On 2018-12-09 23:13, Timo Sirainen wrote:
On 9 Dec 2018, at 16.44, André Rodier via dovecot dovecot@dovecot.org wrote:
Hello,
I think I submitted this before, but I am not sure this has been addressed
I am using AppArmor with Dovecot, without any issue.
However, I think there is a bug in the indexer working, from what I can see, a missing trailing slash. See:
Dec 09 14:35:53 portal2 kernel: audit: type=1400 audit(1544366153.379:3035): apparmor="DENIED" operation="file_mmap" info="Failed name lookup - disconnected path" error=-13 profile="/usr/lib/dovecot/indexer-worker" name="var/cache/nscd/hosts" pid=10540 comm="indexer-worker" requested_mask="r" denied_mask="r" fsuid=1001 ouid=0
The indexer worker is trying to open the file "var/cache/nscd/hosts" instead of "/var/cache/nscd/hosts", which of course fails.
Can someone double check the code of the indexer worker, or this has been fixed?
Dovecot is definitely not trying to open that file itself. It has to be libc or some other library. I also can't think of anything special in indexer-worker compared to other Dovecot binaries that could cause this. What's your doveconf -n?
You are probably right, I will continue to investigate on my side. My configuration is attached.