I have a box with iredmail installed in CentoOS 6.4.

When trying to access the vmail1 folder, which is the storage path for emails, It get the following:

[root@mx vmail]# dir -ls
total 12
4 drwxr-xr-x 4 vmail vmail 4096 Apr 27  2013 backup
4 drwx------ 2 vmail vmail 4096 Apr 27  2013 sieve
4 drwx------ 7 vmail vmail 4096 May  9  2013 vmail1
[root@mx vmail]# cd vmail1
-bash: cd: vmail1: Permission denied
[root@mx vmail]#

As you can see, I'm logged in as root. What can cause this reaction, and how can I solve it?

Andreas Hinderberger

Posted 2014-12-05T18:21:45.720

Reputation: 131

It appears that only the owner has permissions set, and the vmail group is the owner of that directory. Does your root account belong to the vmail group? – Ƭᴇcʜιᴇ007 – 2014-12-05T18:42:58.433

[root@mx vmail]# groups root vmail [root@mx vmail]# – Andreas Hinderberger – 2014-12-05T18:45:34.653

root is already member of vmail group, that's what i did as one of first things – Andreas Hinderberger – 2014-12-05T18:46:04.657

backup directory i can access without problems, sieve directory is "locked" too – Andreas Hinderberger – 2014-12-05T18:48:19.143

The reason you can get into the backup folder is because it has read and execute access for "all users" set. If you apply similar read access to the other folders can you get into them then? Also, after you added the Root user to the vmail group did you log out and log back in again? – Ƭᴇcʜιᴇ007 – 2014-12-05T18:52:28.033

yes, i logged out and in again – Andreas Hinderberger – 2014-12-05T18:56:06.827

If you apply read access for everyone to the other folders can you get into them then? – Ƭᴇcʜιᴇ007 – 2014-12-05T19:16:29.947

[root@mx vmail]# chmod -R 755 vmail1 chmod: changing permissions of vmail1': Operation not permitted chmod: cannot read directoryvmail1': Permission denied – Andreas Hinderberger – 2014-12-05T19:18:54.940

try sudo chmod -R 755 vmail1 – Ƭᴇcʜιᴇ007 – 2014-12-05T19:25:37.573

same result, permission denied on command execution – Andreas Hinderberger – 2014-12-05T19:32:15.743

Well I'm outta ideas. Hopefully someone with better Linux knowledge will roll through and recognize the problem.. :) – Ƭᴇcʜιᴇ007 – 2014-12-05T19:33:05.890

No problem. I have this headache since weeks already. Hopefully i will find a solution for it. Thanks for your try – Andreas Hinderberger – 2014-12-05T19:36:19.507

Answers

How is the vmail1 directory mounted? What's the full path to it? What filesystem is it on? For example, if it's a remote NFS-mounted filesystem with root_squash enabled, then having root permissions locally won't help you any.

A couple of other suggestions:

Check that you really are root. Running id should give something like the following.
```
uid=0(root) gid=0(root) groups=0(root)
```
Check that there aren't any ACLs on the directory that might interfere with your access.
```
getfacl vmail1
```
It should display something like the following:
```
# file: vmail1
owner: vmail

group: vmail

user::rwx
group::---
other::---
```

Josh Kelley

Posted 2014-12-05T18:21:45.720

Reputation: 1 337

[root@mx vmail]# id uid=0(root) gid=0(root) groups=0(root),2000(vmail) [root@mx vmail]# getfacl vmail1/

file: vmail1/

owner: vmail

group: vmail

user::rwx group::--- other::---

[root@mx vmail]# – Andreas Hinderberger – 2014-12-05T20:01:43.253

i don't know the settings on the NFS server side. – Andreas Hinderberger – 2014-12-05T20:02:10.063

mount is: 10.1.20.247:/STORAGE/MAIL on /var/vmail type nfs (rw,intr,vers=4,addr=10.1.20.247,clientaddr=10.1.20.248) – Andreas Hinderberger – 2014-12-05T20:03:41.193

1@AndreasHinderberger - Given that it's NFS-mounted and that your root permissions aren't working, I'm certain that it's the result of the server setting root_squash. I believe your options are (1) get the server to have less restrictive permissions (like mode 0750 instead of 0700), (2) remove root_squash, and/or (3) look into NFSv4's more advanced security options (which I have no experience with). – Josh Kelley – 2014-12-05T20:20:18.233

looks like that its root_squash on nfs server side. i was able to bypass it enabling shell for vmail user and then su vmail to get into the directory. – Andreas Hinderberger – 2014-12-05T20:23:58.443

It seems to be a problem with the NFS server configuration. Following steps solved the problem:

chsh -s /bin/bash vmail
su vmail
chmod -R 755 vmail

Andreas Hinderberger

Posted 2014-12-05T18:21:45.720

Reputation: 131

Glad to hear it's working. For future reference, as root, you can do su vmail -s /bin/bash to override vmail's shell, instead of permanently changing vmail's shell with chsh. – Josh Kelley – 2014-12-05T20:37:35.100

Permission denied error when accessing email folder even when logged in as root

Answers

owner: vmail

group: vmail

file: vmail1/

owner: vmail

group: vmail