Sudden exim selinux problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

I'm running F7 on my work PC, and use the Exim MTA to receive mail on
the PC from our central mailhubs. This has not been a problem since I
first installed F7, and I have been running it with selinux enabled.

However, for the past couple of days Exim has been rejecting
(temporarily) the mail due to what seems to be an selinux problem.
The exim mail log shows:

  2007-10-04 11:07:06 cannot accept message: failed to stat spool
  directory /var/spool/exim: Permission denied

The directory /var/spool/exim has not changed at all. However, if I
disable selinux using 'setenforce 0', then the mail comes though okay.

When the mail fails, the audit.log shows:

=========================================================
type=AVC msg=audit(1191493092.844:2346): avc:  denied  { getattr } for
pid=19983 comm="exim" name="/" dev=sda2 ino=2
scontext=user_u:system_r:exim_t:s0 tcontext=system_u:object_r:fs_t:s0
tclass=filesystem
type=SYSCALL msg=audit(1191493092.844:2346): arch=c000003e syscall=137
success=no exit=-13 a0=555555612ef0 a1=7fff8f28bf70 a2=0 a3=0 items=0
ppid=25399 pid=19983 auid=500 uid=93 gid=93 euid=93 suid=93 fsuid=93
egid=93 sgid=93 fsgid=93 tty=(none) comm="exim" exe="/usr/sbin/exim"
subj=user_u:system_r:exim_t:s0 key=(null)
=========================================================

I have yum automatic updates enabled, and can see that
selinux-policy-targeted has changed (updated to
selinux-policy-targeted-2.6.4-45.fc7), but cannot see any reference to
any Exim changes in the changelog. Exim itself has not been updated.

Anyone else noticed this, or any ideas about it? I'm currently looking
for that F7 utility that explains the audit.log entries a bit better and
how to (possibly) correct the problem. Trouble is I can't remember what
it is called! :-)



Thanks,

John.
  
-- 
---------------------------------------------------------------
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 233914
E-mail: John.Horne@xxxxxxxxxxxxxx       Fax: +44 (0)1752 233839

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux