Shayne Hardesty
2006-Jan-30 22:09 UTC
[Dovecot] Dovecot-lda/deliver - how to deliver root's mail?
There's a good chance I could be missing something obvious here, as I can't find much documentation on the LDA other than on the wiki, which is sparse. Local mail delivery works for normal users, but when attempting to deliver mail for root I get this error: Jan 30 13:42:50 apollo deliver: Running as root isn't permitted Both sendmail and dovecot run as root on my server - since I don't allow shell accounts and have multiple layers of security around the server I'm okay with that. How can I tell dovecot-lda it's okay to deliver root's mail as root? Thanks, Shayne
Curtis Maloney
2006-Jan-30 23:54 UTC
[Dovecot] Dovecot-lda/deliver - how to deliver root's mail?
Shayne Hardesty wrote:> There's a good chance I could be missing something obvious here, as I > can't find much documentation on the LDA other than on the wiki, which > is sparse. Local mail delivery works for normal users, but when > attempting to deliver mail for root I get this error: > > Jan 30 13:42:50 apollo deliver: Running as root isn't permitted > > Both sendmail and dovecot run as root on my server - since I don't > allow shell accounts and have multiple layers of security around the > server I'm okay with that. How can I tell dovecot-lda it's okay to > deliver root's mail as root?I think you'll find it's fairly common practice to alias root to whomever is responsible for handling such mail, not delivering it to root (who generally has no home dir, no quota limits, and, of course, almost no other limits). This also removes the potential security issue of having your LDA running as root (I'm not saying any LDA _are_ an issue, but it's easier to not have an issue if you don't do it :) -- Curtis Maloney cmaloney@cardgate.net