August 20, 2010

Dovecot 2.0 install

Ran into some minor hurdles in upgrading to Dovecot 2.0. Definitely need to read the docs on upgrading a bit better next time... But after some work, I have it running here.

Found an undocumented configuration option called service(dns_client), this was logged when it was trying to use the user 'dovecot' instead of the OS X user '_dovecot', which I had already listed in my config for some other services. Simple fix here, I took out the lines specifying 'user = _dovecot' for my listed services, and instead used this line at the top of my config file:

default_internal_user = _dovecot

Second issue that I ran into was the default install looks for a user called dovenull. This user didn't yet exist on my system, so I needed to create it (as opposed to defining a different existing user for this function, which I didn't want to do). My concern is that when Dovecot 2 is rolled into OS X, a new dovenull user will be created, or more likely, _dovenull. So, I can create the user now, and have it later overwritten, and who knows what issues might arise, or I create this user with a different name to avoid the whole issue.

Creating unix level users with OS X is a bit more involved than other systems, but once you read up on the dscl command, you can find some quick examples of this. The trickiest part is picking an appropriate UniqueID for the user.

Here's a handy command for listing all of the used UniqueIDs:
sudo dscl . -list /Users UniqueID | awk '{print $2}' | sort

We'll use a similar command to get a list of all Group IDs that are used:
dscl . -readall /Groups | grep PrimaryGroupID | awk '{print $2}' | sort

It seems best to avoid the range 0-99, and the low 200's are slowly filling up for UserIDs. There's nothing from 100-199, and OS X starts creating new users (the ones used by the Finder) at 501. Why 100-199 was left blank, I don't know, and who knows what other 200 range codes might be used in a future OS update. For the Group IDs, 0-100 were full up, again the break from 101-199, starting again with the low 200's, then starting with the 400's. So, throwing caution to the wind, I'll use 301 for my new user and the group associated with it, created with the following commands:

sudo dscl . -create /Users/_dovenull
sudo dscl . -create /Users/_dovenull UniqueID 301
sudo dscl . -create /Users/_dovenull PrimaryGroupID 301
sudo dscl . -create /Users/_dovenull UserShell /usr/bin/false
sudo dscl . -create /Users/_dovenull RealName "Dovenull"
sudo dscl . -create /Users/_dovenull NFSHomeDirectory /var/empty
sudo dscl . -append /Users/_dovenull RecordName _dovenull

sudo dscl . -create /Groups/_dovenull
sudo dscl . -create /Groups/_dovenull PrimaryGroupID 301
sudo dscl . -append /Groups/_dovenull RecordName dovenull

I set the UserShell above so that the user has no shell access, and set NFSHomeDirectory so that there is no home directory.

Once I had the _dovenull user created, I was successfully able to get dovecot running, so far, no issues.

Posted by Jim at August 20, 2010 10:00 PM | TrackBack