Loading ...
Sorry, an error occurred while loading the content.
 

Re: My postfix system refuses to talk to some private daemons( virtual, trivial-rewrite, others not tested )

Expand Messages
  • Victor Duchovni
    ... Disable or fix SE-Linux. ... What is /var/spool/postfix/maildrop? If it is an IMAP mailbox directory tree, it should not reside inside /usr/postfix, and
    Message 1 of 3 , Jun 1, 2006
      On Thu, Jun 01, 2006 at 02:45:35PM +0200, miha wrote:

      > Jun 1 14:27:49 sabotin postfix/qmgr[6631]: warning: connect to transport virtual: Operation not permitted

      Disable or fix SE-Linux.

      > --Specific file and directory permissions--
      > drwx-wx--- 2 postfix maildrop 48 2006-05-02 09:36 /var/spool/postfix/maildrop

      What is /var/spool/postfix/maildrop? If it is an IMAP mailbox directory
      tree, it should not reside inside /usr/postfix, and MUST not be owned by
      the "postfix" user. Please fix this. The virtual_uid_maps = static:<uid>
      value must not be the same as the uid of the "postfix" ($mail_owner) user.

      > drwx------ 2 postfix root 576 2006-06-01 11:48 /var/spool/postfix/private
      > total 0
      > srw-rw-rw- 1 postfix postfix 0 2006-06-01 11:48 virtual

      Thanks for that, very useful.

      --
      Viktor.

      P.S. Morgan Stanley is looking for a New York City based, Senior Unix
      system/email administrator to architect and sustain the Unix email
      environment. If you are interested, please drop me a note.

      Disclaimer: off-list followups get on-list replies or get ignored.
      Please do not ignore the "Reply-To" header.

      To unsubscribe from the postfix-users list, visit
      http://www.postfix.org/lists.html or click the link below:
      <mailto:majordomo@...?body=unsubscribe%20postfix-users>

      If my response solves your problem, the best way to thank me is to not
      send an "it worked, thanks" follow-up. If you must respond, please put
      "It worked, thanks" in the "Subject" so I can delete these quickly.
    • Sandy Drobic
      ... Suse 10.1 comes with AppArmor, which has a profile for Postfix. For any file access not defined in that profile you get Operation not permitted . Either
      Message 2 of 3 , Jun 1, 2006
        miha wrote:
        > Hi all,
        >
        > please have a look at the attached files for further info.
        >
        > In short, I upgraded my linux box from SuSE 9.1 to 10.1 and the postfix
        > system stopped working. For what I could understand from the log files, it
        > should be something involving file permissions or user/group permissions
        > of some postfix daemons!? But I couldn't figure out what it is. For
        > instance, what intrigued me was that the local transport daemon works just
        > fine, the virtual one does not. It appears to me that they both have the
        > same entries in master.cf. Delivery to local recipients works.

        Suse 10.1 comes with AppArmor, which has a profile for Postfix. For any
        file access not defined in that profile you get "Operation not permitted".
        Either switch AppArmor into learning mode to modify the profile or
        deactivate AppArmor entirely.

        Sandy
      Your message has been successfully submitted and would be delivered to recipients shortly.