https://bugzilla.novell.com/show_bug.cgi?id=851984 https://bugzilla.novell.com/show_bug.cgi?id=851984#c25 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |lukrez.forums@gmx.net --- Comment #25 from Christian Boltz <suse-beta@cboltz.de> 2014-01-02 23:35:52 CET --- (In reply to comment #24)
In usr.lib.dovecot.dovecot-lda:
/var/run/dovecot/mounts r, /proc/*/mounts r,
Thanks, added.
In usr.lib.dovecot.auth
/etc/krb5.keytab.mail rk, /var/tmp/imap_* rw,
But the /etc/krb5.keytab.mail should probably go into tunables or can be omitted. I didn't want to use standard kerberos keytab /etc/krb5.keytab due to filesystem permissions
You can add such things to local/usr.lib.dovecot.auth ;-) (tunables/ is used for setting variables, see for example tunables/dovecot)
I did only try to authenticate via imap. Probably /var/tmp/pop_* or smtp_* are needed too.
Can you please test this and report back? I'm using MySQL auth (which doesn't need anything in /var/tmp/) and don't know anything about kerberos ;-) Additional question: does it still work if change /var/tmp/imap_* rw, to owner /var/tmp/imap_* rw, ? This will allow access only to files created by the same user, which is an additional safety net in directories like /var/tmp/ where everybody has write access ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.