Vesta Control Panel - Forum

I am running Vesta with chroot plugin and Exim4. I am seeing these errors in my exim paniclog which seem to be due to a permissions issue, but in checking the permissions everything seems ok to me. Does anyone have any ideas?

Line from exim paniclog

2016-05-06 12:29:58 1ayidZ-0006T6-Kn unable to open private key file for reading: /etc/exim4/domains/mydomain.com/dkim.pem

Permissions for /etc/exim4/domains/ are drwxr-xr-x 2 root root

Inside of domains the actual paths to the domains are symbolic links:
lrwxrwxrwx 1 root root 40 Mar 12 22:43 mydomain.com -> /home/username/conf/mail/mydomain.com

Inside of the directory for each domain the dkim.pem has the following permissions:
-rw-rw---- 1 root mail 887 Mar 12 22:43 dkim.pem

yeah it does look okay, chrooted is root:mail is fine otherwise dkim.pem would be exim:mail, try deselecting the dkim support under the Email > Editing Mail Domain > DKIM Support UNTICK and save, then navigate away from email tab to dns or whatever, log into ssh, remove the dkim.key if its still in the /etc/exim4/domains/example.com/ folder...restart exim, wait for a minute... then navigate back to Email in vestacp panel for the domain and tick DKIM Support and save, then take another look in exim4/domains folder, if still no luck, someone else might have to chime in to take a look, might be a bug.

That did the trick, seems like it wants the owner of dkim.pem to be Debian-exim. I'm guessing something in the chroot plugin installation script neglected to change permissions.

-rw-rw---- 1 Debian-exim mail 887 May 9 08:41 dkim.pem

It's worth noting that I faced this exact same problem with two domains that have changed owner. I had used v-change-domain-owner to transfer the domains from userA to userB.

chimerabear, if you too have changed domain ownership with v-change-domain-owner, maybe there's a bug somewhere in that script...

I got this same issue happen. I recently migrated servers and did a backup on the accounts then v-restore-user.
ownership for dkim.pem was root mail so I changed them to Debian-exim mail. testing out if this fixed my error message in the paniclog which was "unable to open private key file for reading".

thanks for the heads up. I did not remove the dkim.pem, I just appended the permissions.

Fixed - https://github.com/serghey-rodin/vesta/ ... dfaff41ee7

Fix will be available in v18.
(or you can apply patch from github)