thr3ads.net - dovecot - [Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root [Aug 2010]

If this information is useful, please help other people find it:
Share via:

Ralph Seichter

2010-Aug-20 18:07 UTC

[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root

I'm currently trying to set up a Dovecot 2.0.0 server for backup
purposes. There's an existing server which I successfully migrated to
Dovecot 2.0.0, and it uses LDAP for authentication. For the backup
server, which will not be exposed to users, I tried both PAM and PASSWD
authentication, but all I are syslog entries like these:

  dovecot: imap-login: Login: user=<foo>, method=PLAIN, rip=[...],
lip=[...], mpid=20059, TLS
  dovecot: imap(foo): Error: user foo: Couldn't drop privileges: Mail access
not allowed for root
  dovecot: imap(foo): Error: Internal error occurred. Refer to server log for
more information.

Here is my current configuration:

  # doveconf -n
  # 2.0.0: /usr/local/dovecot-2.0/etc/dovecot/dovecot.conf
  # OS: Linux 2.6.35-gentoo-r1-v3 x86_64 Gentoo Base System release 2.0.1
  auth_mechanisms = plain login
  base_dir = /var/run/dovecot/
  listen = *
  mail_location = maildir:~/.maildir
  passdb {
    args = scheme=crypt /usr/local/dovecot-2.0/etc/dovecot/passwd
    driver = passwd-file
  }
  protocols = imap
  ssl_cert = </usr/local/dovecot-2.0/etc/dovecot/server.crt
  ssl_key = </usr/local/dovecot-2.0/etc/dovecot/server.key

The password file contents:

  # cat /usr/local/dovecot-2.0/etc/dovecot/passwd
  foo:{CRYPT}xxx:1000:1000:Foo Backup:/home/foo:/bin/bash

I searched the Dovecot Wiki and also tried MARC and Google, but I can't
seem to find a solution for this problem. Could you please point me in
the right direction? I have probably missed something.

Thanks!

-Ralph

Timo Sirainen

2010-Aug-20 18:36 UTC

head link

[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root

On Fri, 2010-08-20 at 20:07 +0200, Ralph Seichter wrote:>   dovecot: imap(foo): Error: user foo: Couldn't drop privileges: Mail
access not allowed for root
>   passdb {
>     args = scheme=crypt /usr/local/dovecot-2.0/etc/dovecot/passwd
>     driver = passwd-file
>   }
You don't have a userdb defined or mail_uid/mail_gid setting..
>   # cat /usr/local/dovecot-2.0/etc/dovecot/passwd
>   foo:{CRYPT}xxx:1000:1000:Foo Backup:/home/foo:/bin/bash
I guess you should add:

  userdb {
    args = scheme=crypt /usr/local/dovecot-2.0/etc/dovecot/passwd
    driver = passwd-file
  }

The error message is bad though. I'm pretty sure it was better in v1.2.
I'll see about fixing that.

Maybe Matching Threads

Search for more maybe matching threads

dovecot - Aug 2010 - Authentication woes - Couldn't drop privileges: Mail access not allowed for root

[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root

[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root

Maybe Matching Threads