On Tue, Nov 13, 2018 at 07:38:04PM +0100, Thuban wrote:
> Hi,
> I use dovecot and smtpd on my personal mail server.
> They both share the same password file.
>
> I works very well, but I'm concerned about permissions on this file :
>
> -rw-r--r-- 1 root wheel passwd
>
> It's world readable. I would like to let dovecot and smtpd to read only this
> file, and no one else could.
>
>
> I tried to set a _maildaemons group and put _smtpd and _dovecot users in it,
> then :
>
> -rw-r----- 1 root _maildaemons passwd
>
>
> Sadly, dovecot can't read the passwd file with this configuration,a nd I can't
> figure out why.
>
> Any advice ?
>
>
> # part of dovecot config
> passdb {
> args = scheme=blf-crypt /etc/mail/passwd
> driver = passwd-file
> }
>
> --
> thuban
>
This works for me and avoids an additional group:
-r--r----- 1 _dovecot _smtpd 1477 Sep 27 2017 /etc/mail/passwd
I'm now wondering if user and group should be flipped around, I trust
smtpd more than dovecot.
--
I'm not entirely sure you are real.
