ssl_cert: Can't open file permission denied
Dovecot 2.3.3 (dcead646b) openSUSE Leap 15.0
I am getting a weird error message:
Fatal: Error in configuration file /etc/dovecot/local.conf line 16: ssl_cert: Can't open file /etc/foobar/ssl/certbot.pem: Permission denied
I have tried the following:
- chmod -R 655 /etc/foobar/ssl (/etc/foobar is 755)
- create "ssl_users" group add dovecot to it chown -R dovecot:ssl_users /etc/foobar/ssl
How can I fix this ? There's no obvious solution ?
Maybe apparmor?
https://git.ispconfig.org/ispconfig/ispconfig3/issues/5071 <https://git.ispconfig.org/ispconfig/ispconfig3/issues/5071>
OpenSuSE and apparmor expect dovecot certs to be in /etc/ssl/private ISPConfig setup script expects SSL certs to be in /etc/postfix but apparmor prevents dovecot from reading them in that directory
Otherwise you could login as dovecot user (temporarily change the shell to bash if needed; usermod -s /bin/bash) and see if you can access the certificate. Check all directory/file permissions, including acls (man getfacl), along the path.
Best regards Gerald
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Wednesday, April 10, 2019 1:08 PM, Michael Orlitzky via dovecot <dovecot@dovecot.org> wrote:
You are teaching granny to suck eggs.
Sometimes granny needs to do troubleshooting (especially when neither Dovecot or the Operating System are generating any sort of useful log entries to help granny... it means granny needs to resort to real basics like file permissions and then work upwards).
participants (5)
-
Aki Tuomi
-
Dmitry Donskih
-
Gerald Galster
-
Laura Smith
-
Michael Orlitzky