On 28/12/2022 01:19 EET James Moe moe.james@sma-inc.us wrote:
dovecot 2.3.15 opensuse LEAP 15.4
I changed logging to use a path rather than syslog. Doing so makes it easier to work with fail2ban. Dovecot fails to start with the error: Can't open log file /data01/var/log/dovecot.log: Permission denied
Permissions: drwxrwxr-x 1 root users 104 Feb 25 2018 /data01/ drwxrwxr-x 1 sma-user3x users 102 Dec 17 14:50 /data01/var/ drwxrwxr-x 1 sma-user3x users 146 Dec 27 15:37 /data01/var/log/ drwxrwxr-x 1 dovecot users 22 Dec 27 15:47 /data01/var/log/dovecot/
"dovecot" is a member of "users".
What "permission" am I missing?
Note: A long time ago I had a problem with programs consuming all available space on the system disk with log or backup files. I have since gotten in the habit of putting log files on a non-system disk.
-- James Moe moe dot james at sohnen-moe dot com 520.743.3936 Think.
Hi!
Dovecot drops all extra group memberships from processes when spawning them unless told otherwise. The log service runs by default as root, not as dovecot. If data01 is a NFS mount, then root may become squashed.
If you want to run log as dovecot, you can do so with
service log { user = dovecot }
Aki