I am trying to create an archive postoffice by bcc all e-mail from the
"real" mail server to an existing OS X server and by setting all ACL
to
read-only.
Problem:
deliver reports: "Fatal: mail_full_filesystem_access=yes is incompatible
with ACLs"
It seems, that the failure is independent of the existence of an ACL file.
I cannot change machines (must be OS X) and I do not like to compile
anything on that box (but I could re-configure stuff).
Can anybody help how to get around this error with existing hard and
software?
Thanks in advance, Radim
from /var/log/mailaccess.log (fatal error towards the end)
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
deliver(rsw): Nov 01 20:02:26 Info: Loading modules from directory:
/usr/lib/dovecot/lda
deliver(rsw): Nov 01 20:02:26 Info: Module loaded:
/usr/lib/dovecot/lda/lib01_acl_plugin.so
deliver(rsw): Nov 01 20:02:26 Info: Module loaded:
/usr/lib/dovecot/lda/lib10_quota_plugin.so
deliver(rsw): Nov 01 20:02:26 Info: Module loaded:
/usr/lib/dovecot/lda/lib90_cmusieve_plugin.so
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): master in:
USER 1 rsw service=deliver
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw):
lookup user=rsw
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw):
directory lookup for: user=rsw
deliver(rsw): Nov 01 20:02:26 Info: auth input: rsw
deliver(rsw): Nov 01 20:02:26 Info: auth input: uid=1026
deliver(rsw): Nov 01 20:02:26 Info: auth input: gid=20
deliver(rsw): Nov 01 20:02:26 Info: auth input: quota=maildir:User
quota:noenforcing
deliver(rsw): Nov 01 20:02:26 Info: auth input: quota_rule=*:storage=1024000
deliver(rsw): Nov 01 20:02:26 Info: auth input:
mail=maildir:/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
deliver(rsw): Nov 01 20:02:26 Info: auth input:
mail_location=maildir:/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
deliver(rsw): Nov 01 20:02:26 Info: auth input:
sieve=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E/dovecot.sieve
deliver(rsw): Nov 01 20:02:26 Info: auth input:
sieve_dir=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
deliver(rsw): Nov 01 20:02:26 Info: auth input:
sieve_storage=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default):
od[getpwnam_ext](rsw): uid=1026 gid=20 state=0xe quota=1000
guid=3BB7256A-B055-4DC3-AD4E-79B34DCAB96E name=RSw
loc=osxmini2010.fos4.intra alt=(null) fwd=(null)
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw): user
RSw exists more than once
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw):
record name=RSw, uid=1026, gid=20
deliver(rsw): Nov 01 20:02:26 Info: Quota root: name=User quota
backend=maildir args=noenforcing
deliver(rsw): Nov 01 20:02:26 Info: Quota rule: root=User quota
mailbox=* bytes=1048576000 messages=0
deliver(rsw): Nov 01 20:02:26 Info: Quota warning: bytes=1048576000
(100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh
deliver(rsw): Nov 01 20:02:26 Info: maildir:
data=/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
deliver(rsw): Nov 01 20:02:26 Info: maildir++:
root=/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E,
index=, control=,
inbox=/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
deliver(rsw): Nov 01 20:02:26 Info: acl: initializing backend with data:
vfile
deliver(rsw): Nov 01 20:02:26 Info: acl: acl username = rsw
deliver(rsw): Nov 01 20:02:26 Info: acl: owner = 1
deliver(rsw): Nov 01 20:02:26 Info: acl vfile: Global ACL directory: (null)
deliver(rsw): Nov 01 20:02:26 Info: acl: initializing backend with data:
vfile
deliver(rsw): Nov 01 20:02:26 Info: acl: acl username = rsw
deliver(rsw): Nov 01 20:02:26 Info: acl: owner = 1
deliver(rsw): Nov 01 20:02:26 Info: acl vfile: Global ACL directory: (null)
deliver(rsw): Nov 01 20:02:26 Fatal: mail_full_filesystem_access=yes is
incompatible with ACLs
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw):
user=RSw, quota=*:storage=1024000
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): od(rsw): data
store
location=maildir:/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
Nov 1 20:02:26 osxmini2010 dovecot[3662]: auth(default): master out:
USER 1 rsw uid=1026 gid=20 quota=maildir:User
quota:noenforcing quota_rule=*:storage=1024000
mail=maildir:/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
mail_location=maildir:/var/spool/imap/dovecot/mail/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
sieve=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E/dovecot.sieve
sieve_dir=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
sieve_storage=/var/spool/imap/dovecot/sieve-scripts/3BB7256A-B055-4DC3-AD4E-79B34DCAB96E
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
from dovecotd -n (aka dovecot -n on normal Linux)
PS: despite Darwin "10.4.1" it is a updated 10.6. Snow Leopard Server
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# 1.1.20apple0.5: /private/etc/dovecot/dovecot.conf
# OS: Darwin 10.4.1 x86_64 hfs
base_dir: /var/run/dovecot
syslog_facility: local6
protocols: managesieve pop3 imap
listen(default): *
listen(imap): *
listen(pop3): *
listen(managesieve): *:2000
ssl_disable: yes
ssl_cipher_list: ALL:!LOW:!SSLv2:!aNULL:!ADH:!eNULL
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
login_executable(managesieve): /usr/libexec/dovecot/managesieve-login
login_user: _dovecot
login_process_per_connection: no
max_mail_processes: 200
mail_max_userip_connections(default): 20
mail_max_userip_connections(imap): 20
mail_max_userip_connections(pop3): 10
mail_max_userip_connections(managesieve): 10
verbose_proctitle: yes
first_valid_uid: 6
first_valid_gid: 6
mail_access_groups: mail
mail_location: maildir:/var/spool/imap/dovecot/mail/%u
mail_debug: yes
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_executable(managesieve): /usr/libexec/dovecot/managesieve
mail_process_sharing(default): full
mail_process_sharing(imap): full
mail_process_sharing(pop3): full
mail_process_sharing(managesieve): none
mail_max_connections(default): 5
mail_max_connections(imap): 5
mail_max_connections(pop3): 5
mail_max_connections(managesieve): 20
mail_plugins(default): quota imap_quota acl
mail_plugins(imap): quota imap_quota acl
mail_plugins(pop3): quota
mail_plugins(managesieve):
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
mail_plugin_dir(managesieve): /usr/lib/dovecot/managesieve
sieve_storage(default):
sieve_storage(imap):
sieve_storage(pop3):
sieve_storage(managesieve): /var/spool/imap/dovecot/sieve-scripts/%u
sieve(default):
sieve(imap):
sieve(pop3):
sieve(managesieve): /var/spool/imap/dovecot/sieve-scripts/%u/dovecot.sieve
lda:
postmaster_address: postmaster at example.com
hostname: osxmini2010.fos4.intra
mail_plugins: cmusieve quota acl
quota_full_tempfail: yes
sendmail_path: /usr/sbin/sendmail
auth_socket_path: /var/run/dovecot/auth-master
log_path: /var/log/mailaccess.log
info_log_path: /var/log/mailaccess.log
auth default:
mechanisms: plain login gssapi
master_user_separator: *
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: passwd-file
args: /etc/dovecot/masteruser.passdb
master: yes
passdb:
driver: od
userdb:
driver: od
args: partition=/etc/dovecot/partition_map.conf enforce_quotas=no
socket:
type: listen
master:
path: /var/run/dovecot/auth-master
mode: 384
user: _dovecot
group: mail
plugin:
quota_warning: storage=100%% /usr/libexec/dovecot/quota-exceeded.sh
quota: maildir:User quota
sieve: /var/spool/imap/dovecot/sieve-scripts/%u/dovecot.sieve
acl: vfile
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
Timo Sirainen
2010-Nov-02 16:49 UTC
[Dovecot] Dovecot 1.1.20 on OS X - ACL deliver Problem
On Mon, 2010-11-01 at 20:40 +0100, R. Svejda wrote:> Problem: > deliver reports: "Fatal: mail_full_filesystem_access=yes is incompatible > with ACLs"You could disable ACLs for deliver, by giving it a different config file (-c /etc/dovecot-deliver.conf).
On 11/02/2010 05:49 PM, Timo Sirainen wrote:> On Mon, 2010-11-01 at 20:40 +0100, R. Svejda wrote: > >> Problem: >> deliver reports: "Fatal: mail_full_filesystem_access=yes is incompatible >> with ACLs" >> > You could disable ACLs for deliver, by giving it a different config file > (-c /etc/dovecot-deliver.conf). > > >Thanks a lot Timo! A quick test shows it is running. I guess the special "deliver" config file needs only the LDA section, right? However, more detailed testing has to wait some hours. I will sleep happy. Radim