On Thu, 2008-03-27 at 12:42 +0100, Nick Jennings wrote: > Hi Everyone, > > I have a strange problem, where when I get an email which was > originally sent to root, which expands in the /etc/aliases file to my > user account (nkj), procmail is unable to open the file for writing. > However I can receive emails which have been sent directly to the nkj > account. > > Here is are the relevant log entries in /var/log/maillog: > > > maillog:Mar 27 06:25:58 srv1 postfix/cleanup[697]: E30DE78006: > message-id=<[EMAIL PROTECTED]> > maillog:Mar 27 06:25:58 srv1 postfix/qmgr[11986]: E30DE78006: from=<>, > size=2227, nrcpt=1 (queue active) > maillog:Mar 27 06:25:58 srv1 postfix/bounce[1231]: 5BA8778002: sender > non-delivery notification: E30DE78006 > maillog:Mar 27 06:25:58 srv1 postfix/local[698]: E30DE78006: > to=<[EMAIL PROTECTED]>, orig_to=<[EMAIL PROTECTED]>, relay=local, delay=0.01, > delays=0/0/0/0.01, dsn=5.2.0, status=bounced (can't create user output > file. Command output: procmail: Error while writing to "/var/mail/nkj" ) > maillog:Mar 27 06:25:58 srv1 postfix/qmgr[11986]: E30DE78006: removed > > > > As usual, /var/mail is symlinked to /var/spool/mail and here are the > relevant perms: > > > [EMAIL PROTECTED] log]# ls -l /var/mail > lrwxrwxrwx 1 root root 10 Jan 14 07:37 /var/mail -> spool/mail > > [EMAIL PROTECTED] log]# ls -l /var/spool/ | grep mail$ > drwxrwxrwt 3 root mail 12288 Mar 27 06:07 mail > > [EMAIL PROTECTED] log]# ls -l /var/spool/mail/nkj > -rw------- 1 nkj nkj 51200629 Mar 27 06:25 /var/spool/mail/nkj > > > > It should be noted that /var/spool/mail is a mounted partition, with > quotas enabled, however there are no quotas set on the nkj account: > > > [EMAIL PROTECTED] log]# mount | grep mail > /dev/sda2 on /var/spool/mail type ext3 (rw,usrquota,grpquota) > > [EMAIL PROTECTED] log]# df -h | grep mail > /dev/sda2 30G 283M 28G 1% /var/spool/mail > > [EMAIL PROTECTED] log]# quota -u nkj > Disk quotas for user nkj (uid 500): none > [EMAIL PROTECTED] log]# quota -g nkj > Disk quotas for group nkj (gid 500): none > > > Any ideas why this is happening? I've been trying to figure this out for > a while now with no luck at all, hoping someone here can point me in the > right direction.
What's your SELinux status? Enforcing/Permissive/Disabled? My first thought, in the absence of any other ideas is that SELinux is denying procmail the ability to write to that file. Possibly it's because it's mis-labelled. Do you have SELinux alerts in your /var/log/messages file? -- Sam _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
