On Tue, Jul 19, 2011 at 3:56 PM, Steve Fatula <compconsultant at
yahoo.com> wrote:> I see back in November of last year, a thread about using client_limit in
the
> imap service (not imap-login) that would allow each imap process serve more
than
> one connection. Sounded good, until I tried it!
>
> When I did, unlike the OP of that thread, I got:
>
> dovecot: imap(submit.user): Fatal: setuid(503(submit.user) from userdb
lookup)
> failed with euid=501(links): Operation not permitted (This binary should
> probably be called with process user set to 503(submit.user) instead of
> 501(links))
>
> So, it would appear that this does not work. Still, the thread was posting
> results of their testing even that showed it worked.
>
> Sample message within the thread, read for more:
>
> http://www.dovecot.org/list/dovecot/2010-November/054893.html
>
> I'd love to be able to use a single imap process for more than one
connection.
> Is this still possible, or, not? If so, how?
>
> Steve
>
>
In my case, we use a single shared user for all mailboxes, so there's
no UID issue. The imap process is always running as that one UID, so
it doesn't ever try to setuid to something else.
Timo, is there some way/setting to only let client_limit != 1 apply to
processes running as the same user? I.e. if a imap process (with
client_limit > 1) was running as UID 501 (to use the OP's uids), and
imap-login needed to send UID 503 to an imap process, it wouldn't send
it to the one running as UID 501, but rather either create new imap
proc or if UID 503 already had a imap proc running, then send UID 503
to that one. (I realize that makes almost no grammatical sense, but
hopefully you know what I mean).