File-Permissions

Dovecot 2 /auth-userdb 權限

  • January 10, 2012

日誌文件中的錯誤:

userdb lookup: connect(/var/run/dovecot/auth-userdb) failed: Permission denied 
(euid=5000(vmail) egid=5000(vmail) missing +r perm: /var/run/dovecot/auth-userdb, 
euid is not dir owner)

10-master.conf 部分:

service auth {
 # auth_socket_path points to this userdb socket by default. It's typically
 # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
 # permissions make it readable only by root, but you may need to relax these
 # permissions. Users that have access to this socket are able to get a list
 # of all usernames and get results of everyone's userdb lookups.
 unix_listener auth-userdb {
   #mode = 0600
   #user = root
   #group = root
 }

 # Postfix smtp-auth
 unix_listener /var/spool/postfix/private/auth {
   mode = 0666
 }

 # Auth process is run as this user.
 #user = $default_internal_user
}

service auth-worker {
 # Auth worker process is run as root by default, so that it can access
 # /etc/shadow. If this isn't necessary, the user should be changed to
 # $default_internal_user.
 #user = root
}

/var/run/dovecot 目錄的權限:

drwxr-xr-x.  4 root  dovecot 4096 Jan 10 14:00 dovecot

並列出 /var/run/dovecot 目錄:

drwxr-xr-x.  4 root    dovecot  4096 Jan 10 14:00 .
drwxr-xr-x. 14 root    root     4096 Jan 10 13:36 ..
srw-------   1 root    root        0 Jan 10 14:00 anvil
srw-------   1 root    root        0 Jan 10 14:00 anvil-auth-penalty
srw-------   1 root    root        0 Jan 10 14:00 auth-client
srw-------   1 dovecot root        0 Jan 10 14:00 auth-login
srw-------   1 root    root        0 Jan 10 14:00 auth-master
srw-------   1 root    root        0 Jan 10 14:00 auth-userdb
srw-------   1 dovecot root        0 Jan 10 14:00 auth-worker
srw-------   1 root    root        0 Jan 10 14:00 config
srw-------   1 root    root        0 Jan 10 14:00 dict
srw-------   1 root    root        0 Jan 10 14:00 director-admin
srw-------   1 root    root        0 Jan 10 14:00 director-userdb
srw-rw-rw-   1 root    root        0 Jan 10 14:00 dns-client
srw-------   1 root    root        0 Jan 10 14:00 doveadm-server
lrwxrwxrwx   1 root    root       25 Jan 10 14:00 dovecot.conf -> /etc/dovecot/dovecot.conf
drwxr-xr-x.  2 root    root     4096 Sep 23 15:47 empty
srw-rw-rw-   1 root    root        0 Jan  9 14:10 lmtp
drwxr-x---.  2 root    dovenull 4096 Jan 10 14:00 login
-rw-------   1 root    root        5 Jan 10 14:00 master.pid

我究竟做錯了什麼?

您正在以使用者vmail:vmail(uid 和 gid 5000)的身份執行 dovecot,而/var/run/dovecot/auth-userdbroot:root權限為0600. 您應該將模式更改為0604或將所有者更改為vmailinunix_listener auth-userdb指令(第二個列表)。

引用自:https://serverfault.com/questions/348589