Hi Dear Sirs:
I am having a little problem with permissions of a file, and can´t find a solution,
I have a mail Server with Postfix, Courier and Roundcube as Webmail.
When I give the user´s directory root permissions (chown root:root /maildir/domain.com/user), login is ok in Roundcube but can´t send mails, and logs show: "/maildir/domain.com/user/tmp/mail_id.server_name: Permission denied)"
If I give user´s directory another user permissions, for example user mail (chown mail:mail /maildir/domain.com/user, I can send mails but can´t login into Roundcube Webmail.
I've run this command: lsof /maildir/domain.com/user but couldn´t find the user with permission over this files.
I´ve been looking for a solution for some days but can´t find it.
Any help will be welcome.
Thanks for your kind attention Sirs.

Best regards.

I think roundcube does not need root privileges. Because roundcube is a webinterface. Can you please post the permissions (read/write/execute) of the mentioned user directory?

Because Roundcube will run as a low privileged user (daemon/nobody/etcetc) it should have write privileges to that user directory. As it is root, it will not work or you have a very insecure setup.

Thank you very much for you answer sswuste.
This are the permissions of the /maildir/doamin.com/
drwx------ 8 root root 4096 user
If I change permissions from root to another user, an ERROR CONNECTION WITH IMAP SERVER appears when I try to login to Roundcube Webmail.
Again, thanks for answering and any idea of how to solve this will be welcome.

I think you need to give the webserver (roundcube) permission to write taht directory (world writable). But you have to check the documentation for that.

There other error is an error relating to the connection between you roundcube software and you mailserver. Check your mailserver adres and username+password combination.

As sswuste says Roundcube logs/ and temp/ directories need to be writable for the web server user and group (octal 0775).


Please do not ever again suggest something like that. Changing permissions has repercussions but blithely suggesting them to be world writable creates a whole different class of security problems.

Dear Sirs:
Thank you for your answers.

Here are the permissions 0775 that have been given to the roundcube´s directory in the Web Server:

/webserver_directory/roundcube/

drwxrwxr-x 2 www-data www-data 4096 03:53 logs
drwxrwxr-x 2 www-data www-data 4096 14:21 temp

But still only let me login into Roundcube if I give root permissions to /maildir/domain.com/user directory:

ls -la /maildir/domain.com/

drwx------ 8 root root 4096 16:13 user



ls -la /maildir/domain.com/user/
total 48
drwx------ 8 root root 4096 16:13 .
drwxrwxrwx 13 mail mail 4096 00:01 ..
drwx------ 2 mail mail 4096 13:58 courierimapkeywords
-rw-r--r-- 1 root root 23 10:10 courierimapsubscribed
-rw-r--r-- 1 root root 1531 10:28 courierimapuiddb
-rw-r--r-- 1 root root 214 13:50 courierpop3dsizelist
drwx------ 2 mail mail 4096 10:30 cur
-rw-r--r-- 1 root root 36 11:29 maildirsize
drwx------ 2 mail mail 4096 10:28 new
drwx------ 6 mail mail 4096 10:10 .Sent
drwx------ 2 mail mail 4096 11:32 tmp
drwx------ 6 mail mail 4096 10:07 .Trash


and only let me send mails if I give mail user permissions to the /maildir/domain.com/user directory:

ls -la /maildir/domain.com/

drwx------ 8 mail mail 4096 16:13 user



ls -la /maildir/domain.com/user/
total 48
drwx------ 8 mail mail 4096 16:13 .
drwxrwxrwx 13 mail mail 4096 00:01 ..
drwx------ 2 mail mail 4096 13:58 courierimapkeywords
-rw-r--r-- 1 root root 23 10:10 courierimapsubscribed
-rw-r--r-- 1 root root 1531 10:28 courierimapuiddb
-rw-r--r-- 1 root root 214 13:50 courierpop3dsizelist
drwx------ 2 mail mail 4096 10:30 cur
-rw-r--r-- 1 root root 36 11:29 maildirsize
drwx------ 2 mail mail 4096 11:48 new
drwx------ 6 mail mail 4096 10:10 .Sent
drwx------ 2 mail mail 4096 11:48 tmp
drwx------ 6 mail mail 4096 10:07 .Trash

Help will be appreciated, as I´ve to give a solution to this problem as soon as possible...
Thanks again for your kind attention Sirs.

Can you please post the exact error message you get on your screen?

Thanks for your answer Sir.
This is the message I receive when I try to login when I give mail user permissions to the /maildir/domain.com/user directory.
I can´t login but I can send mails.
Thank you very much for your help.

Attached Thumbnails

 

And this is what Roundcube´s logs said when I try to login giving mail user permissions on the /maildir/doamin.com/user directory:

[13:08:41 -0300]: IMAP Error: Login failed for user@domain.com from server_ip LOGIN: Fatal error: Account's mailbox directory
is not owned by the correct uid or gid: in /webserver_directory/roundcube/program/include/rcube_imap.php on line 192

Thank you again for your attention.

I have not actually used Roundcube client but the error seems to be familiar

If I suppose it is same as Squirrelmail then you can try installing dovecot
edit the config file

Dear Sirs I´ve finally solved this problem.
If it is useful for someone, here is what I do.
I leave permissions over the /maildir/doamin.com/user directory to the user mail, so as to be able to send mails.
But as I said, I can´t login into Roundcube Webmail, so I run:

telnet localhost imap
a login user@domain.com password
[ALERT] Fatal error: Account's mailbox directory is not owned by the correct uid or gid (This is what I receive when I try to login).

So I find in a post that Courier checks for the SANITY of the setup, so turning this option to "0" solved the problem.
I added this line in /etc/courier/imapd => IMAP_MAILBOX_SANITY_CHECK=0

So if I telnet localhost now I can login ok:

telnet localhost imap
a login user@domain.com password
a OK LOGIN Ok.

Now when trying to login into Roundcube Webmail, everything works ok, and can send mails ok too.
Thanks to everyone for your help.

Best regards.