This documentation is for Dovecot v1.x, see wiki2 for v2.x documentation.

Rootless Installation

It's possible to make Dovecot run under a single system user without requiring root privileges at any point. This shouldn't be thought of as a security feature, but instead simply as a way for non-admins to run Dovecot in their favorite mail server. It's also useful if you just wish to test Dovecot without messing up your system.

If you think of this as a good way to achieve security, ask yourself which is worse:

a)

b)

Installation

Install somewhere under home directory:

./configure --prefix=$HOME/dovecot
make
make install

Dovecot is then started by running ~/dovecot/sbin/dovecot. The configuration file exists in ~/dovecot/etc/dovecot.conf.

Configuration

The important settings to change for rootless installation are:

Example configuration for user called testuser:

protocols = imap imaps pop3 pop3s
ssl_disable = yes
disable_plaintext_auth = no
pop3_uidl_format = %08Xu%08Xv

login_chroot = no
login_user = testuser

# paths
log_path = /home/testuser/dovecot/error.log
info_log_path = /home/testuser/dovecot/info.log
mail_location = maildir:~/Maildir

# ports
protocol imap {
  listen = *:14300
  ssl_listen = *:14301
}
protocol pop3 {
 listen = *:11000
  ssl_listen = *:11001
}

# authentication
auth default {
  mechanisms = plain
  user = testuser
  passdb passwd-file {
    args = /home/testuser/dovecot/passwd
  }
  userdb passwd {
  }
}

/home/testuser/dovecot/passwd contains the password:

testuser:{PLAIN}testpass

You should now be able to log in as testuser using password testpass.

None: HowTo/Rootless (last edited 2009-03-15 22:35:15 by localhost)