Hi,
I have a Debian/Buster system with Postfix and Dovecot from the Debian
repo, and with virtual users only (ie, no system users). These virtual
users are having all of their uids, gids, homes and mail quota in an
PostgreSQL database. The intent is to have postfix deliver the email via
dovecot's LDA, so I can set quota on a per-user basis.
But for some odd reason, Dovecot's LDA can't find the user data from the
userdb, and then complains about not being able to write to /var/mail.
The following example shows how things fail when delivering a message
from Postfix's queue (therefore, the passdb failure is expected):
In /etc/dovecot.conf, I have this, amongst other things:
mail_location = maildir:~/Maildir:INBOX=~/Maildir
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = prefetch
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
protocol lda {
mail_plugins = autocreate quota mail_log trash virtual notify
}
16:04:16 postfix/qmgr[4970]: 8CD6CE072E: from=<[email protected]>, size=880,
nrcpt=1 (queue active)
16:04:16 dovecot: auth: Debug: master in:
USER#0111#[email protected]#011service=lda
16:04:16 dovecot: auth: Debug: prefetch([email protected]): passdb didn't return
userdb entries, trying the next userdb
16:04:16 dovecot: auth: Debug: sql([email protected]): SELECT
'/path-to-mailboxen/' || virtual_users.home AS home, uid , gid , quota as
quota_rule FROM virtual_users WHERE email = '[email protected]' AND status = 'A'
16:04:16 dovecot: auth: Debug: userdb out:
USER#0111#[email protected]#011home=/path-to-mailboxen/example.com/user#011uid=12345#011gid=12345#011quota_rule=*:storage=0
^^^^^^^^^^^^^^^^^^^^^^
This shows that the database lookup works. The intended effect should be
that the message is delivered to
/path-to-mailboxen/example.com/user/Maidir/new
16:04:16 dovecot: lda([email protected])<5291><DDxBHYCw6F+rFAAApiCoHg>: Error:
setegid(privileged) failed: Operation not permitted
16:04:16 dovecot: lda([email protected])<5291><DDxBHYCw6F+rFAAApiCoHg>: Error:
Mailbox INBOX: open(/var/mail/[email protected]) failed: Permission denied
(euid=12345(mailbox) egid=12345(mailbox) missing +w perm: /var/mail, we're not
in group 8(mail), dir owned by 0:8 mode=0775)
^^^^^^^^^^^^^^^^^^^^^^
And this shows that dovecot-lda just ignores the result.
16:04:16 dovecot: lda([email protected])<5291><DDxBHYCw6F+rFAAApiCoHg>: Error:
Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX:
open(/var/mail/[email protected]) failed: Permission denied (euid=12345(mailbox)
egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir
owned by 0:8 mode=0775)
16:04:16 dovecot: lda([email protected])<5291><DDxBHYCw6F+rFAAApiCoHg>:
msgid=<[email protected]>: save failed to open mailbox
INBOX: Mailbox INBOX: Failed to autocreate mailbox: Mailbox INBOX:
open(/var/mail/[email protected]) failed: Permission denied (euid=12345(mailbox)
egid=12345(mailbox) missing +w perm: /var/mail, we're not in group 8(mail), dir
owned by 0:8 mode=0775)
16:04:16 postfix/pipe[5284]: 8CD6CE072E: to=<[email protected]>,
orig_to=<[email protected]>, relay=dovecot, delay=62083,
delays=62083/0.04/0/0.04, dsn=4.3.0, status=deferred (temporary failure)
In /etc/postfix/master.cf, I have this to call it:
dovecot unix - n n - - pipe
flags=DRhu user=_mailbox argv=/usr/lib/dovecot/deliver -f ${sender} -d
${user}@${domain} -a ${recipient}
I've tried strace-ing dovecot-lda, but it didn't really help me to
understand why it discards the result of the userdb lookup.
Can anyone please provide a cluebat, please?
Thanks,
Toni
