Gert Cuykens
2008-Apr-12 14:01 UTC
[Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted
How can i give lda dovecot permision to set user and goup id to 5001
dovecot unix - n n - - pipe
flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender}
-d ${recipient}
Alexander Prinsier
2008-Apr-12 14:03 UTC
[Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted
Install it setuid root as described here http://wiki.dovecot.org/LDA. Alexander Gert Cuykens wrote:> How can i give lda dovecot permision to set user and goup id to 5001 > > dovecot unix - n n - - pipe > flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender} > -d ${recipient}
Gert Cuykens
2008-Apr-12 14:25 UTC
[Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted
but deliver is already root ?
and master is set as
master {
path = /var/run/dovecot/auth-master
mode = 0600
user = mail
group = mail
}
root at localhost:~# ls -al /usr/lib/dovecot/deliver
-rwxr-xr-x 1 root root 563112 2008-03-31 21:05 /usr/lib/dovecot/deliver
root at localhost:~#
i am sorry i dont understand what i need to do ?
On Sat, Apr 12, 2008 at 4:03 PM, Alexander Prinsier
<dovecot at aphexer.mailhaven.com> wrote:> Install it setuid root as described here http://wiki.dovecot.org/LDA.
>
> Alexander
>
>
>
> Gert Cuykens wrote:
> > How can i give lda dovecot permision to set user and goup id to 5001
> >
> > dovecot unix - n n - - pipe
> > flags=DRhu user=mail:mail argv=/usr/lib/dovecot/deliver -f ${sender}
> > -d ${recipient}
>
>
Alexander Prinsier
2008-Apr-12 17:28 UTC
[Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted
You realize that this way anyone can send email do any mailbox directly by invoking deliver? The instructions told you to make a subdirectory, and only give access to that subdirectory to users that need to be able to deliver to any user. Then place a copy of deliver with setuid root in that subdirectory. You probably forgot to set postmaster_address in the lda section of dovecot.conf. Alexander Gert Cuykens wrote:> a thank you :) Now i learned something really important today > > chmod u+s /usr/lib/dovecot/deliver > > root at localhost:~# ls -al /usr/lib/dovecot/deliver > -rwsr-xr-x 1 root root 563112 2008-03-31 21:05 /usr/lib/dovecot/deliver > root at localhost:~# > > I think i am almost there but now i get > > Apr 12 19:01:40 localhost deliver(root at vlocalhost): postmaster_address > setting not given
Gert Cuykens
2008-Apr-12 18:07 UTC
[Dovecot] localhost deliver(root@vlocalhost): setgid(5001) failed with euid=8, gid=8, egid=8: Operation not permitted
Victory !!! Apr 12 19:50:51 localhost deliver(root at vlocalhost): msgid=<20080412175051.67AD1490087 at localhost.localdomain>: saved mail to INBOX Now the security part, i was thinking that this would work also root at localhost:~# ls -al /usr/lib/dovecot/deliver -rws------ 1 mail mail 563112 2008-03-31 21:05 /usr/lib/dovecot/deliver root at localhost:~# but it doesnt, changing it to user postfix also doesnt work ?