On Thursday, October 11, 2018 1:29 PM, Aki Tuomi <[email protected]> wrote:
> > On 11 October 2018 at 15:02 Laura Smith [email protected] > > wrote: > > > > > That's a permission error. Somewhere in your directory hierarchy things > > > are off. See Postfix' set-permissions command. > > > > But surely if Dovecot is staring as root then directory permissions are > > relevant, especially if I'm then asking the config to chmod the file anway ? > > To me, it seems dovecot is not behaving correctly, because if it is not > > using root to access the directory then it is not going to be able to chmod > > the socket later is it ? > > You should probably check few things: > > 1. check dmesg or /var/log/audit/audit.log for any possible security > framework problems > 2. check namei -vl /var/spool/postfix-authrelay/private/dovecot-auth for > anything strange > 3. there is some reason the socket is not bound into, dovecot creates these > sockets as root. > > Aki > Thanks. It ended up being an AppArmor issue. That's now fixed the socket gets created. However, the first part of my problem described earlier still exists, namely: 2018-10-11T15:58:41.230340+01:00 X postfix-authrelay/smtpd[21297]: warning: X.example.com[X]: SASL PLAIN authentication failed: I was hoping going via the socket instead of TCP might fix it, but apparently not. ;-(
