Fatal: Running as root isn't permitted

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Fatal: Running as root isn't permitted

Juan Asensio Sánchez
Hi

I am running Dovecot 1.1RC4, built from the source packages at the
debian repositories (http://xi.rename-it.nl/debian/). When a message
is delivered through the LDA, i get this error:

deliver(******@*****): May 02 14:43:28 Fatal: Running as root isn't permitted

These are my config files:

master.cf:

=======================================
# Dovecot
dovecot unix - n n - - pipe
   flags=DRhu user=dovecot:mail argv=/usr/lib/dovecot/deliver -d $recipient
=======================================

dovecot.conf

=======================================
protocols = imap pop3
listen = 0.0.0.0
login_greeting = Servidor de correo para preparado.
disable_plaintext_auth = no
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
mail_uid = mailuser
mail_gid = mailgroup

# IMAP configuration
protocol imap {
    mail_plugins = quota imap_quota
}

# POP3 configuration
protocol pop3 {
    pop3_uidl_format = %08Xu%08Xv
    mail_plugins = quota
}

# LDA configuration
protocol lda {
    log_path = /var/log/dovecot-lda.log
    postmaster_address = postmaster
    auth_socket_path = /var/run/dovecot/auth-master
    mail_plugins = quota cmusieve
    global_script_path = /home/vmail/globalsievesrc
}


# LDAP authentication

auth default {

    mechanisms = plain login

    passdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
    }

    userdb ldap {
        args = /etc/dovecot/dovecot-ldap.conf
    }
    socket listen {
        master {
            path = /var/run/dovecot/auth-master
            mode = 0660
            user = dovecot
            group = mail
        }

        client {
            path = /var/spool/postfix/private/auth
            mode = 0660
            user = postfix
            group = postfix
        }
    }
}
=======================================

dovecot-ldap.conf

=======================================
hosts = 127.0.0.1
auth_bind = yes
ldap_version = 3
base = dc=*******,dc=local
scope = subtree
user_attrs = =home=/var/vmail/%d/%n,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
default_pass_scheme = CRYPT
=======================================

The folder /var/vmail has these permissions:

pdc-server:~# ls -la /var/vmail/
total 16
drwxrwx---  3 mailuser mailgroup 4096 2008-05-02 14:34 .
drwxr-xr-x 16 root     root      4096 2008-05-02 14:14 ..

Any idea? Thanks in advance.
Reply | Threaded
Open this post in threaded view
|

Re: Fatal: Running as root isn't permitted

Juan Asensio Sánchez
Well

I solved it. Altough "mail_uid = mailuser" is defined in dovecot.conf,
i must also return an "uid" from the ldap query. Changing:

user_attrs = =home=/var/vmail/%d/%n,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir

To:

user_attrs = =home=/var/vmail/%d/%n,=uid=mailuser,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
u

solved the problem. Hope this could be helpful for someone.

2008/5/2 Juan Asensio Sánchez <[hidden email]>:

> Hi
>
>  I am running Dovecot 1.1RC4, built from the source packages at the
>  debian repositories (http://xi.rename-it.nl/debian/). When a message
>  is delivered through the LDA, i get this error:
>
>  deliver(******@*****): May 02 14:43:28 Fatal: Running as root isn't permitted
>
>  These are my config files:
>
>  master.cf:
>
>  =======================================
>  # Dovecot
>  dovecot unix - n n - - pipe
>    flags=DRhu user=dovecot:mail argv=/usr/lib/dovecot/deliver -d $recipient
>  =======================================
>
>  dovecot.conf
>
>  =======================================
>  protocols = imap pop3
>  listen = 0.0.0.0
>  login_greeting = Servidor de correo para preparado.
>  disable_plaintext_auth = no
>  log_path = /var/log/dovecot.log
>  info_log_path = /var/log/dovecot-info.log
>  mail_uid = mailuser
>  mail_gid = mailgroup
>
>  # IMAP configuration
>  protocol imap {
>     mail_plugins = quota imap_quota
>  }
>
>  # POP3 configuration
>  protocol pop3 {
>     pop3_uidl_format = %08Xu%08Xv
>     mail_plugins = quota
>  }
>
>  # LDA configuration
>  protocol lda {
>     log_path = /var/log/dovecot-lda.log
>     postmaster_address = postmaster
>     auth_socket_path = /var/run/dovecot/auth-master
>     mail_plugins = quota cmusieve
>     global_script_path = /home/vmail/globalsievesrc
>  }
>
>
>  # LDAP authentication
>
>  auth default {
>
>     mechanisms = plain login
>
>     passdb ldap {
>         args = /etc/dovecot/dovecot-ldap.conf
>     }
>
>     userdb ldap {
>         args = /etc/dovecot/dovecot-ldap.conf
>     }
>     socket listen {
>         master {
>             path = /var/run/dovecot/auth-master
>             mode = 0660
>             user = dovecot
>             group = mail
>         }
>
>         client {
>             path = /var/spool/postfix/private/auth
>             mode = 0660
>             user = postfix
>             group = postfix
>         }
>     }
>  }
>  =======================================
>
>  dovecot-ldap.conf
>
>  =======================================
>  hosts = 127.0.0.1
>  auth_bind = yes
>  ldap_version = 3
>  base = dc=*******,dc=local
>  scope = subtree
>  user_attrs = =home=/var/vmail/%d/%n,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
>  user_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>  pass_attrs = mail=user,userPassword=password
>  pass_filter = (&(objectClass=mailAccount)(mail=%u)(mailenable=OK))
>  default_pass_scheme = CRYPT
>  =======================================
>
>  The folder /var/vmail has these permissions:
>
>  pdc-server:~# ls -la /var/vmail/
>  total 16
>  drwxrwx---  3 mailuser mailgroup 4096 2008-05-02 14:34 .
>  drwxr-xr-x 16 root     root      4096 2008-05-02 14:14 ..
>
>  Any idea? Thanks in advance.
>
Reply | Threaded
Open this post in threaded view
|

Re: Fatal: Running as root isn't permitted

Timo Sirainen
On Sat, 2008-05-03 at 23:13 +0200, Juan Asensio Sánchez wrote:

> Well
>
> I solved it. Altough "mail_uid = mailuser" is defined in dovecot.conf,
> i must also return an "uid" from the ldap query. Changing:
>
> user_attrs = =home=/var/vmail/%d/%n,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
>
> To:
>
> user_attrs = =home=/var/vmail/%d/%n,=uid=mailuser,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
> u
>
> solved the problem. Hope this could be helpful for someone.
It was a bug, fixed: http://hg.dovecot.org/dovecot-1.1/rev/1b15881ed93b


signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Fatal: Running as root isn't permitted

Juan Asensio Sánchez
Hi

When i try to compile 1.1rc4-0~auto+22 from source packages for
Debian, under Debian Etch 4.0r3, i get this error:

-------------------------

i486-linux-gnu-gcc -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes
-Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2
-Wbad-function-cast -Wstrict-aliasing=2 -o dovecot-auth auth.o
auth-cache.o auth-client-connection.o auth-master-connection.o
auth-master-listener.o auth-request.o auth-request-handler.o
auth-stream.o auth-worker-client.o auth-worker-server.o db-sql.o
db-passwd-file.o main.o mech.o mech-anonymous.o mech-plain.o
mech-login.o mech-cram-md5.o mech-digest-md5.o mech-ntlm.o mech-otp.o
mech-skey.o mech-rpa.o mech-apop.o mech-winbind.o otp-skey-common.o
plain-common.o passdb.o passdb-blocking.o passdb-bsdauth.o
passdb-cache.o passdb-checkpassword.o passdb-passwd.o
passdb-passwd-file.o passdb-pam.o passdb-shadow.o passdb-sia.o
passdb-vpopmail.o passdb-sql.o userdb.o userdb-blocking.o userdb-nss.o
userdb-passwd.o userdb-passwd-file.o userdb-prefetch.o userdb-static.o
userdb-vpopmail.o userdb-sql.o mech-gssapi.o db-ldap.o passdb-ldap.o
userdb-ldap.o -Wl,--export-dynamic  libpassword.a
../lib-settings/libsettings.a ../lib-ntlm/libntlm.a
../lib-otp/libotp.a ../lib-sql/libsql.a ../lib/liblib.a -lcrypt -lpam
-L/usr/lib -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -lkrb5support
-lresolv -lldap /usr/lib/libmysqlclient.so -lm -lpq
/usr/lib/libsqlite3.so -lz -ldl
mech-gssapi.o: In function `gssapi_krb5_userok':
/root/tmp/dovecot-1.1.rc4/src/auth/mech-gssapi.c:325: undefined
reference to `krb5_get_error_message'
collect2: ld returned 1 exit status
make[4]: *** [dovecot-auth] Error 1
make[4]: se sale del directorio `/root/tmp/dovecot-1.1.rc4/src/auth'
make[3]: *** [all-recursive] Error 1
make[3]: se sale del directorio `/root/tmp/dovecot-1.1.rc4/src'
make[2]: *** [all-recursive] Error 1
make[2]: se sale del directorio `/root/tmp/dovecot-1.1.rc4'
make[1]: *** [all] Error 2
make[1]: se sale del directorio `/root/tmp/dovecot-1.1.rc4'
make: *** [build-stamp] Error 2

-------------------------

I have followed these steps:

[[Included deb-src http://xi.rename-it.nl/debian/ testing-auto main in
sources.list]]
# apt-get install fakeroot dpkg-dev build-essential
# apt-get source dovecot
# cd dovecot-1.1.rc4
# apt-get build-dep dovecot
# dpkg-buildpackage -rfakeroot -b

So with the previous version, i had compiled packages in parent folder.

I don't know much about compiling, so too many questions. How can i
solve this error?

NB: Could you add in the source packages of this repository the
plugins por antispam and autocreate? Thanks.

2008/5/4 Timo Sirainen <[hidden email]>:

> On Sat, 2008-05-03 at 23:13 +0200, Juan Asensio Sánchez wrote:
>  > Well
>  >
>  > I solved it. Altough "mail_uid = mailuser" is defined in dovecot.conf,
>  > i must also return an "uid" from the ldap query. Changing:
>  >
>  > user_attrs = =home=/var/vmail/%d/%n,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
>  >
>  > To:
>  >
>  > user_attrs = =home=/var/vmail/%d/%n,=uid=mailuser,mailuserquota=quota=maildir:storage,=mail=maildir:/var/vmail/%d/%n/Maildir
>  > u
>  >
>  > solved the problem. Hope this could be helpful for someone.
>
>  It was a bug, fixed: http://hg.dovecot.org/dovecot-1.1/rev/1b15881ed93b
>
>
Reply | Threaded
Open this post in threaded view
|

Re: Fatal: Running as root isn't permitted

Timo Sirainen
On Sun, 2008-05-04 at 15:19 +0200, Juan Asensio Sánchez wrote:
> mech-gssapi.o: In function `gssapi_krb5_userok':
> /root/tmp/dovecot-1.1.rc4/src/auth/mech-gssapi.c:325: undefined
> reference to `krb5_get_error_message'

This fixes it: http://hg.dovecot.org/dovecot-1.1/rev/ad0f32abda6d


signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Fatal: Running as root isn't permitted

Juan Asensio Sánchez
Hi!

 It compiles perfect now and works fine without returning the uid in
 the ldap query. What about the inclusion of the antispam and
 autocreate plugins in the (source) debian package?

 Thank you very much.


 2008/5/4 Timo Sirainen <[hidden email]>:


> On Sun, 2008-05-04 at 15:19 +0200, Juan Asensio Sánchez wrote:
 >  > mech-gssapi.o: In function `gssapi_krb5_userok':
 >  > /root/tmp/dovecot-1.1.rc4/src/auth/mech-gssapi.c:325: undefined
 >  > reference to `krb5_get_error_message'
 >
 >  This fixes it: http://hg.dovecot.org/dovecot-1.1/rev/ad0f32abda6d
 >
 >