Hi,
I guess this is a bit OT but perhaps someone has encountered this issue
before. On a CentOS 6.3 x86_64 box I have installed postfix and dspam
from EPEL. Dspam is configured to listen on port 10026. After having
configured dspam and postfix I start dspam and then postfix and I see
the following AVC message in audit.log:
type=AVC msg=audit(1350920492.936:400): avc: denied { name_bind } for
pid=19971 comm="master" src=10026
scontext=unconfined_u:system_r:postfix_master_t:s0
tcontext=system_u:object_r:postfix_master_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1350920492.936:400): arch=c000003e syscall=49
success=no exit=-13 a0=5b a1=7f015fa63b30 a2=10 a3=7fff6b2bf89c items=0
ppid=1 pid=19971 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4 comm="master"
exe="/usr/libexec/postfix/master"
subj=unconfined_u:system_r:postfix_master_t:s0 key=(null)
When I run sudo grep 1350920492 /var/log/audit/audit.log | audit2allow
-M postfix-dspam I get:
$ cat postfix-dspam.te
module pf 1.0;
require {
type postfix_master_t;
class tcp_socket name_bind;
}
#============= postfix_master_t ==============
allow postfix_master_t self:tcp_socket name_bind;
To fix this issue activate the postfix-dspam policy with:
# semodule -i postfix-dspam.pp
Can anyone confirm this is the correct way to fix this problem?
Should I file a bug?
Thanks and regards,
Patrick
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
