IMAP Folder Permissions

Discuss general troubleshooting concerns.

Moderators: scrumpy, Dave, leihog

IMAP Folder Permissions

Postby omnipolar on Tue May 08, 2007 9:08 am

I've recently installed EnGarde 3.0.13 and am trying to get e-mail up and running. SMTP is working fine and shuttles messages back and forth to the outside world. I'm trying to hook up my IMAP client (Thunderbird 1.5.0.10 on Windows XP) to the IMAP server. I make the connection and can receive and send e-mail through the server. However, Thunderbird wants to save a copy in the "Sent" folder, but it can't do it. I'm assuming it is a permissions problem, and noticed something odd. When I SSH into the box with my user id and do a "ls -als", I get:

total 40
8 drwxr-xr-x 2 david users 4096 Apr 22 00:20 .
8 drwxr-xr-x 7 root root 4096 Apr 18 00:01 ..
8 -rw------- 1 david users 97 May 8 07:15 .bash_history
8 -r--r--r-- 1 david users 244 Apr 18 00:01 .bash_profile
8 -r--r--r-- 1 david users 124 Apr 18 00:01 .bashrc
? ?--------- ? ? ? ? ? .mailboxlist
? ?--------- ? ? ? ? ? Drafts
? ?--------- ? ? ? ? ? Sent

with the last three entries flashing red.

However, when I log in as root and "ls" that directory, I get:

8 drwxr-xr-x 2 david users 4096 Apr 22 00:20 .
8 drwxr-xr-x 7 root root 4096 Apr 18 00:01 ..
8 -rw------- 1 david users 113 May 8 09:07 .bash_history
8 -r--r--r-- 1 david users 244 Apr 18 00:01 .bash_profile
8 -r--r--r-- 1 david users 124 Apr 18 00:01 .bashrc
8 -rw-r--r-- 1 david users 12 Apr 22 00:19 .mailboxlist
8 -rw------- 1 david users 1314 Apr 22 00:20 Drafts
8 -rw------- 1 david users 2672 Apr 22 00:20 Sent


Does anyone have any insight on how I can get this to work? Even when I set the permissions on the Sent folder to 666, it still didn't work.

Thanks,
David
omnipolar
 
Posts: 5
Joined: Tue May 08, 2007 8:18 am

Re: IMAP Folder Permissions

Postby ryan on Tue May 08, 2007 9:55 am

omnipolar wrote:Does anyone have any insight on how I can get this to work? Even when I set the permissions on the Sent folder to 666, it still didn't work.

That's odd -- what happens if you do an SELinux Relabel?

Also, if that doesn't fix it, can you please see if there are any policy violations by following the instructions on http://wiki.engardelinux.org/index.php/ ... ng_SELinux?

Thanks,
-r
ryan
Site Admin
 
Posts: 246
Joined: Wed Jun 14, 2006 9:15 am
Location: Allendale, NJ

RE: IMAP Folder Permissions

Postby omnipolar on Tue May 08, 2007 10:32 am

Relabeling the file system cleared up the unusual permissions display, however Thunderbird is still not able to put sent messages into the Sent folder.

Running the Audit Monitor reveals:

allow simap_t net_conf_t: file read;
allow simap_t security_t:dir search;
allow simap_t user_home_dir_t: dir getattr;
allow simap_t user_home_t:dir {getattr read};
allow simap_t user_home_t: file read;


and then nothing else. Thunderbird gets stuck on trying to save the message to the Sent folder indefinitely.

P.S. Is there a way to cut&paste the output of the audit monitor? I had to hand-type the output...
omnipolar
 
Posts: 5
Joined: Tue May 08, 2007 8:18 am

Re: RE: IMAP Folder Permissions

Postby ryan on Tue May 08, 2007 10:34 am

omnipolar wrote:Thunderbird gets stuck on trying to save the message to the Sent folder indefinitely.

What happens if you try to use Thunderbird with the machine in permissive mode? Do you have the same problem?

If that works, please copy/paste the audit monitor output of that.

omnipolar wrote:P.S. Is there a way to cut&paste the output of the audit monitor? I had to hand-type the output...

On that page it tells you how to use audit2allow (as sysadm_r), you can copy-and-paste that. Just make sure you do a dmesg -c (or clear the ring buffer) before you start!

-r
ryan
Site Admin
 
Posts: 246
Joined: Wed Jun 14, 2006 9:15 am
Location: Allendale, NJ

RE: IMAP Folder Permissions

Postby omnipolar on Tue May 08, 2007 11:36 pm

With the system in permissive mode, things seem to be working fine. This is the output of Audit Monitor:

allow simap_t net_conf_t: file {getattr read};
allow simap_t security_t: dir search;
allow simap_t secuirty_t: file read;
allow simap_t user_home_t:dir {add_name remove_name write};
allow simap_t user_home_t:file {append create getattr link lock read setattr unlink write};



So, besides the obvious answer of leaving the system in Permissive mode, does this give insight as to what is not right?

Thanks,
David
omnipolar
 
Posts: 5
Joined: Tue May 08, 2007 8:18 am

Re: RE: IMAP Folder Permissions

Postby ryan on Wed May 09, 2007 2:59 pm

omnipolar,

omnipolar wrote:So, besides the obvious answer of leaving the system in Permissive mode, does this give insight as to what is not right?

Yes -- it's an selinux policy problem. Please open a bug at bugs.engardelinux.org and we'll address this issue in the next update.

Cheers,
Ryan
ryan
Site Admin
 
Posts: 246
Joined: Wed Jun 14, 2006 9:15 am
Location: Allendale, NJ


Return to General Troubleshooting

Who is online

Users browsing this forum: No registered users and 1 guest

cron