Re: Unable to authenticate on Dovecot - auth-userdb issue?

Fri, 03 Jan 2020 04:26:36 -0800 

Am 03.01.2020 um 03:27 schrieb Mark ADAMS:

Jan 02 18:47:37 shuttle dovecot[6744]: lda(root@shuttle)<6744><>: Error: 
auth-master: userdb lookup(root@shuttle): connect(/run/dovecot/auth-userdb) failed: 
Permission denied (euid=8(mail) egid=12(mail) missing +r perm: /run/dovecot/auth-userdb, 
dir owned by 0:0 mode=0755)



Run "namei -lv /run/dovecot/auth-userdb" to check the permissions of the  
complete path. The auth-userdb socket actually is owned mail:mail  
according to your error logging. Is dovecot member of the mail group?


Actually it does not match the config details you have pasted:

  unix_listener auth-userdb {
    group = dovecot
    mode = 0600
    user = vmail
  }


On my side it looks like this and I have not custom configured that  
part. The defaults are:


  unix_listener auth-userdb {
    group =
    mode = 0666
    user = $default_internal_user
  }

So on my system the permissions look like this:

# namei -lv /var/run/dovecot/auth-userdb
f: /var/run/dovecot/auth-userdb
dr-xr-xr-x root    root    /
drwxr-xr-x root    root    var
drwxr-xr-x root    root    run
drwxr-xr-x root    dovecot dovecot
srw-rw-rw- dovecot root    auth-userdb


Jan 02 18:47:37 shuttle dovecot[6744]: lda: Fatal: Internal error occurred. 
Refer to server log for more information.
Jan 02 18:47:37 shuttle postfix/pipe[6743]: 6345D4A4A97: to=<root@shuttle>, 
relay=dovecot, delay=1.1, delays=1.1/0.01/0/0.06, dsn=4.3.0, status=deferred 
(temporary failure. Command output: lda(root@shuttle): Error: 
net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied )
^C



Note: this error references "/run/dovecot/auth-userdb". That isn't even supposed to be 
the location of that file. I have no idea why that location shows up.  The correct location should 
be "/etc/dovecot/auth-userdb". The file does exist at that location.


Mark,


I have no idea why you expect the dovecot sockets to be located inside  
/etc/dovecot/. /etc is the FHS location for configurations. /run or  
/var/run (typically a symlink on modern linux distributions) is the  
right location for runtime files like service sockets.



You say /etc/dovecot/auth-userdb exists. Am I correct to guess that you  
have created that manually with whatever content?


Alexander























					Reply via email to