Sockets are in use
Closed this issue · 2 comments
I seem to be having more trouble than one would think on such a simple setup. Everything is set up, I just can't get the lmtp and notify daemons to start to receive from postfix. I am on Rocky Linux 9.2 using their package, cyrus-imapd-3.4.1-7.el9.src.rpm. Is it normal to have to create the files for the sockets manually? Why not have some systemd socket files to accompany the service file? Or is that packaged by someone else? In any case, I made /var/imap/socket/lmtp and var/imap/socket/notify, but now instead of a "File not found" error, I get a "unable to bind to lmtpunix/unix socket: Address already in use". Then I tried changing permissions to root:mail but same thing. I have no processes listed using those sockets and no SELinux audits. Any help is appreciated.
Okay, I figured out the problem; it was an SELinux issue after all. My system generally wants sockets to be at /run (/var/run symlinked) and was upset. I had to add the cyrus_var_run_t context to get the listeners to work on /var/imap/socket. On RHEL-type systems it's probably better to configure for /run since that's where everything else is, but configuring SELinux was easier than figuring out how to get postfix to find cyrus elsewhere which I am unsure how to do.
The postfix main.cf I have is rather misleading...the default commented config for the lmtp forwarding lists /var/lib/imap/lmtp/socket out of the box for cyrus; this would not work obviously, as there are no sockets there, just some lock files. So there are some hurdles to setup on Rocky Linux 9. The repo package setup could use some work, ideally come configured to use /run to avoid SELinux hangups, unless there is an issue with that I'm not aware of. Probably beyond my skills to go working on the Rocky repos. I may try to make my own systemd socket file to go along with the packaged service unit file if I can get it to work, for streamlining management, not checking ports all the time and such.
Is there a significant difference, performance or otherwise, between using a unix socket and the IP socket for lmtp and such? Just curious. I tried to use both, but it seems postfix will only accept one mailbox transporter value.
Thanks for your great software. I much prefer it to the prevailing commonly-used alternatives. I imagine it would be even more popular if it were a bit more ready-to-go out of the box; I think that's why, say dovecot is popular. I imagine someone else may be doing the presentation of the software for various distributions though.
I imagine someone else may be doing the presentation of the software for various distributions though.
Yeah -- we only publish the git repository and source tarballs of releases. Distribution packages (such as rpm, deb, etc) are handled by the respective distributions. We can help somewhat with problems with them, especially when the problem is actually our bug, but we can't do much about packaging problems except refer you to your package vendor for support.
Is there a significant difference, performance or otherwise, between using a unix socket and the IP socket for lmtp and such? Just curious.
Performance-wise: not that I'm aware of. Otherwise: when your service uses a unix socket, you know any connected client is definitely another local process, and not remote. With an IP socket, I suppose there's always the possibility that if something goes wrong with your routing/firewall/network/etc configuration, you could be seeing an untrusted remote connection when you expected a trusted local process.
I think that's why, say dovecot is popular.
We're not in competition with Dovecot. If someone looks at Cyrus and Dovecot and decides Dovecot better meets their needs, that's great -- they get software that meets their needs, and they made a considered choice rather than just defaulting to Exchange or whatever.