[Dovecot] Authentication woes - Couldn't drop privileges: Mail access not allowed for root
Ralph Seichter
dovecot-ml at seichter.de
Sat Aug 21 12:10:59 EEST 2010
Hi Timo,
thanks again for pointing out the missing userdb configuration entry
yesterday. Now that both Dovecot 2.0.0 servers are running fine, I use
the following command to backup mail data from serverA to serverB in a
shell script running on serverB, looping over user names:
/usr/local/dovecot-2.0/bin/dsync -v -R -u $user backup \
ssh -i /home/$user/.ssh/id_dsa $user at serverA /usr/local/dovecot-2.0/bin/dsync
I made a small mistake during setup and had one of the id_dsa files
owned by root instead of $user. This was deliberate, because the sync
script is run by root and I thought that the SSH key should thus be
owned by root aswell. The resulting error message was:
Permission denied (publickey,keyboard-interactive).
dsync-local(foouser): Error: read() from worker server failed: EOF
dsync-local(foouser): Fatal: dsync backup: Looks like you're trying to run
backup in wrong direction. Source is empty and destination is not.
The first line is generated by SSH, because serverA allows key-based
authentication only and the key file on serverB was unreadable as dsync
seems to drop root privileges in this case (at least that's my guess).
Do you think one should add an example for key-based authentication to
http://wiki2.dovecot.org/Tools/Dsync ?
-Ralph
More information about the dovecot
mailing list