On 2020-11-18 10:25, James Strother wrote:
> I'm getting errors when I try to send outgoing emails that I don't
> have permission to access the dkim private key. If I set the key to be
> world-readable, then everything works perfectly. Setting the file to
> be world-readable is okay temporarily (there are no non-admin users on
> this machine), but seems like the wrong answer in the long-term.
>
> I thought that exim might setuid to the exim user before trying to
> read the key, but this doesn't seem to happen. It looks like it is
> trying to read the key as the user sending outgoing emails. Is that
> right? Can you suggest owners/permissions for the key?
Is your exim binary setuid root? I believe what you see is one of the
ways it would misbehave if it were not.