Wietse Venema > If root can do "cat /etc/postfix/mysql/virtual-mailbox-maps.cf" > but the Postfix virtual delivery agent running as root can open
can -> cannot > the file, then you have something that interferes with file system > access, like Selinux, Apparmor, Systrace, and so on. Configuring > such systems is outside the scope of Postfix. Stephen Holmes: > Thanks Wietse. It's a pretty slim install (actually inside a Xen VM) > and running at init level 3 - it's primary function is as an email > server (hence the mailboxes on an NFS share). I'll check the filesystem > and process persmissions and see if I can track it down. Definitely no > AppArmor/SE Linux involved. Will let you know if I solve it. Thanks > again! You could attach a system call tracer to the virtual(8) daemon process to see the exact kernel response to the open() call. See http://www.postfix.org/DEBUG_README.html#auto_trace for examples. Wietse
