1 Topic by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Topic: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? installer
- Linux/BSD distribution name and version: debian buster
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,

i want to restore iredmail coming from debian stretch on buster and it works so far. Only issue right now are file permissions on /var/log/dovecot/* ...

/var/log/mail.log
Aug 16 15:23:40 mail postfix/pipe[7099]: 4Gp5LC5Tt2zfgF: to=<my-address@mydomain.xyz>, relay=dovecot, delay=21465, delays=21465/0.06/0/0.08, dsn=4.3.0, status=deferred (temporary failure. Command output: Can't open log file /var/log/dovecot/dovecot-sieve.log: Permission denied )
/var/log/dovecot/dovecot.log
Aug 16 15:23:48 lmtp: Error: Can't open log file /var/log/dovecot/dovecot.log: Permission denied
Aug 16 15:23:48 master: Error: service(lmtp): command startup failed, throttling for 2 secs
Aug 16 15:23:48 lmtp: Fatal: master: service(lmtp): child 7149 returned error 80 (Can't open log file)
# ls -lh /var/log/dovecot
-rw-r----- 1 root adm 287K Aug 16 15:23 dovecot.log
-rw-r----- 1 root adm    0 Aug 16 09:57 dovecot-sieve.log

Changing it to vmail:vmail 0700 as mentioned in other threads doesn't work either.
Which permission do i have to set?

Any other ideas?

Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by camel1cz

  • camel1cz
  • camel1cz
  • Member
  • Offline
  • From: Czech Republic
  • Registered: 2013-04-20
  • Posts: 220

Re: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

Not sure if it'll help, but I'm seing different permitions on my ubuntu system:

# ls -lh /var/log | grep dovecot
drwxr-xr-x  2 syslog adm             4,0K srp 15 00:00 dovecot
# ls -lh /var/log/dovecot
total 372K
-rw-r----- 1 syslog adm 1,9K srp 15 18:21 dovecot.log
-rw-r----- 1 syslog adm 304K srp 16 13:26 imap.log
-rw-r----- 1 syslog adm 2,0K srp 15 14:04 lda.log
-rw-r----- 1 syslog adm 2,3K srp 16 22:51 pop3.log
-rw-r----- 1 syslog adm    0 srp 13 17:51 sieve.log

3 Reply by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Re: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

Thank you, on Debian /var/log/ and most of it's content belongs to root:adm. Since /var/vmail/vmail1 contains the user's maildir and belongs to the user vmail, it makes sense that dovecot's logging should belong to user vmail.
Changing permissions to vmail:adm 0660 didn't help, too.

Nice to have: documentation of permissions and users in https://docs.iredmail.org/file.locations.html. ;o)

Could anyone post her/his permissions of /var/log/dovecot/* under Debian Buster?

4 Reply by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Re: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

What i didn't mention - i switched from syslog to an extra logfile.
Switching it back to syslog helped, but i would prefer an extra logfile for dovecot.

# Use syslog
syslog_facility = local5
# Log file path if we use internal log system
#log_path = /var/log/dovecot/dovecot.log

In the lda-section there was an entry for logging sieve - i disabled that too.

protocol lda {
    mail_plugins = $mail_plugins sieve
    lda_mailbox_autocreate = yes
    lda_mailbox_autosubscribe = yes
#    log_path = /var/log/dovecot/dovecot-sieve.log
}

I still have no idea why it would't work, but it's okay now ...

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

Dovecot is configured to use syslog for logging, this is easier to handle the log file rotation (with logrotate) and the owner/group/permission after rotation.

6 Reply by jobu

  • jobu
  • Member
  • Offline
  • Registered: 2011-08-01
  • Posts: 122

Re: Permission denied on /var/log/dovecot/dovecot.log / dovecot-sieve.log

Good to know, so i'll stick with the defaults.

Thank you, Zhang.