getmail error: exec command deliver failed
balli1187 opened this issue · comments
hi,
I set up the container and tried your example config with server and credentials for one of my mail accounts.
As i have problems connecting to dovecot, i ran getmail from container shell.
running the command getmail
without any options returns
Error: default config/data dir "/root/.getmail/" does not exist
spcifiying my test user's dir with getmail --getmaildir=/home/test_user/.getmail
runs into errors.
Seems like connectiong to external mail server works but forwarding messages to dovecot crashes.
command deliver 66 errors exec command deliver failed (refused to invoke external commands as root)
from my google research i understand that getmail (or dovecot?) should not be run as root
due to security reasons.
Logging into the container as my test_user and running getmail
or getmail --getmaildir=/home/test_user/.getmail
returns
Error: default config/data dir "/test_user/.getmail/" does not exist
Additionally i can't check correct volume mapping cause cd /home
returns can't cd to home
.
As root in the container i can go into this directory.
This output Error: default config/data dir "/test_user/.getmail/" does not exist
suggest you missed the /home
part of the path.
The Docker command parameter -v /srv/mail/home:/home
specifies which host/outside directory is mapped into the container as /home
directory. Of course, the user in the container (which is not root) needs access to the directories outside for this to work. So, check the permissions and if uid/gid 1000:1000
has access.
The entrypoint.sh
generates new users based on directories it finds in /home
, but unfortunately does not take into account their existing uid/gid and just assigns new uid/gid numbers, for the first user this is 1000:1000
. You are welcome to submit a PR to take uid/gid into account when creating these users (and maybe even check if they will have access).
okay i understand the workflow.
I managed to make getmail work correctly when setting permissions 1000:1000
to the volume mapped to /home
.
Unfortunately i ran into similar problem when adding more users.
- order of users. As
uid/gid
in the container are just counting up and list of users is in some order i dont't really understand (could be alphabetic?) ids inside and outside do not match. maybe this can solved by reading theuid:gid
from the directorys using$(stat -c '%u' /path/to/folder):$(stat -c '%g' /path/to/folder)
in theentrypoint.sh
- As
/home
also gets permissions of a specific user, i can only run getmail for this user. this means another user cannot execute getmail cause of missing permisons for/home
and the owner of home cannot execute getmail for another user cause of missing permissions for/home/<some_other_user>
. It returnsError: default config/data dir "/home/some_other_user/.getmail/" does not exist
.
I tried to set gid=100
inside and outside the container but it didn't work. Any suggestions.
maybe this can solved by reading the
uid:gid
from the directorys using$(stat -c '%u' /path/to/folder):$(stat -c '%g' /path/to/folder)
in theentrypoint.sh
Yes, exactly. Please clone the repository, make modifications, rebuild the Docker image locally, and when it works submit a PR with your changes.
As /home also gets permissions of a specific user...
The best approach (Docker creates it by default if the directory does not exist) would be for /home
to be owned by root (uid:gid 0:0
) and with world readable flags (chmod 755
), like:
drwxr-xr-x 3 root root 4096 Feb 27 2017 home
With this everything should just work once the entrypoint.sh
script is fixed to respect existing uid:gid
.
It will be my first work with GitHub but I will give it a try. Send you an PR soon.