[Dovecot] dovecot2 auth-worker socket perms ignoring assigned ownership settings in conf.d/10-master.conf?

Tue, 11 Oct 2011 19:44:29 -0700 

I have Dovecot2 auth setup to run as

        user  = doveauth
        group = dovecot

configured in,

        vi conf.d/10-master.conf
                ...
                service auth {
                        unix_listener /var/spool/postfix/private/auth {
                                user  = postfix
                                group = postfix
                                mode  = 0660
                        }
                        user  = doveauth
                        group = dovecot
                }
                service auth-worker {
                        user  = doveauth
                        group = dovecot
                }
                ...

When I start Dovecot,

        ls -al /var/run/dovecot/auth-*
                /bin/ls: No match.

        service dovecot-custom start
                Starting Dovecot ...           done

Dovect's auth-process sockets are created with different ownership than
what I specified,

        ls -al /var/run/dovecot/auth-*
                srw------- 1 root    root 0 Oct 11 19:30
                /var/run/dovecot/auth-client
                srw------- 1 dovecot root 0 Oct 11 19:30
                /var/run/dovecot/auth-login
                srw------- 1 root    root 0 Oct 11 19:30
                /var/run/dovecot/auth-master
                srw------- 1 root    root 0 Oct 11 19:30
                /var/run/dovecot/auth-userdb
                srw------- 1 dovecot root 0 Oct 11 19:30
                /var/run/dovecot/auth-worker

Which causes problems when I test AUTH,

        telnet 127.0.0.1 143
                Trying 127.0.0.1...
                Connected to 127.0.0.1.
                Escape character is '^]'.
                * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR
                LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot
                ready.
        a login "x...@domain.loc" "testpass"
                a NO [UNAVAILABLE] Temporary authentication failure.
                * OK Waiting for authentication process to respond..

In logs,

==> /var/log/dovecot/dovecot-debug.log <==
        Oct 11 19:32:11 auth: Debug: Loading modules from directory:
        /usr/lib64/dovecot/modules/auth
        Oct 11 19:32:11 auth: Debug: Module loaded:
        /usr/lib64/dovecot/modules/auth/libauthdb_ldap.so
        Oct 11 19:32:11 auth: Debug: Module loaded:
        /usr/lib64/dovecot/modules/auth/libdriver_mysql.so
        Oct 11 19:32:11 auth: Debug: Module loaded:
        /usr/lib64/dovecot/modules/auth/libdriver_pgsql.so
        Oct 11 19:32:11 auth: Debug: Module loaded:
        /usr/lib64/dovecot/modules/auth/libdriver_sqlite.so
        Oct 11 19:32:11 auth: Debug: Module loaded:
        /usr/lib64/dovecot/modules/auth/libmech_gssapi.so
        Oct 11 19:32:11 auth: Debug: auth client connected (pid=2397)
        Oct 11 19:32:17 auth: Debug: client in: AUTH    1       PLAIN  
        service=imap    secured lip=127.0.0.1   rip=127.0.0.1lport=143  
           rport=47016     resp=<hidden>

==> /var/log/dovecot/dovecot.log <==
        Oct 11 19:32:17 auth: Fatal: net_connect_unix(auth-worker) in
        directory /var/run/dovecot failed: Permission denied
        (euid=1101(doveauth) egid=305(dovecot) missing +r perm:
        /var/run/dovecot/auth-worker, dir owned by 305:305 mode=0755)

What needs to change to get those sockets created with correct/assigned
ownership & perms?

Reply via email to