Help with very strange exim log entries

Sven Hartge sven at svenhartge.de
Sun Feb 19 16:33:53 UTC 2017 

[Please Cc: me, I am not subscribed to pkg-exim4-maintainers.]

Um 17:21 Uhr am 19.02.17 schrieb Sven Hartge:

> I am seeing the following log messages in /var/log/syslog on my Debian Sid
> system:
> 
> ,----
> | Feb 19 01:28:44 ds9 exim[711921]: exim: setuid for log-file creation failed, aborting
> | Feb 19 01:28:44 ds9 exim[711922]: exim: setuid for log-file creation failed, aborting
> | Feb 19 01:28:44 ds9 exim[711920]: 2017-02-19 01:28:44 unable to set gid=112 or uid=112 (euid=0): calling tls_validate_require_cipher
> | Feb 19 01:28:44 ds9 exim[711920]: 2017-02-19 01:28:44 Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=0 egid=112
> | Feb 19 01:28:44 ds9 exim[711920]: exim: could not open panic log - aborting: see message(s) above
> | Feb 19 01:28:44 ds9 exim[711928]: exim: setuid for log-file creation failed, aborting
> | Feb 19 01:28:44 ds9 exim[711929]: exim: setuid for log-file creation failed, aborting
> | Feb 19 01:28:44 ds9 exim[711927]: 2017-02-19 01:28:44 unable to set gid=112 or uid=112 (euid=0): calling tls_validate_require_cipher
> | Feb 19 01:28:44 ds9 exim[711927]: 2017-02-19 01:28:44 Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=0 egid=112
> | Feb 19 01:28:44 ds9 exim[711927]: exim: could not open panic log - aborting: see message(s) above
> `----

Do you know the situation, where you bang your head against a problem for
a week and can't figure it out, but as soon as you make a plea for help,
you find the solution? This is one of them.

The problem is not exim4 itself, it is the tool "netdata", which I
upgraded to 1.5.0 on the 2017-02-12. It includes a graphing component for
the exim4 queue, calling '/usr/sbin/exim4 -bpc' every ten seconds.

netdata has a systemd unit, restricting the capabilities of it and its 
child processes:

,----
| CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SETGID
----

Since SETUID is disabled, calling the exim4 binary during the time when
the log is already rotated but not created anew, the above error is logged
to /var/log/syslog for the netdata.service unit.

Case closed for me and thank you for your continued work on exim4 in
Debian.

Grüße,
Sven.

More information about the Pkg-exim4-maintainers mailing list