Chris Richards wrote:
> I've got a dovecot server running version 2.0.19 on Gentoo Hardened. I
> have Postfix as my MTA, and it is calling the Dovecot LDA to deliver the
> mail. Everything is working great, mail is being delivered, and the users
> are happy.
>
> However, I am noticing that I have random entries like this:
>
> Mar 1 20:19:23 hermes dovecot: lda: Error: userdb lookup:
> connect(/var/run/dovecot/auth-userdb) failed: Permission denied
> (euid=97(dovecot) egid=97(dovecot) missing +r perm:
> /var/run/dovecot/auth-userdb, dir owned by 0:0 mode=0755)
> Mar 1 20:19:23 hermes dovecot: lda: Fatal: Internal error occurred. Refer
> to server log for more information.
>
> In Postfix master.cf, I have the following:
> dovecot unix - n n - - pipe
> flags=DRhu user=vmail:users argv=/usr/libexec/dovecot/deliver -f
> ${sender} -d ${user}@${nexthop}
>
> Permissions on the socket are:
> srw------- 1 vmail vmail 0 Feb 24 23:43 auth-userdb
>
> Judging from the log, my problem is that the LDA appears to be trying to
> access the socket as the dovecot user (rather than the vmail user), but my
> question is why? What logging can I use to tell me if postfix is calling
> with the wrong permissions or if the lda is somehow getting confused?
Have a look at
http://wiki2.dovecot.org/LDA
http://wiki2.dovecot.org/LDA/Postfix
Maybe there you will find some helpful hints.
Is /usr/libexec/dovecot/deliver or /usr/libexec/dovecot/dovecot-lda
somehow setuid or setgid and owner/group dovecot? Where does the
effective user euid=97(dovecot) and effective group egid=97(dovecot)
come from, is it somewhere your dovecot config?
Please show full output of
# doveconf -n
# stat /usr/libexec/dovecot/deliver
# stat /usr/libexec/dovecot/dovecot-lda
Regards
Daniel
--
https://plus.google.com/103021802792276734820
