Applicable to:
- Plesk Obsidian for Linux
Symptoms
-
Mail stuck in the queue when Plesk Email Security extension is installed.
-
SELinux status is "Enforcing"
# getenfore
Enforcing
-
maillog file contains the following
CONFIG_TEXT: amavis[7335]: (07335-01) (!)connect_to_sql: unable to connect to DSN 'DBI:mysql:database=emailsecurity;host=localhost;port=3306': Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13 "Permission denied")
-
/var/log/audit/audit.log
hasCONFIG_TEXT: type=AVC msg=audit(1602501966.867:20284): avc: denied { write } for pid=31442 comm="/usr/sbin/amavi" name="mysql.sock" dev="nvme0n1p1" ino=12771049 scontext=system_u:system_r:antivirus_t:s0 tcontext=system_u:object_r:mysqld_db_t:s0 tclass=sock_file permissive=0
type=SYSCALL msg=audit(1602501966.867:20284): arch=c000003e syscall=42 success=no exit=-13 a0=f a1=7ffe77591ed0 a2=6e a3=72 items=0 ppid=31326 pid=31442 auid=4294967295 uid=987 gid=988 euid=987 suid=987 fsuid=987 egid=988 sgid=988 fsgid=988 tty=(none) ses=4294967295 comm="/usr/sbin/amavi" exe="/usr/bin/perl" subj=system_u:system_r:antivirus_t:s0 key=(null)
type=PROCTITLE msg=audit(1602501966.867:20284): proctitle=2F7573722F7362696E2F616D617669736420286368312D33313434322D303129
Cause
Product issue:
-
#EXTCERT-3139 "Fixed a database connection issue with SELinux in enforcing mode."
Fixed in:- Plesk Email Security 1.1.8 02 November 2020 (Linux)
Resolution
Workaround
If update is not possible for some reason apply the following:
As a workaround replace localhost with 127.0.0.1
-
Connect to the server via SSH
-
Execute the following command:
# sed -i.bak /DBI/s/localhost/127.0.0.1/ /etc/amavisd/email-security.conf
- Restart Amavisd:
# service amavisd restart
Comments
0 comments
Please sign in to leave a comment.