I'm using Dovecot 2.3.21 (47349e2482) on Ubuntu and have convigured virtual
mail users.
Everything is working finem but a few doevadm commands fail
sudo doveadm mailbox list
returns
doveadm(root): Error: chdir(/root/) failed: Permission denied (euid=1001(vmail)
egid=1001(vmail) missing +x perm
Robert Nowotny via dovecot skrev den 2025-01-22 20:16:
Hey Marco,
this is what to do:
dovecot starts as root, and drops priveleges later, so group it non
rooted is a security problem on its own :)
certbot creates letencrypt pem files owned by root and grouped root,
only the private key cant
Hey Marco,
this is what to do:
1. Group Membership for SSL Certificates
- Add Users to `ssl-cert` Group:
On Ubuntu, the default group for SSL certificates is `ssl-cert`,
not `ssl_cert`. Confirm with:
```bash
ls -l /etc/letsencrypt/live/example.com/privkey.pem
```
If
On Wed, 22 Jan 2025, Marco Fioretti via dovecot wrote:
sorry, I must be missing something. Why would postfix be talking directly
to dovecot? Or play middleman between some external entity and dovecot? Or
did you mean something else?
Postfix (which is likely to be your SMTP server) uses (very o
On 22/01/2025 17:04, Marco Fioretti via dovecot wrote:
Il giorno mer 22 gen 2025 alle ore 17:51 Marc ha
scritto:
guess this is because the same certificates were used by the website,
which
I also have to rebuild next week. So I will have to add dovecot and the
httpd user to that group, I th
Il giorno mer 22 gen 2025 alle ore 17:51 Marc ha
scritto:
> > guess this is because the same certificates were used by the website,
> > which
> > I also have to rebuild next week. So I will have to add dovecot and the
> > httpd user to that group, I think. No?
> >
>
> No the other way around. Add
sorry, I must be missing something. Why would postfix be talking directly
to dovecot? Or play middleman between some external entity and dovecot? Or
did you mean something else?
Thanks
Il giorno mer 22 gen 2025 alle ore 07:35 Aki Tuomi <
aki.tu...@open-xchange.com> ha scritto:
>
> > On 22/01/202
> guess this is because the same certificates were used by the website,
> which
> I also have to rebuild next week. So I will have to add dovecot and the
> httpd user to that group, I think. No?
>
No the other way around. Add dovecot to the acme group, the certs are the least
important.
Hi Robert, and all.
As I mentioned in a previous replay, everything started to work when I
added "protocols = imap" to dovecot.conf.
However, following your advice, I have removed the service imap-login
section from dovecot.conf, and checked again the permission of the key file
and its parent dir
