dovecot - Oct 2017 - Quota warning executable can not log to /dev/stdout

I'm running dovecot 2.2.27 in a alpine based docker container and want 
to log to /dev/stdout. I therefore added this setting:

     log_path = /dev/stdout

Logging works fine so far.

Now I've added a quota-warning script. With the log_path setting above 
the script creates warnings like:

Oct 28 10:27:01 quota-warning: Error: Can't open log file /dev/stdout: 
No such device or address
Oct 28 10:27:01 quota-warning: Fatal: master: service(quota-warning): 
child 460 returned error 75


When I change log_path to something like /tmp/dovecot.log everything 
works fine.

Dovecot itself is started via s6 with a run script like this:

#!/bin/sh
exec /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf


What could cause this issue and how could I fix it?



For the record here's my doveconf -n output:


# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# OS: Linux 4.4.27-x86_64-jb1 x86_64  ext4
auth_mechanisms = plain login
auth_verbose = yes
first_valid_uid = 100
log_path = /dev/stdout
mail_gid = dovecot
mail_home = /var/mail/domains/%d/%n
mail_location = maildir:/var/mail/domains/%d/%n
mail_max_userip_connections = 160
mail_plugins = " quota"
mail_privileged_group = dovecot
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
   inbox = yes
   location    mailbox Drafts {
     auto = subscribe
     special_use = \Drafts
   }
   mailbox Junk {
     auto = subscribe
     special_use = \Junk
   }
   mailbox Sent {
     auto = subscribe
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     auto = subscribe
     special_use = \Trash
   }
   prefix    separator = .
}
passdb {
   args = /etc/dovecot/dovecot-mysql.conf.ext
   driver = sql
}
plugin {
   quota = maildir:User quota
   quota_exceeded_message = Storage quota for user %u exceeded (Benutzer 
%u hat sein Speichervolumen ueberschritten)
   quota_grace = 10%%
   quota_rule2 = Trash:storage=+100M
   quota_status_nouser = DUNNO
   quota_status_overquota = 552 5.2.2 Mailbox is full
   quota_status_success = DUNNO
   quota_warning = storage=85%% quota-warning 80 %u %d
}
protocols = imap lmtp sieve
service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0666
     user = postfix
   }
   unix_listener auth-userdb {
     mode = 0777
   }
}
service lmtp {
   unix_listener /var/spool/postfix/private/dovecot-lmtp {
     group = postfix
     mode = 0600
     user = postfix
   }
}
service quota-status {
   client_limit = 1
   executable = quota-status -p postfix
   inet_listener {
     port = 10001
   }
}
service quota-warning {
   executable = script /usr/local/bin/quota-warning.sh
   group = dovecot
   unix_listener quota-warning {
     mode = 0666
     user = dovecot
   }
   user = vmail
}
ssl_cert = </certs/fullchain.pem
ssl_key =  # hidden, use -P to show it
ssl_protocols = !SSLv2 !SSLv3
userdb {
   args = /etc/dovecot/dovecot-mysql.conf.ext
   driver = sql
}
protocol imap {
   mail_plugins = " quota imap_quota"
}
protocol lmtp {
   mail_plugins = " quota sieve"
}

Try adding

service quota-warning {
  chroot }

It won't chroot it then, but I'm not sure if that has a huge security
impact.

Aki
> On October 28, 2017 at 12:13 PM Michael H?rtl <haertl.mike at
gmail.com> wrote:
> 
> 
> I'm running dovecot 2.2.27 in a alpine based docker container and want 
> to log to /dev/stdout. I therefore added this setting:
> 
>      log_path = /dev/stdout
> 
> Logging works fine so far.
> 
> Now I've added a quota-warning script. With the log_path setting above 
> the script creates warnings like:
> 
> Oct 28 10:27:01 quota-warning: Error: Can't open log file /dev/stdout: 
> No such device or address
> Oct 28 10:27:01 quota-warning: Fatal: master: service(quota-warning): 
> child 460 returned error 75
> 
> 
> When I change log_path to something like /tmp/dovecot.log everything 
> works fine.
> 
> Dovecot itself is started via s6 with a run script like this:
> 
> #!/bin/sh
> exec /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
> 
> 
> What could cause this issue and how could I fix it?
> 
> 
> 
> For the record here's my doveconf -n output:
> 
> 
> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
> # OS: Linux 4.4.27-x86_64-jb1 x86_64  ext4
> auth_mechanisms = plain login
> auth_verbose = yes
> first_valid_uid = 100
> log_path = /dev/stdout
> mail_gid = dovecot
> mail_home = /var/mail/domains/%d/%n
> mail_location = maildir:/var/mail/domains/%d/%n
> mail_max_userip_connections = 160
> mail_plugins = " quota"
> mail_privileged_group = dovecot
> mail_uid = vmail
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope 
> encoded-character vacation subaddress comparator-i;ascii-numeric 
> relational regex imap4flags copy include variables body enotify 
> environment mailbox date index ihave duplicate mime foreverypart
extracttext
> namespace inbox {
>    inbox = yes
>    location >    mailbox Drafts {
>      auto = subscribe
>      special_use = \Drafts
>    }
>    mailbox Junk {
>      auto = subscribe
>      special_use = \Junk
>    }
>    mailbox Sent {
>      auto = subscribe
>      special_use = \Sent
>    }
>    mailbox "Sent Messages" {
>      special_use = \Sent
>    }
>    mailbox Trash {
>      auto = subscribe
>      special_use = \Trash
>    }
>    prefix >    separator = .
> }
> passdb {
>    args = /etc/dovecot/dovecot-mysql.conf.ext
>    driver = sql
> }
> plugin {
>    quota = maildir:User quota
>    quota_exceeded_message = Storage quota for user %u exceeded (Benutzer 
> %u hat sein Speichervolumen ueberschritten)
>    quota_grace = 10%%
>    quota_rule2 = Trash:storage=+100M
>    quota_status_nouser = DUNNO
>    quota_status_overquota = 552 5.2.2 Mailbox is full
>    quota_status_success = DUNNO
>    quota_warning = storage=85%% quota-warning 80 %u %d
> }
> protocols = imap lmtp sieve
> service auth {
>    unix_listener /var/spool/postfix/private/auth {
>      group = postfix
>      mode = 0666
>      user = postfix
>    }
>    unix_listener auth-userdb {
>      mode = 0777
>    }
> }
> service lmtp {
>    unix_listener /var/spool/postfix/private/dovecot-lmtp {
>      group = postfix
>      mode = 0600
>      user = postfix
>    }
> }
> service quota-status {
>    client_limit = 1
>    executable = quota-status -p postfix
>    inet_listener {
>      port = 10001
>    }
> }
> service quota-warning {
>    executable = script /usr/local/bin/quota-warning.sh
>    group = dovecot
>    unix_listener quota-warning {
>      mode = 0666
>      user = dovecot
>    }
>    user = vmail
> }
> ssl_cert = </certs/fullchain.pem
> ssl_key =  # hidden, use -P to show it
> ssl_protocols = !SSLv2 !SSLv3
> userdb {
>    args = /etc/dovecot/dovecot-mysql.conf.ext
>    driver = sql
> }
> protocol imap {
>    mail_plugins = " quota imap_quota"
> }
> protocol lmtp {
>    mail_plugins = " quota sieve"
> }

Thanks, I've tried it.

Unfortunately it didn't help. The error message stays the same.


Am 28.10.2017 um 11:43 schrieb Aki Tuomi:
> Try adding
> 
> service quota-warning {
>    chroot > }
> 
> It won't chroot it then, but I'm not sure if that has a huge
security impact.
> 
> Aki
> 
>> On October 28, 2017 at 12:13 PM Michael H?rtl <haertl.mike at
gmail.com> wrote:
>>
>>
>> I'm running dovecot 2.2.27 in a alpine based docker container and
want
>> to log to /dev/stdout. I therefore added this setting:
>>
>>       log_path = /dev/stdout
>>
>> Logging works fine so far.
>>
>> Now I've added a quota-warning script. With the log_path setting
above
>> the script creates warnings like:
>>
>> Oct 28 10:27:01 quota-warning: Error: Can't open log file
/dev/stdout:
>> No such device or address
>> Oct 28 10:27:01 quota-warning: Fatal: master: service(quota-warning):
>> child 460 returned error 75
>>
>>
>> When I change log_path to something like /tmp/dovecot.log everything
>> works fine.
>>
>> Dovecot itself is started via s6 with a run script like this:
>>
>> #!/bin/sh
>> exec /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf
>>
>>
>> What could cause this issue and how could I fix it?
>>
>>
>>
>> For the record here's my doveconf -n output:
>>
>>
>> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
>> # OS: Linux 4.4.27-x86_64-jb1 x86_64  ext4
>> auth_mechanisms = plain login
>> auth_verbose = yes
>> first_valid_uid = 100
>> log_path = /dev/stdout
>> mail_gid = dovecot
>> mail_home = /var/mail/domains/%d/%n
>> mail_location = maildir:/var/mail/domains/%d/%n
>> mail_max_userip_connections = 160
>> mail_plugins = " quota"
>> mail_privileged_group = dovecot
>> mail_uid = vmail
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart
extracttext
>> namespace inbox {
>>     inbox = yes
>>     location >>     mailbox Drafts {
>>       auto = subscribe
>>       special_use = \Drafts
>>     }
>>     mailbox Junk {
>>       auto = subscribe
>>       special_use = \Junk
>>     }
>>     mailbox Sent {
>>       auto = subscribe
>>       special_use = \Sent
>>     }
>>     mailbox "Sent Messages" {
>>       special_use = \Sent
>>     }
>>     mailbox Trash {
>>       auto = subscribe
>>       special_use = \Trash
>>     }
>>     prefix >>     separator = .
>> }
>> passdb {
>>     args = /etc/dovecot/dovecot-mysql.conf.ext
>>     driver = sql
>> }
>> plugin {
>>     quota = maildir:User quota
>>     quota_exceeded_message = Storage quota for user %u exceeded
(Benutzer
>> %u hat sein Speichervolumen ueberschritten)
>>     quota_grace = 10%%
>>     quota_rule2 = Trash:storage=+100M
>>     quota_status_nouser = DUNNO
>>     quota_status_overquota = 552 5.2.2 Mailbox is full
>>     quota_status_success = DUNNO
>>     quota_warning = storage=85%% quota-warning 80 %u %d
>> }
>> protocols = imap lmtp sieve
>> service auth {
>>     unix_listener /var/spool/postfix/private/auth {
>>       group = postfix
>>       mode = 0666
>>       user = postfix
>>     }
>>     unix_listener auth-userdb {
>>       mode = 0777
>>     }
>> }
>> service lmtp {
>>     unix_listener /var/spool/postfix/private/dovecot-lmtp {
>>       group = postfix
>>       mode = 0600
>>       user = postfix
>>     }
>> }
>> service quota-status {
>>     client_limit = 1
>>     executable = quota-status -p postfix
>>     inet_listener {
>>       port = 10001
>>     }
>> }
>> service quota-warning {
>>     executable = script /usr/local/bin/quota-warning.sh
>>     group = dovecot
>>     unix_listener quota-warning {
>>       mode = 0666
>>       user = dovecot
>>     }
>>     user = vmail
>> }
>> ssl_cert = </certs/fullchain.pem
>> ssl_key =  # hidden, use -P to show it
>> ssl_protocols = !SSLv2 !SSLv3
>> userdb {
>>     args = /etc/dovecot/dovecot-mysql.conf.ext
>>     driver = sql
>> }
>> protocol imap {
>>     mail_plugins = " quota imap_quota"
>> }
>> protocol lmtp {
>>     mail_plugins = " quota sieve"
>> }