On Mon, Apr 28, 2014 at 9:11 AM, Steffen Kaiser < skdovecot@smail.inf.fh-brs.de> wrote:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

On Mon, 28 Apr 2014, Chris Vaas wrote:

On Mon, Apr 28, 2014 at 8:43 AM, Steffen Kaiser <

...

skdovecot@smail.inf.fh-brs.de> wrote:

-----BEGIN PGP SIGNED MESSAGE-----

...

Hash: SHA1

On Sun, 27 Apr 2014, Chris Vaas wrote:

[fixed ugly top posting]

On Sat, Apr 26, 2014 at 11:39 PM, Steffen < skdovecot@smail.inf.fh-brs.de

...

wrote:

...

-----BEGIN PGP SIGNED MESSAGE-----

...

Hash: SHA1

Chris Vaas wrote:

I am currently facing the following log output:

...

Apr 26 16:40:28 h2290750 dovecot: auth: Error: pgsql(localhost): Connect failed to database mail: could not connect to server: Permission denied Apr 26 16:40:28 h2290750 dovecot: auth: Error: #011Is the server running on host "localhost" (::1) and accepting Apr 26 16:40:28 h2290750 dovecot: auth: Error: #011TCP/IP connections on port 5432?

I have double checked the database. It is listening correctly and I can connect to it via

psql -U mailreader mail

I provided all necessary information to dovecot via this configuration snippet:

driver = pgsql connect = host=localhost dbname=mail user=mailreader password=secret default_pass_scheme = SHA512

does Postgres allow connections on "host ::1" for user mailreader ? Actually I wonder, because I thought the Postgres lib defaults to "local" (socket) by default on localhost -> does Postgres allow connections on "local" for mailreader? Permissions are configured in pg_hba.conf, but -> Does Postgres logs something? It should if PG denies the connection.

I set the host to 127.0.0.1 now. And my pg_hba.conf looks like that:

...

# TYPE DATABASE USER ADDRESS METHOD # Mail stuff host mail mailreader 127.0.0.1/32 md5 host mail mailreader ::1/128 md5 local all all md5 host all all 127.0.0.1/32 ident host all all ::1/128 ident

What about the "Does Postgres logs something?"

The log under /var/logs/pgsql is completely empty.

In addition to Aleksandar's question: Does Postgres runs at all?

...

...

Do you have SELinux or something like that running? What about this question?

I do have a SELinux up and running, yeah.

Did you've checked its logs, e.g. (pretty old): http://linux.derkeiler.com/Mailing-Lists/Fedora/2006-03/msg05342.html

• -- Steffen Kaiser

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBU13/FXz1H7kL/d9rAQLjbQf+IQV/jSAj+fvxCaIgxgzktUuJenONp5Za LrxYEQ79YelD5ljH1Ms1cYyegp5+8ecHsp0Fc850ZBeEYsplfZjfvAoPP4lO+cdH GOPt3+zniEdeEVMVFfOokyTGjSPWbRrlb5r/wWYj6pU35pkw1pK3M6hPxF2Y6grm poLMdHvaktwIr9STtqu1JTOxRffLgW5qh1AcQwJ+BoNs+h0MKs7ddqgnfeV9bKZx rmyOuAU36QnNcv+LJQJSiJMFw1pejS+OBvI23xYsj/04dAAiTzNHGe3doz/sF1PX P2zroewTEEb+lkvjUkOmukLuTlLnCAVgdHyWZF37c5vML9HD7Xyqrg== =e13N -----END PGP SIGNATURE-----

It is running, yes. I can connect from my local machine to the server without a flaw.

About SELinux: I just looked into my SELinux audit log and found the following denial.

type=AVC msg=audit(1398609990.493:280): avc: denied { name_connect } for pid=5964 comm="auth" dest=5432 scontext=unconfined_u:system_r:dovecot_auth_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket

There seems to be a good chance, that this is my problem, doesn't it? But how can I allow the connection?

Cheers Chris