| Summary: | Doesn't start on boot and problems with /var/run/dovecot | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Matěj Cepl <mcepl> | ||||
| Component: | dovecot | Assignee: | Michal Hlavinka <mhlavink> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | rawhide | CC: | mcepl, mgrepl, mhlavink | ||||
| Target Milestone: | --- | Keywords: | SELinux | ||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2011-02-04 13:50:58 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
Also, there might be a SELinux angle of this issue:
jakoubek:~# ausearch -m AVC |grep dovecot
type=AVC msg=audit(1296763806.155:413): avc: denied { getattr } for pid=6581 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763806.155:414): avc: denied { open } for pid=6581 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763806.155:414): avc: denied { read } for pid=6581 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763809.202:452): avc: denied { getattr } for pid=6627 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763809.202:453): avc: denied { open } for pid=6627 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763809.202:453): avc: denied { read } for pid=6627 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763976.115:524): avc: denied { getattr } for pid=7004 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763976.115:525): avc: denied { open } for pid=7004 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
type=AVC msg=audit(1296763976.115:525): avc: denied { read } for pid=7004 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file
jakoubek:~# ausearch -m AVC |grep dovecot|audit2allow
#============= gnomeclock_t ==============
allow gnomeclock_t dovecot_initrc_exec_t:file { read getattr open };
jakoubek:~# ls -lh /var/log/messages
-rw-------. 1 root root 11M 4. úno 13.07 /var/log/messages
jakoubek:~#
> Feb 4 09:34:17 jakoubek dovecot: master: Warning: Fixing permissions of > /var/run/dovecot to be world-readable fixed in git for "does not start on boot" issue - did you try to boot with selinux in permissive mode (adding enforcing=0 in grub) ? when reporting future problems with dovecot, /var/log/maillog is usually more important than /var/log/messages. For example you'd see if dovecot tried to start and failed or not. But this really looks like SELinux issue: > SELinux is preventing /sbin/chkconfig from read access on the file /etc/rc.d/init.d/dovecot so you can confirm it by booting witn SELinux in permissive mode or we'll wait for Miroslav to fix SELinux first. For some other reasons I have computer now constantly in permissive mode. Looking at logs dovecot did not try to start at all, so you problem is described in last paragraph: http://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions You don't have it configured in systemd, so you need something like this: ln -s /lib/systemd/system/dovecot.service /etc/systemd/system/multi-user.target.wants/ see systemd documentation. > Doesn't start on boot (closing NOTABUG) and problems with /var/run/dovecot (closing RAWHIDE) My question is why gnomeclock runs chkconfig? Matej, are you still seeing these AVC msgs? Well, actually I think it is clear. gnomeclock tries to turn on the ntp init script. |
Created attachment 476991 [details] /var/log/messages Description of problem: The fact of the main problem are simple: chkconfig shows dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off but when I boot up computer, it isn't up and I have to start it manually. See attached /var/log/messages. Also (not sure whether it is realted or not), when I start dovecot I find in /var/log/maillog this: Feb 4 09:34:17 jakoubek dovecot: master: Warning: Fixing permissions of /var/run/dovecot to be world-readable Feb 4 09:34:17 jakoubek dovecot: master: Dovecot v2.0.9 starting up (core dumps disabled) Version-Release number of selected component (if applicable): dovecot-2.0.9-1.fc15.x86_64 How reproducible: 100% (for a month or so at least) Actual results: dovecot is not on, Thunderbird complains it cannot connect to localhost server. Expected results: imaps port should be opened and waiting eagerly on my commands