You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have noticed that not the dovecot user, but all user accounts need to have access to the ceph.client.mail.keyring. Thus when I was testing with user test, test needed to have read access to the keyring file.
I am not sure this is a desirable situation. I would prefer that the access to this file is limited to eg the dovecot user.
The text was updated successfully, but these errors were encountered:
This depends on your dovecot configuration I think. Imap/pop3/lmtp/smtp process opens the ceph connection. So the user configured for this processes needs access to the ceph config and keyfiles.
i checked again. We only tested the plugin with virtual users. Currently we are opening the ceph connection as late as possible to save resources. It may be possible to move the open connection forward e.g. to the plugin init function. With some luck this could allow us to read the ceph certificate and configuration with the dovecot user. But this is untried yet.
I have noticed that not the dovecot user, but all user accounts need to have access to the ceph.client.mail.keyring. Thus when I was testing with user test, test needed to have read access to the keyring file.
I am not sure this is a desirable situation. I would prefer that the access to this file is limited to eg the dovecot user.
The text was updated successfully, but these errors were encountered: