I am installing Dovecot-2.1.13 on Slackware 13.37.0 for the first time to replace ipop3d and I have overcome all of the roadblocks as they have developed except this last one and I finally have to say ?uncle?. The error messages that are showing up in the dovecot.log are as follows. Jan 24 12:27:27 tux2 dovecot: auth: Error: passwd-file /etc/shadow: open(/etc/shadow) failed: Permission denied (euid=202(dovecot) egid=202(dovecot) missing +r perm: /etc/shadow, we're not in group 43(shadow), dir owned by 0:0 mode=0755) Jan 24 12:27:27 tux2 dovecot: auth: passwd-file(user,192.168.10.2,<pw3xHwzUSQDAqAoC>): no passwd file: /etc/shadow Jan 24 12:27:29 tux2 dovecot: pop3-login: Warning: SSL alert: where=0x4008, ret=256: warning close notify [192.168.10.2] Jan 24 12:27:29 tux2 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<user>, method=PLAIN, rip=192.168.10.2, lip=192.168.10.100, TLS: Disconnected, session=<pw3xHwzUSQDAqAoC> Based on what I have read the only user that should access the shadow file is root. With that in mind I looked at all the configuration and .ext files and the only file I could find that would indicate that root should be checking the shadow file is 10-master.conf. In that file it said the default service auth-worker was root but since it was apparently not working I removed the hash mark and made it explicit. It still didn?t work. As a last resort even though it was not good practice I tried adding user dovecot to the group shadow but that did not work either. It still says dovecot is not in the group shadow even though it is. Any suggestions? -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-unable-to-access-the-shadow-file-tp39831.html Sent from the Dovecot mailing list archive at Nabble.com.
* kenwood <temp583 at dsh.twilightparadox.com> 2013.01.24 19:07:> Jan 24 12:27:27 tux2 dovecot: auth: Error: passwd-file /etc/shadow: > open(/etc/shadow) failed: Permission denied (euid=202(dovecot) > egid=202(dovecot) missing +r perm: /etc/shadow, we're not in group > 43(shadow), dir owned by 0:0 mode=0755)Impossible to tell without actual 'dovecot -n' output. All the changes to '*.conf' may or may not apply to the actual configuration. Regards Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: Digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20130124/f65049ea/attachment-0004.bin>
> Impossible to tell without actual 'dovecot -n' output. All the changes to'*.conf' may or may not apply to the actual configuration. My apologies. Here it is # 2.1.13: /etc/dovecot/dovecot.conf # OS: Linux 3.2.26-smp i686 Slackware 14.0 auth_mechanisms = plain login auth_verbose = yes mail_debug = yes namespace inbox { inbox = yes location mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = scheme=CRYPT username_format=%u /etc/shadow driver = passwd-file } ssl_cert = </etc/ssl/certs/dovecot.cer ssl_key = </etc/ssl/private/dovecot.pem ssl_key_password = xxxxxxx syslog_facility = local1 userdb { args = username_format=%u /etc/passwd driver = passwd-file } -- View this message in context: http://dovecot.2317879.n4.nabble.com/Dovecot-unable-to-access-the-shadow-file-tp39831p39833.html Sent from the Dovecot mailing list archive at Nabble.com.
El 24/01/13 19:07, kenwood escribi?:> I am installing Dovecot-2.1.13 on Slackware 13.37.0 for the first time to > replace ipop3d and I have overcome all of the roadblocks as they have > developed except this last one and I finally have to say ?uncle?. > > The error messages that are showing up in the dovecot.log are as follows. > > Jan 24 12:27:27 tux2 dovecot: auth: Error: passwd-file /etc/shadow: > open(/etc/shadow) failed: Permission denied (euid=202(dovecot) > egid=202(dovecot) missing +r perm: /etc/shadow, we're not in group > 43(shadow), dir owned by 0:0 mode=0755) > > Jan 24 12:27:27 tux2 dovecot: auth: > passwd-file(user,192.168.10.2,<pw3xHwzUSQDAqAoC>): no passwd file: > /etc/shadow > > Jan 24 12:27:29 tux2 dovecot: pop3-login: Warning: SSL alert: where=0x4008, > ret=256: warning close notify [192.168.10.2] > > Jan 24 12:27:29 tux2 dovecot: pop3-login: Disconnected (auth failed, 1 > attempts in 2 secs): user=<user>, method=PLAIN, rip=192.168.10.2, > lip=192.168.10.100, TLS: Disconnected, session=<pw3xHwzUSQDAqAoC> > > Based on what I have read the only user that should access the shadow file > is root. With that in mind I looked at all the configuration and .ext files > and the only file I could find that would indicate that root should be > checking the shadow file is 10-master.conf. In that file it said the > default service auth-worker was root but since it was apparently not working > I removed the hash mark and made it explicit. It still didn?t work. > > As a last resort even though it was not good practice I tried adding user > dovecot to the group shadow but that did not work either. It still says > dovecot is not in the group shadow even though it is. Any suggestions?If your system is using pam, use it instead of accesing /etc/shadow directly http://wiki2.dovecot.org/PasswordDatabase/PAM