[SOLVED] Permissions for dovecot logging

André Rodier andre at rodier.me
Sat Dec 31 06:56:21 UTC 2022


On 30 December 2022 22:25:09 CET, James Moe <moe.james at sma-inc.us> wrote:
>On 2022-12-27 16:19, James Moe wrote:
>
>>   I changed logging to use a path rather than syslog. Doing so makes it easier
>> to work with fail2ban.
>>   Dovecot fails to start with the error:
>> Can't open log file /data01/var/log/dovecot.log: Permission denied
>> 
>  Yes, it was apparmor. It has been enabled for a couple of months. Dovecot is
>the first app that I've added that has a apparmor profile. After adding the
>necessary entry to the profile, logging proceeded as expected.
>
>In </etc/apparmor.d/usr.sbin.dovecot> I added:
>  owner /data01/var/log/dovecot/* a,
>
>

Hi,

When an application is denied access by AppArmor, you can see the logs in syslog.

Anyway, if that helps, have s look here:

https://github.com/progmaticltd/homebox/tree/main/roles/dovecot/templates/apparmor.d

André.


More information about the dovecot mailing list