On Wed, May 22, 2013 at 01:33:35PM -0400, Peter Skensved wrote:
> The guidelines for setting up postfix with dovecot SASL recommends setting
> the file permissions on /var/spool/postfix/private/auth to 660.
This socket is created by Dovecot.
> Yet all the other sockets in the .../private directory have 666 permissions.
These are created by Postfix. Access control within Postfix is
via the directory permissions. 0700 for private and 0710 for public.
> Does it matter?
That depends on the owner/group of the Dovecot auth socket. Just
make sure that user "postfix" group "postfix" can read and write
to it. IIRC Postfix daemons don't have secondary groups.
There is not much difference between 660 and 666 if the socket
is either owned by "postfix" or its group is "postfix".
--
Viktor.
