Score:-1

OpenDKIM - can't load key

cn flag

Hi I am trying to setup OpenDKIM, but it keeps complaining it cannot access the keyfile. I have double checked permissions and ownership, which is set to user opendkim & group opendkim with rw access. I have disabled selinux to rule out an selinux issue. I have reinstalled the package many times. Don't know where to look! Any ideas?

Error message: ''' opendkim[691895]: can't load key from /etc/opendkim/keys/schots.xyz/20200308.private: Permission denied '''

Output ps -l:

[root@anakin schots.xyz]# ps -l 471283
F S   UID     PID    PPID  C PRI  NI ADDR SZ WCHAN  TTY        TIME CMD
1 S   981  471283       1  0  80   0 - 47289 poll_s ?          0:00 /usr/sbin/opendkim -x /etc/opendkim.conf -P /run/opendkim/opendkim.pid

Output ls -ld /etc/opendkim:

[root@anakin schots.xyz]# ls -ld /etc/opendkim
drwxr-xr-x. 3 root opendkim 154 Mar  4 15:28 /etc/opendkim

Output ls -ld /etc/opendkim/keys:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys
drw-------. 3 opendkim opendkim 68 Mar  4 15:28 /etc/opendkim/keys

Output ls -ld /etc/opendkim/keys/schots.xyz:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys/schots.xyz
drw-------. 2 opendkim opendkim 50 Mar  4 15:10 /etc/opendkim/keys/schots.xyz

Output ls -ld /etc/opendkim/keys/schots.xyz/20200308.private:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys/schots.xyz/20200308.private
-rw-------. 1 opendkim opendkim 1679 Mar  4 15:10 /etc/opendkim/keys/schots.xyz/20200308.private
Tilman Schmidt avatar
bd flag
Please share evidence for the UID the opendkim process is running as (output from `ps -l 691895` if the opendkim process with PID 691895 is still running, relevant excerpt from the opendkim service definition otherwise) and the permissions of all the directories in the path to the keyfile (output from `ls -ld /etc/opendkim /etc/opendkim/keys /etc/opendkim/keys/schots.xyz /etc/opendkim/keys/schots.xyz/20200308.private`)
arno77 avatar
cn flag
@TilmanSchmidt see edited post above. It is really weird. In my view all permissions are correct, but still permission denied. I ruled out SELinux as well.
Score:0
bd flag

Permissions on directory are:

  • r: list contents
  • w: add or remove entries
  • x: access entries

So permission rw on /etc/opendkim/keys and /etc/opendkim/keys/schots.xyz is not enough for accessing /etc/opendkim/keys/schots.xyz/20200308.private. You need x permission for that.

In order to fix your problem, run the following command as user opendkim or root:

chmod u+x /etc/opendkim/keys /etc/opendkim/keys/schots.xyz
arno77 avatar
cn flag
I have followed the instructions but the issue persists. Really weird.
arno77 avatar
cn flag
I did a fresh install and followed above instructions. Now it worked...
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.