Jeff Kowalczyk
2006-Jul-05 23:16 UTC
[Dovecot] /var/dovecot /var/spool/mail permissions, setup help (w/ config info)
(repost gmane message as list member)
I need some help with Dovecot-1.0rc2 on Gentoo Linux. My test harness is one
Thunderbird-1.5.0.4 client, storage using legacy mbox directories ported over
from an old UW-IMAP/sendmail combo running on RHL 8.
Config is intended to be passwd/pam, plaintext login allowed (until I migrate
everyone to ssl). After this is working, postfix and dspam are to be added,
unless someone can recommend a 'dovecot of smtp' to use.
I'll tail the mail.log to illustrate the problem, then excerpt what I think
are
the relevant directory and config file listings. I'm paying particular
attention to file ownership, but am loathe to just chown dovecot things unless
I know why.
Let me know if you want to see any other config info to help spot the problem.
Thanks!
# tail -n 30 /var/log/mail.log
dovecot: Jul 05 18:35:25 Info: Dovecot v1.0.rc2 starting up
dovecot: Jul 05 18:36:10 Info: auth(default): client in: AUTH 1 PLAIN
service=IMAP lip=123.456.789.012 rip=098.765.432.109
dovecot: Jul 05 18:36:10 Info: auth(default): client out: CONT 1
dovecot: Jul 05 18:36:10 Info: auth(default): client in: CONT 1
AGplZmYua293YWxjenlrAHdvcmRwYXNzMQ= dovecot: Jul 05 18:36:10 Info:
auth(default): client out: OK 1
user=namefirst.namelast
dovecot: Jul 05 18:36:10 Info: auth(default): master in: REQUEST 1
25692 1
dovecot: Jul 05 18:36:10 Info: auth(default): master out: USER 1
namefirst.namelast system_user=namefirst.namelast uid=501 gid=12
home=/home/namefirst.namelast
dovecot: Jul 05 18:36:10 Error: stat(/var/dovecot/namefirst.namelast) failed:
No such file or directory
dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): Effective uid=501,
gid=12
dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox:
data=/var/spool/mail/namefirst.namelast:INDEX=/var/dovecot/namefirst.namelast
dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: INBOX defaulted
to /var/spool/mail/namefirst.namelast/inbox
dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox:
root=/var/spool/mail/namefirst.namelast, index=/var/dovecot/namefirst.namelast,
inbox=/var/spool/mail/namefirst.namelast/inbox
dovecot: Jul 05 18:36:10 Info: imap-login: Login:
user=<namefirst.namelast>,
method=plain, rip=098.765.432.109, lip=123.456.789.012
dovecot: Jul 05 18:36:10 Error: IMAP(namefirst.namelast): open() failed with
subscription file /var/spool/mail/namefirst.namelast/.subscriptions: Not a
directory
dovecot: Jul 05 18:36:12 Error: IMAP(namefirst.namelast):
open(/var/spool/mail/namefirst.namelast/inbox, O_CREAT) failed: Not a directory
dovecot: Jul 05 18:36:12 Error: IMAP(namefirst.namelast):
mkdir_parents(/var/dovecot/namefirst.namelast/.imap/INBOX) failed: Permission
denied
dovecot: Jul 05 18:36:14 Info: IMAP(namefirst.namelast): Disconnected: Logged
out
# ls -al /var/spool/mail
drwxrwxr-x 2 root mail 1472 Jul 2 19:20 .
drwxr-xr-x 6 root root 168 Jul 3 14:19 ..
-rw-r--r-- 1 root root 0 Jun 27 18:46 .keep
-rw------- 1 namefirst.namelast mail 36243879 Jul 1 17:52
namefirst.namelast
(...)
# ls -al /var/dovecot/
total 0
drwxr-xr-x 2 root root 72 Jul 5 10:30 .
drwxr-xr-x 14 root root 360 Jun 29 09:45 ..
-rw-r--r-- 1 root root 0 Jul 5 10:30 .keep
# ls -al /var/run/dovecot/
total 5
drwxr-xr-x 3 root root 176 Jul 5 18:35 .
drwxr-xr-x 9 root root 504 Jul 3 14:45 ..
srw------- 1 root root 0 Jul 5 18:35 auth-worker.25687
srwxrwxrwx 1 root root 0 Jul 5 18:35 dict-server
drwxr-x--- 2 root dovecot 136 Jul 5 18:35 login
-rw------- 1 root root 6 Jul 5 18:35 master.pid
# ls -al /home/namefirst.namelast/
total 17791
drwxr-xr-x 2 namefirst.namelast mail 248 Jul 5 18:29 .
drwxr-xr-x 76 root root 2512 Jul 2 20:21 ..
-rw------- 1 namefirst.namelast mail 3293785 Sep 23 2005 Sent
# grep dovecot /etc/group
dovecot:x:97:
# grep dovecot /etc/passwd
dovecot:x:97:97:added by portage for dovecot:/dev/null:/usr/sbin/nologin
# grep mail /etc/passwd
mail:x:8:12:mail:/var/spool/mail:/bin/false
postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false
# grep mail /etc/group
mail::12:mail
# grep namefirst.namelast /etc/passwd
namefirst.namelast:x:501:12:First Last:/home/namefirst.namelast:/bin/bash
# cat /etc/pam.d/dovecot
auth required pam_unix.so
account required pam_unix.so
# cat /etc/dovecot.conf
base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
listen = *
shutdown_clients = yes
log_path = /var/log/mail.log
info_log_path = /var/log/mail.log
log_timestamp = "%b %d %H:%M:%S "
syslog_facility = mail
disable_plaintext_auth = no
ssl_disable = no
ssl_cert_file = /etc/ssl/certs/dovecot.pem
ssl_key_file = /etc/ssl/private/dovecot.pem
login_chroot = yes
login_user = dovecot
default_mail_env = mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%u
mail_extra_groups = mail
mail_debug = yes
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
}
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
auth default {
mechanisms = plain login
passdb pam {
args = dovecot
}
userdb passwd {
}
user = root
}
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Jeff Kowalczyk
2006-Jul-07 22:10 UTC
[Dovecot] /var/dovecot /var/spool/mail permissions, setup help (w/ config info)
Jeff Kowalczyk wrote: Any idea on these issues? I have a once-per-week window to migrate this mailserver, and I hoped to do it this weekend. Thanks if anyone spots the trouble. (FWIW, I don't think the missing .subscriptions file is the hold-up in this case. The permissions errors happen elsewhere)> (repost gmane message as list member) > > I need some help with Dovecot-1.0rc2 on Gentoo Linux. My test harness is one > Thunderbird-1.5.0.4 client, storage using legacy mbox directories ported over > from an old UW-IMAP/sendmail combo running on RHL 8. > > Config is intended to be passwd/pam, plaintext login allowed (until I migrate > everyone to ssl). After this is working, postfix and dspam are to be added, > unless someone can recommend a 'dovecot of smtp' to use. > > I'll tail the mail.log to illustrate the problem, then excerpt what I think are > the relevant directory and config file listings. I'm paying particular > attention to file ownership, but am loathe to just chown dovecot things unless > I know why. > > Let me know if you want to see any other config info to help spot the problem. > Thanks! > > # tail -n 30 /var/log/mail.log > dovecot: Jul 05 18:35:25 Info: Dovecot v1.0.rc2 starting up > dovecot: Jul 05 18:36:10 Info: auth(default): client in: AUTH 1 PLAIN > service=IMAP lip=123.456.789.012 rip=098.765.432.109 > dovecot: Jul 05 18:36:10 Info: auth(default): client out: CONT 1 > dovecot: Jul 05 18:36:10 Info: auth(default): client in: CONT 1 > AGplZmYua293YWxjenlrAHdvcmRwYXNzMQ=> dovecot: Jul 05 18:36:10 Info: auth(default): client out: OK 1 > user=namefirst.namelast > dovecot: Jul 05 18:36:10 Info: auth(default): master in: REQUEST 1 > 25692 1 > dovecot: Jul 05 18:36:10 Info: auth(default): master out: USER 1 > namefirst.namelast system_user=namefirst.namelast uid=501 gid=12 > home=/home/namefirst.namelast > dovecot: Jul 05 18:36:10 Error: stat(/var/dovecot/namefirst.namelast) failed: > No such file or directory > dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): Effective uid=501, > gid=12 > dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: > data=/var/spool/mail/namefirst.namelast:INDEX=/var/dovecot/namefirst.namelast > dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: INBOX defaulted > to /var/spool/mail/namefirst.namelast/inbox > dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: > root=/var/spool/mail/namefirst.namelast, index=/var/dovecot/namefirst.namelast, > inbox=/var/spool/mail/namefirst.namelast/inbox > dovecot: Jul 05 18:36:10 Info: imap-login: Login: user=<namefirst.namelast>, > method=plain, rip=098.765.432.109, lip=123.456.789.012 > dovecot: Jul 05 18:36:10 Error: IMAP(namefirst.namelast): open() failed with > subscription file /var/spool/mail/namefirst.namelast/.subscriptions: Not a > directory > dovecot: Jul 05 18:36:12 Error: IMAP(namefirst.namelast): > open(/var/spool/mail/namefirst.namelast/inbox, O_CREAT) failed: Not a directory > dovecot: Jul 05 18:36:12 Error: IMAP(namefirst.namelast): > mkdir_parents(/var/dovecot/namefirst.namelast/.imap/INBOX) failed: Permission > denied > dovecot: Jul 05 18:36:14 Info: IMAP(namefirst.namelast): Disconnected: Logged > out > > > # ls -al /var/spool/mail > drwxrwxr-x 2 root mail 1472 Jul 2 19:20 . > drwxr-xr-x 6 root root 168 Jul 3 14:19 .. > -rw-r--r-- 1 root root 0 Jun 27 18:46 .keep > -rw------- 1 namefirst.namelast mail 36243879 Jul 1 17:52 > namefirst.namelast > (...) > > > # ls -al /var/dovecot/ > total 0 > drwxr-xr-x 2 root root 72 Jul 5 10:30 . > drwxr-xr-x 14 root root 360 Jun 29 09:45 .. > -rw-r--r-- 1 root root 0 Jul 5 10:30 .keep > > > # ls -al /var/run/dovecot/ > total 5 > drwxr-xr-x 3 root root 176 Jul 5 18:35 . > drwxr-xr-x 9 root root 504 Jul 3 14:45 .. > srw------- 1 root root 0 Jul 5 18:35 auth-worker.25687 > srwxrwxrwx 1 root root 0 Jul 5 18:35 dict-server > drwxr-x--- 2 root dovecot 136 Jul 5 18:35 login > -rw------- 1 root root 6 Jul 5 18:35 master.pid > > > # ls -al /home/namefirst.namelast/ > total 17791 > drwxr-xr-x 2 namefirst.namelast mail 248 Jul 5 18:29 . > drwxr-xr-x 76 root root 2512 Jul 2 20:21 .. > -rw------- 1 namefirst.namelast mail 3293785 Sep 23 2005 Sent > > > # grep dovecot /etc/group > dovecot:x:97: > > > # grep dovecot /etc/passwd > dovecot:x:97:97:added by portage for dovecot:/dev/null:/usr/sbin/nologin > > > # grep mail /etc/passwd > mail:x:8:12:mail:/var/spool/mail:/bin/false > postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false > > > # grep mail /etc/group > mail::12:mail > > > # grep namefirst.namelast /etc/passwd > namefirst.namelast:x:501:12:First Last:/home/namefirst.namelast:/bin/bash > > > # cat /etc/pam.d/dovecot > auth required pam_unix.so > account required pam_unix.so > > > # cat /etc/dovecot.conf > base_dir = /var/run/dovecot/ > protocols = imap imaps pop3 pop3s > listen = * > shutdown_clients = yes > log_path = /var/log/mail.log > info_log_path = /var/log/mail.log > log_timestamp = "%b %d %H:%M:%S " > syslog_facility = mail > disable_plaintext_auth = no > ssl_disable = no > ssl_cert_file = /etc/ssl/certs/dovecot.pem > ssl_key_file = /etc/ssl/private/dovecot.pem > login_chroot = yes > login_user = dovecot > default_mail_env = mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%u > mail_extra_groups = mail > mail_debug = yes > protocol pop3 { > pop3_uidl_format = %08Xu%08Xv > } > auth_verbose = yes > auth_debug = yes > auth_debug_passwords = yes > auth default { > mechanisms = plain login > passdb pam { > args = dovecot > } > userdb passwd { > } > user = root > } >
Mark Nienberg
2006-Jul-07 22:51 UTC
[Dovecot] /var/dovecot /var/spool/mail permissions, setup help (w/ config info)
Jeff Kowalczyk wrote:> dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: > data=/var/spool/mail/namefirst.namelast:INDEX=/var/dovecot/namefirst.namelast> dovecot: Jul 05 18:36:10 Info: IMAP(namefirst.namelast): mbox: INBOX defaulted > to /var/spool/mail/namefirst.namelast/inboxThat isn't what you want. Dovecot guessed that your inboxes are /var/spool/mail/namefirst.namelast/inbox but they are really /var/spool/mail/namefirst.namelast> default_mail_env = mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%uAh, here is the problem. You have confused the mail directory with the inbox location. For standard mbox arrangement this would typically be default_mail_env = mbox:%h/mail:INBOX=/var/mail/%u Also, either give users permissions to write in the /var/dovecot directory or just let dovecot put indexes in the user's home directories. See http://wiki.dovecot.org/MailLocation Mark