On Wed, 05 Mar 2014 13:25:34 +0100, Michael Neumann <[email protected]> said: > Hi,
> I am having problems to let OpenSMTPD directly talk with dovecot via an > LMTP UNIX domain socket. > The domain socket is created with _smtpd:_smtpd 0660 permissions: > # ls -la /var/run/dovecot/lmtp > srw-rw---- 1 _smtpd _smtpd 0 Mar 4 12:06 /var/run/dovecot/lmtp > But somehow the smtpd process can't access it. It shows a "smtpd: > couldn't establish connection: Permission denied" in the output of > `smtpctl show queue`. It is working if I give it read/write permissions > for everyone (0666). > Which permissions should it have? I also tried to give it _smtpq:_smtpd > permissions (or root:wheel), but both failed. I am a bit lost here > because I don't know which process opens the socket. Can someone > enlighten me? :) That's because LMTP delivery (like all delivery backends) work by setuid-ing to the recipient user so the actual delivery takes place in the context of recipient user. So, 666 seems like a workaround, or switch to delivery over TCP/IP. I think a fix would be to distinguish between which delivery backend needs to be setuid'd to the recipient user, so that socket based delivery methods which don't need setuid'd don't actually get setuid'd and get into this issue. HTH -- Ashish SHUKLA “I know what you're thinking -- "Did he fire six shots or only five?" Well, to tell you the truth, in all the excitement, I kind of lost track myself. But being this is a .44 Magnum, the most powerful handgun in the world, and would blow your head clean off, you've got to ask yourself one question: "Do I feel lucky?" Well, do you, punk?” (Harry Callahan, badge #2211) Sent from my Emacs
signature.asc
Description: PGP signature
