Re: managesieve user
Hi, if i remember right there are several path changes in 90-sieve.conf. did you check this? --- Original Nachricht --- Betreff: Re: managesieve user Von: "André Rodier" An: "dovecot" Datum: 28-03-2020 16:29 On Sat, 2020-03-28 at 15:14 +, André Rodier wrote: > Hello, > > I am updating dovecot, from Debian Stretch to Buster, and I have an > issue with the managesieve service: > > > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > > connect(login) in directory / failed: Permission denied > > (euid=120() egid=128() missing > > +x > > perm: /, we're not in group 127, dir owned by 0:127 mode=0770) > > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > > connect(login) in directory / failed: Permission denied > > (euid=120() egid=128() missing +x perm: /, we're > > not in group 127, dir owned by 0:127 mode=0770) > > The two folders I found with these permissions are /run/dovecot/login > and /run/dovecot/token-login. > Both folders belongs to root:dovecot > > If I change the permissions of the following folders, like this: > > chmod 0775 /run/dovecot/login > chmod 0775 /run/dovecot/token-login > > Then, dovecot managesieve is working, but this is just a test, I > suppose the service should run with a specific user? > > Do you have any idea on what is wrong here? > > If I restart dovecot, I have an error message that states the > permissions are wrong, and they are set again to 0770 > > Thanks, > André Rodier > Hi again, I can fix it by using this: > service managesieve-login { > inet_listener sieve { > port = 4190 > } > > # Run as an unprivileged user > group = dovecot > user = dovecot > } > Is it the right setting in term of security? Thanks again, André
Re: managesieve user
On Sat, 2020-03-28 at 15:14 +, André Rodier wrote: > Hello, > > I am updating dovecot, from Debian Stretch to Buster, and I have an > issue with the managesieve service: > > > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > > connect(login) in directory / failed: Permission denied > > (euid=120() egid=128() missing > > +x > > perm: /, we're not in group 127, dir owned by 0:127 mode=0770) > > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > > connect(login) in directory / failed: Permission denied > > (euid=120() egid=128() missing +x perm: /, we're > > not in group 127, dir owned by 0:127 mode=0770) > > The two folders I found with these permissions are /run/dovecot/login > and /run/dovecot/token-login. > Both folders belongs to root:dovecot > > If I change the permissions of the following folders, like this: > > chmod 0775 /run/dovecot/login > chmod 0775 /run/dovecot/token-login > > Then, dovecot managesieve is working, but this is just a test, I > suppose the service should run with a specific user? > > Do you have any idea on what is wrong here? > > If I restart dovecot, I have an error message that states the > permissions are wrong, and they are set again to 0770 > > Thanks, > André Rodier > Hi again, I can fix it by using this: > service managesieve-login { > inet_listener sieve { > port = 4190 > } > > # Run as an unprivileged user > group = dovecot > user = dovecot > } > Is it the right setting in term of security? Thanks again, André
managesieve user
Hello, I am updating dovecot, from Debian Stretch to Buster, and I have an issue with the managesieve service: > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > connect(login) in directory / failed: Permission denied > (euid=120() egid=128() missing +x > perm: /, we're not in group 127, dir owned by 0:127 mode=0770) > Mar 28 15:05:06 mail dovecot[2637]: managesieve-login: Error: auth: > connect(login) in directory / failed: Permission denied > (euid=120() egid=128() missing +x perm: /, we're > not in group 127, dir owned by 0:127 mode=0770) The two folders I found with these permissions are /run/dovecot/login and /run/dovecot/token-login. Both folders belongs to root:dovecot If I change the permissions of the following folders, like this: chmod 0775 /run/dovecot/login chmod 0775 /run/dovecot/token-login Then, dovecot managesieve is working, but this is just a test, I suppose the service should run with a specific user? Do you have any idea on what is wrong here? If I restart dovecot, I have an error message that states the permissions are wrong, and they are set again to 0770 Thanks, André Rodier