Well, I'd rather to have dovecot log alone in one log file. My initial question is that user/group and file permissions to use??
On 19/03/17 15:40, Richard wrote: > >> Date: Sunday, March 19, 2017 15:28:35 +1300 >> From: Michael Heuberger <michael.heuber...@binarykitchen.com> >> >> On 19/03/17 15:12, Richard wrote: >>>> Date: Sunday, March 19, 2017 14:56:01 +1300 >>>> From: Michael Heuberger <michael.heuber...@binarykitchen.com> >>>> >>>> On 19/03/17 13:43, Richard wrote: >>>>>> Date: Sunday, March 19, 2017 13:32:57 +1300 >>>>>> From: Michael Heuberger <michael.heuber...@binarykitchen.com> >>>>>> >>>>>> Hello guys >>>>>> >>>>>> Having headaches here how to make logrotation for dovecot log >>>>>> files work. Having permission issues: >>>>>> >>>>>> michael.heuberger@xxx /e/l/daily ❯❯❯ sudo logrotate -fv >>>>>> dovecot.daily >>>>>> ⏎ >>>>>> reading config file dovecot.daily >>>>>> >>>>>> Handling 1 logs >>>>>> >>>>>> rotating pattern: /var/log/dovecot*.log forced from command >>>>>> line (10 rotations) >>>>>> empty log files are rotated, old logs are removed >>>>>> considering log /var/log/dovecot.log >>>>>> error: skipping "/var/log/dovecot.log" because parent directory >>>>>> has insecure permissions (It's world writable or writable by >>>>>> group which is not "root") Set "su" directive in config file to >>>>>> tell logrotate which user/group should be used for rotation. >>>>>> >>>>>> This is my current logrotation conf for dovecot: >>>>>> >>>>>> /var/log/dovecot*.log { >>>>>> rotate 10 >>>>>> missingok >>>>>> sharedscripts >>>>>> postrotate >>>>>> doveadm log reopen >>>>>> endscript >>>>>> } >>>>>> >>>>>> And the /var/log folder has these permissions: >>>>>> >>>>>> drwxrwxr-x 12 root syslog 4.0K Mar 19 12:43 log >>>>>> >>>>>> Any clues what's wrong? >>>>> As the message says: >>>>> >>>>> > because parent directory has insecure permissions >>>>> > (It's world writable or writable by group which >>>>> > is not "root") >>>>> >>>>> > drwxrwxr-x 12 root syslog 4.0K Mar 19 12:43 log >>>>> >>>>> On my RHEL derived systems, /var/log is root.root (and even then, >>>>> is not writable by group). >>>> Thank you. And what user/group/file perms does your dovecot.log >>>> file have? >>>> >>>> - Michael >>>> >>>> >>> I log dovecot via syslog to [/var/log/]maillog, rather than its own >>> log file. That file is owned root.root and has permissions of 600. >> Well, I tried the same but it didn't work. >> >> Setting my dovecot.log to 600 with root:root is breaking my mail >> system. I am then unable to receive and open emails. >> >> Had to apply an ugly hack >> >> /var/log/dovecot*.log { >> su syslog syslog >> create 666 syslog syslog >> rotate 10 >> ... >> } >> >> Like that anyone who wants to access/write to it, can do it and all >> works. >> >> That's my problem. Do not know who/what/how to set this up >> correctly. >> >> - Michael >> > I would be inclined to just log dovecot to the syslog mail facility, > which I believe is the default (in 10-logging.conf) -- in the RHEL > setup anyway, and what I do: > > log_path = syslog > > syslog_facility = mail -- Binary Kitchen Michael Heuberger 1/33 Parrish Road Sandringham Auckland 1025 (New Zealand) Mobile (text only) ... +64 21 261 89 81 Email ................ mich...@binarykitchen.com Website .............. http://www.binarykitchen.com