I am getting: 
Oct 03 20:19:52 auth: Error: net_connect_unix(auth-worker) in directory /run/dovecot failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +r perm: /run/dovecot/auth-worker, dir owned by 0:0 mode=0755)

Because: 
root@mailserver:/run/dovecot# ls -l auth-worker
srw------- 1 dovecot root 0 Oct  3 20:09 auth-worker

When it really needs to be "vmail" (I think). 

I have set: 
service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  user = vmail
  group = vmail
}

in 10-master.conf (because I'm using postfixadmin/mariadb to store user information, I don't *want* access to /etc/shadow) 

I set this about an hour ago, then applied some security patches and restarted (ubuntu 20.04 system) and it didn't change. I then manually did a "chown vmail: of that file, and I got further. I had a different problem that I resolved, and then restarted dovecot, and /run/dovecot/auth-worker reverted.

I'm not sure where I need to set this. 

Thanks. 
Petro.
:wq