Hi dovecot developers and users, I recently upgraded my server running Arch Linux to dovecot 2.3.0, and I noticed some of my cron jobs started issuing me error messages. These cron jobs run as a non-root user associated with my mail account, and they use doveadm to tidy things up (ex. purging the trash, moving old mail in certain folders into the trash). The error message is:> Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: > Permission deniedI assume this is doveadm trying to participate in the new 2.3 stats process, and after reading the code a bit, I can't see way to tell doveadm to not connect to the stats writer. The socket is owned by root with 600 permissions. What would be the right way to remedy this? AFAICT, I could potentially run doveadm as root (which I would prefer to avoid), or I could change the permissions on the stats writer socket, but I would hate to introduce any sort of security vulnerability by doing so. I currently have a scrappy Perl script that just runs doveadm and filters out the error message (it doesn't seem to affect the behavior of doveadm other than the message), but that feels dirty and I would prefer a cleaner solution. Any advice? Thanks, Rob
On 3 Jan 2018, at 11.38, Rob Hoelz <rob+dovecot at hoelz.ro> wrote:> > Hi dovecot developers and users, > > I recently upgraded my server running Arch Linux to dovecot 2.3.0, and I > noticed some of my cron jobs started issuing me error messages. These > cron jobs run as a non-root user associated with my mail account, and > they use doveadm to tidy things up (ex. purging the trash, moving > old mail in certain folders into the trash). The error message is: > >> Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: >> Permission denied > > I assume this is doveadm trying to participate in the new 2.3 stats > process, and after reading the code a bit, I can't see way to tell > doveadm to not connect to the stats writer. The socket is owned by > root with 600 permissions. > > What would be the right way to remedy this? AFAICT, I could potentially > run doveadm as root (which I would prefer to avoid), or I could change > the permissions on the stats writer socket, but I would hate to > introduce any sort of security vulnerability by doing so. I currently > have a scrappy Perl script that just runs doveadm and filters out the > error message (it doesn't seem to affect the behavior of doveadm other > than the message), but that feels dirty and I would prefer a cleaner > solution. Any advice?I was wondering what to do about this while developing it. I think you can disable this by clearing out the socket path: doveadm -o stats_writer_socket_path But .. I think the changing the socket permissions is the better solution. The new stats process should know about everything that is going on in the system, and these doveadm calls are part of that. So if they're excluded then the stats aren't exactly correct. The stats-writer can't do all that much harm other than messing up the statistics or probably crashing stats process by using up all of its memory.
On Wed, 3 Jan 2018 13:37:07 -0500 Timo Sirainen <tss at iki.fi> wrote:> On 3 Jan 2018, at 11.38, Rob Hoelz <rob+dovecot at hoelz.ro> wrote: > > > > Hi dovecot developers and users, > > > > I recently upgraded my server running Arch Linux to dovecot 2.3.0, > > and I noticed some of my cron jobs started issuing me error > > messages. These cron jobs run as a non-root user associated with > > my mail account, and they use doveadm to tidy things up (ex. > > purging the trash, moving old mail in certain folders into the > > trash). The error message is: > > > >> Error: net_connect_unix(/var/run/dovecot/stats-writer) failed: > >> Permission denied > > > > I assume this is doveadm trying to participate in the new 2.3 stats > > process, and after reading the code a bit, I can't see way to tell > > doveadm to not connect to the stats writer. The socket is owned by > > root with 600 permissions. > > > > What would be the right way to remedy this? AFAICT, I could > > potentially run doveadm as root (which I would prefer to avoid), or > > I could change the permissions on the stats writer socket, but I > > would hate to introduce any sort of security vulnerability by doing > > so. I currently have a scrappy Perl script that just runs doveadm > > and filters out the error message (it doesn't seem to affect the > > behavior of doveadm other than the message), but that feels dirty > > and I would prefer a cleaner solution. Any advice? > > I was wondering what to do about this while developing it. I think > you can disable this by clearing out the socket path: > > doveadm -o stats_writer_socket_path> > But .. I think the changing the socket permissions is the better > solution. The new stats process should know about everything that is > going on in the system, and these doveadm calls are part of that. So > if they're excluded then the stats aren't exactly correct. The > stats-writer can't do all that much harm other than messing up the > statistics or probably crashing stats process by using up all of its > memory. >Thanks for the advice, Timo - I went ahead and applied the permission change to my dovecot config. On a side note, thanks for dovecot in general - it's a great piece of software! -Rob