On Wednesday 01 October 2008 00:28:37 Stephen Holmes wrote: > Wietse Venema wrote > > > If root can do "cat /etc/postfix/mysql/virtual-mailbox-maps.cf" > > but the Postfix virtual delivery agent running as root can open > > the file, then you have something that interferes with file system > > access, like Selinux, Apparmor, Systrace, and so on. Configuring > > such systems is outside the scope of Postfix. > > > > Wietse > > Thanks Wietse. It's a pretty slim install (actually inside a Xen VM) > and running at init level 3 - it's primary function is as an email > server (hence the mailboxes on an NFS share). I'll check the filesystem > and process persmissions and see if I can track it down. Definitely no > AppArmor/SE Linux involved. Will let you know if I solve it. Thanks > again!
You said earlier that you were running CentOS 5.2. As per a standard install,
SELinux defaults to ON.
If it is on (/usr/sbin/selinuxenabled returns 1 if its on, 0 if its disabled),
you have two choices:
1) Disable SELinux
Edit /etc/sysconfig/selinx and change:
SELINUX=enforcing
to
SELINUX=permissive
or SELINUX=disabled
Then reboot and retry.
2) Fix your SELinux context on /etc/postfix/mysql/
If you use "ls -laZ /etc/postfix" I suspect you will see that the config files
are "system_u:object_r:postfix_etc_t" and any scripts
are "system_u:object_r:postfix_exec_t". I suspect your /etc/postfic/mysql
directory is neither.
Reset your SELinux context on that directory with:
chcon -R system_u:object_r:postfix_etc_t /etc/postfix/mysql
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Applied Technologies
GPG Key: http://www.linux-corner.info/mwatts.gpg
signature.asc
Description: This is a digitally signed message part.
