Re: Selinux and exim

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/4/07, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Frank Chiulli wrote:
> > I have been the messages below for awhile.  But since everything seems
> > to be working, I just ignored them.  But now I've decided to fix them.
> >  I tried:
> >      touch /.autorelabel
> >      reboot
> >
> > But that did not fix it.  Does anyone have any suggestions?
> >
> > Messages:
> > avc: denied { append } for comm="sendmail" dev=hda2 egid=93 euid=93
> > exe="/usr/sbin/exim" exit=-13 fsgid=93 fsuid=93 gid=93 items=0
> > name="main.log" pid=7094
> > scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 sgid=93
> > subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 suid=93
> > tclass=file tcontext=user_u:object_r:var_log_t:s0 tty=(none) uid=93
> >
> > avc: denied { append } for comm="sendmail" dev=hda2 egid=93 euid=93
> > exe="/usr/sbin/exim" exit=-13 fsgid=93 fsuid=93 gid=93 items=0
> > name="panic.log" pid=7094
> > scontext=system_u:system_r:system_mail_t:s0-s0:c0.c1023 sgid=93
> > subj=system_u:system_r:system_mail_t:s0-s0:c0.c1023 suid=93
> > tclass=file tcontext=system_u:object_r:var_log_t:s0 tty=(none) uid=93
> >
> >
> > More info:
> > ls -Z /usr/sbin/exim
> > -rwsr-xr-x  root root system_u:object_r:sendmail_exec_t /usr/sbin/exim
> >
> > ls -Z /var/log/exim/panic.log
> > -rw-r-----  exim exim system_u:object_r:var_log_t      /var/log/exim/panic.log
> >
> > ls -Z /var/log/exim/main.log
> > -rw-r-----  exim exim user_u:object_r:var_log_t        /var/log/exim/main.log
> >
> > Thanks,
> > Frank
> >
> If you change the context of /var/log/exim to sendmail_log_t, it will
> probably work.
>
> # semanage fcontext -a -t sendmail_log_t '/var/log/exim(/.*)?'
> # restorecon -R -v /var/log/exim
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iD8DBQFG3iPqrlYvE4MpobMRAo6dAKCblxqopFd4eRQFNI0SQ/7wvUF8pwCfU2pZ
> VpRE2Y2O26NmgVQpvXOi094=
> =NYgJ
> -----END PGP SIGNATURE-----
>
> --
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>

Daniel,
I've made the changes and so far so good.  I say that because I don't
receive the messages all the time.  I think it's tied to a cron job
but have never figured out if that's true.

Thanks for the help,
Frank

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux