https://bugzilla.novell.com/show_bug.cgi?id=851984
https://bugzilla.novell.com/show_bug.cgi?id=851984#c25
Christian Boltz
In usr.lib.dovecot.dovecot-lda:
/var/run/dovecot/mounts r, /proc/*/mounts r,
Thanks, added.
In usr.lib.dovecot.auth
/etc/krb5.keytab.mail rk, /var/tmp/imap_* rw,
But the /etc/krb5.keytab.mail should probably go into tunables or can be omitted. I didn't want to use standard kerberos keytab /etc/krb5.keytab due to filesystem permissions
You can add such things to local/usr.lib.dovecot.auth ;-) (tunables/ is used for setting variables, see for example tunables/dovecot)
I did only try to authenticate via imap. Probably /var/tmp/pop_* or smtp_* are needed too.
Can you please test this and report back? I'm using MySQL auth (which doesn't need anything in /var/tmp/) and don't know anything about kerberos ;-) Additional question: does it still work if change /var/tmp/imap_* rw, to owner /var/tmp/imap_* rw, ? This will allow access only to files created by the same user, which is an additional safety net in directories like /var/tmp/ where everybody has write access ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.