OpenDKIM - can't load key

Question

Hi I am trying to setup OpenDKIM, but it keeps complaining it cannot access the keyfile. I have double checked permissions and ownership, which is set to user opendkim & group opendkim with rw access. I have disabled selinux to rule out an selinux issue. I have reinstalled the package many times. Don't know where to look! Any ideas?

Error message: ''' opendkim[691895]: can't load key from /etc/opendkim/keys/schots.xyz/20200308.private: Permission denied '''

Output ps -l:

[root@anakin schots.xyz]# ps -l 471283
F S   UID     PID    PPID  C PRI  NI ADDR SZ WCHAN  TTY        TIME CMD
1 S   981  471283       1  0  80   0 - 47289 poll_s ?          0:00 /usr/sbin/opendkim -x /etc/opendkim.conf -P /run/opendkim/opendkim.pid

Output ls -ld /etc/opendkim:

[root@anakin schots.xyz]# ls -ld /etc/opendkim
drwxr-xr-x. 3 root opendkim 154 Mar  4 15:28 /etc/opendkim

Output ls -ld /etc/opendkim/keys:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys
drw-------. 3 opendkim opendkim 68 Mar  4 15:28 /etc/opendkim/keys

Output ls -ld /etc/opendkim/keys/schots.xyz:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys/schots.xyz
drw-------. 2 opendkim opendkim 50 Mar  4 15:10 /etc/opendkim/keys/schots.xyz

Output ls -ld /etc/opendkim/keys/schots.xyz/20200308.private:

[root@anakin schots.xyz]# ls -ld /etc/opendkim/keys/schots.xyz/20200308.private
-rw-------. 1 opendkim opendkim 1679 Mar  4 15:10 /etc/opendkim/keys/schots.xyz/20200308.private

Please share evidence for the UID the opendkim process is running as (output from `ps -l 691895` if the opendkim process with PID 691895 is still running, relevant excerpt from the opendkim service definition otherwise) and the permissions of all the directories in the path to the keyfile (output from `ls -ld /etc/opendkim /etc/opendkim/keys /etc/opendkim/keys/schots.xyz /etc/opendkim/keys/schots.xyz/20200308.private`) — Tilman Schmidt, Mar 03 '22 at 17:58
@TilmanSchmidt see edited post above. It is really weird. In my view all permissions are correct, but still permission denied. I ruled out SELinux as well. — arno77, Mar 04 '22 at 17:28

score 1 · Accepted Answer · answered Mar 04 '22 at 17:45

1

Permissions on directory are:

r: list contents
w: add or remove entries
x: access entries

So permission rw on /etc/opendkim/keys and /etc/opendkim/keys/schots.xyz is not enough for accessing /etc/opendkim/keys/schots.xyz/20200308.private. You need x permission for that.

In order to fix your problem, run the following command as user opendkim or root:

chmod u+x /etc/opendkim/keys /etc/opendkim/keys/schots.xyz

answered Mar 04 '22 at 17:45

Tilman Schmidt

4,101
12
27

I have followed the instructions but the issue persists. Really weird. – arno77 Mar 04 '22 at 18:02
I did a fresh install and followed above instructions. Now it worked... – arno77 Mar 04 '22 at 18:21

OpenDKIM - can't load key

1 Answers1