I'm installing dovecot onto a Virtualbox VM running Ubuntu Server 64-bit 14.04 guest. Dovecot itself is being installed into a Docker container (I'm not sure that that's relevant here, but am noting it just in case). I'm having trouble getting dovecot to allow me to log in via telnet to test user authentication using a passwd file.
Dovecot itself seems to have installed fine. I've started it up with sudo dovecot
, and am now trying to test it following the wiki guide at http://wiki2.dovecot.org/TestInstallation.
Within the container, I enter telnet localhost 143
. Dovecot connects fine with * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.
. I then enter a login "test" "test"
, but get the following output: a NO [AUTHENTICATIONFAILED] Authentication failed.
I've confirmed that this command works on an existing (working) Ubuntu 12.04 dovecot server, with a similar passwd file at /etc/dovecot/users.
The /etc/dovecot/users
file contains the following line:
test:{SHA512-CRYPT}$6$PHmKiepXqf1vbk7u$.ruON3KVGW7LfuqxAFKG3kG5O0s3tocK5jpbaMH2Qh9scnjj.RENQ230ulYXgp9SEaZbJjFlD9HJdA6o4wVIJ1::::/home/dovecot-user/Maildir/test
The user here is called "test" with password "test".
The dovecot logfile contains this:
Aug 04 08:49:18 imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Aug 04 08:49:18 imap-login: Debug: SSL: elliptic curve secp384r1 will be used for ECDH and ECDHE key exchanges
Aug 04 08:49:18 auth: Error: passwd-file: open(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?))
Aug 04 08:49:18 auth: Error: passwd-file: open(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?))
Aug 04 08:49:23 auth: Error: passwd-file(test,::1,<4V3V0Mn/5QAAAAAAAAAAAAAAAAAAAAAB>): stat(/etc/dovecot/users) failed: Permission denied (euid=102(dovecot) egid=106(dovecot) missing +x perm: /etc/dovecot, UNIX perms appear ok (ACL/MAC wrong?))
Aug 04 08:49:26 imap-login: Info: Disconnected: Too many invalid commands (auth failed, 1 attempts in 3 secs): user=<test>, method=PLAIN, rip=::1, lip=::1, secured, session=<4V3V0Mn/5QAAAAAAAAAAAAAAAAAAAAAB>
I've not found any solutions to this problem, including changing the permissions on the files in /etc/dovecot/
and /home/dovecot-user/Maildir/
to be as lenient as possible, and chown
ing the files to dovecot:dovecot, root:root, and dovecot-user:dovecot-user. The current file permissions are as follows:
ls -lR /etc/dovecot
:
/etc/dovecot/dovecot:
-rwxrwx--- 1 dovecot dovecot 116 Aug 3 20:07 README
drwxrwx--- 2 dovecot dovecot 4096 Aug 4 08:45 conf.d
-rwxrwx--- 1 dovecot dovecot 410 Aug 3 20:07 dovecot-db.conf.ext
-rwxrwx--- 1 dovecot dovecot 782 Aug 3 20:07 dovecot-dict-sql.conf.ext
-rwxrwx--- 1 dovecot dovecot 5348 Aug 3 20:07 dovecot-sql.conf.ext
-rwxrwx--- 1 dovecot dovecot 3794 Aug 3 20:07 dovecot.conf
-rwxrwx--- 1 dovecot dovecot 3795 Aug 3 20:07 dovecot.conf.factory_settings
-rw-r--r-- 1 dovecot dovecot 1314 Aug 3 22:02 dovecot.pem
drwx------ 2 dovecot dovecot 4096 Aug 4 03:53 private
-rwxr-xr-x 1 dovecot dovecot 357 Aug 4 08:23 users
/etc/dovecot/conf.d:
total 108
-rwxrwx--- 1 dovecot dovecot 5258 Aug 3 20:07 10-auth.conf
-rwxrwx--- 1 dovecot dovecot 1691 Aug 3 20:07 10-director.conf
-rwxrwx--- 1 dovecot dovecot 2650 Aug 4 03:50 10-logging.conf
-rwxrwx--- 1 dovecot dovecot 14476 Aug 3 20:07 10-mail.conf
-rwxrwx--- 1 dovecot dovecot 2920 Aug 3 20:07 10-master.conf
-rwxrwx--- 1 dovecot dovecot 1654 Aug 3 20:07 10-ssl.conf
-rwxrwx--- 1 dovecot dovecot 1654 Aug 3 20:07 10-ssl.conf.save
-rw-r--r-- 1 dovecot dovecot 291 May 14 18:11 10-tcpwrapper.conf
-rwxrwx--- 1 dovecot dovecot 1607 Aug 3 20:07 15-lda.conf
-rw-r--r-- 1 dovecot dovecot 1137 May 14 18:11 15-mailboxes.conf
-rwxrwx--- 1 dovecot dovecot 2402 Aug 3 20:07 20-imap.conf
-rw-r--r-- 1 dovecot dovecot 4007 May 14 18:11 20-pop3.conf
-rwxrwx--- 1 dovecot dovecot 676 Aug 3 20:07 90-acl.conf
-rwxrwx--- 1 dovecot dovecot 292 Aug 3 20:07 90-plugin.conf
-rwxrwx--- 1 dovecot dovecot 2251 Aug 3 20:07 90-quota.conf
-rw-r--r-- 1 dovecot dovecot 499 May 14 18:11 auth-checkpassword.conf.ext
-rwxrwx--- 1 dovecot dovecot 486 Aug 3 20:07 auth-deny.conf.ext
-rwxrwx--- 1 dovecot dovecot 558 Aug 3 20:07 auth-master.conf.ext
-rwxrwx--- 1 dovecot dovecot 329 Aug 4 03:45 auth-passwdfile.conf.ext
-rw-r--r-- 1 dovecot dovecot 788 May 14 18:11 auth-sql.conf.ext
-rwxrwx--- 1 dovecot dovecot 608 Aug 3 20:07 auth-static.conf.ext
-rwxrwx--- 1 dovecot dovecot 2106 Aug 3 20:07 auth-system.conf.ext
-rwxrwx--- 1 dovecot dovecot 327 Aug 3 20:07 auth-vpopmail.conf.ext
ls -lR /home/dovecot-user/Maildir/
:
/home/dovecot-user/Maildir/:
total 4
drwx------ 10 dovecot-user dovecot-user 4096 Aug 4 03:45 test
/home/dovecot-user/Maildir/test:
total 12
drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 cur
drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 new
drwx------ 2 dovecot-user dovecot-user 4096 Aug 4 03:45 tmp
Output from dovecot -n
:
# 2.2.9: /etc/dovecot/dovecot.conf
doveconf: Error: setmntent(/etc/mtab) failed: No such file or directory
# OS: Linux 3.13.0-32-generic x86_64 Ubuntu 14.04.1 LTS
first_valid_uid = 8
last_valid_uid = 1001
log_path = /testout
mail_gid = 1000
mail_location = maildir:/home/dovecot-user/Maildir/%u
mail_privileged_group = mail
mail_uid = 1000
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace inbox {
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = scheme=CRYPT username_format=%u /etc/dovecot/users
driver = passwd-file
}
protocols = " imap pop3"
ssl = required
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
args = username_format=%u /etc/dovecot/users
driver = passwd-file
}
verbose_ssl = yes
I'm not sure whether this is a file permissions problem, or an apparmor
or selinux
problem, and how to go about doing debugging and fixing it. I've seen almost a dozen forum posts on this from the last few years, but no well-documented fixes. Thus, I think that this problem is not unique to me, and am hoping to get some help here, where it will be well-documented for the future.