Hi there
I'm having difficulties in getting dovecot to run under daemontools. Also,
from a sysadmin perspective, so far, I find dovecot's config rather complex
- I suppose that's what happens when one attempts to appease all
authentication methods... anyway, I digress.
System details, to set the scene:
OS: Slackware Linux
Linux Kernel: 2.4.29
GCC: 3.2.2
Dovecot version: 1.0.rc6
Dovecot configure options:
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
--with-checkpassword --without-passwd --without-passwd-file --without-shadow
--without-pam --without-bsdauth --without-gssapi --without-ldap
--without-vpopmail --with-prefetch-userdb --without-sql --without-pgsql
--without-mysql --with-ssl=openssl --without-pop3d --with-storages=maildir
--without-deliver
MTA: qmail
Storage: Maildirs under a single virtual user (vmail)
Checkpassword: /var/qmail/bin/qmail-vpoplogin (modified cdb checkpassword)
User DB: /var/qmail/users/vpasswd.cdb
/etc/dovecot.conf
base_dir = /var/run/dovecot
protocols = imap
listen = 127.0.0.1
ssl_disable = yes
shutdown_clients = yes
log_path = /var/log/dovecot
login_dir = /var/run/dovecot/login
maildir_copy_with_hardlinks = yes
protocol imap {
# only require access from webmail on same host
listen = 127.0.0.1:143
}
auth default {
passdb checkpassword {
args = /var/qmail/bin/qmail-vpoplogin
}
userdb prefetch {
}
# user who can access user/passwd db
user = auth
}
Firstly, I cannot run dovecot as an unprivileged user, as the OS moans that
the user doesn't have permission to write to /dev/stderr. I've had a
similar
issue running Clamav, but a patch to Clamav resolved this? This seems to be
related to referencing /dev/stderr directly. Any ideas?
Should I be running dovecot as the virtual mailbox user vmail?
Before I ramble on about what I've tried, could someone explain to me what
dovecot actually does, in terms of privilege separation? The online docs are
somewhat convoluted. This would help shed light on the solution.
I also noticed the posts re daemontools some time ago, yet they do not
include any setup solutions etc - I'd appreciate details from those of you
who've succeeded in this regard.
Thanks
Dale
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20060810/0cc391ab/attachment-0001.html>
* On 10/08/06 16:22 +0200, dale gallagher wrote:
| Hi there
Hi Dale!
| I'm having difficulties in getting dovecot to run under daemontools.
http://www.thedjbway.org/imap/dovecot.html
| Also, from a sysadmin perspective, so far, I find dovecot's config
| rather complex
| - I suppose that's what happens when one attempts to appease all
| authentication methods... anyway, I digress.
There are two plausible solutions to this complexity problem:
1. Use a Windows Server with some click next-> next
2. Quit being Sysadmin
;)
Sorry, one more .... courier-imap is easier to configure, no?
Kidding time ;)
-Wash
http://www.netmeister.org/news/learn2quote.html
DISCLAIMER: See http://www.wananchi.com/bms/terms.php
--
+======================================================================+
|\ _,,,---,,_ | Odhiambo Washington <wash at wananchi.com>
Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com
|,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922
'---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733
744121
+======================================================================+
Going to church does not make a person religious, nor does going to
school make a person educated, any more than going to a garage makes a
person a car.
dale gallagher wrote:> Firstly, I cannot run dovecot as an unprivileged user, as the OS moans > that the user doesn't have permission to write to /dev/stderr. I've had > a similar issue running Clamav, but a patch to Clamav resolved this? > This seems to be related to referencing /dev/stderr directly. Any ideas?...snip...> log_path = /var/log/dovecot...snip... You aren't using the correct log_path; it should be: log_path = /dev/stderr which *can* be written to by an unprivileged user.> I also noticed the posts re daemontools some time ago, yet they do not > include any setup solutions etc - I'd appreciate details from those of > you who've succeeded in this regard.Google is your friend: http://www.thedjbway.org/imap/dovecot.html I use the run file listed on that page without change and it works just fine. John -- John Peacock Director of Information Research and Technology Rowman & Littlefield Publishing Group 4501 Forbes Boulevard Suite H Lanham, MD 20706 301-459-3366 x.5010 fax 301-429-5748