dovecot - Dec 2011 - Quota warnings not being sent

Hello,

I am running dovecot-2.0.13-1_128.el5 x86_64 RPM on CentOS 5.7 with the 
config shown below.

All accounts are virtual, hosted on LDAP Server.

My problem is that the quota warning mail is not sent as expected.

For example, in the logs I get:
Dec 12 08:42:40 vmail dovecot: lda(imaptester): Error: quota: 
net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission 
denied (euid=500(vmail) egid=500(vmail) missing +r perm: 
/var/run/dovecot/quota-warning, euid is not dir owner)

Here is /var/run/dovecot/:

# ls -la /var/run/dovecot/
total 32
drwxr-xr-x  4 root    dovecot  4096 Dec  9 21:27 .
drwxr-xr-x 23 root    root     4096 Dec 14 12:27 ..
srw-------  1 root    root        0 Dec  9 21:27 anvil
srw-------  1 root    root        0 Dec  9 21:27 anvil-auth-penalty
srw-------  1 root    root        0 Dec  9 21:27 auth-client
srw-------  1 dovecot root        0 Dec  9 21:27 auth-login
srw-rw----  1 vmail   vmail       0 Dec  9 21:27 auth-master
srw-------  1 root    root        0 Dec  9 21:27 auth-userdb
srw-------  1 dovecot root        0 Dec  9 21:27 auth-worker
srw-------  1 root    root        0 Dec  9 21:27 config
srw-------  1 root    root        0 Dec  9 21:27 dict
srw-------  1 root    root        0 Dec  9 21:27 director-admin
srw-rw-rw-  1 root    root        0 Dec  9 21:27 dns-client
srw-------  1 root    root        0 Dec  9 21:27 doveadm-server
lrwxrwxrwx  1 root    root       25 Dec  9 21:27 dovecot.conf -> 
/etc/dovecot/dovecot.conf
drwxr-xr-x  2 root    root     4096 May 17  2011 empty
drwxr-x---  2 root    dovenull 4096 Dec  9 21:27 login
-rw-------  1 root    root        5 Dec  9 21:27 master.pid
srw-------  1 root    root        0 Dec  9 21:27 quota-warning

Follows my config (at the end of this message).

How should I change permissions to resolve the issue? Would it be enough 
to change ownership of the whole directory /var/run/dovecot/ and its 
contents to vmail:vmail? What configuration directives determine the 
ownership and the access permissions for these sockets?

Please advise.

Thanks in advance,
Nick


------------------------------------------
# 2.0.13: dovecot.conf

protocols = imap pop3

mail_location = maildir:~/Maildir/
mail_gid = 500
mail_uid = 500

auth_mechanisms = plain login
auth_username_format = %Lu
auth_verbose = yes
disable_plaintext_auth = no

mail_plugins = quota

protocol imap {
   imap_client_workarounds = "delay-newmail  "
   mail_plugins = quota imap_quota
}

protocol pop3 {
   mail_max_userip_connections = 3
   mail_plugins = quota
   pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
   pop3_uidl_format = %08Xu%08Xv
}

protocol lda {
   auth_socket_path = /var/run/dovecot/auth-master
   info_log_path    log_path    mail_plugins = quota
   postmaster_address = sysadmin at example.com
   sendmail_path = /usr/lib/sendmail
}

userdb {
   args = /etc/dovecot/dovecot-usrdb-ldap.conf
   driver = ldap
}

passdb {
   args = /etc/dovecot/dovecot-passdb-ldap.conf
   driver = ldap
}

plugin {
   quota = maildir:User quota
   quota_rule = *:storage=4G
   quota_rule2 = Trash:storage=+3%%
   quota_warning = storage=75%% quota-warning 75 %u
   quota_warning2 = storage=90%% quota-warning 90 %u
}

service quota-warning {
   executable = script /opt/mail1.sh
   user = root
   unix_listener quota-warning {
   }
}

service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0660
     user = postfix
   }
   unix_listener auth-master {
     group = vmail
     mode = 0660
     user = vmail
   }
   user = root
}

service imap-login {
   service_count = 1
   vsz_limit = 64 M
}

service pop3-login {
   service_count = 1
   vsz_limit = 64 M
}

ssl_ca = </etc/pki/CA/certs/chain.pem
ssl_cert = </etc/pki/CA/certs/cert.pem
ssl_key = </etc/pki/CA/private/key.pem

syslog_facility = local1
---------------------------------------------


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5554 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20111214/7b5b669b/attachment-0004.bin>

On Wed, Dec 14, 2011 at 12:47:05PM +0200, Nikolaos Milas
wrote:
> For example, in the logs I get:
> Dec 12 08:42:40 vmail dovecot: lda(imaptester): Error: quota:
> net_connect_unix(/var/run/dovecot/quota-warning) failed: Permission
> denied (euid=500(vmail) egid=500(vmail) missing +r perm:
> /var/run/dovecot/quota-warning, euid is not dir owner)
service quota-warning {
  executable = script /opt/mail1.sh
  user = vmail
  unix_listener quota-warning {
  }
}

I'd guess setting the user to 'vmail' here solves the problem:

http://wiki2.dovecot.org/Quota/Configuration

Regards
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20111214/d6a0d736/attachment-0004.bin>

Em 14/12/11 10:24, Patrick Westenberg escreveu:
>
> This is what works for me:
>
> service quota-warning {
>   executable = script /usr/local/etc/dovecot/quota-warning.sh
>   unix_listener quota-warning {
>     user = vmail
>   }
>   user = vmail
> }
     My configurations are similar to Patrick ones and works just fine:

service quota-warning {
   executable = script /etc/dovecot/aviso-quota.sh
   user = dovecot
   unix_listener quota-warning {
     user = mail
   }
}

plugin {
   quota_warning = storage=95%% quota-warning 95 %u
   quota_warning2 = storage=85%% quota-warning 85 %u
   quota_warning3 = storage=70%% quota-warning 70 %u
   quota_exceeded_message = Quota excedida (caixa postal cheia) / Quota 
exceeded (mailbox is full)
}




-- 


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br

	Minha armadilha de SPAM, N?O mandem email
	gertrudes at solutti.com.br
	My SPAMTRAP, do not email it