Petri Riihikallio wrote:
Yes, maildrop is owned by root, setuid(/setgid), and mail is a trusted
user (as in the old setup maildrop run as "mail").
These were my easy guesses. Your setup differs from mine, so I can't
give you any working sample config. I can guess some more, though:
Are you sure the LDAP queries are working and returning the values you
expect? Maildrop needs to know the uid and gid of the user and the
Maildir must be writable by that user.
Hello,
Sorry for not posting for a long time (though that's not a big rpoblem
for you :).
By enabling DEGUN_LOGIN (and using telnet to login trough IMAP) I could
verify that
all the necessary information is returned from the LDAP server including
the UID/GID.
As I could not find a solution I tried to do the following: keep
maildrop running as a fixed user "mail" and
add that user to all the groups in LDAP (this works rather fine with the
user www-data).
This way I can have each user as the owner of their own mailbox and also
make maildrop deliver to them as user mail.
By using "su mail" I verified that I could read a users mailbox (owned
by the user) so this is working fine,
but maildrop still gives the error "Unable to change to home directory".
I don't really understand this as maildrop
is owned by root and setuid, so it should be able to change to the
homedir either as root or mail.
This solution would also be better than maildrop delivering under the
users own UID
because as I can see courier-imap is not setuid so I don't know if it
could bind to every users own
uid to read their mail.
of course using maildrop as a "mailbox_command" in postfix is still a
possibility but then i would have to make
every maildir world-readable to be able to retrieve mails using
imap/pop3 which is a rather bad solution..
so does anyone have an idea why maildrop can't change to home directory
when that dir can definitely be read by user mail?
thanks in advance,
adam
9 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] per-user uid & ldap
