On 3/11/18 2:13 PM, André Rodier wrote:
On 11/03/18 17:56, André Rodier wrote:Hello, I am working on a project to help self hosting emails with Debian. I reached a point I am satisfied, but I have an issue with AppArmor some experts may know how to solve. I have set the rules with Dovecot and AppArmor, and it works very well so far, except when the mail folder is not existing yet. Is there any way to write a permission for AppArmor, that will let dovecot create the maildir folder when it is not exists. This is the error I have, the first time a user tries to access his mail box:Mar 11 17:45:05 homebox kernel: [ 356.357353] audit: type=1400 audit(1520790305.235:176): apparmor="DENIED" operation="mkdir" profile="" name="/home/users/andre/mails/" pid=32645 comm="imap" requested_mask="c" denied_mask="c" fsuid=1001 ouid=1001Obviously, I don't want to add a rule to let dovecot to write in the home directory! Thanks for your help, AndréOK, I am now creating the mail folders before the deployment of Dovecot, for each user. Actually, this make more sense. The only issue is when creating new users. Check out /etc/skel. useradd with the -m option copies that
directory to the created user directory changing permissions and
ownership to the new user. --
...Bob |