[Dovecot] sievec - manual compile of global sieve scripts?
stephan at rename-it.nl
Tue Aug 2 03:43:06 EEST 2011
On 8/1/2011 10:11 PM, Thomas Harold wrote:
> How do you compile global scripts using the sievec command without
> making the script directory owned (and group writable) by the vmail user?
> # cd /etc/dovecot/sieve/before/
> # (edit some script like spam.sieve that runs for everyone)
> # /usr/local/bin/sievec spam.sieve spam.svbin
> sievec(root): Error: sieve: binary save: failed to create temporary
> file: open(spam.svbin.hostname.26921.) in directory
> /etc/dovecot/sieve/before failed: Permission denied (euid=5000(vmail)
> egid=5000(vmail) missing +w perm: /etc/dovecot/sieve/before, euid is
> not dir owner)
Why are you executing sievec as vmail in the first place? You should be
able to run it as root or any other user you use to manage global sieve
> # ls -la /etc/dovecot/sieve/before/
> drwxrwxr-x 2 root root 4096 Aug 1 15:56 .
> drwxr-xr-x 5 root root 4096 Aug 1 13:23 ..
> -rw-rw-r-- 1 root root 477 Aug 1 15:33 spam.sieve
> Or do I just make the /etc/dovecot/sieve/ tree owned and writable by
> the vmail:vmail user? (Which worked, but seems like a bad idea.)
It is a bad idea. Vmail would only need read access.
More information about the dovecot