"LEVAI Daniel" <l...@ecentrum.hu> wrote on 16.10.2010 10:15:45:
>Hi! > > >I'm trying to set up SQL based dict quota. The quota is working, gets >updated but I had to configure really loose file permission to make it >work: > >dovecot.conf: >dict { > quota = pgsql:/etc/dovecot/dovecot_dict-sql.conf >} > >service dict { > unix_listener dict { > mode = 0660 > group = vmail > # sidenote: I noticed that writing the number equivalent > # of 'vmail' here does not work. Why? > } >} > > ># ~ls -la /etc/dovecot/dovecot_dict-sql.conf >-rw-r----- root vmail dovecot_dict-sql.conf > ># ~ls -la /var/dovecot/dict >srw-rw---- root vmail /var/dovecot/dict= > > >Every virtual user lookup returns a 'gid' field, and it is always >'vmail' (actually it is the number equivalent of 'vmail'). >Despite that the imap process should run as the 'uid' and 'gid' values >returned from the userdb, it can not read the dict config file: > >dovecot.log: >dict: Error: Can't open configuration file /etc/dovecot/dovecot_dict-sql.conf: >Permission denied >dict: Error: Failed to initialize dictionary 'quota' >lda(<username>): Error: read(/var/dovecot//dict) failed: Remote disconnected > > >Now I must set o+r to the config file, which I really don't want to, >given that it contains the db username and password. >Strange thing is that the group r/w permission is enough for the dict= >socket, and it doesn't need world-wide permissions at all. > > > >Daniel > Hi, this are my settings: service dict { unix_listener dict { mode = 0600 group = vmail } } The owner of dovecot-dict-sql.conf.ext is root:dovecot with read permissions for the group. Reposted to group... Regards, Miha -- It's time to get rid of your current e-mail client ... ... and start using si.Mail. It's small & free. ( http://www.simail.si/ )