On 27/08/15 10:42, Muzaffer Tolga Ozses wrote:> Please check permissions as this sounds like a permissions issue mI am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If dovecot-lda runs as vmail then there's no problem, if it runs as root it shouldn't face problems either. How can I determine which user dovecot-lda runs under? Thanks, -- Paulo Matos
On 27/08/15 12:46, Paulo Matos wrote:> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >> Please check permissions as this sounds like a permissions issue m > > I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If > dovecot-lda runs as vmail then there's no problem, if it runs as root it > shouldn't face problems either. > > How can I determine which user dovecot-lda runs under? >Doh, it says on the line I quoted earlier from master.cf: dovecot unix - n n - - pipe flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -a ${recipient} -d ${user}@${nexthop} -m PreINBOX It runs under vmail:vmail. There should be no problem creating a new mailbox. Is there a way to understand what's really going on with dovecot?> Thanks,
On 27/08/15 13:00, Muzaffer Tolga Ozses wrote:> ps aux | grep ldaStrange... postfix 1315 0.0 0.1 121220 7472 ? S 12:59 0:00 pipe -n dovecot -t unix flags=DRhu user=vmail vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -a ${recipient} -d ${user}@${nexthop} -m PreINBOX I notice that the arg to pipe is 'user=vmail vmail' instead of 'user=vmail:vmail'. This is strange. I certanly have a colon on the master.cf file. According to 'man pipe' the correct syntax is user=<user>:<group> so I can only assume this is where it's going wrong somehow.> On 27/08/2015 2:58 PM, "Paulo Matos" <paulo at matos-sorge.com> wrote: > >> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >> >>> Please check permissions as this sounds like a permissions issue m >>> >> >> I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If >> dovecot-lda runs as vmail then there's no problem, if it runs as root it >> shouldn't face problems either. >> >> How can I determine which user dovecot-lda runs under? >> >> Thanks, >> -- >> Paulo Matos >> >
ps aux | grep lda On 27/08/2015 2:58 PM, "Paulo Matos" <paulo at matos-sorge.com> wrote:> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: > >> Please check permissions as this sounds like a permissions issue m >> > > I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If > dovecot-lda runs as vmail then there's no problem, if it runs as root it > shouldn't face problems either. > > How can I determine which user dovecot-lda runs under? > > Thanks, > -- > Paulo Matos >
Having said that, /home/vmail should be owned by vmail, however dovecot-lda should have write access so 700 is a bad idea. On 27/08/2015 3:00 PM, "Muzaffer Tolga Ozses" <tolga at ozses.net> wrote:> ps aux | grep lda > On 27/08/2015 2:58 PM, "Paulo Matos" <paulo at matos-sorge.com> wrote: > >> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >> >>> Please check permissions as this sounds like a permissions issue m >>> >> >> I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If >> dovecot-lda runs as vmail then there's no problem, if it runs as root it >> shouldn't face problems either. >> >> How can I determine which user dovecot-lda runs under? >> >> Thanks, >> -- >> Paulo Matos >> >
Make it 755 and be done with it. On 27/08/2015 3:05 PM, "Paulo Matos" <paulo at matos-sorge.com> wrote:> On 27/08/15 12:46, Paulo Matos wrote: > >> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >> >>> Please check permissions as this sounds like a permissions issue m >>> >> >> I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If >> dovecot-lda runs as vmail then there's no problem, if it runs as root it >> shouldn't face problems either. >> >> How can I determine which user dovecot-lda runs under? >> >> > Doh, it says on the line I quoted earlier from master.cf: > dovecot unix - n n - - pipe > flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f > ${sender} -a ${recipient} -d ${user}@${nexthop} -m PreINBOX > > It runs under vmail:vmail. There should be no problem creating a new > mailbox. > > Is there a way to understand what's really going on with dovecot? > > Thanks, >> >
Am 27.08.2015 um 13:46 schrieb Paulo Matos:> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >> Please check permissions as this sounds like a permissions issue m > > I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If > dovecot-lda runs as vmail then there's no problem, if it runs as root it > shouldn't face problems either.That statement is not correct nowadays as UNIX permissions aren't all any longer. There are tools like AppArmor and in your case with Fedora there is SELinux preventing even actions by root user. Make sure the SELinux context fits. "/home/vmail" and the subfolder "Maildir" has to be SELinux labeled correctly. ausearch -m avc> How can I determine which user dovecot-lda runs under? > > Thanks,Alexander
On 27/08/15 18:55, Alexander Dalloz wrote:> Am 27.08.2015 um 13:46 schrieb Paulo Matos: >> On 27/08/15 10:42, Muzaffer Tolga Ozses wrote: >>> Please check permissions as this sounds like a permissions issue m >> >> I am confused then. /home/vmail/Maildir is 700 for vmail:vmail. If >> dovecot-lda runs as vmail then there's no problem, if it runs as root it >> shouldn't face problems either. > > That statement is not correct nowadays as UNIX permissions aren't all > any longer. There are tools like AppArmor and in your case with Fedora > there is SELinux preventing even actions by root user. > > Make sure the SELinux context fits. "/home/vmail" and the subfolder > "Maildir" has to be SELinux labeled correctly. > > ausearch -m avcSElinux is not the issue in my case: $ sestatus SELinux status: disabled -- Paulo Matos