dovecot - Mar 2008 - Rootless installation gets ssl-parameters.dat errors

In the logfile, i see this:

dovecot: Mar 18 16:24:30 Error: ssl-build-param: Can't create  
temporary SSL parameters file /var/lib/dovecot/ssl-parameters.dat.tmp:  
Permission denied
dovecot: Mar 18 16:24:30 Error: child 21836 (ssl-build-param) returned  
error 89
dovecot: Mar 18 16:24:30 Error: link(/var/lib/dovecot/ssl- 
parameters.dat, /usr/local/sb/daniel/rm/trunk/var/run/dovecot/login/ 
ssl-parameters.dat.tmp) failed: Permission denied
dovecot: Mar 18 16:24:30 Error: file_copy(/var/lib/dovecot/ssl- 
parameters.dat, /usr/local/sb/daniel/rm/trunk/var/run/dovecot/login/ 
ssl-parameters.dat) failed: No such file or directory

It is true that  I as a user do not have permissions to read this  
file, however, I followed all the instructions to run as a rootless  
user.  I don't seem to be able to specify anywhere where this ssl- 
parameters file should be copied from.

Please note, I'm running this as user daniel (not root).

Btw, there seems to have been a ssl_parameters_file keyword in the  
past, but it doesn't work with my version (nor with the latest 1.0.13).

non-SSL IMAP works fine, but obviously SSL has issues.

Thank you in advance for any help,

Daniel

#### SYSTEM INFO #####################################

$ dovecot --version
1.0.rc15

$ uname -a
Linux myhost.com 2.6.22.18-vs2.3.0.32.1 #1 SMP Mon Feb 11 07:07:23 EST  
2008 x86_64 x86_64 x86_64 GNU/Linux

$ cat /etc/redhat-release
CentOS release 5 (Final)

#### CONFIG FILE ####################################

$ perl -e 'for (<>){ next if /^\s*(#|$)/; print $_; }'
dovecot.conf

base_dir = /usr/local/sb/daniel/rm/trunk/var/run/dovecot
protocols = imap imaps
    protocol imap {
      listen = *:8300
      ssl_listen = *:8301
    }
log_path = /usr/local/sb/daniel/rm/trunk/var/logs/dovecot.log
info_log_path = /usr/local/sb/daniel/rm/trunk/var/logs/dovecot.info.log
ssl_cert_file = /usr/local/sb/daniel/rm/trunk/etc/dovecot.cert.pem
ssl_key_file =/usr/local/sb/daniel/rm/trunk/etc/dovecot.private.pem
login_chroot = no
login_user = daniel
login_process_size = 64
login_greeting = daniel's Dovecot ready.
mail_location = mbox:/usr/local/sb/daniel/rm/trunk/var/mail:INBOX=/usr/ 
local/sb/daniel/rm/trunk/var/mail/INBOX
mail_debug = yes
protocol imap {
}
protocol pop3 {
}
protocol lda {
   postmaster_address = postmaster at example.com
}
auth default {
   mechanisms = plain
   passdb passwd-file {
     args = /usr/local/sb/daniel/rm/trunk/var/dovecot.passwd
   }
   userdb passwd {
   }
   userdb passwd-file {
     args = /usr/local/sb/daniel/rm/trunk/var/dovecot.passwd
   }
   user = daniel
}
dict {
}
plugin {
}

On Tue, 2008-03-18 at 17:55 -0700, Daniel Bretoi wrote:
> In the logfile, i see this:
> 
> dovecot: Mar 18 16:24:30 Error: ssl-build-param: Can't create  
> temporary SSL parameters file /var/lib/dovecot/ssl-parameters.dat.tmp:  
> Permission denied
This path isn't configurable after installation. If you want to change
it, use configure --localstatedir parameter.
> It is true that  I as a user do not have permissions to read this  
> file, however, I followed all the instructions to run as a rootless  
> user.  I don't seem to be able to specify anywhere where this ssl- 
> parameters file should be copied from.
Did you also give configure --prefix=$HOME? It should have put
localstatedir under home directory.
> base_dir = /usr/local/sb/daniel/rm/trunk/var/run/dovecot
I guess not, because you wouldn't need this either when prefix was set
correctly.
> 1.0.rc15
Also since you're already compiling Dovecot yourself, would be a good
idea to use a newer version than rc15.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20080319/f4cb28bb/attachment-0002.bin>

On Mar 18, 2008, at 10:15 PM, Timo Sirainen wrote:
> On Tue, 2008-03-18 at 17:55 -0700, Daniel Bretoi wrote:
>> In the logfile, i see this:
>>
>> dovecot: Mar 18 16:24:30 Error: ssl-build-param: Can't create
>> temporary SSL parameters file /var/lib/dovecot/ssl- 
>> parameters.dat.tmp:
>> Permission denied
>
> This path isn't configurable after installation. If you want to change
> it, use configure --localstatedir parameter.
>
I think this is the only thing between me and doing a rootless run  
without having to install it myself. Is there any reason why you took  
the ssl_parameters_file out?
Dovecot needs to be accessible by other users as this is a sandbox  
environment to test an IMAP client we are developing. I don't like to  
make installs that are independent of the systems package-management  
system.

It would be useful to be able to run Dovecot rootless without having  
to make your own build. Also, the location of the ssl-parameters.dat  
would change per user since it's in a sandbox environment for us.

>> It is true that  I as a user do not have permissions to read this
>> file, however, I followed all the instructions to run as a rootless
>> user.  I don't seem to be able to specify anywhere where this ssl-
>> parameters file should be copied from.
>
> Did you also give configure --prefix=$HOME? It should have put
> localstatedir under home directory.
>
>> base_dir = /usr/local/sb/daniel/rm/trunk/var/run/dovecot
>
> I guess not, because you wouldn't need this either when prefix was set
> correctly.
>
>> 1.0.rc15
>
> Also since you're already compiling Dovecot yourself, would be a good
> idea to use a newer version than rc15.

I only compiled the latest version to see if the ssl_parameters_file  
was present in new builds so I didn't waste your time with something  
that has been solved already, but for reasons stated above, it's not  
practical for me to do compiles and I prefer to use the system package.

Thanks for your quick response, and an excellent IMAP client.

Daniel