'We couldn't drop root group privileges'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dovecot
Subject:    We couldn't drop root group privileges
From:       forumforeign <forumforeign () gmail ! com>
Date:       2024-01-30 9:48:54
Message-ID: 1d92557e-f26a-4cb2-9b3a-6fa02bc2de11 () gmail ! com
[Download RAW message or body]

Hello.
I have
- dovecot 2.3.21 (also tried 2.3.5)
- postfix 3.8.5 (also tried 3.8.4)

It's a new setup where I use postfix + dovecot-delivery for delivery to 
local mailbox. At logs I have an error and mail deffers in queue:

dovecot: [ID 702911 mail.crit] lda(poli@domain.com)<7808>: Fatal: We 
couldn't drop root group privileges (wanted=6(mail), gid=0(root), 
egid=0(root))

Postfix and dovecot start from root UID, but user dovecot/postfix has 
corresponding groups to run as specific group:

root@solaris:# id -a dovecot
uid=110(dovecot) gid=110(dovecot) groups=110(dovecot),6(mail)
root@solaris:# id -a postfix
uid=26(postfix) gid=26(postfix) groups=26(postfix),6(mail)
root@solaris:# id -a root
uid=0(root) gid=0(root) 
groups=0(root),1(other),2(bin),3(sys),4(adm),6(mail),7(tty),8(lp),12(daemon)

Also, when I run a dtrace (a system call trace mechanism) I see, that 
dovecot-lda runs as group "mail" (gid=6), so, there isn't any problem, 
but dovecot thinks another:

   UID   GID    PID   PPID ARGS

     0    26   7719   7638 pipe -n dovecot -t unix flags=DRhu 
user=nobody:mail argv=/usr/libexec/dovecot/d
60001     6   7720   7718 /usr/libexec/dovecot/dovecot-lda -f 
mega@domain.com -d poli@domain.com
60001     6   7720   7718 /usr/bin/amd64/doveconf -f service=lda -c 
/etc/dovecot/dovecot.conf -m lda -e /
60001     6   7720   7718 /usr/libexec/dovecot/dovecot-lda 
-f mega@domain.com -d poli@domain.com

What exactly dovecot wants and how to solve this error?

Here is part of "dovecot -n" output which is corresponding to 
user/group/lda:

# 2.3.5.1 (7ec6d0ade): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.6 (92dc263a)
# OS: SunOS 5.11 i86pc
# Hostname: solaris
auth_debug = yes
auth_mechanisms = plain login
auth_verbose = yes
default_process_limit = 99
disable_plaintext_auth = no
first_valid_gid = 6
first_valid_uid = 60001
last_valid_gid = 6
last_valid_uid = 60001
mail_access_groups = mail
mail_debug = yes
mail_gid = 6
mail_location = /var/mail/vmail/%u@%d
mail_max_userip_connections = 99
mail_privileged_group = mail
mail_uid = 60001
maildir_very_dirty_syncs = yes
...
service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0666
     user = postfix
   }
}
...
protocol lda {
   mail_plugins = " sieve"
   postmaster_address = postmaster
}

PS. Also, I have aother box with very old setup (dovecot 2.2.27) and it 
works with the same configuration without any errors. I thought that 
this is OS specific problem and tried on the same version OS run a 
dovecot 2.3.21, but still had an errors.




_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic