Rob Mangiafico
2008-Nov-19 15:24 UTC
[Dovecot] mail_privileged_group not working for dotlock files (1.1.6)
Hello, Running dovecot 1.1.6 on centOS 5 and RHEL 5. With the settings: pop3_lock_session = yes mail_privileged_group = mail mail_location = mbox:~/:INBOX=/var/spool/mail/%u mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl and /var/spool/mail permissions: drwxrwx--x 2 root mail 4096 Nov 19 10:16 mail/ Trying to connect via POP3 results in this error: --- Nov 19 09:31:01 lexiconn2 dovecot: child 32127 (pop3) killed with signal 11 Nov 19 09:31:01 lexiconn2 dovecot: POP3(cerberus): file_lock_dotlock() failed with mbox file /var/spool/mail/xxx: Permission denied Nov 19 09:31:01 lexiconn2 dovecot: pop3-login: Login: user=<xxx>, method=PLAIN, rip=1.2.3.4, lip=5.6.7.8, secured --- The docs seem to indicate the above config / settings should work. Is this a bug? The reason we have dotlock as the primary format is due to procmail LDA from sendmail: --- procmail -v 2>&1|grep Locking Locking strategies: dotlocking, fcntl() --- I assume we have to make the "mbox_write_locks" match the procmail locking... Thanks. Rob
Rob Mangiafico
2008-Nov-21 20:45 UTC
[Dovecot] mail_privileged_group not working for dotlock files (1.1.6)
> Running dovecot 1.1.6 on centOS 5 and RHEL 5. > > With the settings: > pop3_lock_session = yes > mail_privileged_group = mail > mail_location = mbox:~/:INBOX=/var/spool/mail/%u > mbox_read_locks = fcntl > mbox_write_locks = dotlock fcntl > > and /var/spool/mail permissions: > drwxrwx--x 2 root mail 4096 Nov 19 10:16 mail/ > > Trying to connect via POP3 results in this error: > --- > Nov 19 09:31:01 lexiconn2 dovecot: child 32127 (pop3) killed with signal 11 > > Nov 19 09:31:01 lexiconn2 dovecot: POP3(cerberus): file_lock_dotlock() failed > with mbox file /var/spool/mail/xxx: Permission denied > > Nov 19 09:31:01 lexiconn2 dovecot: pop3-login: Login: user=<xxx>, > method=PLAIN, rip=1.2.3.4, lip=5.6.7.8, secured > --- > > The docs seem to indicate the above config / settings should work. Is this a > bug? > > The reason we have dotlock as the primary format is due to procmail LDA from > sendmail: > --- > procmail -v 2>&1|grep Locking > Locking strategies: dotlocking, fcntl() > --- > > I assume we have to make the "mbox_write_locks" match the procmail locking...We can use the workaround: mail_access_groups = mail But we'd prefer to use the safer method of "mail_privileged_group" to get dotlocking and POP3 mbox working with our current permissions. Just want to make sure we have things setup correctly. Thanks. Rob