Am 05.03.2014 13:41, schrieb Ashish SHUKLA:
> On Wed, 05 Mar 2014 13:25:34 +0100, Michael Neumann
<[email protected]> said:
>> Hi,
>
>> I am having problems to let OpenSMTPD directly talk with dovecot via an
>> LMTP UNIX domain socket.
>
>> The domain socket is created with _smtpd:_smtpd 0660 permissions:
>
>> # ls -la /var/run/dovecot/lmtp
>> srw-rw---- 1 _smtpd _smtpd 0 Mar 4 12:06 /var/run/dovecot/lmtp
>
>> But somehow the smtpd process can't access it. It shows a "smtpd:
>> couldn't establish connection: Permission denied" in the output of
>> `smtpctl show queue`. It is working if I give it read/write permissions
>> for everyone (0666).
>
>> Which permissions should it have? I also tried to give it _smtpq:_smtpd
>> permissions (or root:wheel), but both failed. I am a bit lost here
>> because I don't know which process opens the socket. Can someone
>> enlighten me? :)
>
> That's because LMTP delivery (like all delivery backends) work by
setuid-ing
> to the recipient user so the actual delivery takes place in the
context of
> recipient user. So, 666 seems like a workaround, or switch to
delivery over
> TCP/IP.
Thanks!
Does that also mean it will spawn a separate process each time it
delivers an email via LMTP?
> I think a fix would be to distinguish between which delivery backend
needs to
> be setuid'd to the recipient user, so that socket based delivery
methods which
> don't need setuid'd don't actually get setuid'd and get into this issue.
Yeah, I think that is something we should fix. In the meanwhile I'll be
using dovecot's delivery binary.
Regards,
Michael
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
