[courier-users] courier-imap as non-root user +authuserdb - Three Letter Acronym - net.sourceforge.lists.courier-users

6 messages in net.sourceforge.lists.courier-users[courier-users] courier-imap as non-r...

From	Sent On	Attachments
Three Letter Acronym	Jan 1, 2003 6:41 pm
Brian Candler	Jan 3, 2003 2:41 am
Three Letter Acronym	Jan 3, 2003 5:59 pm
Brian Candler	Jan 4, 2003 2:31 am
Three Letter Acronym	Jan 4, 2003 7:34 pm
Brian Candler	Jan 5, 2003 2:17 am

Subject:	[courier-users] courier-imap as non-root user +authuserdb
From:	Three Letter Acronym (tl...@spiderchain.com)
Date:	Jan 1, 2003 6:41:06 pm
List:	net.sourceforge.lists.courier-users

Hi all,

I know I'm missing something, but I can't get courier-imap to function as a non-root user.

I can run it as user imap (unique uid/gid, standard service account stuff) using the -user option in the config file.

However, at that point the server does not know how to read users' mail. Mail is delivered mode 600, owned by the user. If I change it so that everything in the maildir hierarchy is also owned by group imap, the server still dies -- syslog error messages are of the form: Jan 1 17:45:53 lart imapd: setgid: Operation not permitted

I changed the gid of the user to the same as imap in the userdb database -- the messages changed to the form: Jan 1 18:29:51 lart imapd: setuid: Operation not permitted

So, the question is twofold: First, does anyone actually run courier-imap as a non-root user in production? Second, and more important, is it possible to do this using userdb authentication? I expect that if the entire mail hierarchy were owned by the imap daemon, things would be fine. However, userdb authentication will not allow everyone to have the same uid (something that I assume could be done with a back-end such as mysql or ldap).

Thanks in advance for help/advice....

--tla

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets