I've built a new mail system with Centos 6.5, and I'm running fetchmail
-
sendmail - procmail to maildir. I have all of this working at the moment.(I
know, postfix was the default, but for lots of other reasons, I switched, and
that isn't an issue, I don't think).
I am using dovecot as an imap server. Procmail won't update indexes during
email
delivery, so I'm having some performance delays and lags when accessing the
emails via imap. I would like to use dovecot-lda for delivery, but I get
permission denied errors, and I don't know why or where they are coming
from.
Here is the .procmailrc and procmail log file response when I try to use
dovecot-lda from procmail:
.procmailrc
SHELL=/bin/sh
PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:.
# one page suggested MAILDIR has no trailing slash, but DEFAULT should have one
MAILDIR=$HOME/Maildir/ # You'd better make sure it exists '
DEFAULT=$MAILDIR
LOGFILE="$HOME/procmail_log"
LOCKFILE="$HOME/.lockmail"
LOCKEXT=.lock
:0
* .
{
LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version)
$NL"
}
:0 c
.ham_to_learn/
:0
| /usr/libexec/dovecot/deliver -m $DEFAULT
I get this in my log file:
procmail: [27709] Fri Jun 20 14:00:17 2014
default recipe using copy to .ham_to_learn/ (maildir version)
procmail: Assigning
"LASTFOLDER=.ham_to_learn/new/1403290809.27709_3.helium"
procmail: Assigning "LASTFOLDER=/usr/libexec/dovecot/deliver -m
/home/campbell/Maildir/"
procmail: Notified comsat: "campbell@:/usr/libexec/dovecot/deliver -m
/home/campbell/Maildir/">From campbell at accelinc.com Fri Jun 20 14:00:06 2014
Subject: Re: Uruguay gravity model description
Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470
procmail: Unlocking "/home/campbell/.lockmail"
procmail: Executing
"/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/"
/bin/sh: /usr/libexec/dovecot/deliver: Permission denied
ls -laFZ /usr/libexec/
<snip>
drwxr-xr-x. root root system_u:object_r:bin_t:s0 dovecot/
<snip>
ls -laFZ /usr/libexec/dovecot
<snip>
lrwxrwxrwx. root root system_u:object_r:bin_t:s0 deliver ->
dovecot-lda*
-rwxr-xr-x. root root system_u:object_r:dovecot_deliver_exec_t:s0 dovecot-lda*
<snip>
It doesn't matter whether I reference the link file, or dovecot-lda
directly, I
get the same result.
I'm not getting any AVC (SELinux) entries in my /var/log/audit/audit.log, so
it
doesn't appear to be unix permissions, or SELinux issues.
How can I find out what permissions I need to change?
-chuck
--------------------------------------------------------------
current working (but not indexing) examples below here.
Two versions using procmail for delivery that succeed:
If my .procmailrc file that looks like this:
SHELL=/bin/sh
PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:.
# one page suggested MAILDIR has no trailing slash, but DEFAULT should have one
MAILDIR=$HOME/Maildir/ # You'd better make sure it exists '
DEFAULT=$MAILDIR
LOGFILE="$HOME/procmail_log"
LOCKFILE="$HOME/.lockmail"
LOCKEXT=.lock
:0
* .
{
LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version)
$NL"
}
:0 c
.ham_to_learn/
I get this in my log file:
procmail: [27580] Fri Jun 20 13:37:55 2014
default recipe using copy to .ham_to_learn/ (maildir version)
procmail: Assigning
"LASTFOLDER=.ham_to_learn/new/1403289475.27580_2.helium"
procmail: Assigning
"LASTFOLDER=/home/campbell/Maildir/new/1403289475.27580_3.helium"
procmail: Notified comsat:
"campbell at
0:/home/campbell/Maildir/new/1403289475.27580_3.helium">From campbell at accelinc.com Fri Jun 20 13:37:55 2014
Subject: t41
Folder: /home/campbell/Maildir/new/1403289475.27580_3.helium 4299
procmail: Unlocking "/home/campbell/.lockmail"
I get a copy in my inbox and a copy in my ham to learn folder. All appears OK
If I use this recipe:
SHELL=/bin/sh
PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:.
# one page suggested MAILDIR has no trailing slash, but DEFAULT should have one
MAILDIR=$HOME/Maildir/ # You'd better make sure it exists '
DEFAULT=$MAILDIR
LOGFILE="$HOME/procmail_log"
LOCKFILE="$HOME/.lockmail"
LOCKEXT=.lock
:0
* .
{
LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version)
$NL"
}
:0 c
.ham_to_learn/
:0
$DEFAULT
I get this in my log file (same as above, all is well):
procmail: [27646] Fri Jun 20 13:46:25 2014
default recipe using copy to .ham_to_learn/ (maildir version)
procmail: Assigning
"LASTFOLDER=.ham_to_learn/new/1403289985.27646_2.helium"
procmail: Assigning
"LASTFOLDER=/home/campbell/Maildir/new/1403289985.27646_3.helium"
procmail: Notified comsat:
"campbell at
0:/home/campbell/Maildir/new/1403289985.27646_3.helium">From campbell at accelinc.com Fri Jun 20 13:45:53 2014
Subject: t43
Folder: /home/campbell/Maildir/new/1403289985.27646_3.helium 4603
procmail: Unlocking "/home/campbell/.lockmail"
--
ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph.
| and Integrated Interpretation | (713)993-0608 fax
448 W. 19th St. #325| Since 1992 | (713)306-5794 cell
Houston, TX, 77008 | Chuck Campbell | campbell at
accelinc.com
| President & Senior Geoscientist |
"Integration means more than having all the maps at the same
scale!"
Chuck Campbell <campbell at accelinc.com> writes:> I've built a new mail system with Centos 6.5, and I'm running fetchmail - > sendmail - procmail to maildir. I have all of this working at the moment.(I > know, postfix was the default, but for lots of other reasons, I switched, and > that isn't an issue, I don't think). > > I am using dovecot as an imap server. Procmail won't update indexes during email > delivery, so I'm having some performance delays and lags when accessing the > emails via imap.Maildir doesn't have indexes. Are you sure that the delays you're seeing are from dovecot rebuilding them when someone accesses their IMAP account?>>From campbell at accelinc.com Fri Jun 20 14:00:06 2014 > Subject: Re: Uruguay gravity model description > Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470Folder /usr/libexec/...?> procmail: Unlocking "/home/campbell/.lockmail" > procmail: Executing "/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/" > /bin/sh: /usr/libexec/dovecot/deliver: Permission deniedThat looks to me as if 'deliver' is not allowed to write to ~/Maildir. As which user is it running? Can it deliver when you run it as the same user who owns ~/Maildir? -- Knowledge is volatile and fluid. Software is power.
On 06/20/2014 03:15 PM, Chuck Campbell wrote:> I've built a new mail system with Centos 6.5, and I'm running fetchmail - > sendmail - procmail to maildir. I have all of this working at the moment.(I > know, postfix was the default, but for lots of other reasons, I switched, and > that isn't an issue, I don't think). > > I am using dovecot as an imap server. Procmail won't update indexes during email > delivery, so I'm having some performance delays and lags when accessing the > emails via imap. I would like to use dovecot-lda for delivery, but I get > permission denied errors, and I don't know why or where they are coming from. > > Here is the .procmailrc and procmail log file response when I try to use > dovecot-lda from procmail: > > .procmailrc > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > :0 > | /usr/libexec/dovecot/deliver -m $DEFAULT > > > I get this in my log file: > > procmail: [27709] Fri Jun 20 14:00:17 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403290809.27709_3.helium" > procmail: Assigning "LASTFOLDER=/usr/libexec/dovecot/deliver -m > /home/campbell/Maildir/" > procmail: Notified comsat: "campbell@:/usr/libexec/dovecot/deliver -m > /home/campbell/Maildir/" > >From campbell at accelinc.com Fri Jun 20 14:00:06 2014 > Subject: Re: Uruguay gravity model description > Folder: /usr/libexec/dovecot/deliver -m /home/campbell/Maildir/ 10470 > procmail: Unlocking "/home/campbell/.lockmail" > procmail: Executing "/usr/libexec/dovecot/deliver,-m,/home/campbell/Maildir/" > /bin/sh: /usr/libexec/dovecot/deliver: Permission denied > > ls -laFZ /usr/libexec/ > <snip> > drwxr-xr-x. root root system_u:object_r:bin_t:s0 dovecot/ > <snip> > > ls -laFZ /usr/libexec/dovecot > <snip> > lrwxrwxrwx. root root system_u:object_r:bin_t:s0 deliver -> dovecot-lda* > -rwxr-xr-x. root root system_u:object_r:dovecot_deliver_exec_t:s0 dovecot-lda* > <snip> > > It doesn't matter whether I reference the link file, or dovecot-lda directly, I > get the same result. > > I'm not getting any AVC (SELinux) entries in my /var/log/audit/audit.log, so it > doesn't appear to be unix permissions, or SELinux issues. > How can I find out what permissions I need to change? > > -chuck > > > -------------------------------------------------------------- > current working (but not indexing) examples below here. > > Two versions using procmail for delivery that succeed: > > > If my .procmailrc file that looks like this: > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > > > I get this in my log file: > > procmail: [27580] Fri Jun 20 13:37:55 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289475.27580_2.helium" > procmail: Assigning > "LASTFOLDER=/home/campbell/Maildir/new/1403289475.27580_3.helium" > procmail: Notified comsat: > "campbell at 0:/home/campbell/Maildir/new/1403289475.27580_3.helium" > >From campbell at accelinc.com Fri Jun 20 13:37:55 2014 > Subject: t41 > Folder: /home/campbell/Maildir/new/1403289475.27580_3.helium 4299 > procmail: Unlocking "/home/campbell/.lockmail" > > I get a copy in my inbox and a copy in my ham to learn folder. All appears OK > > If I use this recipe: > > SHELL=/bin/sh > PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. > # one page suggested MAILDIR has no trailing slash, but DEFAULT should have one > MAILDIR=$HOME/Maildir/ # You'd better make sure it exists ' > DEFAULT=$MAILDIR > LOGFILE="$HOME/procmail_log" > LOCKFILE="$HOME/.lockmail" > LOCKEXT=.lock > :0 > * . > { > LOG="$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL" > } > :0 c > .ham_to_learn/ > :0 > $DEFAULT > > I get this in my log file (same as above, all is well): > > procmail: [27646] Fri Jun 20 13:46:25 2014 > default recipe using copy to .ham_to_learn/ (maildir version) > procmail: Assigning "LASTFOLDER=.ham_to_learn/new/1403289985.27646_2.helium" > procmail: Assigning > "LASTFOLDER=/home/campbell/Maildir/new/1403289985.27646_3.helium" > procmail: Notified comsat: > "campbell at 0:/home/campbell/Maildir/new/1403289985.27646_3.helium" > >From campbell at accelinc.com Fri Jun 20 13:45:53 2014 > Subject: t43 > Folder: /home/campbell/Maildir/new/1403289985.27646_3.helium 4603 > procmail: Unlocking "/home/campbell/.lockmail" > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centosI think it could still be an SELinux issue. Does putting the machine in permissive mode, allow everything to work? If so, then you might want to temporarily disable dontaudit rules to see if one of them is causing your issue. semodule -DB Run your test You should see lots of AVC's now. Search for ones that match your tools. semodule -B Will turn dontaudit rules back on.