[SOLVED] Permissions for dovecot logging
André Rodier
andre at rodier.me
Sat Dec 31 06:56:21 UTC 2022
On 30 December 2022 22:25:09 CET, James Moe <moe.james at sma-inc.us> wrote:
>On 2022-12-27 16:19, James Moe wrote:
>
>> I changed logging to use a path rather than syslog. Doing so makes it easier
>> to work with fail2ban.
>> Dovecot fails to start with the error:
>> Can't open log file /data01/var/log/dovecot.log: Permission denied
>>
> Yes, it was apparmor. It has been enabled for a couple of months. Dovecot is
>the first app that I've added that has a apparmor profile. After adding the
>necessary entry to the profile, logging proceeded as expected.
>
>In </etc/apparmor.d/usr.sbin.dovecot> I added:
> owner /data01/var/log/dovecot/* a,
>
>
Hi,
When an application is denied access by AppArmor, you can see the logs in syslog.
Anyway, if that helps, have s look here:
https://github.com/progmaticltd/homebox/tree/main/roles/dovecot/templates/apparmor.d
André.
More information about the dovecot
mailing list