SE Linux + Dovecot SASL + Postfix = help

Daniel teletautala at gmail.com
Tue Oct 24 15:28:50 MDT 2006


the command ls -Z  will allow you to see the security context of the files
around the one in question.  The command chcon <file> will change the
security context of the given file.  I hope this helps.

-Daniel

On 10/24/06, Hill, Greg <grhill at corp.untd.com> wrote:
>
> So, in order to get Postfix to use Dovecot SASL, you have to tell both
> Postfix and Dovecot where the 'auth' socket will be.  From what I can
> tell, Dovecot then creates the socket on load and Postfix just uses it
> to Auth SMTP connections.  However, the default SE Linux on Fedora Core
> 5 is preventing Dovecot from creating the socket and listening on it.
>
>
>
> I tried to read the docs on SE Linux, but this being my first foray into
> it, much of it was as clear as mud.  For now, I just disabled SE Linux
> to get it to work, but I'd like to turn it back on if it's not too hard
> to get working.  Is there an easy command to create a folder that
> dovecot-auth will have access to create the socket?  Will Postfix need
> some sort of access as well in order to send requests to that socket?  I
> would imagine not, but this is all new territory for me.
>
>
>
> The Redhat docs said to create a .te file from /var/log/messages (which
> I did), then to compile it with some utility they provide, which failed
> with an error message that made no sense to me (I don't recall what it
> was, and I don't have access to the server at the moment to try again).
> I then tried to create a folder and chcon it to allow dovecot_auth_t
> access, and got 'permission denied' (as root, even).  It was at that
> point I gave up and turned off SE Linux.
>
>
>
> Greg
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list