[Users] managesieve plug in problem

Mon Feb 4 19:17:28 CET 2019

On Mon, 4 Feb 2019 11:58:22 -0500
Jerry <jerry at seibercom.net> wrote:

> On Mon, 4 Feb 2019 17:19:14 +0100, Michael Gmelin stated:
> >> On 4. Feb 2019, at 17:10, Jerry <jerry at seibercom.net> wrote:
> >> 
> >> dovecot 2.3.4
> >> FreeBSD 12.0-RELEASE-p2
> >> Claws Mail version 3.17.3 for Windows
> >> 
> >> I have been experimenting with the "managesieve" plug in. The plug
> >> in can find and open the existing "default" sieve file just fine.
> >> Unfortunately, it cannot write to it, at least not unless I give
> >> everything "0777" permissions. Everything in the directory is under
> >> "vmail" owner and group.
> >> /usr/local/etc/dovecot/sieve directory
> >> drwxr-xr-x  3 root   wheel     7B 2019-02-02 05:39:03 EST ./
> >> drwxr-xr-x  7 root   wheel    10B 2019-01-20 19:54:38 EST ../
> >> -rw-r--r--  1 root   wheel   205B 2018-09-09 12:13:04 EDT Makefile
> >> -rw-r--r--  1 vmail  vmail    27K 2019-02-02 05:37:47 EST
> >> default.sieve -rw-r--r--  1 vmail  vmail    27K 2019-02-02 05:37:47
> >> EST default.sieve-bak -rw-r--r--  1 vmail  vmail    25K 2019-02-02
> >> 05:38:14 EST default.svbin drwxr-xr-x  2 vmail  vmail     2B
> >> 2019-02-04 10:51:04 EST tmp/
> >> 
> >> The error message from the dovecot log:
> >> 
> >> Feb 04 10:51:04
> >> managesieve(gerard at seibercom.net)<33610><+Lj+ahOBtROubeH6>: Erro r:
> >> sieve: file storage: save: Failed to save Sieve script:
> >> rename(/usr/local/etc /dovecot/sieve/default.sieve) failed:
> >> Permission denied (euid=1002(vmail) egid=1 002(vmail) UNIX perms
> >> appear ok (ACL/MAC wrong?), dir owned by 0:0 mode=0755)
> >> 
> >> Dovecot is in the vmail group:
> >> pw showgroup vmail
> >> vmail:*:1002:dovecot
> >> 
> >> I am not sure if this is a claws-mail problem or a dovecot one;
> >> however, I thought I would start here.
> >> 
> >> Thanks!
> >> 
> >> -- 
> >> Jerry  
> 
> >The error message is pretty clear: the directory isn’t owned by the
> >vmail user, it really should be. Might be an issue with dovecot (or
> >manually copying things around, as usually dovecot creates everything
> >under the vmail user, assuming you configured it correctly).
> >
> >-m  
> 
> Considering that all the data files were user/group "vmail" and that
> dovecot was in the "vmail" group, I find it rather interesting that
> the plug in, apparently running as user/group "vmail" could not write
> to the file although it could open and view it.

Surely it's behaving entirely as expected? The only 'person' who can
*write* to the directory is the 'vair' user. You were apparently running
as the 'dovecot' user and so had only read permission.

> I changed the
> ownership on the directory and the problem is now solved. Now I just
> have to wait and see if any problems show up on the dovecot side.
> 