[Dovecot] LDA and auth-userdb socket permissions

Timo Sirainen tss at iki.fi
Tue Aug 23 19:19:22 EEST 2011

On 23.8.2011, at 19.10, a.smith at ukgrid.net wrote:

>> Now you've gone outside the "Multiple UIDs" section in the wiki. There are the 3 different sections of how to run dovecot-lda a different way:
>> * with a lookup
>> * without a lookup
>> * multiple UIDs
>> None of their documentation is compatible with each others.
> Ok, I must be misunderstanding. I understand that the multiple UIDs limitation relates to the fact that access to the auth-userdb socket is restricted, is that incorrect?

No, that's the least of its troubles. If you can't run dovecot-lda as root, it won't be able to change its UID to the user's UID (and so won't have enough permissions to be able to write mails to user's mailbox). So you need to run dovecot-lda as root in some way, and after that it becomes pretty much irrelevant what auth-userdb's permissions are.

More information about the dovecot mailing list