User mail owner

Hi, i moved some domains from my admin account to a new user account, but the email ownership is still the old user?

original user (admin)
drwx------ 63 admin admin 4096 Aug 20 15:17 mail

New user (carpcon)
drwx------ 11 carpcon admin 4096 May 10 20:24 mail

As you can see the group is still the original owner, checking other no admin accounts that have not been moved i see two different groups

user chwg
drwx------ 11 ch mail 4096 Aug 17 21:45 mail

user ishampre
drwxr-x— 9 isham isham 299 Feb 25 15:19 mail

so what should it be?

Will a mail rebuild sort this?

thanks

hmm, this seems… weird. the mail folder, so /home/<user>/mail should actually always look like this:

drwxr-x–x 4 root root 4,0K Sep 26 2019 mail

inside that folder you should see your domain-name as folder with 750 as permission, the actual user as owner and mail as group. so all three examples you provided seem wrong/messed up.

explanation: the mail folder itself is owned by root, so the user/client itself can’t accidentically delete it. notice the important last executable flag for world though. otherwise the user and mailserver could not change into it. everything below that folder is owned by the user itself, so he can access it properly and group rights are given to the mail group, aka exim and dovecot etc. so that these service are also able to read and write the files there - otherwise you would not be able to get mails.

how did you move the domains from admin to that new user?
how do the permissions look like if you create a new testuser through the control panel and don’t put anything on it?

a mail rebuild most likely will not sort the permissions for you.

Hi,
i was not clear to exactly what mail folder i am referring too, it is:

ls -la /home/isham/
total 12
drwxr-xr-x+ 11 root root 175 May 3 02:23 .
drwxr-xr-x 10 root root 128 Aug 20 16:32 …
-rw-r–r-- 1 isham isham 220 Apr 18 2019 .bash_logout
-rw-r–r-- 1 isham isham 3526 Apr 18 2019 .bashrc
drwxr-xr-x 2 isham isham 6 May 3 02:23 .cache
drwxr-xr-x 2 isham isham 6 May 3 02:23 .composer
drwxr-xr-x 5 root root 40 May 3 02:23 conf
drwxr-xr-x 2 isham isham 6 May 3 02:23 .config
drwxr-xr-x 2 isham isham 6 May 3 02:23 .local
drwxr-x–x 3 root root 34 May 3 02:23 mail
-rw-r–r-- 1 isham isham 807 Apr 18 2019 .profile
drwxr-xr-x 2 isham isham 6 May 3 02:23 .ssh
drwxrwx–x 2 isham isham 6 Aug 11 06:25 tmp
drwxr-x–x 3 isham isham 34 May 3 02:23 web

ls -la /home/ishampre/mail
total 0
drwxr-x–x 3 root root 34 May 3 02:23 .
drwxr-xr-x+ 11 root root 175 May 3 02:23 …
drwxrwx— 3 ishampre mail 18 May 3 17:30 ishampreschool.co.uk

ls -la /home/isham/mail/ishampre.co.uk/
total 0
drwxrwx— 3 isham mail 18 May 3 17:30 .
drwxr-x–x 3 root root 34 May 3 02:23 …
drwxr-x— 9 isham isham 299 Feb 25 15:19 mail

ls -la /home/testuser/
total 12
drwxr-xr-x+ 11 root root 175 Aug 20 16:32 .
drwxr-xr-x 10 root root 128 Aug 20 16:32 …
-rw-r–r-- 1 testuser testuser 220 Apr 18 2019 .bash_logout
-rw-r–r-- 1 testuser testuser 3526 Apr 18 2019 .bashrc
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 .cache
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 .composer
drwxr-xr-x 5 root root 40 Aug 20 16:32 conf
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 .config
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 .local
drwxr-x–x 2 root root 6 Aug 20 16:32 mail
-rw-r–r-- 1 testuser testuser 807 Apr 18 2019 .profile
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 .ssh
drwx------ 2 testuser testuser 6 Aug 20 16:32 tmp
drwxr-xr-x 2 testuser testuser 6 Aug 20 16:32 web

root@server ~ # ls -la /home/testuser/mail/
total 0
drwxr-x–x 2 root root 6 Aug 20 16:32 .
drwxr-xr-x+ 11 root root 175 Aug 20 16:32 …

But in moved accounts it looks like this:

ls -la /home/carpcon/
drwxr-xr-x+ 11 root root 196 Jul 8 18:12 .
drwxr-xr-x 10 root root 128 Aug 20 16:32 …
-rw-r–r-- 1 root root 23 Jul 8 18:12 .bash_aliases
-rw-r–r-- 1 carpcon carpcon 220 Apr 18 2019 .bash_logout
-rw-r–r-- 1 carpcon carpcon 3526 Apr 18 2019 .bashrc
drwxr-xr-x 2 carpcon carpcon 6 May 17 16:13 .cache
drwxr-xr-x 2 carpcon carpcon 6 May 17 16:13 .composer
drwxr-xr-x 5 root root 40 May 17 16:13 conf
drwxr-xr-x 2 carpcon carpcon 6 May 17 16:13 .config
drwxr-xr-x 2 carpcon carpcon 6 May 17 16:13 .local
drwxr-x–x 11 root root 199 May 23 19:22 mail
-rw-r–r-- 1 carpcon carpcon 807 Apr 18 2019 .profile
drwxr-xr-x 2 carpcon carpcon 6 May 17 16:13 .ssh
drwxrwx–x 2 carpcon carpcon 143360 Aug 20 17:54 tmp
drwxr-x–x 11 carpcon carpcon 199 May 23 19:22 web

root@server ~ # ls -la /home/carpcon/mail/
drwxr-x–x 11 root root 199 May 23 19:22 .
drwxr-xr-x+ 11 root root 196 Jul 8 18:12 …
drwxrwx— 4 carpcon mail 33 May 3 19:00 carpcon.biz
drwxrwx— 3 carpcon mail 18 May 3 19:02 carp.com

root@server ~ # ls -la /home/carpcon/mail/carp.com/
drwxrwx— 3 carpcon mail 18 May 3 19:02 .
drwxr-x–x 11 root root 199 May 23 19:22 …
drwx------ 11 carpcon admin 4096 May 10 20:24 mail

As you can see in last line above the carpsearch.com email is still in the group admin which the user it was moved from?

But looking at the isham user which has not been moved the user and group should be the same, that of the user?

Or am i missing something?

thanks

thanks for clarifying. it should look like on the first user (ishampre), that is correct (and obviously how it got set automatically by default).

for the one you moved over again the question arises: how did you move that?
and yes, the group on that last folder named ‘mail’ is not correct. it might be wrong deeper down as well.

Doing console search shows i did this:

v-change-domain-owner carp.com carpcon

Note other user were restored from vestacp backup, with the exception of ishampre which was created in hestiacp, so these issues may be due to the original vestacp restore?

thanks for clarifying. we will need to check that script then. if it moves the mail files it should of course set the owner/group accordingly. it will take some time though to test that properly.

for better tracking it would be helpful if you could open an issue report over on github - but you probably want to redact your real domain names from your quotes and pastes.

I am assuming the following is ok to rectify this:

chown user:mail -R /home/user/mail/

thanks

chown user:mail -R /home/user/mail/domain.com/

/home/user/mail/ is still the root the owner here

I have submitted case to git.

thanks

as an update, i check the remaining domains in admin account, all of which were imported from vestacp and they email domains have wrong permissions, ranging from

root:root
or
admin:admin

So it is like the import script did not check or messed up permissions and the move script also did not check permissions?

the move script should not need to do so, just change the owner (which it does). the wrong/missing group permission are an issue in the restore script, I just checked and can confirm. see also my github comment.

yes following it on