Description

A PR in July 2017 contained a fix for this but was rejected due to other changes proposed:

Fixing permissions problems for /var/mail-state/spool-postfix when ONE_DIR=1:

• spool-postfix/maildrop and spool-postfix/public folders must be owned by group postdrop
• spool-postfix/[dev/etc/lib/pid/usr] permissions were not restrictive enough. They should be owned by the root user and root group.

I have looked at the source destination and the permissions remain the same. This PR carries over the ownership to the ONE_DIR location.

An alternative fix in future might be to use rsync which can copy over the contents with permissions and everything else retained. I'm not super familiar with the ONE_DIR handling myself. I see that it appears to do some cleanup and mostly symlinking (for files?) and moving for directories?

I came across this when looking into postdrop in regards to maildrop while working on this PR.

postdrop:

• Part of the Postfix architecture/project. Interacts with the maildrop queue.
• Lack of permissions can cause processes like cron to try send mail, but postdrop hangs.

Fixes #694 #1029 #1179

Affected a vacation sieve filter in Sep 2018 and a sieve filter redirect in June 2019:

Have setup a simple sieve file:

redirect "[email protected]";
keep;

When testing I do not get the test emails. In the sieve.log for the user being emailed you get "failed to redirect message to [email protected]: Failed to execute sendmail (temporary failure)."

Type of change

• Bug fix (non-breaking change which fixes an issue)

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (README.md or the documentation under docs/)
• If necessary I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes