1.1 --- a/README.txt Sat Jan 31 17:51:16 2015 +0100
1.2 +++ b/README.txt Sat Jan 31 17:54:29 2015 +0100
1.3 @@ -17,23 +17,33 @@
1.4 System User and Filesystem Access
1.5 ---------------------------------
1.6
1.7 +A system group needs to be created for LMTP delivery and for certain users to
1.8 +share resources:
1.9 +
1.10 + addgroup lmtp
1.11 +
1.12 +This group should be employed for LMTP delivery by systems like Cyrus and
1.13 +Dovecot. See the section on configuring mail systems for delivery for more
1.14 +information.
1.15 +
1.16 A system user needs to be created and to belong to certain groups in order to
1.17 deliver messages to mail stores and to publish resources on the Web:
1.18
1.19 useradd -d /var/lib/imip-agent -m -U -G lmtp,www-data -r imip-agent
1.20
1.21 -If the lmtp group does not exist, it should be created and be employed for
1.22 -LMTP delivery to systems like Cyrus and Dovecot.
1.23 +Store details and published resources need to be accessible by the imip-agent
1.24 +and www-data users. Thus, www-data also needs to belong to the lmtp group:
1.25
1.26 -Store details and published resources need to be accessible by the imip-agent
1.27 -and www-data users:
1.28 + adduser www-data lmtp
1.29 +
1.30 +Stored and published data is then initialised as follows:
1.31
1.32 mkdir /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.33 mkdir /var/www/imip-agent/static
1.34 chown imip-agent /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.35 chown imip-agent /var/www/imip-agent/static
1.36 - chgrp www-data /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.37 - chgrp www-data /var/www/imip-agent/static
1.38 + chgrp lmtp /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.39 + chgrp lmtp /var/www/imip-agent/static
1.40 chmod g+ws /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.41 chmod g+ws /var/www/imip-agent/static
1.42
1.43 @@ -46,8 +56,8 @@
1.44 chgrp -R imip-agent /var/lib/imip-agent
1.45 chown -R imip-agent /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.46 chown -R imip-agent /var/www/imip-agent/static
1.47 - chgrp -R www-data /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.48 - chgrp -R www-data /var/www/imip-agent/static
1.49 + chgrp -R lmtp /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.50 + chgrp -R lmtp /var/www/imip-agent/static
1.51 chmod -R g+w /var/lib/imip-agent/store /var/lib/imip-agent/preferences
1.52 chmod -R g+w /var/www/imip-agent/static
1.53
1.54 @@ -173,6 +183,16 @@
1.55 configured to provide a Unix domain socket offering support for LMTP
1.56 connections.
1.57
1.58 +For Cyrus, the following bug report is pertinent:
1.59 +
1.60 +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494746
1.61 +
1.62 +A permanent change in permissions on the Cyrus LMTP socket is therefore
1.63 +required to make delivery available to the lmtp group:
1.64 +
1.65 + dpkg-statoverride --force --update --add \
1.66 + cyrus lmtp 750 /var/run/cyrus/socket
1.67 +
1.68 Prerequisites
1.69 -------------
1.70