deliver: "couldn't connect to lmtpd: Permission denied"

Mark Keasling mark at air.co.jp
Tue May 20 23:00:03 EDT 2003


Hi,

Be very careful about adding users to group mail.  This may the correct
approach; but, it doesn't seem right to me.

A different approach would be changing the deliver permissions to:
-rwxr-sr-x  1 root  mail  973204 May 19 12:48 /usr/cyrus/bin/deliver*
by:
  chmod 2755 /usr/cyrus/bin/deliver
  chgrp mail /usr/cyrus/bin/deliver

This shouid cause deliver to run as group mail enabling access to
/var/imap.  This may be better than giving users free access to
everything in the mail group.

The problem with permissions may well be in the qmail configuration
(about which I know nothing) or the cyrus configuration/setup which
from what I saw looked reasonable.  It could also be that qmail and
cyrus just don't play well together.  Anyone?

On Tue, 20 May 2003 19:05:11 -0700, Jacob <cyrus-list at bitgig.com> wrote...
> Hi, thanks for your response. I found the problem:
> 
> # ls -dl /var/imap
> drwxr-x---   11 cyrus    mail         4096 May 20 18:46 /var/imap/
> 
> I fixed it by adding the necessary users to group mail.
> 
> Thanks,
> Jacob
> 
> On Wed, May 21, 2003 at 10:45:31AM +0900, Mark Keasling wrote:
> > Hi,
> > 
> > According to your ls output, it seems as though any one should be able to
> > connect to /var/imap/socket/lmtp.  If you can list it as the user and it
> > has those permissions, you should be able to connect to it.  At least I
> > don't know of any reason why you would not be able to do so.  What are the
> > permissions of the directories out of curiosity?
> >     /var
> >     /var/imap
> >     /var/imap/socket
> > 
> > On Tue, 20 May 2003 14:00:12 -0700, Jacob <cyrus-list at bitgig.com> wrote...
> > > I am trying to deliver to cyrus using qmail (with
> > > "|/usr/cyrus/bin/deliver username" in each user's .qmail file), but
> > > deliver fails reporting that it can't connect to lmtpd.
> > > 
> > > lmtpd is running and I can deliver messages via deliver on the command
> > > line as root and as cyrus, but not as any other user.
> > > 
> > > The mailbox to which I am trying to deliver has 'anonymous p' set. I
> > > have tried starting lmtpd with -a, and have also tried specifying
> > > "deliver -a anonymous", but without luck.
> > > 
> > > Am I missing something obvious?
> > > 
> > > I am using cyrus imap 2.1.13 built from source on red hat 8.0, with
> > > sasl 2.1.10 installed as an rpm.
> > > 
> > > Thanks,
> > > Jacob
> > > 
> > > $ /usr/cyrus/bin/deliver username < email_file
> > > couldn't connect to lmtpd: Permission denied
> > > 421 4.3.0 deliver: couldn't connect to lmtpd
> > > 
> > > $ ls -l /usr/cyrus/bin/deliver 
> > > -rwxr-xr-x  1 root  root  973204 May 19 12:48 /usr/cyrus/bin/deliver*
> > > 
> > > # ls -l /var/imap/socket/lmtp
> > > srwxrwxrwx  1 root  root       0 May 19 19:53 /var/imap/socket/lmtp=
> > > 
> > > $ cat /etc/imapd.conf
> > > configdirectory: /var/imap
> > > partition-default: /var/spool/imap
> > > admins: cyrus root
> > > sasl_pwcheck_method: auxprop
> > > sendmail: /usr/sbin/sendmail
> > > tls_cert_file: /var/imap/server.pem
> > > tls_key_file: /var/imap/server.pem
> > > 
> > > $ diff /etc/cyrus.conf /usr/local/src/cyrus-imapd-2.1.13/master/conf/prefork.conf 
> > > 16,17c16,17
> > > < #  pop3               cmd="pop3d" listen="pop3" prefork=3
> > > < #  pop3s              cmd="pop3d -s" listen="pop3s" prefork=1
> > > ---
> > > >   pop3                cmd="pop3d" listen="pop3" prefork=3
> > > >   pop3s               cmd="pop3d -s" listen="pop3s" prefork=1
> > > 
> > > $ rpm -qa | grep sasl
> > > cyrus-sasl-2.1.10-1
> > > cyrus-sasl-devel-2.1.10-1
> > > cyrus-sasl-plain-2.1.10-1
> > > cyrus-sasl-md5-2.1.10-1
> > > 
> > > from /var/log/imapd.log:
> > > 
> > > May 20 13:44:06 hostname deliver[1930]: connect(/var/imap/socket/lmtp) failed: Permission denied

Regards,
Mark Keasling <mark at air.co.jp>





More information about the Info-cyrus mailing list