Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-16850

Unable to connect to PostgreSQL using sockets

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • rhel-9.4
    • rhel-9.2.0
    • selinux-policy
    • selinux-policy-38.1.29-1.el9
    • sst_security_selinux
    • ssg_security
    • 20
    • False
    • Hide

      None

      Show
      None
    • No
    • Red Hat Enterprise Linux
    • Release Note Not Required

      What were you trying to do that didn't work?

      Configure Dovecot to use PostgreSQL for user lookup.

      Please provide the package NVR for which bug is seen:

      dovecot-pgsql-2.3.16-8.el9.x86_64

      How reproducible:

      On every lookup

      Steps to reproduce

      1.  configure dovecot to use sockets instant of tcp
      2.  try an sample lookup via  "doveadm user user@domain"

      Expected results

      The data of the lookup

      Actual results

      Only an error message that the lookup fails.

      The audit file will log this error:

      type=AVC msg=audit(1700326791.924:28417): avc:  denied  { write } for  pid=379029 comm="auth" name=".s.PGSQL.5432" dev="tmpfs" ino=21504 scontext=system_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_var_run_t:s0 tclass=sock_file permissive=0
type=SYSCALL msg=audit(1700326791.924:28417): arch=c000003e syscall=42 success=no exit=-13 a0=14 a1=5635d4b2bc20 a2=6e a3=7f06cf6a4c48 items=0 ppid=378824 pid=379029 auid=4294967295 uid=97 gid=97 euid=97 suid=97 fsuid=97 egid=97 sgid=97 fsgid=97 tty=(none) ses=4294967295 comm="auth" exe="/usr/libexec/dovecot/auth" subj=system_u:system_r:dovecot_auth_t:s0 key=(null)ARCH=x86_64 SYSCALL=connect AUID="unset" UID="dovecot" GID="dovecot" EUID="dovecot" SUID="dovecot" FSUID="dovecot" EGID="dovecot" SGID="dovecot" FSGID="dovecot"
type=PROCTITLE msg=audit(1700326791.924:28417): proctitle="dovecot/auth"
type=AVC msg=audit(1700326791.960:28418): avc:  denied  { write } for  pid=379030 comm="auth" name=".s.PGSQL.5432" dev="tmpfs" ino=21504 scontext=system_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_var_run_t:s0 tclass=sock_file permissive=0
type=SYSCALL msg=audit(1700326791.960:28418): arch=c000003e syscall=42 success=no exit=-13 a0=d a1=56244e950630 a2=6e a3=7fe995ddbc48 items=0 ppid=378824 pid=379030 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auth" exe="/usr/libexec/dovecot/auth" subj=system_u:system_r:dovecot_auth_t:s0 key=(null)ARCH=x86_64 SYSCALL=connect AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=PROCTITLE msg=audit(1700326791.960:28418): proctitle=646F7665636F742F61757468002D77
type=AVC msg=audit(1700326791.967:28419): avc:  denied  { write } for  pid=379029 comm="auth" name=".s.PGSQL.5432" dev="tmpfs" ino=21504 scontext=system_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_var_run_t:s0 tclass=sock_file permissive=0
type=SYSCALL msg=audit(1700326791.967:28419): arch=c000003e syscall=42 success=no exit=-13 a0=16 a1=5635d4b38ae0 a2=6e a3=7f06cf6a4c48 items=0 ppid=378824 pid=379029 auid=4294967295 uid=97 gid=97 euid=97 suid=97 fsuid=97 egid=97 sgid=97 fsgid=97 tty=(none) ses=4294967295 comm="auth" exe="/usr/libexec/dovecot/auth" subj=system_u:system_r:dovecot_auth_t:s0 key=(null)ARCH=x86_64 SYSCALL=connect AUID="unset" UID="dovecot" GID="dovecot" EUID="dovecot" SUID="dovecot" FSUID="dovecot" EGID="dovecot" SGID="dovecot" FSGID="dovecot"
type=PROCTITLE msg=audit(1700326791.967:28419): proctitle="dovecot/auth"

        1. dovecot-auth.te
          0.4 kB
          Frank Büttner

            rhn-support-zpytela Zdenek Pytela
            bugzilla_terrortux Frank Büttner (Inactive)
            Zdenek Pytela Zdenek Pytela
            Milos Malik Milos Malik
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: