[CentOS] NOT Solved - Re: SELinux policy to allow Dovecot to connect to Mysql
Phoenix, Merka
merka.phoenix at hpe.com
Wed Apr 26 06:55:58 UTC 2017
Robert,
in regards to your Postfix and Dovecot issue with MySQL and SELinux,
> Apr 26 01:25:45 z9m9z dovecot: dict: Error:
> mysql(/var/lib/mysql/mysql.sock): Connect failed to database
> (postfix): Can't connect to local MySQL server through socket
> '/var/lib/mysql/mysql.sock' (13) - waiting for 1 seconds before retry
> Apr 26 01:25:45 z9m9z dovecot: dict: Error: dict sql lookup failed:
> Not connected to database
>
A Google search brought up this write-up of how William (a Red Hat engineer in Australia) faced this in 2011 and was able to solve the issue. His blog still has recent posts in 2017, so you might want to browse the "about
page and contact him directly to discuss the post.
See: http://firstyear.id.au/blog/html/2011/07/05/SELinux_for_postfix_+_dovecot.html
On this post referenced above, the author has a sample SELinux policy for postfix/dovecot and mysql.
While the post references an e-mail setup guide link that is no longer reachable, the policy file is still present in text.
This URL: https://mgrepl.fedorapeople.org/man_selinux/Fedora18/mysqld.html
has a good summary of the Booleans available for the MySQL SELinux policy
For Dovecot, you will need a policy that allows the dovecot process to transition from whatever context it is currently running into the applicable context that is defined for the mysqld process (or at least some SELinux context that permits access to the socket.)
Cheers!
Simba
Engineering
More information about the CentOS
mailing list