Hide Forgot
Created attachment 476991 [details] /var/log/messages Description of problem: The fact of the main problem are simple: chkconfig shows dovecot 0:off 1:off 2:on 3:on 4:on 5:on 6:off but when I boot up computer, it isn't up and I have to start it manually. See attached /var/log/messages. Also (not sure whether it is realted or not), when I start dovecot I find in /var/log/maillog this: Feb 4 09:34:17 jakoubek dovecot: master: Warning: Fixing permissions of /var/run/dovecot to be world-readable Feb 4 09:34:17 jakoubek dovecot: master: Dovecot v2.0.9 starting up (core dumps disabled) Version-Release number of selected component (if applicable): dovecot-2.0.9-1.fc15.x86_64 How reproducible: 100% (for a month or so at least) Actual results: dovecot is not on, Thunderbird complains it cannot connect to localhost server. Expected results: imaps port should be opened and waiting eagerly on my commands
Also, there might be a SELinux angle of this issue: jakoubek:~# ausearch -m AVC |grep dovecot type=AVC msg=audit(1296763806.155:413): avc: denied { getattr } for pid=6581 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763806.155:414): avc: denied { open } for pid=6581 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763806.155:414): avc: denied { read } for pid=6581 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763809.202:452): avc: denied { getattr } for pid=6627 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763809.202:453): avc: denied { open } for pid=6627 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763809.202:453): avc: denied { read } for pid=6627 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763976.115:524): avc: denied { getattr } for pid=7004 comm="chkconfig" path="/etc/rc.d/init.d/dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763976.115:525): avc: denied { open } for pid=7004 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file type=AVC msg=audit(1296763976.115:525): avc: denied { read } for pid=7004 comm="chkconfig" name="dovecot" dev=dm-1 ino=32243 scontext=system_u:system_r:gnomeclock_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dovecot_initrc_exec_t:s0 tclass=file jakoubek:~# ausearch -m AVC |grep dovecot|audit2allow #============= gnomeclock_t ============== allow gnomeclock_t dovecot_initrc_exec_t:file { read getattr open }; jakoubek:~# ls -lh /var/log/messages -rw-------. 1 root root 11M 4. úno 13.07 /var/log/messages jakoubek:~#
> Feb 4 09:34:17 jakoubek dovecot: master: Warning: Fixing permissions of > /var/run/dovecot to be world-readable fixed in git for "does not start on boot" issue - did you try to boot with selinux in permissive mode (adding enforcing=0 in grub) ? when reporting future problems with dovecot, /var/log/maillog is usually more important than /var/log/messages. For example you'd see if dovecot tried to start and failed or not. But this really looks like SELinux issue: > SELinux is preventing /sbin/chkconfig from read access on the file /etc/rc.d/init.d/dovecot so you can confirm it by booting witn SELinux in permissive mode or we'll wait for Miroslav to fix SELinux first.
For some other reasons I have computer now constantly in permissive mode.
Looking at logs dovecot did not try to start at all, so you problem is described in last paragraph: http://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions You don't have it configured in systemd, so you need something like this: ln -s /lib/systemd/system/dovecot.service /etc/systemd/system/multi-user.target.wants/ see systemd documentation. > Doesn't start on boot (closing NOTABUG) and problems with /var/run/dovecot (closing RAWHIDE)
My question is why gnomeclock runs chkconfig? Matej, are you still seeing these AVC msgs?
Well, actually I think it is clear. gnomeclock tries to turn on the ntp init script.