dovecot: dict: Error: mysql: Connect failed to localhost (mail): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (13) - waiting for 1 seconds before retry
The problem is that Selinux prevents dovecot connecting to mysql socket. I was unable to find simple solution by setting some setsebol parameter, so I went through the audit.log with audit2allow.
Solution:
Create dovecot2mysql.te file under /etc/selinux:
cat > /etc/selinux/dovecot2mysql.te
module dovecot2mysqldb 1.0.0;
require {
type dovecot_t;
type dovecot_deliver_t;
type var_t;
type mysqld_db_t;
type mysqld_t;
type mysqld_var_run_t;
type usr_t;
class file { rename read create write getattr link unlink open };
class dir search;
class unix_stream_socket connectto;
class sock_file write;
class file { read getattr open };
}
allow dovecot_deliver_t var_t:file { rename read create write getattr link unlink open };
allow dovecot_t mysqld_db_t:dir search;
allow dovecot_t mysqld_t:unix_stream_socket connectto;
allow dovecot_t mysqld_var_run_t:sock_file write;
allow dovecot_t usr_t:file { read getattr open };
cat >/etc/selinux/sel.sh <<EOF
name=\${1%%.*}
echo "\$name"
checkmodule -M -m -o \$name.mod \$name.te \
&& semodule_package -o \$name.pp -m \$name.mod \
&& /usr/sbin/semodule -i \$name.pp
EOF
chmod 700 /etc/selinux/sel.sh
/etc/selinux/sel.sh /etc/selinux/dovecot2mysql.te
