1

Topic: Dovecot - missing permission

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:  Debian 9
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes 3.7
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
From time to time we have errors in dovecot.log like this:
Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

the error appears randomly for different mailboxes. If we check permission manualy - all looks ok.

Can there be a bug in dovecot or maybe in configuration?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Dovecot - missing permission

Make sure /var/vmail/ is owned by root:root, permission 0755.
Make sure /var/vmail/vmail1/ and all its sub-directories are owned by vmail:vmail, permission 0700.

3 (edited by lamagra 2019-08-01 17:51:05)

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Make sure /var/vmail/ is owned by root:root, permission 0755.
Make sure /var/vmail/vmail1/ and all its sub-directories are owned by vmail:vmail, permission 0700.

I've already check that:

vmail:                drwxr-xr-x  9 root root 4096 sie  1 10:43 vmail
vmail1:              drwxr-xr-x 95 vmail vmail 4096 lip 10 12:09 vmail1
inside vmail1     drwx------  4 vmail vmail 4096 mar 21 11:53

4

Re: Dovecot - missing permission

lamagra wrote:

Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

Check every parent directory of this one: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/.
One by one.

5

Re: Dovecot - missing permission

ZhangHuangbin wrote:
lamagra wrote:

Jul 30 15:00:56 imap(name@domain.com): Error: open(/var/vmail/vmail1/domain.com/n/a/m/name-2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +r perm: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2, stat(/var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/cur/1564490086.M907488P874.Baldur,S=5137,W=5247:2,) failed: Permission denied)

Check every parent directory of this one: /var/vmail/vmail1/domain.com/n/a/m/name--2015.02.26.16.36.12//Maildir/.
One by one.

I've checked this one by one and all is ok. Everywhere is vmail:vmail with 700 for folders and 600 for files

6

Re: Dovecot - missing permission

Check:

/var
/var/vmail
/var/vmail/vmail1

7

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Check:

/var
/var/vmail
/var/vmail/vmail1

Zhang problem does not occur all the time,
Even when i find log entry with permission problem and after that i'll check permission for this single email all looks good:

-rw------- 1 vmail vmail

all next emails after that one are stored in maildir without such log entry.

8

Re: Dovecot - missing permission

Is the vmail folder on a remote storage like NFS or SMB?

9

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Is the vmail folder on a remote storage like NFS or SMB?

Yes, it's mounted via NFS.

10

Re: Dovecot - missing permission

Make sure NFS server grants required privileges to this iRedMail server, also the iRedMail server has correct mount options.

11

Re: Dovecot - missing permission

ZhangHuangbin wrote:

Make sure NFS server grants required privileges to this iRedMail server, also the iRedMail server has correct mount options.

Well, probably all error was because different time on mail server and NAS. After we synchronize time there is no new errors