Hide Forgot
Description of problem: opendkim is in use at this site. on the server running it, claim is made that there is no 'opendkim' user even though present in the /etc/passwd, /etc/group files. Version-Release number of selected component (if applicable): opendkim-2.10.3-3.fc23.x86_64 sendmail-8.15.2-2.fc23.x86_64 systemd-222-14.fc23.x86_64 How reproducible: 100% Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Looked for AVCs, don't see any related. systemctl start opendkim.service ============================================================ /var/log/messages: Mar 16 12:49:20 myhost audit: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=opendkim comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' Mar 16 12:49:20 myhost systemd: opendkim.service: Control process exited, code=exited status=65 Mar 16 12:49:20 myhost systemd: Failed to start DomainKeys Identified Mail (DKIM) Milter. Mar 16 12:49:20 myhost systemd: opendkim.service: Unit entered failed state. Mar 16 12:49:20 myhost systemd: opendkim.service: Failed with result 'exit-code'. Mar 16 12:49:20 myhost opendkim: opendkim: no such group 'opendkim' ============================================================ journalctl -xe Mar 16 12:49:20 myhost.mydom.com polkitd[804]: Registered Authentication Agent for unix-process:20511:33279429 (syste Mar 16 12:49:20 myhost.mydom.com opendkim[20517]: no such group or gid 'opendkim' Mar 16 12:49:20 myhost.mydom.com systemd[1]: Starting DomainKeys Identified Mail (DKIM) Milter... -- Subject: Unit opendkim.service has begun start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit opendkim.service has begun starting up. Mar 16 12:49:20 myhost.mydom.com audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:sys Mar 16 12:49:20 myhost.mydom.com polkitd[804]: Unregistered Authentication Agent for unix-process:20511:33279429 (sys Mar 16 12:49:20 myhost.mydom.com systemd[1]: opendkim.service: Control process exited, code=exited status=65 Mar 16 12:49:20 myhost.mydom.com systemd[1]: Failed to start DomainKeys Identified Mail (DKIM) Milter. -- Subject: Unit opendkim.service has failed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit opendkim.service has failed. -- -- The result is failed. Mar 16 12:49:20 myhost.mydom.com systemd[1]: opendkim.service: Unit entered failed state. Mar 16 12:49:20 myhost.mydom.com systemd[1]: opendkim.service: Failed with result 'exit-code'. Mar 16 12:49:20 myhost.mydom.com opendkim[20517]: opendkim: no such group 'opendkim' ============================================================ grep opendkim /etc/{group,passwd} /etc/group:mail:x:12:opendkim /etc/group:opendkim:x:989: /etc/passwd:opendkim:x:989:989:OpenDKIM Milter:/var/run/opendkim:/sbin/nologin
runs fine from the command line. Maybe a context problem?
Hm. Even more basic than that. /etc/group* became root access only. Oh well.