[Dovecot] what defines dovecot LOG perms?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
on dovecot launch, 'dovecot.log' is created as:
-rw------- 1 root testuser 271 2006-09-11 07:58 dovecot.logwhich causes an apparent perms prob with exim using dovecot's LDA ...
what/how do i define/change the LOG's ownership/perms with?
it seems to ignore the dovecot.conf umask setting, etc.
thx.
richard
/"
\ / ASCII Ribbon Campaign
X against HTML email, vCards
/ \ & micro$oft attachments
[GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkUFepwACgkQlffdvTZxCMaXoACfdGwNb8NQUZCfn6AlCswqbgrB T6IAoI0OMmhFsjWts3zAqIK3Ol32MwP7 =w1XL -----END PGP SIGNATURE-----
Is it possible this would be created as root root and you have a SGID on the folder above this one (.) that is assigned to the group testuser?
On Mon, Sep 11, 2006 at 08:02:48AM -0700, OpenMacNews wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
on dovecot launch, 'dovecot.log' is created as:
-rw------- 1 root testuser 271 2006-09-11 07:58 dovecot.logwhich causes an apparent perms prob with exim using dovecot's LDA ...
what/how do i define/change the LOG's ownership/perms with?
it seems to ignore the dovecot.conf umask setting, etc.
thx.
richard
/"
\ / ASCII Ribbon Campaign X against HTML email, vCards / \ & micro$oft attachments[GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkUFepwACgkQlffdvTZxCMaXoACfdGwNb8NQUZCfn6AlCswqbgrB T6IAoI0OMmhFsjWts3zAqIK3Ol32MwP7 =w1XL -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
hi mark,
Is it possible this would be created as root root
possible ... but
and you have a SGID on the folder above this one (.) that is assigned to the group testuser?
yes, that's the case:
/var/MailServer/Logs/dovecot > ls -al total 8 drwxrwxr-x 3 testuser testuser 102 2006-09-11 07:55 ./ drwxrwxr-x 6 testuser testuser 204 2006-08-27 17:40 ../ -rw------- 1 root testuser 4871 2006-09-11 08:12 dovecot.log
my _current_ problem is, however, unless that dovecot.log is 0666, when i try a local delivery via exim->dovecot_lda, w/:
exim -v -odf testuser@mail.testdomain.comi get:
LOG: MAIN testuser@mail.testdomain.com: dovecot_lda transport output: deliver(testuser@mail.testdomain.com): Fatal: Can't open log file /var/MailServer/Logs/dovecot/dovecot.log: Permission denied
in the *exim* log ...
if i change the log's perms to 0666, then THAT error goes away.
fwiw, EXIM runs as user 'testuser' ... NOT as root.
richard
/"
\ / ASCII Ribbon Campaign
X against HTML email, vCards
/ \ & micro$oft attachments
[GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkUFfxEACgkQlffdvTZxCMZz4gCfejCxldt5wjIo2dFyfW0+tCxs 8noAniRYGlUQ6tvywS6NtuyiJpqPNAYf =vcVM -----END PGP SIGNATURE-----
Is the dovecot daemon running as root? I would assume this is why it would make the log root:testuser.
Instead of changing the perms you could chown the log to be testuser:testuser - but this would be changed back to root if you have any logrotate setup
On Mon, Sep 11, 2006 at 08:21:52AM -0700, OpenMacNews wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
hi mark,
Is it possible this would be created as root root
possible ... but
and you have a SGID on the folder above this one (.) that is assigned to the group testuser?
yes, that's the case:
/var/MailServer/Logs/dovecot > ls -al total 8 drwxrwxr-x 3 testuser testuser 102 2006-09-11 07:55 ./ drwxrwxr-x 6 testuser testuser 204 2006-08-27 17:40 ../ -rw------- 1 root testuser 4871 2006-09-11 08:12 dovecot.log
my _current_ problem is, however, unless that dovecot.log is 0666, when i try a local delivery via exim->dovecot_lda, w/:
exim -v -odf testuser@mail.testdomain.com
i get:
LOG: MAIN testuser@mail.testdomain.com: dovecot_lda transport output: deliver(testuser@mail.testdomain.com): Fatal: Can't open log file /var/MailServer/Logs/dovecot/dovecot.log: Permission denied
in the *exim* log ...
if i change the log's perms to 0666, then THAT error goes away.
fwiw, EXIM runs as user 'testuser' ... NOT as root.
richard
/"
\ / ASCII Ribbon Campaign X against HTML email, vCards / \ & micro$oft attachments[GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkUFfxEACgkQlffdvTZxCMZz4gCfejCxldt5wjIo2dFyfW0+tCxs 8noAniRYGlUQ6tvywS6NtuyiJpqPNAYf =vcVM -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
hi mark,
Is the dovecot daemon running as root? I would assume this is why it would make the log root:testuser.
yes, it's running as root.
i'd _thought_ one can run dovecot as another user.
i've exec'd it as 'testuser', but have all sorts of _other_ perms problems then ...
i'd guess this would be ideal ... and, arguably made sense to me to run both exim and dovecot as the same user. but am, atm, not at all certain what issues/problems arise from this.
Instead of changing the perms you could chown the log to be testuser:testuser -
yup.
but this would be changed back to root if you have any logrotate setup
which i do.
thx,
richard
/"
\ / ASCII Ribbon Campaign
X against HTML email, vCards
/ \ & micro$oft attachments
[GPG] OpenMacNews at gmail dot com fingerprint: 50C9 1C46 2F8F DE42 2EDB D460 95F7 DDBD 3671 08C6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin)
iEYEARECAAYFAkUFiyQACgkQlffdvTZxCMYYtwCggZ27BGVfZufYqMBbLxDyvwHQ TC8An2kN2BrISqrZfsBDf71matoUpAbv =KSwg -----END PGP SIGNATURE-----
participants (2)
-
Mark Adams
-
OpenMacNews