I am busy migrating. I am moving from macOS+MacPorts to Ubuntu+Docker
On the old system, I have this in the dovecot config:
mail_uid = _dovecot
mail_gid = mail
mail_privileged_group = mail
mail_access_groups = mail
This seems weird to me, I think the dovecot user should be in group dovecot only if I understand the docs. On the old system dovecot, postfix, dovenull and rspamd are all members of the mail group.
Anyway. On that system, the cram md5 passwd database (file) has these permissions:
drwxr-xr-x 3 root wheel 96 Feb 2 2021 .
drwxr-xr-x 22 root admin 704 Jan 4 15:17 ..
-rw-r----- 1 root mail 1234 Feb 2 2021 cram-md5.pwd
and that has worked like that for many years, basically starting with Mac OS X Server, surviving all kinds of macOS migrations.
On my new Ubuntu system (container based on ubuntu:jammy) I've copied this setup over:
drwxr-xr-x 2 root root 4096 Jan 4 09:49 .
drwxr-xr-x 7 root root 4096 Jan 4 15:21 ..
-rw-r----- 1 root mail 1234 Feb 2 2021 cram-md5.pwd
mail_uid = dovecot
mail_gid = mail
mail_privileged_group = mail
mail_access_groups = mail
But:
Jan 04 15:40:08 auth: Error: passwd-file /etc/dovecot/etc/cram-md5.pwd:open(/etc/dovecot/etc/cram-md5.pwd) failed: Permission denied (euid=91(dovecot) egid=91(dovecot) missing +r perm: /etc/dovecot/etc/cram-md5.pwd, we're not in group 8(mail), dir owned by 0:0 mode=0755)
And really, dovecot is in group mail. From /etc/group in the container:
mail:x:8:postfix,dovecot
dovenull:x:90:
dovecot:x:91:
And from /etc/passwd in the container:
dovenull:x:90:90::/home/dovenull:/usr/sbin/nologin
dovecot:x:91:91::/home/dovecot:/usr/sbin/nologin
So, that I get this error baffles me. And I'm now officially stuck.
What should I do?
