cause of "Cannot open main log file "/var/log/exim/mainlog": Permission denied" - exicyclog?

[grc]

Hello,

I run exicyclog every hour as a root cronjob.

Occasionally, exim somehow crashes at around the same time. The only clue about what may have happened is the paniclog:

paniclog shows:
2013-09-27 14:00:03 Cannot open main log file "/var/log/exim/mainlog": Permission denied: euid=93 egid=93

Looking at exicyclog, at one point it does the following:
[...]
if [ -f $mainlog ]; then
$mv $mainlog $mainlog.$first
$chown $user:$group $mainlog.$first
$touch $mainlog
$chown $user:$group $mainlog
$chmod 640 $mainlog
fi
[...]

I wonder if exim (Exim version 4.72) has a problem with the mainlog being touched by root temporarily if it tries to write to it before the "chown".

Is that possible? What can be done about it?

Kind Regards,

 

[cPanelMichael]

Hello

It looks like the error message is generated during the time frame when the Exim mainlog does not exist. You may want to modify your exicyclog script to run less often, or to rotate the log rather than moving it with that cron job.

Thank you.

 

[grc]

Thank you for your suggestions. The exicyclog script comes with Exim and is recommended to be run as a cronjob. So I thought someone has had the same problem and I would not have to re-invent the wheel or that I am on the wrong track. Btw: This does not happen very often, about every 5000th time exicyclog runs (estimated over the number of exim servers). Less often than hourly is unfortunately not an option.

At this point I think the following modification of exicyclog may be worth a try:

if [ -f $mainlog ]; then

# modification 20131010
# make sure the new mainlog has been created,
# has the right permission
$touch $mainlog.new
$chown $user:$group $mainlog.new
$chmod 640 $mainlog.new

$mv $mainlog $mainlog.$first
# ...and then move it into place ;should take less time
$mv $mainlog.tmp $mainlog

$chown $user:$group $mainlog.$first

fi