What permissions on /var/mail directory?
The permissions drw-rws---
on directories are wrong because even the owner of the directory cannot go into them, due to the lack of the x
bit (=1
when using the numeric form).
You can test this by yourself by doing this as a normal user (not root):
$ mkdir -m 2670 /tmp/testdir
$ ls -ld /tmp/testdir
drw-rws--- 2 vmail vmail 4096 Apr 3 23:16 /tmp/testdir
$ cd /tmp/testdir
bash: cd: /tmp/testdir: Permission denied
I think that these lines in your current script:
chmod -R 0660 /var/mail/*.com
chmod -R g+rwxs /var/mail/*.com
should be instead:
chmod -R 2770 /var/mail/*.com
Related videos on Youtube
![jww](https://i.stack.imgur.com/aPIhh.jpg?s=256&g=1)
jww
Updated on September 18, 2022Comments
-
jww almost 2 years
I've been suffering a permission problem in Postfix/Dovecot for a couple of days now. The setup is using virtual domains and users, so the path to user's
home
is/var/mail/<domain>/<user>
; and the path toMailDir
is/var/mail/<domain>/<user>/MailDir
The mail logs continue to show a Permission Denied:
Apr 3 05:44:16 debian-x2 postfix/virtual[5670]: D6DDD1780100: to=<[email protected]>, relay=virtual, delay=0.15, delays=0.1/0.01/0/0.04, dsn=4.2.0, status=deferred (maildir delivery failed: create maildir file /var/mail/deltoid.com/jeff/Maildir/tmp/1396518256.P5670.debian-x2: Permission denied)
Permissions are as follows:
# ls -l /var/mail/ total 96 drw-rws--- 4 vmail vmail 4096 Apr 2 18:19 deltoid.com -rw-rw---- 1 nobody mail 80586 Apr 2 07:45 nobody # ls -l /var/mail/deltoid.com/ total 12 drw-rws--- 3 vmail vmail 4096 Apr 3 04:47 jeff drw-rws--- 3 vmail vmail 4096 Apr 3 04:47 support -rw-rws--- 1 vmail vmail 122 Apr 2 03:33 users # ls -l /var/mail/deltoid.com/jeff/ total 4 drw-rws--- 2 vmail vmail 4096 Apr 3 04:47 Maildir # ls -l /var/mail/deltoid.com/jeff/Maildir/ total 0
vmail
is both a user and group, and its set toid
5000:# id -u vmail 5000
postfix
anddovecot
are both in thevmail
group:# members vmail vmail postfix dovecot
And Postfix's
main.conf
:# Mailbox location virtual_mailbox_base = /var/mail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000
I have a little script that attempts to set the proper permission bits, but its apparently wrong:
# Ensure permissions are set on directories chown -R vmail:vmail /var/mail/*.com chmod -R 0660 /var/mail/*.com chmod -R g+rwxs /var/mail/*.com # chown -R dovecot:dovecot /var/mail/*.com/users
I got the
chmod -R g+rwxs
from SuperUser questions on setting directory permissions and having subdirectories and files inherit those permissions (for example, How to set file permissions so that new files inherit same permissions?, Setting default permissions for newly created files and sub-directories under a directory in Linux?, and How to make new file permission inherit from the parent directory?).Two questions:
What is wrong with the current permissions?
What are the permissions supposed to be?
-
user1686 about 10 yearsYour permission listing is missing the most important one,
/var/mail/deltoid.com/jeff/Maildir/tmp/
. -
jww about 10 yearsThanks grawity. There is no
tmp/
. I added the output to the commands above. But the problem seems to be with permissions leading into the directory, and not thetmp
directory. Otherwise, I'd get anE_NOENT
error instead ofE_PERM
error.