CREATE_MAIL_SPOOL sets improper permissions

Discussion in 'Mail Server' started by Seilori, May 9, 2013.

  1. Seilori

    Seilori New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    Hello,

    As a novice in administering Linux server, here is my humble request for help concerning useradd and dovecot problem in our CentOS 6.2 server.
    After yum updating a whole lot of stuff with webmin last week, none of the users added after this update could use their email.
    As shown below, I've added two users for test purposes: user.test1 yesterday and user.test2 this night, both with CREATE_MAIL_SPOOL = yes option (as it's stored in /etc/default/useradd). I run chmod 0600 /var/mail/user.test1 after the first useradd and that solved the problem so far. I tried this, because all the older mbox files had these privileges and this new one had 0660.

    # ls -l /var/mail/user.test1
    -rw------- 1 user.test1 mail 0 May 8 20:09 user.test1

    I have spend a lot of time in the net trying to find a solution which solves this issue but found none, issue obviously being changing default file permissions of /var/mail/$USER when creating new users. I even tried editing /etc/dovecot/conf.d/10-mail.conf with "mail_privileged_group = mail" and reloading dovecot. But when creating a new user the same permissions 0660 are again set automatically:

    # ls -l /var/mail/user.test2
    -rw-rw---- 1 user.test2 mail 0 May 9 22:06 user.test2

    When testing webmail with this newly created user account, I got following error message:

    [SERVERBUG] Internal error occurred. Refer to server log for more information. [2013-05-09 22:08:25]

    and maillog informs:

    May 9 22:08:25 mail dovecot: imap-login: Login: user=<user.test2>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=4770, secured
    May 9 22:08:25 mail dovecot: imap(user.test2): Error: chown(/home/hety/user.test2/mail/.imap/INBOX, -1, 12(mail)) failed: Operation not permitted (egid=567(user.test2), group based on /var/mail/user.test2)
    May 9 22:08:25 mail dovecot: imap(user.test2): Error: mkdir(/home/hety/user.test2/mail/.imap/INBOX) failed: Operation not permitted
    May 9 22:08:25 mail dovecot: imap(user.test2): Disconnected: Logged out bytes=79/715


    Because I used to add users succesfully before this update process and their emails were working ok, I think something went wrong during updates.

    Can anybody help me with this problem? Meaning not to be forced to run chmod 0600 /var/mail/* after every useradd. I'm beginning to think this issue rises because of some other reason than mail server configuration even though maillog tells about mail dovecot involvement. IMHO this points more towards OS's useradd.


    Thank You
  2. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    214
    Trophy Points:
    43
    Hey there - welcome to Linux Forum.

    I believe you do want them to be 660 as all of the users (except root) have these permissions set on a default setup. Root's perms on their /var/mail/root file is 600.

    Are the users getting any error messages, or are you seeing anything in the mail log(s)?
  3. Seilori

    Seilori New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    Hey - and thank You

    Sorry about my poor english, I'm just an ex sailor from Finland now in a position to administer linux server for the first time in my life (with no prior experience in Linux workstations either).
    But isn't this from my original post answering your question?

    Anyway after doing some research I found this googling dovecot's wiki2 maillocation mbox(I can't post a straight link since I haven't got enough posts (5)):

    Does this really mean that after every useradd I have to do chmod 600 /var/mail/* and there isn't any configuration file or whatever where I could alter these permissions so that they would be correctly set the defaults for all new users (ie. 600)?

    And, what on earth means chown(/home/hety/user.test2/mail/.imap/INBOX, -1, 12(mail)) in this error message? chown - ok, I've red man pages. But this looks like a method/function call with those arguments in parathesis. First argument is path, last is uid/gid(?), but what's that (-1) in the middle?

Share This Page