On Thursday, December 29, 2022 10:17:08 PM AKST Aki Tuomi wrote:
On 30/12/2022 05:25 EET James Moe moe.james@sma-inc.us wrote: Permission is still denied. Where do I find information about "status=80/n/a"?
I did not include all two of the syslog entries in the previous message: 2022-12-29T20:17:56-0700 sma-server3 dovecot[12102]: Can't open log file /data01/var/log/dovecot.log: Permission denied 2022-12-29T20:17:56-0700 sma-server3 systemd[1]: dovecot.service: Main process exited, code=exited, status=80/n/a
Maybe you have selinux or apparmor involved? On rhel based systems, selinux logs into /var/log/audit/audit.log, dmesg -T is another good thing to check.
Status=80 I assume is the exit code dovecot threw when it couldn't open the log file. Whatever "int main()" is programmed to return.
On Tuesday, December 27, 2022 2:19:39 PM AKST James Moe wrote:
Dovecot fails to start with the error: Can't open log file /data01/var/log/dovecot.log: Permission denied That error message is typical of a simple unix permission issue, nothing to do with selinux etc.
On Tuesday, December 27, 2022 2:19:39 PM AKST James Moe wrote:
Permissions: drwxrwxr-x 1 root users 104 Feb 25 2018 /data01/ drwxrwxr-x 1 sma-user3x users 102 Dec 17 14:50 /data01/var/ drwxrwxr-x 1 sma-user3x users 146 Dec 27 15:37 /data01/var/log/ drwxrwxr-x 1 dovecot users 22 Dec 27 15:47 /data01/var/log/dovecot/
"dovecot" is a member of "users".
What "permission" am I missing?
If the process isn't running with an effective group id of "users", then it cannot access that directory simply by virtue of being a member of that group. The main program has to call setegid() with the proper group id before attempting to access those files.
On Tuesday, December 27, 2022 10:27:31 PM AKST Aki Tuomi wrote:
If you want to run log as
dovecot, you can do so withservice log { user = dovecot }
Maybe try something like this:
service log { user = dovecot group = users }