx.xx.xx 71.xx.xx.xy
71.xx.xx.xz 71.xx.xx.yx mail_debug = yes mail_location = maildir:~/Maildir
managesieve_notify_capability = mailto managesieve_sieve_capability =
fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include
variables body enotify environment mailbox date mbox_write_locks = fcntl
namespace {
inbox = yes
location =
prefix = INBOX.
separator = .
}
passdb {
driver = pam
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_global_dir = home/sieve
sieve_max_script_size = 1M
}
protocols = imap lmtp sieve
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
}
ssl_cert =
