1

Topic: Dovecot - missing permission

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:  Debian 9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes 3.7
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
From time to time we have errors in dovecot.log like this:
Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

the error appears randomly for different mailboxes. If we check permission manualy - all looks ok.

Can there be a bug in dovecot or maybe in configuration?

2

Re: Dovecot - missing permission

Make sure /var/vmail/ is owned by root:root, permission 0755.
Make sure /var/vmail/vmail1/ and all its sub-directories are owned by vmail:vmail, permission 0700.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

3 (edited by lamagra 2019-08-01 17:51:05)

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Make sure /var/vmail/ is owned by root:root, permission 0755.
Make sure /var/vmail/vmail1/ and all its sub-directories are owned by vmail:vmail, permission 0700.

I've already check that:

vmail:                drwxr-xr-x  9 root root 4096 sie  1 10:43 vmail
vmail1:              drwxr-xr-x 95 vmail vmail 4096 lip 10 12:09 vmail1
inside vmail1     drwx------  4 vmail vmail 4096 mar 21 11:53

4

Re: Dovecot - missing permission

lamagra wrote:

Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

Check every parent directory of this one: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/.
One by one.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

5

Re: Dovecot - missing permission

ZhangHuangbin wrote:
lamagra wrote:

Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

Check every parent directory of this one: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/.
One by one.

I've checked this one by one and all is ok. Everywhere is vmail:vmail with 700 for folders and 600 for files

6

Re: Dovecot - missing permission

Check:

/var
/var/vmail
/var/vmail/vmail1

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

7

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Check:

/var
/var/vmail
/var/vmail/vmail1

Zhang problem does not occur all the time,
Even when i find log entry with permission problem and after that i'll check permission for this single email all looks good:

-rw------- 1 vmail vmail

all next emails after that one are stored in maildir without such log entry.

8

Re: Dovecot - missing permission

Is the vmail folder on a remote storage like NFS or SMB?

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee

9

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Is the vmail folder on a remote storage like NFS or SMB?

Yes, it's mounted via NFS.

10

Re: Dovecot - missing permission

Make sure NFS server grants required privileges to this iRedMail server, also the iRedMail server has correct mount options.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee