From 3aacabd5c1d9bc7d403b5a49f5587493c3d5e9b0 Mon Sep 17 00:00:00 2001
From: CyberMind-FR <gandalf@Gk2.net>
Date: Tue, 17 Feb 2026 07:26:46 +0100
Subject: [PATCH] fix(mailserver): Fix dovecot users file permissions after
 add-user

Ensure /etc/dovecot/users has 644 permissions and root:dovecot ownership
after adding a user. Without this, dovecot cannot read the passwd-file
and authentication fails with "Permission denied".

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../secubox-app-mailserver/files/usr/sbin/mailserverctl        | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/package/secubox/secubox-app-mailserver/files/usr/sbin/mailserverctl b/package/secubox/secubox-app-mailserver/files/usr/sbin/mailserverctl
index b0a51310..2dffdde9 100644
--- a/package/secubox/secubox-app-mailserver/files/usr/sbin/mailserverctl
+++ b/package/secubox/secubox-app-mailserver/files/usr/sbin/mailserverctl
@@ -384,6 +384,9 @@ cmd_add_user() {
 	if lxc_running; then
 		local pass_hash=$(lxc-attach -n "$CONTAINER" -- doveadm pw -s SHA512-CRYPT -p "$password")
 		echo "${email}:${pass_hash}:102:105::/var/mail/${domain}/${user}::" >> "$rootfs/etc/dovecot/users"
+		# Fix permissions (dovecot needs read access)
+		chmod 644 "$rootfs/etc/dovecot/users"
+		chown root:102 "$rootfs/etc/dovecot/users"
 	else
 		error "Container not running. Start it first."
 		return 1