Re: Buster => Bullseye: doveadm now requires root privileges
Jesper Dybdal <jd-debian-user@dybdal.dk> wrote:
> Yesterday, I upgraded Buster => Bullseye.
> I have a cron job that cleans up all old mail from the mailbox that I
> use for my mobile phone by running "doveadm expunge" every night.
> That worked fine in Buster, but now it fails:
>> jdmobile@nuser:~$ doveadm expunge mailbox '*' before 25d
>> doveconf: Fatal: Error in configuration file
>> /etc/dovecot/conf.d/10-ssl.conf line 23: ssl_cert: Can't open file
>> /etc/letsencrypt/live/nuser.dybdal.dk/fullchain.pem: Permission denied
> Of course, doveadm cannot access the TLS key when running as a normal
> user. But why should it try to access that key at all when I have just
> asked it to clean up my own files in my own Maildir? Is there a way to
> make it not try to access that key and do its job anyway? Or another
> way to delete old mail?
Solution is to move the contents of /etc/dovecot/conf.d/10-ssl.conf to
another file in /etc/dovecot, like /etc/dovecot/ssl-keys.conf and then
replace conf.d/10-ssl.conf with this:
,----/etc/dovecot/conf.d/10-ssl.conf
| ##
| ## SSL settings
| ##
|
| ssl = no
|
| !include_try /etc/dovecot/ssl-keys.conf
`----
That way it will not fail anymore for processes not having the correct
permissions, like when being invoked by a normal user on the CLI.
S°
--
Sigmentation fault. Core dumped.
Reply to: