cyrus-imap configuration question SOLVED

Simon Matter simon.matter at invoca.ch
Sun Jan 20 14:23:06 EST 2013


> Thanks All,
>
> Well yes, ahem.. obviously!  Since I'm a complete beginner at this, who,
> what
> and how did the ownership of mailboxes.db get set wrongly in the first
> place?
>
> The script /usr/lib/cyrus-imapd/mkimap was run as user cyrus, as per the
> instructions.

I think you should follow the instructions mentioned in the Fedora rpm
docs and not the generic instructions of the cyrus docs. IMHO things like
mkimap should not be needed with a packaged version of cyrus (but of
course it should not break things). If it still fails after following the
package docs you may report this to Fedora as the package could have a bug
then.

Regards,
Simon

>
> Surely cyrus CANNOT create a root owned file ??
>
> Observation:
>
> Just as a quick experiment I changed mailboxes.db permissions to 666 and
> low
> it works! But something knows and changed the ownership to cyrus:mail with
> permissions 600
>
> Something very fishy there.
>
>  ~ o ~
>
> While on the subject of incorrect permissions. The file
> /var/lib/imap/db/skipstamp was also root:root and causing this from
> systemctl
> status cyrus-imapd after a SUCCESSFUL start.
>
> Jan 20 12:15:44 blanked.com ctl_cyrusdb[1652]: DBERROR: writing
> /var/lib/imap/db/skipstamp: Permission denied
>
> I have know idea why these Permission denied messages are not in
> /var/log/messages, perhaps it has something to do with SELinux !!
>
> Thanks for all the help, Charles Bradshaw
>
> On: Sun, 20 Jan 2013 07:20:18 -0400, Patrick wrote:
>> On 01/20/2013 06:40 AM, Charles Bradshaw wrote:
>> > Thanks Dan, Here are the details you asked for.
>> >
>> > My /etc/imapd.conf :
>> >
>> > configdirectory: /var/lib/imap
>> > partition-default: /var/spool/imap
>> > admins: cyrus
>> > sievedir: /var/lib/imap/sieve
>> > sendmail: /usr/sbin/sendmail
>> > hashimapspool: true
>> > sasl_pwcheck_method: auxprop
>> > sasl_mech_list: PLAIN DIGEST-MD5 CRAM-MD5
>> > sasl_auxprop_plugin:sasldb
>> > #allowplaintext: no
>> > #defaultdomain: mail
>> > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
>> > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
>> > # uncomment this if you're operating in a DSCP environment (RFC-4594)
>> > # qosmarking: af13
>> >
>> > I have played with allowplaintext and defaultdomain.
>> > For the record the 3 sasl_... values are the same as the entries in
>> > /etc/sasl2/Sendmail.conf
>> >
>> > Directory ownership:
>> >
>> > ls -ld /var/lib/imap
>> > drwxr-x---. 18 cyrus mail 4096 Jan 19 19:37 lib/imap
>> >
>> > ls -l lib/imap
>> > total 72
>> > drwx------. 2 cyrus mail 4096 Jan 20 03:35 backup
>> > drwx------. 2 cyrus mail 4096 Jan 19 19:37 db
>> > drwx------. 2 cyrus mail 4096 Jan 19 19:37 db.backup1
>> > drwx------. 2 cyrus mail 4096 Jan 19 16:45 db.backup2
>> > -rw-------. 1 cyrus mail  144 Jan 19 12:20 deliver.db
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 log
>> > -rw-------. 1 root  root  144 Jan 14 07:13 mailboxes.db
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 md5
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 meta
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 msg
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 proc
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 ptclient
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 quota
>> > drwx------. 2 cyrus mail 4096 Jan 19 15:29 rpm
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 sieve
>> > drwxr-x---. 2 cyrus mail 4096 Jan 19 19:37 socket
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 sync
>> > drwx------. 2 cyrus mail 4096 Mar 15  2012 user
>> >
>> > ls -ld /var/spool/imap
>> > drwxr-x---. 4 cyrus mail 4096 Jan 19 11:39 /var/spool/imap
>> >
>> > ls -l /var/spool/imap
>> > total 8
>> > drwxr-xr-x. 2 cyrus mail 4096 Jan 19 11:39 stage.
>> > drwxr-xr-x. 2 cyrus mail 4096 Jan 19 11:39 sync.
>> >
>> > stage. and sync. are empty
>> >
>> > The only possibility I see above is mailboxes.db is root:root <<<< IS
>> THIS THE
>> > PROBLEM?
>>
>> mailboxes.db should be owned by cyrus user.
>>
>> >
>> > I assume this was created during:
>> > [root at dell2600 ~]# su cyrus
>> > bash-4.2$ /usr/lib/cyrus-imapd/mkimap
>> >
>> > Charles Bradshaw
>> >
>> >
>> > ---------- Original Message -----------
>> >
>> > On: Sat, 19 Jan 2013 18:46:38 -0600, Dan wrote
>> >
>> >> On 01/19/13 17:51 +0000, Charles Bradshaw wrote:
>> >>> I'm tying to configure cyrus-imap on a Fedora 17 system.
>> >>>
>> >>> cyrus-imapd version cyrus-imapd.i686 2.4.14-1.fc17
>> >>>
>> >>> I have sendmail and saslauthd working using DIGEST-MD5 and CRAM-MD5
>> working.
>> >>>
>> >>> I have gone through the cyrus-imap configuration procedure, but when
>> I
> try to
>> >>> start the server:
>> >>>
>> >>> # systemctl start cyrus-imapd.service
>> >>> Job failed. See system journal and 'systemctl status' for details.
>> >>>
>> >>> # systemctl status cyrus-imapd.service
>> >>> cyrus-imapd.service - Cyrus-imapd IMAP/POP3 email server
>> >>> 	  Loaded: loaded (/usr/lib/systemd/system/cyrus-imapd.service;
>> disabled)
>> >>> 	  Active: failed (Result: exit-code) since Sat, 19 Jan 2013
>> 13:29:32 +0000;
>> >>> 28s ago
>> >>> 	 Process: 2049 ExecStartPre=/usr/lib/cyrus-imapd/cyr_systemd_helper
>> start
>> >>> (code=exited, status=75)
>> >>> 	  CGroup: name=systemd:/system/cyrus-imapd.service
>> >>>
>> >>> If I start the master process manually or in debug mode:
>> >>> # /usr/lib/cyrus-imapd/cyrus-master -D              (or -d)
>> >>> fatal error: can't read mailboxes file
>> >>> ctl_cyrusdb: unable to archive environment
>> >>
>> >> On 01/19/13 18:17 +0000, Charles Bradshaw wrote:
>> >>> File permissions are:
>> >>>
>> >>> # cd /var/spool
>> >>> # ls -l imap
>> >>> total 8
>> >>> drwxr-xr-x. 2 cyrus mail 4096 Jan 19 11:39 stage.
>> >>> drwxr-xr-x. 2 cyrus mail 4096 Jan 19 11:39 sync.
>> >>> [root at dell2600 spool]# ls -ld imap
>> >>> drwxr-x---. 4 cyrus mail 4096 Jan 19 11:39 imap
>> >>>
>> >>> # cd /var
>> >>> # ls -ld imap
>> >>> drwxr-x---. 2 cyrus mail 4096 Jan 19 11:32 imap
>> >>
>> >> Your 'configdirectory' option in /etc/imapd.conf should point to the
>> >> location of your cyrus database files, including the mailboxes
>> database.
>> >> That directory, and all files underneath it, should be owned by
>> cyrus:mail.
>> >>
>> >> If permissions look correct, please provide the contents of your
>> >> /etc/imapd.conf file, and a directory listing of the
>> >> 'configdirectory' directory.
>> >>
>> >> --
>> >> Dan White
>> > ------- End of Original Message -------
>> >
>> > ----
>> > Cyrus Home Page: http://www.cyrusimap.org/
>> > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>> > To Unsubscribe:
>> > https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>> >
> ------- End of Original Message -------
>
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>




More information about the Info-cyrus mailing list