Stewart Dean
2009-Nov-13 20:27 UTC
[Dovecot] Ownership and permissions for the index directory/filesystem
I recently upgraded from DC 1.1.15 to 1.2.6. The /var/dcindx index root directory is: drwxrwsrwt 3962 root sys 192512 Nov 13 11:56 ./ thus 3777. It appears that the user index directories created under DC1.1 look like this (here for /var/dcindx/cep): drwx--S--- 5 cep sys 256 Nov 13 14:26 cep/ while those created under V1.2 look like: drwx------ 3 lrenart sys 256 Nov 12 14:59 lrenart/ It seems that the first time that DC goes to do indexing, I now see this error msg: Nov 12 11:45:15 mercury mail:err|error dovecot: IMAP(bpyi): open(/var/spool/mail/bpyi) failed: Permission denied (euid=2586(bpyi) egid=2000(bard2) missing +w perm: /var/spool/mail) ...but never again... Questions: 1) Are the ownership and permissions on the /var/dcindx index root directory ideal or should they be something else? 2) Ideally what should the ownership and permissions be for individual user subdirs? I create the user mail directories when creating a new account, so it would be little extra trouble to create and set the ownership and permissions. I am currently using mbox mailbox format but will be migrating to maildir over the next some months. Dovecot -n> # 1.2.6: /usr/local/etc/dovecot.conf > # OS: AIX 3 0001378F4C00 > listen: *:143 > ssl_listen: *:993 > disable_plaintext_auth: no > verbose_ssl: yes > login_dir: /var/run/dovecot/login > login_executable: /usr/local/libexec/dovecot/imap-login > login_processes_count: 12 > login_max_processes_count: 774 > max_mail_processes: 1280 > mail_max_userip_connections: 12 > verbose_proctitle: yes > first_valid_uid: 200 > mail_location: mbox:~/mail:INBOX=/var/spool/mail/%u:INDEX=/var/dcindx/%u > mbox_write_locks: fcntl > mbox_dirty_syncs: no > lda: > postmaster_address: postmaster at example.com > auth default: > passdb: > driver: pam > userdb: > driver: passwd-- ==== Once upon a time, the Internet was a friendly, neighbors-helping-neighbors small town, and no one locked their doors. Now it's like an apartment in Bed-Stuy: you need three heavy duty pick-proof locks, one of those braces that goes from the lock to the floor, and bars on the windows.... ==== Stewart Dean, Unix System Admin, Bard College, New York 12504 sdean at bard.edu voice: 845-758-7475, fax: 845-758-7035
Timo Sirainen
2009-Nov-13 22:52 UTC
[Dovecot] Ownership and permissions for the index directory/filesystem
On Fri, 2009-11-13 at 15:27 -0500, Stewart Dean wrote:> Nov 12 11:45:15 mercury mail:err|error dovecot: IMAP(bpyi): open(/var/spool/mail/bpyi) failed: Permission denied (euid=2586(bpyi) egid=2000(bard2) missing +w perm: /var/spool/mail)It's trying to create bpyi user's INBOX that doesn't exist yet, but fails because it doesn't have write access to /var/spool/mail/ directory. Probably gets fixed by the time the user gets the first mail and your MTA creates the file.> Questions: > 1) Are the ownership and permissions on the /var/dcindx index root > directory ideal or should they be something else?They're fine.> 2) Ideally what should the ownership and permissions be for individual > user subdirs? I create the user mail directories when creating a new > account, so it would be little extra trouble to create and set the > ownership and permissions.0700, owned by the user. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20091113/617dd605/attachment-0002.bin>
Seemingly Similar Threads
- Help needed: Index filesystem permissions problem after switch to V1.2 and back to V1.1
- Seeing "Corrupted transaction log file" error messages.
- Want to have some users with Maildir, some with mbox
- Errmsgs b4 and after migration DC V1.0.15 to V1.1.8
- Weird mirgration problem