On Wednesday, April 10, 2019 11:40 AM, Gerald Galster via dovecot <dovecot@dovecot.org> wrote:
> > Am 10.04.2019 um 11:59 schrieb Laura Smith via dovecot > > <dovecot@dovecot.org>: > > > > On Wednesday, April 10, 2019 10:52 AM, Aki Tuomi via dovecot > > <dovecot@dovecot.org> wrote: > > > > > On 10.4.2019 12.36, Laura Smith via dovecot wrote: > > > > > > > Dovecot 2.3.3 (dcead646b) > > > > openSUSE Leap 15.0 > > > > I am getting a weird error message: > > > > Fatal: Error in configuration file /etc/dovecot/local.conf line 16: > > > > ssl_cert: Can't open file /etc/foobar/ssl/certbot.pem: Permission denied > > > > I have tried the following: > > > > > > > > - chmod -R 655 /etc/foobar/ssl (/etc/foobar is 755) > > > > - create "ssl_users" group add dovecot to it chown -R > > > > dovecot:ssl_users /etc/foobar/ssl > > > > > > > > How can I fix this ? There's no obvious solution ? > > > > > > Are you by chance using selinux? If you are, you might need to relabel > > > the files. > > > > > > Aki > > > > This is openSUSE, not Centos, I don't think it even comes with selinux. > > Maybe apparmor? > > https://git.ispconfig.org/ispconfig/ispconfig3/issues/5071 > > > OpenSuSE and apparmor expect dovecot certs to be in /etc/ssl/private > > ISPConfig setup script expects SSL certs to be in /etc/postfix but > apparmor prevents dovecot from reading them in that directory > > Otherwise you could login as dovecot user (temporarily change the shell to > bash if needed; usermod -s /bin/bash) and see if you can access the > certificate. > Check all directory/file permissions, including acls (man getfacl), along the > path. > > Best regards > Gerald @Gerald Spot on with apparmor !
