<spamvoll <at> googlemail.com> writes:
Hi..
im still trying to upgrade to 2.0. Im getting: dovecot: lda: Error: userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied (euid=10000(vmail) egid=10000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, euid is not dir owner)
the error is correct caus its owned by root. My Questions is who should own
it ?
Im not sure how that works, what process/user calls the auth-userdb ? The auth-userdb returns the args generated in master.conf, right ?
i think comment out the user and group setting in master.conf will fix it but im not sure if that is the securest way.
the mails come from postfix via dovecot-lda
Hans
master.conf service auth {
auth_socket_path points to this userdb socket by default. It's typically
used by dovecot-lda, doveadm, possibly imap process, etc. Its default
permissions make it readable only by root, but you may need to relax
these
permissions. Users that have access to this socket are able to get a list
of all usernames and get results of everyone's userdb lookups.
unix_listener auth-userdb { mode = 0600 #user = vmail #group = vmail }
auth-ldap.conf.ext passdb { driver = ldap args = /etc/dovecot/dovecot-ldap.conf.ext } userdb { driver = static args = uid=vmail gid=vmail home=/home/MAILBOXES/%u/ mail=/home/MAILBOXES/%u/mail }
Hi all was getting the same errors took me 2 days to understand what it was saying to me but i finally solved it
if you do an ls -l /var/run/dovecot/auth-userdb you will seet that root is the owner and the premissions are srw-------- so vmail has not right to call or even use the process What i did was a chown -R vmail:vmail /var/run/dovecot/auth-userdb I also did a chmod g+r /var/run/dovecot/auth-userdb ls -l /var/run/dovecot/auth-userdb srw----r-- 1 vmail vmail my unix_listener auth-userdb { mode = 600 {
protocol lda { auth_socket_path = /var/run/dovecot/auth-userdb log_path = /home/vmail/dovecot-deliver.log
that worked for me
- havent restarted the dovecot service dont know if it will keep the settings.