Maildir wrong permissions after upgrade to last version p3 - Multi Server Setup

Discussion in 'Installation/Configuration' started by filipealvarez, Aug 27, 2014.

  1. filipealvarez

    filipealvarez New Member

    Friends, since I upgraded to the latest version of ispconfig (p3) the mailboxes are creating with wrong permissions in the '.' folders, look:

    -rwxr--r-- 1 vmail vmail 0 Ago 27 16:09 courierimapsubscribed
    drwx------ 2 vmail vmail 4096 Ago 27 16:09 cur
    drwx------ 5 root root 4096 Ago 27 16:09 .Drafts
    -rw-rw---- 1 vmail vmail 5 Ago 27 16:09 ispconfig_mailsize
    drwx------ 5 root root 4096 Ago 27 16:09 .Junk
    -rw-r--r-- 1 vmail vmail 61 Ago 27 16:09 maildirsize
    drwx------ 2 vmail vmail 4096 Ago 27 16:09 new
    drwx------ 5 root root 4096 Ago 27 16:09 .Sent
    drwx------ 2 vmail vmail 4096 Ago 27 16:09 tmp
    drwx------ 5 root root 4096 Ago 27 16:09 .Trash

    The correct is all of these dirs is 'vmail:vmail' permission.

    If I set the permission manually with chown everything works fine.


    What can I do to fix this without hack ISPCONFIG code?

    drwxr-xr-x 4766 vmail vmail 262144 Ago 27 16:09 vmail


    Any suggests are apreciated.

    Thanks

    Filipe
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

  3. filipealvarez

    filipealvarez New Member

    /var/vmail is a phisycal dir.

    Where is the symlink?
     
  4. filipealvarez

    filipealvarez New Member

    Nothing changed, just upgrade the version of the webserver and mailserver (multi server setup)

    Now I'm getting this incorrect permission when I create a new mailbox.

    Curious that just in the '.Spam.. .Junk'.. and not in the new tmp and courier files.

    What you recommend Till?

    Thanks
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Create a new mailbox while debugging is active:

    http://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/

    and post the output so we can see whats wrong with your setup. I just created a new maildir here in 3.0.5.4p3 on my test server and all permissions are fine:

    drwx------ 3 vmail vmail 4096 Aug 27 07:38 .
    drwx------ 5 vmail vmail 4096 Aug 27 07:38 ..
    drwx------ 9 vmail vmail 4096 Aug 27 07:38 Maildir
    -rw------- 1 vmail vmail 46 Aug 27 07:38 .quotausage
    -rw-r--r-- 1 vmail vmail 78 Aug 27 07:38 .sieve
    -rw-r--r-- 1 vmail vmail 181 Aug 27 07:38 .sieve.svbin
    [email protected]:/var/vmail/ispconfig.de/testmd# cd Maildir/
    [email protected]:/var/vmail/ispconfig.de/testmd/Maildir# ls -la
    total 68
    drwx------ 9 vmail vmail 4096 Aug 27 07:38 .
    drwx------ 3 vmail vmail 4096 Aug 27 07:38 ..
    drwx------ 2 vmail vmail 4096 Aug 27 07:38 cur
    -rw------- 1 vmail vmail 16384 Aug 27 07:38 dovecot.index.cache
    -rw------- 1 vmail vmail 500 Aug 27 07:38 dovecot.index.log
    -rw------- 1 vmail vmail 113 Aug 27 07:38 dovecot-uidlist
    -rw------- 1 vmail vmail 8 Aug 27 07:38 dovecot-uidvalidity
    -r--r--r-- 1 vmail vmail 0 Aug 27 07:38 dovecot-uidvalidity.53fd6ebe
    drwx------ 5 vmail vmail 4096 Aug 27 07:38 .Drafts
    drwx------ 5 vmail vmail 4096 Aug 27 07:38 .Junk
    drwx------ 2 vmail vmail 4096 Aug 27 07:38 new
    drwx------ 5 vmail vmail 4096 Aug 27 07:38 .Sent
    -rwxr--r-- 1 vmail vmail 23 Aug 27 07:38 subscriptions
    drwx------ 2 vmail vmail 4096 Aug 27 07:38 tmp
    drwx------ 5 vmail vmail 4096 Aug 27 07:38 .Trash

    so its not a issue in ispconfig. I'am pretty sure that there must be a symlink somewhere in the full maildir path as your symptoms are quite clear about that. But we will see the confirmation in the debug output.
     
  6. filipealvarez

    filipealvarez New Member

    Thanks Till, the ispconfig is considering the full maildir of mailbox as symlink but the real is not, see the output below:

    [email protected]:/var# /usr/local/ispconfig/server/server.sh
    27.08.2014-19:47 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    27.08.2014-19:47 - DEBUG - Found 3 changes, starting update process.
    27.08.2014-19:47 - DEBUG - Replicated from master: REPLACE INTO server (`server_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_name`,`mail_server`,`web_server`,`dns_server`,`file_server`,`db_server`,`vserver_server`,`proxy_server`,`firewall_server`,`config`,`updated`,`mirror_server_id`,`dbversion`,`active`) VALUES ('2','1','1','riud','riud','r','mailserver.mixdinternet.com.br','1','0','1','0','0','0','0','1','[permissions]\nallow_shell_user=no\nadmin_allow_server_config=superadmin\nadmin_allow_server_services=superadmin\nadmin_allow_server_ip=superadmin\nadmin_allow_remote_users=superadmin\nadmin_allow_system_config=superadmin\nadmin_allow_server_php=superadmin\nadmin_allow_langedit=superadmin\nadmin_allow_new_admin=superadmin\nadmin_allow_del_cpuser=superadmin\nadmin_allow_cpuser_group=superadmin\nadmin_allow_firewall_config=superadmin\nadmin_allow_osupdate=superadmin\nadmin_allow_software_packages=superadmin\nadmin_allow_software_repo=superadmin\nremote_api_allowed=no\n\n[systemcheck]\[email protected]\nsecurity_admin_email_subject=Security alert do Compartilhado\nwarn_new_admin=yes\nwarn_passwd_change=no\nwarn_shadow_change=no\nwarn_group_change=no\n\n[global]\nwebserver=apache\nmailserver=postfix\ndnsserver=mydns\n\n[server]\nauto_network_configuration=n\nip_address=177.47.25.160\nnetmask=255.255.255.0\ngateway=192.168.0.1\nfirewall=bastille\nhostname=mailserver.mixdinternet.com.br\nnameservers=192.168.0.1,192.168.0.2\nloglevel=0\nadmin_notify_events=1\nbackup_dir=/var/backup\nbackup_dir_is_mount=n\nbackup_mode=rootgz\nmonit_url=\nmonit_user=\nmonit_password=\nmunin_url=\nmunin_user=\nmunin_password=\nmonitor_system_updates=y\n\n[mail]\nmodule=postfix_mysql\nmaildir_path=/var/vmail/[localpart]@[domain]\nhomedir_path=/var/vmail\npop3_imap_daemon=courier\nmail_filter_syntax=maildrop\nmailuser_uid=5000\nmailuser_gid=5000\nmailuser_name=vmail\nmailuser_group=vmail\nrelayhost=\nrelayhost_user=\nrelayhost_password=\nmailbox_size_limit=0\nmessage_size_limit=0\nmailbox_quota_stats=y\nrealtime_blackhole_list=\noverquota_notify_admin=y\noverquota_notify_client=y\noverquota_notify_freq=7\noverquota_notify_onok=n\n\n[getmail]\ngetmail_config_dir=/etc/getmail\n\n[web]\nserver_type=apache\nwebsite_basedir=/var/www\nwebsite_path=/var/www/clients/client[client_id]/web[website_id]\nwebsite_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/\nwebsite_symlinks_rel=n\nvhost_conf_dir=/etc/apache2/sites-available\nvhost_conf_enabled_dir=/etc/apache2/sites-enabled\nnginx_vhost_conf_dir=/etc/nginx/sites-available\nnginx_vhost_conf_enabled_dir=/etc/nginx/sites-enabled\nsecurity_level=20\nuser=www-data\ngroup=www-data\nnginx_user=www-data\nnginx_group=www-data\napps_vhost_port=8081\napps_vhost_ip=_default_\napps_vhost_servername=\nphp_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin\nhtaccess_allow_override=All\nawstats_conf_dir=/etc/awstats\nawstats_data_dir=/var/lib/awstats\nawstats_pl=/usr/lib/cgi-bin/awstats.pl\nawstats_buildstaticpages_pl=/usr/share/awstats/tools/awstats_buildstaticpages.pl\nphp_ini_path_apache=/etc/php5/apache2/php.ini\nphp_ini_path_cgi=/etc/php5/cgi/php.ini\ncheck_apache_config=y\nenable_sni=y\nenable_ip_wildcard=y\novertraffic_notify_admin=y\novertraffic_notify_client=y\nnginx_cgi_socket=/var/run/fcgiwrap.socket\nphp_fpm_init_script=php5-fpm\nphp_fpm_ini_path=/etc/php5/fpm/php.ini\nphp_fpm_pool_dir=/etc/php5/fpm/pool.d\nphp_fpm_start_port=9010\nphp_fpm_socket_dir=/var/lib/php5-fpm\nset_folder_permissions_on_update=y\nadd_web_users_to_sshusers_group=y\nconnect_userid_to_webid=n\nconnect_userid_to_webid_start=10000\nweb_folder_protection=y\noverquota_notify_admin=y\noverquota_notify_client=y\noverquota_notify_freq=7\noverquota_notify_onok=n\nwebsite_autoalias=\nCA_path=\nCA_pass=\n\n[dns]\nbind_user=root\nbind_group=bind\nbind_zonefiles_dir=/etc/bind\nnamed_conf_path=/etc/bind/named.conf\nnamed_conf_local_path=/etc/bind/named.conf.local\n\n[fastcgi]\nfastcgi_starter_path=/var/www/php-fcgi-scripts/[system_user]/\nfastcgi_starter_script=.php-fcgi-starter\nfastcgi_alias=/php/\nfastcgi_phpini_path=/etc/php5/cgi/\nfastcgi_children=8\nfastcgi_max_requests=5000\nfastcgi_bin=/usr/bin/php-cgi\nfastcgi_config_syntax=1\n\n[jailkit]\njailkit_chroot_home=/home/[username]\njailkit_chroot_app_sections=basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh\njailkit_chroot_app_programs=/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico\njailkit_chroot_cron_programs=/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php\n\n[vlogger]\nconfig_dir=/etc\n\n[cron]\ninit_script=cron\ncrontab_dir=/etc/cron.d\nwget=/usr/bin/wget\n\n[rescue]\ntry_rescue=n\ndo_not_try_rescue_httpd=n\ndo_not_try_rescue_mysql=n\ndo_not_try_rescue_mail=n\n\n','39824','1','78','1')
    27.08.2014-19:47 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    27.08.2014-19:47 - DEBUG - Network configuration disabled in server settings.
    27.08.2014-19:47 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    27.08.2014-19:47 - DEBUG - Processed datalog_id 39825
    27.08.2014-19:47 - DEBUG - Replicated from master: REPLACE INTO server (`server_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_name`,`mail_server`,`web_server`,`dns_server`,`file_server`,`db_server`,`vserver_server`,`proxy_server`,`firewall_server`,`config`,`updated`,`mirror_server_id`,`dbversion`,`active`) VALUES ('2','1','1','riud','riud','r','mailserver.mixdinternet.com.br','1','0','1','0','0','0','0','1','[permissions]\nallow_shell_user=no\nadmin_allow_server_config=superadmin\nadmin_allow_server_services=superadmin\nadmin_allow_server_ip=superadmin\nadmin_allow_remote_users=superadmin\nadmin_allow_system_config=superadmin\nadmin_allow_server_php=superadmin\nadmin_allow_langedit=superadmin\nadmin_allow_new_admin=superadmin\nadmin_allow_del_cpuser=superadmin\nadmin_allow_cpuser_group=superadmin\nadmin_allow_firewall_config=superadmin\nadmin_allow_osupdate=superadmin\nadmin_allow_software_packages=superadmin\nadmin_allow_software_repo=superadmin\nremote_api_allowed=no\n\n[systemcheck]\[email protected]\nsecurity_admin_email_subject=Security alert do Compartilhado\nwarn_new_admin=yes\nwarn_passwd_change=no\nwarn_shadow_change=no\nwarn_group_change=no\n\n[global]\nwebserver=apache\nmailserver=postfix\ndnsserver=mydns\n\n[server]\nauto_network_configuration=n\nip_address=177.47.25.160\nnetmask=255.255.255.0\ngateway=192.168.0.1\nfirewall=bastille\nhostname=mailserver.mixdinternet.com.br\nnameservers=192.168.0.1,192.168.0.2\nloglevel=0\nadmin_notify_events=1\nbackup_dir=/var/backup\nbackup_dir_is_mount=n\nbackup_mode=rootgz\nmonit_url=\nmonit_user=\nmonit_password=\nmunin_url=\nmunin_user=\nmunin_password=\nmonitor_system_updates=y\n\n[mail]\nmodule=postfix_mysql\nmaildir_path=/var/vmail/[localpart]@[domain]\nhomedir_path=/var/vmail\npop3_imap_daemon=courier\nmail_filter_syntax=maildrop\nmailuser_uid=5000\nmailuser_gid=5000\nmailuser_name=vmail\nmailuser_group=vmail\nrelayhost=\nrelayhost_user=\nrelayhost_password=\nmailbox_size_limit=0\nmessage_size_limit=0\nmailbox_quota_stats=y\nrealtime_blackhole_list=\noverquota_notify_admin=y\noverquota_notify_client=y\noverquota_notify_freq=7\noverquota_notify_onok=n\n\n[getmail]\ngetmail_config_dir=/etc/getmail\n\n[web]\nserver_type=apache\nwebsite_basedir=/var/www\nwebsite_path=/var/www/clients/client[client_id]/web[website_id]\nwebsite_symlinks=/var/www/[website_domain]/:/var/www/clients/client[client_id]/[website_domain]/\nwebsite_symlinks_rel=n\nvhost_conf_dir=/etc/apache2/sites-available\nvhost_conf_enabled_dir=/etc/apache2/sites-enabled\nnginx_vhost_conf_dir=/etc/nginx/sites-available\nnginx_vhost_conf_enabled_dir=/etc/nginx/sites-enabled\nsecurity_level=20\nuser=www-data\ngroup=www-data\nnginx_user=www-data\nnginx_group=www-data\napps_vhost_port=8081\napps_vhost_ip=_default_\napps_vhost_servername=\nphp_open_basedir=[website_path]/web:[website_path]/tmp:/var/www/[website_domain]/web:/srv/www/[website_domain]/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin\nhtaccess_allow_override=All\nawstats_conf_dir=/etc/awstats\nawstats_data_dir=/var/lib/awstats\nawstats_pl=/usr/lib/cgi-bin/awstats.pl\nawstats_buildstaticpages_pl=/usr/share/awstats/tools/awstats_buildstaticpages.pl\nphp_ini_path_apache=/etc/php5/apache2/php.ini\nphp_ini_path_cgi=/etc/php5/cgi/php.ini\ncheck_apache_config=y\nenable_sni=y\nenable_ip_wildcard=y\novertraffic_notify_admin=y\novertraffic_notify_client=y\nnginx_cgi_socket=/var/run/fcgiwrap.socket\nphp_fpm_init_script=php5-fpm\nphp_fpm_ini_path=/etc/php5/fpm/php.ini\nphp_fpm_pool_dir=/etc/php5/fpm/pool.d\nphp_fpm_start_port=9010\nphp_fpm_socket_dir=/var/lib/php5-fpm\nset_folder_permissions_on_update=y\nadd_web_users_to_sshusers_group=y\nconnect_userid_to_webid=n\nconnect_userid_to_webid_start=10000\nweb_folder_protection=y\noverquota_notify_admin=y\noverquota_notify_client=y\noverquota_notify_freq=7\noverquota_notify_onok=n\nwebsite_autoalias=\nCA_path=\nCA_pass=\n\n[dns]\nbind_user=root\nbind_group=bind\nbind_zonefiles_dir=/etc/bind\nnamed_conf_path=/etc/bind/named.conf\nnamed_conf_local_path=/etc/bind/named.conf.local\n\n[fastcgi]\nfastcgi_starter_path=/var/www/php-fcgi-scripts/[system_user]/\nfastcgi_starter_script=.php-fcgi-starter\nfastcgi_alias=/php/\nfastcgi_phpini_path=/etc/php5/cgi/\nfastcgi_children=8\nfastcgi_max_requests=5000\nfastcgi_bin=/usr/bin/php-cgi\nfastcgi_config_syntax=1\n\n[jailkit]\njailkit_chroot_home=/home/[username]\njailkit_chroot_app_sections=basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh\njailkit_chroot_app_programs=/usr/bin/groups /usr/bin/id /usr/bin/dircolors /usr/bin/lesspipe /usr/bin/basename /usr/bin/dirname /usr/bin/nano /usr/bin/pico\njailkit_chroot_cron_programs=/usr/bin/php /usr/bin/perl /usr/share/perl /usr/share/php\n\n[vlogger]\nconfig_dir=/etc\n\n[cron]\ninit_script=cron\ncrontab_dir=/etc/cron.d\nwget=/usr/bin/wget\n\n[rescue]\ntry_rescue=n\ndo_not_try_rescue_httpd=n\ndo_not_try_rescue_mysql=n\ndo_not_try_rescue_mail=n\n\n','39824','1','78','1')
    27.08.2014-19:47 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
    27.08.2014-19:47 - DEBUG - Network configuration disabled in server settings.
    27.08.2014-19:47 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
    27.08.2014-19:47 - DEBUG - Processed datalog_id 39826
    27.08.2014-19:47 - DEBUG - Replicated from master: REPLACE INTO mail_user (`mailuser_id`,`sys_userid`,`sys_groupid`,`sys_perm_user`,`sys_perm_group`,`sys_perm_other`,`server_id`,`email`,`login`,`password`,`name`,`uid`,`gid`,`maildir`,`quota`,`cc`,`homedir`,`autoresponder`,`autoresponder_start_date`,`autoresponder_end_date`,`autoresponder_subject`,`autoresponder_text`,`move_junk`,`custom_mailfilter`,`postfix`,`access`,`disableimap`,`disablepop3`,`disabledeliver`,`disablesmtp`,`disablesieve`,`disablesieve-filter`,`disablelda`,`disablelmtp`,`disabledoveadm`,`last_quota_notification`,`backup_interval`,`backup_copies`) VALUES ('5633','1','2','riud','riud','','2','[email protected]','[email protected]','12341','','5000','5000','[email protected]','3145728','','/var/vmail','n','0000-00-00 00:00:00','0000-00-00 00:00:00','Out of office reply','','n','','y','y','n','n','n','n','n','n','n','n','n','','none','1')
    27.08.2014-19:47 - DEBUG - Calling function 'user_insert' from plugin 'mail_plugin' raised by event 'mail_user_insert'.
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]
    27.08.2014-19:47 - DEBUG - Created Maildir [email protected] with subfolder:
    27.08.2014-19:47 - DEBUG - Set ownership on [email protected]
    27.08.2014-19:47 - DEBUG - Created Maildir: su -c 'maildirmake -q 3145728S [email protected]' vmail
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Sent
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Sent
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/courierimapsubscribed
    27.08.2014-19:47 - DEBUG - Created Maildir [email protected] with subfolder: Sent
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Drafts
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Drafts
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/courierimapsubscribed
    27.08.2014-19:47 - DEBUG - Created Maildir [email protected] with subfolder: Drafts
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Trash
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Trash
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/courierimapsubscribed
    27.08.2014-19:47 - DEBUG - Created Maildir [email protected] with subfolder: Trash
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Junk
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/.Junk
    27.08.2014-19:47 - WARNING - Action aborted, file is a symlink: [email protected]/courierimapsubscribed
    27.08.2014-19:47 - DEBUG - Created Maildir [email protected] with subfolder: Junk
    27.08.2014-19:47 - DEBUG - Set Maildir quota: su -c 'maildirmake -q 3145728S [email protected]' vmail
    27.08.2014-19:47 - DEBUG - Calling function 'update' from plugin 'maildrop_plugin' raised by event 'mail_user_insert'.
    27.08.2014-19:47 - DEBUG - Mailfilter config has been changed
    27.08.2014-19:47 - DEBUG - Processed datalog_id 39827
    27.08.2014-19:47 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
    finished.


    [email protected]:/var# file [email protected]/.Sent
    [email protected]/.Sent: directory

    [email protected]:/var# file [email protected]/
    [email protected]/: directory

    Why this start to happen ?

    Nothing changed in the structure or ispconfig options, the only action was the upgrade.

    Thanks
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig uses stricter checks for paths since version 3.0.5.4 and your path contains a @ which is not used and supported by ispconfig default installations and therefor the system blocks all operations on that path for security reasons. So your issue is nothing related to the current update, this has changed several months ago.

    You can change line 856 in the file /usr/local/ispconfig/server/lib/classes/system.inc.php to:

    Code:
    if(!preg_match('@^/[-a-zA-Z0-9_/.*\@]{1,}[~]?$@', $path)) return false;
    to enable @ in paths on your system.
     
  8. filipealvarez

    filipealvarez New Member

    > You can change line 856 in the file >/usr/local/ispconfig/server/lib/classes/system.inc.php to:

    > Code:
    > if(!preg_match('@^/[-a-zA-Z0-9_/.*\@]{1,}[~]?$@', $path)) return false;

    You are the best!

    This solution fix the problem.

    Before I upgrade to .p3 my ispconfig version was very old, so is why this fix does not affected me before.

    Till, when you come to Brazil, your beer is garanted !

    Thanks again.

    Filipe.
     

Share This Page