Felix Leimbach
2010-Apr-14 13:46 UTC
[Dovecot] dovecot-2.0-beta4, lda and sieve: Permission lookup failed from /tmp/Dovecot Delivery
Hi all,
I'm testing a dovecot-2.0-beta4 and it is great so far, except that I
can't get the sieve plugin for the LDA configured.
It doesn't find the user's homedir and uses /tmp instead. Thus it never
finds any sieve scripts.
The log shows that the SQL queries return the correct home path, namely
/mnt/data/vmail/example.com/me
dovecot: auth: prefetch(me at example.com): passdb didn't return userdb
entries, trying the next
dovecot: auth: sql(me at example.com): SELECT CONCAT(homedir, "/",
maildir)
AS mail, CONCAT(homedir, "/", maildir) AS home, uid, gid FROM
postfix_users WHERE email 'me at example.com'
dovecot: auth: master out: USER 1 me at example.com
mail=/mnt/data/vmail/example.com/me/
home=/mnt/data/vmail/example.com/me/ uid=5000
gid=5000
dovecot: lda(me at example.com): Effective uid=5000, gid=5000,
home=/mnt/data/vmail/example.com/me/
dovecot: lda(me at example.com): Namespace: type=private, prefix=, sep=.,
inbox=yes, hidden=no, list=yes,
subscriptions=yes
dovecot: lda(me at example.com): maildir++:
root=/mnt/data/vmail/example.com/me, index=, control=,
inbox=/mnt/data/vmail/example.com/me
However, the sieve plugin still uses /tmp instead of the home dir and fails:
dovecot: lda(me at example.com): fs: root=/tmp, index=, control=,
inbox=
dovecot: lda(me at example.com): Namespace : Permission lookup failed from
/tmp/Dovecot Delivery Mail
dovecot: lda(me at example.com): Namespace : Using permissions from /tmp:
mode=0777 gid=-1
dovecot: lda(me at example.com): Namespace : Permission lookup failed from
/tmp/Dovecot Delivery Mail
dovecot: lda(me at example.com): Namespace : Using permissions from /tmp:
mode=0777 gid=-1
dovecot: lda(me at example.com): sieve: user has no valid personal script
Any idea?
Cheers,
Felix
# doveconf -n
# 2.0.beta4: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32.2-grsec x86_64 Gentoo Base System release 2.0.1 ext3
auth_debug = yes
auth_socket_path = /var/run/dovecot/auth-userdb
default_login_user = dovecot_auth
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = *
login_greeting = Mailserver ready.
mail_debug = yes
mail_gid = 5000
mail_location = maildir:/mnt/data/vmail/%d/%n
mail_uid = 5000
namespace {
inbox = yes
location =
prefix =
separator = .
type = private
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_global_dir = /etc/dovecot/sievescripts
}
postmaster_address = postmaster at example.com
protocols = imap pop3 managesieve
service auth {
unix_listener auth-master {
group = vmail
mode = 0660
}
unix_listener auth-userdb {
group = vmail
mode = 0660
}
}
service imap-login {
inet_listener imap {
port = 10143
}
inet_listener imaps {
port = 10943
ssl = yes
}
}
service imap {
process_limit = 3000
}
service managesieve-login {
inet_listener sieve {
port = 2000
}
}
service pop3-login {
inet_listener pop3 {
port = 0
}
inet_listener pop3s {
port = 10995
ssl = yes
}
}
shutdown_clients = no
ssl_cert = </etc/dovecot/ssl.crt
ssl_key = </etc/dovecot/ssl.key
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
protocol managesieve {
managesieve_implementation_string = Cyrus timsieved v2.2.13'
}
protocol lda {
auth_socket_path = /var/run/dovecot/auth-master
info_log_path log_path mail_plugins = sieve
}
Pascal Volk
2010-Apr-14 14:18 UTC
[Dovecot] dovecot-2.0-beta4, lda and sieve: Permission lookup failed from /tmp/Dovecot Delivery
On 04/14/2010 03:46 PM Felix Leimbach wrote:> Hi all, > > I'm testing a dovecot-2.0-beta4 and it is great so far, except that I > can't get the sieve plugin for the LDA configured. > > It doesn't find the user's homedir and uses /tmp instead. Thus it never > finds any sieve scripts. > > The log shows that the SQL queries return the correct home path, namely > /mnt/data/vmail/example.com/me > > dovecot: auth: prefetch(me at example.com): passdb didn't return userdb > entries, trying the next > dovecot: auth: sql(me at example.com): SELECT CONCAT(homedir, "/", maildir) > AS mail, CONCAT(homedir, "/", maildir) AS home, uid, gid FROM > postfix_users WHERE email > 'me at example.com' > > dovecot: auth: master out: USER 1 me at example.com > mail=/mnt/data/vmail/example.com/me/ > home=/mnt/data/vmail/example.com/me/ uid=5000 > gid=5000 > dovecot: lda(me at example.com): Effective uid=5000, gid=5000, > home=/mnt/data/vmail/example.com/me/ > > dovecot: lda(me at example.com): Namespace: type=private, prefix=, sep=., > inbox=yes, hidden=no, list=yes, > subscriptions=yes > > dovecot: lda(me at example.com): maildir++: > root=/mnt/data/vmail/example.com/me, index=, control=, > inbox=/mnt/data/vmail/example.com/meThe first problem: home == mail && LAYOUT=maildir++. So ~/.dovecot.sieve will be created inside root=/mnt/data/vmail/example.com/me. IMAP will see the mailbox dovecot with the child mailbox sieve. When the directory /mnt/data/vmail/example.com/me/.dovecot.sieve exists you are unable tor create a file/link with same name in your "home dir". Please read: http://wiki.dovecot.org/VirtualUsers/Home> However, the sieve plugin still uses /tmp instead of the home dir and fails: > > dovecot: lda(me at example.com): fs: root=/tmp, index=, control=, > inbox= > dovecot: lda(me at example.com): Namespace : Permission lookup failed from > /tmp/Dovecot Delivery Mail > dovecot: lda(me at example.com): Namespace : Using permissions from /tmp: > mode=0777 gid=-1 > dovecot: lda(me at example.com): Namespace : Permission lookup failed from > /tmp/Dovecot Delivery Mail > dovecot: lda(me at example.com): Namespace : Using permissions from /tmp: > mode=0777 gid=-1 > dovecot: lda(me at example.com): sieve: user has no valid personal scriptIt performs only permissions lookups. That was fixed 9 days ago: http://hg.dovecot.org/dovecot-2.0/rev/9c94f073d014> Any idea?SELECT 'maildir:~/Maildir' AS mail, CONCAT(homedir, "/", maildir) AS home, ? Regards, Pascal -- The trapper recommends today: deadbeef.1010416 at localdomain.org -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3690 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20100414/402a26bd/attachment-0002.bin>
Steffen Kaiser
2010-Apr-14 14:58 UTC
[Dovecot] dovecot-2.0-beta4, lda and sieve: Permission lookup failed from /tmp/Dovecot Delivery
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 14 Apr 2010, Felix Leimbach wrote:> The log shows that the SQL queries return the correct home path, namely > /mnt/data/vmail/example.com/me > > dovecot: auth: prefetch(me at example.com): passdb didn't return userdb > entries, trying the next > dovecot: auth: sql(me at example.com): SELECT CONCAT(homedir, "/", maildir) > AS mail, CONCAT(homedir, "/", maildir) AS home, uid, gid FROMyou should not use home == mail(dir), but use different directories. The Wiki explains why. But this shold not cause the /tmp problem. regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBS8XYJr+Vh58GPL/cAQLiFggAtn5GHXkSQrcg99GbDySU7T1OlJRgREpn EkhpPLlkNg+uD34iKb9GvZutccJ3ewZzA6z9UMrMgeso2YLmzL1P0WdF0fpH7i6P d/I3zSmhZ4+522v6HIdPQ/1x6f3YcpF+6BCuM17BduJjCbEDDjYshG5JIMzKCjw1 gAS1ytc9AbYsqwtu6V67H6QBBGSV1TlP7FxU7El/7tbiKfP64RonWED7dAnfKOsR lm6wWOUrlMQarM2XxS0vSFELAZPU1P+G868SJankJ2ac/sy8Qr2420vN/IIQh1tX GpoE/lm/uJQLwFeo8mfk/eCSiWlgUiA+9hDJ3IRuLSTP2syi09OVJg==RkBE -----END PGP SIGNATURE-----
Felix Leimbach
2010-Apr-14 17:04 UTC
[Dovecot] dovecot-2.0-beta4, lda and sieve: Permission lookup failed from /tmp/Dovecot Delivery
Hi Pascal, On 04/14/2010 04:18 PM, Pascal Volk wrote:> On 04/14/2010 03:46 PM Felix Leimbach wrote: > > Hi all, > > > > I'm testing a dovecot-2.0-beta4 and it is great so far, except that I > > can't get the sieve plugin for the LDA configured. > > > > It doesn't find the user's homedir and uses /tmp instead. Thus it never > > finds any sieve scripts. > > > > The log shows that the SQL queries return the correct home path, namely > > /mnt/data/vmail/example.com/me > > > > dovecot: auth: prefetch(me at example.com): passdb didn't return userdb > > entries, trying the next > > dovecot: auth: sql(me at example.com): SELECT CONCAT(homedir, "/", maildir) > > AS mail, CONCAT(homedir, "/", maildir) AS home, uid, gid FROM > > postfix_users WHERE email > > 'me at example.com' > > > > dovecot: auth: master out: USER 1 me at example.com > > mail=/mnt/data/vmail/example.com/me/ > > home=/mnt/data/vmail/example.com/me/ uid=5000 > > gid=5000 > > dovecot: lda(me at example.com): Effective uid=5000, gid=5000, > > home=/mnt/data/vmail/example.com/me/ > > > > dovecot: lda(me at example.com): Namespace: type=private, prefix=, sep=., > > inbox=yes, hidden=no, list=yes, > > subscriptions=yes > > > > dovecot: lda(me at example.com): maildir++: > > root=/mnt/data/vmail/example.com/me, index=, control=, > > inbox=/mnt/data/vmail/example.com/me > > The first problem: home == mail && LAYOUT=maildir++. > So ~/.dovecot.sieve will be created inside > root=/mnt/data/vmail/example.com/me. IMAP will see the mailbox dovecot > with the child mailbox sieve. > When the directory /mnt/data/vmail/example.com/me/.dovecot.sieve exists > you are unable tor create a file/link with same name in your "home dir". > Please read: http://wiki.dovecot.org/VirtualUsers/Home >Thanks for pointing that out. The wiki is pretty clear and I've corrected this now. As a sidenote, I didn't find a way to automatically create user's home directories if they don't yet exist. As I don't want to change my existing maildir structure I put the home directories under a separate location: /mnt/data/vmail/doecot-homedirs/$maildir I looked at the autocreate plugin but it looks like it can only create directories under the user's maildir.> > However, the sieve plugin still uses /tmp instead of the home dir and fails: > > > > dovecot: lda(me at example.com): fs: root=/tmp, index=, control=, > > inbox= > > dovecot: lda(me at example.com): Namespace : Permission lookup failed from > > /tmp/Dovecot Delivery Mail > > dovecot: lda(me at example.com): Namespace : Using permissions from /tmp: > > mode=0777 gid=-1 > > dovecot: lda(me at example.com): Namespace : Permission lookup failed from > > /tmp/Dovecot Delivery Mail > > dovecot: lda(me at example.com): Namespace : Using permissions from /tmp: > > mode=0777 gid=-1 > > dovecot: lda(me at example.com): sieve: user has no valid personal script > > It performs only permissions lookups. That was fixed 9 days ago: > http://hg.dovecot.org/dovecot-2.0/rev/9c94f073d014 > > > Any idea? > SELECT 'maildir:~/Maildir' AS mail, CONCAT(homedir, "/", maildir) AS home, ? >I'm using this now, based on your suggestion but without having to move all my current maildirs: SELECT CONCAT('maildir:', homedir, "/", maildir) AS mail, CONCAT(homedir, "/dovecot-homedirs/", maildir) AS home I've compiled dovecot-2.0 from the current hg repo and the error is gone. Great :) However, suddenly managesieve does not work anymore (called from TB's sieve plugin): dovecot: managesieve(me at example.com): maildir++: root=/mnt/data/vmail/example.com/me, index=, control=, inbox=/mnt/data/vmail/example.com/me Here the client sits for 20 seconds displaying "Authenticating ..." and then stops with a timeout error. dovecot: managesieve(me at example.com): Connection closed bytes=0/17 On a related note: I want to have a default sieve script which is executed for every user in addition to their own scripts. The reason is to put spam emails into a separate spam folder. I planned to use sieve_global_dir for that purpose, but it seems that the script there needs to be included in the user's own script. But most of the users won't even have a sieve script, let alone add that include. How can I achieve that global spam sorting? Thanks and best regards, Felix