The systemd service file can be read here [0].
Could you test if the following fixes the issue?
Edit the service file:
sudo systemctl edit exim4-daemon-light.serviceAnd add:
[Service] ReadWritePaths=/var/log/dovecot
This allows the sandboxed Exim process to write to /var/log/dovecot while keeping all other protections.
Ohhh no, this shouldn't apply in my setup as I'm not using systemd to manage the exim service.
On Sun, Dec 7, 2025 at 2:38 PM Edmund Lodewijks via dovecot < dovecot@dovecot.org> wrote:
On 2025/12/07 20:33, Christopher Curzio via dovecot wrote:
Did you look at exim's systemd unit rules? And did you try LMTP?I think
it's exim's unit not mounting /var/log/dovecot read-write.I'll be honest, I don't know what any of those things are but I'll
look
into them. The systemd service file can be read here [0].
Could you test if the following fixes the issue?
Edit the service file:
sudo systemctl edit exim4-daemon-light.serviceAnd add:
[Service] ReadWritePaths=/var/log/dovecot
This allows the sandboxed Exim process to write to /var/log/dovecot while keeping all other protections.
[0]:
https://salsa.debian.org/exim-team/exim4/-/blob/master/debian/exim4-daemon-l...
-- Edmund Lodewijks <edmund@proteamail.com> TZ: UCT+2 / GMT+2
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
The systemd service file can be read here [0].
Could you test if the following fixes the issue?
Edit the service file:
`sudo systemctl edit exim4-daemon-light.service`
And add:
[Service]
ReadWritePaths=/var/log/dovecot
This allows the sandboxed Exim process to write to /var/log/dovecot
while keeping all other protections.Ohhh no, this shouldn't apply in my setup as I'm not using systemd to manage the exim service. On Sun, Dec 7, 2025 at 2:38PM Edmund Lodewijks via dovecot <[1]dovecot@dovecot.org> wrote:
On 2025/12/07 20:33, Christopher Curzio via dovecot wrote:
> Did you look at exim's systemd unit rules? And did you try LMTP?
I think
> it's exim's unit not mounting /var/log/dovecot read-write.
>
> I'll be honest, I don't know what any of those things are but I'll
look
> into them.
The systemd service file can be read here [0].
Could you test if the following fixes the issue?
Edit the service file:
`sudo systemctl edit exim4-daemon-light.service`
And add:
[Service]
ReadWritePaths=/var/log/dovecot
This allows the sandboxed Exim process to write to /var/log/dovecot
while keeping all other protections.
[0]:
[2]https://salsa.debian.org/exim-team/exim4/-/blob/master/debian/exim4-daemon-light.exim4.service
--
Edmund Lodewijks <[3]edmund@proteamail.com>
TZ: UCT+2 / GMT+2
_______________________________________________
dovecot mailing list -- [4]dovecot@dovecot.org
To unsubscribe send an email to [5]dovecot-leave@dovecot.orgReferences
Visible links
- mailto:dovecot@dovecot.org
- https://salsa.debian.org/exim-team/exim4/-/blob/master/debian/exim4-daemon-l...
- mailto:edmund@proteamail.com
- mailto:dovecot@dovecot.org
- mailto:dovecot-leave@dovecot.org