Email Tutorials - Herong's Tutorial Examples - v1.03, by Herong Yang
Move /var/spool/postfix to New Location
This section provides a tutorial example on how to move /var/spool/postfix to a new location like /data/spool/postfix.
By default, Postfix uses /var/spool/postfix directory to store temporary working files. Sometimes, you may want to move it to a new storage device or partition to avoid storage problems. Here is what I did to move /var/spool/postfix to /data/spool/postfix.
1. Stop Postfix server.
herong$ sudo systemctl stop postfix
2. Use "chown, chgrp, chmod, chcon" commands match ownership, permission and SELinux context of /data with /var.
herong$ sudo chcon -t var_t /data herong$ ls -lZ / drwxr-xr-x. 6 root root system_u:object_r:var_t:s0 4096 data drwxr-xr-x. 22 root root system_u:object_r:var_t:s0 4096 var
3. Create /data/spool with the ownership, permission and SELinux context as /var/spool.
herong$ sudo mkdir /data/spool herong$ sudo chcon -u system_u /data/spool herong$ sudo chcon -t var_spool_t /data/spool herong$ ls -lZ /var | grep spool drwxr-xr-x. 11 root root system_u:object_r:var_spool_t:s0 124 spool herong$ ls -lZ /data | grep spool drwxr-xr-x. 2 root root system_u:object_r:var_spool_t:s0 4096 spool
4. Copy (or move) /var/spool/postfix to /data/spool with options to preserve ownership, permissions and security context.
herong$ sudo cp -R -p --preserve=context /var/spool/postfix /data/spool
5. Update the Postfix configuration with /data/spool/postfix
herong$ sudo vi /etc/postfix/main.cf queue_directory = /data/spool/postfix
6. Start Postfix to see what happens. Too bad, there seems to be a bug in Postfix that still references /var/spool/postfix.
herong$ sudo systemctl start postfix herong$ sudo systemctl status postfix localhost.localdomain systemd[1]: Starting Postfix Mail Transport Agent... localhost.localdomain postfix/master[27634]: daemon started -- version 3.3.1, configurati> localhost.localdomain systemd[1]: postfix.service: Can't open PID file /var/spool/postfix> localhost.localdomain systemd[1]: postfix.service: Start operation timed out. Terminating. localhost.localdomain systemd[1]: postfix.service: Failed with result 'timeout'. localhost.localdomain systemd[1]: Failed to start Postfix Mail Transport Agent.
7. Create a symbolic link from /var/spool/postfix to /data/spool/postfix.
herong$ sudo cd /var/spool herong$ sudo mv postfix postfix-old herong$ sudo ln -s /data/spool/postfix postfix herong$ sudo chcon -u system_u -h postfix herong$ sudo chcon -t postfix_spool_t -h postfix herong$ ls -lZ lrwxrwxrwx. 1 root root system_u:object_r:postfix_spool_t:s0 postfix -> /data/spool/postfix drwxr-xr-x. 16 root root system_u:object_r:postfix_spool_t:s0 postfix-old
8. Start Postfix again to see what happens. Too bad, the symbolic link is having trouble with SELinux security engine.
herong$ sudo systemctl start postfix Job for postfix.service failed because a timeout was exceeded. herong$ sudo journalctl -xe setroubleshoot[28287]: SELinux is preventing systemd from read access on the lnk_file postfix. platform-python[28287]: SELinux is preventing systemd from read access on the lnk_file postfix. herong$ sudo cat /var/log/messages | grep SELinux | more SELinux is preventing systemd from read access on the lnk_file postfix.#012 #012***** Plugin catchall (100. confidence) suggests ****#012 #012If you believe that systemd should be allowed read access on the postfix lnk_file by default.#012Then you should report this as a bug. #012You can generate a local policy module to allow this access. #012Do #012allow this access for now by executing: #012# ausearch -c 'systemd' --raw | audit2allow -M my-systemd #012# semodule -X 300 -i my-systemd.pp
9. Try the suggested temporary solution and start Postfix again.
herong$ cd ~/tmp herong$ sudo ausearch -c 'systemd' --raw | audit2allow -M my-systemd herong$ sudo semodule -X 300 -i my-systemd.pp herong$ sudo systemctl start postfix herong$ sudo systemctl status postfix * postfix.service - Postfix Mail Transport Agent ... localhost.localdomain systemd[1]: Starting Postfix Mail Transport Agent... localhost.localdomain postfix/master[29075]: daemon started -- version 3.3.1, configuration /etc/postfix localhost.localdomain systemd[1]: Started Postfix Mail Transport Agent.
Finally, my Postfix server is up and running!
By the way, if you don't want to deal with SELinux problems, you can turn it off. But this is not recommended.
herong$ sudo vi /etc/sysconfig/selinux ... SELINUX=disabled (Resart the system)
Table of Contents
►Postfix - Mail Transport Agent (MTA)
Install and Configure Postfix on CentOS
Test Postfix Server with "telnet" Client
SMTP Submission Service on Port 587 in Postfix
Archive Emails using "always_bcc" Setting in Postfix
►Move /var/spool/postfix to New Location
"postconf" Command to Manage Postfix Configuration
Turn on Postfix Server Logging for Troubleshooting
SSL/TLS Secure Connections with Postfix Server
Dovecot - IMAP and POP3 Server
SSL/TLS Secure Connections with Dovecot Server
Email Client Tools - Mail User Agents (MUA)