Adam McDougall
2007-May-24 22:59 UTC
[Dovecot] dovecot-shared tries to fchown index+control files but fails
I have some public mailboxes setup in 1.0.0,
location =
maildir:/egr/mail/shared/org:CONTROL=%h/Maildir/dovecot/public/control/org:INDEX=%h/Maildir/dovecot/public/indexes/org
I also have a dovecot-shared file in the maildir folders so messages that are
added
to the inbox get a decent set of default permissions. However, I think dovecot
is also trying
to fchown the index files (stored in a user home directory, far away from the
shared mail)
to match the owner of the dovecot-shared file. When I rename dovecot-shared,
these errors
(apparently harmless at this point) go away:
May 24 18:45:35 hostname dovecot: IMAP(username):
fchown(/home/username/Maildir/dovecot/public/control/org/.mailfolder/dovecot-uidlist)
failed:
Operation not permitted
May 24 18:45:35 hostname dovecot: IMAP(username): fchown() failed with file
/home/username/Maildir/dovecot/public/indexes/org/.mailfolder/dovecot.index.log:
Operation not
permitted
At this point it is just clogging up the log, but I see two issues:
1. Isn't dovecot already running as the imap user, so as long as that user
isn't root,
it shouldn't be possible to change file owners at all. This is the
behavior I see
of dovecot-shared on new mail files, that is the group and file mode from
dovecot-shared
are applied, but not the owner.
2. Since these kind of metadata files aren't generally supposed to be
shared anyway,
why would it even want to change the permissions? Especially since I have
them stored
in a place where the user has ownership already.
Please let me know if I am missing something, or a behavior change is needed.
Thanks.
Timo Sirainen
2007-Jun-04 02:57 UTC
[Dovecot] dovecot-shared tries to fchown index+control files but fails
On Thu, 2007-05-24 at 18:59 -0400, Adam McDougall wrote:> May 24 18:45:35 hostname dovecot: IMAP(username): > fchown(/home/username/Maildir/dovecot/public/control/org/.mailfolder/dovecot-uidlist) failed: > Operation not permittedI'm not sure if you already figured this out, but these calls are used to change the file's group, not its owner. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20070604/cbe326e2/attachment-0002.bin>
Adam McDougall
2007-Jun-04 03:05 UTC
[Dovecot] dovecot-shared tries to fchown index+control files but fails
On Mon, Jun 04, 2007 at 05:57:49AM +0300, Timo Sirainen wrote: On Thu, 2007-05-24 at 18:59 -0400, Adam McDougall wrote: > May 24 18:45:35 hostname dovecot: IMAP(username): > fchown(/home/username/Maildir/dovecot/public/control/org/.mailfolder/dovecot-uidlist) failed: > Operation not permitted I'm not sure if you already figured this out, but these calls are used to change the file's group, not its owner. Why would dovecot-shared affect files outside of the shared directory though?