[Bug 874094] New: Dovecot passwd-file authentication and AppArmor
https://bugzilla.novell.com/show_bug.cgi?id=874094
https://bugzilla.novell.com/show_bug.cgi?id=874094#c0
Summary: Dovecot passwd-file authentication and AppArmor
Classification: openSUSE
Product: openSUSE 13.1
Version: Final
Platform: x86-64
OS/Version: openSUSE 13.1
Status: NEW
Severity: Normal
Priority: P5 - None
Component: AppArmor
AssignedTo: suse-beta@cboltz.de
ReportedBy: neocube216@gmail.com
QAContact: qa-bugs@suse.de
Found By: ---
Blocker: ---
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101
Firefox/28.0
No profile for dovecot's passwd-file in apparmor.
Reproducible: Always
Steps to Reproduce:
I have opensuse 13.1 and package dovecot21-2.1.17-2.1.2.x86_64, whole system
updated.
I use virtual users and passwd-file authentication, this is output dovecot -n:
<pre>
# 2.1.17: /etc/dovecot/dovecot.conf
# OS: Linux 3.11.10-7-desktop x86_64 openSUSE 13.1 (x86_64)
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
first_valid_gid = 999
first_valid_uid = 999
last_valid_gid = 999
last_valid_uid = 999
mail_location = maildir:~
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave
passdb {
args = /etc/dovecot/vpasswd
driver = passwd-file
}
pop3_uidl_format = %g
protocols = imap pop3
ssl = no
userdb {
args = uid=vmail gid=vmail home=/var/spool/mail/%u
driver = static
}
</pre>
User 999 and group 999 is vmail. Here is content my vpasswd file (only for
test):
<pre>
user1@example.org:{PLAIN}password
</pre>
I set these Permissions:
<pre>
-r-------- 1 dovecot root ... vpasswd
</pre>
Test over telnet:
<pre>
telnet localhost 110
Trying ::1...
Connected to localhost.
Escape character is '^]'.
+OK Dovecot ready.
USER user1@example.org
+OK
PASS password
-ERR Authentication failed.
</pre>
Actual Results:
In mail log is this error:
<pre>
dovecot: auth: Error: passwd-file /etc/dovecot/vpasswd:
open(/etc/dovecot/vpasswd) failed: Permission denied (euid=482(dovecot)
egid=479(dovecot) missing +w perm: /etc/dovecot/vpasswd, dir owned by 0:0
mode=0755)
dovecot: auth:
passwd-file(user1@example.org,::1,
https://bugzilla.novell.com/show_bug.cgi?id=874094
https://bugzilla.novell.com/show_bug.cgi?id=874094#c1
--- Comment #1 from Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=874094
https://bugzilla.novell.com/show_bug.cgi?id=874094#c2
Christian Boltz
https://bugzilla.novell.com/show_bug.cgi?id=874094
https://bugzilla.novell.com/show_bug.cgi?id=874094#c3
--- Comment #3 from Bernhard Wiedemann
http://bugzilla.novell.com/show_bug.cgi?id=874094
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=874094
Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=874094
--- Comment #4 from Swamp Workflow Management
http://bugzilla.novell.com/show_bug.cgi?id=874094
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com