Hi! Dovecot uses permissions from mail user storage folder and in absence of that, the parent folder.
Your pre-start script looks good. If your NFS is fast enough, it's ok to keep .cache and .log in NFS. Aki > On 25/03/2022 18:57 João Silva <[email protected]> wrote: > > > In that case things can be more peacefull. > I once had the mail in a NFS storage and was told to move to local storage > because of speed issues. > Really don't know if the .cache and .log should be put in a fast local > storage to speed up things. > > On 25/03/2022 16:40, doug wrote: > > > Thank youJoão! I too am concerned if this is a risky configuration. My > > understanding is that the list indexes are not critical and that is why the > > recommendation in an NFS environment is to place just those and the lock > > files in memory. Other index files are on permanent storage: > > > > [doug@mailserverdev doug]$ find ./ -name *index* > > ./mail/mailboxes/INBOX/dbox-Mails/dovecot.index.cache > > ./mail/mailboxes/INBOX/dbox-Mails/dovecot.index.log > > ./mail/storage/dovecot.map.index.log.2 > > ./mail/storage/dovecot.map.index > > ./mail/storage/dovecot.map.index.log > > > > Should I still be concerned? > > > > Doug > > > > > > On 3/25/2022 11:46 AM, João Silva wrote: > > > > > I'm not sure about that configuration. > > > > > > I have seen huge index cache files for users with lots of mail, putting > > > those in memory may be a risk. > > > > > > > > > On 25/03/2022 14:56, doug wrote: > > > > > > > Hi, > > > > > > > > Environment: Dovecot 2.3.18 running on CentOS 7, mdbox, LDAP users > > > > > > > > I'm in the process of moving my mailboxes to NFS and moving with lock > > > > and index files in temp storage following instructions from > > > > https://doc.dovecot.org/configuration_manual/nfs. > > > > > > > > I set mail_location as: > > > > > > > > > mail_location = > > > > > mdbox:/mailstore/%u/mail:VOLATILEDIR=/dev/shm/dovecot/%u:LISTINDEX=/dev/shm/dovecot/%u/dovecot.list.index > > > > > > > > > What I discovered is /dev/shm/dovecot is created by the initial user > > > > who accesses their mail from a client, and with permissions 700. This > > > > prevents subsequent users from creating their own index and lock files. > > > > > > > > > # ls -l /dev/shm/dovecot > > > > > total 0 > > > > > drwx------ 2 mary users 60 Mar 25 10:00 mary > > > > > > > > > > > > > > Sample error message from maillog during mail delivery and from a dsync > > > > script. > > > > > Mar 25 10:37:15 mailsrv1 dovecot: > > > > > imap(doug)<19284><WKcX5gvbRe7AqFhA>: Error: > > > > > mkdir(/dev/shm/dovecot/doug) failed: Permission denied > > > > > (euid=1002(doug) egid=100(users) missing +x perm: /dev/shm/dovecot, > > > > > dir owned by 97:100 mode=0700) > > > > > > > > > > dsync(test): Error: mkdir(/dev/shm/dovecot/test) failed: Permission > > > > > denied (euid=2003(test) egid=100(users) missing +x perm: > > > > > /dev/shm/dovecot, dir owned by 97:100 mode=0700) > > > > > > > > > > > > > > I couldn't locate documentation or discussions on how to set the > > > > ownership or permissions for /dev/shm/dovecot in the Dovecot > > > > configuration files. > > > > > > > > As a hack, I added this to /usr/libexec/dovecot/prestartscript. > > > > > > > > > ! [[ -d /dev/shm/dovecot ]] && mkdir /dev/shm/dovecot > > > > > chown dovecot:users /dev/shm/dovecot > > > > > chmod 770 /dev/shm/dovecot > > > > This solved the problem, but left me wondering if I missed something > > > > obvious or if I am setting myself up for a problem later on, like with > > > > a Dovecot version upgrade.I could run these commands at bootup out of > > > > rc.local or a systemd script rather than customizing a Dovecot provided > > > > script. > > > > > > > > Is there a appropriate way of doing this that I missed? > > > > > > > > TIA, > > > > Doug > > > > > > > >
