• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

SELinux is preventing /usr/libexec/dovecot/auth from write access on the file /var/lib/plesk/mail/userdb/userdb.db

Visnet

Basic Pleskian
Username:

TITLE

SELinux is preventing /usr/libexec/dovecot/auth from write access on the file /var/lib/plesk/mail/userdb/userdb.db

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Product version: Plesk Obsidian 18.0.73.2
OS version: AlmaLinux 9.6 x86_64
Build date: 2025/10/03 15:00
Revision: 697b1ead827b8f34242d318faa04cd8e803398a3

PROBLEM DESCRIPTION

Since having updated to the latest Plesk version, the system logs are filled with error messages like:
Code:
SELinux is preventing /usr/libexec/dovecot/auth from write access on the file /var/lib/plesk/mail/userdb/userdb.db

STEPS TO REPRODUCE

1. Update to Plesk 18.0.73
2. The update should auto-restart the Dovecot service
3. Inspect the syslog to find the SELinux related line above

ACTUAL RESULT

Not sure what problems this error causes. Using IMAP authentication seems to still work with current mail accounts. I suppose the Dovecot auth process shouldn't necessarily have write permissions to /var/lib/plesk/mail/userdb/userdb.db anyway.

EXPECTED RESULT

I did not expect to see this SELinux error message at all.

ANY ADDITIONAL INFORMATION

(DID NOT ANSWER QUESTION)

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Hello, @Visnet . Thank you for the report. Unfortunately, I am unable to replicate the behavior on a test environment with AlmaLinux 9.6, Plesk 18.0.73 upt. 2 with Selinux set to enforcing. I tried the following:
1. Changing an email account password
2. Changing the storage mode to enforcing
3. Configuring an email account (IMAP) in Outlook
4. Running plesk repair mail.

I suspect the issue occurs due to some non-default configuration in your environment, but I am sure what might be it. If you have the option, please consider opening a support ticket so you can grant our team with direct server access for further investigation.
 
Back
Top