From owner-freebsd-questions@FreeBSD.ORG  Tue Apr 15 19:21:53 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 087B21065677
	for <questions@FreeBSD.org>; Tue, 15 Apr 2008 19:21:53 +0000 (UTC)
	(envelope-from mi+mill@aldan.algebra.com)
Received: from mail1.sea5.speakeasy.net (mail1.sea5.speakeasy.net
	[69.17.117.3]) by mx1.freebsd.org (Postfix) with ESMTP id DCB728FC0C
	for <questions@FreeBSD.org>; Tue, 15 Apr 2008 19:21:52 +0000 (UTC)
	(envelope-from mi+mill@aldan.algebra.com)
Received: (qmail 18349 invoked from network); 15 Apr 2008 18:55:12 -0000
Received: from aldan.algebra.com ([216.254.65.224])
	(envelope-sender <mi+mill@aldan.algebra.com>)
	by mail1.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP
	for <questions@FreeBSD.org>; 15 Apr 2008 18:55:12 -0000
From: Mikhail Teterin <mi+mill@aldan.algebra.com>
To: questions@freebsd.org
Date: Tue, 15 Apr 2008 14:55:01 -0400
User-Agent: KMail/1.7.1
Organization: Virtual Estates, Inc.
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200804151455.01270.mi+mill@aldan.algebra.com>
Cc: robin@isometry.net
Subject: strange file-permission problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Apr 2008 19:21:53 -0000

Hello!

I've encountered a problem, which went ahead most of the things I know about 
Unix file permissions:

 dovecot@bonkers:run/dovecot/login (10) ls -l ssl-parameters.dat
 -rw-r-----  2 root  dovecot  230 Apr 13 00:33 ssl-parameters.dat
 dovecot@bonkers:run/dovecot/login (11) groups
 dovecot
 dovecot@bonkers:run/dovecot/login (12) id
 uid=143(dovecot) gid=9005(dovecot) groups=9005(dovecot)
 dovecot@bonkers:run/dovecot/login (13) cat ssl-parameters.dat > /dev/null
 cat: ssl-parameters.dat: Permission denied
 dovecot@bonkers:run/dovecot/login (14) ls -ld
 drwxr-x---  2 root  dovecot  512 Apr 15 14:44 .

I had to set the mode of ssl-parameters.dat to 644 to allow dovecot-users to 
login, but it should not be needed -- the file should be readable by members 
of the group "dovecot" (such as user "dovecot").

And yet, when the user dovecot tried to open it, it got EPERM.

Could somebody, please, explain? Thanks!

 -mi