Op zaterdag 20 februari 2016 14:41:30 schreef Carlos E. R.:
On 02/20/2016 02:24 PM, Anton Aylward wrote:
On 02/20/2016 05:47 AM, Freek de Kruijf wrote:
In the dovecot log on Leap 42.1 I see messages like: imap(freek): Error: opendir(/home/freek/Maildir) failed: Permission denied (euid=1000(freek) egid=100(users) UNIX perms appear ok (ACL/MAC wrong?))
After some digging I found that this is a problem caused by improper apparmor rules for dovecot. Apparently apparmor does not allow access to the Maildir directory tree by dovecot, which is obviously needed to access e-mail in that directory. So IMAP is not usable any more. Any idea what rule should be added?
Made a bug report: https://bugzilla.opensuse.org/show_bug.cgi?id=967528
*sigh* This was the problem when I installed on 12.2 as well!
Notice /etc/apparmor.d/tunables/dovecot
@{DOVECOT_MAILSTORE}=@{HOME}/Maildir/ @{HOME}/mail/ @{HOME}/Mail/ /var/vmail/ /var/mail/ /var/spool/mail/
and
/etc/apparmor.d/abstractions/user-mail
owner @{HOME}/Maildir/ r, owner @{HOME}/Maildir/** rwl,
The later I think is not included by the apparmor profiles. Instead, I see, for instance in /etc/apparmor.d/usr.lib.dovecot.dovecot-lda
@{DOVECOT_MAILSTORE}/ rw, @{DOVECOT_MAILSTORE}/** rwkl,
The above is in a test install of 42.1
If you change something, do it in /etc/apparmor.d/local/* (means undoing the changes aa-logprof does)
The problem is most likely caused by a symbolic link for /home/user/Maildir to /somename/user/Maildir .So I believe apparmor does not honor symbolic links. -- fr.gr. member openSUSE Freek de Kruijf -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org