At startup I get the following warning: "Warning: Fixing permissions of /var/dovecot to be world-readable." Q: Is this something that I can/should fix, or can it be safely ignored? Thnx, J
* J Moore, 2006-08-01 07:49> At startup I get the following warning: > "Warning: Fixing permissions of /var/dovecot to be world-readable." > > Q: Is this something that I can/should fix, or can it be safely ignored?You usually should only see this once, after that dovecot is supposed to fix it by itself, provided that it has sufficient privileges to do so. What user is dovecot running as, and what's the owner and permission settings of /var/dovecot? BTW, while we're at it (this one's for Timo, I guess ;-) - is there a specific reason why this check is done via lstat() rather than via plain ol' stat() (see src/master/master-settings.c, line# 784)? I'm using GNU stow, so /usr/local/var/run/dovecot is actually a symlink to /usr/local/stow/dovecot-data/var/run/dovecot - which, in fact, does have the proper permissions (dovecot:dovecot, 0755) already. Yet I'm still getting this warning everytime dovecot starts up, because lstat() returns the permissions of the symlink (0777) rather than those of the target (0755). "Fixing" it with chmod() in line# 798 doesn't actually fix it, of course, because chmod(), as opposed to lstat(), affects the link target rather than the link itself. Just curious ... Thomas -- =-------------------------------------------------------------------------- Thomas "ZlatkO" Zajic <zlatko at gmx.at> Linux-2.6.17 & Thunderbird-1.5 - - "It is not easy to cut through a human head with a hacksaw." (M. C.) - =-------------------------------------------------------------------------=
On Tue, Aug 01, 2006 at 12:49:38AM -0500, J Moore wrote:> At startup I get the following warning: > "Warning: Fixing permissions of /var/dovecot to be world-readable." > > Q: Is this something that I can/should fix, or can it be safely ignored? > > Thnx, > JWhen Dovecot prints this message it has corrected the issue already. The OpenBSD port was creating /var/doveocot with permissions of 0700 instead of 0755, as it should be. I fixed the port 3 days ago.
On Tue, Aug 01, 2006 at 10:36:01AM +0200, Thomas Zajic wrote:> BTW my (command line) chmod doesn't know a "-h" option, what's it supposed > to do? Something with (not) following symlinks, I guess?from NetBSD's chmod(1) manpage: -h If file is symbolic link, the mode of the link is changed. But apparantly only NetBSD and FreeBSD have this flag, sorry. Geert
On Tue, Aug 01, 2006 at 04:04:06AM -0400, the unit calling itself Brad wrote:> On Tue, Aug 01, 2006 at 12:49:38AM -0500, J Moore wrote: > > At startup I get the following warning: > > "Warning: Fixing permissions of /var/dovecot to be world-readable." > > > > Q: Is this something that I can/should fix, or can it be safely ignored? > > > When Dovecot prints this message it has corrected the issue already. > The OpenBSD port was creating /var/doveocot with permissions of 0700 > instead of 0755, as it should be. I fixed the port 3 days ago.If 0755 is what it should be, then you are correct: $ ls -l /var ... drwxr-xr-x 3 root wheel 512 Aug 1 01:30 dovecot ... On a different topic: I also had an issue with the default file locks; I had to change: From: #mbox_write_locks = dotlock fcntl To: mbox_write_locks = fcntl I got this change from a blog that turned up in a Google search. Best Rgds, J
On Tue, Aug 01, 2006 at 10:52:29AM -0500, J Moore wrote:> On Tue, Aug 01, 2006 at 04:04:06AM -0400, the unit calling itself Brad wrote: > > On Tue, Aug 01, 2006 at 12:49:38AM -0500, J Moore wrote: > > > At startup I get the following warning: > > > "Warning: Fixing permissions of /var/dovecot to be world-readable." > > > > > > Q: Is this something that I can/should fix, or can it be safely ignored? > > > > > When Dovecot prints this message it has corrected the issue already. > > The OpenBSD port was creating /var/doveocot with permissions of 0700 > > instead of 0755, as it should be. I fixed the port 3 days ago. > > If 0755 is what it should be, then you are correct: > > $ ls -l /var > ... > drwxr-xr-x 3 root wheel 512 Aug 1 01:30 dovecot > ... > > > On a different topic: I also had an issue with the default file locks; I > had to change: > From: #mbox_write_locks = dotlock fcntl > To: mbox_write_locks = fcntl > > I got this change from a blog that turned up in a Google search.I also fixed the example config that is installed by the port to use fcntl for the mbox write locking method.