# HG changeset patch # User Pascal Volk # Date 1340832996 0 # Node ID 55148bc6348ef21432a2124c0554072523760edd # Parent b17a9d7a59aedea37f219d30fc54ccfb5e5ca3ce INSTALL: Added description how to create additional dove* user/group. `doveauth' user and group for the authentication process and the group `dovemail' for mail related Dovecot processes. diff -r b17a9d7a59ae -r 55148bc6348e Configure.Dovecot_2 --- a/Configure.Dovecot_2 Wed Jun 27 20:20:00 2012 +0000 +++ b/Configure.Dovecot_2 Wed Jun 27 21:36:36 2012 +0000 @@ -41,6 +41,7 @@ ### first_valid_gid = 70000 first_valid_uid = 70000 +mail_access_groups = dovemail mail_location = maildir:~/Maildir # uncomment if you want to use the quota plugin @@ -66,7 +67,7 @@ } service auth { - user = nobody + user = doveauth unix_listener auth-userdb { } unix_listener /var/spool/postfix/private/dovecot-auth { @@ -78,17 +79,17 @@ service auth-worker { unix_listener auth-worker { - user = nobody + user = doveauth group = $default_internal_user mode = 0660 } - user = nobody + user = doveauth } service dict { unix_listener dict { - # we need mode 0666, because we have a GID/domain and a UID/user - mode = 0666 + group = dovemail + mode = 0660 } } diff -r b17a9d7a59ae -r 55148bc6348e INSTALL --- a/INSTALL Wed Jun 27 20:20:00 2012 +0000 +++ b/INSTALL Wed Jun 27 21:36:36 2012 +0000 @@ -23,6 +23,22 @@ [3] PyCrypto: (Debian: python-crypto) +Create additionally a user and groups for improved security + We will create the system user `doveauth'. This user is used in the + authentication process. On a Debian GNU/Linux System use this command: + + adduser --system --home /nonexistent --no-create-home --group \ + --disabled-login --gecos "Dovecot IMAP/POP3 authentication user" \ + doveauth + + This will create the doveauth user and group. + For Dovecot >= 2.0 we create also the group `dovemail'. Dovecot will assign + this group to all Dovecot processes. + On a Debian GNU/Linux bases system run: + + addgroup --system dovemail + + Configuring PostgreSQL (for more details see: http://vmm.localdomain.org/PreparingPostgreSQL) @@ -96,7 +112,7 @@ userdb sql { args = /etc/dovecot/dovecot-sql.conf } - user = nobody + user = doveauth socket listen { master { path = /var/run/dovecot/auth-master