SE Linux + Dovecot SASL + Postfix = help

Daniel teletautala at
Tue Oct 24 15:28:50 MDT 2006

the command ls -Z  will allow you to see the security context of the files
around the one in question.  The command chcon <file> will change the
security context of the given file.  I hope this helps.


On 10/24/06, Hill, Greg <grhill at> wrote:
> So, in order to get Postfix to use Dovecot SASL, you have to tell both
> Postfix and Dovecot where the 'auth' socket will be.  From what I can
> tell, Dovecot then creates the socket on load and Postfix just uses it
> to Auth SMTP connections.  However, the default SE Linux on Fedora Core
> 5 is preventing Dovecot from creating the socket and listening on it.
> I tried to read the docs on SE Linux, but this being my first foray into
> it, much of it was as clear as mud.  For now, I just disabled SE Linux
> to get it to work, but I'd like to turn it back on if it's not too hard
> to get working.  Is there an easy command to create a folder that
> dovecot-auth will have access to create the socket?  Will Postfix need
> some sort of access as well in order to send requests to that socket?  I
> would imagine not, but this is all new territory for me.
> The Redhat docs said to create a .te file from /var/log/messages (which
> I did), then to compile it with some utility they provide, which failed
> with an error message that made no sense to me (I don't recall what it
> was, and I don't have access to the server at the moment to try again).
> I then tried to create a folder and chcon it to allow dovecot_auth_t
> access, and got 'permission denied' (as root, even).  It was at that
> point I gave up and turned off SE Linux.
> Greg
> /*
> PLUG:, #utah on
> Unsubscribe:
> Don't fear the penguin.
> */

More information about the PLUG mailing list