Dovecot: Operation not permitted

centos6 dovecot

I believe you ran into the same problem as I did:

Multiple UIDs
If you're using more than one UID for users, you're going to have problems running dovecot-lda, as most MTAs won't let you run dovecot-lda as root. Best solution is to use LMTP instead, but if you can't do that, there are two ways to work around this problem:

  1. Make dovecot-lda setuid-root.
  2. Use sudo to wrap the invocation of dovecot-lda.

Source: https://wiki2.dovecot.org/LDA#line-100

This is what I am doing after every update of the dovecot package:

sudo chgrp dovenull /usr/lib/dovecot/deliver
sudo chmod 04750 /usr/lib/dovecot/dovecot-lda
# optional: run postqueue to deliver queued mails immediately
postqueue -f

I'm running Ubuntu though, so you most probably will have to use a different group. I don't have a CentOS installation handy to look it up.


For completeness, similar problems also apply with multiple GIDs (possibly resulting in something like "Fatal: setresgid ...: Operation not permitted"):

If you need multiple uids/gids you'll need to set dovecot-lda setuid root or invoke it through sudo. See LDA#multipleuids for how to do this securely.

source: https://wiki2.dovecot.org/LDA/Postfix

Or use LMTP instead as mentioned in the other answer.

Related

Podman: Method to convert docker-compose files to systemd unit files
Unable to install xdebug - undefined symbol: zend_post_startup_cb
How to view contents of POST requests?
Failure connecting to a CyberArk managed server using MacOS
Proof CPU maximum frequency in VM
Root partition out of space side-effects
Creating TLS certificates providing a CSR with Dehydrated
What additional role should I provision in an Azure resource group so that a contributor can see/accept/fix Azure SQL security recomendations?
firewalld configuration to make EC2 Amazon Linux 2 a NAT
VNC proxy-jump, possibly with ssh
How to save ssh-keyscan result with the port to .ssh/known_hosts
PHP session handler using redis not work