https://bugs.exim.org/show_bug.cgi?id=2391
--- Comment #7 from Andreas Metzler <[email protected]> --- Hello, I recently got a a bug report on Debian regarding this issue against 4.98 https://bugs.debian.org/1082646 - Adding a comment here in case this pops up somewhere else: Error message/symptom: 2024-09-22 16:25:08 1ssU4q-00000001DEL-0AVf exim.c:884: chown(/var/spool/exim4//msglog//1ssU4q-00000001DEL-0AVf, 111:117) failed (Operation not permitted). Please contact the authors and refer to https://bugs.exim.org/show_bug.cgi?id=2391 2024-09-22 16:25:08 1ssU4q-00000001DEL-0AVf Couldn't chown message log /var/spool/exim4//msglog//1ssU4q-00000001DEL-0AVf: Operation not permitted The issue was triggered by a systemd service sending out mail by piping into /usr/lib/sendmail therefore exim inherited the the lockdown settings set by the systemd service file. Some of these settings were incompatible with exim: CapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_DAC_READ_SEARCH CAP_SETGID CAP_SETUID CAP_SYS_ADMIN CAP_SYS_CHROOT CAP_SYS_PTRACE CAP_SYS_RAWIO CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_ADMIN CAP_SYS_RESOURCE CAP_FOWNER CAP_CHOWN was missing here. Also exim tries to fork off a delivery process which often will need to look/write into /home which ProtectHome=true (which was also set) breaks. The delivery process fails and the message is placed on the queue and delivered later, so this is not a terminal error.) -- You are receiving this mail because: You are on the CC list for the bug. -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
