Hi, I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=<msmith at example.com>, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) I do not know if I need to change the group to secmail. Currently, I have as follows -rwsr-xr-x?? 1 root root 933796 2011-06-10 05:36 deliver Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux. Here is my dovecot.conf log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap listen: *:143 ssl: no disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login verbose_proctitle: yes first_valid_uid: 106 last_valid_uid: 200 mail_privileged_group: mail mail_location: maildir:/home/vmail/%u/Maildir mbox_write_locks: fcntl dotlock mail_plugins: quota imap_quota imap_client_workarounds: outlook-idle delay-newmail netscape-eoh tb-extra-mailbox-sep lda: ? postmaster_address: postmaster at example.com ? mail_plugins: quota ? sendmail_path: /usr/lib/sendmail ? rejection_reason: Your message to <%t> was automatically rejected:%n%r auth default: ? mechanisms: plain login ? username_format: %Lu ? verbose: yes ? debug: yes ? debug_passwords: yes ? passdb: ??? driver: pam ? passdb: ??? driver: ldap ??? args: /etc/dovecot/dovecot-ldap.conf ? userdb: ??? driver: prefetch ? userdb: ??? driver: passwd ? userdb: ??? driver: static ??? args: uid=106 gid=1010 home=/home/vmail/%u ? socket: ??? type: listen ??? client: ????? path: /var/spool/postfix/private/auth ????? mode: 432 ????? user: postfix ????? group: mail ??? master: ????? path: /var/run/dovecot-auth-master ????? mode: 432 ????? user: vmail ????? group: vmail plugin: ? quota: maildir ? quota_rule: *:storage=3GB ? quota_rule2: Trash:storage=20%% ? quota_rule3: Spam:storage=10%% ? quota_warning: storage=95%% /usr/local/bin/quota-warning.sh 95 ? quota_warning2: storage=80%% /usr/local/bin/quota-warning.sh 80 Here is my master.cf # delivery through dovecot dovecot?? unix? -?????? n?????? n?????? -?????? -?????? pipe ? flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} Any help would be greatly appreciated. Thank you
On 09/28/2011 08:37 AM Daminto Lie wrote:> Hi, > > I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users: > > > Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=<msmith at example.com>, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids ) > > I do not know if I need to change the group to secmail. Currently, I have as follows > > -rwsr-xr-x 1 root root 933796 2011-06-10 05:36 deliver > > > Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux.RTFM chmod(1)> ? > Here is my master.cf > # delivery through dovecot > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient} > > Any help would be greatly appreciated. > > Thank youchgrp vmail /usr/lib/dovecot/deliver chmod o-rx !$ Regards, Pascal -- The trapper recommends today: cafefeed.1127120 at localdomain.org