On Wednesday 01 October 2008 00:28:37 Stephen Holmes wrote:
> Wietse Venema wrote
> > If root can do "cat /etc/postfix/mysql/virtual-mailbox-maps.cf"
> > but the Postfix virtual delivery agent running as root can open
> > the file, then you have something that interferes with file system
> > access, like Selinux, Apparmor, Systrace, and so on. Configuring
> > such systems is outside the scope of Postfix.
> > Wietse
> Thanks Wietse. It's a pretty slim install (actually inside a Xen VM)
> and running at init level 3 - it's primary function is as an email
> server (hence the mailboxes on an NFS share). I'll check the filesystem
> and process persmissions and see if I can track it down. Definitely no
> AppArmor/SE Linux involved. Will let you know if I solve it. Thanks
You said earlier that you were running CentOS 5.2. As per a standard install,
SELinux defaults to ON.
If it is on (/usr/sbin/selinuxenabled returns 1 if its on, 0 if its disabled),
you have two choices:
1) Disable SELinux
Edit /etc/sysconfig/selinx and change:
Then reboot and retry.
2) Fix your SELinux context on /etc/postfix/mysql/
If you use "ls -laZ /etc/postfix" I suspect you will see that the config files
are "system_u:object_r:postfix_etc_t" and any scripts
are "system_u:object_r:postfix_exec_t". I suspect your /etc/postfic/mysql
directory is neither.
Reset your SELinux context on that directory with:
chcon -R system_u:object_r:postfix_etc_t /etc/postfix/mysql
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Applied Technologies
GPG Key: http://www.linux-corner.info/mwatts.gpg