[Dovecot] question regarding rw-access on mailbox on creation/login (dovecot 1.2.17)
Hi,
currently I have one new user with a problem. When she logs in to dovecot with pop3 from her apple mail, dovecot tells problems with the +w permission.
Error: open(/var/mail/******) failed: Permission denied (euid=3462(******) egid=548(dozenten) missing +w perm: /var/mail)
/var/mail is rw by root.mail
I cant see why just this particular user has that problem/gets that messages.
AFAIK no one changed any default permissions on directories or set different users.
What could be "wrong"? Any suggestions is welcome.
Regards . Götz-- Götz Reinicke IT-Koordinator
Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke@filmakademie.de
Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de
Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg
Geschäftsführer: Prof. Thomas Schadt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 6 Mar 2013, Götz Reinicke - IT Koordinator wrote:
Does /var/mail/****** already exist? Do you have a mbox there and Dovecot needs to create a lock file there? If so, try flock.
v2.2 has:
Which locking methods to use for locking mbox. There are four available:
dotlock: Create <mailbox>.lock file. This is the oldest and most
NFS-safe
solution. If you want to use /var/mail/ like directory, the
users
will need write access to that directory.
dotlock_try: Same as dotlock, but if it fails because of permissions or
because there isn't enough disk space, just skip it.
fcntl : Use this if possible. Works with NFS too if lockd is used.
flock : May not exist in all systems. Doesn't work with NFS.
lockf : May not exist in all systems. Doesn't work with NFS.
You can use multiple locking methods; if you do the order they're
declared
in is important to avoid deadlocks if other MTAs/MUAs are using multiple
locking methods as well. Some operating systems don't allow using some
of
them simultaneously.
#mbox_read_locks = fcntl #mbox_write_locks = dotlock fcntl
dotlock will fail in your system.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUTccDF3r2wJMiz2NAQIUFQf/QhJ2H1/ke4JrmAn15FbRkhsQS+LiyC2L WfaWvpvXSq3OjUzVQt5VflvPaeHjCS5OcDQzGufLo1ZeNT0rZMvfR7T9Ks59mFYb WRlSFZAsGkbxomlKZnt90CkFJqD0QZvIYya3Tp0Ca0NxHVaaSia601cINhVDwGY6 /VxPzwgIMPwM7gzTdjz9PqRhsXtifbl9/oo4ac3IJ2qAm2Wg/q6WL3u1+TTcnBpM KOlNLqSzU6eqaxEXUzKKHIEFDWR1Qg4Qo6oGsS0sL4w2KBtoXfzy1KdRHxeWPrrK 9a5eHdsyD/DVIC8Ouz0zJar3FenbWv0+MblK1jtdeSW/VayQwFKVkQ== =FBCf -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 6 Mar 2013, Götz Reinicke - IT Koordinator wrote:
Do the other users have "mail" as secondary group?
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBUTcc8V3r2wJMiz2NAQKwJAgAvtb4/Uot+KyXI1Xcbo9nvcLSPO4aPkXw YxRXQLLYwSeLuvygHOEu+3Y3eMJi7Y2BmUMuK5/8ZZLP6en7vfxCYuwGmcnfnO0A hqZYbddTGablWfgIO3aJDm0BWCs30g5IeRYwdVKajv8b4ldFOEex7msDJ01Ryw6E MtlrQ+ODw1/79xvnyGWExt6YNm4Du8HZtohD2Ol5rwdJ6tfBVxmw07vWlJVoHv/L iBZZiQcEJp2yphwKvxaRTTPjw7z2SexNY5VogTHWGspa6MaSwLZG6HK8Td630GIp V5vpUmaqHUCPOph5xebPJV3/MWkczf15axUvU2Dz0q4JisiNePV45g== =c0P3 -----END PGP SIGNATURE-----
Thanks for all suggestions!
"mail_privileged_group = mail" did the magic.I'v read the V1.0 -> 1.1 -> 1.2, but did not read ALL config options in the new dovecot.conf.
/Götz-- Götz Reinicke IT-Koordinator
Tel. +49 7141 969 82 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke@filmakademie.de
Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de
Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg
Geschäftsführer: Prof. Thomas Schadt
participants (3)
-
Götz Reinicke - IT Koordinator
-
Professa Dementia
-
Steffen Kaiser