Posting a reply to this old thread because I have run into this and solved it only to forget it and need to solve it again.
Where I then happen upon this thread for the umpteen time.
So posting the solution for my self and everyone else.

Verify that logcheck has both a user and group in /etc/passwd and /etc/group.
Ensure that logcheck is a member of group adm. <--- <--- <---
Ensure that the logs are readable by adm so that logcheck can read the logs otherwise your:
output or email errors will complain about permission denied errors accessing the log files.
or
or
It's also good to ensure you have a logcheck alias in /etc/aliases pointing at your primary account so the logcheck user is not filling up the mail spool with mail you never check. Of course run newaliases or postmap as the case may be.

Also on selinux enabled systems run restorecon -Rv /etc/logcheck after updating or adding new local-* rules.

I understand this post is quite old but if someone could advise / comment on my little issue I would highly appreciate it.

The following commands do not work:

su -s /bin/bash -c "/usr/sbin/logcheck" logcheck
or
su -s /bin/bash -c "/usr/sbin/logcheck -d" logcheck

it says:

cannot execute /bin/bash/

However, the following commands work perfectly fine:

sudo - u logcheck logcheck
or
sudo - u logcheck logcheck -d

Logcheck also emails me OK as per its configuration settings, it's just logcheck's suggested commands of

su -s /bin/bash -c "/usr/sbin/logcheck" logcheck
and
su -s /bin/bash -c "/usr/sbin/logcheck -d" logcheck

that do not work. Any suggestions, please? Many thanks in advance!