Kevin P. McDonough
2011-Apr-04 22:16 UTC
[Dovecot] dovecot: auth(default): Can't open configuration file /etc/dovecot/dovecot-sql.conf: Permission denied
Hello,
I have been searching all day for help on an issue I am having after
installing and just having begun to configure dovecot. Whenever I try
to start the dovecot daemon I receive the following errors in the syslog:
Apr 4 13:15:03 ***** dovecot: auth(default): Can't open configuration
file /etc/dovecot/dovecot-sql.conf: Permission denied
Apr 4 13:15:03 *****dovecot: dovecot: Fatal: Auth process died too
early - shutting down
Now, I have gone through the config file (see below) trying various
settings for auth including running it as root and as vmail. I have
tried a number of permutations for the permissions and ownership on the
file specified above from 600 root -> 777 vmail and everything in
between, yet always the same issue. If I rename the file and try to
start dovecot it notices that the file is missing and gives an
appropriate error. I cannot figure out how the permissions can be wrong
on the file, I am starting to assume it is a problem elsewhere. (One
other note, I was initially getting an error regarding the rawlog
permissions, and just removed the rawlog part of the IMAP config to work
around that).
---cut---
*****:~ # l /etc/dovecot/
total 160
drwxr-xr-x 2 root root 4096 Apr 4 14:18 ./
drwxr-xr-x 98 root root 12288 Apr 4 17:41 ../
-rw-r--r-- 1 root root 52110 Apr 4 14:18 dovecot.conf
-rw-r--r-- 1 root root 51576 Mar 16 13:31 dovecot.conf~
-rw-r--r-- 1 root root 410 Feb 22 19:03 dovecot-db-example.conf
-rw-r--r-- 1 root root 782 Feb 22 19:03 dovecot-dict-sql-example.conf
-rw-r--r-- 1 root root 4986 Feb 22 19:03 dovecot-ldap-example.conf
-rw-r--r-- 1 root root 5589 Apr 4 13:25 dovecot-sql.backup
-rw------- 1 root root 5589 Mar 16 13:31 dovecot-sql.conf
-rw-r--r-- 1 root root 5097 Feb 22 19:03 dovecot-sql-example.conf
---cut---
---cut---
*****:~ # dovecot -n
# 1.2.16: /etc/dovecot/dovecot.conf
Error: setmntent(/etc/mtab) failed: Permission denied
# OS: Linux 2.6.37.1-1.2-desktop i686
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap imaps pop3 pop3s
ssl: no
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/pop3-login
first_valid_uid: 5000
last_valid_uid: 5000
first_valid_gid: 5000
last_valid_gid: 5000
mail_location: maildir:/var/vmail/%d/%n/Maildir
mail_executable(default): /usr/lib/dovecot/imap
mail_executable(imap): /usr/lib/dovecot/imap
mail_executable(pop3): /usr/lib/dovecot/rawlog /usr/lib/dovecot/pop3
mail_plugins(default): quota imap_quota
mail_plugins(imap): quota imap_quota
mail_plugins(pop3): quota
mail_plugin_dir(default): /usr/lib/dovecot/modules/imap
mail_plugin_dir(imap): /usr/lib/dovecot/modules/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/modules/pop3
lda:
postmaster_address: postmaster at example.com
mail_plugins: sieve quota
mail_plugin_dir: /usr/lib/dovecot/modules/lda
auth_socket_path: /var/run/dovecot/auth-master
auth default:
mechanisms: plain login
passdb:
driver: pam
passdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
userdb:
driver: passwd
userdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
socket:
type: listen
client:
path: /var/spool/postfix/private/auth
mode: 432
user: postfix
group: postfix
master:
path: /var/run/dovecot/auth-master
mode: 384
user: vmail
plugin:
quota: maildir
sieve: ~/.dovecot.sieve
sieve_dir: ~/sieve
---cut---
I just noticed that setmntent error above, I havent seen that anywhere
else previously. Any help would be _greatly_ appreciated.
Sincerely,
Kevin M.
Timo Sirainen
2011-Apr-05 04:54 UTC
[Dovecot] dovecot: auth(default): Can't open configuration file /etc/dovecot/dovecot-sql.conf: Permission denied
On 5.4.2011, at 1.16, Kevin P. McDonough wrote:> Apr 4 13:15:03 ***** dovecot: auth(default): Can't open configuration file /etc/dovecot/dovecot-sql.conf: Permission deniedThis file is opened while dovecot-auth is still running as root. So I'm guessing you have SELinux or AppArmor or something similar enabled, which prevents this.> Error: setmntent(/etc/mtab) failed: Permission denied..> I just noticed that setmntent error above, I havent seen that anywhere else previously. Any help would be _greatly_ appreciated.This can also only be explained by SELinux/AppArmor.