Discussed in https://github.com/orgs/docker-mailserver/discussions/3172

^{Originally posted by benniekiss March 11, 2023}
Hello,

I had a working configuration of the mailserver running for sometime, then about a week ago I was no longer able to login and the idle CPU usage increased. I'm running the edge ghcr container through podman.

When I attempt to login, I receive these errors in the logs:

dovecot anvil: Fatal: chroot(/run/dovecot/empty) failed: Operation not permitted
dovecot Error: service(anvil): command startup failed, throttling for 4.000 secs
dovecot auth: Error: read(anvil-auth-penalty) failed: read(size=1024) failed: Connection reset by peer
dovecot: auth: Error: net_connect_unix(anvil-auth-penalty) failed: Permission denied
dovecot: imap-login: Fatal: chroot(/run/dovecot/login) failed: Operation not permitted
dovecot: master: Error: service(imap-login): command startup failed, throttling for 2.000 secs

I haven't been able to figure the issue out myself and was wondering if anyone had advice. The issue continued whether I started the mailserver from scratch or from a backup

While we've dropped running Postfix with chroot in v12, Dovecot still runs in one (so does PostSRSd I think). AFAIK, there is no benefit to us running with chroot in a Docker container and we can drop these.

The errors were found to be due to a recent change in Podman, which dropped the CAP_CHROOT capability for rootless containers.

We can probably squeeze this into v12?