On Mon, Apr 28, 2014 at 9:11 AM, Steffen Kaiser < [email protected]> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Mon, 28 Apr 2014, Chris Vaas wrote: > > On Mon, Apr 28, 2014 at 8:43 AM, Steffen Kaiser < >> [email protected]> wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> On Sun, 27 Apr 2014, Chris Vaas wrote: >>> >>> [fixed ugly top posting] >>> >>> On Sat, Apr 26, 2014 at 11:39 PM, Steffen < >>> [email protected] >>> >>>> wrote: >>>>> >>>> >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> >>>>> Hash: SHA1 >>>>> >>>>> Chris Vaas wrote: >>>>> >>>>> I am currently facing the following log output: >>>>>> >>>>>> Apr 26 16:40:28 h2290750 dovecot: auth: Error: pgsql(localhost): >>>>>> Connect failed to database mail: could not connect to server: >>>>>> Permission denied Apr 26 16:40:28 h2290750 dovecot: auth: Error: >>>>>> #011Is the server running on host "localhost" (::1) and accepting >>>>>> Apr 26 16:40:28 h2290750 dovecot: auth: Error: #011TCP/IP >>>>>> connections on port 5432? >>>>>> >>>>>> I have double checked the database. It is listening correctly and I >>>>>> can connect to it via >>>>>> >>>>>> psql -U mailreader mail >>>>>> >>>>>> I provided all necessary information to dovecot via this >>>>>> configuration snippet: >>>>>> >>>>>> driver = pgsql connect = host=localhost dbname=mail user=mailreader >>>>>> password=secret default_pass_scheme = SHA512 >>>>>> >>>>>> >>>>> does Postgres allow connections on "host ::1" for user mailreader ? >>>>> Actually I wonder, because I thought the Postgres lib defaults to >>>>> "local" (socket) by default on localhost -> does Postgres allow >>>>> connections on "local" for mailreader? Permissions are configured in >>>>> pg_hba.conf, but -> Does Postgres logs something? It should if PG >>>>> denies the connection. >>>>> >>>>> >>>> I set the host to 127.0.0.1 now. And my pg_hba.conf looks like that: >>> >>>> >>>> # TYPE DATABASE USER ADDRESS METHOD >>>> # Mail stuff >>>> host mail mailreader 127.0.0.1/32 md5 >>>> host mail mailreader ::1/128 md5 >>>> local all all md5 >>>> host all all 127.0.0.1/32 ident >>>> host all all ::1/128 ident >>>> >>>> >>> What about the "Does Postgres logs something?" >>> >>> >> The log under /var/logs/pgsql is completely empty. >> > > In addition to Aleksandar's question: Does Postgres runs at all? > > >>> Do you have SELinux or something like that running? >>> What about this question? >>> >> >> I do have a SELinux up and running, yeah. >> > > Did you've checked its logs, e.g. (pretty old): > http://linux.derkeiler.com/Mailing-Lists/Fedora/2006-03/msg05342.html > - -- Steffen Kaiser > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > > iQEVAwUBU13/FXz1H7kL/d9rAQLjbQf+IQV/jSAj+fvxCaIgxgzktUuJenONp5Za > LrxYEQ79YelD5ljH1Ms1cYyegp5+8ecHsp0Fc850ZBeEYsplfZjfvAoPP4lO+cdH > GOPt3+zniEdeEVMVFfOokyTGjSPWbRrlb5r/wWYj6pU35pkw1pK3M6hPxF2Y6grm > poLMdHvaktwIr9STtqu1JTOxRffLgW5qh1AcQwJ+BoNs+h0MKs7ddqgnfeV9bKZx > rmyOuAU36QnNcv+LJQJSiJMFw1pejS+OBvI23xYsj/04dAAiTzNHGe3doz/sF1PX > P2zroewTEEb+lkvjUkOmukLuTlLnCAVgdHyWZF37c5vML9HD7Xyqrg== > =e13N > -----END PGP SIGNATURE----- > It is running, yes. I can connect from my local machine to the server without a flaw. About SELinux: I just looked into my SELinux audit log and found the following denial. type=AVC msg=audit(1398609990.493:280): avc: denied { name_connect } for pid=5964 comm="auth" dest=5432 scontext=unconfined_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket There seems to be a good chance, that this is my problem, doesn't it? But how can I allow the connection? Cheers Chris
