Re: Dovecot correct ownership for logs

To: debian-user@lists.debian.org
Subject: Re: Dovecot correct ownership for logs
From: Greg Wooledge <greg@wooledge.org>
Date: Mon, 13 May 2024 16:27:49 -0400
Message-id: <[🔎] ZkJ3xey8dfr5N36I@wooledge.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] CAJdFKOm957kF3FtsOrWu8CZrHSMCGYKN0OMqhMR8o5+TJgttAw@mail.gmail.com>
References: <[🔎] CAJdFKOm957kF3FtsOrWu8CZrHSMCGYKN0OMqhMR8o5+TJgttAw@mail.gmail.com>

On Mon, May 13, 2024 at 10:16:13PM +0200, Richard wrote:
> May 13 20:55:37 mail postfix/local[2824184]: 95BCF1000A9: to=<user@domain.de>,
> > relay=local, delay=3.2, delays=1.9/0.29/0/1.1, dsn=4.3.0, status=deferred
> > (temporary failure. Command output: lda(user): Error:
> > net_connect_unix(/run/dovecot/stats-writer) failed: Permission denied Can't
> > open log file /var/log/dovecot/error.log: Permission denied )
> 
> This is the content of /var/log/dovecot:
> -rw-r--r--  1 dovecot dovecot    0 13. Mai 20:50 debug.log
> -rw-r--r--  1 dovecot dovecot  880 13. Mai 21:21 error.log
> -rw-r--r--  1 dovecot dovecot  40K 13. Mai 21:20 info.log

The first two things that come to mind are AppArmor, and systemd unit
files.

Check to see whether there's an AppArmor profile for this program, or
any lines from AppArmor in dmesg.

If that's not it, look at the systemd unit file(s) that start the
dovecot service(s), if there are any, and see if they're using any of
the directives that restrict the locations the program can access.

Reply to:

Follow-Ups:
- Re: Dovecot correct ownership for logs
  - From: Richard <rrosner5@gmail.com>

References:
- Dovecot correct ownership for logs
  - From: Richard <rrosner5@gmail.com>

Prev by Date: Dovecot correct ownership for logs
Next by Date: Re: Dovecot correct ownership for logs
Previous by thread: Dovecot correct ownership for logs
Next by thread: Re: Dovecot correct ownership for logs
Index(es):
- Date
- Thread