dovecot - Mar 2013 - question regarding rw-access on mailbox on creation/login (dovecot 1.2.17)

Hi,

currently I have one new user with a problem. When she logs in to
dovecot with pop3 from her apple mail, dovecot tells problems with the
+w permission.

Error: open(/var/mail/******) failed: Permission denied
(euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail)

/var/mail is rw by root.mail

I cant see why just this particular user has that problem/gets that
messages.

AFAIK no one changed any default permissions on directories or set
different users.

What could be "wrong"? Any suggestions is welcome.

	Regards . G?tz


-- 
G?tz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reinicke at filmakademie.de

Filmakademie Baden-W?rttemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: J?rgen Walter MdL
Staatssekret?r im Ministerium f?r Wissenschaft,
Forschung und Kunst Baden-W?rttemberg

Gesch?ftsf?hrer: Prof. Thomas Schadt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5174 bytes
Desc: S/MIME Kryptografische Unterschrift
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20130306/6c17827c/attachment.bin>

On 3/6/2013 12:15 AM, G?tz Reinicke - IT Koordinator
wrote:
> Hi,
>
> currently I have one new user with a problem. When she logs in to
> dovecot with pop3 from her apple mail, dovecot tells problems with the
> +w permission.
>
> Error: open(/var/mail/******) failed: Permission denied
> (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail)
>
> /var/mail is rw by root.mail
>
> I cant see why just this particular user has that problem/gets that
> messages.
>
> AFAIK no one changed any default permissions on directories or set
> different users.
>
> What could be "wrong"? Any suggestions is welcome.

Filesystem ACLs?

Dem

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 6 Mar 2013, G?tz Reinicke - IT Koordinator wrote:
> currently I have one new user with a problem. When she logs in to
> dovecot with pop3 from her apple mail, dovecot tells problems with the
> +w permission.
>
> Error: open(/var/mail/******) failed: Permission denied
> (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail)
>
> /var/mail is rw by root.mail
Does /var/mail/****** already exist? Do you have a mbox there and Dovecot 
needs to create a lock file there? If so, try flock.

v2.2 has:

# Which locking methods to use for locking mbox. There are four available:
#  dotlock: Create <mailbox>.lock file. This is the oldest and most 
NFS-safe
#           solution. If you want to use /var/mail/ like directory, the 
users
#           will need write access to that directory.
#  dotlock_try: Same as dotlock, but if it fails because of permissions or
#               because there isn't enough disk space, just skip it.
#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
#  flock  : May not exist in all systems. Doesn't work with NFS.
#  lockf  : May not exist in all systems. Doesn't work with NFS.
#
# You can use multiple locking methods; if you do the order they're 
declared
# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
# locking methods as well. Some operating systems don't allow using some 
of
# them simultaneously.
#mbox_read_locks = fcntl
#mbox_write_locks = dotlock fcntl

dotlock will fail in your system.

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUTccDF3r2wJMiz2NAQIUFQf/QhJ2H1/ke4JrmAn15FbRkhsQS+LiyC2L
WfaWvpvXSq3OjUzVQt5VflvPaeHjCS5OcDQzGufLo1ZeNT0rZMvfR7T9Ks59mFYb
WRlSFZAsGkbxomlKZnt90CkFJqD0QZvIYya3Tp0Ca0NxHVaaSia601cINhVDwGY6
/VxPzwgIMPwM7gzTdjz9PqRhsXtifbl9/oo4ac3IJ2qAm2Wg/q6WL3u1+TTcnBpM
KOlNLqSzU6eqaxEXUzKKHIEFDWR1Qg4Qo6oGsS0sL4w2KBtoXfzy1KdRHxeWPrrK
9a5eHdsyD/DVIC8Ouz0zJar3FenbWv0+MblK1jtdeSW/VayQwFKVkQ==FBCf
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 6 Mar 2013, G?tz Reinicke - IT Koordinator wrote:
> currently I have one new user with a problem. When she logs in to
> dovecot with pop3 from her apple mail, dovecot tells problems with the
> +w permission.
>
> Error: open(/var/mail/******) failed: Permission denied
> (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail)
>
> /var/mail is rw by root.mail
Do the other users have "mail" as secondary group?

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUTcc8V3r2wJMiz2NAQKwJAgAvtb4/Uot+KyXI1Xcbo9nvcLSPO4aPkXw
YxRXQLLYwSeLuvygHOEu+3Y3eMJi7Y2BmUMuK5/8ZZLP6en7vfxCYuwGmcnfnO0A
hqZYbddTGablWfgIO3aJDm0BWCs30g5IeRYwdVKajv8b4ldFOEex7msDJ01Ryw6E
MtlrQ+ODw1/79xvnyGWExt6YNm4Du8HZtohD2Ol5rwdJ6tfBVxmw07vWlJVoHv/L
iBZZiQcEJp2yphwKvxaRTTPjw7z2SexNY5VogTHWGspa6MaSwLZG6HK8Td630GIp
V5vpUmaqHUCPOph5xebPJV3/MWkczf15axUvU2Dz0q4JisiNePV45g==c0P3
-----END PGP SIGNATURE-----

Thanks for all suggestions!

	"mail_privileged_group = mail" did the magic.

I'v read the V1.0 -> 1.1 -> 1.2, but did not read ALL config options
in
the new dovecot.conf.

	/G?tz

-- 
G?tz Reinicke
IT-Koordinator

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reinicke at filmakademie.de

Filmakademie Baden-W?rttemberg GmbH
Akademiehof 10
71638 Ludwigsburg
www.filmakademie.de

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats: J?rgen Walter MdL
Staatssekret?r im Ministerium f?r Wissenschaft,
Forschung und Kunst Baden-W?rttemberg

Gesch?ftsf?hrer: Prof. Thomas Schadt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5174 bytes
Desc: S/MIME Kryptografische Unterschrift
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20130306/654649b9/attachment.bin>