I've built a new mail system with Centos 6.5, and I'm running fetchmail - sendmail - procmail to maildir. I have all of this working at the moment.(I know, postfix was the default, but for lots of other reasons, I switched, and that isn't an issue, I don't think). I am using dovecot as an imap server. Procmail won't update indexes during email delivery, so I'm having some performance delays and lags when accessing the emails via imap. I would like to use dovecot-lda for delivery, but I get permission denied errors, and I don't know why or where they are coming from. Here is the .procmailrc and procmail log file response when I try to use dovecot-lda from procmail: .procmailrc SHELL=/bin/sh PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' DEFAULT=$MAILDIR LOGFILE="$HOME/procmail_log" LOCKFILE="$HOME/.lockmail" LOCKEXT=.lock :0 * . { LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" } :0 c .ham_to_learn/ :0 | /usr/libexec/dovecot/deliver -m $DEFAULT I get this in my log file: procmail: [27709] Fri Jun 20 14:00:17 2014 default recipe using copy to .ham_to_learn/ (maildir version) procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403290809.27709_3.helium" procmail: Assigning "LASTFOLDER=/usr/libexec/dovecot/deliver -m /home/campbell/Maildir/" procmail: Notified comsat: "campbell@:/usr/libexec/dovecot/deliver -m /home/campbell/Maildir/">From campbell at accelinc.com Fri Jun 20 14:00:06 2014Subject: Re: Uruguay gravity model description Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470 procmail: Unlocking "/home/campbell/.lockmail" procmail: Executing "/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/" /bin/sh: /usr/libexec/dovecot/deliver: Permission denied ls -laFZ /usr/libexec/ <snip> drwxr-xr-x. root root system_u:object_r:bin_t:s0 dovecot/ <snip> ls -laFZ /usr/libexec/dovecot <snip> lrwxrwxrwx. root root system_u:object_r:bin_t:s0 deliver -> dovecot-lda* -rwxr-xr-x. root root system_u:object_r:dovecot_deliver_exec_t:s0 dovecot-lda* <snip> It doesn't matter whether I reference the link file, or dovecot-lda directly, I get the same result. I'm not getting any AVC (SELinux) entries in my /var/log/audit/audit.log, so it doesn't appear to be unix permissions, or SELinux issues. How can I find out what permissions I need to change? -chuck -------------------------------------------------------------- current working (but not indexing) examples below here. Two versions using procmail for delivery that succeed: If my .procmailrc file that looks like this: SHELL=/bin/sh PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' DEFAULT=$MAILDIR LOGFILE="$HOME/procmail_log" LOCKFILE="$HOME/.lockmail" LOCKEXT=.lock :0 * . { LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" } :0 c .ham_to_learn/ I get this in my log file: procmail: [27580] Fri Jun 20 13:37:55 2014 default recipe using copy to .ham_to_learn/ (maildir version) procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289475.27580_2.helium" procmail: Assigning "LASTFOLDER=/home/campbell/Maildir/new/1403289475.27580_3.helium" procmail: Notified comsat: "campbell at 0:/home/campbell/Maildir/new/1403289475.27580_3.helium">From campbell at accelinc.com Fri Jun 20 13:37:55 2014Subject: t41 Folder: /home/campbell/Maildir/new/1403289475.27580_3.helium 4299 procmail: Unlocking "/home/campbell/.lockmail" I get a copy in my inbox and a copy in my ham to learn folder. All appears OK If I use this recipe: SHELL=/bin/sh PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' DEFAULT=$MAILDIR LOGFILE="$HOME/procmail_log" LOCKFILE="$HOME/.lockmail" LOCKEXT=.lock :0 * . { LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" } :0 c .ham_to_learn/ :0 $DEFAULT I get this in my log file (same as above, all is well): procmail: [27646] Fri Jun 20 13:46:25 2014 default recipe using copy to .ham_to_learn/ (maildir version) procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289985.27646_2.helium" procmail: Assigning "LASTFOLDER=/home/campbell/Maildir/new/1403289985.27646_3.helium" procmail: Notified comsat: "campbell at 0:/home/campbell/Maildir/new/1403289985.27646_3.helium">From campbell at accelinc.com Fri Jun 20 13:45:53 2014Subject: t43 Folder: /home/campbell/Maildir/new/1403289985.27646_3.helium 4603 procmail: Unlocking "/home/campbell/.lockmail" -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325| Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campbell at accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!"
Chuck Campbell <campbell at accelinc.com> writes:> I've built a new mail system with Centos 6.5, and I'm running fetchmail - > sendmail - procmail to maildir. I have all of this working at the moment.(I > know, postfix was the default, but for lots of other reasons, I switched, and > that isn't an issue, I don't think). > > I am using dovecot as an imap server. Procmail won't update indexes during email > delivery, so I'm having some performance delays and lags when accessing the > emails via imap.Maildir doesn't have indexes. Are you sure that the delays you're seeing are from dovecot rebuilding them when someone accesses their IMAP account?>>From campbell at accelinc.com Fri Jun 20 14:00:06 2014 > Subject: Re: Uruguay gravity model description > Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470Folder /usr/libexec/...?> procmail: Unlocking "/home/campbell/.lockmail" > procmail: Executing "/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/" > /bin/sh: /usr/libexec/dovecot/deliver: Permission deniedThat looks to me as if 'deliver' is not allowed to write to ~/Maildir. As which user is it running? Can it deliver when you run it as the same user who owns ~/Maildir? -- Knowledge is volatile and fluid. Software is power.
On 06/20/2014 03:15 PM, Chuck Campbell wrote:> I've built a new mail system with Centos 6.5, and I'm running fetchmail - > sendmail - procmail to maildir. I have all of this working at the moment.(I > know, postfix was the default, but for lots of other reasons, I switched, and > that isn't an issue, I don't think). > > I am using dovecot as an imap server. Procmail won't update indexes during email > delivery, so I'm having some performance delays and lags when accessing the > emails via imap. I would like to use dovecot-lda for delivery, but I get > permission denied errors, and I don't know why or where they are coming from. > > Here is the .procmailrc and procmail log file response when I try to use > dovecot-lda from procmail: > > .procmailrc > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > :0 > | /usr/libexec/dovecot/deliver -m $DEFAULT > > > I get this in my log file: > > procmail: [27709] Fri Jun 20 14:00:17 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403290809.27709_3.helium" > procmail: Assigning "LASTFOLDER=/usr/libexec/dovecot/deliver -m > /home/campbell/Maildir/" > procmail: Notified comsat: "campbell@:/usr/libexec/dovecot/deliver -m > /home/campbell/Maildir/" > >From campbell at accelinc.com Fri Jun 20 14:00:06 2014 > Subject: Re: Uruguay gravity model description > Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470 > procmail: Unlocking "/home/campbell/.lockmail" > procmail: Executing "/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/" > /bin/sh: /usr/libexec/dovecot/deliver: Permission denied > > ls -laFZ /usr/libexec/ > <snip> > drwxr-xr-x. root root system_u:object_r:bin_t:s0 dovecot/ > <snip> > > ls -laFZ /usr/libexec/dovecot > <snip> > lrwxrwxrwx. root root system_u:object_r:bin_t:s0 deliver -> dovecot-lda* > -rwxr-xr-x. root root system_u:object_r:dovecot_deliver_exec_t:s0 dovecot-lda* > <snip> > > It doesn't matter whether I reference the link file, or dovecot-lda directly, I > get the same result. > > I'm not getting any AVC (SELinux) entries in my /var/log/audit/audit.log, so it > doesn't appear to be unix permissions, or SELinux issues. > How can I find out what permissions I need to change? > > -chuck > > > -------------------------------------------------------------- > current working (but not indexing) examples below here. > > Two versions using procmail for delivery that succeed: > > > If my .procmailrc file that looks like this: > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > > > I get this in my log file: > > procmail: [27580] Fri Jun 20 13:37:55 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289475.27580_2.helium" > procmail: Assigning > "LASTFOLDER=/home/campbell/Maildir/new/1403289475.27580_3.helium" > procmail: Notified comsat: > "campbell at 0:/home/campbell/Maildir/new/1403289475.27580_3.helium" > >From campbell at accelinc.com Fri Jun 20 13:37:55 2014 > Subject: t41 > Folder: /home/campbell/Maildir/new/1403289475.27580_3.helium 4299 > procmail: Unlocking "/home/campbell/.lockmail" > > I get a copy in my inbox and a copy in my ham to learn folder. All appears OK > > If I use this recipe: > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > :0 > $DEFAULT > > I get this in my log file (same as above, all is well): > > procmail: [27646] Fri Jun 20 13:46:25 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289985.27646_2.helium" > procmail: Assigning > "LASTFOLDER=/home/campbell/Maildir/new/1403289985.27646_3.helium" > procmail: Notified comsat: > "campbell at 0:/home/campbell/Maildir/new/1403289985.27646_3.helium" > >From campbell at accelinc.com Fri Jun 20 13:45:53 2014 > Subject: t43 > Folder: /home/campbell/Maildir/new/1403289985.27646_3.helium 4603 > procmail: Unlocking "/home/campbell/.lockmail" > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosI think it could still be an SELinux issue. Does putting the machine in permissive mode, allow everything to work? If so, then you might want to temporarily disable dontaudit rules to see if one of them is causing your issue. semodule -DB Run your test You should see lots of AVC's now. Search for ones that match your tools. semodule -B Will turn dontaudit rules back on.