LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
 
Search this Thread
Old 10-28-2008, 09:12 PM   #1
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Wheezy/Jessie/Sid, Linux Mint DE
Posts: 4,419

Rep: Reputation: 610Reputation: 610Reputation: 610Reputation: 610Reputation: 610Reputation: 610
Dovecot permission denied error when performing chdir


This is driving me nuts, have been googling for two days. I am trying to set up a Dovecot mail server as IMAP only server. The server is running Debian Sarge (no, I don't want to upgrade) and Dovecot version 0.99.14. On this server users are authenticed using NIS. The server itself is the NIS server There is one clients which I use to try and access Dovecot. On this client I am authenticated thru NIS on that same server.

On the client I am:
Code:
donald_pc:~$ id
uid=1000(jlinkels) gid=100(users) groups=24(cdrom),29(audio),44(video),100(users),200(admins),1001(family),1002(lspec),1004(scanner),1006(camera),1008(webdev)
On the server I am:
Code:
jlinkels@homeserv:~$ id
uid=1000(jlinkels) gid=100(users) groups=100(users),24(cdrom),29(audio),1001(family),200(admins),1002(lspec),1004(scanner),1006(camera),1008(webdev),24(cdrom),200(admins),1008(webdev),1002(lspec),1001(family),1004(scanner),1006(camera),29(audio)
My home dir on the file server is:
Code:
root@homeserv:/home# ll -d /home/jlinkels/
drwxr-xr-x  24 jlinkels jlinkels 4096 Oct 28 06:25 /home/jlinkels/
root@homeserv:/home# ll -dn /home/jlinkels/
drwxr-xr-x  24 1000 1000 4096 Oct 28 06:25 /home/jlinkels/
The mail directory on the server is:
Code:
root@homeserv:/home# ll /var/mail/
total 8
drwxr-s--x  3 gemerenciana mail 4096 Sep  4  2005 gemerenciana
drwxr-s--x  3 jlinkels     mail 4096 Apr 12  2005 jlinkels
root@homeserv:/home# ll -n /var/mail/
total 8
drwxr-s--x  3 1002 8 4096 Sep  4  2005 gemerenciana
drwxr-s--x  3 1000 8 4096 Apr 12  2005 jlinkels
root@homeserv:/home#
And this is the error which I get when I try to access Dovecot from KMail on the client:
Code:
Oct 28 21:01:08 homeserv imap-login: Login: jlinkels [192.168.1.124]
Oct 28 21:01:08 homeserv dovecot: chdir(/home/jlinkels) failed with uid 1000: Permission denied
Oct 28 21:01:08 homeserv dovecot: child 11887 (imap) returned error 89
Now this is not the first time I set up Dovecot and as a matter of fact the same client accesses a different Dovecot server (on the same LAN). I am even sure that on this very server I once had Dovecot running as the mail directories were still there before I installed Dovecot. No idea why I removed Dovecot the first time.

Two questions:
1. Why does Dovecot insist on chdir'ing into the home directory. I never, nowhere, ever said it should do so and I would be quite happy if Dovecot could refrain from trying this.
2. If it does for some obscure reason anyway, why is permission denied? I am uid=1000, and Dovecot says it is using uid=1000

I have tried to make my home dir gid=100 (users). I have changed the permissions to 777. I have tried to set the mail_chroot to /var/mail, but then Dovecot tries to chdir to /var/mail//home/jlinkels (notice the double slashes, why?)

AFAIK I am not running SELinux or so (How would I know?) I can map drives as this user, ftp and read & write files.

Summarizing, I am not even trying to get Dovecot to work in a special case, there is NO WAY I can get it to work.

Below are all the config parameters in dovecot.conf:

Code:
# are for configure --prefix=/usr --sysconfdir=/etc/dovecot
#base_dir = /var/run/dovecot/
protocols = imap
#imap_listen = *
#pop3_listen = *
#imaps_listen =
#pop3s_listen =
#ssl_disable = no
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
#ssl_parameters_file = /var/run/dovecot/ssl-parameters.dat
#ssl_parameters_regenerate = 24
disable_plaintext_auth = no
#log_path =
#info_log_path =
#log_timestamp = "%b %d %H:%M:%S "
#login_dir = /var/run/dovecot/login
#login_chroot = yes
login = imap
login_executable = /usr/lib/dovecot/imap-login
#login_user = dovecot
#login_process_size = 32
#login_process_per_connection = yes
#login_processes_count = 3
#login_max_processes_count = 128
#login_max_logging_users = 256
# login = pop3
#login_executable = /usr/lib/dovecot/pop3-login
#max_mail_processes = 1024
#verbose_proctitle = no
#verbose_ssl = no
#first_valid_uid = 500
#last_valid_uid = 0
#first_valid_gid = 1
#last_valid_gid = 0
mail_extra_groups = mail
#valid_chroot_dirs = /var/mail
#mail_chroot = /var/mail/./user
default_mail_env = maildir:/var/mail/%u/Maildir
#mail_cache_fields = MessagePart
#mail_never_cache_fields =
#client_workarounds =
#mailbox_check_interval = 0
#mailbox_idle_check_interval = 30
#mail_full_filesystem_access = no
#mail_max_flag_length = 50
#mail_save_crlf = no
#mail_read_mmaped = no
#maildir_stat_dirs = no
#maildir_copy_with_hardlinks = no
#maildir_check_content_changes = no
#mbox_locks = dotlock fcntl
#mbox_read_dotlock = no
#mbox_lock_timeout = 300
#mbox_dotlock_change_timeout = 30
#umask = 0077
#mail_drop_priv_before_exec = no
#imap_executable = /usr/lib/dovecot/imap
#imap_process_size = 256
#imap_use_modules = no
#imap_modules = /usr/lib/dovecot/imap
#pop3_executable = /usr/lib/dovecot/pop3
#pop3_process_size = 256
#pop3_use_modules = no
#pop3_modules = /usr/lib/dovecot/pop3
auth = default
auth_mechanisms = plain
#auth_realms =
#auth_default_realm =
auth_userdb = passwd
auth_passdb = pam
#auth_executable = /usr/lib/dovecot/dovecot-auth
#auth_process_size = 256
auth_user = root
#auth_chroot =
#auth_count = 1
#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
#auth_anonymous_username = anonymous
auth_verbose = yes
#auth_debug = no
#auth = digest_md5
#auth_mechanisms = digest-md5
#auth_realms =
#auth_userdb = passwd-file /etc/passwd.imap
#auth_passdb = passwd-file /etc/passwd.imap
#auth_user = imapauth
#auth_chroot =
and to make it easier to look for the active or non-default settings:
Code:
protocols = imap
disable_plaintext_auth = no
login = imap
login_executable = /usr/lib/dovecot/imap-login
mail_extra_groups = mail
default_mail_env = maildir:/var/mail/%u/Maildir
auth = default
auth_mechanisms = plain
auth_userdb = passwd
auth_passdb = pam
auth_user = root
auth_verbose = yes
jlinkels
 
Old 11-01-2008, 05:29 PM   #2
jlinkels
Senior Member
 
Registered: Oct 2003
Location: Bonaire
Distribution: Debian Wheezy/Jessie/Sid, Linux Mint DE
Posts: 4,419

Original Poster
Rep: Reputation: 610Reputation: 610Reputation: 610Reputation: 610Reputation: 610Reputation: 610
Found it...

This was the problem:
Code:
drwxrws--- 35 root family   4096 Oct 31 21:49 home
which should have been:
Code:
drwxrwsr-x 35 root family   4096 Oct 31 21:49 home
This intention was that no users not belonging to the family group could enter the home directory, not even for browsing. (I had a good reason to do this, this server also serves as NIS server for people on the network which are alien). Now for example, my home directory is:
Code:
drwxrwx--- 24 jlinkels     family         4096 Oct 28 06:25 jlinkels
which means that members of the family and myself can enter my home dir. More restrictions on family members further downward. When I am jlinkels, belonging to the family group, I could enter my home dir and do things.

I still cannot understand why dovecot, using UID=1000 (which is me) could not enter MY home directory. Once I fixed this, dovecot didn't produce any errors. But as what UID/GID it had been trying to enter /home?

jlinkels
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NFS problem: "Could not chdir to home directory /home/USER: Permission denied" sumanc Linux - Server 4 07-22-2010 04:12 PM
permission denied error mjalalynia Linux - Desktop 2 07-26-2008 01:28 AM
Permission Denied Error ckurowic Linux - Server 7 05-18-2007 03:33 AM
permission denied error endezeichen Linux - General 5 12-20-2003 06:59 PM
Wine: permission denied to chdir Micro420 Linux - Software 1 11-16-2003 12:06 AM


All times are GMT -5. The time now is 05:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration