Hi, I just started using Dovecot and was trying to create separate logs instead of using syslog. Is there a way to get the file permission to be something other then root? I have tried the below configuration and it does not seem to change anything. The log process does change to a new user, but it still creates and writes as root. Whenever I test a new setting I delete all the current logs so they will have to be recreated to make sure it does not just keep the previous permissions. I also dont see much documentation on the service log. according to dovecot -a there are a good number of options, but I dont see any information about them.
Here are my logging settings below and I am running 2.1.6 and tried on 2.1.5.
### Logging info_log_path = /home/user/dovecot/logs/dovecot_info.log log_path = /home/user/dovecot/logs/dovecot.log debug_log_path = /home/user/dovecot/logs/debug.log
service log { user = user unix_listener log-errors { group = user2 mode = 0620 user = user } }
Thanks, Chris
On Thu, 2012-05-10 at 14:43 -0400, Chris Lasater wrote:
Hi, I just started using Dovecot and was trying to create separate logs instead of using syslog. Is there a way to get the file permission to be something other then root?
The log files are created by the master dovecot process at startup, which typically runs as root, so it also creates the logs as root:root 0600. Once the logs are created, their permissions are no longer touched. So I usually simply change the permissions once with chown/chmod.
I have tried the below configuration and it does not seem to change anything. The log process does change to a new user, but it still creates and writes as root. Whenever I test a new setting I delete all the current logs so they will have to be recreated to make sure it does not just keep the previous permissions.
Right, so that doesn't work..
I also dont see much documentation on the service log. according to dovecot -a there are a good number of options, but I dont see any information about them.
Those aren't specific to log service. There is common documentation for all services in http://wiki2.dovecot.org/Services
Thanks for responding Timo,
So according to the page you sent,User setting= Owner of the file. Defaults to 0 (root)
Would this be considered a bug in Dovecot, since it does not set the file permissions to the set user for my configuration?
service log { user = user unix_listener log-errors { group = user2 mode = 0620 user = user } }
On Mon, May 14, 2012 at 12:08 PM, Timo Sirainen <tss@iki.fi> wrote:
On Thu, 2012-05-10 at 14:43 -0400, Chris Lasater wrote:
Hi, I just started using Dovecot and was trying to create separate logs instead of using syslog. Is there a way to get the file permission to be something other then root?
The log files are created by the master dovecot process at startup, which typically runs as root, so it also creates the logs as root:root 0600. Once the logs are created, their permissions are no longer touched. So I usually simply change the permissions once with chown/chmod.
I have tried the below configuration and it does not seem to change anything. The log process does change to a new user, but it still creates and writes as root. Whenever I test a new setting I delete all the current logs so they will have to be recreated to make sure it does not just keep the previous permissions.
Right, so that doesn't work..
I also dont see much documentation on the service log. according to dovecot -a there are a good number of options, but I dont see any information about them.
Those aren't specific to log service. There is common documentation for all services in http://wiki2.dovecot.org/Services
Like I said, the log files are created by Dovecot master process at startup. The log service's user permissions don't matter because the files are created before it runs. Changing this behavior wouldn't be easy and I don't think it's worth the trouble.
There's anyway an easy workaround, start dovecot with a script:
touch /home/user/dovecot/logs/dovecot.log touch /home/user/dovecot/logs/dovecot_info.log touch /home/user/dovecot/logs/debug.log chown user /home/user/dovecot/logs/* exec dovecot
On Mon, 2012-05-14 at 12:46 -0400, Chris Lasater wrote:
Thanks for responding Timo,
So according to the page you sent,User setting= Owner of the file. Defaults to 0 (root)
Would this be considered a bug in Dovecot, since it does not set the file permissions to the set user for my configuration?
service log { user = user unix_listener log-errors { group = user2 mode = 0620 user = user } }
On Mon, May 14, 2012 at 12:08 PM, Timo Sirainen <tss@iki.fi> wrote:
On Thu, 2012-05-10 at 14:43 -0400, Chris Lasater wrote:
Hi, I just started using Dovecot and was trying to create separate logs instead of using syslog. Is there a way to get the file permission to be something other then root?
The log files are created by the master dovecot process at startup, which typically runs as root, so it also creates the logs as root:root 0600. Once the logs are created, their permissions are no longer touched. So I usually simply change the permissions once with chown/chmod.
I have tried the below configuration and it does not seem to change anything. The log process does change to a new user, but it still creates and writes as root. Whenever I test a new setting I delete all the current logs so they will have to be recreated to make sure it does not just keep the previous permissions.
Right, so that doesn't work..
I also dont see much documentation on the service log. according to dovecot -a there are a good number of options, but I dont see any information about them.
Those aren't specific to log service. There is common documentation for all services in http://wiki2.dovecot.org/Services
participants (2)
-
Chris Lasater
-
Timo Sirainen