Zimbra on CentOS Stream 8 - startup issue with systemctl
By default the SELinux configuration on /etc/init.d/zimbra is wrong.
Check yours with ls -Z if you like.
[mark@server.co.uk :init.d]# ls -alZ
total 36
drwxr-xr-x. 2 root root system_u:object_r:etc_t:s0 4096 Sep 30 00:06 .
drwxr-xr-x. 10 root root system_u:object_r:etc_t:s0 4096 Sep 30 00:06 ..
-rw-r--r--. 1 root root system_u:object_r:bin_t:s0 18434 Aug 10 14:03 functions
-rw-r--r--. 1 root root system_u:object_r:initrc_exec_t:s0 1161 Sep 30 00:06 README
-rwxr-xr-x. 1 root root unconfined_u:object_r:etc_t:s0 1971 Oct 17 16:05 zimbra
total 36
drwxr-xr-x. 2 root root system_u:object_r:etc_t:s0 4096 Sep 30 00:06 .
drwxr-xr-x. 10 root root system_u:object_r:etc_t:s0 4096 Sep 30 00:06 ..
-rw-r--r--. 1 root root system_u:object_r:bin_t:s0 18434 Aug 10 14:03 functions
-rw-r--r--. 1 root root system_u:object_r:initrc_exec_t:s0 1161 Sep 30 00:06 README
-rwxr-xr-x. 1 root root unconfined_u:object_r:etc_t:s0 1971 Oct 17 16:05 zimbra
You can see the difference between functions and zimbra - that's what we need to correct. Use chcon and use functions as a reference to apply to zimbra. Obviously you should adjust your specific filenames, if you don't have functions for example.
[mark@server.co.uk :init.d]# chcon --reference=functions zimbra
This issue caused zimbra to not start at boot on a server with SELinux mode enforcing, with the error:
systemd[1]: Starting LSB: Zimbra mail service...
zimbra[ ]: /etc/rc.d/init.d/zimbra: line 41: /usr/bin/su: Permission denied
systemd[1]: zimbra.service: Control process exited, code=exited status=126
systemd[1]: zimbra.service: Failed with result 'exit-code'.
systemd[1]: Failed to start LSB: Zimbra mail service.
