On 30 December 2022 22:25:09 CET, James Moe <moe.ja...@sma-inc.us> wrote: >On 2022-12-27 16:19, James Moe wrote: > >> I changed logging to use a path rather than syslog. Doing so makes it >> easier >> to work with fail2ban. >> Dovecot fails to start with the error: >> Can't open log file /data01/var/log/dovecot.log: Permission denied >> > Yes, it was apparmor. It has been enabled for a couple of months. Dovecot is >the first app that I've added that has a apparmor profile. After adding the >necessary entry to the profile, logging proceeded as expected. > >In </etc/apparmor.d/usr.sbin.dovecot> I added: > owner /data01/var/log/dovecot/* a, > >
Hi, When an application is denied access by AppArmor, you can see the logs in syslog. Anyway, if that helps, have s look here: https://github.com/progmaticltd/homebox/tree/main/roles/dovecot/templates/apparmor.d André.