> Date: Sunday, March 19, 2017 14:56:01 +1300 > From: Michael Heuberger <[email protected]> > > On 19/03/17 13:43, Richard wrote: >> >>> Date: Sunday, March 19, 2017 13:32:57 +1300 >>> From: Michael Heuberger <[email protected]> >>> >>> Hello guys >>> >>> Having headaches here how to make logrotation for dovecot log >>> files work. Having permission issues: >>> >>> michael.heuberger@xxx /e/l/daily ❯❯❯ sudo logrotate -fv >>> dovecot.daily >>> ⏎ >>> reading config file dovecot.daily >>> >>> Handling 1 logs >>> >>> rotating pattern: /var/log/dovecot*.log forced from command line >>> (10 rotations) >>> empty log files are rotated, old logs are removed >>> considering log /var/log/dovecot.log >>> error: skipping "/var/log/dovecot.log" because parent directory >>> has insecure permissions (It's world writable or writable by group >>> which is not "root") Set "su" directive in config file to tell >>> logrotate which user/group should be used for rotation. >>> >>> This is my current logrotation conf for dovecot: >>> >>> /var/log/dovecot*.log { >>> rotate 10 >>> missingok >>> sharedscripts >>> postrotate >>> doveadm log reopen >>> endscript >>> } >>> >>> And the /var/log folder has these permissions: >>> >>> drwxrwxr-x 12 root syslog 4.0K Mar 19 12:43 log >>> >>> Any clues what's wrong? >> >> As the message says: >> >> > because parent directory has insecure permissions >> > (It's world writable or writable by group which >> > is not "root") >> >> > drwxrwxr-x 12 root syslog 4.0K Mar 19 12:43 log >> >> On my RHEL derived systems, /var/log is root.root (and even then, >> is not writable by group). > > Thank you. And what user/group/file perms does your dovecot.log > file have? > > - Michael > >
I log dovecot via syslog to [/var/log/]maillog, rather than its own log file. That file is owned root.root and has permissions of 600.
