Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187974 Summary: selinux denials of spamd reading files Product: Fedora Core Version: fc5 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: spamassassin AssignedTo: wtogami@xxxxxxxxxx ReportedBy: dbaron@xxxxxxxxxx CC: fedora-perl-devel- list@xxxxxxxxxx,felicity@xxxxxxxxx,jm@xxxxxxxxxx,parkerm @pobox.com,rcoker@xxxxxxxxxx,reg+redhat@xxxxxxxxxx,wtoga mi@xxxxxxxxxx Description of problem: with the recent selinux and spamassassin updates to FC5 (which I picked up at the same time last week), there have started to be selinux denials of spamd, three at a time, when spamd starts: type=AVC msg=audit(1144179464.345:5): avc: denied { search } for pid=1768 comm="spamd" name="lib" dev=hda3 ino=423490 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1144179464.345:5): arch=40000003 syscall=195 success=no exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="spamd" exe="/usr/bin/perl" type=CWD msg=audit(1144179464.345:5): cwd="/" type=PATH msg=audit(1144179464.345:5): item=0 name="/var/lib/spamassassin/3.001001" flags=1 type=AVC msg=audit(1144179464.753:6): avc: denied { search } for pid=1768 comm="spamd" name="lib" dev=hda3 ino=423490 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1144179464.753:6): arch=40000003 syscall=195 success=no exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="spamd" exe="/usr/bin/perl" type=CWD msg=audit(1144179464.753:6): cwd="/" type=PATH msg=audit(1144179464.753:6): item=0 name="/var/lib/spamassassin/3.001001/languages" flags=101 type=AVC msg=audit(1144179466.234:7): avc: denied { search } for pid=1768 comm="spamd" name="lib" dev=hda3 ino=423490 scontext=system_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=dir type=SYSCALL msg=audit(1144179466.234:7): arch=40000003 syscall=195 success=no exit=-13 a0=97843b0 a1=93dd0c8 a2=9bfff4 a3=97843b0 items=1 pid=1768 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="spamd" exe="/usr/bin/perl" type=CWD msg=audit(1144179466.234:7): cwd="/" type=PATH msg=audit(1144179466.234:7): item=0 name="/var/lib/spamassassin/3.001001/triplets.txt" flags=1 I'm not sure what this effects, but having selinux prevent spamd from doing things seems like it could break something. Version-Release number of selected component (if applicable): spamassassin-3.1.1-1.fc5 selinux-policy-2.2.25-3.fc5 selinux-policy-targeted-2.2.25-3.fc5 How reproducible: Always (when spamd starts/restarts). Steps to Reproduce: 1. tail -f /var/log/audit.log 2. /sbin/service spamassassin restart Actual results: selinux denials Expected results: no selinux denials Additional information: As a note, the directory /var/lib/spamassassin/ does not exist. And the files in question live in /usr/share/spamassassin/ ... which is why I'm filing this as a bug on spamassassin rather than selinux-policy-targeted. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
