On 12/3/11 7:15 AM, Wietse Venema wrote: > Philip Prindeville: >> Dec 2 20:32:54 localhost postfix/smtpd[9440]: warning: connect >> to Milter service unix:/var/spool/MIMEDefang/mimedefang.sock: >> Permission denied > > Does the error go away if you turn off SeLinux? > > Wietse
Could have sworn this SElinux issue was fixed a couple of years ago... it either regressed or the patch never made it downstream from Fedora to Centos. It goes away if I patch Mimedefang to fchmod() the UNIX socket to 0660, and put the postfix in the defang group, and add the following policy: module postfix 1.0; require { type postfix_smtpd_t; type spamd_var_run_t; class dir search; } #============= postfix_smtpd_t ============== allow postfix_smtpd_t spamd_var_run_t:dir search; Bugs (with fixes) have been filed against both issues. -Philip