On Fri, 26 Aug 2011 12:53:55 AM Steve Jenkins wrote:
> You guys wanna see something cool? :)
nice Steve.
using on RHEL5.7
Question - where do you set AUTOCREATE_DKIM_KEYS=NO or DKIM_SELECTOR for the init script?
Might also watch this for selinux ideas.
https://bugzilla.redhat.com/show_bug.cgi?id=718219
Speaking of selinux error I got the same errors as this:
http://www.howtoforge.com/set-up-dkim-on-postfix-with-dkim-milter-centos-5.2#comment-22174
where cleanup (postfix) segfaulted after its log message (as evidenced by strace)
config
ExternalIgnoreList 127.0.0.0/8, 175.107.165.0/27, 175.107.136.32/27, 175.107.164.40/29
Mode s
Syslog yes
Socket inet:8901_at_localhost
PidFile /var/run/opendkim/opendkim.pid
Canonicalization relaxed/simple
Domain bux.com
KeyFile /etc/opendkim/au.private
The maillog looks like the following for anyone encountering the same error.
Aug 26 16:54:32 CBRUXWEB02 postfix/smtpd[12057]: connect from unknown[175.107.165.17]
Aug 26 16:54:33 CBRUXWEB02 postfix/cleanup[12062]: warning: cannot receive milters via service cleanup socket socket
Aug 26 16:54:33 CBRUXWEB02 postfix/smtpd[12057]: warning: premature end-of-input on public/cleanup socket while reading input
attribute name
Aug 26 16:54:33 CBRUXWEB02 postfix/smtpd[12057]: warning: cannot send milters to service public/cleanup socket
Aug 26 16:54:33 CBRUXWEB02 postfix/smtpd[12057]: 139383148076: client=unknown[175.107.165.17]
Aug 26 16:54:33 CBRUXWEB02 postfix/master[12038]: warning: process /usr/libexec/postfix/cleanup pid 12062 killed by signal 11
Aug 26 16:54:33 CBRUXWEB02 postfix/master[12038]: warning: /usr/libexec/postfix/cleanup: bad command startup -- throttling
Aug 26 16:55:33 CBRUXWEB02 postfix/cleanup[12068]: 3678331482EA: message-id=<20110826065533.3678331482EA_at_cbrservice01.localdomain>
Aug 26 16:55:33 CBRUXWEB02 postfix/smtpd[12057]: disconnect from unknown[175.107.165.17]
Aug 26 16:55:33 CBRUXWEB02 postfix/qmgr[12041]: 3678331482EA: from=<double-bounce_at_cbrservice01.localdomain>, size=1224, nrcpt=1
(queue active)
fgrep cleanup /var/log/audit/audit.log
type=AVC msg=audit(1314331227.756:316690): avc: denied { read write } for pid=9735 comm="cleanup" path="socket:[18859687]"
dev=sockfs ino=18859687 scontext=user_u:system_r:postfix_cleanup_t:s0 tcontext=user_u:system_r:postfix_smtpd_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1314331227.756:316690): arch=c000003e syscall=47 success=yes exit=1 a0=9 a1=7fffba92b9e0 a2=0 a3=0 items=0
ppid=30119 pid=9735 auid=503 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=3676 comm="cleanup"
exe="/usr/libexec/postfix/cleanup" subj=user_u:system_r:postfix_cleanup_t:s0 key=(null)
sockets aren't much better
type=AVC msg=audit(1314342570.089:316890): avc: denied { write } for pid=12234 comm="smtpd" name="opendkim.socket" dev=sda3
ino=51707921 scontext=user_u:system_r:postfix_smtpd_t:s0 tcontext=user_u:object_r:var_run_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1314342570.089:316890): arch=c000003e syscall=42 success=no exit=-13 a0=e a1=7fff892f4d20 a2=6e a3=0 items=0
ppid=12227 pid=12234 auid=503 uid=89 gid=89 euid=89 suid=89 fsuid=89 egid=89 sgid=89 fsgid=89 tty=(none) ses=3706 comm="smtpd"
exe="/usr/libexec/postfix/smtpd" subj=user_u:system_r:postfix_smtpd_t:s0 key=(null)
Received on Fri Aug 26 2011 - 07:27:34 PST