Re: Unable to write *.sieve files while Dovecot is running
> On 7. Apr 2022, at 16.16, Ralph Seichter wrote: > > I noticed lately that I can no longer modify *.sieve files while Dovecot > is running. Write operations appear not to be permitted anymore: > > $ echo >> example.sieve > zsh: permission denied: example.sieve > > Text editors like vim cannot write either. Since I used to be able to > modify Sieve source files on the fly, I am wondering if the behaviour > I see nowadays is intentional? Dovecot does not keep the files open or protect them against modifications. It is most likely some security feature in your operating system that blocks the modifications. Sami
Re: Unable to write *.sieve files while Dovecot is running
* Alexander Dalloz: > IMHO dovecot only consumes the bytecode sieve filter, not the plain > text source file based on which the bytecode get generated. Quoting the sievec(1) manual page: [...] Dovecot's LDA process will first look for a binary file "dovecot.svbin" when it needs to execute "dovecot.sieve". It will compile a new binary when it is missing or outdated. Changing the *.sieve file has always been sufficient. Manually invoking sievec is just something I do because it will tell me right away if my latest changes introduced a syntactic mistake. > I would be your issue is cause by unix permissions or by MAC systems > like grsecurity, SELinux or Apparmor. That comment of yours got me experimenting today. I stopped Deovecot and messed about with the example.siev e file. Finally, I renamed it to old.sieve, and then used cat old.sieve > example.sieve to create a fresh file with with the old content. I can now once again modify example.sieve while Dovecot is running, and Dovecot recompiles it to example.svbin as necessary. While I don't know how the original *.sieve file got "broken" in terms of permissions or special attributes, it appears that it was indeed a local issue unrelated to Dovecot itself. My apologies, and thanks. -Ralph
RE: Auth by ip address
> Hi > is possible authentication by ip address in dovecot? > What i need. > Now auth is by PAM (Active directory), i want application password (its > plugin > to Roundcube, passwords in mysql) for example android email client. > I know that Multiple Authentication Databases work but i want when user auth > from public network use sql and when from internal network use both sql and > then pam. > I recently I asked something similar (allow authentication without password for a specific user name), and am looking to resolve this via pam modules. I think the solution to your issue is going to be quite similar. However, I am not sure what you are trying to do, and if what you are looking for is even good. If you want to use roundecube. Why not just enable user imap authentication? I would say you really need to know what you are doing, when you start looking at no authentication.
Auth by ip address
Hi is possible authentication by ip address in dovecot? What i need. Now auth is by PAM (Active directory), i want application password (its plugin to Roundcube, passwords in mysql) for example android email client. I know that Multiple Authentication Databases work but i want when user auth from public network use sql and when from internal network use both sql and then pam. thanks for help Bukowski