Bug 2075571

Summary: Postfix ExecStartPre exception when dealing with SELinux
Product: Red Hat Enterprise Linux 9 Reporter: Daniel Juarez <djuarezg>
Component: postfixAssignee: Jaroslav Škarvada <jskarvad>
Status: ON_QA --- QA Contact: František Hrdina <fhrdina>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: CentOS StreamCC: amessina, bstinson, djuarezg, fhrdina, jwboyer, lionel.cons, stefano.biagiotti
Target Milestone: rcKeywords: AutoVerified, Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: postfix-3.5.9-24.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Juarez 2022-04-14 15:14:15 UTC 
Description of problem:

The comments on https://bugzilla.redhat.com/show_bug.cgi?id=1335997 also describe this issue. On startup, postfix will report the following:

2022-04-12T09:58:20.503458+02:00 mig003.cern.ch systemd[1]: Starting Postfix Mail Transport Agent...
2022-04-12T09:58:20.508915+02:00 mig003.cern.ch systemd[1]: Started Puppet agent.
2022-04-12T09:58:20.514957+02:00 mig003.cern.ch systemd[1]: Starting Dynamic System Tuning Daemon...
2022-04-12T09:58:20.526526+02:00 mig003.cern.ch restorecon[881]: /usr/sbin/restorecon: lstat(/var/spool/postfix/pid/master.pid) failed: No such file or directory

Version-Release number of selected component (if applicable):


How reproducible:

On a freshly installed machine, postfix will report the mentioned exception.

[root@juarezcs9 pid]# systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
     Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
     Active: active (running) since Thu 2022-04-14 17:00:04 CEST; 1min 43s ago
    Process: 5018 ExecStartPre=/usr/sbin/restorecon -R /var/spool/postfix/pid/master.pid (code=exited, status=255/EXCEPTION)
    Process: 5019 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
    Process: 5021 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
    Process: 5022 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
   Main PID: 5090 (master)
      Tasks: 3 (limit: 9919)
     Memory: 3.1M
        CPU: 378ms
     CGroup: /system.slice/postfix.service
             ├─5090 /usr/libexec/postfix/master -w
             ├─5091 pickup -l -t fifo -u
             └─5092 qmgr -l -t fifo -u

Apr 14 17:00:04 juarezcs9.cern.ch systemd[1]: Starting Postfix Mail Transport Agent...
Apr 14 17:00:04 juarezcs9.cern.ch restorecon[5018]: /usr/sbin/restorecon: lstat(/var/spool/postfix/pid/master.pid) failed: No such file or directory
Apr 14 17:00:04 juarezcs9.cern.ch postfix/postfix-script[5088]: starting the Postfix mail system
Apr 14 17:00:04 juarezcs9.cern.ch postfix/master[5090]: daemon started -- version 3.5.9, configuration /etc/postfix
Apr 14 17:00:04 juarezcs9.cern.ch systemd[1]: Started Postfix Mail Transport Agent.


Steps to fix it:
[root@juarezcs9 pid]# ls -Z /var/spool/postfix/pid/
system_u:object_r:postfix_var_run_t:s0 master.pid
[root@juarezcs9 pid]# service postfix stop
Redirecting to /bin/systemctl stop postfix.service
[root@juarezcs9 pid]# ls -Z /var/spool/postfix/pid/
[root@juarezcs9 pid]# postfix start
postfix/postfix-script: starting the Postfix mail system
[root@juarezcs9 pid]# pwd
/var/spool/postfix/pid
[root@juarezcs9 pid]# ls -Zd .
system_u:object_r:var_run_t:s0 .
[root@juarezcs9 pid]# ls -Z /var/spool/postfix/pid/
unconfined_u:object_r:var_run_t:s0 master.pid
[root@juarezcs9 pid]# postfix stop
postfix/postfix-script: stopping the Postfix mail system
[root@juarezcs9 pid]# ls -Z /var/spool/postfix/pid/
unconfined_u:object_r:var_run_t:s0 master.pid
[root@juarezcs9 pid]# service postfix start
Redirecting to /bin/systemctl start postfix.service
[root@juarezcs9 pid]# ls -Z /var/spool/postfix/pid/
unconfined_u:object_r:postfix_var_run_t:s0 master.pid
[root@juarezcs9 pid]# systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
     Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
     Active: active (running) since Thu 2022-04-14 17:03:23 CEST; 6s ago
    Process: 5239 ExecStartPre=/usr/sbin/restorecon -R /var/spool/postfix/pid/master.pid (code=exited, status=0/SUCCESS)
    Process: 5240 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
    Process: 5242 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
    Process: 5243 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
   Main PID: 5311 (master)
      Tasks: 3 (limit: 9919)
     Memory: 3.1M
        CPU: 369ms
     CGroup: /system.slice/postfix.service
             ├─5311 /usr/libexec/postfix/master -w
             ├─5312 pickup -l -t fifo -u
             └─5313 qmgr -l -t fifo -u

Additional info:

It seems as if unless initially started with "postfix start", the systemd unit will report this issue.
Comment 1 Jaroslav Škarvada 2022-04-14 16:46:52 UTC 
This should be just cosmetics, because it's conditional ExecStartPre with the "-" prefix, but I will try to silence it.
Comment 2 Jaroslav Škarvada 2022-04-14 16:48:56 UTC 
And unless you have /var/spool/postfix on the tmpfs I think the problem should go away after next reboot.
Comment 3 Daniel Juarez 2022-04-19 10:20:57 UTC 
(In reply to Jaroslav Škarvada from comment #2)
> And unless you have /var/spool/postfix on the tmpfs I think the problem
> should go away after next reboot.

I rebooted the machine and the exception is still there:

● postfix.service - Postfix Mail Transport Agent
     Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
     Active: active (running) since Tue 2022-04-19 12:10:57 CEST; 8min ago
    Process: 779 ExecStartPre=/usr/sbin/restorecon -R /var/spool/postfix/pid/master.pid (code=exited, status=255/EXCEPTION)
    Process: 786 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
    Process: 788 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
    Process: 789 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
   Main PID: 921 (master)
      Tasks: 3 (limit: 9919)
     Memory: 7.9M
        CPU: 529ms
     CGroup: /system.slice/postfix.service
             ├─921 /usr/libexec/postfix/master -w
             ├─922 pickup -l -t fifo -u
             └─923 qmgr -l -t fifo -u

Apr 19 12:10:53 juarezcs9.cern.ch systemd[1]: Starting Postfix Mail Transport Agent...
Apr 19 12:10:54 juarezcs9.cern.ch restorecon[779]: /usr/sbin/restorecon: lstat(/var/spool/postfix/pid/master.pid) failed: No such file or directory
Apr 19 12:10:57 juarezcs9.cern.ch postfix/postfix-script[919]: starting the Postfix mail system
Apr 19 12:10:57 juarezcs9.cern.ch postfix/master[921]: daemon started -- version 3.5.9, configuration /etc/postfix
Apr 19 12:10:57 juarezcs9.cern.ch systemd[1]: Started Postfix Mail Transport Agent.