auth-master

Jerry Yeager Mon, 14 Jan 2008 18:57:48 -0800

------------------------------
Message: 7
Date: Tue, 15 Jan 2008 00:21:02 +0100
From: Andreas Ntaflos <[EMAIL PROTECTED]>
Subject: [Dovecot] deliver can't connect to auth server at
        */usr/local*/var/run/dovecot/auth-master
To: dovecot@dovecot.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

Hello list,
while fiddling around with the configuration so Dovecot's LDA "deliver" can be used by multiple users by means of Getmail (you can read about that in [1]) I always end up running into the error message posted in the subject line:
Jan 15 00:00:02 HOSTNAME deliver(USERID): Can't connect to auth server
at /usr/local/var/run/dovecot/auth-master: Permission denied
Notice how it says "/usr/local/var/run/dovecot"! How and why does dovecot
                   ^^^^^^^^^^
think that anything of any importance can be found under /usr/local/ var/... ? Please see dovecot -n at the end of this message, but as far as I can tell I
   master:
     path: /var/run/dovecot/auth-master
     mode: 432
     user: root
     group: dovecot
--
Andreas "daff" Ntaflos
Vienna, Austria



For the quick answer to your immediate problem / question, try:

cd /path/to/dovecot's/deliver           (probably       
/usr/local/libexec/dovecot/  )

chmod u+s deliver

(enable the setuid bit for the deliver app). Your Getmail app may not be truly running as root and thus does not really have permission to do what you want.


you may need to do the same for the group as well

Unix permissions are weird sometimes, like a $100 television tube that protects a 50 cent fuse by blowing first.

It does look like (from your use of /usr/local/*****) you built dovecot to run out of /usr/local.



One last thing, as a security idea, try something like

     master {
       path = /usr/local/var/run/dovecot/auth-master
       mode = 0600
       user = dovecot_user
       group = dovecot_group
     }

and set your postfix line that calls deliver to match:

dovecot unix - n n - - pipe flags=DRhu user=dovecot_user:dovecot_group argv=/usr/local/libexec/dovecot/ deliver -f ${sender} -d ${recipient}



(try to have dovecot run as an unprivileged user as much as you can)

smime.p7s
Description: S/MIME cryptographic signature

Re: [Dovecot] deliver can't connect to auth server at */usr/local*/var/run/dovecot/auth-master

Reply via email to

Re: [Dovecot] deliver can't connect to auth server at /usr/local/var/run/dovecot/auth-master