On Mon, Oct 29, 2007 at 10:49:34PM +0200, Timo Sirainen wrote: On Sun, 2007-10-28 at 15:37 -0400, Adam McDougall wrote: > Oct 28 11:01:40 gribble dovecot: IMAP(mcdouga9): fchown(/egr/mail/shared/decs/temp.gribble.97159.dc6633e16f47011d) > failed: Operation not permitted > > >From the name, I can't even tell what its for, what dovecot-shared might be causing it, etc. > > I did some hunting because I was curious (I assume you would know right away) and its from > lib/safe-mkstemp.c which dotlock uses. It's used for creating dovecot-acl-list. Hmm. Looks like there are now two places where Dovecot takes permissions from: dovecot-shared file and the directory where it exists. If you set g+s to the dir too this error goes away. I'll have to think a bit more what I'll do about this. Maybe dovecot-shared file just could go away and only the dir permissions would be used. That reminds me, I do think I put dovecot-shared in that directory just to satisfy 1.1. The group owner on /egr/mail/shared/decs/ is the group I am using to restrict entry into the directory (it is mode 770) so all of the users using folders inside are part of the group, so I'm not sure why the fchown would fail?
Also just a note (if I remember correctly) the existance of dovecot-shared causes dovecot+acl to treat the folder flags as private unless the code is modified (I still use that hack locally) so its not just the permissions of an object (presently dovecot-shared) that have an affect. Its seems like this is alot of functionality to load onto just the existance and permissions of a file :) I did set g+s on /egr/mail/shared/decs/ and relogged in with thunderbird but got the error right away: Oct 29 17:02:55 gribble dovecot: IMAP(mcdouga9): fchown(/egr/mail/shared/decs/temp.gribble.65681.2a5ad23c6e8cd308) failed: Operation not permitted
