Re: selinux-policy-3.5.13-46.fc10.noarch - slight hiccup!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tuesday 03 March 2009 09:46:19 Mike Cloaked wrote:
> Mike Cloaked wrote:
> > "Summary
> > SELinux is preventing procmail (procmail_t) "write" to ./tmp (usr_t).
> > Detailed Description
> > SELinux denied access requested by procmail. It is not expected that this
> > access is required by procmail and this access may signal an intrusion
> > attempt. It is also possible that the specific version or configuration
> > of the application is causing it to require additional access.
> > Allowing Access
> > Sometimes labeling problems can cause SELinux denials. You could try to
> > restore the default system file context for ./tmp, restorecon -v './tmp'
> > If this does not work, there is currently no automatic way to allow this
> > access. Instead, you can generate a local policy module to allow this
> > access - see FAQ Or you can disable SELinux protection altogether.
> > Disabling SELinux protection is not recommended. Please file a bug report
> > against this package.
> > Additional Information
> > Source Context:  system_u:system_r:procmail_t:s0
> > Target Context:  system_u:object_r:usr_t:s0
> > Target Objects:  ./tmp [ dir ]
> > Source:  procmail
> > Source Path:  /usr/bin/procmail"
> >
> > I have rebooted and I have restorecon -vR /home as user - and of course
> > this refers to ./tmp which is not in my home area so there is somewhere
> > else that there is a wrongly set tmp directory now - and I can't find it!
> >
> > This is not good - really not good.
>
> Seems that /var/spool/mail (which is bind mounted) had its contexts messed
> up - and restorecon -vR /var/spool/mail seems to have fixed this issue.
>
> In fact I wonder now if bind mounted directories are where the problem is
> being seen?  In my case I have bind mounted user areas and bind mounted
> mail spools...  perhaps if you don't have any bind mounts you don't see a
> problem?
> --

Mike,


That could be it. I don't have any bind mounted directories.

regards,

Tony

> View this message in context:
> http://www.nabble.com/selinux-policy-3.5.13-46.fc10.noarch---slight-hiccup%
>21-tp22296524p22305447.html Sent from the Fedora List mailing list archive
> at Nabble.com.



-- 

Dept. of Comp. Sci.
University of Limerick.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux