[Dovecot] EUID not changing when delivering to a mailbox

Wed, 02 Feb 2011 22:50:27 -0800 

Hello,
I've set up virtual mailboxes and I'm using one uid/gid pair (mail/mail) to deliver almost all messages. Some accounts I'd like to have accessible by local Linux accounts as well, so postfix is delivering them using separate uids (gid stays the same). But I run into a problem when dovecot auth correctly fetches uid/gid from MySQL database, but still uses general mail uid to access the mailbox instead of user uid. 

This is what I have in dovecot log:


dovecot: auth(default): client in: AUTH  1       PLAIN   service=imap   
  secured lip=myipaddr        rip=myipaddr        lport=143        
rport=55513

dovecot: auth(default): client out: CONT 1
dovecot: auth(default): client in: CONT<hidden>

dovecot: auth-worker(default): sql(j...@mydomain.com,myipaddr): query:  
SELECT CONCAT('/var/mail/', maildir) AS userdb_home, username as user,  
password, CONCAT('*:bytes=', quota) AS userdb_quota_rule, uid, gid  
FROM mailbox WHERE username = 'j...@mydomain.com' AND active = 1
dovecot: auth(default): client out: OK   1       user=j...@mydomain.com  
  uid=1000        gid=12

dovecot: auth(default): master in: REQUEST       11      17252   1
dovecot: auth(default): prefetch(j...@mydomain.com,myipaddr): success

dovecot: auth(default): master out: USER 11      j...@mydomain.com       
  home=/var/mail/mydomain.com/joe/        quota_rule=*:bytes=-1
dovecot: imap-login: Login: user=<j...@mydomain.com>, method=PLAIN,  
rip=myipaddr, lip=myipaddr, TLS
dovecot: IMAP(j...@mydomain.com):  
opendir(/var/mail/mydomain.com/joe/Maildir) failed: Permission denied  
(euid=8(mail) egid=12(mail) missing +r perm:  
/var/mail/mydomain.com/joe/Maildir)
dovecot: IMAP(j...@mydomain.com):  
stat(/var/mail/mydomain.com/joe/indexes/.INBOX) failed: Permission  
denied (euid=8(mail) egid=12(mail) missing +x perm:  
/var/mail/mydomain.com/joe/indexes)
dovecot: IMAP(j...@mydomain.com):  
file_dotlock_create(/var/mail/mydomain.com/joe/Maildir/dovecot-uidlist)  
failed: Permission denied (euid=8(mail) egid=12(mail) missing +w perm:  
/var/mail/mydomain.com/joe/Maildir)
dovecot: IMAP(j...@mydomain.com):  
opendir(/var/mail/mydomain.com/joe/Maildir/new) failed: Permission  
denied (euid=8(mail) egid=12(mail) missing +r perm:  
/var/mail/mydomain.com/joe/Maildir/new)
dovecot: IMAP(j...@mydomain.com):  
stat(/var/mail/mydomain.com/joe/indexes/.INBOX) failed: Permission  
denied (euid=8(mail) egid=12(mail) missing +x perm:  
/var/mail/mydomain.com/joe/indexes)
dovecot: IMAP(j...@mydomain.com):  
file_dotlock_create(/var/mail/mydomain.com/joe/Maildir/dovecot-uidlist)  
failed: Permission denied (euid=8(mail) egid=12(mail) missing +w perm:  
/var/mail/mydomain.com/joe/Maildir)
ricola dovecot: IMAP(j...@mydomain.com):  
opendir(/var/mail/mydomain.com/joe/Maildir/new) failed: Permission  
denied (euid=8(mail) egid=12(mail) missing +r perm:  
/var/mail/mydomain.com/joe/Maildir/new)

dovecot: IMAP(j...@mydomain.com): Disconnected: Logged out bytes=171/775

My configuration is:

# 1.2.16: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.36-hardened-r6 x86_64 Gentoo Base System release 2.0.1 ext4
listen: *, [::]
ssl_cert_file: /etc/ssl/dovecot/server.pem
ssl_key_file: /etc/ssl/dovecot/server.key
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/imap-login
first_valid_uid: 8
last_valid_uid: 1999
first_valid_gid: 12
last_valid_gid: 12
mail_privileged_group: mail
mail_uid: 8
mail_gid: 12
mail_location: maildir:/var/mail/%d/%n/Maildir/:INDEX=/var/mail/%d/%n/indexes
lda:
  postmaster_address: postmas...@mydomain.com
  mail_plugins: quota
auth default:
  mechanisms: plain login
  user: nobody
  verbose: yes
  debug: yes
  passdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  userdb:
    driver: prefetch
  userdb:
    driver: sql
    args: /etc/dovecot/dovecot-sql.conf
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
    master:
      path: /var/run/dovecot/auth-master
      mode: 384
      user: mail
      group: mail



I'm not sure if I got the concept correctly, but I was expecting that  
dovecot will use uid from the database. I was not able to find any  
relevant information in the archives. If it was explained already in  
the past, please send me some keywords that would help me find it.


Thank you,
Rastislav Wartiak























					Reply via email to