Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 10th December 2011, 20:01
rcerecedar rcerecedar is offline
Junior Member
 
Join Date: Dec 2011
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
Default Problem configuring Postfix for multiple smtp relay hosts

Hi,
I'm have an enormous headache with what may be a very simple problem. I am trying to migrate a mail server that I have in Ubuntu, to another one in CentoS. I used Postfix in Ubuntu with the options:

smtp_sender_dependent_authentication = yes
smtp_sasl_auth_enable = yes
smtp_sasl_security_options =

sender_dependent_relayhost_maps = hash:/buzones2/postfix/relayhost_map
smtp_sasl_password_maps = hash:/buzones2/postfix/passwd

and it worked perfectly.

When I put the same parameters in another computer, with CentoS, it works fine without the smtp map options, but when I add the previous lines, it seems that can't access the db files I've made with postmap. I've tried it with different owners, permissions,...

I get this errors:

In /var/log/maillog:

Dec 10 19:45:55 localhost postfix/trivial-rewrite[11058]: fatal: open database /buzones2/postfix/relayhost_map.db: Permission denied
Dec 10 19:45:56 localhost postfix/master[10908]: warning: process /usr/libexec/postfix/trivial-rewrite pid 11058 exit status 1
Dec 10 19:45:56 localhost postfix/master[10908]: warning: /usr/libexec/postfix/trivial-rewrite: bad command startup -- throttling


The errors printed in /var/log/audit/audit.log are:
(when the owner of the file is "postfix")
type=AVC msg=audit(1323541225.528:1019): avc: denied { read } for pid=10798 comm="trivial-rewrite" name="relayhost_map.db" dev=sda2 ino=38712 scontext=unconfined_u:system_r: postfix_master_t:s0 tcontext=unconfined_u: object_r:default_t:s0 tclass=file

type=SYSCALL msg=audit(1323541225.528:1019): arch=40000003 syscall=5 success=no exit=-13 a0=1cd42d0 a1=8000 a2=0 a3=0 items=0 ppid=10793 pid=10798 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="trivial-rewrite" exe="/usr/libexec/postfix/trivial-rewrite" subj=unconfined_u:system_r: postfix_master_t:s0 key=(null)

(when the owner is root)
type=AVC msg=audit(1323541413.078:1023): avc: denied { read } for pid=10913 comm="trivial-rewrite" name="relayhost_map.db" dev=sda2 ino=38712 scontext=unconfined_u:system_r: postfix_master_t:s0 tcontext=unconfined_u: object_r: default_t:s0 tclass=file

type=SYSCALL msg=audit(1323541413.078:1023): arch=40000003 syscall=5 success=no exit=-13 a0=2b092d0 a1=8000 a2=0 a3=0 items=0 ppid=10908 pid=10913 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="trivial-rewrite" exe="/usr/libexec/postfix/trivial-rewrite" subj=unconfined_u:system_r: postfix_master_t:s0 key=(null)

Can anybody give me hand on this?

Thanks in advance,
Rafael
Reply With Quote
Sponsored Links
  #2  
Old 12th December 2011, 17:41
rcerecedar rcerecedar is offline
Junior Member
 
Join Date: Dec 2011
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
 
Default Solution

After looking for solutions, someone suggested me to try to see if the problem may be in SElinux.
When I disbled it completely (not only set it to permissive mode), it worked perfectly. So the problem was there.
The way to go through it, it's been:

1. Install audit2allow (I have centos 6)
yum install policycoreutils-python

2. To allow the access to relay_hosts_db.db.
grep postfix_master_t /var/log/audit/audit.log | audit2allow -M postgreylocal
semodule -i postgreylocal.pp

3. Afterwards, I had a similar problem with the access to the file with the passwords for each sender. To allow the access to passwd.db
grep postfix_smtp_t /var/log/audit/audit.log | audit2allow -M postgreylocal
semodule -i postgreylocal.pp

Now, it works! audit2allow is fantastic!

I hope this may help other people.
Reply With Quote
The Following User Says Thank You to rcerecedar For This Useful Post:
falko (13th December 2011)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Catchall and Forwarding not working simmo General 6 22nd March 2014 00:54
How cai remove amavis from postfix ? gabrix Server Operation 16 2nd October 2012 09:58
Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail-Problema jz_ HOWTO-Related Questions 9 14th September 2011 13:31
Mail server using Postfix, Dovecot, Mysql... Postfix virtual maps doesn't work?? tarasbuljba HOWTO-Related Questions 33 28th May 2010 14:33
Help configure Postfix to use alt port 465 or 587 BoloMarkIII Installation/Configuration 10 16th March 2009 17:57


All times are GMT +2. The time now is 15:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.