Phil Howard
2010-May-10 17:33 UTC
[Dovecot] dovecot/deliver ... Can't open log file /var/log/dovecot/error.log: Permission denied
I'm getting this ... May 10 12:45:01 eth0 postfix/local[3416]: A788D685F7: to=< xxxxxxxx at xxxxxxxx.net>, relay=local, delay=13, delays=13/0/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: Can't open log file /var/log/dovecot/error.log: Permission denied ) So I'm looking at http://wiki.dovecot.org/LDA to see what I can do about it. I would have hoped some comments in the example config file would have mentioned this and suggested a default practice solution. Is this something few people or many people encounter (among those using dovecot/deliver from Postfix)? If I do as the wiki describes and make separate log files for dovecot/deliver to use, do I just make them owned by Postfix? It would seem to me a different directory might be more helpful (absent log files could be created by having the directory permissions. I'm also thinking in terms of log rotations, too ... and I prefer to do log rotations by date stamping rather than pushing sequence numbers (the legacy log rotation). Any chance there are %-style variables I can use in log file/path names to make log files automatically named by the date (and maybe time) ... kind of like in a shell script I would do: `date +/path/to/tree/%Y/%m/%d.log` or such.
Romer Ventura
2010-May-10 17:59 UTC
[Dovecot] dovecot/deliver ... Can't open log file /var/log/dovecot/error.log: Permission denied
I had to chmod 777 for it to work.. Thanks ------ Romer Ventura On May 10, 2010, at 12:33 PM, Phil Howard wrote:> I'm getting this ... > > May 10 12:45:01 eth0 postfix/local[3416]: A788D685F7: to=< > xxxxxxxx at xxxxxxxx.net>, relay=local, delay=13, delays=13/0/0/0.03, > dsn=4.3.0, status=deferred (temporary failure. Command output: > Can't open > log file /var/log/dovecot/error.log: Permission denied ) > > So I'm looking at http://wiki.dovecot.org/LDA to see what I can do > about > it. I would have hoped some comments in the example config file > would have > mentioned this and suggested a default practice solution. Is this > something > few people or many people encounter (among those using dovecot/ > deliver from > Postfix)? > > If I do as the wiki describes and make separate log files for > dovecot/deliver to use, do I just make them owned by Postfix? It > would seem > to me a different directory might be more helpful (absent log files > could be > created by having the directory permissions. I'm also thinking in > terms of > log rotations, too ... and I prefer to do log rotations by date > stamping > rather than pushing sequence numbers (the legacy log rotation). > > Any chance there are %-style variables I can use in log file/path > names to > make log files automatically named by the date (and maybe time) ... > kind of > like in a shell script I would do: `date +/path/to/tree/%Y/%m/% > d.log` or > such.
Romer Ventura
2010-May-10 18:20 UTC
[Dovecot] dovecot/deliver ... Can't open log file /var/log/dovecot/error.log: Permission denied
I am using static uids: mail_uid = vmail mail_gid = vmail user = vmail group = vmail else it will do what you describe. Thanks ------ Romer Ventura> On Mon, May 10, 2010 at 13:59, Romer Ventura <rventura at h-st.com> > wrote: > I had to chmod 777 for it to work.. > > I did chmod 777 to see what it would do, and especially, what > userid the log files were owned by. Bad news from that ... they > are owned by the first user I sent email to. That seems to me to > be a Postfix issue where Postfix still thinks I mailing to local > system users, and running the deliver program under such a userid. > When I start adding users which don't have local system user > equivalents, that's going to be a problem > > Also, I'm finding that in mail_location = the variable %d is > empty. It should be the domain. Again, this seems like Postfix is > treating local delivery as all-users-are-equivalent for any local > domain (and that is definitely not the case). So I need to look at > some Postfix config now to see how to make it pass the full email > address (user at domain ... so %n@%d represents the email address), > and to run dovecot/deliver as user vmail. > > At least I'm not using sendmail :-) > > This old legacy "system user" thing is sure a PITA. It should > either be ON or OFF. > log files automatically named by the date (and maybe time) ... > kind of > like in a shell script I would do: `date +/path/to/tree/%Y/%m/% > d.log` or > such.