17.02.26, 16:26 +0100, Aki Tuomi via dovecot: > This looks more like syntax error than permission error.
Then please tell me: what exactly is wrong syntax-wise? And why is no syntax error reported but "Permission denied"? Regards mks > > Aki > > On 17/02/2026 17:19 EET Markus Schoenhaber via dovecot > <[1][email protected]> wrote: > > > Hi, > > I'm trying to make Postfix hand incoming mail to Dovecot by using > Dovecot's deliver. But this fails with a permission error: > > > Feb 17 15:50:12 debian13-cont postfix/pipe[13133]: 171C17206: > to=<[2][email protected]>, relay=dovecot, delay=0.17, > delays=0.1/0/0/0.07, dsn=5.3.0, status=bounced (Command died with > status 89: "/usr/lib/dovecot/deliver". Command output: doveconf: > Fatal: Error in configuration file /etc/dovecot/certs.conf line 3: > key_file: open(/etc/ssl/private/ssl-cert-snakeoil.key) failed: > Permission denied ) > > How can I solve this (short of making the private key file world > readable, of course)? > > Regards > mks > > > I have this in Postfix' master.cf: > > > dovecot unix - n n - - pipe > flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -e -f > ${sender} -a ${recipient} -d ${user}@${domain} > > > # LANG=C id vmail > uid=501(vmail) gid=501(vmail) groups=501(vmail),104(ssl-cert) > > > # LANG=C ls -l /etc/ssl/private/ > total 4 > -rw-r----- 1 root ssl-cert 1704 Feb 4 17:15 ssl-cert-snakeoil.key > > > # doveconf -n > # 2.4.2-2+debian13 (0962ed2104): /etc/dovecot/dovecot.conf > # Pigeonhole version 2.4.2-2+debian13 (767418c3) > # OS: Linux 6.19.0-2-MANJARO x86_64 Debian 13.3 btrfs > # Hostname: debian13-cont > dovecot_config_version = 2.4.2 > dovecot_storage_version = 2.4.2 > log_debug = category=sql > mail_driver = sdbox > mail_gid = vmail > mail_home = /var/spool/vmail/home/%{user | domain}/%{user | username} > mail_path = /var/spool/vmail/mail/%{user | domain}/%{user | username} > mail_plugins { > quota = yes > } > mail_uid = vmail > protocols = imap lmtp sieve > sql_driver = mysql > mysql localhost { > dbname = postfixadmin > password = # hidden, use -P to show it > user = postfixadmin > } > passdb sql { > query = SELECT 'vmail' AS userdb_uid, 'vmail' AS userdb_gid, > CONCAT('/var/spool/vmail/home/', maildir) AS userdb_home, CONCAT(quota, > 'B') AS userdb_quota_storage_size, username AS user, password FROM > mailbox WHERE username = '%{user}' AND active = '1'; > } > userdb prefetch { > } > userdb sql { > iterate_query = SELECT username AS user FROM mailbox WHERE active = '1'; > query = SELECT 'vmail' AS uid, 'vmail' AS gid, > CONCAT('/var/spool/vmail/home/', maildir) AS home, CONCAT(quota, 'B') AS > quota_storage_size, username AS user, password FROM mailbox WHERE > username = '%{user}' AND active = '1'; > } > namespace inbox { > inbox = yes > separator = / > mailbox Drafts { > special_use = "\\Drafts" > } > mailbox Entwuerfe { > special_use = "\\Drafts" > } > mailbox Junk { > special_use = "\\Junk" > } > mailbox Trash { > special_use = "\\Trash" > } > mailbox "Geloeschte Objekte" { > special_use = "\\Trash" > } > mailbox Sent { > special_use = "\\Sent" > } > mailbox "Gesendete Objekte" { > special_use = "\\Sent" > } > } > service auth { > inet_listener tcp_auth { > port = 12345 > } > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > } > service auth-worker { > } > ssl_server { > cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem > key_file = /etc/ssl/private/ssl-cert-snakeoil.key > } > protocol imap { > mail_plugins { > imap_quota = yes > } > } > quota "User quota" { > } > dict_server { > dict mysql { > driver = sql > sql_driver = mysql > dict_map priv/quota/messages { > sql_table = quota > username_field = username > dict_map_value_field messages { > } > } > dict_map priv/quota/storage { > sql_table = quota > username_field = username > dict_map_value_field bytes { > } > } > } > } > quota_clone { > dict proxy { > name = mysql > } > } > > _______________________________________________ > dovecot mailing list -- [3][email protected] > To unsubscribe send an email to [4][email protected] > > References > > Visible links > 1. mailto:[email protected] > 2. mailto:[email protected] > 3. mailto:[email protected] > 4. mailto:[email protected] > _______________________________________________ > dovecot mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
