looks like all mail users need to have access to /etc/ceph/ceph.client.mail.keyring #258
Labels
Comments
|
This depends on your dovecot configuration I think. Imap/pop3/lmtp/smtp process opens the ceph connection. So the user configured for this processes needs access to the ceph config and keyfiles. |
|
i checked again. We only tested the plugin with virtual users. Currently we are opening the ceph connection as late as possible to save resources. It may be possible to move the open connection forward e.g. to the plugin init function. With some luck this could allow us to read the ceph certificate and configuration with the dovecot user. But this is untried yet. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I have noticed that not the dovecot user, but all user accounts need to have access to the ceph.client.mail.keyring. Thus when I was testing with user test, test needed to have read access to the keyring file.
I am not sure this is a desirable situation. I would prefer that the access to this file is limited to eg the dovecot user.
The text was updated successfully, but these errors were encountered: